Welcome to part two in our series on certificates and Exchange 2010. In Part One we talked about encryption and the role of certificates. In Part Two, we’re going to talk about Certificate Authorities, and more specifically, Public Certificate Authorities. Certificate Authorities (CAs) are at the top of the certificate ladder, and handle two key tasks. They issue certificates to requestors, and they provide a measure of assurance that some server is who it purports to be. Of course, whether or not you are willing to accept that assurance is up to you. Continue reading Understanding and Using Certificates in Exchange 2010 – Part Two

Exchange 2010 makes extensive use of certificates to secure client communications. Whether you are using Outlook Anywhere, Outlook Web App, Exchange ActiveSync, or secure versions of SMTP, IMAP, and POP3, you are going to need a certificate to handle the encryption of your traffic. Since that’s how you protect your critical data from prying eyes and sniffing nodes, using a certificate is a key part of your Exchange implementation. Exchange 2010 will handle generating its own certificate when you install it, but unless you want to deal with constant client warnings about a certificate being untrusted, or even worse, training your users to ignore such warning, you are going to want to use a commercial certificate, from a Public Certificate Authority. Before we go over how to get a certificate and install it, let’s review some encryption concepts and certificates at a very high level. Continue reading Understanding and Using Certificates in Exchange 2010 – Part One

While it’s not clear why Microsoft decided to put its annual conference for Exchange pros on the shelf 10 years ago, it’s apparent that it feels the time is right to revive the confab this year.

So far, details for the Microsoft Exchange Conference (MEC) are sketchy, but that hasn’t prevented the Redmond gang from starting to collect “early bird” registrations at $1800 a pop. Once the early bird period expires, registration will be $2000.

The gathering itself is scheduled for September 24-26, with an outside chance it might be extended an additional day, at the Gaylord Palms Resort and Convention Center in Orlando, Fla.

The timing of the event should intrigue Exchange watchers. A beta of the new version of the server software, Exchange 15, is expected to be released during the summer, so the official release could take place at the conference. That schedule is consistent with the scuttlebutt circulating the Web about Microsoft’s product launch schedule for this year, which will include new versions of Office and Windows. Continue reading MEC 2012: What we know so far

We’ve been covering a lot of new tools that Microsoft and the Exchange team have been releasing recently. The folks from Redmond have been busier than North Pole elves in December, and we continue to see great things coming down the pipe. But in today’s post, we’re going to take a closer look at a slightly older, but also incredibly powerful tool, called MFCMAPI. In this article, we’ll introduce you to the tool, go over some of its capabilities, and provide you links to resources for further information. If there’s enough interest, we may start a series of how-to’s for using MFCMAPI to troubleshoot a variety of different issues. Continue reading Troubleshooting Outlook Issues with MFCMAPI

Don’t look now folks, but I expect several of us may be spending the weekend testing out a new update. Just when you thought you had your Exchange 2010 servers squared away, there’s new news out of Redmond. Practically on the heels of the last rollup, Microsoft has just released Update Rollup 2 (RU2) for Exchange 2010. Update Rollup 2 includes all of the previous updates that have been release since SP2 as well as the following. Continue reading Exchange 2010 SP2 RU2 Released

When the company brass goes hunting for places to cut capital expenditures, a common target is its Exchange servers. That’s especially true as the cult of the cloud grows in strength and numbers.

Arguments for embracing the cloud are as familiar to administrators as the words to the Lord’s Prayer are to Christians:

• Better cost predictions because you’re paying a flat rate for service based a predictable metric, such as user numbers.
• Headaches connected to upgrades, updates and service packs are passed on to the cloud service providers.

On the other side of the coin, some organizations can’t or won’t give up direct control of their email. There may be compliance issues created when trying to use cloud services. Since so much litigation these days has a litigation component, the legal department may be concerned about responding to eDiscovery orders in a timely and appropriate manner if email is under the control of a cloud services provider. Continue reading Moving Exchange to cloud need not be an operational necessity

The cool tools continue to roll out from the great folks in Redmond. This month marks the release of the Microsoft Log Parser Studio, a much needed GUI front end to the powerful Log Parser that you’ve probably heard of, even dabbled with, over the years. Log Parser, now at version 2.2, has been around for years and was always known as the go to tool for digging through tons of log files. Log Parser can consume log files in text, XML and CSV, and can also work with Event Logs, the registry, Active Directory and more. The only drawback to Log Parser 2.2 is that it’s command line.

The powerful search and output capabilities of Log Parser can find practically anything you can formulate a query for, and output it to another source including text, chart, SQL or even syslog format. The challenge for many is that the command line interface can be a turn-off, and the query language is not for the meek at heart. It works very well and is extremely powerful, but unless you are already used to writing SQL queries it can be more effort than you want to exert. Continue reading Another Cool Tool: The Log Parser Studio

Much to-do is made about people choosing poor passwords to protect sensitive information in their care. Just this week, for example, a company that could well serve as the poster child for password worst practices paid the U.S. Federal Trade Commission US$250,000 for its security sins.

The company, RockYou, exposed the personal information of about 32 million of its customers to hackers in 2009. A subsequent study of that information revealed that the passwords chosen by those customers were so weak, a brute force attack using a dictionary containing 5000 of the most commonly used passwords could crack 1000 accounts every 17 minutes.

However, administrators can be as careless as the members of their flocks when it comes to password practices. In its annual data breach report [PDF] released earlier this month, Verizon discovered that only 42 percent of the 855 companies contributing information for the study said they do not use vendor-supplied defaults for system passwords and other security parameters. That means 58 percent of the companies use passwords that are publically available on the Internet.

Continue reading Default passwords pose security problems for many organizations

We’ve been gradually ramping up our coverage of the Exchange Management Shell and the capabilities of PowerShell here at The Email Admin, and it’s great to see that Microsoft hasn’t slacked off when it comes to the EMS and PS either. There’s a new tool out, currently in beta, which shows all the signs of being a command-line junkee’s new crave.

The Microsoft Script Explorer for Windows PowerShell is a new graphical tool that can help you navigate all the twists and turns of using Windows PowerShell. The tool is designed to make finding, understanding, and reusing existing scripts as quick and easy as possible. Whether those scripts are of your own creation, created by your coworkers, or contributed by others to online repositories, Script Explorer is built to help you find, and use, just what you need as quickly and as easily as possible. Continue reading Scripting with Microsoft Script Explorer

It’s time to start getting serious about using the Exchange Management Shell (EMS). With so many management functions moving to the EMS, and with all the amazing capabilities of the shell, you should be very excited about learning more about the EMS. We’ve had several introductory posts on The Email Admin lately, now it’s time to start applying this knowledge with an overview of some of the most frequently used commands. Since we are email admins, it makes sense to start our journey to the dark side of the command line with managing mailboxes using Get-Mailbox, New-Mailbox, Set-Mailbox, and Remove-Mailbox. Continue reading Get Started with EMS Using Get-Mailbox