Today, Microsoft released Cumulative Update 5 for Exchange 2013 and Update Rollup 6 for Exchange 2010.
Exchange 2013 Cumulative Update 5
Next to a ton of bug fixes, Microsoft made changes to a few components including:
Offline Address Book generation
Hybrid Configuration Wizard
Except for the above changes, it looks like CU5 will mostly consist of fixes. By the looks of it and as Tony Redmond already pointed out CU5 promises to be a stable release. Whether it will stay that way is something only time will tell…
Installing Cumulative Update 5
Installing CU5 is no different from older versions. You can also immediately upgrade from any previous version of Exchange 2013 to CU5. There is no requirement to install SP1 (a.k.a. CU4) first.
After installation, Microsoft warns there might be a Managed Availability probe which went into overdrive and repeatedly restarts a newly added service called the Microsoft Exchange Shared Cache Service. However, this service isn’t used in CU5 (planned for the future?) and as such there is no impact at all.
However, if you are worried about your application log filling up with events from Managed Availability, you can disable the probe. More information can be found here.
This update also includes Active Directory changes, so you will be required to extend the AD schema. Given that you’re used to it by now, this shouldn’t present much of a problem. For more information on how to deploy a Cumulative Update, I suggest you have a look at the following article by ExchangeServerPro:
In this latest installment, Steve, John, Michel, Stale and myself talk about a myriad of things including some random thoughts on the Microsoft Exchange Conference, the recently disclosed Heartbleed vulnerability and latest improvements in the world of Hybrid Exchange deployments. Stale also started a new feature called “using Lync like a Lync PRO” in which he will reveal a very handy tip on how to better use Lync. Make sure you don’t miss it!
Don’t let the length of the show (almost 2 hours!) scare you, it’s filled with tons of great info!
Recently, Microsoft released an update to Windows Server 2012 R2 which – next to a bunch of bug fixes – also includes new features to some of the Operating System’s components. Amongst these new features there’s one that I found particularly interesting, more specifically the update to the AD FS 3.0 component which enables customers to use a different attribute to identify federated uses in Windows Azure AD. The feature itself is better known as “Alternate Login ID”.
As the TechNet documentation on this topic describes, it would now be possible to use a different attributed from the User Principal Name to identify federated users in Office 365. This helps customers who aren’t able to change their UPNs from the current value (like e.g. domain.local or domain.corp) to an internet-routable domain (like domain.com). Even though that in many situations changing the UPN isn’t a big of a deal, some customers leverage the existing UPN in third party applications and therefore might not be able to make this change easily.
If you want to deploy this feature, you’ll have to figure some things out by yourself. The documentation that is currently available doesn’t explain all the steps. At least, that is if you want to implement it right away. I expect the documentation to become available shortly. Also mind that I haven’t seen any official statement that the use of “Alternate Login ID” is already supported by Office 365 today, but the documentation certainly hints to it and if I recall correctly, it was also announced at the Microsoft Exchange Conference, last week.
The configuration itself requires you to jump through a few hoops, including modifying DirSync to refer to the new attribute you’ve selected as being the Alternate Login ID instead of the UPN. Personally, I would still recommend changing the UPN – if possible. But there’s an alternative now and having alternative is always good thing, isn’t it?
I’ll definitely have a go at this later this week and will post my findings here.
Typically, this time of the year Microsoft would organize its TechDays: a multi-day technical conference with tracks for both IT Pro’s and developers. This year, however, there’s no TechDays. This leaves a gap in the Belgian “conference market”. To my knowledge, TechDays was attended by several hundred if not thousand attendees every year. Speakers from all over the place would come over and present on the latest and the greatest of Microsoft. But in general there would be a lot of local speakers involved too.
Recently the developers community announced their “Tech-o-rama” conference which would both serve as a replacement for the Community Days and somewhat fill the gap for TechDays. This is exactly what the IT PRO Community had in mind when launching the ITPROceed initiative.
ITPROCeed is a community-driven one-day conference, to be held in Antwerp on June 12th. Although not officially organized by Microsoft, the conference has certainly the potential to reach a wide audience as TechDays did. Here’s why:
As mentioned earlier, there won’t be (many) other opportunities to learn from the experts first hand in Belgium, this year. As such, it seems like the perfect opportunity to catch up: for free.
The conference itself is divided into 4 tracks: SQL, System Center, Azure and Office Servers & Services. More than enough to create a balanced schedule with, don’t you think? It’s not only a good way to learn about new technology and features, it’s also great to interact with all of the experts who will be present that day.
The speaker-lineup is phenomenal, in my opinion. A lot of Belgian MVPs will speaking at this event and many of them have spoken at various international conferences before. To give you just a few of these names: Mike Resseler, Alexandre Verkinderen, Johan Delimon, Dieter Vanhoye, Thomas Vochten, Ruben Nauwelaers, Pieter Vanhove, Nico Sienaert, Tim De Keukelaere, Donald Hessing and many, many more. Every single one of them are experts in their field.
So, if you haven’t subscribed yet, I strongly suggest you do so soon. It doesn’t happen every day that you get the ability to witness all this for free (in case you didn’t get it the first time). I for one, know what I will be doing that day…! http://www.itproceed.be/
In less than a month, the 2014 edition of the Microsoft Exchange Conference will kick off in Austin, Texas. For those who haven’t decided if they will be going yet, here’s some reasons why you should.
The Value of Conferences
Being someone who frequently attends conferences, I *think* I’m in a position I can say that conferences provide great value. Typically, you can get up-to-date with the latest (and greatest) technology in IT.
Often, the cost for attending a conference are estimated higher than a traditional 5-day course. However, I find this not to be true – at least not all the time. It is true that – depending on where you fly in from – Travel & Expenses might add up to the cost. However, I think it is a good thing to be ‘away’ from your daily work environment. That typically leaves one less tempted to be pre-occupied with work rather than soaking in the knowledge shared throughout the conference. The experience is quite different from a training course. Conferences might not provide you the exact same information as in a training, but you’ll definitely be able to learn more (different) things. Especially if your skills in a particular product are already well-developed, conferences are the place to widen your knowledge.
On top of that, classroom trainings don’t offer you the same networking capabilities. In case of MEC, for instance, there will be a bunch of Exchange MVPs and Masters who you can talk to. All of them very knowledgeable and I’m sure they won’t mind a good discussion on Exchange! This could be your opportunity to ask some really difficult questions or just hear what their opinion is on a specific issue. Sometimes the insights of a 3rd person can make a difference…!
It is also the place where all the industry experts will meet. Like I mentioned earlier, there will be Masters and MVPs, but also a lot of people from within Microsoft’s Exchange Product Group will be there. What better people are there to ask your questions to?
Without any doubt, the Exchange Conference will be the place in 2014 to learn about what’s happening with Exchange. Service Pack 1 – or Cumulative Update 4, if you will – has just been released and as you might’ve read there are many new things to discover.
At the same time, it’s been almost 1.5 years since Exchange 2013 has been released and there are quite some sessions that focus on deployment and migration. If you’re looking to migrate shortly, or if you’re a consultant migrating other companies, I’m sure you’ll get a lot of value from these sessions as they will be able to provide you with first-hand information. When MEC 2012 was held – shortly before the launch of Exchange 2013 – this wasn’t really possible as there weren’t many deployments out there.
Sure, one might argue that the install base for Exchange 2013 is still low. However, if you look back at it, deployments for Exchange 2010 only really kicked of once it was past the SP1 era. And I expect nothing else to happen for Exchange 2013.
As a reference: here’s a list of sessions I definitely look forward to:
I realize that’s way too many sessions already and I will probably have to make a choice which ones I will be able to attend…
But the fact that I have so many only proves that there’s so much valuable information at MEC…
I’ve had a look through who is speaking at MEC and I can only conclude that there is a TON of great speakers. All of which I am sure they will make it worth the wile. While Microsoft-speakers will most likely give you an overview of how things are supposed to work, many of the MVPs have sessions scheduled which might give you a slight less biased view of things. The combination of both makes for a good mix to get you started on the new stuff and broaden your knowledge of what was already there.
Microsoft has big shoes to fill. MEC 2012 was a huge success and people are expecting the same – if not better – things from MEC 2014. Additionally, for those who were lucky enough to attend the Lync Conference in Vegas earlier this month, that is quite something MEC has to compete with. Knowing the community and the people behind MEC, I’m pretty confident this edition will be EPIC.
With Service Pack 1, the Exchange team introduced a new connectivity model for Exchange 2013. Instead of using RPC/HTTP (which has been around for quite a while), they have now introduced MAPI/HTTP. The big difference between both is that RPC is now cut away and therefore allow for a more resilient / lenient way to connect to Exchange. HTTP is still used for transport, but instead of ‘encapsulating’ MAPI in RPC packets, it’s now transported directly with the HTTP stream.
To enable MAPI/HTTP, run the following command:
Set-OrganizationConfig –MapiHttpEnabled $true
As you can see from the cmdlet, deploying MAPI/HTTP is an “all-or-nothing” approach. This means that you have to plan the deployment carefully. Switching from ‘traditional’ RPC/HTTP to MAPI/HTTP involves users restarting their Outlook (yes, the dreadful “Your Administrator has made a changed…”-dialog box is back). Luckily, the feature will – for now? – only work on Office 2013 Service Pack 1. Anyone who isn’t using this version will continue to use RPC/HTTP and will not be required to restart. Just keep it in mind when you upgrade your clients so that you don’t create a storm of calls to your helpdesk…
Anyway, because the feature is disabled by default – and because it traditionally takes a while before new software gets deployed – I don’t expect this feature to be widely used any time soon though.
Exchange Admin Center Command Logging
This is one of the most-wanted features ever since Exchange 2013 was released. Previously the Exchange 2010 logged all the cmdlets that it executed when you performed a task through the Management Console. However, because of the move from the EMC to the new web-based Exchange Admin Center (EAC), this feature disappeared which caused a lot of protest.
Now, in SP1, the feature – somewhat – returns and gives you the ability to capture the cmdlets the EAC executes whenever you’re using it. The feature itself can be found in the top-right corner of the EAC, when clicking the question mark button:
Support for Windows Server 2012 R2
Another long-awaited and much-asked-for feature is the support for Windows Server 2012 R2. This means that you will be able to deploy Exchange 2013 SP1/CU4 on a server running Microsoft’s latest OS. At the same time, the support for Domain Controllers running Windows Server 2012 R2 was also announced. This effectively means that you no longer have to wait to upgrade your Domain Controllers!
S/MIME support for OWA
Another feature that existing in Exchange 2010, but didn’t make the bar for the RTM release of Exchange 2013 is S/MIME support for OWA. Now, however, it’s available again.
The return of the Edge Transport Server Role
It looks like the long lost son made its way back into the product. The Edge Transport Server role, that is. Although – honestly – the Edge Transport Server isn’t a much deployed server role – at least not in the deployments I come across, it is a features which is used quite a bit in hybrid deployments. This is mainly because it’s the only supported filtering solutions in a hybrid deployment. Any other type of filtering device/service/appliance [in a hybrid deployment] will cause you to do more work and inevitably cause more headaches as well.
This is definitely good news. However, there are some things to keep in mind. First of all, the Edge Transport server doesn’t have a GUI. While this is not much of an issue for seasoned admins, people who are new to Exchange might find the learning curve (PowerShell-only) a little steep.
General Fixes and Improvements
As with every Cumulative Update, this one probably also contains a bunch of improvements and fixes. More information to the download and the updates can be found here.
Support for SSL Offloading
Now, there’s also support again for SSL Offloading. This means that you are no longer required to re-encrypt traffic coming from e.g. a load-balancer after it decrypted it first. Although many customers like to decrypt/re-encrypt, there are deployments where SSL Offloading makes sense. Additionally, by offloading SSL traffic you spare some resources on the Exchange Server as it no longer has to decrypt traffic. The downside – however – is that traffic flows unencrypted between the load balancer and the Exchange Servers.
DLP Policy Tips in OWA
Data Loss Protection was one of the new features in Exchange 2013 RTM and was very well received in the market. It allows you to detect whenever sensitive data is being sent and take appropriate actions if so. Although DLP policies worked just fine in OWA, you wouldn’t get the Policy Tips (Warnings) as they were displayed in Outlook 2013. These tips are – in my opinion – one of the more useful parts of the DLP feature and that’s why I find it great they’ve finally added it into OWA. Now, you’re no longer required to stick to Outlook to get the same experience!
As mentioned above, DLP allows you to detect whenever sensitive information is sent via email. However, detecting sensitive information isn’t always easy. Until now, you had to build (complex) Regular Expressions which would then be evaluated against the content being sent through Exchange. With the DLP Fingerprinting feature, you can now upload a document to Exchange which will then use that document as a template to evaluate content against. It is a great and easy way to make Exchange recognize certain files / type of files without having to code everything yourself in RegEx!
The DLP Fingerprinting feature can be found under Compliance Management > Data losse preventsion > Manage Document Fingerprints
Outlook Web App is already one of the best web-based email clients available. In search of brining more features to OWA to make it even better, the Exchange team now added also some – maybe less visible – but very welcome improvements to OWA. The rich text editing features is one of them.
For example, you have now more editing capabilities and you can easily add items like tables or embedding images:
Database Availability Group without IP (Administrative Access Point)
Leveraging the new capabilities in Windows Server 2012 R2 (Failover Clustering), you can now deploy a DAG without an administrative Access Point (or IP Address). This should somehow simplify the deployment of a Database Availability Group.
Deploying Service Pack 1
The process for deploying Service Pack 1 isn’t different from any other Cumulative Update. In fact, Service Pack 1 is just another name for Cumulative Update 4. Basically, upgrading a server will do a back-to-back upgrade of the build which means that any customizations you have made to configuration files will most likely to be lost. Make sure to backup those changes and don’t forget to re-apply them. This is especially important if you have integrated Lync with Exchange 2013 as this (still) requires you to make changes to one of the web.config files!
After you have upgraded the servers, I would suggest that you reboot them. Because the way Managed Availability works, you might sometimes find the Frontend Transport Service not to work as expected for a while. Typically a reboot solves the ‘issue’ right away.
By the time I published this overview, some of the other MVPs already put some thoughts out there. Make sure to check them out:
After some issues with Cumulative Update 2, which had to be pulled and re-released, Microsoft put more effort into testing and validating CU3 before releasing it to the public. That is one of the reasons why it took a little longer than expected for CU3 to be available. A good thing which hopefully pays of in a stable update without any (major) issues! CU3 introduces a bunch of new features to Exchange 2013, amongst which are:
Improved experience for Group Management in EAC
Integration with Online RMS for on-premises-only deployments
Improved Admin Audit Logging
As you can see, there’s quite some new – and interesting – stuff in CU3, which makes it definitely worth taking a closer look at. I’m particularly interested in finding out more about the RMS Online integration (which is a good thing!). Next to a bunch of new features, there are also some important bug fixes in CU3:
KB2888315 Event 2112 or 2180 is logged when you try to back up a database in an Exchange Server 2013 environment
KB2874216 Security issue that is described in Security Bulletin MS13-061 is resolved by an Exchange Server update
KB2902929 You cannot forward an external meeting request in an Exchange Server 2013 environment
KB2890814 No redirection to the Outlook Web App URL for Exchange Online users in an Exchange hybrid deployment
KB2883203 Exchange Server 2013 restarts frequently after Cumulative Update 2 is installed
A complete list of the most important bug fixes can be found here.
Deploying CU3 is similar to deploying previous CUs. Just like these previous CUs, CU3 also includes Active Directory schema updates. For more information on how to deploy a Cumulative Update, have a look at Paul Cunningham’s blog here.
How about Exchange 2013 Service Pack 1?
As a side-note to the release is that Microsoft previously announced that Exchange Server 2013 Cumulative Update 4 would be released as Service Pack 1. Taking the three-month cadence in which Cumulative Updates are expected to be released, puts Service Pack 1 to be released around the February/March 2014 timeframe – that is assuming the CU release cadence is respected. This is a little earlier than I anticipated, to be honest. I expected SP1 not to be released until at the Microsoft Exchange Conference in April (which – now I come to think of it is merely a month later). I, for one, am looking forward to “SP1”, usually this is a milestone that many companies wait for before deploying a new server product like Exchange. Traditionally, Service Packs were used to introduce a bucket of new features to the product along with some other improvements. Given that each Cumulative Update so far has added functionality, I wonder if SP1 (Cumulative Update 4) will generate the same impact as it has done with previous releases…
Exchange 2010 SP3 Update Rollup 3
This latest Update Rollup for Exchange 2010 Service Pack 3 contains a rather long list of bug fixes. Amongst these fixes, I found the following ones to stand out, mainly because I faced them a few times, myself:
KB2839533 RPC Client Access service freezes in an Exchange Server 2010 environment
KB2887609 Hybrid Configuration wizard does not display the Domain Proof of Ownership list in an Exchange Server 2010 SP3 environment
A complete list of the most important fixes, can be found here. (note: content of this link may not yet be available) Have fun!
A few hours ago, the news hit the world that Microsoft is about to acquire Nokia’s devices & services business and it’s going to license Nokia’s patents and mapping services.
Honestly, I can’t say that I’m surprised. Microsoft and Nokia have been working closely together in making, branding and marketing Nokia’s Lumia Windows Phone devices. In line of Microsoft’s “big transformation” into a devices & services company, this only seems the next logical step.
Through the acquisition (which includes brining over about 30.000 people from Nokia), Microsoft suddenly gains a vast amount of experience in making hardware.It’s first attempts at creating a tablets, the Surface RT and Surface Pro, seemed – given the 900 million dollar write-off on a pile of devices they couldn’t sell – nothing more than a creditable attempt. Through this acquisition, however, Nokia [Microsoft] might be able to bring some change into the game. After all, recent news confirmed the existence of a Nokia tablet based on Windows RT which should hit the shelves any time soon. And by the looks of it, the device looks many times more slick than the Surface RT or Pro.
After having written about my experience of going through the MCSM program, I couldn’t resist writing down about how I feel about Microsoft’s latest decision to kill the MCSM/MCA program.
For those who aren’t fully up to date about what happened, let me enlighten you first. Early Saturday morning, (Friday evening if you’re in the US), Microsoft sent out the following statement to all existing (and aspiring) Certified Masters and Architects:
“We are contacting you to let you know we are making a change to the Microsoft Certified Master, Microsoft Certified Solutions Master, and Microsoft Certified Architect certifications. As technology changes so do Microsoft certifications and as such, we are continuing to evolve the Microsoft certification program. Microsoft will no longer offer Masters and Architect level training rotations and will be retiring the Masters level certification exams as of October 1, 2013. The IT industry is changing rapidly and we will continue to evaluate the certification and training needs of the industry to determine if there’s a different certification needed for the pinnacle of our program.”
Have a look at Neil Johnson, who also teaches during the MCSM rotation, his blog for the full email.
As you can see, for someone who recently went through the program, that’s not the kind of email I’d hoped to read any time soon. Effectively, the reactions from the community are mainly drenched in disbelief and anger; which also perfectly reflects how I feel about the decision.
Many people have already expressed their displeasure. Although twitter has the top of the talks, some others – like Paul Robichaux and Marcel van den Berg – have also blogged about their thoughts:
At this moment, all that we have is the email. Nothing more. The fact that Microsoft sent out the email right before a long weekend (Monday is apparently Labor Day in the US) doesn’t really help. Besides: who does that anyway? Sending out an email like that and then absenting from any discussion whatsoever? Maybe they hoped that the storm would settle down by Tuesday? There are many reasons why Microsoft might have chosen to kill the program. Most likely it’s cost-related. There’s no doubt that running the MCSM/MCA program costs a lot of money; maybe too much for what they get in return from a direct revenue point-of-view? If so, raising the price for the certification was no option either; it was already expensive as it was. Though I stand with my statement earlier where I said it’s more than worth it. Nonetheless, MCSM/MCA perhaps never became as big as Microsoft hoped for? Anyway. It doesn’t matter, does it?
Microsoft has lately been making a lot of rather strange decisions. A lot of IT Pros (including myself) are wondering what they (Microsoft) are trying to achieve. First, they decided to kill TechNet subscriptions, now the MCSM/MCA program. The question is what will be next…? They are, for sure, making it very difficult to keep on advocating for them…
I cherish no hope that Microsoft will reverse their decision, but I would like to have a more decent explanation as to why they made this decision and what they are up to next. This is the very least they can do for all those who have invested a lot of money and time to go through the program…