Studying for the Exchange 2010 exams

One of the things I’ve been a little slow in keeping up with is MCP exams. It’s something that I’m sorting out and in the next couple of weeks intend to take the two Exchange 2010 exams – 70-662 and 70-663.

With that in mind I thought I would look at some of the study aids out there. In particular uCertify offered to let me review their PrepKit for the Exchange design exam (70-663).

I’ve used their products once or twice before and have found them generally easy to use with a decent number of questions. So I will be testing out their product and hopefully it will get me through the exam.

I will write up a longer review of the PrepKit once I’m done!

Creating certificates from the shell.

As always it seems, it’s been ages since I’ve actually blogged anything. Anyhow, having finally completed my first book Mastering Lync 2010 for Sybex, i’ve got some time back to build some labs…

… As always with modern technology there is a need for certificates. In this case I’m setting up a Hybrid Coexistence system for Exchange 2010 SP2 and Office 365 and need a cert for the ADFS box. Well one thing I finally figured out whilst writing the Lync book was how to generate a certificate request from the shell.

Here goes.

In this case I need a simple SSL cert with a single name – adfs.msexchangelab.co.uk

I find that the smoothest way of creating certificates these days is through the shell using certreq.exe. There is a lot of information on the subject of using certreq.exe available at the following links:

http://technet.microsoft.com/en-us/library/ff625722(WS.10).aspx

http://technet.microsoft.com/en-us/library/cc725793(WS.10).aspx

Essentially, the process is to create a request template file (.inf) for the required certificate and then to use the certreq.exe utility, which is installed by default on Windows Server 2008 R2, to create a certificate request file.

The template file for a simple SSL single name certificate is show in Code Sample 1.

Code Sample 1: .inf File Text Used to Create Single Name ADFS certificate

[Version]

Signature="$Windows NT$"

[NewRequest]

Subject = "CN=adfs.msexchangelab.co.uk,OU=ICT,O=MSExchangeLab,L=Croydon,S=Surrey,C=GB"

Exportable = FALSE

KeyLength = 2048

KeySpec = 1

KeyUsage = 0xA0

MachineKeySet = True

ProviderName = "Microsoft RSA SChannel Cryptographic Provider"

RequestType = PKCS10

FriendlyName = "ADFS Cert"

[EnhancedKeyUsageExtension]

OID=1.3.6.1.5.5.7.3.1 ; Server Authentication

Once you have created the above file and saved it with the file extension .inf you will take the following steps to create the certificate:

From an Administrator CMD.exe prompt, change to the folder where the request template .inf file is stored and run the following command which will will pull settings from the adfscsr.inf file and output to the adfs.req file in the same directory. 

certreq -new adfscsr.inf adfs.req

At this point you have created the certificate request for the required certificate. You will now need to copy the contents of the .req file and send it to your third-Party CA, such as Digicert or VeriSign.

P.S.

If you were thinking about creating SAN certificates in this way, then of course you can. You just need the correct .inf file. An example is Code Sample 2.

Code Sample 2: .inf File Text Used to SAN Cert

[Version]

Signature="$Windows NT$"

[NewRequest]

Subject = "CN=subject.msexchangelab.co.uk,OU=ICT,O=MSExchangeLab,L=Croydon,S=Surrey,C=GB"

Exportable = FALSE

KeyLength = 2048

KeySpec = 1

KeyUsage = 0xA0

MachineKeySet = True

ProviderName = "Microsoft RSA SChannel Cryptographic Provider"

RequestType = PKCS10

FriendlyName = "Example SAN Cert"

[EnhancedKeyUsageExtension]

OID=1.3.6.1.5.5.7.3.1 ; Server Authentication

[Extensions]

2.5.29.17 = "{text}"

_continue_ = "dns=subject.msexchangelab.co.uk&dns=SAN1.msexchangelab.co.uk&dns=SAN2etc.msexchangelab.co.uk"

Speaking at The Experts Conference 2011 in Frankfurt

Hi,

Now that we’ve ticked over into a new financial year at Microsoft and I’ve got the hang of the place (mostly!), one of my aims for this year is to start getting back into the technology community.

To that aim I am pleased to be able to say that I will be presenting at The Experts Conference (TEC) Europe in Frankfurt from 17th to 19th October.

For those that are not aware of the TEC conference it is run by Quest and has several tracks. It originated as a Directory Experts conference but now includes Directory, Exchange, PowerShell and Virtualisation content.

As the web site says:

• TEC for Exchange is a unique opportunity to…
• Obtain deep instruction on Microsoft’s Exchange Server messaging platform
• Network with leading experts while attending intense, 400-level training sessions
• Share practical advice and best practices you can immediately implement into your day-to-day activities
• Meet with Microsoft Program Managers, provide feedback, and make a direct impact on the future of Exchange technologies
• Network on an international level with other Exchange professionals within the industry

There are a good range of sessions with some outstanding presenters. My sessions are as follows:

Archiving and Discovery with Exchange 2010 and Office 365

A growing number of businesses face some regulatory pressures to retain and retrieve business data. This session will look at the features available in Exchange 2010 to manage, maintain and retrieve large quantities of data. You will learn about your options for storing data either in large mailboxes, using the archive functionality of Exchange on premises or through archiving to Office 365. We will discuss where and when the different approaches make sense and cover what your options are if you already have a vast amount of data stored in an existing archiving platform.

Designing Exchange 2010 for Site Resilience (It’s more than just technology!)

Exchange 2010 brings great technical wealth in its ability to be deployed in a site resilient way. However do you really need this level of complexity. This session will discuss the business drivers which drive site resilient design. We will then dive into the technical elements which make enable us to make Exchange deployments site resilient, including CAs, Mailflow, Load Balancers, and of course the DAG. You should come away from this session with a clear idea of whether Site Resilience is sensible for you, and how to weight up the various design decisions needed to deploy, and more importantly operate a site resilient model successfully.

So all in all, it should be a great event and I look forward to seeing a bunch of friendly faces in the crowd!

Cheers

Nathan

Nathan Winters on Quora

Hi,
 
Just checking out this new Quora social networking system.
 
Here is my profile on Quora

Nathan Winters

Windows XP SP3 Address Bar return

Yup, I know, why am I using Windows XP SP3. Well I’m not, it’s on my wife’s laptop.

Anyhow, with the install of SP3 a while back, we noticed that the address bar was gone from the task bar. It turns out that this was a “by design” issue rather than a bug as described in the KB article below:

http://support.microsoft.com/kb/951448/en-gb

To rectify the issue originally, I found a third party utility which provided an address bar, however after some recent tidying and software un-installation, it vanished!

Having looked around, there is a much better option which doesn’t require any hacking of system files as mentioned in various website, or the use of a third party tool.

To get the taskbar back, simply drag the My Computer icon up to the top of your screen and drop it. It will then create a bar along the top edge of the screen and from there you can right click, go to the toolbar list and add the “address bar”. Now, right click again and remove My Computer from this bar after which you will be left with just the “address bar”.

Finally, click to pickup the address bar and drag it off the top of the screen and down onto your real taskbar. You may have to play about with exactly where to drag it, but get it right and it will dock into the main task bar and you will have you normal address bar back.

Cheers

Nathan

Installing Exchange Server 2010 in Typical Configuration

As some of you may know, Tony Brown and I have recently re-launched my user group MMMUG. As part of that launch I wrote a new article for the site.

The article discusses the decisions to be taken when installing Exchange Server 2010 in a single server environment and shows in detail the steps taken to do so. I show how to install the typical Exchange roles; Mailbox, Hub Transport and Client Access roles, as I will provide a later article detailing the installation of the Unified Messaging role.

The article covers only the install of Exchange to the point where the server is operational in its default configuration. Both patching and basic configuration steps will be covered in later articles.

The article can be found on the new MMMUG site here:

http://www.mmmug.co.uk/articles/installing-exchange-server-2010-in-typical-configuration

Changes to Microsoft OCS Public Internet Connectivity (PIC)

Microsoft have given a few warnings recently about changes who restrict PIC traffic via IP address lockdown. Here is the final update as the changes happen tomorrow!

This is the one week reminder that the scheduled additional IP Address is on track for implementation on Friday, March 26, 2010.  For organizations restricting this traffic to specific IP addresses the updated list in the KB below MUST be in place by March 26, 2010 or PIC connectivity to MSN WILL fail.

897567    Known issues that occur with public instant messaging and Communications Server

http://support.microsoft.com/default.aspx?scid=kb;EN-US;897567

Barring an unforeseen issues, this is the final notification on this change.

REFERENCES:

http://tinyurl.com/yja9vod

http://blogs.technet.com/tlyons/archive/2010/02/26/reminder-additional-windows-live-messenger-pic-federation-ip-address.aspx

Microsoft Communications Server 14

Hi,

Yes that’s right it has finally launched! And note the new name…..that’s going to screw up the #OCS tag on twitter!

So what’s going on then?

Today at VoiceCon in Orlando Gurdeep Singh Pall, Corporate Vice President, Unified Communications Group, Microsoft Corporation announced the next version of the Microsoft Real Time communications platform.

You can watch the keynote here: http://tv.voicecon.com/

So what’s so exciting?

On a personal note it’s great to be able to talk publicly about a product which as an MVP we have seen a fair bit about over the last few months, in particular in February at the MVP Summit. It’s fair to say at the time, the overwhelming opinion was that CS14 was pretty darn good, so it’s great we can now go into a little more detail:

One of the things which really hit me was that Gurdeep mentioned a couple of times that over a total solution CS14 would be around 50% less expensive than a tradition IPPBX system, food for thought indeed. Apparently there was a session later in the day where details were discussed so it would be interesting to see more about that especially when talking about the SME space.

Diving into features, presence is extended to incorporate more detailed location awareness. When outside the corporate network a user is able to specify a location manually, whilst within the network, it is possible to have the location mapped to the building area automatically.

This then ties nicely into another key feature (well for the US market at least) E.911 support. This is the capability of a phone system to notify emergency services of a calls location. IP telephony creates challenges for this in that an IPPBX could be centralised with all calls going out of a central trunk. This way a third party (911 Enable and Intrada) can be notified of the location info via additional signalling info and will then ensure that emergency services are targeted to the correct location.

The next new feature shown really highlights the overall UC platform MSFT can provide when CS14 and Exchange 2010 are put together. In the new Communicator client, you get a type of visual voicemail so you see exactly who has left a message directly in the client. Taking things further there is still a link to view the voicemail in Outlook where you can use the great functions such as text preview and presence awareness.

Something which people will already be familiar with is the new contact card featuring photos and a square presence icon. The key thing is that this is the same across the whole platform, Office, SharePoint, Outlook etc and can be easily added to your apps too!

Again on the theme of a whole UC platform, is another of the key features in the new client. This time it is a window into SharePoint, making use of the indexing and searching facilities to locate key information about peoples’ skills. It allows you to allow you to search on keywords to find all people who have relevant interests expertise and then gradually narrow that down to the people/person you want all the time based on presence! What’s really cool is that SharePoint is clever enough to do a phonetic based search to get around poor spelling!

The last big piece discussed was one of the main features that enterprises expect, Call Admission Control (CAC). This promises to be one of those features which removes a blocker from corporate deployments where network managers are really concerned that although the OCS RTAudio and RTVideo codecs are adaptable, they never the less can still overwhelm a network link given enough calls.

So the CAC functions, enable CS14 to sample the available bandwidth and make decisions based on both type of traffic (voice and video) and number of sessions. It would seem that on various conditions (slow machines, poor camera, low bandwidth etc, a number of decisions can be taken, to either lower video quality (or stop it totally), or to reroute the call over another link.

All in all today’s demo has only scratched the surface of the product, I for one am really looking forward to the first beta drop when we can get hands on with WC14.

Cheers

Nathan

Welcome to my new blog!

Hi,

It’s taken a long while but over the last few months I have had the great fortune to meet Tony Brown, who has offered to help me get my (or should that now be our??) user group MMMUG up and running again. As part of that offer he has worked really hard to put together a new website for MMMUG, and finally also helped me to get my blog moved away from Community Server to here, on Wordpress!

This is something I have been wanting to do for a while now and I believe that it will give me much more flexibility as a platform to link into other media types, like Twitter, LinkedIn, FaceBook and the like.

My aim for this new blog is to establish a site under my own name, which regularly comments and explains the current issues/developments in the Unified Communications space, and no doubt also has a sprinkling of posts about what I am up to, including my favourite hobbies, badminton and photography.

There is still a bunch of development work to do but given that today was the launch of Microsoft Communications Server 14, I thought now was a good time for my first couple of posts!

Looking forward to writing here, and of course also for the new MMMUG site and hope that people find my posts useful.

Cheers

Nathan

Minasi Conference 2010

Minasi Conference
May 2^nd May 5^th

Virginia Beach, VA, USA

Hi,

Its been a while since I last posted (I seem to say that every time at the moment!)

Anyhow, I wanted to let people know about the 5^th annual Minasi Conference which is being held in Virginia Beach, VA, USA.

The conference runs from Sunday May 2^nd until Wednesday May 5^th and has some of the worlds top speakers.

The Minasi conference is unlike any other tech conference you?ve attended before due to its intimacy, favourable student:lecturer ratio, variety of topics and quality of instructors. The conference is organized and staffed by volunteers from Mark Minasi?s forum and includes well known veteran lecturers like Mark Minasi, Rhonda Layfield, Todd Lammle, Roger Grimes, Microsoft MVP’s and author?s such as Aidan Finn, Nathan Winters and Eric Rux and forum members who just want to share what they’re doing.

The conference has enjoyed some prestigious special guest lecturers and this year is no exception. The chance to rub elbows and ask questions in such a small environment is found only at the Minasi conference. Previous years special guests have included:

-Cisco Guru and all around nice guy, Todd Lammle
-All things Security (now featuring the Cloud), Steve Riley
-Group Policy Experts Jeremy Moskowitz and Darren Mar-Elia
-Super Scripter, Don Jones
-Internet Fixer, Roger Grimes

We invite you to join us both online and in person.

Take a look at the website for loads more info and to register ? www.minasiconference.com

Pre-Conference Event

For the 2010 Conference we are pleased to offer our first Pre-Conference session.

The aim is to provide a 4 hour event at a small additional cost which will cover a topic that is closely related to the main conference but just slightly different!

In this case Todd Lammle will lead the session on the morning of Sunday 2nd May from 08:30 until 12:30.

The topic is Configuring Basic Cisco and Router Configurations

All students would need is their own laptop and we will provide a free copy of Todd?s latest book as well as very slick router and switch simulator that you get to keep.

We are currently working to flesh out the details of this session and will update with a full agenda shortly.

This pre-con session will cost $85 which includes the Book, The Simulator, a light breakfast, Lunch and of course the 4 hours tuition!

For more information check conference website in the Pre-Conference section.

I look forward to seeing you in Virginia!

Cheers

Nathan