The solution accelerators team has released a new Infrastructure Planning and Design (IPD) guide for Microsoft Exchange Server 2010 with SP1.

This guide provides actionable guidance for designing an Exchange Server 2010 infrastructure. The guide’s step-by-step process gives a straightforward explanation of the key steps required for a successful implementation. It can help you reduce planning time and costs, and ensure a successful rollout of Exchange Server 2010. The Exchange Server 2010 Guide includes the following content:

• Step 1: Define the Business and Technical Requirements
• Step 2: Define the Instances of Exchange Server 2010
• Step 3: Design the Mailbox Server Infrastructure
• Step 4: Design the Client Access Server Infrastructure
• Step 5: Design the Hub Transport Server Infrastructure
• Step 6: Design the Edge Transport Server Infrastructure
• Step 7: Design the Unified Messaging Server Infrastructure
• Step 8: Define the Active Directory Domain Services Requirements

For more information and to download the Exchange 2010 SP1 IPD, click here

I don’t often have much to say about mobile devices.. it is a frequently discussed topic amongst my friends and colleagues though and everyone generally has their own opinion.

I spent the last month testing a Windows Phone 7 device, The LG E900 to be exact. Before I share my thoughts with you, perhaps I’ll give you a little background. I use an iPhone, and I make no excuses for the fact that I love my iPhone. Before you start hurling abuse my way (this is a Microsoft centric blog after all, right?) I should mention that I have probably tried every Windows Mobile device out there, from the very first HP Ipaq’s, WM 2003 through to WM 6.5 but at the end of the day it was the iPhone that really changed the way I use a mobile device.

Windows Phone 7 – In short, I think its good.. certainly better than all previous Windows devices I have used. It’s responsive and quick and visually the interface is very slick. I like how it brings your contacts and Facebook together. What I did not like was how it requires a live ID to setup the phone and then automatically syncs those contacts to your phone as well.. no biggie, except you can’t disable this so if you are like me and don’t want your live ID contacts to sync to your phone, you need to ensure that your live ID is not your hotmail account. It does email and calendar well, but that is to be expected.

A few other things I don’t like.. no cut and paste (and yes, I know the early iPhones never had cut and paste either, but we are supposed to be progressing here..) There is no OCS/Lync client available for Windows Phone 7.. I honestly can’t believe that but I’ve been unable to find one.

Windows Phone 7 devices only support a subset of all Exchange ActiveSync mailbox policy settings so if you have Windows Phone 7 devices in your organization, they will experience synchronization problems if certain Exchange ActiveSync mailbox policy properties are configured. To allow Windows Phone 7 devices to synchronize with an Exchange mailbox, either set the AllowNonProvisionableDevices property to true or only configure the following Exchange ActiveSync mailbox policy properties:

• PasswordRequired
• MinPasswordLength
• IdleTimeoutFrequencyValue
• DeviceWipeThreshold
• AllowSimplePassword
• PasswordExpiration
• PasswordHistory
• DisableRemovableStorage
• DisableIrDA
• DisableDesktopSync
• BlockRemoteDesktop
• BlockInternetSharing

Another thing I found is that Microsoft appear to have dropped support for SMS sync with Exchange Server 2010.

In summary, I think Windows Phone 7 is a great step up from previous versions of Windows devices.. but I don’t think its quite there yet.. the app community is nowhere near as large that for the iPhone or even Android. I don’t see this as a enterprise device, it seems to be more consumer centric and does not really compete that well against the likes of the iPhone which is after all a consumer device. If you are currently making use of the enterprise features in WM 6.5 you may be disappointed with Windows Phone 7. I look forward to seeing further development in this space.

It’s been a long time coming.. Earlier this year it was announced that Exchange 2010 online archive support for Outlook 2007 would be coming. The good news is that it is finally here!

The December 2010 Cumulative Update for Office 2007 will allow users with Outlook 2007 to access their Exchange 2010 online archives. Organizations with Outlook 2007 deployed can now benefit from Exchange 2010 archiving and retention. There are a few BUT’s though.. the following functionality is not supported in Outlook 2007:

• Search across primary and archive mailboxes: When a user searches the primary mailbox, and selects All Mailbox Items, Outlook does not search the archive mailbox. Similarly, when the user searches the archive mailbox, the primary mailbox is not searched.
• Archive policies: In Outlook 2007, users can't use personal tags (also known as archive policies) to move items to the archive mailbox. Any default archive policies for the mailbox continue to be applied. Users can use Outlook Web App to see or apply archive policies. Archive policies are retention policy tags with the Move to Archive action. Organizations can use the Default Archive and Retention Policy, or apply custom retention policies to a mailbox. The policies can include a default policy tag (DPT) to move items from the primary mailbox to the archive mailbox, and personal tags which users can apply to messages or folders to move them to archive.

This is a slightly old interview with Microsoft’s Scott Schnoll where he talks about backup strategy in Exchange 2010. While some customers may find this to be an outrageous concept, he talks about how Exchange 2010 database replication can address most, if not all of the reasons you would traditionally backup Exchange using legacy backup technologies.

Every organisation has different requirements, the challenge is balancing these requirements while we embrace new technologies and evolve the way we think about things.

I previously posted about the Exchange Server Deployment Assistant. The Deployment Assistant asks you some questions about your particular Exchange environment and, based on your answers, it provides a checklist with instructions that are designed to help you deploy Exchange 2010 quickly and easily. Each step has a huge amount of valuable information to guide you through your deployment.

This great tool has recently been enhanced to include rich coexistence information for those interested in maintaining some users on-premises and some users hosted by Microsoft Office 365 for enterprises in the cloud. As of now, the available scenario is targeted solely at those organizations with a current Exchange 2003 on-premises implementation, but additional scenarios for supporting Exchange 2007 and Exchange 2010 will be coming soon.

The Exchange Server Deployment Assistant can be found here Be sure to bookmark it!

I often talk about the Exchange 2010 Mailbox role calculator, I’m sure everyone uses it (everyone should be using it!) during the planning phases of any Exchange 2010 deployment. If you have no idea what I am talking about, click here now!

There is an area on the input tab where you define the number of processor cores that will have deployed for each mailbox server within your primary and secondary data centres, as well as, enter the SPECint2006 rate value for the system you have selected. The SPECint2006 rate value often causes some confusion so I thought I would write this post to try and clarify what to enter in the SPECint2006 rate value field.

In previous versions of the Exchange 2010 Mailbox role calculator (prior to 12.8) you had to enter the “Adjusted Megacycles / Core” which meant that you needed to normalise your server platform against the baseline platform -Intel Xeon x5470 3.33GHZ processors (2x4 core arrangement) and enter that value. To get to this value, you had to find your rate value and then use the following formula to calculate the “Adjusted Megacycles / Core” value:

In version 12.8, the field name has changed to “SPECint2006 Rate Value” which means you no longer need to normalise your server platform against the baseline platform and you merely enter the rate value.

To find the rate value, go here, click on “Results”, highlight “CPU2006” and then select “Search CPU2006 Results”. Under “Available Configurations”, select “SPECint2006 Rates” and click Go. Under “Simple Request”, enter the search criteria (e.g. Processor matches x5550) and find the server and processor you are planning to deploy and take note of the result value.

For example, let's say you are deploying a Dell PowerEdge M710 8-core server with Intel x5550 2.67GHz processors (2670 Hertz); the SPECint_rate2006 results value is 240, simply go back to the Exchange 2010 Mailbox role calculator and select “8” in the “Processor Cores / Server” field and enter “240” in “SPECint2006 Rate Value” field. Easy, huh?

Exchange 2007 brought about a change in the way Exchange uses certificates and introduced us to the concept of a Unified Communications Certificate which makes use of Subject Alternative Names (SAN). While this is the recommended way to secure Exchange services, every now and then I come across a customer that already owns a wildcard certificate for their entire domain (eg. *.cgoosen.com) and would like to use this certificate instead.

One of the problems with wildcard certificates is that they don’t always play nicely with Outlook Anywhere. If the principle name on the certificate is not the same as the mail server FQDN Outlook may not authenticate correctly. When testing Outlook Anywhere connectivity with Exchange Server Remote Connectivity Analyzer (ExRCA) you may see something like this:

Additional Details would be similar to this:

The certificate common name *.domain.com doesn't validate against the mutual authentication string that was provided: msstd:mail.domain.com

The easiest way to correct this problem is to use Autodiscover to send the correct principle name to your Outlook clients. Use the Exchange Management Shell to configure Autodiscover settings by using the Set-OutlookProvider cmdlet

You can check the existing configuration by issuing the Get-OutlookProvider cmdlet

The command should look something like this:

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.domain.com

I’m often asked by my customers and colleagues about Jetstress. While I always recommend that Jetstress be used to validate their storage design during an Exchange implementation, I’ve never really seen any good documentation to refer them to. Until now that is!

Neil Johnson from MCS has recently published a great whitepaper that explains the process and requirements for validating an Exchange storage solution prior to releasing an Exchange deployment into production. His whitepaper explains how Jetstress works, how to plan for and perform a test, and how to automate the process. His whitepaper, “Jetstress Field Guide”, can be used with any version of Exchange.

Download it here

The last month has seen the release of Update Rollup 1 for Exchange 2007 SP3 and Update Rollup 1 for Exchange 2010.

For a full list of the fixes included in Update Rollup 1 for Exchange 2007 SP3, see KB2279665

For a full list of the fixes included in Update Rollup 1 for Exchange 2010 SP1, see KB2407028

Note for Forefront Protection for Exchange users
For those running Forefront Protection for Exchange, be sure you perform these important steps from the command line in the Forefront directory before and after installing this rollup. Without these steps, the Information Store and Transport services will not start.

1. Before installing the rollup, disable ForeFront by using the "fscutility /disable" command
2. After rollup installation completes, re-enable ForeFront by running the "fscutility /enable" command

Download Links:

• Update Rollup 1 for Exchange 2007 SP3
• Update Rollup 1 for Exchange 2010 SP1

Earlier this year I post a 6 part post entitled “Securing Exchange 2010 with Forefront Threat Management Gateway (TMG) 2010” which covered colocating Exchange 2010 Edge and Forefront TMG 2010 on the same server to create a a single, secure point of entry for all mail related services.

When Exchange 2010 SP1 was released in late August many people started to report seeing the following error in their event log:

“Microsoft Forefront TMG Managed Control service fails to start and the event viewer will contain a message that the service terminated with the following error : %%-2146233088”

The reason for this is that SP1 removed some of the existing cmdlets, in particular get-antispamupdates which is used by TMG when spam filtering functionality is enabled.

The forefront team recently announced the release of Software Update 1 for Forefront TMG 2010 SP1. This update resolves the issue.

Download Software Update 1 for Forefront TMG 2010 SP1 here