One of the features that has been introduced in the Exchange Control Panel (ECP) in Service Pack 1 is the ability to manage journal rule. Administrators can create, edit, disable or delete journal rules by using the browser alone, without connecting to the exchange infrastructure via VPN.

To see the feature in action, login to Outlook Web App (OWA) with an account that has administrative rights and click on “Options –> See all options”. Another way is to directly login to the control panel using the owaurl/ecp (eg; https://mail.domain.com/ecp).

Select “Manage My Organization” from the top left dropdown menu.

Click on “Mail Control” and you can create, edit, disable or remove journal rules under “Journaling” section.

I will create a new rule by clicking the “New” button. A new window pops up, which will act as a wizard for creating a new journal rule.

As you are familiar with creating a journal rule, I am not explaining the steps for creating one. I have named my rule as “Test”.

You can edit the rule by clicking the “Details” button, disable by unchecking the “On” check box and delete by clicking the “cross” button.

I can see the rule that I have created in the Exchange Console as well.

The feature was introduced in SP1 Beta & no change has been made in SP1 RTM. You can now work on journal rules with ease, even from an internet cafe!

A feature that has been given a face lift in 2010 SP1 control panel (ECP) is “Multi-mailbox search”. Though it is possible to search for keywords across all mailboxes in an organization in 2010 RTM, the feature has been improved with more options in SP1.

Let me explain based on my lab environment. First things first, even an administrator doesn’t have rights to perform a multi-mailbox search by default. The account has to be a member of “Discovery Management” group for the options to be visible in ECP. I have added the administrator account to the Discovery Management group.

This brings a new tab in ECP named “Discovery”.

Clicking the “New” button open a “New Mailbox Search” window. I will only highlight the new options available in SP1, as creating a search query is pretty easy.

Estimate search result: provides an estimate on the number of items in the result set before an email located in the search are copied to the designated discovery mailbox. This gives an idea regarding how big the search result will be and how much space the discovery mailbox will take.

Enable de-duplication: When this option is checked, it will only copy one instance of a message to the discovery mailbox. This can help you reduce the amount of email you need to review following the search.

In 2010 RTM, there is no “Discovery” tab in ECP, but has “Mailbox Searches”.

Only basic options are available in the search options in 2010 RTM.

The improved mailbox search was introduced in 2010 SP1 Beta and no changes has been made in 2010 SP1 RTM. Check my previous article for more SP1 Beta info.

More and more features are getting exposed in the Exchange Control Panel and Management Console, paving the way for exchange admins (who are not comfortable with the shell) to manage their 2010 SP1 infrastructure. One such feature that is exposed in the GUI is “Litigation Hold”. This feature preserves deleted mailbox items and record changes made to mailbox items of a user. Deleted and changed items are returned in a discovery search. This feature is really useful to track emails of a rogue staff, useful in legal battles etc.

In Exchange 2010 RTM version, enabling or disabling litigation hold for a mailbox is only possible using the exchange shell cmdlet Set-Mailbox. The full command to enable litigation hold for an account is as follows.

Set-Mailbox –identity “Rajith” –LitigationHoldEnabled $true

While this works in 2010 SP1, the feature has been exposed in both the management console (EMC) and the control panel (ECP).

Let me explain with an example. To enable litigation hold for my account using the console, navigate to Recipient Configuration –> Mailbox. Right click the mailbox and select “properties”. In the mailbox properties, select the “Mailbox Settings” tab, click “Messaging Records Management” –> Properties.

Check “Enable Litigation Hold” to put the mailbox on litigation hold.

Use the “Messaging Records Management Description URL” box to enter the location of the litigation hold or retention hold policy. It can be an internal sharepoint site, where you explain the company policy around litigation hold. Use the “Comments” field to enter the text that you want to be displayed to the mailbox user in Outlook 2010. Filing in the text boxes are optional.

Clicking “Apply” brings a pop up box warning that it can take upto an hour for the changes to take effect.

The same can be done using Exchange Control Panel in SP1. Login to the ECP as a user with enough rights. Navigate to “Manage My Organization > Users & Groups > Mailboxes”.

From the mailbox list, select the mailbox (mine) to be placed on litigation hold and click “Details”.

In the “Mailbox” window, expand the “Mailbox Features” section.

From the mailbox features list, select “Litigation Hold” and click the “Enable” button.

A new window opens, enabling us to write “Notes” which will be visible in Outlook and a “URL”. Both are optional.

Reverse the process to disable litigation hold using ECP and EMC. 2010 RTM ECP doesn’t have “Mailbox Features” and “Phone & Voice Features” section.

 

The feature was exposed in the console and control panel in SP1 beta & has been retained fully in 2010 SP1 RTM.

If you were using static RPC ports for Address Book service in 2010 RTM, you will notice that you can’t connect to the address book after the SP1 upgrade. The issue is that the 2010 RTM way of assigning a static port for address book service has been changed in 2010 SP1. In 2010 RTM, the static port was assigned by editing the microsoft.exchange.addressbook.service.exe.config file in the Bin directory.

In SP1 RTM, Exchange Product Group has moved this option to the registry, in line with assigning a static port for the RPC Client Access Service.

In order to fix the issue, follow the steps.

Logon to the CAS Server(s) using an admin account. Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicesMSExchangeAB.

Create a new key named “Parameters”. Under this key, create a new string value (REG_SZ ) named “RpcTcpPort”.

Specify the RPC port number you had set in the config file. It is port 50001 in my case.

Note: In order to make the upgrade process smoother, you can pre-create this registry entry. It will NOT mess up your SP1 upgrade.

In 2010 SP1 RTM, nothing has been changed in the DAG options that has been exposed in the console compared to SP1 Beta.

Exchange Team has exposed more options related to Database Availability Group (DAG) in 2010 SP1 RTM Console compared to 2010 RTM. In the RTM version of Exchange 2010, IP address for a DAG has to be set manually using the shell and this was one of the option many exchange admins (who are not comfortable with the shell) wanted to see in the console. Guess what?

More options, including setting a static IP address for the DAG is now exposed in the SP1 Console. Let me explain the options available.

Creating the DAG itself using the SP1 console has the same options compared to the RTM version. You can specify a name, Witness Server and Witness Directory while creating the DAG.

Once the DAG is created, launch the properties of the DAG to see more options. We can now set the following in the properties:

• Alternate witness server
• Alternate witness directory
• IP address for the DAG
• Additional IP, once the DAG is extended to another subnet

The “General” tab exposes the option to specify an alternate witness server and directory. Type in the details in the text box and click OK to make changes.

The “IP Addresses” tab allows an admin to add static IP address for the DAG.

To add a static IP address, click “Add” and type in the IP. You can add more IPs as DAG gets extended to another subnet.

 

The “Operational Servers” tab gives us the list of servers that are operational in the DAG. A read-only tab.

You still have to use the shell to make changes to the replication port, encryption, compression etc, but the option to add an ip address to the DAG using the console will make deploying DAG easier (atleast for the admins who doesn’t want to use the shell).

Most exchange admins should be familiar with this error message by now. I ran a clean install of Exchange 2010 SP1 RTM, only to find this error message.

MSExchange Transport failed to reach status “running” on this server.

The cause is the same, as in previous versions. Check my previous article for more info. This happens when IPv6 is unchecked in the TCP/IP properties of the NIC, but not disabled fully in registry. This issue was fixed in the previous version rollups, but is now back with 2010 SP1 RTM.

I checked IPv6 in the TCP/IP properties of my NIC, re-run the setup and everything went smooth.

One of the drawbacks of OWA was the inability to change user password or login using OWA when the password expires. This created a lot of trouble for mobile users who always use OWA. The ability to change the user password using OWA was introduced in Exchange 2007 SP3, but is missing in 2010 RTM. Check my previous article for 2007 SP3 OWA Password Reset feature.

The public beta of 2010 SP1 didn’t have this feature as well. But, guess what? 2010 SP1 RTM provides this feature, once it is turned on. By default, the password reset feature is switched off (don’t know why Exchange Team did that).

In order to enable the feature, follow the steps below (It is same as 2007 SP3).

• Log on to the CAS server with an admin account.
• In registry editor, navigate to HLKMSYSTEMCurrentControlSetServicesMSExchange OWA
• Create the following DWORD value if it does not already exist. DWORD Name – ChangeExpiredPasswordEnabled, type – REG_DWORD and data set to 1.
• If the DWORD already exists, change the value from zero to one.

• Reset IIS from the command prompt.

You need to make the registry edit on all CAS servers, if you have more than one in your environment.

To demonstrate the feature in action, I have created a new mailbox with the option to change password at next logon.

I will use OWA to login for the first time, which notifies me that my password has expired. It gives me the option to put my current password & a new one to make the change.

Once I enter the old & new password and click “Submit”, I get a confirmation that my password has been changed.

This will reduce the number of helpdesk calls from mobile users to some extend. Go for the registry edit guys!

I had written in my previous article how frustrating it was to install Exchange 2010 SP1, as the hotfix pages weren’t updated properly and admins had to lookup KB articles to get the required hotfixes.

Microsoft has updated the “Exchange 2010 Prerequisites” page in Technet with a list of all required hotfixes. Though the content has been updated for 2010 SP1, the title still shows as “2010 Prerequisites”.

Download the hotfixes one by one from here

In case you haven’t heard already, you can get your hotmail in your mobile phone that has ActiveSync feature installed.

The following devices have been tested against Hotmail ActiveSync
    o Windows Mobile 6.x 
    o Windows Phone 7
    o iPhone, iPod Touch, iPad
    o Nokia E-series, S-series, N-series running Mail for Exchange application.

Enter the following: 
    URL – m.hotmail.com 
    Username – Enter full name with domain info, eg user@hotmail.com
    Domain – Leave blank
    SSL – Enabled 
    Certificate – Accept the SSL certificate when prompted
    Mail, Contacts, Calendar, Tasks – All can be enabled.

More info including step by step instructions for each type of phone @ source

Access the video explaining hotmail activesync here

Nothing much has been changed in the Exchange 2010 SP1 clean install compared to the beta version. The option to automatically install Exchange pre-requisites as part of the setup is still there (same as beta, check my previous article).

The option to configure split permission model comes up, same as the beta version. Check my previous article.

The only change is a nice warning when you install 2010 SP1 on a domain controller. You are warned that the exchange server on a DC will elevate the permissions for “Exchange Trusted Subsystem” to domain administrators.

Exchange on a single box (with DC role) is fully supported by Microsoft and hence you can safely ignore the warning if you have a similar setup in production.