End of Exchange 2010 Mainstream Support

Exchange 2010 LogoWith all the media attention for Windows 7 going out of mainstream support, one might forget today also marks the end of mainstream support for Exchange Server 2010.

Exchange 2010, which was released in October, 2009 (which seems centuries ago now), and which still has a very large installed base, is going into the extended support phase.

Depending on your support contract, this means Microsoft will no longer provide free support for this product. Patches for security issues will still be available, and owners of premier support contracts are eligible for non-security updates through extended hotfix support option.

Exchange Server 2010 will reach end-of-life on January 14th, 2020.

EighTwOne 2014 Stats

stats chartOi! A tad late as I was enjoying a trip and celebrating New Year in the beautiful country of Brazil, but happy new year to all dear readers and followers.

The start of a new year gives opportunity to reflect on the past year which has been quite busy, apart from writing blog posts and creating and supporting scripts:

Looking at 2015, it will see the daylight of Ignite, the MOAME (Mother Of All Microsoft Events), and merger of events like MEC, LyncConf, TENA, SPC and MMS which will be held from May 4 – 8 in Chicago.

It promises to be an interesting year for Exchange On-Premises, with Microsoft’s cloud-first, mobile-first strategy, and Exchange Online / Office 365 as well. The next version of Exchange (’16’) it expected to be announced at Ignite, and it will become clear which features, new or currently available via Office 365, will make it to the next version of Exchange ‘on-premises’, and which ones will not. With the next version of Windows Server (’10’) expected end of 2015, it is very likely that Exchange ’16’ will require Windows Server 2012 R2 (or 2012) or Windows Server ’10’, adding support for Windows Management Framework 5 (PowerShell). Note that WMF5 might become available as an individual component, before the release of Windows Server ’10’. If things follow earlier OS/WMF dependencies for Exchange, the combination of Windows Server 2012 R2 with WMF5 is highly unlikely to become a supported combination for hosting Exchange.

There is also lots of development towards Azure, looking at the recent support for hosting your File-Share Witness on an Azure VM. This option, originally announced as a ‘possible feature’ in the works for CU2 back at TechEd North America 2013, introduces an interesting alternative for site fail-over scenarios.

Some stats of 2014:

Apart from the Archives, Versions, Builds and Dates, Schema Versions and Toolkit pages, these were the Top Posts (yes, Exchange 2010 is still a strong lead through search engines):

statscountries2014

Top 5 Visitor Countries:

  • United States (95,660)
  • United Kingdom (28,733)
  • Germany (22,730)
  • Australia (14,986)
  • Netherlands (14,242)

Top 5 Referrers:

  • social.technet.microsoft.com (TechNet forum)
  • blogs.technet.com (Technet blogs)
  • exchangeserverpro.com (Paul Cunningham)
  • experts-exchange (community)
  • community.spiceworks.com (community)

Top 5 Search Terms:

  • exchange target address hybrid query
  • kb2506143
  • powershell ise for exchange
  • msexcheseparamcachesizemax
  • exchange versions

(Re)configuring IM Integration

powershellAnyone who has configured Exchange 2013 IM integration with Lync Server at some point has to modify the web.config file on the Mailbox servers to configure OWA with the proper certificate for enabling IM. Another thing (read: nuisance) is that when you have configured IM integration and you apply a Cumulative Update to Exchange 2013, the web.config will be overwritten, in which case you need to reapply those changes to the web.config file.

This is where the script Configure-IMIntegration.ps1 might come in handy.

Requirements
Using the script requires Exchange 2013 and Lync Server. You need to provide the Lync pool and the Mailbox server you want to configure needs to have a valid certificate assigned to UM services. The script will modify the web.config remotely using the system share (e.g. C$), using the location of the Exchange installation, and uses WMI to recycle the OWA Application Pool in IIS. It will create a backup of the web.config before modifying it.

Note that the script does not perform the following steps:

  • It does not perform the Lync Server parts to configure IM integration, e.g. configure Exchange as a trusted application.
  • It does not configure Lync Server as an partner application for Exchange (Configure-EnterprisePartnerApplication.ps1).

Usage
The script Configure-IMIntegration.ps1 uses the following syntax:

.\Configure-IMIntegration.ps1 [-Server <String>] -PoolFQDN <String> [-AllCAS] [-AllMailbox]

A quick walk-through on the parameters and switches:

  • Server specifies the server to configure. When omitted, it will configure the local server. This parameter is mutually exclusive with AllMailbox.
  • AllMailbox switch specifies to configure all Mailbox servers. This switch is mutually exclusive with Server.
  • AllCAS switch specifies to enable IM integration on all Client Access servers.
  • PoolFQDN specifies the FQDN of the Lync Pool to use. This parameter is required.

So, suppose you want to quickly reconfigure IM integration on a Mailbox server after applying a Cumulative Update, you can use:

.\Configure-IMIntegration.ps1 -PoolFQDN lync.contoso.com –Server exchange01.contoso.com

image

Or, you can quickly configure Mailbox servers and CAS servers for IM integration after performing the required steps to configure the trusted application settings and installing and assigning the certificate for UM:

.\ Configure-IMIntegration.ps1 -PoolFQDN lync.contoso.com -AllMailbox –AllCAS

image

Note that the script will skip Mailbox servers for which it cannot find a valid UM certificate assignment. Also, in the example above, the CAS servers had already been enabled for IM.

Download
You can download the script from the TechNet Gallery here.

Feedback
Feedback is welcomed through the comments. If you got scripting suggestions or questions, do not hesitate using the contact form.

Revision History
See TechNet Gallery page.

Book: Pro Exchange 2013 SP1 PowerShell Administration

As some of you may have noticed, it has been a bit more quiet here than it used to be. Well, the reason for that, after several months of collaborative hard work, blood, sweat and tears, is finally here (and in stores just in time for the Holidays): A book titled Pro Exchange 2013 Service Pack 1 PowerShell Administration!

2013pa

Together with fellow Exchange MVP Jaap Wesselius, we will talk you through topics such as:

  • Deployment and co-existence scenarios.
  • The Client Access Server role and topics such as namespaces, certificates, load balancing, and publishing.
  • The Mailbox Server role and topics such as managing mailboxes, distribution lists and recipients, message transport
  • High availability topics like Database Availability Groups and Client Access and Transport availability.
  • Message Hygiene using the Edge Transport server role and anti-spam features.
  • Backup, Restore and Disaster Recovery, including the backup-less’ Native Data Protection scenario.
  • Unified Messaging features and integration with IP telephony solutions such as Microsoft Lync Server.
  • Compliance features like In-Place Archiving and MRM, In-Place Discovery, In-Place Hold, Data Loss Prevention including fingerprinting, and auditing.
  • Role-Based Access Control model and Split Permissions model for organizations that require this.
  • Office 365 and Exchange Online (EXO) scenarios, federating organizations, directory synchronization, ADFS and Multi-Factor Authentication, as well as basic tasks like onboarding and offboarding mailboxes.

Our 600+ page book will take a PowerShell-first approach when talking about Exchange Server 2013. You can order the book from Amazon here.

I have also added it to the book page here, which also contains other useful books when you want to learn about Exchange or related technologies like PowerShell, Active Directory or Lync Server.

Outlook 2010 gets MAPI/http support

Office-2010-Outlook-Icon[1]Update (December 13th, 2014): Hotfix pulled until further notice due to possible issues.

A quick heads-up today as the recently released KB2899591 hotfix adds MAPI/http support for Outlook 2010 clients. This will benefit organizations using Exchange 2013 SP1 or later considering switching from RPC/http to MAPI/http. The KB article includes details on the additional fixes that are included in hotfix KB2899591 as well.

You can request the hotfix for x86 and x64 versions of Outlook 2010 here.

Links to background information on MAPI/http, its impact on client performance, and impact on network traffic in an earlier blog post here.

Exchange 2013 Cumulative Update 7

Ex2013 LogoToday, Cumulative Update 7 for Exchange Server 2013 was released by the Exchange Team (KB2986485). This update raises Exchange 2013 version number to 15.0.1044.25.

Note: Customers that run backups of their Exchange databases are advised to upgrade to CU7 and perform a post-upgrade full backup. This is due to a race condition which could prevent proper restoration of pre-CU7 Exchange databases.

This Cumulative Update contains a security update to fix a potential elevation of privilege issue (bulletin MS14-075), as well as the following fixes:

  • 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014
  • 3012655 New-MailboxImportRequest causes unreadable characters when you import an ANSI format .pst file of Russian language
  • 3012652 CalendarProcessing cmdlet does not generate delegate permissions to universal security groups in Exchange Server 2013
  • 3009631 Advanced Find against the Sent Items folder in Outlook returns no result in Exchange Server 2013
  • 3009612 Outlook Web App shows organization details on the contact card beyond the scope of user ABP in Exchange Server 2013
  • 3009291 Shared mailbox cannot be opened in Outlook in an Exchange Server 2013 environment that has multiple domains
  • 3008453 Cannot edit or delete forms from the organizational forms library in Exchange Server 2013
  • 3008438 User who is trying to Log on to Exchange Admin Console is logged in to OWA instead
  • 3006672 Move request fails if the IsExcludedFromProvisioning option is true in Exchange Server 2013
  • 3005391 Exchange Server 2013 Cumulative Update 5 breaks free|busy lookup from Exchange Online to Exchange Server 2007
  • 3003986 RejectMessageReasonText in transport rule appears in the user section of a DSN in Exchange Server 2013
  • 3001217 TLS 1.0 is hardcoded for SMTP traffic encryption in Exchange Server 2013
  • 3001037 Distribution group cannot send email messages to a mail enabled public folder in an Exchange Server 2013 environment
  • 2999031 A cross-forest mailbox move from Exchange Server 2007 to Exchange Server 2013 finishes with CompletedWithWarnings status
  • 2998144 New-MoveRequest cmdlet with RemoteLegacy parameter cannot perform a cross-forest mailbox move
  • 2988553 Add-ADPermission and Remove-ADPermission can be run outside the management scope in Exchange Server 2013
  • 2981538 Exchange Control Panel crashes when you proxy from Exchange 2013 to Exchange 2010
  • 3014051 Cannot migrate mailboxes in a multiple domains environment in Exchange Server 2013
  • 3012986 ContentIndexRetryQueueSize value for a passive node never drops to zero in Exchange Server 2013 Cumulative Update 6
  • 3004011 Sound alerts do not work in Outlook Web App when new email or calendar notification is received in Exchange Server 2013
  • 3003580 Event ID 4999 and 4401 when the Microsoft Exchange Replication service crashes in Exchange Server 2013
  • 3003518 “550 5.7.1″ NDR when you send messages to external recipients in an Exchange Server 2013 hybrid environment
  • 3003068 Cannot see online archive mailbox after you upgrade to Exchange Server 2013 Cumulative Update 6
  • 3000944 Subfolders under the Deleted Items folder are not visible in Outlook in an Exchange Server 2013 environment
  • 2997847 You cannot route ActiveSync traffic to Exchange 2007 mailboxes after you upgrade to Exchange 2013 CU6
  • 2997355 Exchange Online mailboxes cannot be managed by using EAC after you deploy Exchange Server 2013 CU6
  • 2997209 Exchange Server 2013 databases unexpectedly fail over in a co-existence environment with Exchange Server 2007
  • 2995263 OAB cannot be rebuilt if the .flt file is larger than two GB in Exchange Server 2013
  • 2994216 PublicFolderMoveRequest deletes all read or unread state in target mailbox for each user in Exchange Server 2013
  • 2993871 Resource Booking Assistant crashes after you upgrade to Exchange Server 2013 Cumulative Update 5
  • 2983216 Category setting on an item in Outlook jumps the selection to the top of the list in an Exchange Server 2013 environment
  • 2931223 MAPI virtual directory is missing from Default Web Site node

Notes:

  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are required to stay current.
  • CU7 adds support for hierarchies containing 250,000 modern public folders. Consult this article for co-existence scenarios.
  • Be advised of OAB architectural changes introduced with CU5 which are documented here. If you are affected, it is recommended to update CAS servers prior to Mailbox servers.
  • If you have installed the Interim Update to fix Hybrid Configuration Wizard, you can install the Cumulative Update over it – there is no need to uninstall the IU prior to installing CU6.

This Cumulative Update includes schema and AD changes, so make sure you run PrepareSchema / PrepareAD. After updating, the schema version will be 15312. If you want to speed up the process, you can temporarily disable certificate revocation checking as described here.

Note that Cumulative Updates can be installed directly, i.e. no need to install RTM or Service Packs prior to installing Cumulative Updates. Note that once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous generations of Exchange.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

You can download Exchange 2013 Cumulative Update 7 here; UM Language Packs can be found here.

Exchange 2010 SP3 Rollup 8v2

Exchange 2010 Logo

UPDATE (December 12th, 2014): Exchange 2010 SP3 Rollup 8 v2 is released, addressing the issue mentioned below in the initially published version. The new version number is 14.3.224.2 (was 14.3.224.1). You can download RU8v2 here.

UPDATE (December 10th, 2014): Exchange 2010 SP3 Rollup 8 has been pulled after discovery of Outlook MAPI issues. It is currently recommended not to deploy RU8 and when you have installed RU8, to revert to RU7 to prevent walking into this issue. Other protocols, such as EAS or IMAP4, as unaffected which is why you might not encounter this problem immediately.

Today the Exchange Team released Rollup 8 for Exchange Server 2010 Service Pack 3 (KB2986475). This update raises Exchange 2010 version number to 14.3.224.1.

This Rollup contains a security update to fix a potential elevation of privilege issue (bulletin MS14-075), as well as the following fixes:

  • 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014
  • 3009132 Hybrid mailbox moves to on-premises environment but finishes with CompletedWithWarnings status
  • 3008999 IRM restrictions are applied to incorrectly formatted .docx, .pptx, or .xlsx files in an Exchange Server 2010 environment
  • 3008370 Group members are not sorted by display name when HAB is used with OAB in Exchange Server 2010
  • 3008308 Public folder database migration issue in a mixed Exchange Server environment
  • 3007794 Hub Transport server cannot deliver messages when a database fails over to a cross-site DAG in Exchange Server 2010
  • 3004521 An Exchange server loses its connection to domain controllers if a public folder server is down in Exchange Server 2010
  • 2999016 Unreadable characters when you import ANSI .pst files of Russian language by using the New-MailboxImportRequest cmdlet
  • 2995148 Changing distribution group takes a long time in an Exchange Server 2010 environment
  • 2992692 Retention policy is not applied to Information Rights Management protected voice mail messages in Exchange Server 2010
  • 2987982 Issues caused by ANSI mode in Exchange Server 2010
  • 2987104 Email message is sent by using the “Send As” instead of “Send on Behalf” permission in Exchange Server 2010
  • 2982017 Incorrect voice mail message duration in Exchange Server 2013 and Exchange Server 2010
  • 2977279 You cannot disable journaling for protected voice mail in Exchange Server 2013 and Exchange Server 2010

Notes:

  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • If you got a DAG and want to properly update the DAG members, check the instructions here.
  • Rollups are cumulative per service pack level, i.e. they contain fixes released in earlier update Rollups for the same product level (RTM, SP). This means you don’t need to install previous Rollups during a fresh installation but can start with the latest Rollup package.

As with any Hotfix, Rollup or Service Pack, I’d recommend to thoroughly test this rollup in a test and acceptance environment first, prior to implementing it in production.
You can download Exchange 2010 SP3 Rollup 8 here.

Exchange 2007 SP3 Rollup 15

exchange2007logo2[1]Today the Exchange Team released Rollup 15 for Exchange Server 2007 Service Pack 3 (KB2996150). This update raises Exchange 2007 version number to 8.3.389.2.

This Rollup contains a security update to fix a potential elevation of privilege issue (bulletin MS14-075), as well as the following fixes:

  • 3004235 Exchange Server meetings in Russian time zones as well as names of time zones are incorrect after October 26, 2014
  • 3008308 Public folder database migration issue in a mixed Exchange Server environment

Notes:

  • When running ForeFront Protection for Exchange, make sure you disable ForeFront before installing the rollup and re-enable it afterwards, otherwise the Information Store and Transport services may not start. You can disable ForeFront using fscutility /disable and enable it using the fscutility /enable command;
  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking;
  • Rollups are cumulative per service pack level, i.e. they contain fixes released in earlier update Rollups for the same product level (RTM, SP). This means you don’t need to install previous Rollups during a fresh installation but can start with the latest Rollup package.

As with any Hotfix, Rollup or Service Pack, I’d recommend to thoroughly test this rollup in a test and acceptance environment first, prior to implementing it in production.
You can download Exchange 2007 SP3 Rollup 15 here.

Ignite 2015: Call for Topics

ignite ButtonIn October, I reported on the new ‘mother of all Microsoft events’, Microsoft Ignite. This event is going to take place from May 4-8, 2015 in Chicago, US.

Contrary to how the agenda used to be determined for events like TechEd or the Microsoft Exchange Conference (MEC), Microsoft is now asking for your help by scoring contents and topics. By completing a short, anonymous Call for Topics survey here, you can let those in charge of assigning session slots know what you would like to see at Ignite.

If you have any questions on Ignite, Microsoft is also having some Twitter sessions for specific products. More on this in the original Call for Topics post here. The Exchange session takes place at Tuesday, December 2nd 9 am (Pacific Time) and use hashtag #ignitejam to participate.

So, if you went to MEC and would like to see a fair share of Exchange or Office 365 should you visit Ignite, be sure to complete the Call for Topics survey and plug your favorite product or platform.

Exchange 2013 Server Role Requirements Calculator 6.6

Ex2013 LogoNote: Shortly after publishing, a minor update was made in to fix circular referencing in the sheet.

Next to an updated Exchange 2010 Server Role Requirements calculator, the Exchange team published an update for the Exchange 2013 Server Role Requirements Calculator as well. The new version number is 6.5.

This new version includes a nice new feature, courtesey of Excel, which will plot mailbox usage using the provided input. You can find this chart on the Mailbox Space Modeling tab.

msm

Changes since version 6.5:

  • Fixed circular logic issue with initial mailbox size calculation

Changes since version 6.3:

  • New: The calculator now includes mailbox space modeling graphs that extrapolates (for each mailbox tier) the projected amount of time it will take to consume the mailbox quota.
  • Fixed “Number of Exchange Data Volumes per Server” to support more than 50 volumes.
  • Optimized memory sizing for FAST which reduces memory requirements for small mailbox server designs.
  • Added the ability to specify multiple AutoReseed volumes per DAG server to calculator and scripts.
  • Fixed 3 database/volume layout scenario involving 100 copies/server.
  • Fixed rounding error in calculating number of databases/volume in “2 Volumes / Backup Set”
  • Log isolation is now a calculated property to align with best practices guidance.
  • Changed “Disk” to “Vol” in left column of Distribution tab to align with scenarios that do not involve JBOD configurations.
  • Added additional processor core options.
  • Fixed JBOD storage design results table to accurately account for Restore Disk capacity being set to “–” and for differences between PDC and SDC Restore Disk capacity settings.
  • Fixed Backup Requirements worksheet to expose Weekly Full backups correctly.
  • Various comment changes/corrections.

You can download the calculator here. For more information, please consult the list of changes here or Read Me here.