Exchange Server 2007 SP2 on its way

Microsoft Exchange Team announced the launch of Service Pack 2 for Exchange Server 2007 to be expected in third quarter of 2009. Few things you can expect from SP2:

  • Exchange Server 2007 Auditing features:

For those who have already started working on / testing Exchange 2010 Beta it may not be a new concept. Yes, they are offering the auditing features on Exchange 2007 as well. This is a great feature when you operate a giant environment and you need to keep track of what your administrators and helpdesk folks are doing with mailboxes and server configurations. Exchange 2010 has it built in already and it works well. It would be nice feature from the compliance and security perspectives. This feature will offer a performance based model and will make sure that the logs generated by auditing should go into a separate repository.

  • Added Backup facility:

One of the most critical aspect in the day to day administration is to have your exchange databases backed up regularly. Like NTBACKUP on legacy versions of Windows could backup exchange databases. Windows Server 2008 backup tool was not efficient enough to understand exchange stores correctly. SP2 will add an extended functionality in the form of a plug in for Windows Server 2008 users to allow them backing up their databases with native windows tools itself. This will be a great added advantage for smaller companies who can not invest more money into backup solutions.

 

  • Dynamic Active Directory Schema Update and Validation:

The dynamic AD schema update and validation feature allows for future schema updates to be dynamic deployed as well as proactively preventing conflicts whenever a new property is added to the AD schema. Once this capability is deployed it will enable easier management of future schema updates and will prevent support issues when adding properties that don’t exist in the AD schema.

 

  • Public Folder Quota Management:

SP2 enables a consistent way to manage quotas by improving the current PowerShell cmdlets to perform quota management tasks.

 

  • Centralized Organizational Settings:

Exchange Server 2007 SP2 will have new PowerShell option added that enables centralized management of many of the Exchange organization settings.

 

  • Named Properties cmdlets:

Named properties sometimes are headaches for Exchange Administrators. Applications may also loose the connectivity to stores. SP2 will allow the administrators to monitor the named properties quota per database.

 

  • New User Interface for Managing Diagnostic Logging:

One of the options that Exchange 2007 did not have was the diagnostics logging options in its GUI based console though diagnostics logging related tasks can yet be done using EMS. Exchange 2007 SP2 enables Exchange administrators to easily configure and manage diagnostic logging from within the Exchange Management Console.

 

Exchange team talks more about this at http://msexchangeteam.com/archive/2009/05/11/451281.aspx

You can click on above link and get to Exchange team’s official blog to read more.

Exchange 2010 EMC and Certificates Management Part – 1

Microsoft chose moving to secure messaging and secure service access since Exchange Server 2007. The only troublesome task for administrators was to manage these certificates. Folks who are highly addicted to GUI found it little hectic. Good news for those who don’t want to take too many efforts and would like to have a graphical interface that can manage certificates for exchange!

Though not with exchange 2007, Exchange 2010 Beta offers some extended functionality of creating, removing and managing certificates using GUI.

To create a new certificate you can choose the following options;

 

1. Select Server Configuration from left hand side pane in EMC and Exchange Certificates tab in left hand pane.

image

 

2. Right click in free space in left hand side pane of Exchange Certificates tab and select New Exchange Certificate

image

 

3. Selecting New Exchange Certificate from the context menu will bring up the introduction screen.

image

Here at this screen you are prompted to enter a friendly name for the certificate that will appear in EMC as a primary reference for management of certificates if you have multiple certificates created for multiple websites.

 

4. Once you have specified a friendly name for the certificate you are taken to the next screen upon clicking the Next button. This New Exchange Certificate screen will now gather the actual required information where you get a chance to choose among the options to use this certificate for various services.

Services like IIS based web services including Autodiscover, OWA EAS and other services like POP/IMAP, Outlook Anywhere and UM.

You can observe the screenshot below and notice that you get an option to write the URL of the service locations for OWA, EAS, Federated Services, SMTP transport, Etc. These URLs will be used in the certificate request which will be further used to write the SAN certificate information.

image

 

5. here the wizard collects the Organization related information like company name, department, location, etc. At this stage the wizard has collected almost all the information it needed. You may notice that the path right beside the Browse button is the path to the certificate request file path.

image

 

6. Next screen summarizes the information you entered.

image

 

7. And there you go with the final screen of the wizard where it displays the powershell command it will be attempting to generate the certificate request. Once you hit the Finish button the wizard completes the certificate request.

image

 

8. Here a point to be noted is; the wizard does not create an actual certificate. It will simply generate the request and keep it accessible via EMC. So when you are done with the wizard you have to manually send this request to the online CA within your Exchange/AD premises.

image

Limitations of New Exchange Certificate Wizard:

  1. The new Exchange Certificate Wizard does not send the request to the online CA directly unless you manually complete the pending request.
  2. Renewals of expired certificates can not be done using Exchange Certificate Wizard. You still have to user EMS for renewal of certificates.
  3. New certificates created using New Exchange Certificate Wizard does not get assigned to IIS directly though you do specify the certificate utilization for Exchange Web Services and other IIS integrated exchange services. (You may refer Permanent Link to How to renew a self signed certificate in Exchange Server 2007 for renewal of certificates)