• Improvements and changes in Outlook Web Access '12' (OWA 12)
• Henrik Walther's Exchange Server 2003 Security book -- Order Today!
• MSExchange.org Learning Zone Articles of Interest
• KB Articles of the Month
• Tip of the Month
• MSExchange Links of the Month
• Ask Henrik Walther a question

1. Improvements and changes in Outlook Web Access '12' (OWA 12)

Welcome to the April edition of the MSExchange.org newsletter. In this edition I want to talk about the new features and improvements in Outlook Web Access 12 (OWA 12). As some of you already know, I'm only allowed to talk about stuff included in the Exchange '12' beta 1 build. This means that all information in this newsletter is based on new features, changes and improvements in OWA 12 from beta 1, so bear in mind a lot will/can happen before Exchange '12' RTMs.

Besides a completely new look and feel (see Figure) OWA 12 includes a lot of new features, changes, as well as improvements to already existing features. As you probably understand, I can't go through all of them in this newsletter, so I've instead picked out some of the more interesting ones and provided a short description.

New URL for OWA access
OWA 2000 and 2003 is accessed via the /Exchange virtual directory (http://server/exchange), with Exchange '12' this virtual directory has been replaced by a new /OWA virtual directory. This means all users with a mailbox located on an Exchange '12' server will need to access their mailbox using the new /OWA virtual directory (http://server/owa). But, fear not, should you still have users with a mailbox located on either an Exchange 2000 or 2003 back-end server in your organization; they can still access their mailbox via http://server/exchange, as Exchange '12' creates an /Exchange virtual directory for backward compatibility.

Exchange '12' also creates a /Public virtual directory which is used to access public folders located on either an Exchange 2000 or 2003 back-end server.

Manage mobile devices from within the OWA 12 GUI
Users of Exchange '12' will be able to manage their mobile devices (PDAs and SmartPhones) directly from within the OWA '12' GUI. As some of you already know it's, with a combination of Exchange 2003 SP2 and Windows 5.0 mobile devices with the MSFP installed, possible for the Exchange administrator to initiate remote wipes of mobile devices should it get lost or stolen (BTW part 3 in my 5 part article series on Exchange 2003 Mobile Messaging, which will be released in a near future, will go in depth on this subject). With Exchange '12' your users can initiate remote wipes and much more themselves directly from within the OWA '12' GUI.

Easier attachment handling
In OWA 2003 you could configure the type of allowed attachments as well as which attachment types needed to be downloaded to disk before you could open them. You did this via a set of registry keys, more specifically the Level1FileTypes, Level2FileTypes and the KnownContentTypes keys. With Exchange '12' you can configure attachment handling settings via either the Exchange Management Console or the Exchange Management Shell.

BTW the AcceptedAttachmentsFrontEnds registry key which permitted users to access attachments from a list of front-end servers is not available in Exchange '12.' You can instead configure the attachment settings per Client Access Server.

Pre-configured domain on forms-based authentication logon page
You can, when enabling forms-based authentication via either the Exchange Management Console or the Exchange Management Shell, configure a default domain so that users don't have to type domain/username when logging on to their mailbox. When using forms-based authentication in Exchange 2003 Server, you needed to specify the default domain in the logon.asp file itself (see this article).

More feature-rich Out Of Office Assistant
The OWA '12' Out of Office Assistant has been improved significantly. The users can now schedule an Out of Office message, so that it expires after a specified date and time. Additionally, your users can now create a separate Out of Office message for internal and external senders. The Out of Office editor has also been improved. Among other things, it now supports more fonts, font sizes, font colors, etc.

More Efficient Search Functionality
The OWA '12' Search feature has been thoroughly re-designed. It's now much easier to use and provides much faster as well as better search results. You can even do advanced searches (similar to the advanced searches you can perform in Microsoft Office Outlook 12).

Auto Completion Cache
This feature, as most of you know, is already available in Microsoft Office Outlook 2003, but to much annoyance it wasn't included in OWA 2003. But with OWA '12' recipients are finally automatically cached, so that you don't have to type the full e-mail address of an external recipient when sending him an e-mail message.

Free/Busy info in the Global Address List
The GAL has also been heavily improved. You can now see the availability (free/busy status) of each user as well as other user information. There's also a new All rooms feature, which lists all meeting rooms, so that you can book a meeting as well as invite attendees much easier than was the case in previous OWA versions.

Improved calendar view
The calendar now supports viewing busy calendars with many meetings and overlapping appointments. When users select either the Today of Day view, they can even read the details of a meeting or appointment directly in the reading pane.

Access documents on Windows SharePoint Services and UNC file shares
With OWA 12 you will be able to access documents as well as document libraries on either Windows SharePoint Services or an ordinary UNC file share via a new Documents button in the OWA 12 user interface. In the past you typically needed to establish a VPN connection in order to reach documents stored on your internal network.

As you can see from the above, there are several exciting things to look forward to in OWA '12' - things which will ensure that OWA continues to be the best web mail client on the market.

That was all for this time. Should you have any ideas for content in future editions of the MSExchange.org newsletter or on my blog, you're more than welcome to shoot me an email at Henrik@msexchange.org.

2. Henrik Walther's Exchange Server 2003 Security book - Order Today!

By Henrik Walther Are you among the persons who like the articles I write for MSExchange.org? Then this book is definitely for you. It provides you with step by step instructions on how you get your Exchange Server properly secured. The book covers topics such as how to: Secure OWA 2003 (including many real world tips and tricks) Configure and secure SMTP Setup protocol and client encryption Delegate and control permissions Combating spam and virus

Click here to Order your copy today

3. MSExchange.org Learning Zone Articles of Interest

We have a great group of articles in the Learning Zone that will help you get a handle on your most difficult configuration issues. Here are just a few of the newer and more interesting articles:

• Exchange 2003 Mobile Messaging Part 2 - Uncovering the Device Security Policies
• Troubleshooting the Exchange Recipient Update Service (RUS)
• Explaining the order in which the Exchange 2003 (SP2) Connection Filters are applied
• Understanding Exchange Access Control and Administrative Delegation
• System Center Capacity Planner 2006 Overview (Part 2)
• Exchange 2003 Mobile Messaging Part 1 - A look at the Microsoft DirectPush technology
• System Center Capacity Planner 2006 Overview (Part 1)
• Exchange on NAS: Proved and Approved

4. KB Articles of the Month

Here are some interesting and useful MSExchange related articles posted by Microsoft in the last month:

• E-mail messages do not contain the X-header information when you use the message journaling feature to forward the messages outside the Exchange Server 2003 domain
• A new MAPI interface is available to let you retrieve mailbox tables on a per-store basis in Exchange Server 2003
• Error message in OWA when you try to download a .zip file from a server that is running ISA Server 2004 Service Pack 2: "500 Internal Server Error. Not implemented (-2147467263)"
• Exchange Server 2003 Intelligent Message Filter does not provide the functionality to exclude a particular recipient from anti-spam filtering
• Error message when you try to synchronize a mobile device with Exchange Server 2003: "HTTP_403"
• Error message when you try to use the Microsoft Exchange Server ActiveSync Web Administration tool to delete a partnership or to perform a Remote Wipe operation on a mobile device in Exchange Server 2003 SP2: "(401) Unauthorized"
• All recurring meetings are removed from Exchange Server 2003 when you change a single instance of a recurring meeting that uses the iCal form code
• How to troubleshoot the issue when event 9986 is not logged in MOM when you monitor Exchange Server 2003 or Exchange 2000 Server
• Troubleshooting HTTP 401 errors in IIS

5. Tip of the Month

After reading the Exchange 2003 Mobile Messaging Part 1 - A look at the Microsoft DirectPush technology article, Mike Huges had below valuable tidbit to share.

When we first deployed SP2 it completely broke Mobile Activesync. As it turns out, when you install SP2 it enables compression on the Microsoft-Server-ActiveSync IIS Virtual Directory. You have to modify the MetaBase.xml to correct the problem. I have not seen Microsoft acknowledge or document this issue yet, but it is all over the forums and took me nearly two days of research to resolve the problem.

Look for <IIsWebVirtualDir Location ="/LM/W3SVC/1/ROOT/Microsoft-Server-ActiveSync" and change the following lines to look like this:

DoDynamicCompression="FALSE"
DoStaticCompression="FALSE"

We use T-Mobile for our Blackberry's, Treo's and MS Mobile devices. As I am sure you know the QTEK 9100 is the same unit as T-Mobiles MDA. We picked up the QTEK about 3 weeks before T-Mobile officially released the MDA. It took quite some time to figure out how to get mobile Activesync on the QTEK working with our Exchange server (non-msfp). In the process I found a problem with T-Mobiles data network and notified them of my findings two weeks prior to the MDA release. I won't go into all of the details, but the only way to get mobile Activesync working on their network is to use a proxy server (216.155.165.50 port 8080) on the GPRS connection settings. The down side of the proxy server is it breaks communications for things like SKYPE. T-Mobile has acknowledged this to me, but not publicly as of yet. I think they do not want to hinder their MDA sale with bad press. What I have been told is, until the problem is resolved, T-Mobile will not be releasing MSFP for the MDA.

Great info Mike!

6. MSExchange Links of the Month

TechNet Webcast: Exchange "12" Management Shell and Scripting (Level 300)
Tuesday, May 9, 2006 1:00 P.M.-2:00 P.M. Pacific Time
Presenter: Vivek Sharma, Program Manager, Microsoft Corporation
This webcast focuses on the command-line and scripting interface (based on Microsoft Windows "Monad") in the next version of Microsoft Exchange Server, code-named Exchange "12." See how to convert your multiple-page Microsoft Visual Basic and component object model (COM) scripts to a single line in Exchange "12." We cover the basics of the management shell along with the underlying design and key concepts. Learn tips and tricks for building larger scripts that you can use to automate small, medium, and enterprise business scenarios. The session includes demonstrations of several single-line scripts that you can use immediately, with little or no tweaking.

TechNet Webcast: The Improved Exchange System Manager for Exchange "12" (Level 300)
Tuesday, April 25, 2006 11:30 A.M.-12:30 P.M. Pacific Time
Presenter: Brad Clark, Program Manager Lead, Microsoft Corporation
This webcast provides a sneak peak into the new Exchange System Manager (ESM) for the next version of Microsoft Exchange Server, code-named Exchange "12." This latest version of the product includes a completely redesigned ESM for improved discoverability and usability. The new, intuitive graphical user interface (GUI) for managing Exchange gives e-mail administrators a better management experience. This GUI is built on top of the Microsoft Windows "Monad" shell, making the graphical and command-line interfaces completely complementary.

TechNet Webcast: Recipient Management and Permissions in Exchange "12" (Level 300)
Tuesday, May 2, 2006 11:30 A.M.-12:30 P.M. Pacific Time
Presenter: Brad Clark, Program Manager Lead, Microsoft Corporation
Learn how to create and manage most types of recipients using the management console and management shell in the next version of Microsoft Exchange Server, code-named Exchange "12," without Recipient Update Service (RUS) running in the background. See how a lower-level administrator can easily become a Recipient Manager without changing the access control list (ACL). This webcast also provides an overview of the Exchange "12" permissions model along with a primer on provisioning address lists.

Support WebCast: Sybari Antigen 8.0 for Microsoft Exchange
Wednesday, April 26, 2006 10:00 AM Pacific Time (US & Canada)
This Microsoft Support WebCast discusses Sybari Antigen 8.0 for Microsoft Exchange. This WebCast discusses how Antigen operates with Microsoft Exchange Server software. This WebCast also provides troubleshooting information.

7. Ask Henrik Walther a question

QUESTION: I have a question about the "Gateway Server role" in Exchange 12. You say that "This server role is to be deployed in the DMZ".

Will a Gateway Server have to be member of an Active Directory domain? We had this problem with the front-end server, which was solved with the use of a standalone ISA Server in the DMZ.

Thanks for your answer!

ANSWER: The good thing is Microsoft thought about this DMZ vs internal network issue, when designing the Gateway server role. I can inform you that the gateway server doesn't have to (or should I say shouldn't) be a member of the AD. Instead, the gateway server uses ADAM which synchronizes the required user info with AD. But the client access server role which replaces the front-end server should still be placed on the internal network then published by an ISA Server in the DMZ.