OT: Hosted Live Help?
Anyone have comparables or a review site that compares hosted live help applications? LivePerson is ridiculous expensive. We have used stardevelop.com for years and I like it, but we are moving away from hosting our services internally and on IIS. Any person experience or reviews would be helpful --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Re: Feedback wanted: Hosted Exchange experienceso with Google
After lengthy reviews of Apptix and BPOS, BPOS is clearly not ready for prime time. They have some odd limitations that appear to be more a result of going to market too soon than anything else. At the moment Apptix looks like a better enterprise partner On Thu, Oct 7, 2010 at 5:03 PM, Greg Olson gol...@markettools.com wrote: And Bpos is even cheaper if you throw you might go with Google Gmail at them :) -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Thursday, October 07, 2010 2:57 PM To: MS-Exchange Admin Issues Subject: Re: Feedback wanted: Hosted Exchange experiences Wow BPOS has everything we need and is a good bit cheaper than groups like Apptix. Great discussion. Thanks all! On Thu, Oct 7, 2010 at 4:45 PM, mqcarp mqcarpen...@gmail.com wrote: Good to see this thread. We are also looking at hosting. We through Rackspace out because they can not accommodate encrypted mail options. They have great support and huge mailbox options, but we are limited as we MUST have an encrypted option. I have been talking to Apptix so far. I am disappointed in the slow mail comment. I will also look into BPOS. I have not seen that one before. On Wed, Jun 16, 2010 at 10:06 PM, Steve Szabo steve...@gmail.com wrote: I have a customer who is using USA.NET. I have not had much interaction with the company, but, their online documentation is not up to date, which precipitated a call to their tech support. The person I had was knowledgeable, and the problem was dispatched quickly. I got through to him quickly, also, a definite plus, which would indicate that they may be adequately staffed, and not overwhelmed with support calls. I did mention the out of date documentation to him, but did not get the feeling it would be corrected quickly. \\Steve// From: David Lum [mailto:david@nwea.org] Sent: Wednesday, June 16, 2010 10:02 AM To: MS-Exchange Admin Issues Subject: Feedback wanted: Hosted Exchange experiences We are looking to outsource Exchange and have narrowed our field down to Apptix, USA.NET, and Microsoft BPOS. I have read a couple online reviews but would like to have a more interactive discussion. If anyone here has used any of these three I'd love to hear about your experience, good, bad, or indifferent. I'm not concerned with hearing about pricing as much as how migration and ongoing support was/is. TIA, David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Re: Feedback wanted: Hosted Exchange experiences
Good to see this thread. We are also looking at hosting. We through Rackspace out because they can not accommodate encrypted mail options. They have great support and huge mailbox options, but we are limited as we MUST have an encrypted option. I have been talking to Apptix so far. I am disappointed in the slow mail comment. I will also look into BPOS. I have not seen that one before. On Wed, Jun 16, 2010 at 10:06 PM, Steve Szabo steve...@gmail.com wrote: I have a customer who is using USA.NET. I have not had much interaction with the company, but, their online documentation is not up to date, which precipitated a call to their tech support. The person I had was knowledgeable, and the problem was dispatched quickly. I got through to him quickly, also, a definite plus, which would indicate that they may be adequately staffed, and not overwhelmed with support calls. I did mention the out of date documentation to him, but did not get the feeling it would be corrected quickly. \\Steve// From: David Lum [mailto:david@nwea.org] Sent: Wednesday, June 16, 2010 10:02 AM To: MS-Exchange Admin Issues Subject: Feedback wanted: Hosted Exchange experiences We are looking to outsource Exchange and have narrowed our field down to Apptix, USA.NET, and Microsoft BPOS. I have read a couple online reviews but would like to have a more interactive discussion. If anyone here has used any of these three I’d love to hear about your experience, good, bad, or indifferent. I’m not concerned with hearing about pricing as much as how migration and ongoing support was/is. TIA, David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Re: Feedback wanted: Hosted Exchange experiences
Wow BPOS has everything we need and is a good bit cheaper than groups like Apptix. Great discussion. Thanks all! On Thu, Oct 7, 2010 at 4:45 PM, mqcarp mqcarpen...@gmail.com wrote: Good to see this thread. We are also looking at hosting. We through Rackspace out because they can not accommodate encrypted mail options. They have great support and huge mailbox options, but we are limited as we MUST have an encrypted option. I have been talking to Apptix so far. I am disappointed in the slow mail comment. I will also look into BPOS. I have not seen that one before. On Wed, Jun 16, 2010 at 10:06 PM, Steve Szabo steve...@gmail.com wrote: I have a customer who is using USA.NET. I have not had much interaction with the company, but, their online documentation is not up to date, which precipitated a call to their tech support. The person I had was knowledgeable, and the problem was dispatched quickly. I got through to him quickly, also, a definite plus, which would indicate that they may be adequately staffed, and not overwhelmed with support calls. I did mention the out of date documentation to him, but did not get the feeling it would be corrected quickly. \\Steve// From: David Lum [mailto:david@nwea.org] Sent: Wednesday, June 16, 2010 10:02 AM To: MS-Exchange Admin Issues Subject: Feedback wanted: Hosted Exchange experiences We are looking to outsource Exchange and have narrowed our field down to Apptix, USA.NET, and Microsoft BPOS. I have read a couple online reviews but would like to have a more interactive discussion. If anyone here has used any of these three I’d love to hear about your experience, good, bad, or indifferent. I’m not concerned with hearing about pricing as much as how migration and ongoing support was/is. TIA, David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Re: Hosted Exchange Options
Jay we have been looking at Apptix. Can I contact you off list to discuss this vendor? On Mon, Oct 4, 2010 at 4:00 PM, Jay Dale jd...@unetek.com wrote: We use AppTix - they're really good in the reselling options. www.apptix.com Jay -Original Message- From: Karl Bickmore [mailto:k...@ccnsconsulting.com] Sent: Monday, October 04, 2010 2:43 PM To: MS-Exchange Admin Issues Subject: RE: Hosted Exchange Options OwnWebnow has a really good exchange hosting platform that does some form of encryption, I don't know if it is specifically PGP. Also, they do outbound and TLS, I don't know about custom mail trailers. Karl Bickmore MSCE NT4/2k/2k3, MCP, MCP+I, MCSA 2k/2k3 LPI-1, CCNA, CCDA, Net+,Security+,Linux+ DataCore SANmelody Certified 6613 N Scottsdale Road, Suite 101 Scottsdale AZ, 85250 480-553-9967 X100 k...@ccnsconsulting.com Please remember CCNS is a referral based business. If you have a friend or colleague in need, we are happy to help. Feel free to pass along our contact information to anyone you think we can help. Thanks! -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Monday, October 04, 2010 11:41 AM To: MS-Exchange Admin Issues Subject: Re: Hosted Exchange Options Not really. We are exploring moving it all to a host. On Thu, Sep 30, 2010 at 12:46 PM, KevinM kev...@wlkmmas.org wrote: Sounds like you want a hosted filtering option more then you want hosted Exchange. Postini, FOPE, ETC -- Most hosted providers use some sort of hosted filtering company.. -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Thursday, September 30, 2010 5:38 AM To: MS-Exchange Admin Issues Subject: Hosted Exchange Options When considering hosted Exchange options, do you know of vendors that do more complicated set ups? For example, PGP encryption, inbound and outbound filtering, TLS, and custom mail trailers? --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Re: Hosted Exchange Options
Not really. We are exploring moving it all to a host. On Thu, Sep 30, 2010 at 12:46 PM, KevinM kev...@wlkmmas.org wrote: Sounds like you want a hosted filtering option more then you want hosted Exchange. Postini, FOPE, ETC -- Most hosted providers use some sort of hosted filtering company.. -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Thursday, September 30, 2010 5:38 AM To: MS-Exchange Admin Issues Subject: Hosted Exchange Options When considering hosted Exchange options, do you know of vendors that do more complicated set ups? For example, PGP encryption, inbound and outbound filtering, TLS, and custom mail trailers? --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Hosted Exchange Options
When considering hosted Exchange options, do you know of vendors that do more complicated set ups? For example, PGP encryption, inbound and outbound filtering, TLS, and custom mail trailers? --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Email Signatures
Any recommendations for managing email signatures for the whole domain for those of us on Exch03? I do not think the SMTP sink scripting option is the best way to go. I have seen several third party apps that handle this but am not sure what might be a fit. We only have about 50 users that have SMTP access.
Re: Email Signatures
Wow this tool looks really promising! http://www.codetwo.com On Thu, Jun 10, 2010 at 10:37 AM, Sean Rector sean.rec...@vaopera.org wrote: We use Vipre for Exchange - there are a lot of different methods you can set up for signatures. Sean Rector, MCSE -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Thursday, June 10, 2010 11:07 AM To: MS-Exchange Admin Issues Subject: Email Signatures Any recommendations for managing email signatures for the whole domain for those of us on Exch03? I do not think the SMTP sink scripting option is the best way to go. I have seen several third party apps that handle this but am not sure what might be a fit. We only have about 50 users that have SMTP access. 2010-2011 subscriptions are on sale now! Featuring: Rigoletto | Cos? Fan Tutte | The Valkyrie | Madama Butterfly Visit us online at www.VaOpera.org or call 1-866-OPERA-VA The vision of Virginia Opera is to enrich lives through the powerful integration of music, voice and human drama. This e-mail and any attached files are confidential and intended solely for the intended recipient(s). Unless otherwise specified, persons unnamed as recipients may not read, distribute, copy or alter this e-mail. Any views or opinions expressed in this e-mail belong to the author and may not necessarily represent those of Virginia Opera. Although precautions have been taken to ensure no viruses are present, Virginia Opera cannot accept responsibility for any loss or damage that may arise from the use of this e-mail or attachments.
Re: SUING IPHONE TO CONNECT TO EXCHANGE SERVER 2003
Yeah I was searching for something else on the list and the SUING in the subject intrigued me...;) On Thu, Apr 1, 2010 at 10:27 AM, Joseph L. Casale jcas...@activenetwerx.com wrote: Catching up a little late:) -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Wednesday, March 31, 2010 8:39 AM To: MS-Exchange Admin Issues Subject: Re: SUING IPHONE TO CONNECT TO EXCHANGE SERVER 2003 Ditto on this. And by the way, the deployment of these configurations are 100 million times easier on a Mac. I manage two iPhones in our environment and tried numerous ways to do this. I was a little annoyed at how much easier it was through the Macbook using the iPhone Configuration Utility. On Tue, Dec 29, 2009 at 7:52 PM, Joseph L. Casale jcas...@activenetwerx.com wrote: When I started getting users with those things I used the Enterprise Deployment Tool and created .mobileconfig files that are hosted on a web site. These have the self signed cert and per user config in them, so simple from user perspective; they browse to a url and it sets it all up. http://www.apple.com/support/iphone/enterprise/ I hate to admit it (trust me, I really do) but I couldn't make the windows mobile cab files work, but this worked trivially.
Trainsignal comes through again with WICKED cutting edge training
I just bought this for my staff. I hope they can catch up http://www.trainsignal.com/windowstraining.aspx?hq_e=elhq_m=372779hq_l=2hq_v=eaf12f48b0
Re: SUING IPHONE TO CONNECT TO EXCHANGE SERVER 2003
Ditto on this. And by the way, the deployment of these configurations are 100 million times easier on a Mac. I manage two iPhones in our environment and tried numerous ways to do this. I was a little annoyed at how much easier it was through the Macbook using the iPhone Configuration Utility. On Tue, Dec 29, 2009 at 7:52 PM, Joseph L. Casale jcas...@activenetwerx.com wrote: When I started getting users with those things I used the Enterprise Deployment Tool and created .mobileconfig files that are hosted on a web site. These have the self signed cert and per user config in them, so simple from user perspective; they browse to a url and it sets it all up. http://www.apple.com/support/iphone/enterprise/ I hate to admit it (trust me, I really do) but I couldn’t make the windows mobile cab files work, but this worked trivially. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, December 29, 2009 2:16 PM To: MS-Exchange Admin Issues Subject: Re: SUING IPHONE TO CONNECT TO EXCHANGE SERVER 2003 Try this - It's what I'm going to recommend if our CEO insists on her iPhone http://www.good.com/iphone/ On Tue, Dec 29, 2009 at 11:34, Murray Freeman mfree...@alanet.org wrote: We have a user that has an iPhone and wants to use it to access email from our Exchange Server 2003. We've done some research and followed the instructions, but still have trouble. Any ideas, or instructions would be appreciated. The iPhone is a 3G s. Murray
Training Online
We prefer not to send technicians to training away from the office. We have used and like TrainSignal in the past. Do you have an opinion on training options either virtually or in house that have worked well in terms of value? We are looking at 2008 server and Exchange training in the coming months, along with Citrix and VMware too. Thanks
Stripping Attachments in Public Folders
Anyone ever needed to strip attachments off items in a public folder? Can it be done en mass? I am interested in doing this as a one time task, not necessarily an ongoing function. TIA EXCH03
OT: clear.com
This is off topic but I value your opinion is anyone using clear.com for your personal Internet access? It is very enticing based on my options locally but I am first touching up everyone I can find to get some experienced feedback. Thx.
Re: Defragmenting servers
I have wondered this too Harry but I think the question is better put to your shared storage provider. That said, we are testing out Vizioncore's vOptimizer as well On Tue, Dec 15, 2009 at 5:25 PM, Harry Singh hbo...@gmail.com wrote: Is it recommended to kick off defrag's for VM's who are using shared storage ? On Tue, Dec 15, 2009 at 5:41 PM, David Lum david@nwea.org wrote: We use PerfectDisk here with uh...results. Inobtrusive, but no idea if it helps or not. I mean the servers stay defragged but that's about all I know :-) David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Tuesday, December 15, 2009 1:47 PM To: NT System Admin Issues Subject: Defragmenting servers Does anyone use tools like diskeeper to defrag their nondatabase servers? Is it recommended? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Hyena
Whoah Mark good catch . That is definitely worth knowing prior to purchase. dameware is about $100 higher per license than Hyena and I can not see anything off hand that makes it any better. Both offer pretty much the same feature set. Anyone have a comment on that or what may set them apart? On Fri, Dec 11, 2009 at 8:18 PM, Mark Boersma ma...@triangle-inc.com wrote: Any of you guys know what's going on with Dameware? I've used it for years and love it but they've been awfully quiet lately. Usually they've updated every few months but it's been since Feb since there has been an update. Also if you cruise the forums they no longer sell maintenance. I don't want to raise concern if it's not warranted but I do want to point out that a bit of caution may be in order if you are looking to buy. The last response that I've gotten from them is that they plan to have v7 out after the first of the year but I'm not really holding my breath. Mark - Two rules for success in life: 1. Never tell people everything you know. -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Friday, December 11, 2009 3:07 PM To: NT System Admin Issues Subject: Re: Hyena I am going to test out dameware before we pull the trigger. thanks! On Fri, Dec 11, 2009 at 1:56 PM, James Rankin kz2...@googlemail.com wrote: DameWare Utils is da bomb 2009/12/11 Steve Kelsay kels...@sctax.org We use it, but we also use Dameware which appears to be the same product code, with a few enhancements and built in Remote. We never got the remote to work in Hyena as it requires an outside product. Some admins like each one for different things. From: James Winzenz [mailto:james.winz...@hotmail.com] Sent: Friday, December 11, 2009 10:07 AM To: NT System Admin Issues Subject: RE: Hyena Yes - we use it. We don't use it as much for the AD/Exchange administration as we do for the reporting and exporting features. Thanks, James Winzenz Date: Fri, 11 Dec 2009 08:28:10 -0600 Subject: Hyena From: mqcarpen...@gmail.com To: ntsysad...@lyris.sunbelt-software.com Does anyone use Hyena in their environment to consolidate administrative tasks? We have tested the product and like it but would like feedback on comparable products in that price range ($200 per user) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up now. -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Please consider the environment before printing this email. CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipients(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Defragmenting servers
Does anyone use tools like diskeeper to defrag their nondatabase servers? Is it recommended?
Hyena
Does anyone use Hyena in their environment to consolidate administrative tasks? We have tested the product and like it but would like feedback on comparable products in that price range ($200 per user)
Directory Access DC Discovery
My EXCH03 server is only finding one of our DC. I am leery of adding the other one manually. I would rather see why it is not identifying the second one. I have done some research and do not see anything that really makes this clear. Is there a normal reason this second DC would not show?
RPC counter reports
I have a brain fart question. I am having high RPC request issues and am trying to narrow down where they are coming from. I see the counters in general terms to see the overall requests but need to find out who or what client is causing this. Is there a report I can use to actually show me this detail? TIA Exch03 WinSer03
Re: RPC counter reports
What's odd is that latency is high even when requests are low. What can cause this? On Fri, Nov 20, 2009 at 12:38 PM, Sean Martin seanmarti...@gmail.com wrote: EXPTA includes the exmon tool which will highlight the top users over a 5 minutes capture. Then you can use exmon to perform more detailed logging. - Sean On Fri, Nov 20, 2009 at 8:13 AM, Campbell, Rob rob_campb...@centraltechnology.net wrote: I'd load up the usermon tool on the server and see if that tells you anything. -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Friday, November 20, 2009 11:11 AM To: MS-Exchange Admin Issues Subject: RPC counter reports I have a brain fart question. I am having high RPC request issues and am trying to narrow down where they are coming from. I see the counters in general terms to see the overall requests but need to find out who or what client is causing this. Is there a report I can use to actually show me this detail? TIA Exch03 WinSer03 ** Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. **
Exchange and Yahoo Desktop
Does anyone allow this tool on their network? I have some serious RPC latency going on and I think it is from these users. I am running Exmon now to review it but wanted to see if anyone has seen this before. EXCH03
Re: Exchange and Yahoo Desktop
It was initially used because a group was using public folders to manage faxes. I know this is inappropriate and it has gotten out of control so we are changing it. The YD can index public folders and I am seeing that this is creating crazy RPC latency. It is being outlawed now and we will find a different process. What I find odd is that calendars are latent intensive also. I am looking at whether that is related. On Tue, Nov 17, 2009 at 12:25 PM, Andrew Levicki and...@levicki.me.uk wrote: And potential spyware / hack surface. Andrew. On 17/11/2009, Doug Rooney d...@sonomatilemakers.com wrote: I block ALL tool-bars, backgrounds and any stationary. It not only slows things down, it is useless bulk being stored. Thank You ~Doug Rooney Sonoma Tilemakers IT Manager 7750 Bell Rd. Windsor Ca, 95492 (707) 837-8177 X211 (707) 837-9472 FAX i...@sonomatilemakers.com mailto:i...@sonomatilemakers.com -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Tuesday, November 17, 2009 9:58 AM To: MS-Exchange Admin Issues Subject: Exchange and Yahoo Desktop Does anyone allow this tool on their network? I have some serious RPC latency going on and I think it is from these users. I am running Exmon now to review it but wanted to see if anyone has seen this before. EXCH03 -- Sent from my mobile device
Re: Antigen
Since we moved our SPAM to a Barracuda, we also have seen no issues with viruses on the mail side. On Wed, Sep 16, 2009 at 1:19 PM, Harry Singh hbo...@gmail.com wrote: We use to use Antigen but after we switched over to Postini for anti-SPAM/AV, i can't say i've experienced any real issues with Viruses via e-mail. On Wed, Sep 16, 2009 at 2:16 PM, mqcarp mqcarpen...@gmail.com wrote: Anyone still use Antigen? I am debating not renewing this service as we have several layers of AV. Since MS bought this product it has been more of a headache than anything. Is it still a common tool to use on Exchange? EX03
Re: Any Snow Leopard users?
I am skipping snow for now after hearing our CEO scream about compatibility issues. None of his applications are working, including parallels. He also claims that the system is actually slower. With no rollback option (he does not use Time Machine) I say no early adoption! On Wed, Sep 9, 2009 at 4:13 PM, Sobey, Richard A r.so...@imperial.ac.uk wrote: Been using SL with Entourage EWS, 2007 SP1 RU9 for over a week now, seen no issues at all. We will not be stopping our users upgrading however (free reign on whatever client/platform they prefer) so I imagine if this issue is real it’ll rear its ugly head sooner or later. From: bounce-8653018-8066...@lyris.sunbelt-software.com [mailto:bounce-8653018-8066...@lyris.sunbelt-software.com] On Behalf Of Alex Fontana Sent: 09 September 2009 21:24 To: MS-Exchange Admin Issues Subject: Re: Any Snow Leopard users? I've been trying to reproduce this for the past week...it seems only Special people can reproduce it...arg. We have a case open with Apple. I'll update with results if any... On Wed, Sep 9, 2009 at 12:46 PM, Matthew Bullock mbull...@root9.com wrote: Do you have a reliable way to reproduce with Entourage? We only have one Macbook user at our company, but go figure, he owns the place. He hasn’t been upgraded yet but it would be great to figure this one out on our test machine before he does want the upgrade to SL. -matt From: Alex Fontana [mailto:afontana...@gmail.com] Sent: Wednesday, September 09, 2009 11:46 AM To: MS-Exchange Admin Issues Subject: Any Snow Leopard users? We seem to have uncovered a strange/scary issue with some users who are connecting to Exchange 2007 SP1 mailboxes via EWS using either Apple mail.app, iCal or Entourage (more prevelant on mail.app and ical). 1. Users have reported inbox subfolders go missing, both from the client and server, never to be seen again. The inbox doesn't get touched though. 2. Users on occasion are presented someone elses mailbox when giving their own credentials 3. Users have sent messages and the FROM address is someone elses, when tracked via Exchange it appears from the FROM addresses mailbox Raised a ticket with MS but thier response was We don't support SL. This clearly seems like a server issue, but we can't reproduce on anything other than SL. Just curious if anyone else has seen any issues like this using EWS. -alex
OT: Drive power fail
I have a SATA hard drive that looks like just the power connection has failed on. I really need to get the data off of it. Has anyone seen or done a technique to replace or repair a power connection on a drive?
OT: LTO4 Back Up Processes
Our LTO3 library just hit the skids so before I look at replacing it I am looking around to make sure this is still best practice. Other than those that do back up to disk and archive to tape processes, is LTO4 libraries best practice, and are they backward compatible to LTO3 and LTO2 tapes (I will double check this elsewhere also, just wanted to throw it out and get experienced feedback).
Re: LTO4 Back Up Processes
I actually never gave consideration to going to disk then tape. I am not sure we can do that here but it would speed up processes I would think. This is good advice and we will research it. On the tape compatibility, we did see that LTO2 was read only on LTO4 devices, which would be an issue for us. We will research it further. Thank you! On Wed, Aug 26, 2009 at 7:52 AM, Lock, Philiplo...@chelmsford-college.ac.uk wrote: LTO4 is a good tape standard to use, We have a dell library for our exchange backups, the only information I was warned about is that the you need a good backbone as if there are any delays in data being written to the tapes then you can have it all corrupted. We were advised (after purchase) that we should backup to disk then back that up to tape after. LTO4 will read and write to LTO3 but not LTO2 (we have got 2x LTO4 and 2xLTO3 drives to overcome this issue. Info can be found at http://www.ultrium.com/default.php Cheers Philip Lock Network Systems Manager Moulsham Street CM2 0JQ 01245 293023 www.chelmsford-college.ac.uk -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: 26 August 2009 13:34 To: MS-Exchange Admin Issues Subject: OT: LTO4 Back Up Processes Our LTO3 library just hit the skids so before I look at replacing it I am looking around to make sure this is still best practice. Other than those that do back up to disk and archive to tape processes, is LTO4 libraries best practice, and are they backward compatible to LTO3 and LTO2 tapes (I will double check this elsewhere also, just wanted to throw it out and get experienced feedback). This e-mail any files and attachments transmitted with it are confidential and may be legally privileged. They are intended solely for the use of the intended recipient. Any views or opinions presented are solely those of the author/sender and are not necessarily shared or endorsed by Chelmsford College or any associated or related company. If you are not the intended recipient, be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing or copying of, or any action taken or omitted in reliance on this e-mail or any file or attachment transmitted with it is strictly prohibited may be unlawful. We may monitor all email communication through our networks. If you have received this e-mail in error please notify Chelmsford College by e-mailing:postmas...@chelmsford-college.ac.uk. If you contact us by email, we may store your details to facilitate communication. We take reasonable precautions to ensure our emails are virus free. However, we cannot accept responsibility for any virus transmitted by Chelmsford College and recommend that you subject any incoming email to your own virus checking procedures. -- Scanned by iCritical.
OT: Secure File Sharing/Collaboration
Does anyone's company use secure file sharing host services anywhere that they can recommend? I have looked at sharevault.net and it meets most of what I am looking for but am looking to compare. Most important features are detailed access controls for users, detailed auditing on views, downloads etc. and flexible file structures. If you have any experience in this area I would appreciate feedback. Thanks
Re: All Staff Distribution Lists
restricted here too On Thu, Aug 6, 2009 at 11:25 AM, Don Andrewsdon.andr...@safeway.com wrote: Yup – we stripped the ILoveYou virus but let the messages come through – got LOTS of help(less) desk calls from (obviously lonely) users complaining they couldn’t open it. From: paul chinnery [mailto:pdw1...@hotmail.com] Sent: Thursday, August 06, 2009 8:46 AM To: MS-Exchange Admin Issues Subject: RE: All Staff Distribution Lists We've got about 175 users but we handle it pretty much the same way as Ben described. However, I've been doing this back to 1996 when we put in MS Mail and I can't really remember when anybody ever abused the system.* *Well, I gotta take that back. When I was on vacation in FL back in 2000, one of the directors passed around the ILoveYou virus (unwittingly of course; he opened an email and boom-virus time). Date: Thu, 6 Aug 2009 11:09:08 -0400 Subject: Re: All Staff Distribution Lists From: mailvor...@gmail.com To: exchangelist@lyris.sunbelt-software.com On Thu, Aug 6, 2009 at 10:38 AM, Scot Parsonsspars...@scetv.org wrote: We have a growing problem with users sending non-business related emails to the all staff list. What are your policies? Do you restrict user access to certain employees or handle it through management? We've only got maybe 65 email users, so our broadcast DL is open to everyone. If someone abuses it they get spoken to. I think that's management's job, and I'm lucky they agree. In a larger org, I would definitely restrict to certain senders, just to minimize the potential damage. -- Ben Get free photo software from Windows Live Click here.
Server Updates
How you do you prefer to handle server OS updates? We are debating not using WSUS due to internal policy and reboot issues but could adjust the server policy to not allow the reboot. Does anyone allow the server to get updates directly? The issue I have with that is the administrative rights needed to apply the patches and or/access them.
TLS Set up on SMTP Exchange 2003
This set up looks insanely easy, so I wanted to throw this out for those who have done it before I make any changes. * I do not want to touch my default SMTP. so I will create a second one * It appears that best practice is to set up a separate IP for a different SMTP connector. Is this necessary? * I understand setting up domain to domain TLS for required encryption, but does Exchange autonegotiate this with other domains if it is available at the other end? ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: TLS Certificate
Thanks Michael ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Strange DC Reference
That tool does not work on 2003. We found the issue. Someone did not remove that server from the recipient services update list. Resolved! Thanks all On Tue, Apr 14, 2009 at 4:49 PM, Jeremy Phillips jere...@cohesivelogic.com wrote: Thanks, didn't see that. Anyways, does it still show up in dsaccess as an available DC? Have you trying using dscflush to clear the cache? Thanks, Jeremy Phillips Managing Consultant | Cohesive Logic LLC | M: 540-322-7980 | D: 425-949-1337 | BB PIN: 318A6889 From: Steve Moffat [st...@optimum.bm] On Behalf Of Exchange (Sunbelt) [exchangead...@optimum.bm] Sent: Tuesday, April 14, 2009 2:42 PM To: MS-Exchange Admin Issues Subject: RE: Strange DC Reference Looking at his email, it looks like EXCH03 From: Jeremy Phillips [mailto:jere...@cohesivelogic.com] Sent: Tuesday, April 14, 2009 10:03 PM To: MS-Exchange Admin Issues Subject: RE: Strange DC Reference Which version of Exchange? Thanks, Jeremy Phillips Managing Consultant | Cohesive Logic LLC | M: 540-322-7980 | D: 425-949-1337 | BB PIN: 318A6889 From: mqcarp [mqcarpen...@gmail.com] Sent: Tuesday, April 14, 2009 1:57 PM To: MS-Exchange Admin Issues Subject: Strange DC Reference My Exchange server keeps recording event error 8026 stating that an LDAP bind was unsuccessful on a DC that no longer exists. In fact this DC has been gone for years. We checked AD and everything is clean for our DC references. Is there a different area of Exchange that would reference this? I have heard of metadata clean ups on Exchange but have not done one before. Is there a reference for this type of issue? Thank you EXCH03 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Offline Defrag of 2007 message store
We have only done one in 8+ years due to an emergency. We do not consider it best practice to do them so I can not help you in comparing them. Sorry ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Large Mailboxes Performance
For clarification, are you suggesting that the count be under 5,000 for inbox and subfolders, or just the inbox? I am not sure if those are calculated together since you can have top level folders outside the inbox also ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Large Mailboxes Performance
Is it safe to say no one in this thread uses a 3rd party archive option at all based on this feedback? On Mon, Mar 23, 2009 at 11:54 AM, William Lefkovics will...@lefkovics.net wrote: I wonder if those very rough guidelines are impacted at all by the performance improvements in the Outlook 2007 cumulative update from February 2009. http://support.microsoft.com/?kbid=968009 (This will be in Office 2007 SP2 also) From: Neil Hobson [mailto:nhob...@gmail.com] Sent: Monday, March 23, 2009 8:10 AM To: MS-Exchange Admin Issues Subject: RE: Large Mailboxes Performance You made me go and look, didn’t you? J I remember Ross Smith talking about this at TechEd EMEA and using the 20k figure. I wasn’t 100% correct. Turns out that it’s the Inbox and Sent Items at 20k, but the Contacts and Calendar are still at 5k. Having said this, keeping everything below 5k is always going to be better. http://technet.microsoft.com/en-us/library/cc535025.aspx From: KevinM [mailto:kev...@wlkmmas.org] Sent: 23 March 2009 14:51 To: MS-Exchange Admin Issues Subject: RE: Large Mailboxes Performance Do you mean total items in all folders or per folder? It is so hard to get a firm answer on Items per folder. The last great written thing by Nicole I think was no more than 1,000 items per folder. I know it has changed since then. Last I had heard was 10k with the latest stuff. Has Matt or Nicole posting something different to the Exchange blog recently? ~Kevinm WLKMMAS My life http://www.hedonists.ca From: Neil Hobson [mailto:nhob...@gmail.com] Sent: Monday, March 23, 2009 7:36 AM To: MS-Exchange Admin Issues Subject: RE: Large Mailboxes Performance It’s all about the number of items in the core folders, like Inbox, Sent Items, Calendar, etc, and also restricted views. In Exchange 2003, the recommendation was to keep the number of items in these folders 5,000. In Exchange 2007, the recommendation is not to exceed 20,000 items (as long as you’ve designed your infrastructure correctly) From: Mayo, Shay [mailto:shay.m...@absg.com] Sent: 23 March 2009 13:58 To: MS-Exchange Admin Issues Subject: RE: Large Mailboxes Performance Hey Martin, I do understand that it is more of an Outlook thing but can you elaborate on “Control the items in their folders”? Thanks Shay From: Martin Blackstone [mailto:mblackst...@gmail.com] Sent: Monday, March 23, 2009 8:55 AM To: MS-Exchange Admin Issues Subject: RE: Large Mailboxes Performance I don’t think large mailboxes from an Exchange perspective are a performance issue. The issue mainly lies in Outlook performance and if your users can somehow learn to control the items in their folders, the performance will be fine. From: Mayo, Shay [mailto:shay.m...@absg.com] Sent: Monday, March 23, 2009 6:38 AM To: MS-Exchange Admin Issues Subject: Large Mailboxes Performance Hey, Just curious what type of performance people have had with large mailboxes on Exchange 2007. Our company has a strict email retention policy that purges email after 30 days, but we have about 200 people though that have special circumstances where they need to store email long term. We implemented an archiving product from C2C about 1 and ½ years ago which turned out to be a far less than desirable solution for our users. We have fully migrated to Exchange 2007 and are kicking around the idea of not having a 3rd party archiving system and just allowing larger mailboxes (3-10 GB) for these special users. So my question is, what kind of performance have you guys seen with mailboxes this large? Do they benefit from Office 2k7 or have they actually ran fine with Office2k3? Lastly, a lot of these users travel and will be using cached Exchange mode. So I am mainly worried about performance from large OSTs…. Thanks Shay Mayo // Systems Administrator AmerisourceBergen Specialty Group Ph. 469-365-7160 // s...@absg.com CONFIDENTIALITY NOTICE. This electronic mail transmission may contain privileged and/or confidential information and is intended only for the review of the party to whom it is addressed. If you have received this transmission in error, please immediately return it to the sender, delete it and destroy it without reading it. Unintended transmission shall not constitute the waiver of the attorney-client or any other privilege. CONFIDENTIALITY NOTICE. This electronic mail transmission may contain privileged and/or confidential information and is intended only for the review of the party to whom it is addressed. If you have received this transmission in error, please immediately return it to the sender, delete it and destroy it without reading it. Unintended transmission shall not constitute the waiver of the attorney-client or any other privilege. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~
TLS Certificate
Can you use an existing certificate to set up TLS if you already have one designated for that mail server for OWA/OMA? For example, can TLS use your cert for webmail.domain.com or does it need a different one? ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Easy Wednesday Question: TLS
I am just throwing it out there. Someone was making the argument to me the other day to enable it for all traffic so other SMTP servers would negotiate encryption in all email communications when it was enabled on their end. We use PGP for select encryption (based on rulesets). It got me to thinking whether others were using TLS for all communications. We do not relay and we use SSL for OWA and OMA as well. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Anyone Want This Job??
PICK ME PICK ME!! MY BAGS ARE PACKED! On Tue, Jan 13, 2009 at 8:03 AM, Sherry Abercrombie saber...@gmail.comwrote: http://www.foxnews.com/story/0,2933,479747,00.html -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Resume Posting
I see the thread is going all over. I think we will give craigslist a shot and ITForum. Thank you for that. Our state employment office is an option too. We have used it in the past. The issue, as mentioned, is that you get people from all over the spectrum and few are qualified. What can you expect for free though. Thanks for the feedback. And FYI the cost on Monster now to peruse resumes (which we prefer versus posting), is $750-1000 for 30 days. Ridiculous. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
OT: Resume Posting
This it OT, but where do you find or post your resumes these days? HR has an IT opening and Monster is just ridiculous expensive to look through. Years ago I know dice.com was a common tech job site, and so was careerbuilder. Are these common now? I use LinkedIn too, so that may even be an option. Just curious if any of you do any hiring and what your experience is these days. Thanks ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Resume Posting
Are you guys being serious with the craigslist, myspace comments? Erik, we are in South Texas. On Tue, Dec 16, 2008 at 4:44 PM, Erik Goldoff egold...@gmail.com wrote: Yep, like Bob Free reminds me even today, I *was* 'Ham Boy' grin left there in July 2006, and left them in VERY good hands ... Didn't want to job hop from employer to employer so I've been doing independent consulting to stay afloat, but the economy is definitely hurting the small business arena, I've lost several clients to acquisitions, and several have either severely cut back, or closed altogether ... Erik Goldoff *IT Consultant* *Systems, Networks, Security * -- *From:* James Kerr [mailto:cluster...@gmail.com] *Sent:* Tuesday, December 16, 2008 5:41 PM *To:* NT System Admin Issues *Subject:* Re: Resume Posting What happened with Honey Baked Ham man? You were one of the folks on this list who worked there right? - Original Message - *From:* Erik Goldoff egold...@gmail.com *To:* NT System Admin Issues ntsysad...@lyris.sunbelt-software.com *Sent:* Tuesday, December 16, 2008 4:56 PM *Subject:* RE: Resume Posting Self-serving question here : Where are you located, as I am currently looking ... Erik Goldoff *IT Consultant* *Systems, Networks, Security * -- *From:* mqcarp [mailto:mqcarpen...@gmail.com] *Sent:* Tuesday, December 16, 2008 3:25 PM *To:* NT System Admin Issues *Subject:* OT: Resume Posting This it OT, but where do you find or post your resumes these days? HR has an IT opening and Monster is just ridiculous expensive to look through. Years ago I know dice.com was a common tech job site, and so was careerbuilder. Are these common now? I use LinkedIn too, so that may even be an option. Just curious if any of you do any hiring and what your experience is these days. Thanks ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Email Archival 101: a General View
Has anyone been leery in the testing phase for a product like this? My concern is with testing a product that essentially will have sensitive and confidential data on it and then turning down one or more. How do you handle the sensitive data on that device (if it is an appliance solution)? Have you seen verbiage in the agreements related to this fact? On Fri, Nov 21, 2008 at 5:41 AM, chipsh...@comcast.net wrote: Nice stuff. Thanks. - Original Message - From: will...@lefkovics.net To: MS-Exchange Admin Issues exchangelist@lyris.sunbelt-software.com Sent: Thursday, November 20, 2008 3:32:57 PM GMT -05:00 US/Canada Eastern Subject: RE: Email Archival 101: a General View It was great. I appreciate you sharing it. -- *From*: Bingham, Kevin kevin.bing...@kcc.com *Sent*: Thursday, November 20, 2008 12:01 PM *To*: MS-Exchange Admin Issues exchangelist@lyris.sunbelt-software.com *Subject*: RE: Email Archival 101: a General View Well, as I said, some of it is hacked together rather hastily, while I still have this account, so I expect some minor discrepancies. Therefore, a few notes in response: Event sinks ~= transport/routing agents, for this purpose. I used the Sinks terminology because more people are still familiar with it, and when we did are review of products in 2005/2006, there were no archiving vendors that had E2K7 Routing Agents. Go figure. need manageable . content . isn't accessed very often. Precisely; that's one set of questions involved in the Content Management category. When you start doing these sorts of things and don't involve legal personnel (if you have any), it will probably come back to you for reworking, eventually. Involve potential stakeholders at the start when possible. If said stakeholders don't exist. no involvement. Even if they exist, but you don't think they have any involvement/needs in your current project to offload old data from the Exchange server, you should strongly consider touching base with them when doing this sort of work. the designs are certainly easier to do the first time than to try to retro-fit when whole new categories of requirements popup next year. I agree with the list of features to look for, in a general sense. I am much more prone to encourage a company to figure out what *their* needs are, though, rather than assume the same laundry list applies to everyone. Granted, knowing what is on the possible laundry list is helpful in understanding what our own list might look like. *From:* William Lefkovics [mailto:will...@lefkovics.net] *Sent:* Thursday, November 20, 2008 12:02 PM *To:* MS-Exchange Admin Issues *Subject:* RE: Email Archival 101: a General View Lots of good information in there. I certainly don't agree with everything. Event sinks? In Exchange 2007, you would write an archiving transport/routing agent. Small companies often need archiving but do not have a legal department or binding regulatory needs. They need a manageable Exchange server so they are not backing up content daily that isn't accessed very often. That's the primary reason I hear for archiving. From an Information Week article by Andrew Conry-Murray in June 2008: What to look for in an E-mail archiving solution: 1) Compression 2) Full Content Index 3) Keyword Search 4) Litigation hold (prevent deletion) 5) Metadata Index 6) Retention Deletion Policy enforcement 7) Single Instancing[WSLIII1]http://sz0046.wc.mail.comcast.net/zimbra/public/blank.html#_msocom_1 Other preferred features: 1) Additional Search 2) API/Connector to other systems, especially legal apps 3) Discovery 4) SharePoint integration 5) Support for extensive list of attachment types Probably the most valuable thing you said for me, is the last paragraph. Test your potential solution. MAPI-based and Journaling (ew!) archivers should be able to be tested without affecting real live data. *From:* Bingham, Kevin [mailto:kevin.bing...@kcc.com] *Sent:* Thursday, November 20, 2008 7:59 AM *To:* MS-Exchange Admin Issues *Subject:* Email Archival 101: a General View I promised a while back to do a generic write-up on selecting an Email Archival Solution; figured I better finish this set of scribbles before I shuffle off from the company next week. If anyone wants to throw some of this up on a blog somewhere, feel free. Since I'm finishing this up in a rush, there are undoubtedly considerations I've forgotten to include here, and I only strove to include considerations that would be prevalent to the majority of companies, but this should be a good start for any company considering archival. This is written from the perspective of an Exchange Administrator; Exchange as your core email solution is assumed, but most of the generalities within could apply to any email solution.
App Store Tools
Any opinions on some of the Windows tools in the iTunes app store? I am considering several and was looking for feedback. In particular, admin tools and VNC are of interest to me personally. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Button to Make an Email Confidential
I am looking for a way to modify open emails sensitivity in an easy way other than going to options on each email that is created, similar to the ! button that can instantly make the priority high. We use this flag to notify PGP to encrypt the email on the fly, and it would be very useful to have a button that triggers this. I know it involves some VB work I suppose. Has anyone done this or seen it done easily? ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: ActiveSync Set Up Veterans
Michael that is hilarious. Let's set it up and not use it! I will have to tweak some settings before I recommend this, but at least we know what we are dealing with. The Outlook rules is a key to this. I would never set up my Gmail on this thing, sheesh the mailing list traffic is killer. That said there is nothing like listening to your music and hearing DING every 15 minutes...a real killer. On Tue, Sep 23, 2008 at 3:40 PM, Micheal Espinola Jr [EMAIL PROTECTED] wrote: On Tue, Sep 23, 2008 at 4:33 PM, mqcarp [EMAIL PROTECTED] wrote: Wow so far this is impressive. It is pushing in a timely manner and I do not see issues on performance. It is draining the heck out of the phone battery though! You bet. Welcome to the land of ActiveSync killed my battery! Well, only if its actually doing a lot of updates. If you aren't doing anything with it, and its not doing a lot on its own, the standby time should still be reasonable. -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: ActiveSync Set Up Veterans
Do you happen to use a front end Exchange server? We do not, and have come across a problem. In reading about the solution on MS site, this seems odd and insecure. Has anyone had to implement this fix? http://support.microsoft.com/kb/817379/EN-US/ On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie [EMAIL PROTECTED]wrote: I have ISA in my environment, but it is not a part of the OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is used for both OWA and ActiveSync. On 9/22/08, mqcarp [EMAIL PROTECTED] wrote: Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R)Properties (R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled, then msExchOmaAdminWirelessEnable has a value of seven (7). If you search the Internet, you will find that other values can be specified for this attribute. However, the values described in the prior paragraph are the only values which Microsoft has documented. You are better off only using these values. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* Sherry Abercrombie [mailto:[EMAIL PROTECTED] *Sent:* Monday, September 22, 2008 12:55 PM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans The Exchange Features tab in AD for each account is the place to enable or disable additional Exchange features such as mobile and OWA. All these features are enabled by default and you will have to disable them. When we recently went through the process to setup OWA and ActiveSync, I had to manually disable everyone except those that had the proper approval for mobile and/or OWA. Check with your HR department because there are legal things to consider with employees checking or receiving email during non-business hours. In your IIS settings for ActiveSync you can set it to require SSL and I wouldn't recommend setting it up any other way. No SSL means that you're network credentials are being sent clear text...very bad idea. Haven't had need to do any looking at logging for auditing at this point so I can't address that. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Just have a few questions if some of you are using this feature. It seems frighteningly easy to set up on the server side and I want to ensure that the settings are secure. Here are a few observations for you vets on this: * The settings are activated for ALL users when it is enabled. Is it possible to disable it by default and enable specific users in AD? * Is there a log setting to enable for reviewing audit processes for pushes and troubleshooting in Exchange? * For iPhones, I have noticed that the config utility can require a certificate for the server side push set up, but if you set up a device manually, it will accept the connection without this validation. Can this be set to be required to avoid connections this way? This is on Exch 2003. TIA -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry
Re: ActiveSync Set Up Veterans
We already have OWA using Safeword for authentication. I am setting up Activesync for devices, so yes. On Tue, Sep 23, 2008 at 7:51 AM, Sherry Abercrombie [EMAIL PROTECTED]wrote: Are you trying to do both OWA and ActiveSync? On 9/23/08, mqcarp [EMAIL PROTECTED] wrote: Do you happen to use a front end Exchange server? We do not, and have come across a problem. In reading about the solution on MS site, this seems odd and insecure. Has anyone had to implement this fix? http://support.microsoft.com/kb/817379/EN-US/ On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie [EMAIL PROTECTED]wrote: I have ISA in my environment, but it is not a part of the OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is used for both OWA and ActiveSync. On 9/22/08, mqcarp [EMAIL PROTECTED] wrote: Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R) Properties(R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled, then msExchOmaAdminWirelessEnable has a value of seven (7). If you search the Internet, you will find that other values can be specified for this attribute. However, the values described in the prior paragraph are the only values which Microsoft has documented. You are better off only using these values. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* Sherry Abercrombie [mailto:[EMAIL PROTECTED] *Sent:* Monday, September 22, 2008 12:55 PM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans The Exchange Features tab in AD for each account is the place to enable or disable additional Exchange features such as mobile and OWA. All these features are enabled by default and you will have to disable them. When we recently went through the process to setup OWA and ActiveSync, I had to manually disable everyone except those that had the proper approval for mobile and/or OWA. Check with your HR department because there are legal things to consider with employees checking or receiving email during non-business hours. In your IIS settings for ActiveSync you can set it to require SSL and I wouldn't recommend setting it up any other way. No SSL means that you're network credentials are being sent clear text...very bad idea. Haven't had need to do any looking at logging for auditing at this point so I can't address that. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Just have a few questions if some of you are using this feature. It seems frighteningly easy to set up on the server side and I want to ensure that the settings are secure. Here are a few observations for you vets on this: * The settings are activated for ALL users when it is enabled. Is it possible to disable it by default and enable specific users in AD? * Is there a log setting to enable for reviewing audit processes for pushes and troubleshooting in Exchange? * For iPhones, I have noticed that the config utility can require a certificate for the server side push set up, but if you set up a device manually
Re: ActiveSync Set Up Veterans
I will check it out. Thanks Sherry. I have looked at some of his other work and msexchange.org. On Tue, Sep 23, 2008 at 8:55 AM, Sherry Abercrombie [EMAIL PROTECTED]wrote: On Exchange you'll need to have two web-sites in IIS, one for OWA so that you can use FBA, and one for ActiveSync that doesn't use FBA. Check out Daniel Petri's site, excellent resource, this is the web-site that helped me the most in setting up ActiveSync. http://www.petri.co.il/index.htm On 9/23/08, mqcarp [EMAIL PROTECTED] wrote: We already have OWA using Safeword for authentication. I am setting up Activesync for devices, so yes. On Tue, Sep 23, 2008 at 7:51 AM, Sherry Abercrombie [EMAIL PROTECTED]wrote: Are you trying to do both OWA and ActiveSync? On 9/23/08, mqcarp [EMAIL PROTECTED] wrote: Do you happen to use a front end Exchange server? We do not, and have come across a problem. In reading about the solution on MS site, this seems odd and insecure. Has anyone had to implement this fix? http://support.microsoft.com/kb/817379/EN-US/ On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie [EMAIL PROTECTED] wrote: I have ISA in my environment, but it is not a part of the OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is used for both OWA and ActiveSync. On 9/22/08, mqcarp [EMAIL PROTECTED] wrote: Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R) Properties(R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled, then msExchOmaAdminWirelessEnable has a value of seven (7). If you search the Internet, you will find that other values can be specified for this attribute. However, the values described in the prior paragraph are the only values which Microsoft has documented. You are better off only using these values. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* Sherry Abercrombie [mailto:[EMAIL PROTECTED] *Sent:* Monday, September 22, 2008 12:55 PM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans The Exchange Features tab in AD for each account is the place to enable or disable additional Exchange features such as mobile and OWA. All these features are enabled by default and you will have to disable them. When we recently went through the process to setup OWA and ActiveSync, I had to manually disable everyone except those that had the proper approval for mobile and/or OWA. Check with your HR department because there are legal things to consider with employees checking or receiving email during non-business hours. In your IIS settings for ActiveSync you can set it to require SSL and I wouldn't recommend setting it up any other way. No SSL means that you're network credentials are being sent clear text...very bad idea. Haven't had need to do any looking at logging for auditing at this point so I can't address that. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Just have a few questions if some of you are using this feature. It seems
Re: ActiveSync Set Up Veterans
I got it worked out but it is excruciatingly slow. Very odd. I will have to look at this. Thanks all On Tue, Sep 23, 2008 at 9:05 AM, Michael B. Smith [EMAIL PROTECTED] wrote: I did this the first time, long ago and far away. It's just part of the process now…here were my comments the first time I had to do it: http://theessentialexchange.com/blogs/michael/archive/2007/11/13/oma-amp-activesync-after-configuring-rpc-https-and-forms-based-authentication.aspx Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* mqcarp [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, September 23, 2008 8:48 AM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans Do you happen to use a front end Exchange server? We do not, and have come across a problem. In reading about the solution on MS site, this seems odd and insecure. Has anyone had to implement this fix? http://support.microsoft.com/kb/817379/EN-US/ On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie [EMAIL PROTECTED] wrote: I have ISA in my environment, but it is not a part of the OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is used for both OWA and ActiveSync. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R)Properties(R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled, then msExchOmaAdminWirelessEnable has a value of seven (7). If you search the Internet, you will find that other values can be specified for this attribute. However, the values described in the prior paragraph are the only values which Microsoft has documented. You are better off only using these values. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* Sherry Abercrombie [mailto:[EMAIL PROTECTED] *Sent:* Monday, September 22, 2008 12:55 PM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans The Exchange Features tab in AD for each account is the place to enable or disable additional Exchange features such as mobile and OWA. All these features are enabled by default and you will have to disable them. When we recently went through the process to setup OWA and ActiveSync, I had to manually disable everyone except those that had the proper approval for mobile and/or OWA. Check with your HR department because there are legal things to consider with employees checking or receiving email during non-business hours. In your IIS settings for ActiveSync you can set it to require SSL and I wouldn't recommend setting it up any other way. No SSL means that you're network credentials are being sent clear text...very bad idea. Haven't had need to do any looking at logging for auditing at this point so I can't address that. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Just have a few questions if some of you are using this feature. It seems
Re: ActiveSync Set Up Veterans
Interesting, well OMA works fine now both internally and externally, however ActiveSync will not. This is on an iPhone. Still reviewing On Tue, Sep 23, 2008 at 10:53 AM, mqcarp [EMAIL PROTECTED] wrote: I got it worked out but it is excruciatingly slow. Very odd. I will have to look at this. Thanks all On Tue, Sep 23, 2008 at 9:05 AM, Michael B. Smith [EMAIL PROTECTED] wrote: I did this the first time, long ago and far away. It's just part of the process now…here were my comments the first time I had to do it: http://theessentialexchange.com/blogs/michael/archive/2007/11/13/oma-amp-activesync-after-configuring-rpc-https-and-forms-based-authentication.aspx Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* mqcarp [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, September 23, 2008 8:48 AM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans Do you happen to use a front end Exchange server? We do not, and have come across a problem. In reading about the solution on MS site, this seems odd and insecure. Has anyone had to implement this fix? http://support.microsoft.com/kb/817379/EN-US/ On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie [EMAIL PROTECTED] wrote: I have ISA in my environment, but it is not a part of the OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is used for both OWA and ActiveSync. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R)Properties(R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled, then msExchOmaAdminWirelessEnable has a value of seven (7). If you search the Internet, you will find that other values can be specified for this attribute. However, the values described in the prior paragraph are the only values which Microsoft has documented. You are better off only using these values. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* Sherry Abercrombie [mailto:[EMAIL PROTECTED] *Sent:* Monday, September 22, 2008 12:55 PM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans The Exchange Features tab in AD for each account is the place to enable or disable additional Exchange features such as mobile and OWA. All these features are enabled by default and you will have to disable them. When we recently went through the process to setup OWA and ActiveSync, I had to manually disable everyone except those that had the proper approval for mobile and/or OWA. Check with your HR department because there are legal things to consider with employees checking or receiving email during non-business hours. In your IIS settings for ActiveSync you can set it to require SSL and I wouldn't recommend setting it up any other way. No SSL means that you're network credentials are being sent clear text...very bad idea. Haven't had need to do
Re: ActiveSync Set Up Veterans
Thank you for sharing Sherry. I still have a few quirks going on so I will keep testing. A dumb mistake was not including the domain name ahead of the user name! I have a feeling this may not suit our CEO either, as I keep reading about some limitations. Will see. On Tue, Sep 23, 2008 at 11:58 AM, Sherry Abercrombie [EMAIL PROTECTED]wrote: http://www.techsack.com/2008/08/19/getting-your-iphone-to-work-with-exchange-active-sync-ssl-certificate/ On 9/23/08, mqcarp [EMAIL PROTECTED] wrote: Interesting, well OMA works fine now both internally and externally, however ActiveSync will not. This is on an iPhone. Still reviewing On Tue, Sep 23, 2008 at 10:53 AM, mqcarp [EMAIL PROTECTED] wrote: I got it worked out but it is excruciatingly slow. Very odd. I will have to look at this. Thanks all On Tue, Sep 23, 2008 at 9:05 AM, Michael B. Smith [EMAIL PROTECTED] wrote: I did this the first time, long ago and far away. It's just part of the process now…here were my comments the first time I had to do it: http://theessentialexchange.com/blogs/michael/archive/2007/11/13/oma-amp-activesync-after-configuring-rpc-https-and-forms-based-authentication.aspx Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* mqcarp [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, September 23, 2008 8:48 AM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans Do you happen to use a front end Exchange server? We do not, and have come across a problem. In reading about the solution on MS site, this seems odd and insecure. Has anyone had to implement this fix? http://support.microsoft.com/kb/817379/EN-US/ On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie [EMAIL PROTECTED] wrote: I have ISA in my environment, but it is not a part of the OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is used for both OWA and ActiveSync. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R) Properties(R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled, then msExchOmaAdminWirelessEnable has a value of seven (7). If you search the Internet, you will find that other values can be specified for this attribute. However, the values described in the prior paragraph are the only values which Microsoft has documented. You are better off only using these values. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* Sherry Abercrombie [mailto:[EMAIL PROTECTED] *Sent:* Monday, September 22, 2008 12:55 PM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans The Exchange Features tab in AD for each account is the place to enable or disable additional Exchange features such as mobile and OWA. All these features are enabled by default and you will have to disable them. When we recently went through the process to setup
Re: ActiveSync Set Up Veterans
I think I have it. I do note that the server setting is very misleading. I ended up using the direct server address ie mail.domain.com instead of the direct OMA address like many documents online suggest ie mail.domain.com/oma I never could get it to work manually configuring the device, but did get it to work with the config utility (I use the web version). I think that portion is due to the certificate validation being included in the config. That said so far only portions of the contacts, no calendar, and only folder structure is coming across at this point. At least we are getting somewhere! On Tue, Sep 23, 2008 at 1:44 PM, mqcarp [EMAIL PROTECTED] wrote: Thank you for sharing Sherry. I still have a few quirks going on so I will keep testing. A dumb mistake was not including the domain name ahead of the user name! I have a feeling this may not suit our CEO either, as I keep reading about some limitations. Will see. On Tue, Sep 23, 2008 at 11:58 AM, Sherry Abercrombie [EMAIL PROTECTED]wrote: http://www.techsack.com/2008/08/19/getting-your-iphone-to-work-with-exchange-active-sync-ssl-certificate/ On 9/23/08, mqcarp [EMAIL PROTECTED] wrote: Interesting, well OMA works fine now both internally and externally, however ActiveSync will not. This is on an iPhone. Still reviewing On Tue, Sep 23, 2008 at 10:53 AM, mqcarp [EMAIL PROTECTED] wrote: I got it worked out but it is excruciatingly slow. Very odd. I will have to look at this. Thanks all On Tue, Sep 23, 2008 at 9:05 AM, Michael B. Smith [EMAIL PROTECTED] wrote: I did this the first time, long ago and far away. It's just part of the process now…here were my comments the first time I had to do it: http://theessentialexchange.com/blogs/michael/archive/2007/11/13/oma-amp-activesync-after-configuring-rpc-https-and-forms-based-authentication.aspx Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* mqcarp [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, September 23, 2008 8:48 AM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans Do you happen to use a front end Exchange server? We do not, and have come across a problem. In reading about the solution on MS site, this seems odd and insecure. Has anyone had to implement this fix? http://support.microsoft.com/kb/817379/EN-US/ On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie [EMAIL PROTECTED] wrote: I have ISA in my environment, but it is not a part of the OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is used for both OWA and ActiveSync. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R) Properties(R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled, then msExchOmaAdminWirelessEnable has a value of seven (7). If you search the Internet, you will find that other values can be specified for this attribute. However, the values described in the prior paragraph are the only values which Microsoft has documented
Re: ActiveSync Set Up Veterans
Wow so far this is impressive. It is pushing in a timely manner and I do not see issues on performance. It is draining the heck out of the phone battery though! On Tue, Sep 23, 2008 at 3:05 PM, mqcarp [EMAIL PROTECTED] wrote: I think I have it. I do note that the server setting is very misleading. I ended up using the direct server address ie mail.domain.com instead of the direct OMA address like many documents online suggest ie mail.domain.com/oma I never could get it to work manually configuring the device, but did get it to work with the config utility (I use the web version). I think that portion is due to the certificate validation being included in the config. That said so far only portions of the contacts, no calendar, and only folder structure is coming across at this point. At least we are getting somewhere! On Tue, Sep 23, 2008 at 1:44 PM, mqcarp [EMAIL PROTECTED] wrote: Thank you for sharing Sherry. I still have a few quirks going on so I will keep testing. A dumb mistake was not including the domain name ahead of the user name! I have a feeling this may not suit our CEO either, as I keep reading about some limitations. Will see. On Tue, Sep 23, 2008 at 11:58 AM, Sherry Abercrombie [EMAIL PROTECTED]wrote: http://www.techsack.com/2008/08/19/getting-your-iphone-to-work-with-exchange-active-sync-ssl-certificate/ On 9/23/08, mqcarp [EMAIL PROTECTED] wrote: Interesting, well OMA works fine now both internally and externally, however ActiveSync will not. This is on an iPhone. Still reviewing On Tue, Sep 23, 2008 at 10:53 AM, mqcarp [EMAIL PROTECTED] wrote: I got it worked out but it is excruciatingly slow. Very odd. I will have to look at this. Thanks all On Tue, Sep 23, 2008 at 9:05 AM, Michael B. Smith [EMAIL PROTECTED] wrote: I did this the first time, long ago and far away. It's just part of the process now…here were my comments the first time I had to do it: http://theessentialexchange.com/blogs/michael/archive/2007/11/13/oma-amp-activesync-after-configuring-rpc-https-and-forms-based-authentication.aspx Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* mqcarp [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, September 23, 2008 8:48 AM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans Do you happen to use a front end Exchange server? We do not, and have come across a problem. In reading about the solution on MS site, this seems odd and insecure. Has anyone had to implement this fix? http://support.microsoft.com/kb/817379/EN-US/ On Mon, Sep 22, 2008 at 2:03 PM, Sherry Abercrombie [EMAIL PROTECTED] wrote: I have ISA in my environment, but it is not a part of the OWA/ActiveSync setup. I have a reverse proxy setup at my colo that is used for both OWA and ActiveSync. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R) Properties(R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled
ActiveSync Set Up Veterans
Just have a few questions if some of you are using this feature. It seems frighteningly easy to set up on the server side and I want to ensure that the settings are secure. Here are a few observations for you vets on this: * The settings are activated for ALL users when it is enabled. Is it possible to disable it by default and enable specific users in AD? * Is there a log setting to enable for reviewing audit processes for pushes and troubleshooting in Exchange? * For iPhones, I have noticed that the config utility can require a certificate for the server side push set up, but if you set up a device manually, it will accept the connection without this validation. Can this be set to be required to avoid connections this way? This is on Exch 2003. TIA ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: ActiveSync Set Up Veterans
Sherry are you using ISA in your environment? On Mon, Sep 22, 2008 at 12:15 PM, Michael B. Smith [EMAIL PROTECTED] wrote: The below was current as of the release of Exchange Server 2003 sp2. Not sure if the attribute has additional documented values in Exchange 2007. You can also make the change globally easily using PowerShell or a tool like ADModify.Net. The final Exchange specific tab is Exchange Features, shown in Figure 9-9. The Mobile Services entries allow you to control, on a per-user basis, the mobile capabilities of Exchange. If you, by default, enable mobile services at the global level (Global Settings(R)Mobile Services(R)Properties(R)General) then this window allows you to disable the capabilities at the per-user level. Using the script made available in Microsoft KB 830188 (How to grant permission to use Outlook Mobile Access to specific users of Exchange Server 2003), you can globally disable all users and then pick and choose which specific users are to be allowed access to mobile service capabilities. The per-user AD attribute that controls these functions is named msExchOmaAdminWirelessEnable. If this attribute has a value of zero or the attribute is not present, then all mobile services are enabled. If Outlook Mobile Access (OMA) is disabled, but the other two features are enabled, then the attribute has a value of two (2). The other two items control specific features associated with Exchange ActiveSync (EAS). User Initiated Synchronization must be enabled for Up-to-date Notifications to be enabled; however Up-to-date Notifications may be disabled on its own. If only Up-to-date Notifications is disabled, then msExchOmaAdminWirelessEnable has a value of one (1). If both User Initiated Synchronization and Up-to-date Notifications are disabled, then msExchOmaAdminWirelessEnable has a value of five (5). If all three Mobile Services are disabled, then msExchOmaAdminWirelessEnable has a value of seven (7). If you search the Internet, you will find that other values can be specified for this attribute. However, the values described in the prior paragraph are the only values which Microsoft has documented. You are better off only using these values. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange *From:* Sherry Abercrombie [mailto:[EMAIL PROTECTED] *Sent:* Monday, September 22, 2008 12:55 PM *To:* MS-Exchange Admin Issues *Subject:* Re: ActiveSync Set Up Veterans The Exchange Features tab in AD for each account is the place to enable or disable additional Exchange features such as mobile and OWA. All these features are enabled by default and you will have to disable them. When we recently went through the process to setup OWA and ActiveSync, I had to manually disable everyone except those that had the proper approval for mobile and/or OWA. Check with your HR department because there are legal things to consider with employees checking or receiving email during non-business hours. In your IIS settings for ActiveSync you can set it to require SSL and I wouldn't recommend setting it up any other way. No SSL means that you're network credentials are being sent clear text...very bad idea. Haven't had need to do any looking at logging for auditing at this point so I can't address that. On 9/22/08, *mqcarp* [EMAIL PROTECTED] wrote: Just have a few questions if some of you are using this feature. It seems frighteningly easy to set up on the server side and I want to ensure that the settings are secure. Here are a few observations for you vets on this: * The settings are activated for ALL users when it is enabled. Is it possible to disable it by default and enable specific users in AD? * Is there a log setting to enable for reviewing audit processes for pushes and troubleshooting in Exchange? * For iPhones, I have noticed that the config utility can require a certificate for the server side push set up, but if you set up a device manually, it will accept the connection without this validation. Can this be set to be required to avoid connections this way? This is on Exch 2003. TIA -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: iPhone Exchange Prep Walk Thru
Can you use the same server setting for the profile as your OWA setting? This is where my SSL is set and my standard mail gateway does not go directly to Exchange. In other words, use https://webmail.mydomain.com for the Exchange server setting On Sat, Sep 20, 2008 at 1:52 PM, Joseph L. Casale [EMAIL PROTECTED] wrote: Yeah, I get that :) http://www.apple.com/support/iphone/enterprise/ http://manuals.info.apple.com/en_US/Enterprise_Deployment_Guide.pdf Not all that impressed with the app, its incredibly lackluster IMHO but the process does work w/o hitch. jlc -Original Message- From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] Sent: Saturday, September 20, 2008 11:49 AM To: NT System Admin Issues Subject: RE: iPhone Exchange Prep Walk Thru More importantly is why doesn't the iphone trust a valid certificate from a very large CA. Oh maybe because its not an Apple owned company? :-) I poked around for something like that, I know you can install them on WindowsMobile devices, but there was so much garbage about people trying to config their phones I gave up trying to cipher through it. Thanks Ill dig that up. -Original Message- From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Saturday, September 20, 2008 12:07 PM To: NT System Admin Issues Subject: RE: iPhone Exchange Prep Walk Thru Ben, You can add any ssl cert, even self sign certs. Download the Enterprise Deployment Tool and make a Mobile Config that you install on it. The Enterprise Deployment PDF walks through it... jlc -Original Message- From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] Sent: Saturday, September 20, 2008 7:17 AM To: NT System Admin Issues Subject: RE: iPhone Exchange Prep Walk Thru Well, I disagree somewhat because I have one user who has an iphone and it wont sync with exchange because it doesn't trust the Equifax signed certificate (openssl.com) for some reason. Nowhere to add it anywhere, and then when I try pop3 (because pop3s wont work due to the same reason) it just times out after about 1 min, but you can get to the user account on pop3 manually. Apple can go suck it for me :) Oh on the original iphone, I found it automatically deleted email older than 2 weeks with pop3. I had several people complain to me about that, I didn't setup their phones I just gave them the info, so maybe an option to *not* delete mail after a certain time period *shrug* -Original Message- From: Salvador Manzo [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 1:38 PM To: NT System Admin Issues Subject: RE: iPhone Exchange Prep Walk Thru Now, it's exactly the same as setting up access for Windows Mobile ActiveSync connections. Search for configuration steps for Active Sync, but without the iPhone qualifier. -Original Message- From: Anthony [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2008 10:27 AM To: NT System Admin Issues Subject: iPhone Exchange Prep Walk Thru Anyone care to recommend a link for a good walk through on setting up Exchange 2003 to work with the newer iPhone 2.x Active Sync technology? I getting a lot of noise when I google the subject. I'm not a big Exchange guru so detailed steps would be most helpful. This is in a Windows 2003 SBS Premium environment. Thanks, Anthony ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~