Thursday, June 28, 2007

iPhone or iCarrot?

Writer Stephen Bone makes a very good point about the hype surrounding the iPhone and the "deal" that you have to sign up for from AT&T. A story by Wired magazine's Rob Beschizza calculates the minimum you will spend over 2 years for an iPhone and contract is $1974.76. Deal, indeed! A deal for AT&T and Apple. Apple gets you by selling their phone at "full freight" and AT&T gets you for 2 years on a "not so great" monthly contract. Stephen makes the point that this may be the end of the subsidized celluar phone, but certainly not the restrictive and costly contract.

By Stephen Bone
Since the early days of the cellular industry, the justification for multi-year contracts has been handset subsidies. Since the cellular carriers subsidize the cost of the handsets, the argument goes, they need lock-in contracts to guarantee sufficient time to recover the up-front equipment costs. Holes in that story now appear with the iPhone.


Monday, June 18, 2007

Security and Exchange MVP chats this week

Microsoft is hosting 2 series of chats with MVPs on Exchange and Security. I am trying to get word out.
Exchange Server Q&A with the MVP Experts
Exchange MVPs will be on hand to answer your questions about Exchange Server, Outlook and Exchange for Small Business Server. So if you are thinking of upgrading to Exchange Server 2007 or have questions about Exchange Server 2003 we hope you can join us for this informative online chat!

Chat 1
When: Tuesday June 19th
Time: 5pm PST or 8pm EST
Where: TechNet Chat Room

No password required

Chat 2
When: Thursday June 21st
Time: 10am PST or 1pm EST
Where: TechNet Chat Room

No password required


Q&A with the Security MVP Experts

We invite you to attend an Q&A with the Microsoft Security MVPs. In this chat the MVP experts will answer your questions regarding online safety issues such as phishing, spyware, rootkits as well as server related topics. If you have questions on how to protect your PC, please bring them to this informative chat

When: Thursday June 21st
Time: 4pm PST and 7pm EST
Where: TechNet Chat Room

No password required

Saturday, June 16, 2007

Exchange 2007? Get those domain controllers upgraded!

Do you have to be running all W2K3 SP1 domain controllers in your organization before moving to Exchange 2007? No, only the DCs/GCs that will be used by E2K7 have to be W2K3 SP1 (though SP2 works just as well).

However, if the setup process finds a W2K DC/GC it will fail. And other processes (once you are in operation) such as Move-Mailbox will also fail. Here is another example:
Error: Domain Controller '' Operating System version is 5.0 (2195) Service Pack 4. The minimum version required is 5.2 (3790) Service Pack 1.
Exchange Management Shell command attempted:'28600b07-6d7c-4e94-9559-7861c88faa48' move-mailbox -TargetDatabase 'CN=Mailbox Database,CN=First Storage Group,CN=InformationStore,CN=EXAMPLE,CN=Servers,

CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=EXAMPLE,
CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=EXAMPLE,
Elapsed Time: 00:00:00

I am recommended as a prerequisite that people get their domain controllers upgraded to a minimum of W2K3 SP1 prior to starting their E2K7 migrations.


Travel travel travel - how to get there without going insane

This past year I spent 135 days on the road and flew almost 250,000 miles. Out of those 135 days on the road, 25 nights of that were spent on an airplane. This year, I have already passed the 120,000 mile mark. I am writing this sitting on a Continental 767-400 and am about to spend the next 2 nights on an airplane. Do I like to travel? I don't like the traveling part, but I like the "being there" part. People ask me how to cope with so much travel (or even lesser degrees of travel.) Here are some tips to make the experience more palatable.

  • Pick an airline that flies to most of your destinations and stick with it. If it does not fly everywhere, pick an airline that has partners that fly to your other preferred destinations. When your work wants to put you on the cheapest flight, stand your ground.
  • Once you have picked an airline, if you spend much time in airports, get a airport lounge membership. This will make those long layovers (I have a 12 hour layover in Houston tomorrow), flight delays and extra time much better when you can get out of the hustle and bustle of the boarding gates.
  • Fly enough to get frequent flyer status. This helps improve your seating priority, gets you upgrades, lets you get in the shorter security check-in lines. People think it is about "the miles". Trust me, it is not just about the miles.
  • When choosing a hotel, pick a decent hotel with a restaurant, and a good breakfast in the mornings. The bed is important and the better hotels are all in a race to see who can provide the most comfortable bed. Westin and Sheraton are winning, IMHO. An extra $50 per night can make the difference between a decent nights sleep and a back ache the next day. A desk in the room is essential for me and having a suite makes the room even more comfortable.
  • If possible, pick a hotel chain and join their frequent stayer program. Their "business" programs will not only get you points, but also room upgrades, free Internet, and even free breakfast. Again, stick to you guns if your accounting people want to stick you in a Motel 6.
  • Travel as light as possible. Trust me. I used to be a "heavy" traveler and took everything I might ever possibly need in case of nuclear holocaust. It is not worth lugging all that stuff around between hotels, airports, and home.
  • Allow yourself enough time to be early for your flights. The stress of arriving late is just not worth the headaches and confrontation with airport / airline staff.
  • For long flights, a personal DVD player rocks. It lets me catch up on movies or TV shows and my portable's battery lasts about 4 1/2 hours. About 4 times longer than my notebook computer lasts when it is playing a DVD.
  • Pick a lighter computer for traveling. Here is where I break my own rule. I travel with a heavy (portable desktop-laptop), cables, converters, an external hard disk, etc.... Most people don't ever need all this crap. Scale it back so that your laptop bag is light. Your back and neck will thank you for this. - Pick a cell phone provider that allows extensive roaming. Many of my friends plans only work in a certain regional area.
  • While in transit, eat light. Salads, chicken, turkey, and vegetables are good choices. Anything with a lot of cheese, cream sauces, steaks, and fried foods are not. Avoid colas and carbonated drinks before or during flights.
  • Keep on eye on your time schedule. In the airport lounge, be aware of your departure time and how much time it will take you to get to your gate. When leaving a meeting or hotel in a new city, allow enough time to get around. Ask your hotel staff about traffic to ensure that you are allowing enough time.

Thursday, June 14, 2007

WinDeveloper's IMF Tune v3.0 released

I am a big fan of the Exchange 2003 SP2 Intelligent Message Filter. It is *free* and *easy* to configure. For small and medium sized businesses that don't want to invest in separate SMTP message hygiene systems or perimeter SMTP gateways, it is a good solution. I find that the IMF reduces about 95% of the spam I receive in my Inbox. 95% is a good percentage for a free spam filter. I usually configure it to block anything with an SCL of 7 or higher and put anything with an SCL of 5 or higher in my Junk E-mail folder.

However, the IMF is just not very tune-able. That is why I like WinDeveloper's IMF Tune software. They just released a new IMF Tune version (v3.0) that has a lot of nice improvements such as log management, improved e-mail archiving, keyword reporting, and additional SCL rules. IMF Tune includes whitelisting and blacklisting features that ust are not availble via the IMF by itself. And at $148.00 for a single server, IMF Tune is dirt cheap and gives you features that you find in software costing thousands of dollars. Here are some features from the IMF Tune web site.
  • Whitelisting - Scan IPs, senders, recipients, subjects, email headers and bodies to ensure legitimate emails are not classified as spam.
  • Blacklisting - Scan IPs, senders, recipients, subjects, email headers and bodies to eliminate spam that still manages to reach the inbox.
  • Keyword-to-SCL Mappings - Search for keywords within email headers to further control SCL ratings. On finding a match the current SCL can be incremented, decremented, or fixed to any SCL value.
  • Plug any Anti-Spam Filter into Exchange - Integrate anti-spam filters running on any platform, dedicated firewall appliance or external service provider.
  • SCL to Subject/Header Insertion - Expose SCL ratings to the end-recipients. Junk email may than be sorted by SCL enabling more effective verification.
  • Spam Rerouting to a Central Mailbox or Public Folder - Retain all emails within a single repository. Eliminates external archiving and enables access to filtered spam through Outlook.
  • Auto-Reply to Filtered Emails - Streamline the process of identifying false positives for emails most at risk of incorrect classification.
  • Attachment Stripping - Minimize resource wastage within archives and Junk Email folders.
  • Detailed Logging - Retain an index of processed emails and extract IPs, addresses and keywords for whitelisting/blacklisting.
  • Intuitive SCL Based User Interface - Visualize the configuration at a single glance. This is achieved through the use of different icons and SCL handling color coding.
  • SCL Threshold Fine Tuning - Categorize logs and archives by SCL to quickly analyze the impact of the current thresholds and adjust them as appropriate.
If you have a separate SMTP filtering running somewhere in your organization, but would like to just tag the message and send to the IMF for further processing, it can also intercept other SMTP message hygiene system's tags and process the message. This can be done based on information in the message header (such as X headers) or text that is found in the subject line.

Tuesday, June 12, 2007

E2K7 - Unable to validate the filter: The Exchange server address list service failed to respond

Ya know, I really like Exchange Server as a product. But sometimes it really pisses me off.... Especially when I can't find a solution to a problem I am having. For the past 6 days, I have been trying to get a new CCR clustered mailbox server installed. I keep seeing the same error when I try to run SETUP /NEWCMS.

Clustered Mailbox Server ......................... FAILED
An Exchange 2007 server on which an address list service is active cannot be found.

Nothing in the setup logs and nothing in the event log. Grrrrr

So, I gave up and figured I might need to upgrade my recipient policies. I tried this:

Set-EmailAddressPolicy "Default Policy" -IncludedRecipients AllRecipients -ForceUpgrade

And I got this error....
Unable to validate the filter: 'The Exchange server address list service failed to respond. This could be because of an address list or email address policy configuration error.'At line:1 char:1+ S <<<<>

Then I noticed this error in the Event Log
Event Type: Error
Event Source: MSExchangeAL
Event Category: Address List Synchronization
Event ID: 8325
Date: 6/12/2007
Time: 9:44:53 AM
User: N/AComputer: SERVERNAME
Description:The service can't work properly because Email Address Policy 'CN=ORGNAME User Mailbox Management Policy,CN=Recipient Policies,CN=ORGNAME,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=ORGNAME,DC=LOCAL' has an invalid filter rule (PurportedSearch). The error is 'Invalid token.'. Use the Exchange Management Console to correct this problem. New users, contacts, and groups won't be fully provisioned until this is fixed.

I finally found it. It was the named policy "'CN=ORGNAME User Mailbox Management Policy", but it had a filter that included an invalid E2K3 server.

Not only did fixing that broken policy allow me to update the address lists, but it allowed me to install the CCR cluster.

Exchange 2007 Enterprise Client Access Licensing change

It is not often that Microsoft publicly bends so much at customer outrage, so enjoy this. Exchange 5.5/2000/2003 all had a feature that allowed the administrator to clean up old content in user's mailboxes. In E2K SP1+/E2K3, this is called the Mailbox Manager and a lot of people use it.

In E2K7, this feature is rolled in to messaging records management (MRM); MRM allows you to manage content in both the Default folders (Inbox, Sent Items, Deleted Items, Contacts, Calendar, etc...) as well as creating custom folders and managing the content in those folders. However, MRM features were announced to be a "premimum" feature and therefore if you used it for a user's mailbox, that user required an Exchange 2007 Enterprise CAL instead of just a Standard CAL.

Apparently enough customers complained (loudly) that this was outrageous to charge more for a feature set that was included previously. Microsoft changed the licensing policy so that you could use messaging records management to manage the Default folders (not custom folder management, though) without buying an E2K7 Enterprise CAL.

See, complaining (sorry "reporting your discontent") does make a difference sometimes. Tell your local Microsoft office. Report it to Attend Microsoft events and tell the folks in the Microsoft booths. Post it in the TechNet or USENet newsgroups. Call Steve Ballmer. Just be calm, rational, and present your case.

Monday, June 11, 2007

Prints go offline after applying W2K3 Service Pack 2

Last week, we applied W2K3 SP2 to one of our print servers. No problems. This week we applied it to another print server and a lot of our Xerox Phasers and HP LaserJets are offline. If we restart the spooler service, the printer comes back up for a few seconds, then it goes offline again.

Well, apparently, this has something to do with how W2K3 SP2 handles printers that have SNMP enabled. If you disable SNMP on the TCP/IP printer port, things start working for that printer. Read here for more details.

I *love* service packs. They make me so happy. :-)

Thursday, June 07, 2007

The Closer - Darned good television

As I have said before, I don't watch much television. Well, except Battlestar Galactica. This past year, though, I got hooked on The Closer with Kyra Sedgwick (Mrs. Kevin Bacon). The tag line for the first episode was "If I liked being called a bitch to my face, I'll still be married." The first season was really brilliant and the shows creators took a brave step in slowly defining the characters rather than trying to introduce each of the major characters, their quirks, and personalities during the first show or two. The show really took an entire first season to lay down the base.

Kyra Sedgwick plays a CIA trained interogater that comes to the LA Police Department as a Deputy Chief. Everyone immediately hates her. Slowly, over the first season, you see her department change their opinion about her, starting in the first season with a very subtle change in the Sanchez character. Her FBI friend/boyfriend Fritz Howard has to be the most patient character on television. Corey Reynold's character SGT David Gabriel is also likeable and a well developed character.

Though she seems so "southern sweet", she has a ruthless side and nerves of steel. That comes out near the end of the first season when she essentially finds out there is nothing she can do to a Russian mob boss' son even though he is killing prostitutes, so she uses his alibi against him. You really don't get to see her CIA side until the end of the second season.

The last 3 shows of the first season are great. You slowly see the last of her squad coming over to her side and realizing that, while quirky and focused, she is darned good at what she does. The first part of the last show of the season really shows the camaraderie she has developed with her squad when she comes across LT Provenza imitating her at a crime scene and she plays right along.

Both the first and second season are now available on DVD.

Exchange 2007 and Windows 2003 Service Pack 2

I have seen a few dicussions recently about Exchange 2007 and Windows 2003 Service Pack 2, so I thought I would blog about my own experiences. I am installing a new CCR cluster and 2 load balanced HT/CA servers. I decided to go ahead and use Windows 2003 Service Pack 2. After the initial OS and SP2 installation, you STILL need the following:

x64 .NET Framework
Windows PowerShell for W2K3 x64
.NET Hotfix KB 926776

Thus far, though, W2K3 SP2 has saved me quite a bit of time in prepping the OS and I have noticed no problems. One note, I am using Dell 2950s and I ran the Dell v5.2 Server Update Utility and brought all of the firmware and device drivers up to date.

Wednesday, June 06, 2007

I gotta get me some of that!

The future is here (almost). Take a look at Microsoft Surface. This is just too cool for color TV. I can imagine a ton of applications that could be developed for a platform like this.