Exchange

Microsoft Direct Push Technology

Hi folks, so I wanted to talk a little bit about push technology as it relates to mobile devices. This is something that RIM has had for a long time with it’s BlackBerry devices. This was one of the major things that set RIM apart from the competition.

For example, push technology is when you get a new email or a new calendar appointment and the server side pushes down the changes to your mobile device without your device having to continously poll the server for changes.

Microsoft introduced this tech to Microsoft Exchange 2003 with service pack 2, and it also exists in Microsoft Exchange 2007. No longer do you need to worry about polling the server for changes, instead you can get instant updates as they happen thanks to push technology.

Unfortunately your older Microsoft based phones will not support this as you require newer Microsoft Windows Mobile software which is usually only supported on newer devices. The new Palm Pre for example also supports this technology and is poised to be quite the phone based on all the hype I’ve been hearing. It will be very interesting to see what portion of the market share Palm can steal from the iPhone and the BlackBerry Storm!

-RP

Enabling SSH on a VMware ESXi Server

For those of you that are used to having service console access in VMware ESX server, you might find yourself in for a bit of surprise when you try and do this with ESXi. By default you do not have access. However there is a way to enable access to the console.

Why do you need access to the console? With access to the console this gives you the ability to troubleshoot larger support issues when things aren’t working the way they should and it also enables you to run some pretty cool scripts that are available out there on the Internet.

The ESXi console uses BusyBox so it is different from ESX even after you get console access. To enable SSH access to the shell, please do the following:

• From the ESXi console hit Alt-F1
• Type in the word unsupported and hit enter (you will not see the characters appear on the screen)
• Type in your root password
• Edit the /etc/inetd.conf file by typing in vi /etc/inetd.conf
• Scroll through the file until you find the line that says #ssh and delete the # sign
• Save the file
• Now you can reboot the ESXi server and you will have shell access
• Alternatively you can run the /sbin/services.sh restart command to restart the management services without rebooting the box.

-RP

Option for showing contacts in Address Book grayed out

Here’s a quick little tip for you Outlook users. In a new Outlook profile you might want to be able to use your Contacts folder in your address book.

The obvious way to do this is to go to the properties of the Contacts folder and then check off the Show contacts in address book box. This usually fixes the issue.

However once in a while users will run into a problem where the option is grayed out. This happens if there is no Outlook address book in existence in the profile. To fix this issue, add a new address book to the profile and then try it again. This time you will notice that the option is no longer grayed out.

-RP

Using BES (BlackBerry Enterprise Server) with Exchange and Multiple GALs (Global Address Lists)

Hi folks, here’s an issue you might run into and tear your hair out over. If you have a BES server working with Exchange and are using multiple GALs (Global Address Lists) in your environment, how do you setup the BES service account to access all the users in the different GALs?

Well the first thing that usually goes wrong is that you can activate everyone but you can’t get certain things such as appointments to sync correctly from the BlackBerry device to Outlook. This is because BES can only look at one GAL. That’s right, you heard me correct, only one GAL. Don’t fret, there is a way around this.

Create a third GAL that incorporates a filter that lists all the users of the other multiple GALs. This way you have one GAL that covers everything. Then give the BES service account permissions to access that GAL. Also make sure you add the Exchange Domain Servers Group full access to the GAL as well. Then in offline address lists you can add that GAL to the offline address list as well. Then don’t give access to the BES service account to the other GALs. This forces the BES service account to only use that one all encompassing GAL you just created.

Then go into your BlackBerry server and when you go to add a user to the BES server you will notice it is seeing all the users from your multiple GALs. That’s it, hope that helps!

-Cheers, RP

SSL and Migrating Public Folders in Exchange 2003

The other day I ran into an interesting problem with public folders. Someone was trying to run the pfmigrate.wsf utility (the same utility I mentioned in my blog) and they couldn’t get the script to recognize the public folders. The tool said that there were 0 public folders to migrate.

When they tried to view the public folders in the Exchange System Manager they received an SSL error. This is because someone has tried to require ssl on the public folders through IIS. This usually happens when someone is configuring SSL on their Exchange server for SSL access for their Outlook Web Access server or for RPC over HTTPS. They end up selecting all the sub folders in the default web site and apply SSL to everything. This adversely affects the public folders.

If you remove SSL from the sub folders you don’t need SSL on and then go back and try to run pfmigrate.wsf again it will work. You will also be able to view the public folders without an error in Exchange System Manager again.

 -RP

Migrating public folders to a newly installed Exchange Server

When migrating your mailboxes to a new server you can’t forget the ever important public folders. Public folders aren’t just for shared folders that you create on your own but they also include the required system public folders which allow Exchange to operate.

When migrating to a new server you absolutely need to migrate these public folders otherwise you will run into a whole host of issues on the new server and your users will be quite upset with you. Now you could just go to each public folder individually and setup replication, but that would take forever and a day, especially if you have tons of public folders.

 Instead you should use a script called pfmigrate.wsf. It’s located in the exdeploy folder on your Exchange installation CD. This script will allow you to easily replicate the public folders to your new server and then after replication is complete you can easily turn off the replication.

Full instructions can be found here.

 -RP

RIM releases Maintenance Release 1 for BES 4.1 SP6 for Microsoft Exchange

Hi folks, RIM has just released Maintenance Release 1 for BES 4.1 SP6. They had announced this earlier but then retracted the announcement because they had only released it for Domino. Now they’ve finally released the version for Microsoft Exchange.

As per usual, follow proper patching procedures by running this in a test environment if at all possible. After you’ve done your thorough testing then you can think about releasing it to production.

 This fixes a few issues with Exchange 2007, mixed environment with Exchange 2003 and 2007, and a problem with cached mode when using Outlook 2007.

You can get the patch from BlackBerry’s site and read the release notes there.

-RP

Problems moving disabled Exchange 2003 mailboxes to a new server…

Here’s an interesting problem that will come up for you from time to time when doing Exchange server migrations. If you go to move mailboxes using the mailbox migration wizard built into Exchange, you’ll find that the wizard will fail on moving any mailboxes that have had their Active Directory account disabled. This can be a problem especially if you still want to keep that e-mail in your new Exchange server because you plan on re-enabling that account at a later date.

The reason this happens is because when you disable a mailbox you might lose the msExchMasterAccountSID attribute off of the account. To fix this you can just regenerate this attribute. It’s fairly easy to do. Just go into the account in the Active Directory Users and Computers console and go to the properties of the account. Then you can go to the Exchange Advanced tab and click on Mailbox Rights. In there you will find the SELF object listed as one of the users and then just add the Associated External Account permission to it.

 This will fix the problem however you will have to wait for a long time before you can move the mailboxes again. According to Microsoft you might have to wait up to at least 2 hours before the mailboxes will be ready to move due to directory replication and Exchange cache refresh latencies. But then once you wait and come back, you will see that the mailboxes move like a charm.

This doesn’t help you however if you have a billion disabled mailboxes to move. Going into each mailbox individually and modifying it could literally take forever and a day. So instead Microsoft has a way for you to do it for large amounts of disabled accounts. You can find their instructions here in their knowledgebase article. Happy migrating!

-RP

BlackBerry announces support for Microsoft Office Communications Server 2007

So BlackBerry just announced support for Microsoft OCS 2007. What does this mean to us? This means greater support and integration between BlackBerry and Microsoft products.

One of the greatest things missing in my opinion from the BlackBerry suite of software is interoperability with other applications and vendors. This move to support Microsoft OCS 2007 is a great step in that direction. Some of the features they’ve announced such as being able to tell the presence of a user is just fantastic. We’ll see how this plays out. I for one am quite excited about it and can’t wait to test it out in the lab.

Now if only BlackBerry would announce full Asterisk and Jabber IM support I would be in 7th heaven!

You can read more about the announcement here.

-RP

How to enable address lookups for individual companies in Hosted BES environments

Sometimes when you are hosting a BES server in an environment where you are hosting multiple domain names on a single BES server you need the ability to separate global address list lookups. You wouldn’t want people in one organization looking up contacts from another organization.

There is a way to do this but it involves some registry hacking:

Check to see that the users are members of the same company in Active Directory. Then in the registry go to the HKEY_LOCAL_MACHINE\Software\Research In Motion\BlackBerry Enterprise Server\Agents registry key. Create a new DWORD value called “Hosted Server”. Then in the value type in a “0″ and click ok. Then set the DWORD value for AllowAddressLookup to “0″ as well. That’s it!

-RP