Since switching my everyday PC over to Windows Vista, I’ve been unable to reply to any e-mails using Outlook Web Access (OWA) whereby the reply pane opens, but the ActiveX control doesn’t load. I tried various browser settings before a bit of googling turned up a thread on the microsoft.public.exchange.admin newsgroup that seemed to describe an annoying “click to activate the control” message that I’d been experiencing with fully-patched Windows XP clients (caused by the Internet Explorer update described in Microsoft knowledge base article 912945).

Microsoft knowledge base article 911829 describes the problem as well as highlighting that Windows Vista does not support the ActiveX control used by OWA for HTML editing. Once I’d installed the associated hotfix on my Exchange Server 2003 server the issue was resolved for both my XP and Vista clients.

One of the enhancements provided in Exchange Server 2003 service pack 2 (SP2) is the increase of the maximum database size for Exchange Server 2003 standard edition from 16GB to 75GB. I originally thought that it was just a case of installing the service pack after which the database would be allowed to grow past the 16GB barrier but as Microsoft knowledge base article 912375 and the database size limit configuration and management article in the Microsoft Exchange Server TechCenter describe, the limit actually needs to be configured manually.

Scott Lowe’s article at TechRepublic details the necessary configuration as follows:

1. Start the registry editor and browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\servername\storeguid.
2. Create a new DWORD value named Database Size Limit in GB and set it to a size between 1 and 75.
3. Restart the Microsoft Exchange Information Store service.

This configuration method can be used with Exchange Server 2003 standard edition to configure (on a per-store basis) any value between 1GB and 75GB and for enterprise edition (which has no limit by default) to enforce a limit of up to 8000GB if required; however if the Exchange server is recovered using the /disasterrecovery switch, the registry keys will need to be recreated.

After I installed Exchange Server 2003 last weekend, I found that accessing Outlook Web Access (OWA) didn’t prompt for any authentication – it simply displayed the contents of the currently logged on user’s mailbox (if it was homed on Exchange Server 2003) or redirecting to the old Exchange Server 5.5 OWA server (where the mailbox had not yet been migrated). In order to allow users to authenticate with a username and password, it was necessary to enable forms-based authentication (Daniel Petri’s description also includes the process of configuring SSL).

Once this had been enabled, HTTP requests were greeted a normal browser authentication dialog; however HTTPS access was be greeted with a much more pleasant OWA logon screen.

It is also possible to change the username format for OWA forms-based authentication from domainname\username to a simple username.

Finally, Microsoft knowledge base article 319878 describes the process to make OWA the default website on an Exchange Server, avoiding the need to access the server as http://servername/exchange/ or https://servername/exchange/.

A few months back, I wrote a bit about what to expect in the next version of Microsoft Exchange Server. Since then, I’ve learned a lot more about Exchange Server 2007 (formerly codenamed E12) but couldn’t repeat much of it. The following highlights are some of the additional information that was made public in Eileen Brown‘s presentation at last week’s Microsoft Technical Roadshow, starting with Exchange Server product progress (since the launch of Exchange Server 2003):

• October 2003 – Exchange Server 2003 and Office System 2003 released.
• May 2004 – Exchange Server 2003 service pack 1 (SP1) released.
• September 2004 – Exchange Server Best Practices Analyzer (ExBPA) released (more about ExBPA).
• February 2005 – Microsoft buys Sybari.
• July 2005 – Microsoft buys FrontBridge.
• October 2005 – Exchange Server SP2 released.
• December 2005 – Exchange Server “E12” beta 1.
• March 2006 – Hosted Exchange services.
• Mid-2006 – Exchange Server 2007 CTP
• June/July 2006 – Exchange Server 2007 beta 2.
• Late 2006 Exchange Server 2007 RTM.
• Early 2007 Exchange Server 2007 general availability.

Key new features with Exchange Server 2007 (some of which I’ve written about previously) include:

• The use of 64-bit server technology facilitates a reduction in input/output operations and hence allows more databases (with larger mailboxes) to be placed on each server.
• High availability enhancements, allowing increased data and service availability: database continuous replication (either local or clustered) allows daily full backups to be replaced with weekly full backups and daily incrementals the second copy of the database plays the transaction logs from the first as they are written, meaning that it is never more than once transaction log behind the first; and there is now support for geoclustering.
• Improved mobile e-mail, including push e-mail, policy-based provisioning and security.
• Improved system management tools: a new MMC 3.0-based Exchange System Manager and the Exchange Management Shell (running on Windows PowerShell).
• Automatic client configuration.
• Encrypted and signed intra-organisation e-mail (by default) and encryption at the gateway (where supported) for business-to-business e-mail with no additional client requirements.
• New message hygiene functionality.
• Message journalling at the transport level with new data retention rules and a new content indexer, allowing a multiple-mailbox search with low CPU impact and fast re-indexing.
• Improvements in Outlook cached mode operation.
• Integration with SharePoint folders.
• New AD schema extensions for resource mailboxes (room or equipment) as well as an all rooms address list.
• Meeting requests can now be accepted or declined within a preview (no need to open the message).
• A to-do bar allowing tasks to roll over to the next day if they have not been completed.
• Ability to view multiple calendars overlaid on one another.
• An improved scheduling assistant that provides hints to the best times for all meeting attendees as well as tentatively accepting new requests, automatically handling updates to meeting information and removing out of date meeting requests/updates.
• Calendar sharing is now more granular, with the ability to deny all access, show time and free/busy status only, show time, subject, location and free/busy status, or show full details, even down to a per-user level.
• Schedules can be set for out of office replies.

From a client perspective, Outlook 2007 provides the richest user experience (when connected to Exchange Server 2007, although it will also work with previous versions); however Outlook Web Access (OWA) is now almost as good. There’s also Outlook Mobile for Windows Mobile 5.0 and the ability to interact with Exchange’s unified messaging functionality from a phone.

Exchange Server 2007 offers significant improvements over 2003 and earlier versions; however it will be interesting to see if these improvements are enough to entice the many companies that are still running basic e-mail services using Exchange Server 5.5 to upgrade their systems.

I’ve not been doing as much work with Exchange Server as I’d like in recent years; so when a friend asked me to help out with carry out an Exchange Server 5.5 to 2003 migration for one of his contacts I was happy to get involved (although I was slightly nervous as this was effectively a refresher course for me being carried out on his production system).

I’m not going to make this a “how to do it” post as I posted an article about migrating from Exchange Server 5.5 to 2003 a couple of years back and one of the areas where the Exchange Server team have really excelled is in the creation of the Exchange Server Deployment Tools which guide an administrator through each step of the process, running diagnostic and setup utilities as they go. For further information, the Exchange Server Deployment Guide is also worth a read.

This article highlights simply some of the issues I came across (on what was a fairly simple migration – Outlook Web Access and Exchange Server 5.5 on two separate servers to a new Exchange Server 2003 server in the same organisation and site) and how to resolve them:

• The first problem came when Exchange Server setup detected that the installation was being performed on a Windows Server 2003 service pack 1 (SP1) computer (Windows Server 2003 R2 is effectively the same as Windows Server 2003 SP1) and advised that this has known compatibility issues with Exchange Server 2003. After reviewing the Exchange Server system requirements it turned out that it’s not a problem on a non-clustered server if Exchange Server is also running SP1 or later so Exchange Server service pack 2 (SP2) was installed immediately after Exchange Server setup had completed.
• The Active Directory Connector (ADC) is probably the most difficult part of an Exchange Server 5.5 upgrade but the latest version of ADC includes tools to guide an administrator through the process of creating connection agreements between the Active Directory and Exchange Server directory services and verifying replication. In this case, the ADC Tools highlighted an issue which meant it was necessary to grant Full Control NTFS permissions to the Exchange Server 5.5 service account on the C:\Documents and Settings\username\Local Settings\Application Data\Microsoft\Active Directory Connector folder (as described in Microsoft knowledge base article 820268). Further problems with objects reporting as not replicated (as described in Microsoft knowledge base article 842142) were resolved by reinstalling the ADC, using the version supplied with Exchange Server 2003 SP2.
• After installing Exchange Server 2003, one shutdown took an extended period of time; however this is a known issue, described in Microsoft knowledge base article 555025.
• One of the great features of Exchange Server has always been the referral mechanism that allows MAPI clients to update their profiles when a mailbox is moved between servers; however, on this occasion, some Outlook 2003 clients failed to update their MAPI profiles. This is a known issue and is resolved by installing Office 2003 SP2, as described in Microsoft knowledge base article 914855. No such problems were experienced with Outlook 2002 (XP) clients, although the site replication service (SRS) did hang on one occasion and needed to be started before clients could successfully remap their profiles.
• When accessing Outlook Web Access (OWA), requests to http://exchange2003servername/exchange/ appeared to be diverting to http://exchange55servername/exchange/; however it was later discovered that the referral was only taking place where the currently logged on user (domainname\Administrator in my case) had a mailbox that had not yet been migrated. Once all mailboxes had been moved across, OWA stopped redirecting access.
• Many Exchange Server 5.5 administrators are used to being able to access all objects (including the contents of other user’s mailboxes) using the Exchange Server service account; however with Exchange 2003, even when an account is delegated Exchange Full Administrator rights over the Exchange organisation it is unable to access other mailboxes as inherited permissions apply an explicit deny over certain rights. This is by design but can be overridden as described in Microsoft knowledge base article 821897 to give an account full access to all objects in a particular store. In this case I delegated Exchange Full Administrator rights to a global security group called Exchange Admins (and added that group into the local Administrators group on the Exchange server), then granted another account full control over all objects in the mailbox store. This mean that I had a group over which the membership could be edited as required to grant rights to administer the Exchange organisation, plus another account (I should really have made this a group too) that could view the contents of other user’s mailboxes.

In all, the migration was reasonably successful, although I do still need to decommission Exchange Server 5.5 (it was left in place to allow the Outlook profiles to update as users log in to the system) and some HTTPS publishing issues with Proxy Server 2.0 need to be resolved before I can call the job complete. In fact, those HTTPS publishing issues turned out to be the cause of much panic on Monday morning when Exchange seemed to be falling down around us. One of the methods we had tried to proxy inbound SSL was using the Winsock proxy client on the Exchange Server as described in Microsoft knowledge base article 184030. Although the SSL proxying hadn’t worked, the Winsock Proxy Client had been left installed on the Exchange Server – it didn’t seem to be causing any issues on Sunday night but by Monday morning the Exchange System Manager and Active Directory Users and Computers administration tools were inaccessible, which Microsoft knowledge base article 325322 suggests is related to a DNS problem. It was purely by chance that I managed to trace this back to the Winsock proxy client (as described in Microsoft knowledge base article 280833) and once this was uninstalled, all services became available.

One final issue left to resolve was to restore access to mailboxes for BlackBerry users, caused by the problems publishing OWA via HTTPS (although any change to the URL used to access OWA externally would have caused this). The resolution was to remove existing account details from users’ Vodafone Mobile E-mail profiles and recreate them using the new address as described in BlackBerry knowledge base article KB-03133.

Finally, for all Exchange Server admins, whether migrating to a new version of Exchange or administering an existing system, there are many tools for Exchange Server 2003 available for download from the Microsoft website.

Another new product name… bland as ever, but definitely preferable to something like Windows PowerShell is Exchange Server 2007. Actually, that one was pretty obvious back at the Exchange Server “12” Ignite training last month but as most of the information I was given there was protected by a non-disclosure agreement (NDA) I couldn’t say anything. At yesterday’s Microsoft Technical Forum event, the new product name was being used extensively (and Eileen Brown told me that my 4-week old E12 t-shirt was out of date… that’s Microsoft product names for you).

On a related note, I read on the Exchange team blog that Exchange Server is now ten years old. It seems like only yesterday I was one of the Microsoft partner representatives on the Exchange 4.0 Server UK launch tour (my first experience of working directly with Microsoft). Happy birthday Exchange Server.

At last week’s IT Forum ’05 highlights (part 2) event, Microsoft UK’s, Brett Johnson gave a presentation about the next version of Exchange Server (codenamed Exchange 12). Microsoft is positioning Exchange 12 around three “themes”:

• Control for the IT professional: e-mail is a mission critical system; e-mail systems are too complex and expensive to run (involving too much firefighting and very little proactivity); management tasks are tedious and are not automated.
• Inbox value and access for the information worker: users want to access all of their communications easily; mobile devices are increasingly common; calendaring is frustrating (especially when finding resources).
• Active protection in a security situation: security is a top concern (make it secure by default); unsolicited commercial e-mail (UCE) and viruses compromise the e-mail experience (filter these using less CPU cycles); regulatory compliance is critical in many industries.

Exchange 12 is still work in progress, so the feature set is by no means set in stone; however beta 1 has been released to a limited group of testers (although I haven’t used my copy because the non-disclosure agreement would stop me writing about it – the information in this post is all from the public domain). The main enhancements for IT administrators included with beta 1 include:

• A new administrative console, based on the MMC v3.0, with a simplified hierarchy and an actions pane.
• A scriptable command line management shell (codenamed Monad).
• Automatic client detection and configuration (no more MAPI profile generation).
• New server roles.
• 64-bit optimisation.

The five Exchange Server roles for Exchange 12 are:

• Edge server – located within an organisation’s DMZ, the edge server is analogous to the current smarthost/mailsweeper role, but actually performed on an Exchange Server.
• Client access – similar to an Exchange Server 2003 front-end server, acting as a proxy and managing connections for Outlook web access (OWA), Outlook RPC over HTTP and Windows Mobile connections.
• Mailbox – where the data is stored.
• Hub transport – allows a level of security policy separation; e.g. to prevent certain groups of users from receiving e-mail from the Internet.
• Unified messaging – no longer just something to talk about. This really is voicemail in the Inbox.

Combined with the automatic client configuration, this role-based model simplifies deployment and management, reducing cost and complexity.

In common with most of the Longhorn Server range of products Exchange 12 will be available in 64-bit editon only. Microsoft’s rationale for this is that over the last 10 years since Exchange Server 4.0, we’ve seen:

• An increase in e-mail traffic.
• An increase in e-mail message sizes.
• Larger attachments (and a greater number of them).
• More unique client devices per user.
• A growing use of calendaring.
• More granular security rights.
• More users per server.

All of this adds up to a need for more memory (improved stability and more “elbow-room” for the operating system allowing new functionally) and a larger cache (increasing performance, enabling further server consolidation and reducing the cost of large mailboxes).

64-bit computing delivers reduced cost and complexity with reduced input/output to bigger, cheaper disks allowing more databases per server. Some are quoting a 70% performance increase over 32-bit systems. Continuous database replication with local or clustered log shipping means that maintenance activities can be moved from nightly to weekly and a new content indexer allows for efficient multi-mailbox searching with a low CPU impact and fast re-index.

Secure messaging is facilitated by protecting messages in transit and at rest. Intra-organisational e-mail is encrypted by default and signed by default. Business-to-business (B2B) integration requires no special client requirements, with automatic Exchange 12 to Exchange 12 gateway encryption. Messaging policies can be used to enable corporate, regulatory and litigation compliance with: transport rules for journalling, archiving, encryption and routing; storage rules for e-mail retention; and multi-mailbox searching.

From a client perspective, as for previous versions of Exchange, although legacy clients can be used, Outlook 2007 (previously codenamed Outlook 12) will provide the richest experience. OWA has an Outlook “feel” and like previous OWA versions offers many of the Outlook features, but is really a reduced-functionality client for hot-desking. There’s also access for Windows Mobile devices, and Outlook by phone – allowing a user to call into Exchange and control their e-mail using speech or touch tones to interface with an auto-attendant.

Having seen some of the Exchange 12 functionality demonstrated to me, I’m impressed. Just a few points that jumped out for me were:

• The client interface is a bit like Windows Live Messenger (in style), but obviously still looks like Outlook.
• OWA is fast, and looks to be even better than in Exchange Server 2003.
• The out of office assistant (OOOA) can be set on a time period, so it will know when you expect to be back in the office and turn itself off again.
• Contact properties include a map to the address (a feature borrowed from Mozilla Thunderbird) as well as the organisational hierarchy (or “steps to heaven” as it is known in Microsoft, demonstrating just how hierarchical Microsoft is).

The unified messaging looks great. In the demonstration I saw, Microsoft UK’s Ewan Dalton left a voicemail in an mailbox and the system picked up his caller ID to say who it was from, leaving a voice clip attached to the message. Where caller ID wasn’t available, the message was from “Anonymous Caller”. Upon playback, audio notes could be added in the message body. Later, he called into the unified messaging server again, using voice-activation to report that be was running late and so to move his first appointment, to clear the calendar until a specified time and to append a voice message to the meeting cancellation(s). The attendant (predictably) had a north-American accent, but coped admirably with Ewan’s Scottish tones and although beta 1 only includes voice activation for calendar, beta 2 will include e-mail too. Pretty soon I will be checking my e-mail as I drive down the M40 towards Slough… then maybe I won’t spend the first hour of my day in Outlook.

Exchange builds on the Exchange messaging platform (which has been around since 1996 now) and the significant improvements in Exchange Server 2003 SP2, to provide even more options for enterprise messaging and communications. I’m particularly pleased to see edge services (dropped from previous releases) and unified messaging (which has been talked about for years, but looks like it will finally make it into the product). I haven’t seen a product roadmap (in terms of timelines, or further enhancements in the next release) but I expect to see organisations putting this technology into production from 2007 onwards.