Blog (at) Mreza.Info

As we know from previous post Service Pack 1 for Exchange Server 2007 brings support for IPv6 but only in combination with Windows Server 2008 and IPv4.

But there were some known issues with IPv6. For example:

• Outlook Anywhere connectivity issue (DSProxy ::1:6004) - KB950138

Issue mentioned above was most annoying since you received login screen multiple times and was still unable to connect. This issue was already fixed and update is included in Update Rollup 4 for Exchange Server 2007 SP1. Update Rollup 5 for Exchange Server 2007 SP1 is the latest version at the moment and I recommend you strongly to apply it.

IPv6 recommendation

There is only one simple rule. Disable IPv6 if you do not need it!

Disabling IPv6

• Uncheck Internet Protocol Version 6 (TCP/IPv6) on network card.
  
• The above step is not enough! Remove or comment out the line ::1     localhost in HOSTS file.
  
  
• Disable IPv6 in registry.
  
  HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters
  DWORD: DisabledComponents
  Value: 0xFFFFFFFF
  
  

That's it. :)

Merry Christmas and a Happy New Year!

I  wish you all Merry Christmas and a Happy New Year! Here are some free e-books for cold days... :)

• Understanding IPv6, Second Edition
• Writing Secure Code for Windows Vista
• Understanding Microsoft Virtualization Solutions (from the Desktop to the DataCenter)
• Collection 6333: Exploring Microsoft Virtualization Technologies (MS e-Learning)

I guess many of you have already heard phrase "Windows Server 2008 & Exchange Server 2007 SP1: Better Together"? :) In general this is true but there are some gotchas!

Benefits

• Support for multi-subnet failover clusters
• Better performance of file copy operations (SMBv2)
• Reduced downtime for hardware maintenance (Hot add, remove, replace of core hardware components)
• Reduced downtime for fixing NTFS issues (Self-Healing NTFS)
• Greater scalability of TCP/IP connections (Client Access Server especially; Next Generation TCP/IP Stack)
• Integrated Exchange Server 2007 prerequisites (PowerShell,...)
• IPv6 support (only in combination with Windows Server 2008 and IPv4)

Installing Exchange Server 2007 prerequisites

The easiest way to install all prerequisites on windows Server 2008 is with ServerManagerCmd command line utility.

Exchange Management Tools

ServerManagerCmd -i PowerShell

If you want to manage all internal server roles including CAS role you must also install following IIS components. Note that this also applies if you have stand alone HUB Transport server and you want to manage CAS server from it.

ServerManagerCmd -i Web-Metabase
ServerManagerCmd -i Web-Lgcy-Mgmt-Console

Hub Transport Server

ServerManagerCmd -i PowerShell

Edge Transport Server

ServerManagerCmd -i PowerShell
ServerManagerCmd -i ADLDS (AD LDS - Active Directory Lightweight Directory Services; previously known as ADAM - Active Directory Application Mode)

Mailbox Server

ServerManagerCmd -i PowerShell
ServerManagerCmd -i Web-Server
ServerManagerCmd -i Web-ISAPI-Ext
ServerManagerCmd -i Web-Metabase
ServerManagerCmd -i Web-Lgcy-Mgmt-Console
ServerManagerCmd -i Web-Basic-Auth
ServerManagerCmd -i Web-Windows-Auth
ServerManagerCmd -i Failover-Clustering (if Mailbox Server will be clustered)

Client Access Server

You don't need a separate command for every component. Instead you can write every component you need separated with space.

ServerManagerCmd -i PowerShell Web-Server Web-ISAPI-Ext Web-Metabase Web-Lgcy-Mgmt-Console Web-Basic-Auth Web-Digest-Auth Web-Windows-Auth Web-Dyn-Compression RPC-over-HTTP-proxy

Unified Messaging

ServerManagerCmd -i PowerShell
ServerManagerCmd -i Desktop-Experience (audio/video codecs required by UM)

Exchange Server 2007 SP1 Update Rollup 5

Update Rollup 5 resolves some important issues in combination Windows 2008/Exchange 2007.

Here are some of more important updates:

• Exchange 2007 CAS cannot copy the OAB from the OAB share on Windows Server 2008-based Exchange 2007 CCR clusters (KB954197)
• The OAB generation is unsuccessful and Event IDs 9328 and 9373 are logged in the Application log in a Windows Server 2008-based Exchange 2007 Single-Copy cluster environment (KB957978)
• Exchange Server 2007 Update Rollup 3 does not update the Outlook Web Access Logon.aspx file after you modify the file (KB956582)

Complete list of included updates: Description of Update Rollup 5 for Exchange Server 2007 Service Pack 1 (KB953467).

The Christmas Wish!

At the moment there is no build in exchange-aware backup solution in Windows Server 2008. We are still waiting for VSS-based plug-in for Windows Server Backup! Ultimate (and cheap) backup solution at the moment is of course Microsoft System Center Data Protection Manager!

Gift!

Well... it's not from me but anyway... :) Here is a free copy of Windows PowerShell Workbook: Server Administration!

Yesterday, I was presenting at Microsoft TechNet and MSDN Event in Ljubljana (Hotel Mons) about Microsoft Exchange Server 2007 Tips and Tricks.

Agenda

• Windows Server 2008
• Transport
• High Availability

TechNet - Microsoft Exchange Server 2007 Triki in Nasveti

Pretty common problem this days is around specified FQDN for external connections from Exchange 2007 HUB servers.

For demo purposes let's say our internal FQDN of Exchange 2007 HUB server is DEMO-E2K7SP1.demo.pri and external FQDN is demomail.exchange.si.

Specify FQDN for Send Connector

We need to specify FQDN for each send connector we created for internet delivery. In our case we have send connector named Internet. Let's specify FQDN:

Set-SendConnector -Identity "Internet" -Fqdn demomail.exchange.si

As you can see demomail.exchange.si is specified as FQDN for above mentioned send connector. Please do not forget to also create/use certificate with Subject Name (or Subject Alternative Name) demomail.exchange.si.

Let's see what will be present in mail header at recipient side. As you can see bellow in the first red marked part demomail.exchange.si FQDN was used at HELO/EHLO step when contacting recipient mail server.

As you may also noticed DEMO-E2K7SP1.demo.pri is also visible in mail header. There is nothing wrong with that! It's expected behavior of every mail server in the planet. Full 'travel' path is always included in message header.

How do I hide internal servers from message header?

My recommended solution is with Transport Rules usage. Here is sample transport rule that strip Receive part from message header.

Create new transport rule:

Specify Condition from users Inside the organization, sent to users Outside the organization and Action remove header (Received).

If we look again into message header you will notice that internal server is not visible anymore (Received: from DEMO-E2K7SP1.demo.pri). Removing other parts from message header can also be done with Transport Rules.

I hope this problem with distinguishing between configuration errors and records in message header is just a bit more clear now.

Last Thursday, I was presenting at SloWUG event here in Ljubljana about (new) High Availability options in Exchange Server 2007 SP1.

Agenda

• Mailbox Server High Availability options in Exchange Server 2007 SP1
• Cluster Continuous Replication
• Standby Continuous Replication
• Data Loss?
• Demo!

Presentation with recorded demos is now available for download. Any comments or suggestions are more than welcome. I'm also accepting requests for next presentation.

SloWUG - Exchange Server 2007 SP1 High Availability

Did you try to backup Hyper-V Virtual Machines with Windows Server backup and received Event ID 521 error on Hyper-V host?

Backup started at '7.10.2008 23:21:14' failed as Volume Shadow copy operation failed for backup volumes with following error code '2155348129'. Please rerun backup once issue is resolved.

 Event ID 12302 error on guest computer?

Volume Shadow Copy Service error: An internal inconsistency was detected in trying to contact shadow copy service writers.  Please check to see that the Event Service and Volume Shadow Copy Service are operating properly.

Result of running vssadmin list writers command is empty?

Event ID 10102 error appears in Microsoft-Windows-Hyper-V-VMMS/Admin Event Log?

Failed to create the backup of virtual machine 'GUEST01'. (Virtual machine ID 0FBA408B-B269-4169-9278-EC650FEEBB1B)

Solution resides in the registry ;).

Fix VSS Event ID 12302 on Hyper-v guests

In order to get rid off Event ID 12302 on Virtual Machines you need to follow the following procedure:

• Backup registry key:
  HKLM\Software\Microsoft\EventSystem\{26c409cc-ae86-11d1-b616-00805fc79216}\Subscriptions
  
  
  
• Delete registry key Subscriptions.
• Restart Virtual Machine (key will be regenerated after restart).
• Verify that vssadmin list writers command returns valid list of writers.
  
  

 Enable Hyper-V VSS Writer with Windows Server Backup

In order to enable VSS backups of Hyper-V Virtual Machines, you need to add the following registry keys and String Value to enable Hyper-V VSS Writer with Windows Server Backup on Hyper-V host.

Key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
WindowsServerBackup\Application Support\{66841CD4-6DED-4F4B-8F17-FD23F8DDC3DE}

String Value:

Name: Application Identifier
Type: REG_SZ
Value: Hyper-V

Also check that Hotfix KB956697 (Windows Server 2008 Hyper-V VSS writer is not used during a backup job because of corrupted or invalid virtual machine configuration files.) is installed!

Microsoft Hyper-V Server 2008

I also have great news for all Hyper-V lovers. Microsoft released Microsoft Hyper-V Server 2008! The best thing about it is that it's FREE! Microsoft Hyper-V Server 2008 is a stripped version of Windows Server 2008 Core and contains only Windows Hypervisor, Windows Server driver model and virtualization components.

Microsoft® Hyper-V™ Server 2008 is a stand-alone product that provides a simplified, reliable, cost-effective and optimized virtualization solution enabling organizations to improve server utilization and reduce costs. It allows organizations to consolidate workloads onto a single physical server and is a good solution for organizations who want a basic and simplified virtualization solution for consolidating servers as well as for development and test environments. Low utilization infrastructure workloads, departmental applications and simple branch office workloads are also candidates to virtualize using Hyper-V Server 2008.

Links:

• Microsoft Hyper-V Server 2008 Home Page
• Download Microsoft Hyper-V Server 2008 (English)

I just migrated from Microsoft Exchange Server 2000/2003 to Microsoft Exchange Server 2007. What is this thing with upgrading E-Mail Address Policies, Address Lists,...?

I receive this question quite often. So let's try to answer.

Exchange Server 2007 uses a new filter syntax (OPATH) to replace the traditional LDAP filters. So what is OPATH? OPATH is filtering syntax used by PowerShell, and is therefore also used by Exchange Server 2007. Remember that the whole Exchange Server 2007 administration is done via PowerShell! OPATH replaces complicated syntax used by LDAP filters in Exchange Server 2000/2003.

Which (default) filters do we need to upgrade?

• Email Address Policies
• Global Address Lists
• Address Lists

Let's start with Email Address Policies. Here is LDAP Recipient Filter that comes with Exchange Server 2000/20003:

As you can see only LDAP Filter is present and Recipient Filter Type is Legacy.

How can we upgrade filter? Here is a cmdlet:

Set-EmailAddressPolicy "Default Policy" –IncludedRecipients AllRecipients

And result:

As you can see Recipient Filter is filled and Recipient Type is Precanned. Precanned means that the filter for this group was created using the pre-canned filters.

Upgrading (Default) Global Address List

Similar to Default Email Address filter only LDAP filter is present and Recipient Filter Type is Legacy.

Upgrading cmdlet with OPATH filter:

Set-GlobalAddressList "Default Global Address List" -RecipientFilter {(Alias -ne $null -and (ObjectClass -eq 'user' -or ObjectClass -eq 'contact' -or ObjectClass -eq 'msExchSystemMailbox' -or ObjectClass -eq 'msExchDynamicDistributionList' -or ObjectClass -eq 'group' -or ObjectClass -eq 'publicFolder'))}

And result:

Recipient Filter contains OPATH filter and Recipient Filter Type is Custom, since we used custom and not pre-canned filter.

Upgrading (Default) Address Lists

Notice that Default Address Lists in Exchange 2000/2003 are All Users, All Groups, All Contacts and Public Folders. All Address Lists contains only LDAP Filter and Recipient Type is Legacy.

Upgrading cmdlets with OPATH filter:

Set-AddressList "All Users" –IncludedRecipients MailboxUsers

Set-AddressList "All Contacts" –IncludedRecipients MailContacts

Set-AddressList "All Groups" –IncludedRecipients MailGroups

Set-AddressList "Public Folders" –RecipientFilter { RecipientType -eq 'PublicFolder' }

Notice that all filters are upgraded to OPATH filter format. Filters for All Users, All Groups and All Contacts were created using pre-canned filters and Public Folders with custom Recipient Filter.

This part covers converting Default Filters from LDAP to OPATH filter format. If you are using custom Email Address Lists, Global Address Lists or Address Lists please consider upgrading LDAP filters to OPATH.

As spotted on many blogs, the pretty popular topic for some time now is Links of the Week. So I decided to try something new, something more technical and useful for my readers. And here it is. New set of posts named Problem of the Week (POW).

So here is the first part that talks about sending HTML e-mails to remote domains via OWA on Exchange Server 2007, the e-mails in question being received as plain text on destination domains.

So you send 'nice' HTML e-mail...

... which is displayed in plain text at destination.

So what's the catch?

Answer lies in 'hidden' ContentType parameter of Remote Domains settings.

ContentType value MimeText is not there by default. Yes, that's right! Someone set this up on Exchange Server 2003! ;-)

Does this look familiar to you?

That's right. If you have (or had before migration) this set to Provide message body as plain text the ContectType parameter for Remote Domains is MimeText.

So what's the solution?

You need to set value of ContentType to MimeHtmlText. Here's cmdlet:

Get-RemoteDomain | Set-RemoteDomain -ContentType MimeHtmlText

...and the result...

That's all for part #1. Happy reading... ;-)

Another great tool from OCS team!

The Edge Planning Tool for Microsoft Office Communications Server 2007 provides settings for configuring your perimeter network based on information that you provide to the tool.

The Edge Planning Tool asks questions about your proposed or current edge server deployment. The tool uses your answers and Microsoft Office Communications Server 2007 best practices to generate the following reports:

• Settings that you can use to configure your certificates, DNS services, and firewalls.
• Custom documentation for configuring your edge servers, reverse proxy, and next hop server.
• A comparison of your answers to Microsoft Office Communications Server 2007 best practices.

Source: Edge Planning Tool for Office Communications Server 2007

Well... not exactly.

I came across a blog post on The Hypervisor which compares VMware Workstation and Microsoft Hyper-V.

The interesting part about benchmarks is that they are based only in difference between installation times which is complete nonsense. Hyper-V in known to be "slow" during installation (it's also slower than Virtual PC). Hyper-V shows real speed when Integrated Components are loaded.

It would be interesting to see a real (and with real I mean applications stress tests,... and not installation times) between Microsoft Hyper-V and VMware ESX. I can tell you from my test labs that VMware Workstation/Server is slow compared to Hyper-V. Anyone noticed Windows Server 2008 struggling on VMware ESX 3.5 and flying on Hyper-V? Must be something with Experimental support for Windows Server 2008 on ESX 3.5...

Source: Hyper-V benchmark surprise