10133A-ENU Studentd

10133A
First Look: Whats New in Microsoft Exchange Server 2010
E S A E E L E R R A E W R P FT O S
For product evaluation only not for distribution or commercial use.
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
2009 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Access, Active Directory, ActiveSync, BizTalk, Excel Forefront, Groove, Hyper-V, Internet Explorer, MS, Outlook, PerformancePoint, PowerPoint, SQL Server, Virtual Earth, Visio, Visual Studio, Windows, Windows Live, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are property of their respective owners.
Product Number: 10133A Released: 06/2009
Version 1.2
MICROSOFT LICENSE TERMS OFFICIAL MICROSOFT LEARNING PRODUCTS COURSEWARE STUDENT EDITION Pre-Release and Final Versions
These license terms are an agreement between Microsoft Corporation and you. Please read them. They apply to the licensed content named above, which includes the media on which you received it, if any. The terms also apply to any Microsoft updates, supplements, Internet-based services, and support services
for this licensed content, unless other terms accompany those items. If so, those terms apply. By using the licensed content, you accept these terms. If you do not accept them, do not use the licensed content. If you comply with these license terms, you have the rights below.
1. OVERVIEW.
Licensed Content. The licensed content includes software, printed materials, academic materials (online and electronic), and associated media. License Model. The licensed content is licensed on a per copy per device basis.
2. INSTALLATION AND USE RIGHTS. a. Licensed Device. The licensed device is the device on which you use the licensed content. You may install and use
one copy of the licensed content on the licensed device. licensed device.
b. Portable Device. You may install another copy on a portable device for use by the single primary user of the c. Separation of Components. The components of the licensed content are licensed as a single unit. You may not
separate the components and install them on different devices.
d. Third Party Programs. The licensed content may contain third party programs. These license terms will apply to
your use of those third party programs, unless other terms accompany those programs.
3. PRE-RELEASE VERSIONS. If the licensed content is a pre-release (beta) version, in addition to the other provisions in
this agreement, then these terms also apply:
a. Pre-Release Licensed Content. This licensed content is a pre-release version. It may not contain the same
information and/or work the way a final version of the licensed content will. We may change it for the final, commercial version. We also may not release a commercial version. You will clearly and conspicuously inform any Students who participate in an Authorized Training Session and any Trainers who provide training in such Authorized Training Sessions of the foregoing; and, that you or Microsoft are under no obligation to provide them with any further content, including but not limited to the final released version of the Licensed Content for the Course. charge, the right to use, share and commercialize your feedback in any way and for any purpose. You also give to third parties, without charge, any patent rights needed for their products, technologies and services to use or interface with any specific parts of a Microsoft software, licensed content, or service that includes the feedback. You will not give feedback that is subject to a license that requires Microsoft to license its software or documentation to third parties because we include your feedback in them. These rights survive this agreement. that may be included with the licensed content, is confidential and proprietary to Microsoft and its suppliers. i.
b. Feedback. If you agree to give feedback about the licensed content to Microsoft, you give to Microsoft, without
c. Confidential Information. The licensed content, including any viewer, user interface, features and documentation
Use. For five years after installation of the licensed content or its commercial release, whichever is first, you may not disclose confidential information to third parties. You may disclose confidential information only to your employees and consultants who need to know the information. You must have written agreements with them that protect the confidential information at least as much as this agreement. Survival. Your duty to protect confidential information survives this agreement.
ii.
iii. Exclusions. You may disclose confidential information in response to a judicial or governmental order. You must first give written notice to Microsoft to allow it to seek a protective order or otherwise protect the information. Confidential information does not include information that d. becomes publicly known through no wrongful act; you received from a third party who did not breach confidentiality obligations to Microsoft or its suppliers; or you developed independently.
Term. The term of this agreement for pre-release versions is (i) the date which Microsoft informs you is the end date for using the beta version, or (ii) the commercial release of the final release version of the licensed content, whichever is first (beta term). Use. You will cease using all copies of the beta version upon expiration or termination of the beta term, and will destroy all copies of same in the possession or under your control. Copies. Microsoft will inform Authorized Learning Centers if they may make copies of the beta version (in either print and/or CD version) and distribute such copies to Students and/or Trainers. If Microsoft allows to such distribution, you will follow any additional terms that Microsoft provides to you for such copies and distribution.
e. f.
4. ADDITIONAL LICENSING REQUIREMENTS AND/OR USE RIGHTS. a. Media Elements and Templates. You may use images, clip art, animations, sounds, music, shapes, video clips and
templates provided with the licensed content solely for your personal training use. If you wish to use these media elements or templates for any other purpose, go to www.microsoft.com/permission to learn whether that use is allowed.
b. Academic Materials. If the licensed content contains academic materials (such as white papers, labs, tests,
datasheets and FAQs), you may copy and use the academic materials. You may not make any modifications to the academic materials and you may not print any book (either electronic or print version) in its entirety. If you reproduce any academic materials, you agree that:
The use of the academic materials will be only for your personal reference or training use You will not republish or post the academic materials on any network computer or broadcast in any media; You will include the academic materials original copyright notice, or a copyright notice to Microsofts benefit in the
format provided below: Form of Notice: 2009 Reprinted for personal reference use only with permission by Microsoft Corporation. All rights reserved. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the US and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners.
c. Distributable Code. The licensed content may contain code that you are permitted to distribute in programs you
develop if you comply with the terms below.
i.
Right to Use and Distribute. The code and text files listed below are Distributable Code. REDIST.TXT Files. You may copy and distribute the object code form of code listed in REDIST.TXT files. Sample Code. You may modify, copy, and distribute the source and object code form of code marked as sample. Third Party Distribution. You may permit distributors of your programs to copy and distribute the Distributable Code as part of those programs.
ii. Distribution Requirements. For any Distributable Code you distribute, you must
add significant primary functionality to it in your programs; require distributors and external end users to agree to terms that protect it at least as much as this agreement; display your valid copyright notice on your programs; and indemnify, defend, and hold harmless Microsoft from any claims, including attorneys fees, related to the distribution or use of your programs.
iii. Distribution Restrictions. You may not

alter any copyright, trademark or patent notice in the Distributable Code; use Microsofts trademarks in your programs names or in a way that suggests your programs come from or are endorsed by Microsoft; distribute Distributable Code to run on a platform other than the Windows platform; include Distributable Code in malicious, deceptive or unlawful programs; or modify or distribute the source code of any Distributable Code so that any part of it becomes subject to an Excluded License. An Excluded License is one that requires, as a condition of use, modification or distribution, that the code be disclosed or distributed in source code form; or others have the right to modify it.
5. INTERNET-BASED SERVICES. Microsoft may provide Internet-based services with the licensed content. It may change
or cancel them at any time. You may not use these services in any way that could harm them or impair anyone elses use of them. You may not use the services to try to gain unauthorized access to any service, data, account or network by any means.
6. SCOPE OF LICENSE. The licensed content is licensed, not sold. This agreement only gives you some rights to use the
licensed content. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the licensed content only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the licensed content that only allow you to use it in certain ways. You may not disclose the results of any benchmark tests of the licensed content to any third party without Microsofts prior written approval; work around any technical limitations in the licensed content; reverse engineer, decompile or disassemble the licensed content, except and only to the extent that applicable law expressly permits, despite this limitation; make more copies of the licensed content than specified in this agreement or allowed by applicable law, despite this limitation; publish the licensed content for others to copy; transfer the licensed content marked as beta or pre-release to any third party; allow others to access or use the licensed content; rent, lease or lend the licensed content; or use the licensed content for commercial licensed content hosting services. Rights to access the server software that may be included with the Licensed Content, including the Virtual Hard Disks does not give you any right to implement Microsoft patents or other Microsoft intellectual property in software or devices that may access the server.
7. BACKUP COPY. You may make one backup copy of the licensed content. You may use it only to reinstall the licensed
content.
8. TRANSFER TO ANOTHER DEVICE. You may uninstall the licensed content and install it on another device for your
personal training use. You may not do so to share this license between devices.
9. TRANSFER TO A THIRD PARTY. You may not transfer those versions marked as beta or pre-release to a third party.
For final versions, these terms apply: The first user of the licensed content may transfer it and this agreement directly to a third party. Before the transfer, that party must agree that this agreement applies to the transfer and use of the licensed content. The first user must uninstall the licensed content before transferring it separately from the device. The first user may not retain any copies. comply with all domestic and international export laws and regulations that apply to the licensed content. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting. or Not for Resale.
10. EXPORT RESTRICTIONS. The licensed content is subject to United States export laws and regulations. You must
11. NOT FOR RESALE SOFTWARE/LICENSED CONTENT. You may not sell software or licensed content marked as NFR
12. ACADEMIC EDITION. You must be a Qualified Educational User to use licensed content marked as Academic Edition
or AE. If you do not know whether you are a Qualified Educational User, visit www.microsoft.com/education or contact the Microsoft affiliate serving your country. services that you use, are the entire agreement for the licensed content and support services.
13. ENTIRE AGREEMENT. This agreement, and the terms for supplements, updates, Internet-based services and support 14. APPLICABLE LAW. a. United States. If you acquired the licensed content in the United States, Washington state law governs the
interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort. apply.
b. Outside the United States. If you acquired the licensed content in any other country, the laws of that country 15. LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws of your country.
You may also have rights with respect to the party from whom you acquired the licensed content. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.
16. DISCLAIMER OF WARRANTY. THE LICENSED CONTENT IS LICENSED AS-IS. YOU BEAR THE RISK OF
USING IT. MICROSOFT GIVES NO EXPRESS WARRANTIES, GUARANTEES OR CONDITIONS. YOU MAY HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES. anything related to the licensed content, software, services, content (including code) on third party Internet sites, or third party programs; and claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
17. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM MICROSOFT
This limitation applies to
It also applies even if Microsoft knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages. Please note: As this licensed content is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French. Remarque : Ce le contenu sous licence tant distribu au Qubec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en franais. EXONRATION DE GARANTIE. Le contenu sous licence vis par une licence est offert tel quel . Toute utilisation de ce contenu sous licence est votre seule risque et pril. Microsoft naccorde aucune autre garantie expresse. Vous pouvez bnficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualit marchande, dadquation un usage particulier et dabsence de contrefaon sont exclues. LIMITATION DES DOMMAGES-INTRTS ET EXCLUSION DE RESPONSABILIT POUR LES DOMMAGES. Vous pouvez obtenir de Microsoft et de ses fournisseurs une indemnisation en cas de dommages directs uniquement hauteur de 5,00 $ US. Vous ne pouvez prtendre aucune indemnisation pour les autres dommages, y compris les dommages spciaux, indirects ou accessoires et pertes de bnfices. Cette limitation concerne: tout ce qui est reli au le contenu sous licence , aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et les rclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilit stricte, de ngligence ou dune autre faute dans la limite autorise par la loi en vigueur.
Elle sapplique galement, mme si Microsoft connaissait ou devrait connatre lventualit dun tel dommage. Si votre pays nautorise pas lexclusion ou la limitation de responsabilit pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou lexclusion ci-dessus ne sappliquera pas votre gard. EFFET JURIDIQUE. Le prsent contrat dcrit certains droits juridiques. Vous pourriez avoir dautres droits prvus par les lois de votre pays. Le prsent contrat ne modifie pas les droits que vous confrent les lois de votre pays si celles-ci ne le permettent pas.
Contents
vii
Acknowledgements
Microsoft Learning would like to acknowledge and thank the following for their contribution towards developing this title. Their effort at various stages in the development has ensured that you have a good classroom experience.
Stan Reimer Content Developer

Stan Reimer is president of S. R. Technical Services Inc, and he works as a consultant, trainer and author. Stan has extensive experience consulting on Active Directory and Exchange Server deployments for some of the largest companies in Canada. Stan is the lead author for two Active Directory books for Microsoft Press, and is currently working on an Exchange Server 2010 Best Practices book, also for Microsoft Press. For the last six years, Stan has been writing courseware for Microsoft Learning, specializing in Active Directory and Exchange Server courses. Stan has been an MCT for 11 years.
David Elfassy Technical Reviewer

Senior Technical Advisor Netlogon Technologies inc. | Kalleo inc. MCSA, MCSE, MCTS, MCITP, MCT MVP: Exchange Server
Contents
ix
Table of Contents
Introduction
Introduction ........................................................................................................................................i Clinic Materials ................................................................................................................................. ii Microsoft Learning Product Types................................................................................................... iv Microsoft Certification Program ....................................................................................................... vi Facilities........................................................................................................................................... xi About This Clinic............................................................................................................................. xii Prerequisites.................................................................................................................................. xiv Clinic Outline.................................................................................................................................. xvi
Session 1: Microsoft Exchange Server 2010 Enhancing the User Experience

Session Overview ......................................................................................................................... 1-1 Section 1: Exchange Server 2010 Design Goals ......................................................................... 1-2 Section 2: Client Access Features.............................................................................................. 1-11 Section 3: Message Policy and Compliance Features ............................................................... 1-29 Section 4: Unified Messaging Features...................................................................................... 1-45 Section 5: Federated Sharing Features ..................................................................................... 1-51
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Session Overview ......................................................................................................................... 2-1 Section 1: Message Transport Features ...................................................................................... 2-2 Section 2: Mailbox Server Features ........................................................................................... 2-14 Section 3: Database Availability and Site Resilience ................................................................. 2-21 Section 4: Administration and Management Tools..................................................................... 2-37 Section 5: Transitioning from Previous Versions of Exchange Server....................................... 2-49 Clinic Evaluation ......................................................................................................................... 2-56
Introduction
Table of Contents Introduction Clinic Materials Microsoft Learning Product Types Microsoft Certification Program Facilities About This Clinic Prerequisites Clinic Outline
i ii iv vi xi xii xiv xvi
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Copyright 2009 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Access, Active Directory, ActiveSync, BizTalk, Excel Forefront, Groove, Hyper-V, Internet Explorer, MS, Outlook, PerformancePoint, PowerPoint, SQL Server, Virtual Earth, Visio, Visual Studio, Windows, Windows Live, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Version 1.2
Introduction
Introduction
ii
Introduction
Clinic Materials
The following materials are included with your kit: Student workbook. The student workbook contains the material covered in class. Clinic evaluation. At the end of the clinic, you will have the opportunity to complete an online evaluation to provide feedback on the clinic, training facility, and instructor.
To provide additional comments or feedback on the clinic, send e-mail to support@mscourseware.com. To inquire about the Microsoft Certification Program, send e-mail to mcphelp@microsoft.com.
Introduction
iii
Document Conventions
The following conventions are used in clinic materials to distinguish elements of the text.
Convention Bold Use Represents commands, command options, and syntax that must be typed exactly as shown. It also indicates commands on menus and buttons, dialog box titles and options, and icon and menu names. In syntax statements or descriptive text, indicates argument names or placeholders for variable information. Italic is also used for introducing new terms, for book titles, and for emphasis in the text. Indicate domain names, user names, computer names, directory names, and folder and file names, except when specifically referring to casesensitive names. Unless otherwise indicated, you can use lowercase letters when you type a directory name or file name in a dialog box or at a command prompt. Indicate the names of keys, key sequences, and key combinationsfor example, ALT+SPACEBAR. Represents code samples or examples of screen text. In syntax statements, enclose optional items. For example, [filename] in command syntax indicates that you can choose to type a file name with the command. Type only the information within the brackets, not the brackets themselves. In syntax statements, enclose required items. Type only the information within the braces, not the braces themselves. In syntax statements, separates an either/or choice. Indicates a procedure with sequential steps. In syntax statements, specifies that the preceding item may be repeated. Represents an omitted portion of a code sample.
Italic
Title Capitals
ALL CAPITALS monospace []
{} | ... . . .
iv
Introduction
Microsoft Learning Product Types
Microsoft Learning offers the following instructor-led products. Each is specific to a particular audience type and level of experience. The different product types also tend to suit different learning styles. These types are as follows: Courses are for information technology (IT) professionals and developers who are new to a particular product or technology and for experienced individuals who prefer to learn in a traditional classroom format. Courses provide a relevant and guided learning experience that combines lecture and practice to deliver thorough coverage of a Microsoft product or technology. Courses are designed to address the needs of learners engaged in planning, design, implementation, management, and support phases of the technology adoption life-cycle. They provide detailed information by focusing on concepts and principles, reference content, and in-depth hands-on lab activities to ensure knowledge transfer. Typically, the content of a course is broad, addressing a wide range of tasks necessary for the job role. Workshops are for knowledgeable IT professionals and developers who learn best by doing and exploring. Workshops provide a hands-on learning experience in which participants use Microsoft products in a safe and collaborative environment based on real-world scenarios. Clinics are for IT professionals, developers and technical decision makers. Clinics offer a detailed how to presentation that describes the features and functionality of an existing or new Microsoft product or technology, and that showcases product demonstrations and solutions. Clinics focus on how specific features will solve business problems.
Introduction
Microsoft Learning Product Types (continued)
First-look Clinics are products specifically designed to deliver early content or critical information that Product Groups or other internal customers need communicated quickly and broadly. The First Look products convey knowledgebased (not skills-based) information to an audience profile identified as high-level Business Decision Makers. Hands-on Labs provide IT professionals and developers with hands-on experience with an existing or new Microsoft product or technology. Hands-on labs provide a realistic and safe environment to encourage knowledge transfer by learning through doing. The labs provided are completely prescriptive so that no lab answer keys are required. There is very little lecture or text content provided in hands-on labs, aside from lab introductions, context setting, and lab reviews.
vi
Introduction
Microsoft Certification Program
Microsoft Learning offers a variety of certification credentials for developers and IT professionals. The Microsoft Certification Program (MCP) is the leading certification program for validating your experience and skills, keeping you competitive in todays changing business environment.
MCP Certifications
The MCP includes the following certifications. MCITP The new Microsoft Certified IT Professional (MCITP) credential allows IT professionals to distinguish themselves as experts in their specific area of focus. There is a straightforward upgrade path from the MCDBA certification to the new MCITP credentials. There are currently twelve IT Professional certifications: MCITP: Business Intelligence Developer MCITP: Business Intelligence Developer 2008 MCITP: Consumer Support Technician MCITP: Database Developer MCITP: Database Developer 2008 MCITP: Database Administrator MCITP: Database Administrator 2008 MCITP: Enterprise Messaging Administrator MCITP: Enterprise Project Management with Microsoft Office Project Server 2007
Introduction
vii
MCITP: Enterprise Support Technician MCITP: Enterprise Administrator MCITP: Server Administrator
MCPD The Microsoft Certified Professional Developer (MCPD) credential highlights developer job roles, featuring specific areas of expertise. There is a straightforward upgrade path from the MCAD and MCSD for Microsoft .NET certifications to the new MCPD credential. There are four MCPD certification paths: MCPD: Microsoft Visual Studio 2008 MCPD: Web Developer, Visual Studio 2005 MCPD: Windows Developer on Visual Studio 2005 MCPD: Enterprise Applications Developer on Visual Studio 2005
MCTS The Microsoft Certified Technology Specialist (MCTS) credential enables professionals to target specific technologies and distinguish themselves by demonstrating in-depth knowledge of and expertise in the technologies with which they work. The following list contains the current MCTS certifications: MCTS: .NET Framework 2.0 Web Applications MCTS: .NET Framework 2.0 Windows Applications MCTS: .NET Framework 2.0 Distributed Applications MCTS: .NET Framework 3.5, ADO.NET Applications MCTS: .NET Framework 3.5, ASP.NET Applications MCTS: .NET Framework 3.5, Windows Communication Foundation Applications MCTS: .NET Framework 3.5, Windows Forms Applications MCTS: .NET Framework 3.5, Windows Presentation Foundation Applications MCTS: .NET Framework 3.5, Windows Workflow Foundation Applications MCTS: BizTalk Server 2006 MCTS: Business Desktop Deployment MCTS: Connected Home Integrator MCTS: Designing and Providing Volume Licensing Solutions to Large Organizations MCTS: Designing and Providing Volume Licensing Solutions to Small and Medium Organizations MCTS: Enterprise Project Management with Microsoft Office Project Server 2007
viii
Introduction
MCTS: Microsoft Desktop Optimization Pack, Configuration MCTS: Microsoft Exchange Server 2007 Configuration MCTS: Microsoft Forefront Client and Server Configuration MCTS: Microsoft Internet Security and Acceleration (ISA) Server 2006, Configuration MCTS: Microsoft Office Communications Server 2007, Configuration MCTS: Microsoft Office Groove 2007, Configuration MCTS: Microsoft Office Live Communications Server 2005 MCTS: Microsoft Office PerformancePoint Server 2007, Applications MCTS: Microsoft Office Project 2007, Managing Projects MCTS: Microsoft Office Project Server 2007, Configuration MCTS: Microsoft Office SharePoint Server 2007 Application Development MCTS: Microsoft Office SharePoint Server 2007 Configuration MCTS: Microsoft Office Visio 2007, Application Development MCTS: Microsoft SQL Server 2005 MCTS: Microsoft SQL Server 2005 Business Intelligence MCTS: Microsoft SQL Server 2008, Business Intelligence Development and Maintenance MCTS: Microsoft SQL Server 2008, Database Development MCTS: Microsoft SQL Server 2008, Implementation and Maintenance MCTS: Microsoft System Center Configuration Manager 2007, Configuration MCTS: Microsoft System Center Operations Manager 2007, Configuration MCTS: Microsoft System Center Virtual Machine Manager 2008, Configuration MCTS: Microsoft Team Foundation Server: Configuration and Development MCTS: Microsoft Virtual Earth 6.0, Application Development MCTS: Windows Embedded CE 6.0 Development MCTS: Windows Essential Business Server 2008, Configuration MCTS: Windows Mobile 5.0, Applications MCTS: Windows Mobile 5.0, Implementing and Managing MCTS: Windows Server 2003 Hosted Environments Configuration and Management MCTS: Windows Server 2008 Active Directory Configuration MCTS: Windows Server 2008 Applications Infrastructure Configuration MCTS: Windows Server 2008 Network Infrastructure Configuration MCTS: Windows Server Virtualization, Configuration
Introduction
ix
MCTS: Windows SharePoint Services 3.0 Application Development MCTS: Windows SharePoint Services 3.0 Configuration MCTS: Windows Small Business Server 2008, Configuration MCTS: Windows Vista Configuration
MCDST on Microsoft Windows The Microsoft Certified Desktop Support Technician (MCDST) certification is designed for professionals who successfully support and educate end users and troubleshoot operating system and application issues on desktop computers running the Windows operating system. MCSA on Microsoft Windows Server 2003 The Microsoft Certified Systems Administrator (MCSA) certification is designed for professionals who implement, manage, and troubleshoot existing network and system environments based on the Windows Server 2003 platform. Implementation responsibilities include installing and configuring parts of systems. Management responsibilities include administering and supporting systems. MCSE on Microsoft Windows Server 2003 The Microsoft Certified Systems Engineer (MCSE) credential is the premier certification for professionals who analyze business requirements and design and implement infrastructure for business solutions based on the Windows Server 2003 platform. Implementation responsibilities include installing, configuring, and troubleshooting network systems. MCAD for Microsoft .NET The Microsoft Certified Application Developer (MCAD) for Microsoft .NET credential provides industry recognition for professional developers who use Microsoft Visual Studio .NET and Web services to develop and maintain department-level applications, components, Web or desktop clients, or back-end data services, or who work in teams developing enterprise applications. The credential covers job tasks ranging from developing to deploying and maintaining these solutions. MCSD for Microsoft .NET The Microsoft Certified Solution Developer (MCSD) for Microsoft .NET credential is the top-level certification for advanced developers who design and develop leading-edge enterprise solutions by using Microsoft development tools and technologies as well as the Microsoft .NET Framework. The credential covers job tasks ranging from analyzing business requirements to maintaining solutions.
Introduction
MCDBA on Microsoft SQL Server 2000 The Microsoft Certified Database Administrator (MCDBA) credential is the premier certification for professionals who implement and administer SQL Server 2000 databases. The certification is appropriate for individuals who derive physical database designs, develop logical data models, create physical databases, create data services by using Transact-SQL, manage and maintain databases, configure and manage security, monitor and optimize databases, and install and configure SQL Server. MCP The Microsoft Certified Professional (MCP) credential is for individuals who have the skills to successfully implement a Microsoft product or technology as part of a business solution in an organization. Hands-on experience with the product is necessary to successfully achieve certification. MCT Microsoft Certified Trainers (MCTs) demonstrate the instructional and technical skills that qualify them to deliver Official Microsoft Learning Products through a Microsoft Certified Partner for Learning Solutions (CPLS). Certification Requirements Certification requirements differ for each certification category and are specific to the products and job functions addressed by the certification. To earn a certification credential, you must pass rigorous certification exams that provide a valid and reliable measure of technical proficiency and expertise.
Additional Information: See the Microsoft Learning Web site at http://www.microsoft.com/learning/. You can also send e-mail to mcphelp@microsoft.com if you have specific certification questions.
Acquiring the Skills Tested by MCP Exams

Official Microsoft Learning Products can help you develop the skills that you need to do your job. They also complement the experience that you gain while working with Microsoft products and technologies. However, no one-to-one correlation exists between Official Microsoft Learning Products and MCP exams. Microsoft does not expect or intend for the courses to be the sole preparation method for passing MCP exams. Practical product knowledge and experience are also necessary to pass MCP exams. To help prepare for MCP exams, use the preparation guides that are available for each exam. Each Exam Preparation Guide contains exam-specific information, such as a list of the topics on which you will be tested. These guides are available on the Microsoft Learning Web site at http://www.microsoft.com/learning/.
Introduction
xi
Facilities
xii
Introduction
About This Clinic
This section provides you with a brief description of the clinic, objectives, and target audience.
Description
Microsoft Exchange Server 2010 provides several new features, many of which are designed to enhance the user experience with the messaging system. This session will introduce some of the design principles that Microsoft used when designing the new Exchange Server 2010 features. This session will also introduce the new Exchange Server 2010 client access and compliance features. The new Exchange Server 2010 features make it easier for administrators to manage and maintain the messaging environment. The goal of this clinic is to describe new message transport features, the new database and high availability options, and the new administration tools and features. This clinic also provides an overview for upgrading from previous Exchange Server versions to Exchange Server 2010.
Objectives
After completing this clinic, you will be able to: Describe the Microsoft Exchange Server 2010 design priorities. Describe the new Client Access features. Describe the new Message Policy and Compliance features. Describe the new Unified Messaging features. Describe the Federated Sharing features. Describe the new Exchange Server 2010 message transport features. Describe the new Exchange Server 2010 Mailbox server features.
Introduction
xiii
Describe the new Exchange Server 2010 database availability and site resiliency features. Describe the new Exchange Server 2010 administration and management tool features. Describe the process for transitioning from a previous of Exchange Server version to Exchange Server 2010.
Audience
The target audience for this clinic includes the following: The primary audience for this clinic are IT Professional messaging administrators, and messaging engineers who serve as technical decision-makers to evaluate new software, and assess new software capabilities that: Enable new business solutions. Improve IT services. Improve IT operations. These IT technical decision makers have at least three years experience working with Exchange Server, and are familiar with Exchange Server 2003 or Exchange Server 2007 administration, basic Exchange design concepts, and the Exchange Best Practices Analyzer.
xiv
Introduction
Prerequisites
This clinic requires that you meet the following prerequisites: Windows Server 2003 or 2008, including directory services. The Windows XP operating system, or Windows Vista, and Microsoft Office Outlook. Windows-based mobile devices. Asynchronous networking technologies including TCP/IP, messaging transports, and remote access. Storage and Storage Area Networks (SANs), clustering, and load balancing. Basic virtualization concepts (e.g. basic awareness of Microsoft Hyper-V) but are not experienced with the details of Windows Server Hyper-V. General IT operations concepts and procedures including service level management, high availability and disaster recovery, and change management. Understanding of IT security basics, including network authentication, access control, encryption, edge security, malicious software and anti-virus/anti-spam concepts, as well as basic messaging security concepts; however, students are not experts in security or messaging security/privacy/compliance, and do not have more than a cursory awareness of Microsoft Forefront Security for Exchange Server.
Introduction
xv
Familiarity with basic Exchange Management Shell/Windows PowerShell capabilities, but they are not familiar with Windows PowerShell 2.0 that is used by the Exchange Server 2010 Management Shell. Familiarity with Exchange Server 2003 or Microsoft Exchange Server 2007. Not familiar with Unified Communications technologies/solutions, and are not familiar with synchronous communications technologies, VoIP, or voice and data integration technologies. Familiarity with basic concepts of cloud computing and hosted services, but not familiarity with hosted Exchange services.
xvi
Introduction
Clinic Outline

Table of Contents Session Overview Section 1: Exchange Server 2010 Design Goals Section 2: Client Access Features Section 3: Message Policy and Compliance Features Section 4: Unified Messaging Features Section 5: Federated Sharing Features
1-1 1-2 1-11 1-29 1-45 1-51
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Copyright 2009 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Access, Active Directory, ActiveSync, BizTalk, Excel Forefront, Groove, Hyper-V, Internet Explorer, MS, Outlook, PerformancePoint, PowerPoint, SQL Server, Virtual Earth, Visio, Visual Studio, Windows, Windows Live, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Version 1.2
1-1
Session Overview
Introduction
Microsoft Exchange Server 2010 provides several new features, many designed to enhance the user messaging system experience. This session will introduce some of the design principles that Microsoft used when designing the new features in Exchange Server 2010. This session will also introduce the new Client Access and compliance features in Exchange Server 2010. After completing this session, you will be able to describe the Exchange Server 2010: Design goals. New Client Access features. New messaging compliance features. New Unified Messaging features. Federated Sharing features.
1-2
Section 1: Exchange Server 2010 Design Goals
Exchange Server 2010 builds on many of the same concepts and options available in Microsoft Exchange Server 2007. Exchange Server roles were introduced in Exchange Server 2007, along with many new features for high availability, and client access. Exchange Server 2010 continues to use the same server roles, but builds on these to provide a better user experience with the messaging system. After completing this section, you will be able to describe the Exchange Server 2010 roles. You will also be able to describe the three main design goals: Improve flexibility and reliability. Enhance Anywhere Access. Maximize protection and compliance.
1-3
Exchange Server 2010 Server Role Overview
Introduction
Exchange Server 2007 introduced the concept of server roles as a means to separate the functions performed by Exchange Server. Each server role provides a specific set of tasks. The server roles can be deployed on as few as two servers, or distributed across many servers. These server roles are also part of Exchange Server 2010.
Hub Transport Server Role

This server role is responsible for message routing. The Hub Transport server performs message categorization and routing, and handles all messages that pass through an organization. You must configure one Hub Transport server in each Active Directory site containing a Mailbox server, and the server running the Hub Transport server role must be a member of an Active Directory Domain Services (AD DS).
Mailbox Server Role

The Mailbox server role is responsible for managing mailbox and public-folder databases. Mailboxes and public folders reside on the Mailbox servers. Mailbox servers contain mailbox and public folder databases, and provide several options for reliability and high availability.
Important: In Exchange Server 2007, you cannot install a clustered Mailbox server with any other server role on the same computer. In Exchange Server 2010, you have new options for deploying high availability for mailbox servers that enable you to deploy multiple roles on one server.
1-4
Client Access Server Role

The Client Access server role enables connections from a variety of client protocols to the Exchange Server mailboxes. You must assign at least one Client Access server in each AD DS site that contains a Mailbox server. In Exchange Server 2010, all client connections use the Client Access server role. In addition, the Client Access server role also provides Web Services, the Availability service, and the Autodiscover service for Microsoft Office Outlook 2007 or later, Exchange ActiveSync and Microsoft Office Outlook Web Access for Exchange Server clients.
Note: In Exchange Server 2007, Messaging Application Programming Interface (MAPI)-based clients, such as Office Outlook 2007 or later, connect directly to Mailbox servers. In Exchange Server 2010, all clients connect to the Client Access server.
Unified Messaging Server Role

The Unified Messaging server role provides the foundation of services that integrate voice and fax messages into your organizations messaging infrastructure. The Unified Messaging server provides access to voice messages and faxes.
Edge Transport Server Role

The Edge Transport server role is the Simple Mail Transport Protocol (SMTP) gateway server between your organization and the Internet. To ensure security, you should deploy the computer that runs the Edge Transport server role in a perimeter network, and you should not install it on a member server of an internal Active Directory forest. An Edge Transport server provides anti-spam control using a wide variety of spam detection features and antivirus control (by using Microsoft Forefront Security for Exchange Server or third-party software).
Important: You cannot combine the Edge Transport server role with any other role on the same computer.
1-5
Design Goal 1: Improved Flexibility and Reliability
Introduction
One of the Exchange Server 2010 design goals is to provide improved flexibility and reliability in Exchange deployment.
Deployment Flexibility and Choice

Exchange Server 2010 offers the most flexible deployment options available, enabling you to deliver powerful productivity tools to your users in a way that best fits your business or technology needs. Solution deployment. Choose from traditional on-premises deployment with Exchange Server 2010, a Microsoft-hosted service with Exchange Online, or a seamless mix of both. You can move functionality between the Exchange servers without interrupting or changing your users experience. Flexibility. Exchange Server 2010 adds support for a wider range of storage hardware options. This enables you to select the storage solution that offers you the best return on investment, with storage hardware options ranging from traditional storage area networks (SANs) to low-cost, desktop-class, direct access storage (DAS). Choice. Exchange Server 2010 includes some significant modifications to the mailbox database schema and design, which enables up to a 70 percent reduction in disk IOPS Input/Output per Second (IOPS) over Exchange Server 2007, and greater resiliency against data corruption.
1-6
Simplified High Availability and Disaster Recovery

Exchange Server 2010 introduces a simplified approach to high availability and disaster recovery, helping you achieve new levels of reliability, while reducing the complexity of delivering business continuity. In the following list, you will see how Exchange Server accomplishes this: Exchange Server 2007 introduced the concept of log shipping, or continuous replication, to create copies of mailbox databases in more than one location. Exchange Server 2010 continues to build on this technology to provide new options for high availability. With Exchange Server 2010, you can automate mailbox database replication and failover with as few as two servers, or across geographically dispersed datacenters. Because all Exchange Server roles except for the Edge Transport server role can be installed on the mailbox server, you can provide full redundancy with as few as two servers. Exchange Server 2010 introduces the concept of online mailbox moves, which limits user disruption during mailbox moves between e-mail servers, and allows you to perform migration and maintenance activities on your schedule, even during business hours. Exchange Server 2010 introduces shadow redundancy on the transport server roles, which guards against lost e-mail due to Transport server failures.
Simplified Administration
Exchange Server 2010 provides new self-service capabilities aimed at enabling users to perform common tasks without having to call the helpdesk. The list below describes the new self-service capabilities in Exchange Server 2010: The Exchange Control Panel allow users to update their contact information, track delivery receipt information for their e-mail messages, and even manage their own distribution groups without IT assistance. Utilize the new Exchange Roles-based Access Control model to empower specialist users to perform specific tasks, like giving compliance officers the ability to conduct multi-mailbox searches, without requiring full administrative control.
1-7
Design Goal 2: Enhancing Anywhere Access
Introduction
One of the most significant benefits of using Exchange Server as a messaging server is the variety of clients that can be used to access user mailbox messages. Exchange Server has supported many different messaging clients for several versions. For example, Exchange Server 2007 provided internal access to e-mail Office Outlook as a MAPI client); Web-based access (Outlook Web Access); secure access from the Internet for Outlook clients (Outlook Anywhere Access); to e-mail on mobile devices (Exchange ActiveSync); and automatic configuration for all of the clients (Autodiscover). Exchange Server 2010 builds on this functionality from previous Exchange versions, and provides an even better experience for messaging system users.
Provides Flexible Access and Greater Mobility

Exchange Server 2010 offers an enhanced universal Inbox experience, providing your users access to all of their communications from a single location. Exchange Server 2010 enhances the user experience by: Offering users a premium Outlook experience across the desktop, Web, and mobile device, including support for even more browsers, such as Apple Safari and Mozilla Firefox. Unifying access to e-mail, voice mail, instant messaging, and text messages enabling your users to pick the best way to communicate no matter what their location. Adding native support for virtually every mobile device, including a premium experience with Windows Mobile through Exchange ActiveSync. Making it easier for your users to collaborate with each other and their business partners.
1-8
Eases Inbox Overload and Get More Done

Exchange Server 2010 adds new productivity features that help users organize and prioritize more easily the communications in their Inboxes by: Providing an enhanced conversation view that streamlines Inbox navigation by automatically organizing message threads based on the natural conversation flow between communicating parties. Reducing Inbox clutter, extra steps, and helpdesk calls with MailTips, which inform usersbefore they click sendabout message details that could lead to unnecessary or undeliverable e-mail (e.g., being informed that the recipient is out of the office.)
Transforms Traditional Voice Mail

With Exchange Server 2010, users can receive their voice mail messages in their Inbox with text transcription previews that: Adds text transcription and enables your users to quickly triage voice mail messages without having to play the audio file. Offers users phone-based access in nearly 30 languages, to their entire Inbox, including e-mail, Calendar, and Contacts, via Outlook Voice Access. Gives users the power of a personalized voice mail auto attendant. Allows users to create call-answering and routing rules for individuals or groups of callers based on Call ID/contact information.
1-9
Design Goal 3: Protection and Compliance
Introduction
Exchange Server 2010 delivers integrated information loss-prevention and compliance tools aimed at helping you simplify the process of protecting your companys communications and meeting regulatory requirements.
Achieves and Maintains Compliance

Exchange Server 2010 delivers new integrated compliance functionalityincluding archiving, granular multi-mailbox search, and legal hold that is focused on easing regulatory compliance and discovery. Exchange Server 2010 benefits include: Eliminating unwieldy Outlook data files (personal store files or PSTs) through new integrated personal archiving capabilities, without changing the user experience. Simplifying e-mail classification with new centrally-definable Retention Policies that can be applied to any individual e-mail messages or folders. Empowering your human resources or compliance officers to execute targeted searches by conducting cross-mailbox searches through an easy-to-use Web-based interface, or through roles-based Access Control.
1-10
Safeguards for Sensitive Information

Through centrally-managed and enforced information leakage prevention capabilities, Exchange Server 2010 makes protecting your companys communications easier by: Automating Rights Management permissions to e-mail messages, either in Office Outlook or through Transport Rules, without disrupting your users normal workflow. Protecting voice mail messages marked as private, and helping prevent playback by unauthorized persons. For example, Exchange Server 2010 automatically applies Rights Management policies to voice mails delivered by Exchange. Simplifying legal discovery by optionally decrypting protected e-mail messages at the server for purposes of clear text archival and retention. Viewing and composing Rights Management-protected messages in Office Outlook, Outlook Web Access, and on the mobile phone. Offering easy-to-use one-click message encryption for Internet-bound communications, for example, between business partners.
1-11
Section 2: Client Access Features
Introduction
The Client Access server role in Exchange Server 2007 and Exchange Server 2010 accepts connections to your Exchange server from many different clients. Software clients such as Microsoft Outlook Express and Eudora use POP3 or Internet Message Access Protocol (IMAP4) connections to communicate with the Exchange server. Hardware clients such as mobile phones use ActiveSync, POP3, or IMAP4 to communicate with the Exchange Server. The Client Access server role is required in every Exchange Server 2010 organization. After completing this section, you will be able to: Describe the Client Access server. Describe remote procedure call (RPC) Client Access services. Describe new features in Outlook Web Access. Explore Outlook Web Access and MailTips. Describe new features in Exchange ActiveSync for users. Describe new administrative options for mobile clients. Describe Exchange Control Panel. Explore the Exchange Control Panel.
1-12
Client Access Server Overview
Introduction
The Client Access server role provides access to Exchange Server mailboxes for many client types.
Outlook Web Access

Outlook Web Access (OWA) in Exchange Server 2010 lets you access your e-mail from any Web browser. OWA is redesigned in Exchange Server 2010 to enhance the user experience and productivity in many ways. There are two OWA versions included in Exchange Server 2010: the full-featured Premium OWA client, and the new OWA Light client. OWA Light is designed to optimize your OWA experience for slower connections.
Exchange ActiveSync
Exchange ActiveSync lets you synchronize data between your mobile phone and Exchange Server 2010. You can synchronize e-mail, Contacts, Calendar information, and Tasks. Devices that run Windows Mobile software, including Windows Mobile Pocket for Pocket PC 2002, Windows Mobile 2003 software for Pocket PCs, Windows Mobile 5.0 and Windows Mobile 6, or later, are all supported. If you use a device that has either Windows Mobile 5.0 with the Messaging Security and Feature Pack (MSFP) installed or Windows Mobile 6, your mobile phone supports Direct Push. Direct Push is a technology that is built into Exchange ActiveSync, and keeps a mobile device continuously synchronized with an Exchange mailbox. Exchange ActiveSync is licensed to other mobile devices manufacturers and is now available on a large variety of mobile devices.
1-13
POP3 and IMAP4

Besides supporting Messaging API (MAPI) and HTTP clients, Exchange Server 2010 supports POP3 and IMAP4 clients. By default, POP3 and IMAP4 are installed when you install the Client Access server role. However, the services needed to support POP3 and IMAP4 are disabled. To use POP3 and IMAP4, you must start the POP3 and IMAP4 services.
Autodiscover Service
Exchange Server 2010 includes a service named the Autodiscover service, that was introduced in Exchange Server 2007. The Autodiscover service configures client computers that are running Outlook 2007. The Autodiscover service can also configure supported mobile devices. The Autodiscover service provides access to Microsoft Exchange features for Outlook 2007 clients who are connected to your Exchange messaging environment.
Exchange Web Services

Exchange Web Services enables client applications to communicate with the Exchange server. Exchange Server 2010 uses Exchange Web Services to enable features such as the Availability service and Offline Address Book download for Outlook 2007 or later clients. Exchange Web Services can also be accessed programmatically. Exchange Web Services provides access to much of the same data made available through Office Outlook. Exchange Web Services clients can integrate Outlook data into line-of-business (LOB) applications. Exchange Web Services also enables MailTips, a service that provides feedback to users before they send e-mail, alerting them that they are about to send a message that may violate a message restriction. Examples are: messages with attachments that exceed the maximum message limit; messages that cannot be delivered to other users because their mailbox is full; messages sent to external recipients; and messages sent to users who are currently out of the office. MailTips is available only with Microsoft Outlook 14 and Outlook Web Access.
1-14
RPC Client Access Services
Introduction
One the most significant architectural changes in Exchange Server 2010 is that the Client Access server now supports all client connections, including MAPI client connections from Outlook clients. In previous versions of Exchange Server, Outlook configured as MAPI client, has always connected to the mailbox server directly rather than connecting to a front-end or Client Access server. In Exchange Server 2010, all clients connect to the Client Access server role, regardless of the client protocol used.
How RPC Client Access Services Works

This new feature is called RPC Client Access services. The change in architecture means that the client communication with the mailbox server has changed, including the following: In Exchange Server 2010, when a MAPI client starts, it will connect to a Client Access server. The client protocol has not changed, and it is still backwardscompatible with older Outlook versions. When the client connects to the Client Access server, the Client Access server uses a MAPI RPC connection to communicate with the Mailbox server. When the client such as an OWA client requests the Global Address List (GAL), the Client Access Server role now provides a Name Service Provider Interface (NSPI) service, and it will query the GAL on behalf of the client.
1-15
RPC Client Access Services Benefits

RPC Client Access Services provides a number of benefits: All clients now use the same mailbox access architecture. For organizations that have deployed highly available mailbox servers, client outages in situations where a mailbox database fails over to another server, have been reduced. When a mailbox fails over to another server, the Client Access Server is notified and the client connections will be redirected to the new server within seconds. Mailboxes can now be moved from one Mailbox server to another, even while the user is online and connected to the mailbox. The new architecture supports more concurrent client connections to the mailbox server.
1-16
New Features in Outlook Web Access
The following new features have been incorporated in Exchange Server 2010 OWA: Support for Firefox and Safari Web Browsers. OWA provides access to user mailboxes through a Web browser. In Exchange Server 2007, these browsers are supported, but provide limited functionality when compared to Microsoft Internet Explorer. In Exchange Server 2010, the functionality across all supported browsers is virtually identical. Conversation View. View conversations together by grouping messages from a single conversation. The new conversation view quickly and easily enables its user to identify the most recent messages, the chain of responses, and provide a preview of each response in a conversation without requiring each message to be opened. Conversation view is always preserved, even if individual e-mail messages are located in different mailbox folders. Conversations can be managed, ignored, moved, and deleted as a whole. Cross mailbox search. Search mailboxes via the Exchange Server 2010 search platform, which uses the improved-upon Exchange Server 2007 technology. Indexing is always up-to-date, and communicates efficiently with the Exchange information store, resulting in fast indexing speed. Search indexing is enabled by default and imposes only a minor tax on system resources, utilizing a small percentage of CPU in steady state. View multiple side-by-side view for calendars. For example, when you need to view a delegates mailbox, you can view both calendars in the same window.
1-17
Integration with Microsoft Office Communicator. including presence, chat, and a contact list. OWA now contains instant messaging integrated into the client. Administrators can choose to connect this to Office Communications Server 2007 R2 (on-site) or the Live Messenger Service (hosted). A users contact list is shown in OWA with colorful indicators to let the user know if their contact is available to chat or not. OWA text messages. Send and receive text (SMS) messages from OWA. Multiple OWA mailbox policies. Create multiple OWA mailbox policies that configure different OWA client access settings in Exchange Server 2010 OWA mailbox policies. You can then assign the policies to user or groups in the organization. Shared contacts. View shared contacts so users can interact with others outside their organization while they are away from their desks. WebReady Document Viewing. This feature is also available in Exchange Server 2007 OWA, converts documents in Microsoft Office Word, Microsoft Office PowerPoint, Microsoft Office Excel, and portable document format (PDF) into HTML so they can be viewed in a Web browser. This means that if a user is on a kiosk that does not have Microsoft Office or Adobe Acrobat installed, he or she can still see the document. Also, the original document does not have to be downloaded, so the user does not leave behind sensitive information after logging off a shared computer.
1-18
Demonstration: Exploring Outlook Web Access and MailTips
In this demonstration, you will see some of the new OWA features, including MailTips.
Key Points
The key points in this demonstration are that: OWA in Exchange Server 2010 has several new features. One of the new features in Exchange Server 2010 is MailTips.
Task 1: Exploring the OWA Features

1. On SEA-EX1, click Start, point to All Programs, and then click Internet Explorer. 2. In the address field, type https://SEA-EX1.Contoso.com/owa, and then press ENTER. 3. Log on to OWA as Contoso\Gretchen using the password Pa$$w0rd. 4. In the center pane of the OWA window, click the message. In the right pane, you can see all of the messages in the current conversation. 5. Click the Delete icon. In the Delete dialog box, click OK. Verify that the entire conversation is deleted. 6. Close Internet Explorer. 7. On SEA-EX1, click Start, point to All Programs, and then click Internet Explorer. 8. In the address field, type https://SEA-EX1.Contoso.com/owa, and then press ENTER. 9. Log on to OWA as Contoso\Kelly using the password Pa$$w0rd.
1-19
10. In the Outlook Web Access window, click Calendar. 11. Click the shared calendar icon in the top menu bar, and then click Open a Shared Calendar. 12. In the Name field, type Gretchen, and then click OK twice. 13. Click Work Week. 14. Close Internet Explorer. 15. On SEA-EX1, click Start, click All Programs, click Microsoft Exchange Server 2010, and then click Exchange Management Console. 16. Expand Microsoft Exchange On-Premises, expand Organization Configuration, and then click Client Access. Verify that the Default policy is listed in the Details pane. 17. In the Actions pane, click New Outlook Web Access Mailbox Policy. 18. In the New Outlook Web Access Mailbox Policy page, type Research Policy as the policy name. 19. In the list of features, click Change Password, and then click Disable. 20. Click New, and then click Finish. 21. Right-click Research Policy, and then click Properties. 22. On the Public Computer File Access tab, clear all the check boxes. 23. On the Private Computer File Access tab, clear all the check boxes, and then click OK. 24. In the left pane, expand Recipient Configuration, click Mailbox. 25. In the Mailbox list, double-click Kelly Blue. 26. On the Mailbox Features tab, click Outlook Web Access, and then click Properties. 27. Select the Outlook Web Access mailbox policy check box, and then click Browse. 28. Click Research Policy, and click OK three times. 29. Click Start, point to All Programs, and then click Internet Explorer. 30. In the address field, type https://SEA-EX1.Contoso.com/owa, and then press ENTER. 31. Log on to OWA as Contoso\Kelly using the password Pa$$w0rd. 32. On the Outlook Web Access page, click Options. 33. If prompted for authentication, log on as Contoso\Kelly using the password Pa$$w0rd. 34. In the left pane, click Settings, and then click Password. Close Internet Explorer.
1-20
Task 2: Exploring MailTips

1. On SEA-EX1, click Start, point to All Programs, point to Microsoft Exchange Server 2010, and then click Exchange Management Shell (Local PowerShell). 2. At the PS prompt, type Get-OrganizationConfig, and then press ENTER. 3. At the PS prompt, type Set-OrganizationConfig MailTipsExternalRecipientsTipsEnabled $False, and then press ENTER. 4. Type Get-OrganizationConfig, and then press ENTER. Verify that the external recipient tips setting is updated. 5. At the PS prompt, type Set-DistributionGroup Marketing MailTip The marketing team will be at a conference next week., and then press ENTER. 6. At the PS prompt, type Get-DistributionGroup Marketing | FL MailTip* and then press ENTER. Verify that the custom MailTip is configured.
1-21
Enhanced Features in Exchange ActiveSync for Users
Introduction
Like Exchange Server 2007, Exchange Server 2010 offers a fast and reliable e-mail experience using Exchange ActiveSync (Direct Push) technology. Mobile devices that incorporate Exchange ActiveSync maintain a connection with the Exchange server, and receive any new or updated e-mail, Calendar items, Contacts, or Tasks, as soon as they arrive on the server. This push method optimizes bandwidth usage while keeping information up-to-date.
Exchange ActiveSync Enhancements

Exchange ActiveSync has been enhanced to include: Nickname Cache. By storing the e-mail addresses of recent recipients, the Nickname Cache helps users address e-mail more quickly, by providing a suggested name list as a new address is typed. This automatically-populated list narrows itself as the user types more letters of the recipients name. Mobile Reply/Forward Status. Mobile users are now able to view reply/forward status in Exchange Server 2010, just like Outlook and OWA users. This feature allows users to see which messages they have already replied to or forwarded, even if this occurred on a different machine or device. HTML Messages Support. Exchange Server 2010 supports rich HTML mail for mobile devices. Tables, fonts, formatting, emphasis, and images are rendered on the mobile device. Users can control whether they want HTML or plain text messages.
1-22
Unified Messaging Support. The unified Inbox provided by Exchange Unified Messaging is available from mobile devices. Missed call notifications, voice mails, and fax messages, are all synchronized to the users inbox along with regular e-mail. Voice mails can be played via a mobile devices built-in media player, eliminating the need for the user to dial in to the voice mail system. Mobile Calendaring Enhancements and Out-Of-Office. Calendaring improvements in Exchange Server 2010 enable a more complete Outlook experience on a mobile device. Users can forward, reply, or reply all to a meeting request. Meeting organizers can view attendee status from the device so they can see who is attending their next meeting while en route.
1-23
Administrative Options for Mobile Clients
Introduction
Mobile clients can complicate the management of messaging clients because the mobile devices cannot be managed as domain members, and mobile devices are more likely to be lost or stolen. Exchange Server 2010 provides several tools for managing devices.
Exchange ActiveSync Security Policies

In Exchange Server 2007 as well as in Exchange Server 2010, security policies allow administrators to enforce mobile device policies that protect their organizations data on a per-user or group bases. Some sample options in the policies include: Requires users to enter a personal identification number (PIN) to access their devices. Deletes all data from a device after a specified number of failed PIN entries. Requires local data encryption. Disallows attachment downloading. Disables Bluetooth, WiFi, and infrared. Prohibits camera phones and removable storage use. Rich reporting capabilities allow administrators to: identify which devices have connected with Exchange Server, view device usage statistics, and monitor errors. Self-service device-wipe and device password reset. Exchange Server 2007 enabled administrators to remotely wipe a device of all data if it is lost or stolen. Exchange Server 2007 also provides users the ability to remote-wipe a device from OWA, allowing greater device security with less helpdesk cost.
These features are also provided in Exchange Server 2010. In addition, users can also recover their mobile device passwords through the Options page in OWA.
1-24
Exchange Control Panel
Introduction
One of the new features in Exchange Server 2010 is the Exchange Control Panel, which is a Web-based management interface that can be used to enable self-service, and enable users to perform specific management tasks without having access to the entire Exchange management interface. For example, compliance specialists can perform multi-mailbox searches and then export the results to PST files for legal discovery by using the Exchange Control Panel. Users can find out for themselves whether a message they sent to a business partner was received successfully, or blocked by a spam filter.
Exchange Control Panel Functionality

The Exchange Control Panel is implemented as a virtual directory on the Client Access server, and provides: End-user mailbox management options that are similar to the Exchange Server 2007 OWA Options tab, but with enhanced functionality. End-user and administrator management of distribution groups, e-mail subscriptions, and mobile phones. End users have access to only the objects that they have permission to manage. Administrators can use Exchange Control Panel to assign roles and to track messages. The Exchange Control Panel can be used to search individual mailboxes or multiple mailboxes in legal discovery scenarios.
1-25
Demonstration: Exploring the Exchange Control Panel
In this demonstration, you will see the functionality provided by the Exchange Control Panel.
Key Points
The key points in this demonstration are that: Users can configure their own mailbox settings by using the Exchange Control Panel. Distribution group management can be delegated and managed through the Exchange Control Panel. The Exchange Control Panel can be used to perform cross mailbox searches.
1-26
Task 1: Managing Mailbox Settings

1. On SEA-EX1, click Start, point to All Programs, and then click Internet Explorer. 2. In the address field, type https://SEA-EX1.Contoso.com/ecp, and then press ENTER. 3. Log on to the Exchange Control Panel as Contoso\Administrator using the password Pa$$w0rd. 4. In the Select what to manage drop-down list, click Myself. 5. In the left pane, click Organize E-Mail. 6. In the left pane, click Settings. 7. Close Internet Explorer.
Task 2: Managing Distribution Groups

1. On SEA-EX1, click Start, point to All Programs, and then click Internet Explorer. 2. In the address field, type https://SEA-EX1.Contoso.com/ecp, and then press ENTER. 3. Log on to the Exchange Control Panel as Contoso\Administrator using the password Pa$$w0rd. 4. In the Exchange Control Panel, click Groups. 5. In the Groups list, click Marketing, and then click Details. 6. In the Group window, click Ownership. 7. In the Owners pane, click Add. 8. In the Select Owner window, click Gretchen Rivas, click Add, and then click OK. 9. In the Group window, click Membership Approval. 10. Click Owner Approval, and then click Save. 11. On SEA-CL1, click Start, point to All Programs, and then click Internet Explorer. 12. In the address field, type https://SEA-EX1.Contoso.com/ecp, and then press ENTER. 13. Log on to the Exchange Control Panel as Contoso\Gretchen using the password Pa$$w0rd. 14. In the Select what to manage drop-down list, click Myself. 15. In the Exchange Control Panel window, click Groups.
1-27
16. Under Public Groups I Own, click Marketing, and then click Details. 17. In the Group window, click Membership, and then click Add. 18. In the Select Members window, click Alan Brewer, click Add, and then click OK. 19. Click Save, and then close all open Windows on SEA-CL1.
Task 3: Performing Cross Mailbox Searches

1. On SEA-EX1, in the Exchange Management Shell, at the PS prompt, type the following and then press ENTER: Get-ManagementRoleAssignment MailboxSearch 2. On SEA-CL1, if required, open Outlook. 3. In the Inbox, click New. 4. In the To field, type Jake;Jon, and then press CTRL+K to resolve the names. 5. In the Subject field, type Customer Update. 6. In the message box, type the following, and then click Send: Here are the details on Gregory Weber, Customer ID 4444444. 7. Close Outlook. 8. Open Internet Explorer, and then connect to https://SEA-EX1.Contoso.com/ecp. 9. Click Continue to this Website (not recommended). 10. Log on to the ECP as Contoso\Gretchen using the password Pa$$w0rd. 11. In the Select what to manage drop-down list, click My Organization. 12. Under Multi-Mailbox Search, click New. 13. In the Keywords box, type Customer ID. 14. Expand Mailboxes to Search. 15. Under Select the scope of the search, click Add. 16. In the Select Mailbox window, click Jake Zukowski, click Add, click Jon Ganio, click Add, click Kelly Blue, click Add, and then click OK. 17. Expand Search Name and Storage Location. 18. In the Search name field, type Customer ID Discovery. 19. Next to Select a mailbox in which to store the search results, click Browse. 20. In the Select Mailbox window, click Gretchen Rivas, click OK, and then click Save.
1-28
21. In the Exchange Control Panel, in the upper-right corner, click My Mail. 22. Log on to the OWA as Contoso\Gretchen using the password Pa$$w0rd. 23. In the navigation pane, under Gretchen Rivas, notice the new discovery folder named Customer ID Discovery. Expand the Customer ID Discovery folder. 24. Note the three folders created that correspond to the mailboxes added to the search criteria. 25. Expand Kelly Blue\Primary Mailbox\Sent Items. Verify that the email was discovered using the search criteria. 26. Expand Jake Zukowski\Primary Mailbox\Inbox. 27. Close Internet Explorer.
1-29
Section 3: Message Policy and Compliance Features
One of the urgent issues in many organizations is policy compliance. Privacy legislation in many countries forced organizations to implement policies for managing customer and employee information. Many organizations have other legal or corporate requirements as well, that set limits on how information must be managed. E-mail is a critical tool for many businesses, and is used as the primary means for exchanging data between employees and external partners or customers. This makes it critical for organizations to have some means of enforcing e-mail compliance requirements. Exchange Server 2010 builds on the tools provided in Exchange Server 2007 to provide more options for doing this. After completing this section, you will be able to: Understand transport rules. Describe message journaling. Describe new features in Messaging Records Management. Describe Discovery. Describe Active Directory Rights Management Services (ADRMS) integration. Describe moderated transport. Describe mailbox archiving. Describe message policy and compliance features.
1-30
Transport Rules
Introduction
Exchange Server 2007 introduced the concept of transport rules, which can be used to monitor messages and apply specific actions to the messages as the messages pass through the Hub Transport server. This functionality has been enhanced in Exchange Server 2010. Now, since all messages must pass through a Hub Transport server, and because any transport rules configured on a Hub Transport server are stored in AD DS, it is easy to configure a rule that applies to all messages sent in the organization.
Transport Rule Options

An administrator can create a variety of transport rules by using a simple Outlook-like rules wizard interface. The Hub Transport rule agent processes messages that are sent to or from users in the organization, and to or from the Internet. Transport rules restrict message flow or modification of message contents when messages are in transit. By using transport rules, you can: Prevent specified users from sending or receiving e-mail from other specified users. Prevent inappropriate content from entering or leaving the organization. Apply restrictions based on message classifications to restrict the flow of confidential organization information. Track or journal messages sent to, or from, specific individuals. Redirect incoming and outgoing messages for inspection before delivery. Apply disclaimers to messages as they pass through the organization.
1-31
Transport Rule Components

When you configure transport rules, you need to configure the following components: Conditions. Transport rule conditions indicate which e-mail message attributes, headers, recipients, senders, or other parts of the message, are used to identify the e-mail messages to which a transport rule action should be applied. Actions. Actions are applied to e-mail messages that match the conditions, and for which no exceptions are present. Each action affects e-mail messages in a different way, such as redirecting the e-mail message to another address or dropping the message. Exceptions. Exceptions determine which e-mail messages to exclude from having an action applied. Transport rule exceptions are based on the same predicates that are used to create transport rule conditions. Transport rule exceptions override conditions and prevent a transport rule action from being applied to an e-mail message, even if the message matches all configured transport rule conditions.
1-32
Message Journaling
Introduction
Exchange Server 2007 also enables administrators to record all e-mail messages that enter and leave the organization by providing journaling rules. Journaled messages can be archived to any SMTP address, including an Exchange mailbox, Exchange Hosted Archive, or a third-party archiving solution.
Journaling Enhancements
A journal report is the message that the Exchange Server generates when a message is submitted to the journal mailbox. Journal reports now include additional information such as BCC recipients. The original e-mail message that matches the journal rule is included unaltered as an attachment to the journal report. Journaling flexibility has increased with Exchange Server 2010. In Exchange Server 2007, journaling can be set up on a per-database, per-distribution list, per-user, or organizationwide basis. All messages can be journaled, or just those sent internally or externally. Transport rules may also dictate when to journal based on message sender, recipient, or content. In Exchange Server 2010, transport journaling reduces storage costs by decreasing journal report duplication. If there are no distribution list expansion servers, transport journaling creates only one journal report per message. If a distribution list expansion server exists, no more than one extra journal report (per distribution list expansion server) is created.
1-33
New Features in Messaging Records Management
Introduction
Transport rules and journaling rules are applied as messages pass through the Exchange organization. In many cases, organizations also want to apply policies to messages already located in user mailboxes.
Messaging Records Management

Exchange Server 2007 introduced the concept of Messaging Records Management, which enabled administrators to create mail storage rules for enforcing archiving and deletion policies. These policies could be applied to either the default Outlook folders, or to custom folders that could be created in each users mailbox.
Retention Policies
Exchange Server 2010 continues to support Managed Folders, but also introduces Retention Policies as a means to manage messages in user mailboxes. Exchange Server 2010 mailbox items use Retention Tags to apply retention settings. Retention Tags can be applied to mailbox folders and individual items. Retention Tags are associated with a Retention Policy, just as Managed Folders are associated with a Managed Folder Mailbox Policy in Exchange Server 2007. An administrator can assign Retention Tags to default folders such as Inbox, Deleted Items, Junk Mail, Sent Items, etc. Additional tags not associated with default folders can be included in the Retention Policy. Users use tags available to them to tag folders or items. A Default tag associated with the Retention Policy applies to items not manually tagged by the user, or to items in folders that do not have tags applied.
1-34
AutoTagging
Although users can use rules and default tags to automatically assign tags to incoming e-mail, the amount of e-mail that requires user intervention is still a drain on users with high-incoming mail flow. Auto-tagging is designed to reduce this burden from users as much as possible. With the auto-tagging approach, the system creates a machine-learning model to learn from users tagging preferences. Once this is done, the system uses the trained model to assign tags to incoming messages. As long as the model has high prediction accuracy, the amount of messages that requires users intervention can be limited to a small and manageable number.
1-35
Discovery
Introduction
Many organizations need to be able to search mailboxes for specific content while performing compliance audits. In Exchange Server 2007, when administrators search mailbox content, they use the export-mailbox Exchange management shell cmdlet to export the mail to a PST file. The export-mailbox command could be used to search mailboxes for specific criteria such as keywords in the subject or message content, for attachments, or messages received in a specified date range.
Discovery Enhancements
In Exchange Server 2010, the mailbox search functionality is now available through the Mailbox Search Manager in the Exchange Control Panel. The Mailbox Search Manager allows multi-mailbox searches of mailbox items (including e-mail, attachments, Calendar items, Tasks and Contacts) across both primary mailboxes and personal archives. Mail located through a discovery search is copied and moved to a specified mailbox or external store, as defined within the Search Control Panel. Advanced filtering capabilities include: sender, receiver, expiry policy, message size, sent/receive date, cc/bcc and regular expressions.
1-36
Active Directory Rights Management Services Integration
Introduction
Another compliance issue for many organizations is that most methods of restricting access to content cannot be applied to the content after the content leaves the organization. Security methods such as firewalls and Access Control Lists (ACLs) help prevent unauthorized access to information. These methods, however, stop protecting the information once the authenticated individual has accessed or received it. For example, when you send an e-mail to someone inside your organization, that user cannot be prevented from forwarding the e-mail to someone outside the organization. With Information Rights Management (IRM), Outlook users can control who reads, copies, or forwards a message, no matter where it is stored. This basic IRM functionality is provided by AD RMS in Microsoft Windows Server 2008. Exchange Server 2010 builds on this functionality, and expands the scenarios by which users and administrators can apply IRM-protection to emailboth inside and outside the organization.
ControlPoint Encryption
New in Exchange Server 2010, ControlPoint Encryption allows an Exchange Administrator to create Transport Rules that apply IRM protection on e-mail that is in transit. Classification is driven through regular expressions, and the available protection is determined by the set of Rights Management Service (RMS) Policy Templates that are available from the RMS deployment used by that organization.
ControlPoint Journal Decryption

Also new in Exchange Server 2010, Journaling adds an unprotected copy of an IRMprotected message to a Journal report, so that the message can be indexed and searched for discovery and compliance.
1-37
ControlPoint Pre-Licensing
Pre-licensing was introduced in Exchange Server 2007, which enables offline access to IRM-protected mail, in addition to making it faster to open protected mail from Outlook and Mobile solutions. In this scenario, IRM-protected messages already contain the recipients end-user license (EUL) that is required to decrypt and view the message upon delivery.
Outlook Protection Rules

Outlook Protection Rules automatically trigger the client to apply an RMS template (based on sender/receiver) to mail before it is sent. This feature (enabled through an Outlook add-in and RMS on premise) also gives administrators the option of allowing users to manually add or remove protection policies from a mail.
1-38
Moderated Transport
Introduction
The Exchange Server 2010 moderated transport feature enables you to require all e-mail messages that are sent to specific recipients, be approved by moderators. You can configure any type of recipient as a moderated recipient, and Exchange Server 2010 Hub Transport servers will ensure that all messages sent to those recipients go through an approval process. In any type of organization, you may need to restrict access to specific recipients. The most common scenario is the need to control messages sent to large distribution groups. Depending on your organization's requirements, you may also need to control the messages sent to executive mailboxes or partner contacts. You can use moderated recipients to accomplish this.
How Moderated Transport Works

When you configure a recipient as a moderated recipient, any messages sent to the recipient go through the following process: 1. The sender creates a new message and sends it to the moderated recipient. 2. The categorizer intercepts the message, marks it for moderation, and then reroutes it to the arbitration mailbox. 3. The store driver stores the message in the arbitration mailbox and sends an approval request to the moderator.
1-39
4. The moderator uses the buttons in the approval request to either accept or reject the message. 5. Store driver marks the moderator's decision on the original message stored in the arbitration mailbox. 6. The Information Assistant reads the approval status on the message stored in the arbitration mailbox, and then processes the message based upon the moderator's decision: If the moderator has approved the message, the Information Assistant resubmits the message to the submission queue, and the message is delivered to the recipient. If the moderator has rejected the message, the Information Assistant deletes the message from the arbitration mailbox, and then notifies the sender that their message was rejected.
1-40
Mailbox Archiving
Introduction
Another compliance issue in many organizations is that much of the information users receive by e-mail is not stored within the e-mail system. Because of mailbox size limits, many users move messages from their mailboxes to PST files, where the messages are not regularly backed up, and are not available for discovery or indexing.
How Mailbox Archiving Works

Exchange Server 2010 provides mailbox archiving as a feature that enables users to move their PST files back into the Exchange database. To implement mailbox archiving, the Exchange administrator creates a new alternative mailbox for the users. This alternative mailbox appears as a folder in the users regular mailbox. Users can them move their PST folders, or any other messages into the alternative mailbox, simply by dragging and dropping e-mail into an archive folder. Users can conveniently access and search their archived e-mail directly through their primary mailbox in Outlook or OWA, without the need for plug-ins or special configurations that are often required by third-party archiving tools. And because offline storage (OST) files can be offloaded to the archive as well, organizations can reduce the performance issues that often arise with large mailboxes.
1-41
Demonstration: Message Policy and Compliance Features
In this demonstration, you will see how to use the message policy and compliance features in Exchange Server 2010.
Key Points
The key points of this demonstration are that: Transport rules can be used to restrict message flow in an organization. Retention policies define how messages are managed or retained in a user mailbox. By using moderated transport, you can require approval for all messages sent to a mailbox or distribution group.
1-42
Task 1: Configuring Transport Rules

1. On SEA-EX1, if required, open the Exchange Management Console. 2. In the Exchange Management Console, expand Microsoft Exchange On-Premises, expand the Organization Configuration node, and then click Hub Transport. 3. In the Action pane, click New Transport Rule to start the New Transport Rule wizard. 4. On the Introduction page, in the Name field, type Wall Kelly Blue and Lee Oliver, and then click Next. 5. On the Conditions page, in the Step 1: Select condition(s) area, select the from people check box. 6. In the Step 2: Edit the rule description area, click the people link. 7. In the Specify senders dialog box, click Add, click Kelly Blue, and then click OK twice. 8. In the Step 1: Select condition(s) area, click sent to people. 9. In the Step 2: Edit the rule description area, click the people link. 10. In the Specify recipients dialog box, click Add, click Lee Oliver, and then click OK twice. 11. On the Conditions page, click Next. 12. On the Actions page, in the Step 1: Select action(s) area, select send bounce message to sender with enhanced status code. 13. In the Step 2: Edit the rule description area, click the Delivery not authorized, message refused link. 14. In the Specify bounce message box, type Due to compliance restrictions, you are prohibited from sending e-mail to this person, and then click OK. 15. On the Actions page, click Next. 16. On the Exceptions page, click Next, review the rule description, click New, and then click Finish. 17. On SEA-CL1, in Office Outlook, create a new message, and then send it to Lee Oliver. 18. Click Send/Receive, and then review the message you receive.
1-43
Task 2: Configuring Retention Policies

1. On SEA-EX1, if required, open the Exchange Management Shell. 2. At the PS prompt, type the following, and then press ENTER: New-RetentionPolicyTag InboxTag -Type:Inbox 3. At the PS prompt, type the following, and then press ENTER: New-ManagedContentSettings -RetentionPolicyTag:InboxTag InboxMCS -MessageClass:* AgeLimitForRetention:30 -RetentionEnabled:$True -RetentionAction:PermanentlyDelete 4. At the PS prompt, type the following, and then press ENTER: New-RetentionPolicyTag PersonalTag -Type:Personal 5. At the PS prompt, type the following, and then press ENTER: New-ManagedContentSettings -RetentionPolicyTag:PersonalTag PerMCS -MessageClass:* -AgeLimitForRetention:365 -RetentionEnable:$True -RetentionAction:PermanentlyDelete 6. At the PS prompt, type the following, and then press ENTER: New-RetentionPolicy AllTagsPolicy -RetentionPolicyTagLinks:InboxTag PersonalTag 7. At the PS prompt, type the following, and then press ENTER: Set-Mailbox Kelly -RetentionPolicy AllTagsPolicy 8. Read the confirmation statement, and then press ENTER. 9. At the PS prompt, type the following, and then press ENTER: Start-ManagedFolderAssistant Mailbox Kelly
Task 3: Configuring Message Moderation

1. On SEA-EX1, switch to the Exchange Management Console. 2. Under Organization Configuration, click Hub Transport. 3. In the Actions pane, click New Transport Rule.
1-44
4. On the Introduction page, in the Name field, type IT Group Moderation. Verify that Enable Rule is selected, and then click Next. 5. Under Conditions in Step 1, select sent to a member of distribution list. 6. Under Step 2, click the distribution list link. 7. In the Specify recipient distribution list window, click Add. 8. In the Select Mail Enabled Group window, select IT, click OK, and then click OK again. 9. Click Next. 10. Under Actions in Step 1, select forward the message to addresses for moderation. 11. Under Step 2, click the addresses link. 12. In the Specify recipients window, click Add. 13. In the Select Recipient window, select Kelly Blue, click OK, and then click OK again. 14. Click Next. 15. On the Exceptions page, under Step 1, select except when the message is from member of distribution list. 16. Under Step 2, click the distribution list link. 17. In the Specify sender distribution list window, click Add. 18. In the Select Mail Enabled Group window, select IT, click OK, and then click OK. 19. Click Next, and then click New. 20. On the Completion page, click Finish. 21. Open Internet Explorer, and then connect to https://SEA-EX1.Contoso.com/owa. 22. Log on to OWA as Contoso\Gretchen using the password Pa$$w0rd. 23. In the Inbox, click New. 24. In the To field, type IT. 25. Type a subject and a short message, and then click Send. 26. On SEA-CL1, open Outlook. Verify that there is a message waiting for Kellys approval. 27. Review the e-mail message and then click Click here to vote. Click Vote: Approve.
1-45
Section 4: Unified Messaging Features
Unified Messaging enables users to receive e-mail, voice mail, and fax services in their e-mail mailbox, and allows users to access mailbox contents by computer or phone. This simplifies the user experience, because they have only a single location to manage for all message types. This also provides more functionality for users because they can use traditional messaging clients to access voice mail or fax messages, and they can use telephone technology to access e-mail messages. Unified Messaging also simplifies the administrators workload because they will need to manage this data in only one location. After completing this section, you will be able to: Describe Unified Messaging in Exchange Server 2007. Describe new Unified Messaging features in Exchange Server 2010.
1-46
Unified Messaging in Exchange Server 2007
Introduction
Unified Messaging in both Exchange Server 2007 and Exchange Server 2010 provides several core features: Call Answering. Call answering provides the capability to answer the telephone and record a message whenever the user is not available. Unified Messaging then delivers the voice mail as a message attachment to the users Exchange Server mailbox, where the user can access the message via computer with Outlook, OWA, or Exchange ActiveSync, or over the phone with Outlook Voice Access. Fax Receiving. Fax receiving provides the ability to answer and receive a fax. The fax appears as a fax message with a .tiff attachment in the users Exchange Server mailbox, and the user can then review and manage it with Outlook or OWA. Office Outlook Voice Access. Exchange Server Unified Messaging provides users with full access to their Exchange Server mailbox from any phone. With Outlook Voice Access, users can use the phone to retrieve their e-mail, voice mail, Calendar, and personal contacts. They also can compose messages, reply to or forward messages, and can accept or decline a meeting. Outlook Voice Access provides some enhanced features, such as a simple Ill be late feature that sends a message to everyone invited to a specific meeting. Outlook Voice Access users can use automatic speech recognition (ASR) or Dual Tone Multi-Frequency (DTMF) to choose options and perform actions when connected to the mailbox.
1-47
Play on Phone Feature. The Exchange Server 2007 Unified Messaging Play on Phone feature lets a Unified Messaging-enabled user listen to a voice message using a telephone instead of playing it over their computer speakers or headphones. If the user receives a voice mail and the user is in a location that is not private or the voice message is confidential, they likely will not want to play their voice message via computer. The Play on Phone Feature enables the user to access the message in Outlook or OWA, and then instruct the Unified Messaging server to call a phone number. When the user answers the phone, the voice message is played. Auto attendant. The auto attendant is a set of voice prompts that gives external users access to the Exchange Server 2007 Unified Messaging system. An auto attendant enables the user, via the telephone keypad or speech inputs, to navigate the menu structure, place a call, or locate and place a call to a person. The auto attendant supports custom prompts, integrates with the GAL, and can have different configurations for business and non-business hours, and holidays.
1-48
New Unified Messaging Features in Exchange Server 2010
Introduction
Exchange Server 2010 provides several important enhancements for Unified Messaging users.
Personal Auto Attendants (Call Answering Rules)

In Exchange Server 2010, the Unified Messaging server role allows unified messagingenabled users to create and customize personal auto attendants. When a user is unified messaging-enabled, users can create up to nine personal auto attendants. A personal auto attendant is similar to the Exchange Server 2007 UM auto attendant feature. The auto attendant in Exchange Server 2007 or Exchange Server 2010 will take an incoming call on behalf of a user, play their personal greeting, record a message, and submit it for delivery to their inbox as an e-mail message. Call Answering is extended in Exchange Server 2010 by giving end-users Call Answering Rules that instruct unified messaging to present callers with custom greetings, Find Me and call transfer options, in addition to leaving a voice mail. User can create these rules with conditions (such as caller-IDs, time-of-the-day and Exchange free/busy status), giving end-users greater control over how they can be reached over the phone.
Additional Language Support

In Exchange Server 2007, each unified messaging language pack includes a Text-toSpeech (TTS) engine and the prerecorded prompts for a specified language. Unified Messaging language packs for Exchange Server 2007 are offered in 16 different languages, and all 16 language packs are included on the Exchange Server 2007 DVD. However, for Exchange Server 2007 Automatic Speech Recognition (ASR), there is only one language: US English.
1-49
For Exchange Server 2010, all available language packs contain ASR support.
Caller ID Name Lookup Improvements

In Exchange Server 2007 Unified Messaging, a voice message is created after a ring-noanswer or busy condition diverts a call to a Unified Messaging server. After the call is answered, Exchange Server 2007 unified messaging tries to resolve the caller ID. It does this to insert a name, rather than a number, into the sender information. In Exchange Server 2007, name lookups for voice mail messages are accomplished using information about the caller that is in the same dial plan as the user being called. This means that caller ID information about users outside the organization is not available. In Exchange Server 2010, the name lookup methods are different from what was used in Exchange Server 2007. In Exchange Server 2010, the caller ID information can be extracted from: The callers name if they are logged on to their mailbox from Outlook Voice Access, or if they use a Unified Communications client such as Office Communicator 2007 or Office Communicator Phone Edition to place the call. The Exchange Unified Messaging proxy address in AD DS. AD DS, using heuristic matching. Active Directory heuristic matching must be enabled on the dial plan, and the user's account in AD DS must contain information such as telephone numbers, including home numbers or mobile numbers, for this to work properly. Personal Contacts for the called party.
1-50
Voice Mail Preview

In Exchange Server 2010, the Unified Messaging role uses ASR on newly created voice messages. When users receive a voice mail, they receive a message that contains not just a recording, but also text that has been created from the voice recording. Users see the voice mail text displayed in the e-mail message from within OWA, Outlook 2007, or the next Outlook version.
Message Waiting Indicator

The message waiting indicator is a feature found in most legacy voice mail systems, and can refer to any mechanism that indicates the existence of a new message. However, in Exchange Server 2007, this functionality was provided by a third-party application, which indicated receipt of a new voice mail by lighting the desk phone lamp. Now with Exchange Server 2010, Unified Messaging users are notified of new/unread voice mail by lighting the desk phone lamp and providing a count on their supported desk phone. Additionally, users can configure their text messaging notification account to receive the beginning content of the voice mail preview via SMS. When combined with Microsoft Office Communication Server 2007 R2, users can also get an indicator on their Office Communicator client.
Protected Voice Mail

Protected voice mail is a function of Unified Messaging that allows users to send private mail. This mail is protected by Microsoft RMS, and is restricted to forwarding, copying, or extracting the voice file from mail. It increases Unified Messaging confidentiality, and users can rely on Unified Messaging if they want to limit the audience. This functionality is similar to handling private e-mail messages, but in Exchange Server 2010, this also applies to voice mail messages.
Integration with Office Communications Server 2007 R

Exchange Server 2010 can be deployed with Office Communications Server 2007 R2 to provide an integrated platform for unified communications. Exchange Server manages asynchronous communications, such as e-mail, voice mail and calendaring. Office Communications Server 2007 R2 manages real-time (synchronous) communications, including instant messaging, rich presence, voice over IP (VoIP), and audio/video conferencing. The two solutions work together to provide users with a seamless communications experience. For example, when Exchange Server Unified Messaging is deployed with OCS 2007 R2, a message-waiting indicator in Office Communicator and the system tray alerts users to new voice mails. Users can connect to Outlook Voice Access with one click (no PIN entry required) from Office Communicator to hear new messages and manage voice mail settings. They can divert incoming calls to voice mail selectively, or on a standing basis. Presence information is updated automatically for users based on the meetings and appointments stored in their Exchange Server calendars.
1-51
Section 5: Federated Sharing Features
Another important new Exchange Server 2010 feature is federated sharing. With Federated Sharing, a user can collaborate with organizations and users external to the Exchange organization by sharing information such as Free/Busy data or Contacts. Sharing relationships can be established between two organizations, allowing users in both organizations to share information with each other, or ad-hoc sharing between a user and an external recipient. After completing this section, you will be able to: Understand how Federated Sharing works. Understand the Federated Sharing configuration process.
1-52
How Federated Sharing Works
Introduction
One of the issues that many organizations face is sharing Calendar free/busy information, and Contact information between Exchange Server organizations. Exchange Server 2010 makes it easy to share this type if information within an organization, but the fact that the Exchange Server organization boundary is also the AD DS forest boundary makes it difficult to implement this type of sharing between organizations that are in separate forests.
How Federated Sharing Works

Using Federated Sharing to share information between organizations requires that there exists some way for organizations to register their intention to share information, and to ensure that all requests for information are only accepted from trusted partners. Federated Sharing uses Microsoft Federation Gateway as the trust broker. To enable Federated Sharing, an administrator in each organization must create a Federation Trust between an Exchange Server 2010 organization and the Microsoft Federation Gateway. Any request for information sharing is sent through a Microsoft Federation Gateway server, which then authenticates the user request before forwarding the request to the destination organization.
1-53
Once the connection between the organizations is authenticated using Microsoft Federation Gateway, the Exchange Servers use Exchange Web Services running on a Client Access server in each organization to exchange information. This means that when a user attempts to book a meeting with a contact in a trusted organization, the Client Access server from the users organization contacts a Client Access server in the contacts organization, and then retrieves the contacts free/busy information.
Note: Exchange Server 2010 provides other options for sharing information such as free/busy information between organizations. For example, if both organizations use Exchange Server 2010 or Exchange Server 2007 and Office Outlook 2007, the Availability Service in Exchange Server 2010 can be used to share free/busy and calendaring information between the organizations. If previous Outlook clients, you can also configure public folder replication between the two organization to share the free/busy information.
1-54
Process for Configuring Federated Sharing
There are three major components that must be configured in Exchange Server 2010 to set up Federated Sharing.
Federation Trust
The first step in configuring Federated Sharing is configuring a Federation Trust with Microsoft Federation Gateway. To establish the Federation Trust, configure the Client Access servers that are used by Federated Sharing, with a public trusted certificate. Establish the trust by submitting the organization's public key certificate to Microsoft Federation Gateway, and then downloading the Microsoft Federation Gateway public key certificate.
Organization Identifier
The organization identifier defines which of the authoritative accepted domains in an organization are available for federation. Only users that have e-mail addresses with domain-configured organization identifiers can participate in Federated Sharing. Microsoft Federation Gateway then creates Federated user identifiers within this account namespace when the Exchange organization requests a delegation token for a user. This is transparent to the Exchange organization, and has no impact on existing Windows Live IDs.
1-55
Sharing Relationships
After configuring the Federation Trust, the Exchange Administrator must configure sharing relationships within the Exchange organization. A sharing relationship defines a partnership for Federated Sharing with an external Exchange organization. When you configure the sharing relationship, you can configure: The Federated domain of the external organization that you are sharing information with. The level of sharing. For example, you can configure calendar sharing with free/busy information only, or calendar sharing with free/busy information plus subject and location, or contact sharing. The users that will have this sharing policy applied to their mailbox.
1-56
Session Summary
Exchange Server 2010 provides many new features that enable users to interact more effectively with the messaging system. These include: New client access architecture for Outlook clients that are configured to use MAPI. New client access features that provide more functionality for users accessing their mailboxes from a wide variety of devices and locations. New messaging compliance features that make it easier for organizations to enforce legal or corporate requirements for managing information. New Unified Messaging features that enhance the user experience by using a single mailbox for e-mail, voice mail, and fax communication. The option to configure Federated Sharing between external organizations, to extend the option for booking meetings with external users.
Table of Contents Session Overview Section 1: Message Transport Features Section 2: Mailbox Server Features Section 3: Database Availability and Site Resilience Section 4: Administration and Management Tools Section 5: Transitioning from Previous Versions of Exchange Server Clinic Evaluation
2-1 2-2 2-14 2-21 2-37 2-49 2-56
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2009 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Access, Active Directory, ActiveSync, BizTalk, Excel Forefront, Groove, Hyper-V, Internet Explorer, MS, Outlook, PerformancePoint, PowerPoint, SQL Server, Virtual Earth, Visio, Visual Studio, Windows, Windows Live, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Version 1.2
2-1
Session Overview
Introduction
This session provides a description of some of the new Microsoft Exchange Server 2010 features that make it easier for administrators to manage and maintain the messaging environment. Also included in this session is a description of the new message transport features, the new database and high availability options, and the new administrator tools and features. Finally, this session provides an overview of the process for upgrading from a previous Exchange Server version to Exchange Server 2010. After completing this session, you will be able to describe in Exchange Server 2010: The new message transport features. The new Mailbox server features. The new database availability and site resiliency features. The new administration and management tool features. The process for transitioning from a previous Exchange Server version.
2-2
Section 1: Message Transport Features
Introduction
One of the most important Exchange Server 2010 design goals is to make the messaging system more resilient to points of failure. Many of the changes that have been made to the message transport features in Exchange Server 2010 have this same focus. This section describes the shadow redundancy feature in Exchange Server 2010, and describes other new message transport features.
2-3
What Is Shadow Redundancy?
Introduction
Shadow redundancy in Exchange Server 2010 ensures that messages can be delivered in the event of a Transport server failure.
How Transport Servers Work

In Microsoft Exchange Server 2007 and Exchange Server 2010, all messages must pass through a Hub Transport server. This applies to all messages sent between mailboxes on the same or different Mailbox servers, or to and from the Internet. In both Exchange Server versions, messages sent through the Hub Transport server are temporarily stored in the message queue database. If a Mailbox server is not available for message delivery, then the messages are stored in the queue until the Mailbox server becomes available. In Exchange Server 2007, the Hub Transport server queue database represents a single point of failure that could affect message delivery. If a Hub Transport server fails while messages are stored in the queue, the only way to ensure that the messages are delivered is to restore the queue database on a Hub Transport server. This is only possible if the drive containing the queue database is still accessible after the server failure.
2-4
How Shadow Redundancy Provides Protection

With the implementation of shadow redundancy in Exchange Server 2010, Hub and Edge Transport servers keep a shadow copy of each message that passes through the server until the messages are delivered to the next server to receive the message. That means that in most cases, there are at least two copies of any message sent in the Exchange Server 2010 organization stored on Mailbox server, until the message is finally delivered to the user mailbox. Message deletion from the transport databases is delayed until the transport server verifies that message has been successfully delivered to the destination. If any of the next servers fail before reporting back successful delivery, the message is resubmitted for delivery. If one of the transport servers fails or is shut down, the shadow copy of the message is then delivered via a redundant transport connection.
Note: Shadow redundancy only provides protection within the organization. When a message is sent to the Internet, and an Internet SMTP server has accepted the message, all copies of the message will be deleted from internal servers.
2-5
How Shadow Redundancy Works
Introduction
With shadow redundancy, messages are queued on multiple transport servers until the message has been delivered. Then the messages are deleted from the queues on all transport servers.
Shadow Redundancy Process

To illustrate the mail flow with shadow redundancy enabled, consider the simple scenario where a message arrives from the Internet and passes through an Edge Transport server and Hub Transport server before being delivered to a user mailbox. In this scenario, the message flow goes through following five stages: 1. The Edge Transport server accepts the message from the Internet Simple Mail Transfer Protocol (SMTP) server. 2. The Edge Transport server sends the message to the Hub Transport server with shadow redundancy support. The Edge Transport server opens an SMTP session with the Hub Transport server. a. The Hub Transport server advertises shadow redundancy support. b. The Edge Transport server notifies Hub Transport server to track discard status. c. The Edge Transport server submits the message to the Hub Transport server.
2-6
d. The Hub Transport server acknowledges the receipt of message, and records the Edge Transport servers name for sending discard information for the message. e. The Edge Transport server moves the message to the shadow queue, and marks the Hub Transport server as the primary server. The Edge Transport server becomes the shadow server. 3. The Hub Transport Server delivers the message to the next hop, in this case, to a Mailbox server. a. The Hub Transport server notifies the Mailbox server that it has a message waiting for the Mailbox server. b. The Mailbox server retrieves the message and notifies the Hub Transport server of successful submission to the user mailbox. c. The Hub Transport server updates the discard status for the message as delivery complete. 4. The Edge Transport server queries the Hub Transport server for discard status (success case). a. At end of each SMTP session with the Hub Transport server, the Edge Transport server queries the Hub Transport server for discard status on messages previously submitted. If Edge Transport server has not opened any SMTP sessions with the Hub Transport server after the initial message submission, after a specific amount of time it opens an SMTP session just to query for discard status. b. The Hub Transport server checks the local discard status, sends back the list of messages that have been delivered, and removes the discard information. c. The Edge Transport server deletes the list of messages from its shadow queue. 5. The Edge Transport server queries the Hub Transport server for discard status and resubmits the message (failure case). a. If the Edge Transport server cannot contact the Hub Transport server, the Hub Transport server resumes the primary server role and resubmits the messages in the shadow queue. b. Resubmitted messages are delivered to another Hub Transport server, and the shadow queue is used again to track message delivery.
2-7
Benefits of Shadow Redundancy
Shadow redundancy provides the following benefits: It eliminates reliance on any specific Hub or Edge Transport server. As long as redundant message paths exist in your routing topology, any transport server becomes disposable. If a transport server fails, you can simply remove it from production without worrying about emptying its queues or losing messages. If you want to upgrade a Hub or Edge Transport server, you can bring that server offline at any time without the risk of losing messages. It eliminates the need for redundancy in Transport servers storage hardware. It consumes less bandwidth than creating duplicate copies of messages on multiple servers. The only additional network traffic generated with shadow redundancy is the exchange of discard status between transport servers. Discard status is the information each transport server maintains, which indicates when a message can be discarded from the transport database.
2-8
Demonstration: Shadow Redundancy
In this demonstration, you will see how shadow redundancy works.
Key Points
The key points of this demonstration are: Shadow redundancy ensures that message copies are stored on multiple Transport servers in an Exchange Server 2010 environment. Messages in shadow queues are cleaned up when the messages are delivered to the destination server.
Task 1: Verifying Shadow Redundancy

1. On SEA-EX1, open the Exchange Management Console. 2. Expand Microsoft Exchange On-Premises, expand Organization Configuration, click Hub Transport, and then click the Edge Subscriptions tab. 3. Click the Send Connectors tab, and then double-click EdgeSync Default-FirstSite-Name to Internet. 4. Click the Network tab, and then click OK. 5. On SEA-EX1, open Exchange Management Shell (Local PowerShell). 6. At the PS prompt, type Telnet SEA-Edge1 25, and then press ENTER. 7. Type EHLO, and then press ENTER. 8. Type quit, and then press ENTER.
2-9
9. On SEA-DC1, click Start, point to Administrative Tools, and then click Services. 10. Locate the Simple Mail Transfer Protocol (SMTP) service, verify that the service is set for Manual start, and that it is not started. 11. On SEA-EX1, click Start, point to All Programs, and then click Internet Explorer. 12. In the address field, type https://SEA-EX1.Contoso.com/owa, and then press ENTER. 13. Log on to OWA as Contoso\Kelly using the password Pa$$w0rd. 14. In the Inbox, click New. 15. In the To field, type Gregory@Adatum.com. 16. Type a subject and a short message, and then click Send. 17. On SEA-Edge1, in the Exchange Management Console, click Toolbox. 18. Double-click Queue Viewer. 19. Double-click the queue with the Next Hop Domain of [10.10.0.10]. 20. Verify that the message from Kelly is in the queue. 21. On SEA-Ex1, in the Exchange Management Console, click Toolbox. 22. Double-click Queue Viewer. 23. Double-click the queue with the Next Hop Domain of sea-edge1.Contoso.com. 24. Verify that the message from Kelly is in the queue. 25. On SEA-DC1, in the Services console, right click the Simple Mail Transfer Protocol (SMTP) service, and then click Start. 26. On SEA-Edge1, in Queue Viewer, click the Queues tab, right-click the queue with the Next Hop Domain of [10.10.0.10], and then click Retry. 27. In the Actions pane, click Refresh, and then verify that the message is delivered.
2-10
Transport Dumpster
Introduction
Exchange Server 2010 introduces a new, more reliable and more efficient process for managing the transport dumpster.
How the Transport Dumpster Works in Exchange Server 2007

Exchange Server 2007 introduced the transport dumpster feature for the Hub Transport server role, to minimize the risk of data loss in the event a clustered Mailbox server fails. The transport dumpster is a queue of messages recently delivered to recipients whose mailboxes are on a clustered Mailbox server. When one of the clustered Mailbox servers needs to failover to another host, the clustered Mailbox server automatically requests every Hub server in the AD DS site to resubmit mail from the transport dumpster queue. This prevents mail from being lost during the time it takes for the cluster to fail over, or in a scenario where a transaction log is not replicated to the destination host.
How the Transport Dumpster Works in Exchange Server 2010

Exchange Server 2010 continues to use the transport dumpster in much the same way. However, with Exchange Server 2010, the process for removing messages from the transport dumpster has changed.
2-11
In Exchange Server 2007, messages stayed in the transport dumpster in a cluster continuous replication (CCR) or in a standby continuous replication (SCR) highavailability solution, based on the transport dumpster size. This could lead to inefficient replays of transport dumpsters in the event of a lossy failover, as well as increasing the disk activity on the Hub Transport server. Also, in a lossy failover, if the size of the log files that was not shipped in a lossy failover exceeded the transport dumpster size, the messages were not recovered. With Exchange Server 2010, the transport dumpster is redesigned so that when messages that are in the dumpster are replicated to all copies of the mailbox databases, they are removed from the dumpster. This ensures that only messages that are not yet replicated to all Exchange Servers with a copy of the mailbox database remain in the dumpster, thus ensuring a more efficient replay in the event of a lossy failover.
2-12
New Features for Edge Transport Servers
Introduction
The Edge Transport server in Exchange Server 2010 provides the same functionality as the Edge Transport server in Exchange Server 2007. However, the edge synchronization process has been updated.
How the Edge Transport Server Works

The Edge Transport server role in Exchange Server 2007 and Exchange Server 2010 provides a secure SMTP gateway for all e-mail entering or leaving an organization. As an SMTP gateway, the Edge Transport servers primary role is message hygiene, which includes anti-spam and antivirus filtering. The Edge Transport server can also be used to apply messaging policies to messages being sent to the Internet.
Edge Subscriptions and Edge Synchronization

The computer that has the Edge Transport server role installed does not have access to AD DS. The Edge Transport server stores all configuration and recipient information in Active Directory Lightweight Directory Services (AD LDS). However, some of the Edge Transport server spam filtering or security features require some information from AD DS. For example, you can configure the Edge Transport server to filter incoming messages based on recipient information stored in AD DS, and by using safelist aggregation, which users have configured for their mailboxes. Also, to implement domain security by using mutual authentication Transport Layer Security (TLS), the Edge Transport server requires data that resides in AD DS.
2-13
Because AD DS and AD LDS both use Lightweight Directory Access Protocol (LDAP), and because both directory services use the Exchange Server 2010 schema, you can replicate data from AD DS to AD LDS. This replication is established when you subscribe an Edge Transport server to an Active Directory site. The Edge Subscription process enables the Hub Transport servers in that site to use the Microsoft Exchange EdgeSync service to synchronize recipient and configuration data from AD DS to the AD LDS instance on the Edge Transport server. The Microsoft Exchange EdgeSync service performs scheduled updates so that the information in AD LDS remains current. Several data types are replicated from AD DS to AD LDS: Edge Subscription information Configuration information Recipient information Topology information
New Features in Exchange Server 2010

Both Exchange Server 2007 and Exchange Server 2010 use Exchange EdgeSync to replicate data from AD DS to AD LDS on the Edge Transport Server. However, one of the Exchange Server 2010 new features provides support for incremental updates for Exchange EdgeSync, so that only changes to the Edge Server configuration are pushed to the Edge Transport server.
2-14
Section 2: Mailbox Server Features
Some of the most significant Exchange Server 2010 changes are changes made to the Exchange Server 2010 Mailbox server role. These changes make it possible for organizations to deploy mailbox databases to less expensive and lower-performing storage. This means that organizations can deploy much larger mailboxes for their users without greatly increasing the storage costs. This section describes the new Exchange Server 2010 Mailbox database features.
2-15
Exchange Server 2010 Mailbox Database Features
Exchange Server 2010 provides the following new features related to mailbox databases: Storage groups have been removed. In Exchange Server 2010, mailbox and public folder databases are no longer associated with storage groups. Each database maintains its own set of log files. Mailbox databases are no longer associated with specific Mailbox servers. This means that you create mailbox databases at the organization level within the Exchange Server Management Console. This also means that all mailbox databases are completely portable; that is, you can move any mailbox database from one server to another without issues. Input/output (I/O) reductions. The database store schema has been redesigned in Exchange Server 2010 to decrease the number of times that the Exchange server must access the hard disks storing the mailbox databases. In previous Exchange Server versions, mailbox database access is characterized by many random and small disk I/Os, as the Mailbox server reads and writes database pages that are scattered throughout the database. In Exchange Server 2010, the goal is to reduce disk I/O by ensuring that each disk I/O reads or writes more data, and that it performs as many tasks as possible on sequential database pages. Exchange Server 2007 delivered a 70% reduction in disk I/O from Microsoft Exchange Server 2003. Exchange Server 2010 delivers an additional 70% reduction in disk I/O from Exchange Server 2007 levels.
2-16
Automatic page patching. When minor disk faults cause corruption, Exchange Server 2010 automatically repairs the affected database pages using one of the database copies configured for high availability. When an entire drive fails, fast database-level failover makes it possible for administrators to swap failed drives with minimal impact to users.
2-17
Demonstration: Configuring Mailbox Databases
In this demonstration, you will see how mailbox databases are managed and created in Exchange Server 2010.
Key Points
The key points of this demonstration are: Mailbox databases are no longer associated with Mailbox database servers. Mailbox databases must have unique names and storage locations to ensure database mobility.
Task 1: Reviewing the Default Mailbox Databases

1. On SEA-EX1, if required, open the Exchange Management Console. 2. Expand Organization Configuration, and then click Mailbox. 3. In the Results pane, click the first database on the list, and then expand the columns showing the database path and the log folder path. 4. In the left-hand pane, under Server Configuration, click Mailbox. Ensure that SEAEX1 is selected in the results pane, and then view the Mailbox database information on the server. 5. Click Start, in the Search box, type Adsiedit.msc and then press ENTER. 6. Right-click ADSI Edit, and then click Connect to. 7. Under Select a well known Naming Context, click Configuration, and then click OK.
2-18
8. Expand Configuration, expand CN=Configuration, DC=Contoso, DC=com, expand CN=Services, expand CN=Microsoft Exchange, expand CN=ContosoOrg, expand CN=Administrative Groups, expand CN=Exchange Administrative Group, and then expand CN=Databases. 9. In the left pane, click the first mailbox listed in the container. 10. Expand CN=Servers, and in the left pane, click CN=SEA-EX1. Notice that there are no database settings associated with the Mailbox server. 11. Leave ADSI Edit open. 12. In the Exchange Management Console, under Organization Configuration, click Mailbox. 13. In the Actions pane, click New Mailbox Database. 14. On the New Mailbox Database page, in the Mailbox database name box, type MDB3. 15. Beside the Server name field, click Browse. In the Select Mailbox Server dialog box, click SEA-EX1, click OK, and then click Next. 16. On the Set Paths page, beside the Database file path, click Browse. 17. In the Exchange Database dialog box, browse to drive C, create a new folder named MDB3, click Open, and then click Save. 18. On the Set Paths page, next to Log folder path, click Browse. 19. In the Browse for folder dialog box, browse to C:\MDB3, click OK, and then click Next. 20. On the New Mailbox Database page, click New, and then click Finish. 21. Under Recipient Configuration, click Mailbox. 22. In the results pane, press the Ctrl key, and then click five mailboxes. In the Actions pane, click Move Mailbox. 23. In the Move Mailbox wizard, next to Mailbox database, click Browse. 24. In the Select Mailbox Database dialog box, click MDB3, click OK, and then click Next. 25. On the Move Options page, click Next. 26. On the Move Schedule page, click Next. 27. On the Move Mailbox page, click Move, and then click Finish.
2-19
Public Folders in Exchange Server 2010
Introduction
Like Exchange Server 2007, you can deploy an Exchange Server 2010 organization without public folders as long as you have Microsoft Office Outlook 2007 or later messaging-clients. However, if you choose, public folders are also supported in Exchange Server 2010.

One of the significant changes in Exchange Server 2007, when deployed with Office Outlook 2007, is the option to remove all public folders from the Exchange Server organization. Previous Exchange Server and Outlook client versions required public folders for features such as free\busy information, and for downloading offline address books. With Exchange Server 2007 and Outlook 2007, all of this functionality can be made available through Exchange Web Services on the Client Access server.
2-20

Exchange Server 2010 can also be deployed without any public folders if all messaging application programming interface (MAPI) messaging clients are running Outlook 2007 or later. At the same time, Exchange Server 2010 continues to fully support public folders, and includes the following features: Enhanced public folder reporting allows you to see when any changes to a public folder or to any item in the public folder were last made. You can view this information by using the Get-PublicFolderStatistics cmdlet in the Exchange Management Shell. Although public folder database management is moved from the Server Configuration node to the Organization Configuration node, the public folder databases functionality has not changed in Exchange Server 2010. Just like in Exchange Server 2007, you cannot create public folder database copies, and you cannot add public folder databases to a database availability group (DAG). Public folders still use public folder replication to provide high availability.
2-21
Section 3: Database Availability and Site Resilience
Introduction
Perhaps the biggest Exchange Server 2010 changes are providing high availability for Mailbox servers. Exchange Server 2007 provides several new features that enabled high availability for Mailbox servers; now these features are enhanced in Exchange Server 2010. One of the primary Exchange Server 2010 design goals in is to make high availability less expensive and easier to implement.
2-22
High Availability in Exchange Server 2007
Introduction
Exchange Server 2007 provides some significant new options for enabling high availability for Mailbox servers. In previous Exchange Server versions, installing Exchange Servers on Microsoft Windows Server clusters was the only option for providing high availability for servers managing Exchange Server mailboxes. However, Windows Server clustering requires specialized deployment hardware and skills, and does not provide data-level redundancy.
Exchange Server 2007 High Availability Options

In Exchange Server 2007, the following options enable high availability: Local Continuous Replication (LCR). LCR is a single-server solution for providing high availability of Exchange Server data. When you configure LCR, you create a passive storage group copy on a second disk set that connects to the same server as the storage groups active copy. While the server is running, LCR copies all transaction logs except the current log file, from the active copy log-file location to the passive copy log-file location. Next, LCR applies the copies to the passive database storage group copy. LCR provides data-level redundancy, but does not provide server-level redundancy, as both storage group copies are on the same server.
2-23
Cluster Continuous Replication (CCR). CCR is similar to LCR in that you create and maintain a second passive Exchange Server data copy; however, with CCR, the passive storage group copies are stored on another computer running Exchange Server 2007 in a Windows failover cluster. To configure CCR, you must install Exchange Server 2007 on a computer running the Windows Server2003 operating system with Windows Clustering Service enabled, or running Windows Server 2008 with the failover cluster feature installed. CCR is frequently deployed to provide failover protection for Mailbox servers deployed in the same data center. Standby Continuous Replication (SCR). SCR is a new feature introduced in Exchange Server 2007 Service Pack 1 (SP1). SCR uses the same log shipping and replay technology that LCR and CCR use to copy the mailbox database to one or more Mailbox servers. However like LCR, when the server hosting the active database copy (called a source copy in SCR) fails, you must configure clients manually to start using the target copy on another server. SCR is frequently deployed to provide failover protection for Mailbox servers deployed in different data centers. Single Copy Clusters (SCC). SCC is the Exchange Server 2007 term for a type of Exchange Server failover clustering that is similar to what was present in previous Exchange Server versions. In a SCC deployment, a single copy of the Exchange Server databases and transaction logs is stored on a shared set of disks. You can access data on the shared-disk set through one of the nodes. If one of the nodes fails, the Exchange Server services fail over automatically to another node so that users experience a minimal disruption in service availability. If the data storage disks fail, this solution requires that you restore the databases from backups.
2-24
New High Availability Features in Exchange Server 2010
Introduction
In Exchange Server 2010, the Exchange Server 2007 CCR and SCR high availability options are combined and replaced by the concept of a DAG. A DAG is a defined group of Mailbox servers that provide automatic database-level and server-level recovery. You can deploy a DAG with servers in multiple locations and enable database replication between database copies on as many as 16 Mailbox servers. The key new Exchange Server 2010 features for improving high availability are: The Windows failover clustering technology is used by Exchange Server 2010, but it is now completely transparent. Exchange Server administrators do not need to install, build, or configure any aspects of failover clustering when deploying highly-available Mailbox servers. In previous Exchange Server versions, cluster administration was handled outside of the Exchange Server console. Exchange Server 2010 now provides an integrated cluster management experience for administrators. Each Mailbox server can host as many as 100 databases, and each database can have as many as 16 copies. This provides a great deal of flexibility as you plan distribution for highly-available mailbox databases.
2-25
In Exchange Server 2007, in order to provide high availability, you have to deploy Exchange Server Mailbox servers as dedicated servers; you could not install any other Exchange Server roles on clustered Mailbox servers. This meant that to deploy a fully redundant Exchange Server deployment, you had to deploy at least four computers. In Exchange Server 2010, you can install other Exchange Server roles on the servers that are hosting the highly available Mailbox servers at any time. This means that you can deploy a fully-redundant Exchange Server deployment by deploying only two servers. Shadow redundancy also provides an important component in a highly available Exchange Server 2010 deployment. Shadow redundancy provides message redundancy the entire time the messages are in transit.
2-26
Continuous Replication
Introduction
Continuous replication in Exchange Server 2007 and Exchange Server 2010 uses a log shipping mechanism to update Exchange Server database copies on other servers.
How Continuous Replication Works

When you configure multiple mailbox database copies, the Exchange Servers use transaction log shipping to maintain the mailbox database copies on all servers. Log shipping essentially consists of just sending to the transaction logs for each mailbox database to all Exchange Servers hosting a copy of the mailbox. Each destination Mailbox server then applies the transaction logs to the local mailbox database copy.
New Features in Exchange Server 2010

This underlying technology remains the same in Exchange Server 2010, but it is modified in the following ways: Because storage groups are removed from Exchange Server 2010, continuous replication now operates at the database level. Exchange Server 2010 still uses an Extensible Storage Engine (ESE) database that produces transaction logs that are replicated to one or more other locations and replayed into one or more mailbox database copies. Log shipping and seeding no longer uses Server Message Block (SMB) for data transfer; instead, Exchange Server 2010 continuous replication uses a single administrator-defined TCP port for data transfer. In addition, Exchange Server 2010 includes built-in options for network encryption and compression for the data stream.
2-27
Database copies are for mailbox databases only. For public folder database redundancy and high availability, you should use public folder replication. Unlike Exchange Server 2007 CCR where multiple public folder database copies could not exist in the same cluster, you can now use public folder replication to replicate public folder databases between servers in a DAG. The replicated logs transaction log replay can be delayed. When you deploy SCR in Exchange Server 2007, you can delay the time when the transaction logs are applied to the destination database. This functionality is now available in Exchange Server 2010 for any or all DAG copies.
2-28
Database Availability Groups
Introduction
The underlying concept for configuring Exchange Server 2010 mailbox databases high availability is now the database availability group.
What Is a DAG?
A DAG is a container object that is created in AD DS, to which you can add up to 16 Mailbox servers that provide automatic database-level recovery from failures. Any server in a DAG can host a mailbox database copy from any other DAG server. When a server is added to a DAG, it works with the other servers in the DAG to provide automatic recovery from failures that affect mailbox databases, such as a disk failure or server failure. When you configure a DAG, you have complete control over where each individual database is replicated. For example, if you have six Mailbox servers hosting a total of 20 mailbox databases, you could configure three copies of each database. You could configure each server to host three or four of the active databases, and distribute the passive database copies across all of the other Mailbox servers.
Important: Because of the flexibility in distributing databases between multiple servers, database names for Exchange Server 2010 must be unique within the Exchange Server organization. Also, when a mailbox database is configured with one or more database copies, the full path for all database copies must be identical on all Mailbox servers that host a copy.
2-29
Creating a New DAG
Introduction
DAGs rely on the failover clustering feature in Windows Server 2008; yet almost all of the failover clustering configuration complexity is handled automatically by the DAG creation process.
Creating a DAG
When an administrator creates a DAG, it is initially empty, and an object is created in AD DS that represents the DAG. The directory object stores relevant information about the DAG, such as server membership information. When the first Mailbox server is added to a DAG, the following occurs: The Windows failover clustering component installs, if it is not already installed. A failover cluster is created using the name of the DAG. A cluster network object (CNO) is created in the built-in Computers container. An Internet protocol (IP) address assigns to the DAG. The DAG name and IP address registers as a Host (A) record in DNS.
Note: DAGs use the Windows failover clustering cluster heartbeat, cluster networks, and the cluster database, for storing data that changes or can change quickly. Because DAGs rely on Windows failover clustering, they can only be created on Exchange Server 2010 Enterprise Edition Mailbox servers that are running Windows Server 2008 Enterprise or Windows Server 2008 Datacenter. In addition, each DAG Mailbox server must have at least two network interface cards in order to be supported.
2-30
DAG Quorum Modes

Windows Server 2008 failover clustering provides several different quorum modes. The two modes a DAG uses are the Node Majority quorum mode (where each node in the failover cluster has a single vote) and the Node and File Share Majority quorum mode (where each node in the cluster, and a file share witness each get a vote.) When a DAG is created, the failover cluster initially uses the Node Majority quorum mode. When the second Mailbox server is added to the DAG, the cluster quorum automatically changes to the Node and File Share Majority quorum model. When this change occurs, the DAG begins using the Universal Naming Convention (UNC) path provided for the cluster quorum during the DAG creation. If the specified UNC path and directory does not exist, adding the second server to the DAG will automatically create them and provision them with full control permissions for local administrators and the cluster name object (CNO) computer account.
2-31
Active Manager
Introduction
DAGs use a new Exchange Server 2010 component called Active Manager. Active Manager includes functionality that replaces the cluster service failover management features in previous Exchange Server versions.
How the Active Manager Works

In Exchange Server 2010, the Microsoft Exchange Replication service periodically monitors the health of all mounted databases. The service also monitors Extensible Storage Engine (ESE) for any I/O errors or failures. When the service detects a failure, it notifies Active Manager. Active Manager then determines which database copy should be mounted, and what is required to mount that database. In addition, Active Manager tracks the active mailbox database copy (based on the last mounted database copy) and provides the tracking results information to the remote procedure call (RPC) Client Access component on the Client Access server to which the client is connected. When an administrator makes an active mailbox database copy of the active mailbox database, this process is known as a switchover. When a failure affecting a database occurs and a new database becomes the active copy, this process is known as a failover. This process also refers to a server failure in which one or more servers bring online the databases previously online on the failed server. When either a switchover or failover occurs, other Exchange Server 2010 server roles become aware of the switchover almost immediately, and redirect client and messaging traffic to the new active database.
2-32
Demonstration: Configuring Database Availability Groups
In this demonstration, you will see how you can configure a DAG, monitor continuous replication, and force a mailbox database switchover.
Key Points
The key points of this demonstration are: You can configure a DAG after you have deployed Exchange Servers with multiple installed server roles. After creating a DAG, you can create copies of any mailbox databases stored on DAG servers. Mailbox servers use continuous replication to update all mailbox database copies. You can manually force a mailbox database switchover to another DAG server. Creating a DAG automatically creates all required Active Directory and failover clustering objects. DAGs use log shipping to update all mailbox database copies.
2-33
Task 1: Configuring a DAG

1. On SEA-EX1, if required, open the Exchange Management Console. 2. Under Organization Configuration, click Mailbox. 3. In the Actions pane, click New Database Availability Group. 4. On the New Database Availability Group page, fill in the following information: Database availability group name: ContosoDAG File share witness share: \\SEA-DC1\DAGFSW File share witness directory: C:\DAGFSW
5. Click New, and then click Finish.
Task 2: Adding Mailbox Servers to a DAG

1. On SEA-EX1, click Start, click All Programs, click Microsoft Exchange Server 2010, and then click Exchange Management Shell (Local Powershell). 2. At the PS prompt, type the following, and then press ENTER: Add-DatabaseAvailabilityGroupServer -Identity ContosoDAG MailboxServer SEA-EX1 -DatabaseAvailabilityGroupIPAddresses 10.10.0.100 3. On SEA-EX2, click Start, click All Programs, click Microsoft Exchange Server 2010, and then click Exchange Management Shell (Local Powershell). 4. At the PS prompt, type the following, and then press ENTER: Add-DatabaseAvailabilityGroupServer -Identity ContosoDAG -MailboxServer SEA-EX2 5. On SEA-EX1, in the Exchange Management Console, click the Database Availability Group tab. 6. Right-click ContosoDAG, and then click Properties. Verify that both SEA-EX1 and SEA-EX2 are listed as DAG members. 7. On the Operational Servers tab, verify that both SEA-EX1 and SEA-EX2 are operational, and then click OK.
2-34
Task 3: Configuring Mailbox Database Copies

1. On SEA-EX1, open Windows Explorer, and then browse to C:\MDB3. Verify that the folder contains a mailbox database file and several transaction log files. 2. On SEA-EX2, if required, open the Exchange Management Console. 3. In the Exchange Management Console, under Organization Configuration, click Mailbox, then click the Database Management tab. 4. Right-click MDB3, and then click Add Mailbox Database Copy. 5. Beside Server name, click Browse. In the Select Mailbox Server dialog box, click SEA-EX2, and then click OK. 6. Click Add, and then click Finish. 7. On SEA-EX2, open Windows Explorer, and then browse to C:\MDB3. 8. On SEA-EX1, test the health of the database replication. In the Exchange Management Shell (Local Powershell) window, at the PS prompt, type the following, and then press ENTER: Test-ReplicationHealth 9. On SEA-EX1, in the Exchange Management Console, on the Database Management tab, click MDB3. 10. In ADSI Edit, click the CN=Databases container, and then click the Refresh icon. In the left pane, click CN=MDB3, and then close ADSI Edit.
2-35
New Possibilities for Mailbox Database Storage Design
Introduction
Exchange Server 2010 changes to the Mailbox server role and the new high availability features create some interesting options when planning Mailbox server deployments.
Site Resiliency
Because a DAG can have multiple Mailbox servers, and each database copy can have multiple copies, it is easy to provide both single site redundancy and multi-site redundancy. When you configure a DAG, you can include Mailbox servers from the local data center as well as Mailbox servers in a failover data center. Each mailbox database can have one or more copies in the local and the remote datacenters.
Backup-less Exchange Server Organization

With the changes to the DAG and the shadow redundancy feature, it is now possible to consider a backup-less Exchange Server organization. You can replicate each database to multiple locations, including to remote datacenters. Shadow redundancy means that messages are protected while in transit. Combining these options means that you may be able to deploy Exchange Server and provide complete recoverability without performing any backups.
Note: Most organizations back up the Exchange Servers and data on a consistent basis. While Exchange Server 2010 enables the option of implementing backupless Exchange Server organization, many organizations will still choose to back up the Exchange Server data.
2-36
Options for Using Inexpensive Storage

New features such as the mailbox archiving feature and the mailbox database mobility may significantly increase the amount of storage that you need to store Exchange Server databases. However, with the new Exchange Server 2010 features such as the decreased disk I/O, you can now more feasibly deploy the Exchange Server mailbox database on inexpensive Serial Advanced Technology Attachment (SATA) hard disk drives. Because you can now distribute databases to multiple servers, it is more feasible to deploy Exchange Server databases on Redundant Array of Inexpensive Disks (RAID)-less disk configurations. Deploying very large mailboxes, or deploying multiple mailbox copies is more feasible when you can deploy the databases on inexpensive storage solutions.
High Availability for Small Organizations

Because the roles of the Mailbox server, Hub Transport server, and Client Access server can be deployed on the same server as a DAG server, it is now feasible for a small organization to deploy redundant Exchange Server systems on just two servers.
2-37
Section 4: Administration and Management Tools
Introduction
In addition to functional changes, Exchange Server 2010 also includes some significant changes in how you will administer the Exchange Server environment. One of the important new Exchange Server 2010 features is Role-Based Access Control (RBAC) which enables you to assign permissions at a much more granular level than was possible in previous Exchange Server versions. Windows PowerShell command-line interface, and by extension, Exchange Management Shell also have upgrades in Exchange Server 2010.
2-38
What Is Role Based Access Control?
Introduction
RBAC is the new Microsoft Exchange Server 2010 permissions model. RBAC enables you to more closely align the roles you assign users and administrators, to the actual roles they hold within your organization. In Microsoft Exchange Server 2007, the server permissions model applies only to the administrators that manage the Exchange Server 2007 infrastructure; RBAC now controls both the administrative tasks that can be performed and the extent to which users can now self-administer themselves.
RBAC Components
RBAC controls through management roles, assignments, and scopes, who can access what, and where. RBAC uses the following components: Management role. A management role is a container for a grouping of management role entries which are used to define the tasks that can be performed by those who are assigned the role using management role assignments. Management role entries. A management role entry is a cmdlet, including its parameters that you add to a management role. By adding a cmdlet or parameter to a role as management role entries, you are granting rights to manage or view the objects associated to that cmdlet or parameter. Management role assignment. A management role assignment assigns a management role to a user or universal security group. Once you create a management role, you must assign it to a user or group so they can make use of it. Assigning a management role to a user or group grants them the ability to use the cmdlets and parameters defined in the management role.
2-39
Management role scope. A management role scope is the scope of influence or impact that the person has, once assigned a management role. When you assign a management role, you can use management scopes to target specifically what objects that assignment should control. This can be servers, organizational units, filters on servers or recipient objects, and more.
RBAC Examples
RBAC defines who can perform specific tasks and defines the scope within the Exchange Server organization where the administrators can perform those tasks. For example, you can use RBAC to assign permissions as shown in the following table:
Management role OrganizationManagement SalesDistributionGroups Management role entries All Exchange cmdlets Cmdlets related to distribution group management only Cmdlets related to mailbox and user account management Management role assignments ExchangeAdmins group Sales Managers group HelpDesk group Management role scope Organization Sales department Organizational Unit (OU) in AD DS OUs containing recipient objects
HelpDesk
2-40
Built-In Management Roles
Introduction
Exchange Server 2010 includes several management roles by default. These built-in roles provide you with a pre-configured set of roles that you can assign to various administrator and user types in your organization. You cannot modify either the built-in management roles, or the management role entries that you configure on them. However, you can modify the scope of built-in management roles that are assigned to users. You can also assign the built-in roles to users or universal security groups.
Management Roles
Exchange Server 2010 provides the following administrative roles:
Management role DiscoveryManagement Description Administrators assigned this role can perform Exchange Server organization mailbox searches for data that meets specific criteria. Administrators assigned this role configure global address list (GAL) synchronization between two organizations, or between an on-premises deployment and a hosted deployment. Administrators assigned this role have administrative access to the entire Exchange Server 2010 organization, and can perform almost any task against any Exchange Server 2010 object.
GALSynchronizationManagement
OrganizationManagement
2-41
(continued)
Management role RecipientManagement Description Administrators assigned this role can create or modify Exchange Server 2010 recipients within the Exchange Server 2010 organization. Administrators assigned this role can manage the Unified Messaging (UM) features in the Exchange Server organization. Administrators assigned this role can manage UM prompts and auto attendant configuration on Exchange Server organization UM servers. Administrators assigned this role can manage Exchange Server organization recipient UM properties. Administrators assigned this role can view the properties of any Exchange Server organization object. The administrator cannot modify any object properties. MyDistributionGroups Users assigned this role can modify and create distribution groups, and modify and remove distribution groups that they own. Users assigned this role can add or remove themselves from distribution groups that allow users to manage their own membership. Users assigned this role can manage various aspects of their own mailbox profile or configuration. This role can be used to allow third-party scripts and thirdparty cmdlets to be run by users or administrators who are assigned the role.
UMManagement
UMPromptManagement
UMRecipientManagement ViewOnlyOrganizationManagement
MyDistributionGroupMembership
MyOptions CustomScripts
2-42
Custom Management Roles
Introduction
In addition to the built-in management roles, you can also create custom management roles to delegate specific permissions within the Exchange Server organization. Use this option when you need to limit permissions beyond what is available with the built-in management roles.
Creating a Custom Management Role

RBAC enables complete flexibility in how you can assign permissions in an Exchange Server 2010 environment. For example, you might need to assign permissions to a group of administrators who work in a branch office, and need to be able to perform only recipient management tasks for all users in the branch office, and they need to be able to manage only mailboxes on the Mailbox servers deployed in the branch office. To implement this scenario, you would: 1. Create a new management role called BranchOfficeAdmins. You base custom management roles on one of the existing management roles. In this case, you might choose to base the BranchOfficeAdmins role on the RecipientManagement built-in role. To create the new management role you would use a cmdlet such as New-ManagementRole -Parent RecipientManagement -Name BranchOfficeAdmins. 2. Remove management role entries from the management role. By default, the new management role inherits all of the permissions assigned to the parent role. You can remove permissions from the role by using a cmdlet such as: Remove-managementroleentry BranchOfficeAdmins\Enable-Mailuser.
2-43
3. Create a role assignment with an OU scope. You are now ready to assign user or group accounts to the management role and to assign the scope to the role. To do this, use a command such as: New-ManagementRoleAssignment Name BranchOfficeAssignment role BranchOfficeAdmins User BranchOfficeAdmins DomainOrganizationalUnitRestriction Contoso.com/BranchOffice.
2-44
New Features in Exchange Management Tools
Introduction
Exchange Server 2007 introduced the Exchange Management Console and the Exchange Management Shell as the primary tools for managing an Exchange Server deployment. The Exchange Management Console is a graphical Microsoft Management Console (MMC)-based administration tool that provides wizards for configuring most Exchange Server objects. The Exchange Management Shell is a command-line interface based on Windows PowerShell that allows administrators to automate routine and repetitive tasks using scripts. Administrators can use the Exchange Management Shell to manage all Exchange Server objects and settings.
New Exchange Management Console Features

Exchange Server 2010 provides several new Exchange Management Console features including: Adding Exchange Forests to the Exchange Management Console tree. You can now add Exchange forests to your Exchange Management Console. The first forest is always named Microsoft Exchange On-Premises. This is your default forest. You can add additional forests by using the Add Exchange Forest wizard. Organizational Health report. The Organizational Health report gives you a quick view of your organization and its operating characteristics. The service provides an organizational summary. This includes health and licensing information, and also a summary of the Exchange Servers and recipients.
2-45
PowerShell Command Log. The PowerShell Command Log records the Windows PowerShell commands that you execute in the Exchange Management Console. For example, if you view the list of mailbox node recipients, you execute the GetRecipient cmdlet and the PowerShell Command Log records that action. Send Mail. You can now send mail to a recipient from Exchange Management Console. You must first set up an e-mail account on the computer from which you are sending mail before you can send mail.
New Exchange Management Shell Features

The Exchange Management Shell complements the Exchange Management Console by allowing administrators to choose between Graphical User Interfaces (GUIs) and command prompts to perform management tasks. Every action that can be performed in the GUI can also be performed within a command shell, because the Exchange Management Console is built on top of the Exchange Management Shell. Exchange Server 2010 takes advantage of the new Windows PowerShell v2, and enables administrators to remotely execute PowerShell scripts when they are away from their Exchange Server. To remotely administer Exchange Server using Exchange Management Shell, you need to: 1. Install Windows PowerShell v2 and Windows Remote Management (WinRM) 2.0 on the Exchange Servers and the administration computers. 2. Enable administrators to use the remote Shell by running the set-user remotepowershellenabled cmdlet. 3. Configure the certificate options for the Remote Exchange Management Shell. This step is optional, but using certificate-based authentication increases security. 4. Connect to a remote server by using the following command: $Session = New-PSSession -ConfigurationName Microsoft.Exchange ConnectionUri https://< Exchange Server 2010 server name>/PowerShell/ Authentication NegotiateWithImplicitCredential 5. Import the server-side PowerShell session into your client-side session by running the following command: Import-PSSession $Session
2-46
Demonstration: New Features in Exchange Administration
In this demonstration, you will see how you can manage an Exchange Server 2010 environment by using the Exchange Server management tools.
Key Points
The key points of this demonstration are: The Organizational Health report in the Exchange Management Shell provides an entire Exchange Server organization overview. The PowerShell Command Log displays all the commands that have been run via the Exchange Management Shell. Exchange Management Shell can be used to manage remote Exchange Servers.
2-47
Task 1: Viewing the Organizational Health Report

1. On SEA-EX1, in the Exchange Management Console, click Microsoft Exchange On-Premises. 2. In the Actions pane, click Gather Organizational Information. 3. On the Introduction page, click Next. 4. On the Collect Organizational Health Data page, click Gather. 5. Click Finish. 6. In the Exchange 2010 Finalize Deployment pane, review the information related to Databases and licenses. 7. Expand Servers Summary, and then review the information. 8. Expand Recipients Summary, and then review the information. 9. Under Recipients Summary, click Manage Recipients.
Task 2: Using the PowerShell Command Log

1. On SEA-EX1, in the Exchange Management Console, click View, and then click View Windows PowerShell Command Log. 2. In the Windows PowerShell Command Log window, click Action, and then click Start Command Logging. 3. In the Exchange Management Console, under Recipient Configuration, click Mailbox. 4. In the Actions pane, click New Mailbox. 5. On the Introduction page, click Next. 6. On the User Type page, click Existing users, and then click Add. 7. In the Select User Contoso.com dialog box, hold the CTRL key, click Amy Rusko and Mandar Samant, click OK, and then click Next. 8. On the Mailbox Settings page, click Next, click New, and then click Finish. 9. In the View Windows PowerShell Command Log <Exchange Server 2010> window, review the commands that were run while you created the new mailboxes. 10. Click the Get-User command in the list, and then on the Action menu, click Copy Command(s). 11. In the Exchange Management Shell window, right-click, and then click Paste.
2-48
Task 3: Using Windows PowerShell Remote Management

1. On SEA-EX2, click Start, click All Programs, click Windows PowerShell V2 (CTP3), and then click Windows PowerShell V2 (CTP3). 2. At the PS prompt, type the following and then press ENTER: $UserCredential = Get-Credential 3. In the Credential Request window, in the User name field, type Contoso\Administrator with a password to Pa$$w0rd, and then click OK. 4. At the PS prompt, type the following and then press ENTER: $rs = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://SEA-EX1/powershell -Credential $UserCredential 5. At the PS prompt, type the following and then press ENTER: Get-MailboxDatabase 6. At the PS prompt, type the following and then press ENTER: Invoke-Command {Get-MailboxDatabase} Session $rs 7. At the PS prompt, type the following and then press ENTER: Enter-PSSession $rs 8. Note the change in the PowerShell prompt. 9. At the PS prompt, type the following and then press ENTER: Get-MailboxDatabase 10. At the PS prompt, type the following, and then press ENTER: Exit-PSSession
2-49
Section 5: Transitioning from Previous Versions of Exchange Server
Introduction
Many organizations are already running a messaging system, and many have already deployed previous Exchange Server versions. For these organizations, a transition to Exchange Server 2010 messaging environments is required. This section introduces supported transition scenarios, and briefly describes the process for upgrading from your current Exchange Server deployment to Exchange Server 2010.
2-50
Supported Transition Scenarios
Introduction
Exchange Server 2010 supports coexistence, and transitioning from both Exchange Server 2003 and Exchange Server 2007.
AD DS Requirements for Transitioning to Exchange Server 2010

To transition from a previous Exchange Server version to Exchange Server 2010, the following AD DS requirements must be met: All global catalog servers in each site must be running the Windows Server2003 operating system Service Pack 2 or later. AD DS must be at Windows Server2003 forest-functional level. Each site must have at least one domain controller and one global catalog server with a writeable AD DS copy. Exchange Server 2010 cannot use the Windows Server 2008 operating system read-only domain controllers, or read-only global catalog servers.
Supported Transition Deployments

The following transition deployments are supported:
Exchange Server Version Microsoft Exchange Server 2000 Exchange Server 2003 Service Pack 2 or later Exchange Server 2007Service Pack 2 or later Mixed Exchange Server 2007and Exchange Server 2003 organization Exchange Organization Transition Not supported Supported Supported Supported
2-51
Note: When transitioning from Exchange Server 2007, all Exchange Server 2007 Client Access servers in the organization must be upgraded to Service Pack 2. All Exchange Server 2007 servers in an Active Directory site must be upgraded to Service Pack 2 before installing an Exchange Server 2010 server in the site. Exchange Server 2007 Service Pack 2 includes all the schema changes that are required in Exchange Server 2010.
After you deploy a new Exchange Server 2010 organization, you cannot add servers to the organization that are running earlier Exchange Server versions. The addition of earlier versions of Exchange Server to an Exchange organization that includes only Exchange Server 2010 servers is not supported.
2-52
Process for Transitioning to Exchange Server 2010
Introduction
When deploying Exchange Server 2010 in a supported Exchange Server organization, you must follow a specified process during the transition.
Installing Exchange Server 2010

If an organization only has a single Active Directory site, use the following process for deploying Exchange Server 2010. 1. Install the Exchange Server 2010 Client Access server. After the Exchange Server 2010 Client Access server is installed, this should be the primary connection point for all client connections. This means that you should modify the AutoDiscover settings both internally and externally, to point to the Exchange Server 2010 Client Access server.
Important: One of the most significant factors when transitioning from previous Exchange Server versions to Exchange Server 2010, is the messaging client interaction with the Client Access server. The details on how the Client Access server transition will work when Exchange Server 2010 ships is not yet available.
2. Install Exchange Server 2010 Hub Transport server. When you install the Hub Transport server in an Exchange Server 2003 environment, you are prompted for the name of an Exchange Server 2003 computer that will operate as a routing group bridgehead server between the Exchange Server 2003 routing group and the Exchange Server 2010 routing group. Exchange Server 2010 no longer uses routing groups to manage message routing, but all Exchange Server 2010 servers are installed in a routing group for backwards compatibility.
2-53
3. Install Exchange Server 2010 Unified Messaging servers. If you have deployed UM in Exchange Server 2007, add the Exchange Server 2010 Unified Messaging Server to one of your organizations dial plans. 4. Install the Exchange Server 2010 Mailbox servers. Once the rest of the infrastructure is in place, you can deploy the Exchange Server 2010 Mailbox servers and start moving mailboxes and public folders to the new servers. For organizations with multiple sites, there are typically two types of Active Directory sites: Internet-accessible sites, and non-Internet accessible sites. A single Exchange Server organization may have one or more Internet-accessible sites. When transitioning Active Directory sites, Internet-accessible sites should be transitioned before non-Internet accessible sites.
Removing Previous Versions of Exchange

As you move mailboxes and message delivery to the Exchange Server 2010 servers, you can start removing the previous Exchange Server versions. The recommended process for removing Exchange Server 2007 servers is as follows: 1. Remove Mailbox servers first. As you move mailboxes from Exchange Server 2003 or Exchange Server 2007 servers to Exchange Server 2010 Mailbox servers, you can start decommissioning the previous Mailbox servers. 2. Remove the Exchange Server 2007 Unified Messaging server role. The Exchange Server 2010 Unified Messaging server can coexist with Exchange Server 2007 Mailbox servers. 3. Remove the Exchange Server 2007 Hub Transport servers, or the Exchange Server 2003 bridgehead servers. The Exchange Server 2007 Mailbox server must be able to communicate with an Exchange Server 2007 Hub Transport server. As you remove Mailbox servers, you may begin removing the Hub Transport servers as well. Do not remove the last Hub Transport server until the last mailboxes have been moved from the Exchange Server 2007 servers. If you are transitioning from Exchange Server 2003, to send e-mail to the Exchange Server 2010 Mailbox servers, at least one Exchange Server 2003 server must be configured as the bridgehead server for the routing group connector between the two messaging systems. Do not remove this server until the last mailboxes are removed from the Exchange Server 2003 servers.
2-54
4. Remove the Exchange Server 2007 Client Access Servers, or the Exchange Server 2003 front-end servers. Users who connect to their mailboxes by using non-MAPI clients must be able to communicate with a Client Access Server or front-end server that is the same Exchange Server version as the server hosting the user mailbox. After the last mailbox and public folder is removed from the Exchange Server 2007 or Exchange Server 2003 Mailbox server, you may remove all other Exchange Server 2007 or Exchange Server 2003 servers in the Active Directory site.
2-55
Session Summary
Exchange Server 2010 provides many new features that enable administrators to plan and implement a more robust Exchange Server 2010 deployment. These include: New message transport features such a shadow redundancy, that improve message transfer resiliency. Significantly reduced I/O on Mailbox servers, which makes it possible to consider less expensive storage solutions. New high availability features for Mailbox servers that make it easier and less expensive to deploy a fully redundant messaging system. A new permissions model and new administration tools that provide more flexibility in how you will manage the Exchange Server environment. A transition path for upgrading your current Exchange Server deployment to Exchange Server 2010.
2-56
Clinic Evaluation
Your evaluation of this clinic will help Microsoft understand the quality of your learning experience. Please work with your training provider to access the clinic evaluation form. Microsoft will keep your answers to this survey private and confidential and will use your responses to improve your future learning experience. Your open and honest feedback is valuable and appreciated.

10133A-ENU Studentd

Enviado por

Dados do documento

Descrição original:

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

10133A-ENU Studentd

Enviado por

Direitos autorais:

Formatos disponíveis

10133A

First Look: Whats New in Microsoft Exchange Server 2010

For product evaluation only not for distribution or commercial use.

Product Number: 10133A Released: 06/2009

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

iii. Distribution Restrictions. You may not

For product evaluation only not for distribution or commercial use.

This limitation applies to

For product evaluation only not for distribution or commercial use.

Stan Reimer Content Developer

David Elfassy Technical Reviewer

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

Session 1: Microsoft Exchange Server 2010 Enhancing the User Experience

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

ALL CAPITALS monospace []

For product evaluation only not for distribution or commercial use.

Microsoft Learning Product Types

For product evaluation only not for distribution or commercial use.

Microsoft Learning Product Types (continued)

For product evaluation only not for distribution or commercial use.

Microsoft Certification Program

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

Acquiring the Skills Tested by MCP Exams

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

About This Clinic

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

Session 1: Microsoft Exchange Server 2010 Enhancing the User Experience

For product evaluation only not for distribution or commercial use.

For product evaluation only not for distribution or commercial use.

Session 1: Microsoft Exchange Server 2010 Enhancing the User Experience

For product evaluation only not for distribution or commercial use.

Session 1: Microsoft Exchange Server 2010 Enhancing the User Experience

Section 1: Exchange Server 2010 Design Goals

For product evaluation only not for distribution or commercial use.

Session 1: Microsoft Exchange Server 2010 Enhancing the User Experience

Exchange Server 2010 Server Role Overview

Hub Transport Server Role

Mailbox Server Role

For product evaluation only not for distribution or commercial use.

Session 1: Microsoft Exchange Server 2010 Enhancing the User Experience

Client Access Server Role

Unified Messaging Server Role

Edge Transport Server Role

For product evaluation only not for distribution or commercial use.

Session 1: Microsoft Exchange Server 2010 Enhancing the User Experience

Design Goal 1: Improved Flexibility and Reliability