DBActive

I don”t really blog much about ISA, but I thought the following link is extremely useful if you”re deploying Exchange with OWA and/or RPC over HTTP.  Both of which requires SSL in a production environment.  If you have ISA as a part of that mix, then this article is a MUST READ!!

http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/ssl_performance.mspx

[Found out about this via another blog post: http://weblogs.asp.net/Squasta/archive/2005/01/28/362346.aspx]

Source

During normal MPS/MPF operations, you may see the following Entry in the Event Log:

Event ID: 4608
Source: Provisioning Client

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

This is a very common issue.  There is no need to worry or take action on this error.

The MPF Client gets information on available MPF Engines and setting by connecting to the MPFConfig Database (this is stored in a registry key).  Peridodically (not sure of what the time frame is), the MPF Client will try to refesh the data in it”s registry (this is a duplicate of what”s in the MPFConfig database) with the data in the MPFConfig Database.  If the user submitting the request doesn”t have the appropriate rights to connect to the MPFConfig database, then this error will be written to the Event Log and the request will continue to be processed based on the data already in the Registry (which includes information on MPF Engines).

So in the above Event Log error example, the Active Directory Object “IIS01$”, which is a Machine Account” was trying to access the MPFConfig database but failed because it doesn”t have access.

So how DO you refresh the database table?  Well, you”d have to submit a request (any request will do) to MPF with a user account that has access to the MPFConfig database.

Source

Yahoo and MSN have made significant gains against Google. They can send a considerable amount of targeted visitors to your website. This article helps you to benefit from this search engines trend.

In a post to the Hosted Exchange forum (http://www.asp.net/Forums/ShowPost.aspx?tabindex=1&PostID=803991), a user had the following issue:

————————————————————————————————-

One of my requirement is to create a plan that will disable the OMA and ActiveSync features. What I have done was to disable the OMA feature in the plan as follow:-

The disable OMA feature, seems like not functioning properly, and it only disable the “Up-to-date Notification”.

————————————————————————————————-

The answer to this is pretty simple.  The value that is being set in the <featureValue> node is actually being directly written to the associated users object in the msExchOmaAdminWirelessEnable attribute.

So with a little bit of playing around, here are some various values that enable the listed features (X represents an enabled feature):

So in order to get what you”re looking for, try setting “7″ for the value of featureValue.

Source

For those that might have not noticed or been aware of this tool, there is a Web based utility from Microsoft that allows you to manage a SQL Databases.  It provides both Integrated Authentication and SQL Authentication for logon and enables you to create, manage, and delete databases.

It also includes support for

• Tables - Create, Edit, Delete, and Manage Properties
• Stored Procedures - Create, Update, Delete, and Manage Properties
• Queries - Adhoc Queries
• Users - Assign rights to database objects
• Rolese - Manage Roles

http://www.microsoft.com/downloads/details.aspx?FamilyID=c039a798-c57a-419e-acbc-2a332cb7f959&displaylang=en

BTW, this component is also in the Microsoft Solution for Windows based Hosting 3.0, but it includes some “Tweaks” and documentation to make it more hostable.

Source

As soon as I make a post on Log Parser 2.1, Microsoft then releases Log Parser 2.2!

Here are some interesting things I”ve found in this thus far (I”m sure I”ll find more later):

• No “Native” .NET Support or Wrapper.
• There is a C# Sample, but there is only one and it doesn”t provide lots of detail on how to do other things with the Log Parser via .NET.
• There are a lot of new Input types including (XML, Actie Directory, Registry, Netmon, and more)
• Command-Line Utility provides the ability to dynamically create a pie chart based on results (it”s a GIF file)

Here is a link to download Log Parser 2.2

http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en

Source

In doing some research into Hosted Exchange and the deployment of OWA, the question of how can OWA be customized

First, let”s you should take a read into a Microsoft Support Article that discusses how OWA can be customized on a per user basis.  Below is the link:

http://support.microsoft.com/Default.aspx?id=833340

So basically, customizing OWA per user is all about providing a number (All be it a special number) on the “DefaultMailboxFolderSet” on the User Object in Active Directory.  Now you can either do this via a script of using ADSI Edit (a utility that is available when you install the Windows 2003 Support Tools found in the Support folder of the Windows 2003 CD).

Now if you”re doing this in a Hosted Exchange environment, the other mechanism to do this is via a “Plan” definition.  Plans in Hosted Exchange isn”t really a fully featured Plan Management System, but it does provide a useful way to define user mailbox customization by defining it once and then calling the customization information by name per user creation.

At this point, I”m not going to discuss how Plans work and how to define new plans.  This is documented in the Solution Documentation, but I”ll give my own perspective in a later post.

With that said, one of the “Sample” Plans that ships with the solution is named, “BaseMail” (this plan is created when you submit the request “CreateSampleServicePlans.xml” is submitted.  This can be found in the “C:Program FilesMicrosoft HostingProvisioningHostedExchangeXML Initionalization
” folder.).  This plan provides the consuming users of this plan to have the following features:

• Outlook Web Access (OWA)
• POP3
• IMAP
• Mailbox Size: 10 MB
• OWA Segment: 98821
• NoOutlookClient - This means that RPC over HTTP support for Outlook 2003 will not be available for this user.

The OWA Segment tag is actually a mapping to the DefaultMailboxFolderSet value stored in Active Directory for a user that has this plan.

So what does this standard user get with a number of 98821?

• Messaging (1)
• Contacts (4)
• Rich Client (512)
• Themes (32768)
• Junk e-mail (65536)

So this gives us a total number of 98821.  All of this is further documented in the solution documentation (Vol 3, Book 5, Ch 1, Service Plans & Events, Sample Exchange Mailbox Service Plans).

Source

That you can”t fully manage an IIS 6 server via Windows XP using the Internet Information Services Manager (the MMC to manage IIS) that ships with Windows XP?

You can resolve that issue by installing the IIS 6.0 Manager for Windows XP.

http://www.microsoft.com/downloads/details.aspx?FamilyID=F9C1FB79-C903-4842-9F6C-9DB93643FDB7&displaylang=en

This is due to an issue with the version of the IIS Namespace for ADSI installed on the Windows XP machine and the updated version of that API that”s in Windows 2003 for IIS.  I think it”s actually a WMI thing…I can”t remember, but either way if you download and install the tool you should be all set.

Source

This has been out for a while, but worth noting.

IIS 6.0 Resource Kit: http://www.microsoft.com/downloads/details.aspx?FamilyID=80a1b6e6-829e-49b7-8c02-333d9c148e69&DisplayLang=en

This is mainly the documentation portion of the Resource Kit.  It”s got LOTS of great information about managing and securing your IIS Servers.  It”s a lot to go through, so mostly it”s a reference guide or something to poke around in as you get curious on certian areas.

IIS 6.0 Resource Kit Tools : http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en

This includes about 14 handy tools for IIS 6, but the ones that I think are the best are:

1. Log Parser
2. Metabase Explorer
3. RemapURL
4. IIS 6.0 Migration Tool 1.0 (Version 1.1 is now available via a seperate download: http://www.microsoft.com/downloads/details.aspx?FamilyID=2aefc3e4-ce97-4f25-ace6-127f933a6cd2&displaylang=en)

Source

I finally taken a bit of time to evaluate the Exchange OWA Admin tool, but I finally did it and here are my thoughts.

First, here is a link to my previous post on the tool: Exchange OWA Admin Tool

So here is the quick breakdown of the installation:

1. Installation was very simple and quick
2. OWA Admin requires that it must be on a site that has SSL enabled for it to work.  The good news is that if you don”t have one for your site (say it”s for lab use), it will create a temp one for you.  Now the ReadMe documentation says that this should not be installed on a forward facing server which makes sense, but then you start wondering why the big push to force SSL?  I guess to protect those that put it on a forward facing server anyways.  Either way, it”s not a bad requirement, but something to be mindful of.
3. After you install it, it didn”t really say what the URL was to access the OWA Admin site.  So I took a guess and went to https://localhost/owaadmin/ .  It worked!
4. Again, if you”re site doesn”t have SSL, it will have created a temporary one and associated it with the “Default Website”.  So when you first go tot he URL, it will prompt you to accept the Temp SSL as it isn”t a “Trusted” certificate.

Here is a list of the features found in the OWA Admin Tool:

1. You can select from a drop-down list which OWA server you”d like to manage.
2. Address Book - Set the Maximum number of entries (e.g. Users, contacts, distribution lists, etc.) that are returned during a search.
3. Attachment Handling - Provide the ability to Disable Attachments (Allow all attachments (default), Allow attachment access through back-end servers, and Do not allow attachments).  You can also specify if you want a specific Front-End server to be the “pass through” for all attachments.  You”re also able to define what File Types are disallowed.  There is already a long list, but you can add or remove file extensions from that list.
4. Automatic Signature - Here you can define that Maximum Signature Length that a user can have.  The default is 4096.
5. Character Handling/Encoding - This section will allow you to select from a collection of settings that help OWA determine how it should handle localization (Use Regional Charcter Set, Disable NCR Conversion (Default: No), Use GB18030(Default: No), Use ISO-8859-15 (Default: No),
6. Client Notifications - This section allows the administrator to set how often the OWA Client will poll the server for updates (New Mail Notification Interval (Default: 2 minutes), Reminder Polling Interval (Default: 9 minutes))
7. Forms based Authentication - This section enables the administrator to set time out and SSL options (Public Client Timeout (Default: 15 minutes), Private Client Timeout (Default: 1440 minutes), and Allow SSL Offloading (Default: No).  The Allows SSL Offloading is an interesting features, because it disables the requirement to run OWA via SSL if Forms Authentication is enabled.  This is great if you have a Hardware based SSL Solution that sits in front of your OWA Server.
8. Junk E-mail - This section allows you to configure how OWA should handle Junk Email settings. (Maximum Junk E-mail Contact Addresses (Default: 10000), Maximum Blocked Junk E-mail Senders (Default: 1024), Maximum Junk E-mail Safe Recipients (Default: 1024), Maximum Junk E-mail Safe Senders (Default: 1024), Advanced Junk E-mail Support (Default: No)
9. Public Folders - This section enables the administrator to define how Public Folders will be handled by OWA (Resolve Foreign Users (Default: No), Maximum Public Folder Attachment Size (Default: 1024KB))
10. Security - This section enables the administrator to define the various security aspects used by OWA (User Context Timeout (Default: 60 minutes), Enable Change Password ((Default: No), Enable Basic Authentication to Back-End Server (Default: No), Enable SMTP Address Mailbox Access (Default: Yes), Enable Logoff Warning (Default: No))
11. Spell Check - This section defines all areas of Spell Check (Maximum Spell Check Document Size (Default: 100 KB), Maximum Spell Check Errors Per Item (Default: 1024), Maximum Simultaneous Spell Check Requests (Default: 64), Maximum Unique Errors (Default: 256), Disable Spell Check on Send (Default: No), and Update Spell check Language List (Default: No))
12. S/MIME - This is a collection of all S/MIME feature settings (Check CRL on Send (Default: No), Distribution List Expansion Timeout (Default: 60000 milliseconds), Use Secondary Proxies when Finding Certificates (Default: Yes), CRL Connection Timeout (Default: 60000 milliseconds), CRL Retrieval Timeout (Default: 10000 milliseconds), Disable CRL Check (Default: No), Always Sign (Default: No), Always Encrypt (Default: No), Clear Sign (Default: Yes), Includes Certificate Chain Without Root Cert (Default: No), Include Certificate Chain and Root (Default: No), Encrypt Temporary Buffers (Default: Yes), Signed E-mail Certificate Inclusion (Default: Yes), BCC Encrypted E-mail Forking (Default: One Envrypted message per BCC), Include S/MIME Capabilities in Message (Default: No), Copy Recipient Headers (Default: No), Only use Smart Card (Default: No), Triple Wrap Encrypted Mail (Default: No), S/MIME Encryption Algorithms (Default: 3DES - 168 bit-key), Use Key Identifier (Default: No))
13. Tasks - This section defines the length of days and weeks that are defined as work days/weeks throughout the entire organization (Minutes in a Day (Default: 480), Minutes in a Week (Default: 2400).
14. User Privacy - This section defines how OWA will handle external content embedded in an email message (Content Filtering Options (Default: Show filtering as an option to the user in the options page) and Filtering Mode (Default: Display filtered images as clear gif files).
15. View Settings - This section defines the number of default rows show in OWA (Maximum View Rows (Default: 100))
16. Apply a default theme to this server - This section allows an administrator to select a common OWA theme to be used.
17. Server Wide Feature Support - Here you can specify which features OWA will make available (Calendar, contacts, task, journal, notes, Public Folders, Reminders, New mail pop-up, Premium Client (e.g. rich text editing),  Spell Checking, S/MIME, Search Folders, Auto Signature, Rules, Themes, and Junk E-mail filtering)

I admit that some of the features (And title of the sub-features) may not be that helpful in understanding exactly what each feature does.  But I think it”s enough to give you of an idea of what”s there and interests you enough to look into it a bit more.  All of the feature adjustments made through this tool could be done without the tool via registry edits, but who wants to take on that risk?

So after looking at this tool a bit closer, I think that this is a vital tool to any organization or Service Provider deploying Outlook Web Access (OWA).  There is a large number of options that allows the administrator to customize which features should be exposed via OWA and also set their behavior.

Source