Scott Scholl est un des gourous techniques sur Exchange. Il intervient à des conférences telles que Microsoft TechEd, The Experts Conference, TechReady… et Il nous fait le privilège d’animer cette session (attention, session en anglais). Il est l’auteur de plusieurs livres de référence sur Exchange. Durant cette session découvrez les nouveautés du SP2 d'Exchange sortie en décembre 2011 et les bonnes pratiques de déploiement. Cette session sera l'occasion de découvrir les nouveautés de Exchange Server 2010 SP2 tout en n'oubliant pas de revenir sur quelques fondamentaux de Exchange 2010. Nous parcourerons les améliorations autour du setup et du déploiement, de l'audit des boites aux lettres, de la messagerie unifiée, de la haute disponibilité amsi aussi des solutions d'archivage et de protection de l'information du système de messagerie.

1. palais des
congrès
Paris
7, 8 et 9
février 2012

2. Exchange Server 2010
SP2
09-févr-12 Tricks
Tips &
Scott Schnoll
Principal Technical Writer
Microsoft Corporation
MSG208

3. ANNONCES
Dernières nouvelles

4. PST Capture Tool Released!
Released 9:00 am, Jan 30th
 Announcement – http://aka.ms/pstwalk
 Download – http://aka.ms/getpstcapture
 Documentation – http://aka.ms/pstcapture
Helps you search your network to discover and import PST
files across your environment
Import PST files into Exchange Online or Exchange Server
2010 directly into users' primary mailboxes or archives

5. New ActiveSyncReport Script
PowerShell-based script that can be used to identify
devices causing resource depletion issues on Exchange
servers
Can help in spotting trends and automatically generate
reports for continuous monitoring
Uses LogParser 2.2 and Windows PowerShell 2.0
Download from http://aka.ms/al5ohw

6. New Guidance for Hosters
http://aka.ms/xglwn4
/hosting  SP2 migration guidance
Intended for service providers, system integrators, and technical
consultants who may be involved in the planning and
implementation of a migration from Exchange 2010 in /hosting
mode to Exchange 2010 SP2
The only supported scenario is to
 Deploy Exchange Server 2010 SP2 into a new forest
 Migrate user accounts, mailboxes, and other resources from
the /hosting forest to the new Exchange 2010 SP2 forest

7. Exchange Server 2010
SP2 Development

8. Exchange 2010 SP2
Development January 24, 2011
Development began
Released December 4, 2011
 Build Number 14.2.247.5
 http://aka.ms/E14SP2
SP2 has hundreds of bug fixes and some new features
 Every bug is triaged for risk, cost and applicability
 Each new feature gets spec‟d (Functional, Dev, and
Test), and undergoes a thorough review

9. Exchange 2010 SP2
Development of using customers during development
Exchange has a history
(JDP, RDP, TAP)
TAP consists of customers who deploy pre-release bits in
production and receive
 support from Microsoft
 access to a private DL and a Wiki with all the latest info
 conference calls with Exchange team folks
 a chance to provide feedback, change the product, and find
bugs
SP2 TAP just shut down

10. Exchange Server 2010 SP2
Development in three Server Editions
SP2 is available
 Standard Edition (retail and volume)
 Enterprise Edition (volume only)
 Includes all Exchange 2010 Standard features, plus
support for up to 100 databases per server
 Hybrid Edition (volume only)
 This is a Standard Edition SKU designed to be a
“gateway” for upgrading from previous versions of
Exchange to Exchange Online

11. Exchange 2010 SP2
Development
Hybrid Edition
 Can be used only for connecting on-premises environment
with Office 365
 If you move a mailbox to it, or leverage any features
outside the scope of a hybrid deployment, you must
purchase regular license and CALs
 Multiple Hybrid Edition servers can be deployed, if needed
 Not available for Office 365 trial customers; simply use
Trial edition of Exchange 2010 SP2

12. Upgrading Tips

13. Upgrading Tips
SP2 includes Active Directory schema updates
 3 new classes (and class object IDs) have been added
 59 new attributes (and attribute object IDs) have been
added
 29 new MAPI IDs have been added
 46 new indexed attributes
 36 new global catalog attributes
Get complete listing of all schema changes from MSDN
 http://aka.ms/E14SP2Schema

14. Upgrading Tips
SP2 includes database schema updates
 Upgrading from RTM  SP2 can take a while (20-30
minutes) due to database schema upgraders that run
 Look for instances of MSExchangeIS Mailbox Store
event 1185 in event log
 Once a mailbox database has been upgraded to a later
version, it cannot be moved to an earlier version (e.g.,
database *over or database portability use is limited
during upgrade period)

15. Upgrading Tips
Client Access Server role has new operating system pre-
requisites in SP2
 ASP.NET
 ISAPI Filters
 IIS 6 WMI Compatibility
Exchange Setup can install the new pre-reqs for you
 Setup /Mode:Upgrade /InstallWindowsComponents

16. Upgrading Tips
SP2 includes some updated RBAC management role definitions
 If you manage Exchange 2010 from a pre-SP2 server in an Org that
has been updated to SP2 you will get warning messages
 Exchange Management Shell
 WARNING: The object MyMailboxDelegation has been corrupted,
and it's in an inconsistent state. The following validation errors
happened: WARNING: The property value you specified, "15",
isn't defined in the Enum type "ScopeType".
 Exchange Management Console
 The object MyMailboxDelegation has been corrupted, and it's in
an inconsistent state. The following validation errors happened:
The property value you specified, "15", isn't defined in the Enum
type "ScopeType".

17. Upgrading Tips
Mailbox Replication Service (MRS) has changed in SP2
 MRS Proxy will be disabled on upgrade to SP2 (thus, cross-
forest mailbox moves will not be processed)
 Enable using Set-WebServicesVirtualDirectory -
MRSProxyEnabled
 MaxMRSProxyConnections



18. New Cmdlets and Scripts
in SP2

19. New Cmdlets
Address Book Policies
 New-AddressBookPolicy
 Get-AddressBookPolicy
 Set-AddressBookPolicy
 Remove-AddressBookPolicy
Hybrid Deployments
 New-HybridConfiguration
 Get-HybridConfiguration
 Set-HybridConfiguration
 Update-HybridConfiguration

20. New Scripts -
ConvertOABVDir.ps1 to convert the OAB virtual
Execute this script on each CAS
directory to an IIS web application, and create a new
application pool called MSExchangeOabAppPool
Converting the OAB virtual directory is necessary to
support Kerberos authentication, which we recommend
See http://aka.ms/f2ndij for more information

21. New Scripts - ExPerfwiz.ps1
Formerly an out-of-band tool; now shipped in the product!
Helps automate the collection of performance data on
Exchange 2007 and Exchange 2010 servers
Automatically adds the appropriate counters for each
detected server role

22. New Scripts - LargeToken-
IIS_EWS.ps1
Solves issue where the size of the availability request
exceeds the limit when you have large access tokens (>
200)
This script and a companion script, LargeToken-
Kerberos.ps1, were actually first released in UR4 for
Exchange 2010 SP1
 LargeToken-IIS_EWS.ps1 increases the value of the
MaxFieldLength and MaxRequestBytes IIS parameters
and changes the EWS Web.config bindings on all CAS
in the site
See http://aka.ms/kknmtd for more info

23. New Scripts - LargeToken-
Kerberos.ps1
This script sets
HKLMSystemCurrentControlSetControlLsaKerberosParameter
s values MaxPacketSize to DWORD 1 and MaxTokenSize
to DWORD 65535 on all specified machines in the domain
See http://aka.ms/enracj for more info

24. Exchange Server 2010
Service Pack 2
Feature: Mini Version of Outlook Web App

25. Mini Version of Outlook Web
App
Feature driven by demand from markets where browser-
based phones still rule
Administer using PowerShell
This is not Outlook Mobile Access from Exchange 2003
 None of the Exchange 2003 code was re-used
 Completely new code built as a set of OWA forms

26. Mini Version of Outlook Web
App
Enabled and disabled using Set-OWAMailboxPolicy
 Set-OWAMailboxPolicy PolicyName -
OWALightEnabled:$True
Provides an alternative view of OWA, so
 OWA mailbox policies and segmentation are inherited
 Any unsupported features in the policy are disabled
 Features such as calendar, contacts, etc., can be enabled
or disabled on a per policy basis
 If a new language is added to OWA, mini version gets it

27. Exchange Server 2010
Service Pack 2
Feature: Hybrid Configuration Wizard

28. Hybrid Configuration Wizard
EMC-based wizard plus cmdlets for setting up on-
premises Exchange and Office 365 to work together – in
Hybrid mode
Vastly simpler process than the current SP1 manual
experience
What once took ~49 steps, now takes 6 (your mileage
may vary)
 >80% reduction for the administrator

29. Exchange Server 2010
Service Pack 2
Feature: Address Book Policies

30. Address Book Policies
Common Scenarios
 Legal or compliance reasons – People are not allowed to see
each other in the GAL
 Privacy reasons – School scenario where students can‟t see other
classes but are all in one school
 Optimization reasons – Organization has logical sub-divisions but
still needs to share some resources and infrastructure (MSN and
Xbox)
 Hosting reasons – You want to host multiple organizations on one
platform and don‟t want them seeing each other
 Usability reasons – You have a huge GAL which is hard to
navigate, the sort order may be mixed up, or the GAL may simply
be massive (US Army or DoD)

31. Address Book Policies
Address Book Policies (ABPs) enable you to achieve GAL
Segmentation in Exchange 2010
ABPs work on the principal of direct GAL and Address List
assignment rather than allowing or denying access to all
available lists
Any request that comes through the Address Book Service
on CAS is evaluated against the ABP assigned to the user

32. Address Book Policies
ABPs apply only to users and clients on Exchange 2010 that
use CAS for directory and
 Opens the address list picker
 Tries to resolve a name or an alias
 Adds a room resource to a meeting request
 Searches the GAL
 Searches the directory from Outlook Voice Access
 Queries the directory from a mobile device
 Views someone‟s DL memberships, or views the members
of a DL

33. Exchange Server 2010
Service Pack 2
Feature: OWA Cross-Site Silent Redirection

34. OWA Cross-Site Silent
Redirection via CAS in the „wrong‟ AD site, CAS has a decision
If you access OWA
to make
It can proxy or redirect the connection to the target site
 If there is no ExternalURL in that site, we proxy, the mailbox opens
and the user gets access
 If the target site has an ExternalURL the user gets a page with a
link to click
 The user clicks the link, and logs in again, and gets access
 The user has to log in twice
 We are removing the need to click the link
 Which for some scenarios will result in a Single Sign On
experience

35. Experience: Before After
and

36. OWA Cross-Site Silent
Redirection
Enabled on Internet-facing CAS, on a per OWA virtual directory
basis
Set-OWAVirtualDirectory –Identity “CAS1owa (default Web
site)”
–CrossSiteRedirectType Silent
When you enable silent redirection
 You will be informed that the target CAS must have an
ExternalURL that leverages HTTP SSL protocol
 You will receive a warning that single sign-on experience
may not be possible if FBA is not enabled
Demo video at http://aka.ms/OWACSSR

37. Additional Enhancements
in SP2

38. Additional Enhancements in
SP2
Disable Mailbox Auto-Mapping
 Outlook 2007/2010 can map to any mailbox to which a user
has Full Access and, through Autodiscover, automatically
loads all mailboxes to which the user has Full Access
 If the user has Full Access to a large number of mailboxes,
performance suffers when starting Outlook
 SP2 enables admin to disable this behavior by setting new
Automapping parameter for Add-MailboxPermission to
False
 See http://aka.ms/gxxxk1 for steps

39. Additional Enhancements in
SP2
Custom Attribute Enhancements
 Five new multi-value custom attributes
(ExtensionCustomAttribute1 to ExtensionCustomAttribute5)
that you can use to store additional information for mail
recipient objects
 Each can hold up to 1,300 values, and support multi-values
by using comma-delimited list
 Supported by Set-DistributionGroup, Set-
DynamicDistributionGroup, Set-Mailbox, Set-MailContact,
Set-MailUser, Set-MailPublicFolder, Set-RemoteMailbox

40. Additional Enhancements in
SP2
Litigation Hold
 You can‟t disable or remove a mailbox that has been placed on
litigation hold; prior to SP2, you had to disable litigation hold
 SP2 includes new IgnoreLegalHold parameter that is supported by
the following cmdlets
 Disable-Mailbox
 Remove-Mailbox
 Disable-RemoteMailbox
 Remove-RemoteMailbox
 Disable-MailUser
 Remove-MailUser

41. Additional Enhancements in
SP2 Availability
High
 Move-ActiveMailboxDatabase has new
SkipActiveCopyChecks parameter which bypasses the
check to see if the copy being activated is currently
being used as a source for seeding
 If you use this parameter when activating a copy, the
seeding/update process will be terminated

42. Random Tips

43. Mailbox Database
Housekeeping you may need to periodically scan
In large environments,
Active Directory for disconnected mailboxes that aren't yet
marked as disconnected in the Information Store and
update the status of those mailboxes in the Store
You can use Clean-MailboxDatabase to do this, but that
requires mailbox database GUIDs
To get the GUID: Get-MailboxDatabase | fl Identity, Guid
Or simply run: Get-MailboxDatabase | Clean-MailboxDatabase

44. ActiveSync Approval
Delegation Help Desk folks to approve or deny EAS devices
Scenario: You want
without giving them Org Management rights
Solution
 Create mail-enabled security group used for quarantine
notifications
 Enable EAS quarantine and configure notification message
 Copy management role containing Set-CASMailbox
–ActiveSyncAllowedDeviceIDs cmdlet/parameter
 Remove all other management role entries from custom role
 Create new role group containing security group
 Add user to new role group and Recipient Management role

45. Get all Email Addresses for
Domain addresses for an SMTP domain, including those
All email
assigned to mail-enabled public folders
Get-Recipient | where {$_.emailaddresses
-match “contoso.com”} | fl name,emailaddresses
>>emailaddresses.txt

46. Analyze Message Tracking Logs
http://aka.ms/ExMailStats
Analyzes Message Tracking Logs and produces a .csv file
of mail stats per user, and keeps distribution list usage
Finds all Hub Transport servers in the Org, retrieves the
logs from the previous day, and generates stats for each
user, for both Internal and External emails, by primary
address, for
 Total Messages and Bytes Sent
 Unique Messages and Bytes Sent
 Total Messages and Bytes Received

47. Free script repository for
Exchange Center Repository -
TechNet Script
http://aka.ms/Ex2010Scripts
Over 50 scripts for Exchange 2010 created by internal and
external community contributors
Each contribution is licensed to you under a License
Agreement by its owner, not Microsoft
Microsoft does not guarantee the contribution or purport to
grant rights to it

48. Questions?
Thank you for attending!
Contact me at any time with questions:
 scott.schnoll@microsoft.com
 Twitter: @schnoll
 Blog:
http://blogs.technet.com/scottschnoll

49. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and
Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.