iPhone Revolution

For the past number of months, tech news sources have been overflowing with articles relating to the launch of Apple’s newest technological revolution: the iPhone.

Although the iPhone offers many new and innovative features, it is not exactly enterprise friendly. At the time of release, the iPhone leverages only the IMAP protocol to access Exchange email data. This essentially limits the device in such a way that it cannot take advantage of Exchange 2007 features such as Calendar and Contact synchronization. Furthermore, IMAP has at least two inherent negatives on a mobile device: it is not a ‘push’ email technology (unlike BlackBerry and Windows Mobile 5+ based solutions) and it is not natively secure (Ceryx utilizes an SSL encrypted IMAP solution to circumvent this issue).

The iPhone is a beautifully engineered device with little in the way of close competition in terms of gizmos and gadgets. Unfortunately it falls well short of the bar in an enterprise environment. If you must have an iPhone, you will have to do without many of the mobile features that are now standard amongst the competition – at least until 3rd party software is available or until, as speculated, Apple licenses Microsoft ActiveSync technology.

Apple iPhone: http://www.apple.com/iphone/

MacNN – iPhone/Active Sync: http://www.macnn.com/articles/07/06/26/iphone.exchange.support/

Microsoft Exchange Team Blog - http://msexchangeteam.com/archive/2007/07/10/446015.aspx

Mark

Exchange 2007 Free/Busy Feature

With Exchange Server 2007 as your messaging platform, secure access to more consistent and up-to-date free/busy information is now possible.

Unlike previous versions of Exchange, Exchange Server 2007 does not have to publish free/busy information into public folders if all attendees have Exchange 2007 mailboxes and are using Outlook 2007 or 2007 Outlook Web Access. In this “native” 2007 messaging environment Exchange Server 2007 makes free/busy information available in real-time directly from the attendee’s mailbox. This means you no longer have to deal with replication delays and access latency commonly associated with public folders.

All this is made possible by the Availability Service, which supportes clients like Outlook 2007 and 2007 Outlook Web Access, via the Auto-discover service.

The Availability Service is a Web Service deployed on the Client Access Server (CAS) role of Exchange Server 2007 along with the Auto-discover service. (For more information on CAS see http://technet.microsoft.com/en-us/library/bb125134.aspx)

So how does this all work?

First, the client will make a connection to the CAS.
- If Outlook 2007, the CAS will be determined via the Auto-Discover configuration using the Availability URL.
- If the target mailbox is in another AD site, the source CAS will make an HTTPS connection to the target CAS server. The target CAS will obtain the free/busy info by communicating over MAPI to the mailbox server and then send it back to the source CAS.
- If the target mailbox is in the same AD site then the CAS will communicate to the mailbox server via MAPI and obtain the free/busy info. The source CAS will then send the data back to the client.

For backwards compatibility, Exchange Server 2007 will still publish free/busy information to public folders in mixed messaging environments and provide other access methods. For example,
1. When the e-mail client requesting free/busy information is Outlook 2003 and the user using this client as well as the target attendee have Exchange 2007 mailboxes, free/busy information will be published in local public folders.
2. When the e-mail client requesting free/busy information is Outlook 2007, the user using this client has an Exchange 2007 mailbox, and the target attendee has an Exchange 2003 mailbox, the availability service will make HTTP connections to public virtual directory of the Exchange 2003 mailbox.

For more information about Exchange Server 2007 please visit the following link: http://technet.microsoft.com/en-us/library/aa996018.aspx

Ian

Exchange 2007 ActiveSync Policies

In Exchange 2007 administrators will have a more robust way of managing their remote ActiveSync users with ActiveSync Mailbox Policies. This will allow administrators to enforce settings to control how users use their ActiveSync mobile devices. This means administrators have more control and security when deploying ActiveSync devices.

Below is a list of the few of the settings you can set:


Alphanumeric password required -
- Requires that the password contains both numbers and letters.


Maximum failed password attempts -
- Set the number of times a user can enter an incorrect password before the device wipes itself.


Attachments enabled -
- Enabled the downloading of email attachments.


Maximum inactivity time lock -
- Set the maximum time the device can be inactive before it locks.


WSS file access -
- Allow access to SharePoint sites.


The main benefit over Exchange 2003 in Exchange 2007 is that an administrator has the ability to set a policy on a user by user basis, whereas in Exchange 2003 policies would be set globally. In Exchange 2007 there are two ways of creating ActiveSync policies: using the Exchange Management Shell or Exchange Management Console. The management console only has the ability to set some of the settings; the Management Shell is where all other settings can be found. Also note that you do not have to specify all policy settings when creating a new policy as any policy setting that you do not set will keep the default value.



Eren

Exchange Management Shell

Windows Power Shell, the scripting language introduced by Microsoft last year, is a welcome addition to the admin toolbox. Command line tools experienced a decade of neglect as GUI adminstrative tools took over the landscape. "In the beginning.. " is an entertaining yarn by Neal Stephenson about the history of the much maligned command line.

The Exchange 2007 team adopted an approach that lets us have our cake and eat it too. We now have the GUI Exchange Management Console for convenience that always shows the equivalent Exchange Management Shell cmdlets that are being used to accomplish each operation.

Get-Mailbox is an Exchange Shell cmdlet that can locate one or more mailboxes and report on various properties.

Use the Select-Object cmdlet to display just the properties you're interested in as opposed to the default display properties. For example, showing only the warning and send limits is often desired.

You could then use the Set-Mailbox cmdlet to change the quota.

This is all fine except you may be wondering what the big deal is all about. An administrator could just as easily use the Exchange Management Console and do the same thing with less effort. The real power of Power Shell (pardon the pun) is the combination of assorted cmdlets to automate repetitive tasks.

Let's suppose we want to increase the ProhibitSendQuota by 50MB for all users that have current ProhibitSendQuota greater than or equal to 100MB. This could potentially be a large task to do manually (checking every user and upgrading them), however it's quick and easy using Exchange Shell.

Note that I used the $1st shell variable to hold the intermediate results so I could check the list of mailboxes obtained using the Where-Object cmdlet before actually running the foreach loop that bumps the send quota limits.

Saving the list in a variable also lets us check things again at the end using $1stGet-Mailbox to make sure everything worked as expected.

Exchange Shell opens up many new possibilities for managing Exchange Server and simplifies the administration of large number of users.

See the Using the Exchange Management Shell in TechNet for an introduction and The Exchange 2007 Wiki for more tips and examples.