September, 2009

Microsoft Security Essentials - a review

Here is a great review for the new Microsoft Security Essentials products:

 http://www.theregister.co.uk/2009/09/30/…

In reading the review I was actually tentatively impressed ( I will save real positive feelings after i test it myself).

Microsoft unleashing a good product is rare enough but a good product that is free? I am pretty sure the planets must be aligning in just the right way for this to happen.

For those of you who are thinking to yourself “but HyperV is free” please note that in my previous statement I did say free AND good.

Warning message when you start Outlook 2007 and then connect to a mailbox that is hosted on an Exchange 2007: Security certificate is invalid.

I encountered this issue when setting up an Exchange 2007 environment. After I installed the SSL cert for OWA all of the users using Outlook 2007 reported that they got a certificate warning when opening Outlook internally.

A co-worker of mine found this support article which fixed the issue and saved my bacon.

SYMPTOMS
When you start Microsoft Office Outlook 2007 and then connect to a mailbox that is hosted on a mailbox server that is running Microsoft Exchange Server 2007, you receive the following security warning message:

The name of the security certificate is invalid or does not match the name of the site.

CAUSE
You replace the default self-signed Exchange 2007 certificate with a different certificate.

By default, the URL that is stored in these objects references the NetBIOS name of the server. For example, a URL that resembles the following URL is stored:

https://NetBIOS_name.contoso.com/autodiscover/autodiscover.xml

This may differ from the host name that is used in the FQDN of the replacement certificate. For example, the replacement certificate may have an FQDN that resembles the following FQDN:

mail.contoso.com

This issue causes a name mismatch error to occur. Therefore, you receive the security warning message when you try to connect Outlook 2007 to the mailbox.

RESOLUTION
To resolve this issue, modify the URLs for the appropriate Exchange 2007 components. To do this, follow these steps:
1. Start the Exchange Management Shell.
2. Modify the Autodiscover URL in the Service Connection Point. The Service Connection Point is stored in the Active Directory directory service. To modify this URL, type the following command, and then press ENTER:

Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.contoso.com/autodiscover/autodiscover.xml

3. Modify the InternalUrl attribute of the EWS. To do this, type the following command, and then press ENTER:

Set-WebServicesVirtualDirectory -Identity “CAS_Server_Name\EWS (Default Web Site)” -InternalUrl https://mail.contoso.com/ews/exchange.asmx

4. Modify the InternalUrl attribute for Web-based Offline Address Book distribution. To do this, type the following command, and then press ENTER:

Set-OABVirtualDirectory -Identity “CAS_Server_name\oab (Default Web Site)” -InternalUrl https://mail.contoso.com/oab

5. Modify the InternalUrl attribute of the UM Web service. To do this, type the following command, and then press ENTER:

Set-UMVirtualDirectory -Identity “CAS_Server_Name\unifiedmessaging (Default Web Site)” -InternalUrl https://mail.contoso.com/unifiedmessaging/service.asmx

6. Open IIS Manager.
7. Expand the local computer, and then expand Application Pools.
8. Right-click MSExchangeAutodiscoverAppPool, and then click Recycle.

Source: http://support.microsoft.com/kb/940726

Certificate, Exchange Server, Outlook

Training material for the BCP-610

So last month I wrote that there was no study material available for the Blackberry Solution Designer BCP-610 exam. I have since found out from Blackberry that they are working on creating the material and it should be out by November from the Element K website  http://www.elementk.com/).

Repairing an Exchange database that won’t mount

Here is a really useful tutorial for repairing an exchange database that won’t mount.

 http://www.msexchange.org/tutorials/Exch…

I know of many occasions where this has been required to get Exchange up and going in a crunch.

HP stock set to increase

Check out this article:

 http://www.channelregister.co.uk/2009/09…

How you might ask are they doing so well in the midst of economic downturn you might ask? Well it’s simple they cut their employee’s salaries, particularly from the EDS side. Now for all I know these employee’s salaries were bloated and needed pruning in any case, but I am just saying that if you are going to brag about how your profits are increasing maybe it should be from increased sales or better innovation or something like that.

Just saying…

Google releases plugin which turns IE into Chrome

Check this out:

 http://www.theregister.co.uk/2009/09/24/…

Ok now this is just funny. Kudo’s to Google for one, improving a product which so desperately needs improvement, and two, having the balls to actually do this. I commend you!

Migrating to Exchange 2007

I recently completed my first migration from Exchange 2003 to 2007.

I found this article really helpful:

 http://www.aspfree.com/c/a/BrainDump/Mig…

Overall I had to say I found the proccess really simple. The install lets you specify your existing exchange environment and auto creats the routing between them.

Migrating mailboxes was a one click seamless move.

Now if I could only figure out where Microsoft moved all the settings I need. Sigh.

MS Office Web

Check out this article:

 http://www.channelregister.co.uk/2009/09…

I can honestly say it would really rock the foundations of my world if Microsoft every had an original idea of their own.

Cisco adopting strategies to compete in the small business line

Cisco is almost synonymous with big business in the network infrastructure market but recently they have really been working to make themselves more friendly to the SMB market.

Here is a good article about that:

 http://www.channelregister.co.uk/2009/09…

Working at a consulting company that is a Cisco partner and has a large focus on small business I find that there are a lot of great Cisco products in the price range my client’s look for.

The ASA 5505 for example is a great little firewall with a lot of good features and price was is right on the mark and  often cheaper then equivalent Watchguard and Sonicwall products. As well  the UC500 Integrated services voip router is a great solution for a small business who wants a voice solution with a reasonable cost, particularly if they need a primary router/firewall and/or small wireless solution in any case.

The system detected a possible attempt to compromise security

I got the above error when trying to access a network share on a workstation. The event log was filled with Cifs and netlogon errors.  In doing some investigation I found that this machine had a manually set DNS entry which pointed to a former DC that had been demoted. What was interesting is that DNS resolution still worked (cached entries) but because it wasn’t authorized in AD the machine was getting cifs errors.