Comparison of Exchange ActiveSync clients (mobile devices)

Great table on the features of ActiveSync and what each client (device) can do, – Wikipedia

Import NK2 file into Outlook 2010

For some reason when using Outlook, all of the saved names/email addresses in the Outlook cache (.nk2) file was not being read by Outlook 2010. When looking at the .nk2 file in userAppDataRoamingMicrosoftOutlook it had been renamed to Outlook.nk2.old. When I renamed the .nk2 file back to Outlook.nk2 file, Outlook still would not use the autocomplete file. When having no .nk2 file Outlook didn’t create a .nk2 file either….weird. So, I found a way to import the .nk2 file in outlook: Close Outlook, go to the run window and type outlook.exe /importnk2

Microsoft Support KB – link

Change installation location of Trend Micro Client Server Security Agent

At some time you may need to change the default location of the Trend Micro Client/Server Security Agent on a desktop/server. In our case the server was very low on disk space on the C: drive, but the default install when executing \servernameofcscanautopccp.exe would go to the C: drive.

  1. Open the ofcscan.ini file, and go all the way down to the bottom of the file
  2. Change the path on the line “WinNT_InstallPath=$ProgramFilesTrend MicroClient Server Security Agent”
  3. Save the file and run autopccp.exe and it will go to the new path that you have saved

Outlook 2003 (connected to Exchange 2010) gives unknown error when deleting some messages

When users delete items from folders, outlook doesn’t seem to refresh the item list.  If you try and delete the item again, outlook throws an “unknown error” message.  If you delete an item and then navigate away from a folder or even use the navigation pane to display the same folder, the item list will refresh and remove the deleted message.

The issue is “The basic issue is that Outlook 2003 support UDP and polling notifications. Exchange 2007 supports UDP, polling and Async notifications. Exchange 2010 only supports polling and Async notifications. This means when Outlook 2003 move from Exchange 2007 to Exchange 2010, Outlook clients will fall back to polling which by default only gets notifications every 30secs-1min. This means any change won’t show up immediately.

UDP notification support was removed from Exchange 2010. As a result, Outlook 2003 can only use polling notifications in online mode, which are still supported by RPC Client Access. This will result in a slight delay in updates to item status (30 seconds on average up to a 1 minute delay) when changes are made to items in a mailbox accessed by Outlook 2003.”

The fix:

Method 1: Install Update Rollup 1 for Exchange Server 2010

Important This method contains steps that tell you how to modify the registry. However, serious problems may occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For more protection, back up the registry before you modify it so that you can restore the registry if a problem occurs. For more information about how to back up and then restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756 How to back up and restore the registry in Windows

You can download Update Rollup 1 for Exchange Server 2010 from the following article in the Microsoft Knowledge Base:

976573 Description of Update Rollup 1 for Exchange Server 2010

After you install the update, you must add the following registry data to the server by using the Client Access role.

  1. Start Registry Editor.  
  2. Locate and then click to select the following registry subkey: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesMSExchangeRPCParametersSystem Create the ParametersSystem

    Note

    registry subkey if it does not exist.

  3. Add the following registry data to the server:Value type: REG_DWORD
    Value name: Maximum Polling Frequency
    Value data: any integer between 5000 and 120000 (decimal value)

  4. Exit Registry Editor.

Notes

  • The registry change is dynamically detected. Therefore, the new settings will be applied to any new connections that clients make after the change is made. If you want to make sure that the new settings are applied to all clients, you should recycle the Microsoft Exchange RPC Client Access service because connections from clients can remain alive for a long time.
  • Outlook 2003 does not poll the Exchange Server 2010 server in intervals that are less than 10 seconds. Therefore, any value less than 10000 will generally have the same effect.
  • This change does not reinstate UDP communication between Exchange Server 2010 and Outlook 2003. This change only enables polling to occur more frequently between Exchange Server 2010 and Outlook 2003.

Microsoft KB – link

How to install Exchange Server 2007 SP2 on SBS 2008

There is an issue with installing SP2 for Exchange 2007 on SBS 2008, Microsoft has released a tool to get passed the errors – link. You need to download and extract Exchange 2007 SP2 – link, run the install tool. It will ask for the directory of SP2, and then you install SP2 normally.

Here are more details of the issue on MSExchange.org

 

Have Exchange Server send auto reply messages – Outlook

A client wanted to setup a rule to send an automatic reply to an email address that wasn’t being used any longer. The solution was to create an Outlook rule (server-side) that would reply to the message using a specific message and forward the message to another recipient. First create a new user and email address that you want to autoreply.

Outlook:

Create a rule to have Exchange Server send an automatic reply

  1. On the Tools menu, click Rules Wizard.
  2. In the Apply changes to this folder list, click the Inbox you want to create the rule for.
  3. Click New.
  4. Click Start from a blank rule.
  5. Click Check messages when they arrive, and then click Next.
  6. In the Which condition(s) do you want to check list, select the From people or distribution list check box.
  7. In the Rule description list, click the underlined phrase, people or distribution list.
  8. In the Type name or select from list box, type the name of each person you want to receive the custom reply, and click From after you type each name.
  9. Click OK, and then click Next.
  10. In the What do you want to do with the message list, select the Have server reply using a specific message check box.
  11. In the Rule description list, click the underlined phrase, a specific message.
  12. In the subject line and message body, type whatever information you’d like to appear in your custom reply.
  13. Click Close, and when prompted to save changes, click Yes.
  14. Click Next, and select the check box next to any exception that you want.
  15. Click Next, and in the Please specify a name for this rule box, type a name for the rule.
  16. Click Finish, and then click OK.

By default, Exchange won’t send automatic replies, here is how to do it.

Exchange 2007

  1. Open Exchange Management Console
  2. Expand Organization Configuration-> Hub Transport
  3. In the right pane select the Remote Domains tab
  4. Right click Default and choose Properties
  5. On the General tab you can set which type of Out of Office Messages you will allow
    On the tab named “Format of original message sent as attachment to journal report:” you can enable or disable the automatic replying/forwarding

We also went on the old mailbox (that we are autoreplying from) and modified the deliver options (mail flow settings tab) to forward email to another mailbox. This will let send reply emails only to the old email address with the custom autoreply, but anyone who sends to the new email address won’t be bothered by the autoreply. You can also hide the mailbox so it doesn’t show up in the GAL too.

Link to other versions of Exchange too

Install Windows 7/Vista from USB flash drive

Here is a great article on how to install Windows 7 or Vista from a USB flash drive. It actually works as described.

http://www.intowindows.com/how-to-install-windows-7vista-from-usb-drive-detailed-100-working-guide/

Move WSUS SQL database to another location

When running WSUS on a Small Business Server, the default location is the C: drive, when that drive gets full you need to move the content and the SQL database. Below are the steps to move the SQL database to another location.

1. Open command prompt and type: net stop “update services”

2. Next, at the command promt type: net stop w3svc (if it is SBS 2008 it will also stop the Terminal Services Gateway, remember to restart)

3. Open Microsoft SQL Express Management Studio (if you don’t have this, go to http://tinyurl.com/ynl9tv to download) and connect to the MICROSOFT##SSEE database, which is the WSUS database and the SharePoint databases in SBS 2008. You can’t just connect to the database normally, you need to type this in server name area:   \.pipeMSSQL$MICROSOFT##SSEEsqlquery

1577_1

 4. Detach the SUSDB database, move the SUSDB folder to the new location and attach the database again with Management Studio

5. Restart the services: “update services”, “w3svc”, and “Terminal Services Gateway”

 

 

Disable SSL v2.0 in IIS

While going through a vulnerability scan for PCI compliancy, the report noted that IIS 7 on a Small Business Server 2008 was still using SSL v2.0 instead of SSL 3.0 or TLS 1.0. To disable SSL v2.0:

  1. Click Start, click Run, type regedt32 or type regedit, and then click OK.
  2. In Registry Editor, locate the following registry key:HKey_Local_MachineSystemCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 2.0Server
  3. On the Edit menu, click Add Value.
  4. In the Data Type list, click DWORD.
  5. In the Value Name box, type Enabled, and then click OK.Note If this value is present, double-click the value to edit its current value.
  6. Type 00000000 in Binary Editor to set the value of the new key equal to “0”.
  7. Click OK. Restart the computer.

IIS negotiates the encryption with the client browser. An attacker could use a tool that tells the server it has only sslv2 (which is weaker) available. If you disable sslv2 it only uses v3 or tls, as requested by browser. A browser only supporting sslv2 would fail.

 This applies to Windows Server 2003, and Windows Server 2008, and both versions of SBS.

http://support.microsoft.com/default.aspx?scid=kb;en-us;187498

Change default behavior for unidentified network in Vista/Windows Server 2008/Windows 7

I ran into an issue with a Hyper-V server with 6 NIC’s, some of the NIC’s in Network and Sharing center were being categorized as ‘unidentified network’ and giving the public designation. I could change it to private, but every reboot it would revert back. The issue with public network was that network discovery and file sharing was turned off, so even the NIC that was joined to the domain had little connectivity. Below fixed the issue.

You can change the security setting so that the network is not made public in the first place.

To do this on your local server or Vista/Windows 7 desktop , follow these steps:

1. Start –> run –> MMC –> press enter

2. In MMC console , from menu file select Add/Remove Snap-in

3. Select Group Policy Object editor –> Press Add –> select Local computer –> press OK –>press OK

4. Open Computer configration –>Windows Settings –>Security Settings –>select Network list manager policies
on the right Side you will see options for :

double click –>Unidentified networks

  Then you can select the option to consider the Unidentified networks as private and if user can change the
location