Tag Archives: Exchange

Lighten up and install Exchange 2019 on Windows Server Core

One of the biggest changes in Exchange Server 2019 from previous versions of the messaging platform is Microsoft supports — and recommends — deployments on Server Core.

For those who are comfortable with this deployment model, the option to install Exchange 2019 on a server without a GUI is a great advance. You can still manage the system with the Exchange Admin Console from another computer, so you really don’t lose anything when you install Exchange this way. The upside to installing Exchange on a Server Core machine is a smaller attack surface with less resource overhead. For some IT shops, because Server Core has no GUI, it can present a challenge when troubleshooting issues.

This tutorial will explain how to install Exchange 2019 on Server Core in a lab environment instead of a production setting. The following instructions will work the same for either setting, but users new to Server Core should practice a few deployments in a lab before trying the deployment for real.

Getting started

For the sake of brevity, this tutorial does not cover the aspects related to the installation of the Server Core operating system — it is identical to other Windows Server build processes — and the standard Exchange Server sizing exercises and overall deployment planning.

After installing a new Server Core 2019 build, you see the logon screen in Figure 1.

Server Core logon screen
Figure 1. Instead of the usual Desktop Experience in the full Windows Server installation, the Server Core deployment shows a simple black logon screen.

Most of the setup work on the server will come from PowerShell. After logging in, load PowerShell with the following command:

Start PowerShell

Next, this server needs an IP address. To check the current configuration, use the following command:

Get-NetIPAddress

This generates the server’s IP address configuration for all its network interfaces.

IP address configuration
Figure 2. Use the Get-NetIPAddress cmdlet to see information about the network interfaces on the server.

Your deployment will have different information, so select an interface and use the New-NetIPAddress cmdlet to configure it. Your command should look something to the following:

New-NetIPAddress -InterfaceIndex {Number} -IPAddress {IP Address} -PrefixLength {Subnet mask length} -DefaultGateway {IP Address}

After setting up the network, change the computer name and join it to the domain:

Add-Computer -DomainName {Domain} -NewName {Server} -DomainCredential {Admin account}

Next, install the prerequisites for Exchange 2019. The following cmdlet adds the Window features we need:

Install-WindowsFeature Server-Media-Foundation, RSAT-ADDS

You can use the Exchange install wizard to add the other required Windows components or you can use the following PowerShell command to handle it:

Install-WindowsFeature Server-Media-Foundation, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Metabase, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, RSAT-ADDS

Prepare to install Exchange 2019

The next step is to download Exchange Server 2019 and the required prerequisites to get the platform running. Be sure to check Microsoft’s prerequisites for Exchange 2019 mailbox servers on Windows Server 2019 Core from this link because they have a tendency to change over time. The Server Core 2019 deployment needs the following software installed from the Microsoft link:

  • .NET Framework 4.8 or later
  • Visual C++ Redistributable Package for Visual Studio 2012
  • Visual C++ Redistributable Package for Visual Studio 2013

Next, run the following PowerShell command to install the Media Foundation:

Install-WindowsFeature Server-Media-Foundation

Lastly, install the Unified Communications Managed API 4.0 from the following link.

To complete the installation process, reboot the server with the following command:

Restart-Computer -Force

Installing Exchange Server 2019

To proceed to the Exchange 2019 installation, download the ISO and mount the image:

Mount-DiskImage c:<FolderPath>ExchangeServer2019-x64.iso

Navigate to the mounted drive and start the Exchange setup with the following command:

.Setup.exe /m:install /roles:m /IAcceptExchangeServerLicenseTerms
Exchange Server 2019 installation
Figure 3. Mount the Exchange Server 2019 ISO as a drive, then start the unattended setup to start the installation.

The installation should complete with Exchange Server 2019 operating on Windows Server Core.

Managing Exchange Server 2019 on Server Core

Once you complete the installation and reboot the server, you’ll find the same logon screen as displayed in Figure 1.

This can be somewhat discomforting for an administrator who spent their whole career working with the standard Windows GUI interface. There isn’t much you can do to manage your Exchange Server from the command prompt.

Your first management option is to use PowerShell locally on this server. From the command prompt, enter:

Start PowerShell

From the PowerShell window, enter the command:

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn

You need to run this command each time to use PowerShell on the headless Exchange Server when you want to run the Exchange Management Shell. To streamline this process, you can add that cmdlet to your PowerShell profile so that the Exchange Management snap-in loads automatically when you start PowerShell on that server. To find the location of your PowerShell profile, just type $Profile in PowerShell. That file may not exist if you’ve never created it; to do this, open Notepad.exe and create a file with the name $Profile and enter that previous Add-PSSnapin command.

The more reasonable management option for your headless Exchange Server is to never log into the server locally. You can run the Exchange Admin Center from a workstation to remotely manage the Exchange 2019 deployment.

Go to Original Article
Author:

Avoid common pain points when migrating to Exchange Online

A migration from on-premises Exchange to Office 365 is more than just a matter of putting mailboxes into Microsoft’s cloud. There are several factors that can slow this type of project, and some issues won’t arise until you thought the project was done.

There are quite a few organizations still running an Exchange Server platform, but many of them are looking at migrating to Exchange Online and hand over some of the administrative burden to Microsoft. In my experience, I see four common problems for organizations that can be avoided. With a little preparation, you can avoid these stumbling blocks and make the experience a positive one for both IT and the end user.

Update on-premises software

Near the top of the list of common issues is not having the current versions of software running on premises.

Active Directory, on-premises Exchange, Outlook, Windows clients and servers all need to be up to date to give your organization the best possible migration experience. At one time, Microsoft’s organizational posture was more forgiving and would support older software, but today, the company wants all software that touches Exchange to be on the latest version. Some of the older Office suites will still work but only with basic functionality and end users will miss out on newer features, such as Focused Inbox.

That many enterprises struggle with keeping their software current isn’t a surprise, because it’s difficult to patch and deploy updates in a timely fashion. In some cases, organizations depend on third-party software that is rarely updated and may have compatibility issues with a frequent update schedule. There is no easy solution for these problems. But as IT pros, we need to sort through the updates and find a way to get all that software on the latest release.

Understand mail flow scenarios

The next area that hinders a lot of organizations migrating to Exchange Online is not understanding the different ways to set up mail flow into and out of Microsoft’s hosted email platform.

Only when you fully understand all the pieces in your organization’s transport stack can you set up a mail flow that meets your needs.

Microsoft designed Office 365 and Exchange Online to be very flexible with regards to the support of different mail flow scenarios. Email can go to on-premises Exchange first, then into Exchange Online. Mail can also go to Exchange Online first, then flow to the on-premises Exchange servers.

During a hybrid migration, the most common scenario is to leave the mail flow configuration to reach the on-premises Exchange Server first, then use hybrid configuration to forward email to mailboxes in the Microsoft cloud via the hybrid routing address. This hybrid routing address, which looks something like [email protected], is an attribute of the on-premises Active Directory account.

When you set up an Exchange hybrid deployment and move mailboxes properly, that address is automatically added to the user’s account. This mail flow arrangement tends to work very well, but if that address is not added to the users account, mail flow won’t work for that user.

Another popular option is to route email through Office 365 first, then to your on-premises mailboxes. This option puts Exchange Online Protection as the gatekeeper in front of all your organization’s mailboxes.

Ultimately, your decision comes down to what other services your organization has in that mail flow path. Some organizations use third-party antivirus products, some use a vendor’s encryption services, while others depend on a particular discovery application. Any of those third-party services may be cloud-based or installed on premises. Some of the services need to be placed before your end-user mailboxes in the transport flow, while others need to be at the end of the transport flow. There is no one-size fits-all configuration. Only when you fully understand all the pieces in your organization’s transport stack can you set up a mail flow that meets your needs.

Understand authentication

A move to the cloud means added complexity to your end-user authentication process. Microsoft provides a wide range of authentication options for Office 365 and Exchange Online, but that flexibility also means there are many choices to make during your migration.

Active Directory Federation Services, password hash sync and pass-through authentication are where the authentication options start, but any of those options can be deployed with multifactor authentication, conditional access and a whole load of Azure Information Protection options. Add in some encryption and the migration process gets complicated quickly.

All these choices and security add-ons help protect the business, but it’s a complex undertaking. It takes some effort not only to settle on a particular authentication but to implement it properly and do thorough testing to avoid an avalanche of help desk calls.

Understand accepted domains

Over time, many on-premises Exchange organizations tend to collect multiple accepted domains. Accepted domains are the part of the email address after the @ symbol.

I see many customers have issues when they move mailboxes to the cloud because they forgot to verify all the accepted domains used on those mailboxes. This problem is simple to avoid: Review the accepted domains in your on-premises Exchange organization and make sure they are verified in your Office 365 tenant before migrating the mailboxes.

Go to Original Article
Author:

Updated Exchange Online PowerShell module adds reliability, speed

PowerShell offers administrators a more flexible and powerful way to perform management activities in Exchange Online. At times, PowerShell is the only way to perform certain management tasks.

But there have been widespread concerns by many Exchange administrators who have not always felt confident in Exchange Online PowerShell’s abilities, especially when dealing with thousands of mailboxes and complicated actions. But Microsoft recently released the Exchange Online PowerShell V2 module — also known as the ExchangeOnlineManagement module — to reduce potential management issues.

New cmdlets attempt to curb PowerShell problems

Moving the messaging platform to the cloud can frustrate administrators when they attempt to work with the system using remote PowerShell without a reliable connection to Microsoft’s hosted email system. Microsoft said the latest Exchange Online PowerShell module, version 0.3582.0, brings new enhancements and new cmdlets to alleviate performance and reliability issues, such as session timeouts or poor error handling during complex operations.

Where a spotty connection could cause errors or scripts to fail with the previous module, Microsoft added new cmdlets in the Exchange Online PowerShell V2 module to restart and attempt to run a script where it left off before issues started.

Microsoft added 10 new cmdlets in the new Exchange Online PowerShell module. One new cmdlet, Connect-ExchangeOnline, replaces two older cmdlets: Connect-EXOPSSession and New-PSSession.

Microsoft took nine additional cmdlets in the older module, updated them to use REST APIs and gave them new names using the EXO prefix:

  • Get-EXOMailbox
  • Get-EXORecipient
  • Get-EXOCASMailbox
  • Get-EXOMailboxPermission
  • Get-EXORecipientPermission
  • Get-EXOMailboxStatistics
  • Get-EXOMailboxFolderStatistics
  • Get-EXOMailboxFolderPermission
  • Get-EXOMobileDeviceStatistics

Microsoft said the new REST-based cmdlets will perform significantly better and faster than the previous PowerShell module. The REST APIs offer a more stable connection to the Exchange Online back end, making most functions more responsive and able to operate in a stateless session.

Given that administrators will develop complex PowerShell scripts for their management needs, they needed more stability from Microsoft’s end to ensure these tasks will execute properly. Microsoft helped support those development efforts by introducing better script failure with functionality that will retry and resume from the point of failure. Previously, the only option for administrators was to rerun their scripts and hope it worked the next time.

There are cases where some properties are queried during a script execution that can generally impact the overall response and performance of the script given the size of the objects and their properties. To help optimize these scenarios, Microsoft introduced a way for a PowerShell process to run against Exchange Online to only retrieve relevant properties of objects needed during the execution process.  An example would be retrieving mailbox properties that would be the most likely to be used, such as mailbox statistics, identities and quotas.

Microsoft removed the need to use the Select parameter typically used to determine which properties are needed as part of the result set.  This neatens scripts and eliminates unnecessary syntax as shown in the example below.

Before:

Get-ExoMailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox | Select WhenCreated, WhenChanged | Export-CSV c:tempExportedMailbox.csv

After:

Get-ExoMailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox  -PropertySets Quota -Properties WhenCreated, WhenChanged | Export-CSV c:tempExportedMailbox.csv

How to get the new Exchange Online PowerShell module

To start using the latest Exchange Online PowerShell capabilities requires the installation or upgrade of the ExchangeOnlineManagement module. This can be done from a PowerShell prompt running under administrator settings and executing one of the two following commands:

Install-Module -Name ExchangeOnlineManagement
Import-Module ExchangeOnlineManagement; Get-Module ExchangeOnlineManagement

Or:

Update-Module -Name ExchangeOnlineManagement
Exchange Online PowerShell module install
New Exchange Online PowerShell module users can use the Install-Module command to start working with the new cmdlets.

Exchange Online PowerShell V2 module commands offer speed boost

IT pros who use the new Exchange Online PowerShell module should see improved performance and faster response time.

We can run a short test to compare how the current version stacks up to the previous version when we run commands that provide the same type of information.

First, let’s run the following legacy command to retrieve mailbox information from an organization:

Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox | Select DisplayName, ProhibitSendReceiveQuota, WhenCreated, WhenChanged

The command completes in 2.3890 seconds.

Exchange Online PowerShell mailbox command
One typical use of PowerShell on Exchange Online is to use the Get-Mailbox cmdlet to retrieve information about mailboxes used by members of the organization.

This is the new version of the command that provides same set of information but in a slightly different format:

$RESTResult = Measure-Command { $Mbx = Get-ExoMailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox -PropertySets Quota -Properties WhenCreated, WhenChanged

The command completes in 1.29832 seconds, or almost half the time. Extrapolate these results to an organization with many thousands of users and mailboxes in Exchange Online and you can begin to see the benefit when a script takes half as much time to run.

Use the following command to get mailbox details for users in the organization:

Get-ExoMailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox -PropertySets Quota -Properties WhenCreated, WhenChanged
Exchange Online mailbox details
The updated Get-ExoMailbox cmdlet fetches detailed information for a mailbox hosted in Exchange Online.

The following command exports a CSV file with details of mailboxes with additional properties listed:

Get-ExoMailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox -PropertySets Quota -Properties WhenCreated, WhenChanged | Export-CSV c:tempExportedMailbox.csv

Be aware of the Exchange Online PowerShell module provisions

There are several caveats Exchange administrators should know before they use the latest ExchangeOnlineManagement module:

  • The new Exchange PowerShell Online module only works on Windows PowerShell 5.1 with support coming for the new cross-platform version of PowerShell.
  • Data results returned by the latest cmdlets are in alphabetic order, not chronologically.
  • The new module only supports OAuth 2.0 authentication, but the client machine will need basic authorization enabled to use the older remote PowerShell cmdlets.
  • Some results may require additional formatting or adjusting because the new cmdlets give output alphabetically.
  • Administrators should use Azure AD GUID for account identity.

How to give Microsoft feedback for additional development

As Microsoft continues to improve the module, administrators will continue to see more capabilities that will allow them to have a much more improved experience with PowerShell to manage their Exchange Online environment.

There are three avenues for users to provide feedback to Microsoft on the new PowerShell commands. The first one is to report bugs or other issues during the processing of the different scripts from within PowerShell. To do this, run the following command:

Connect-ExchangeOnline -EnableErrorReporting -LogDirectoryPath <Path to store log file> -LogLevel All

The second option is to post a message on the Office 365 UserVoice forum.

Lastly, users can file an issue or check on the status of one with the Exchange Online PowerShell commands on the Microsoft Docs Github site at this link.

Go to Original Article
Author:

For Sale – ***Poss Part Ex***Custom Spec Gaming PC i7 6700K rtx 2080 32gb Ram

For Sale…

RTX Gaming PC with great Spec!

Part Exchange considered towards the following…

Oculus Quest VR headset
Oculus Rift S VR Headset
Nintendo Switch
Good Quality Hybrid Laptop (Tablet & PC)

Case = Corsair Carbide Air 540

Motherboard = Asus ROG Max VIII Hero Z170

Processor = Intel Core i7 6700K

CPU Cooler = Corsiar Hydro Series H100i

RAM = 32GB Corsair Vengeance 3200 DDR4

Graphics Card = ZOTAC RTX 2080

Hard Drive 1 = WD Green 240GB M.2

Hard Drive 2 = 6TB WD Green

Monitor = LG Ultrawide U9UB67

Fresh Install of windows with a new Key

Collection Only due to size and value… or can deliver within reason

Demo Welcome

For sale on other sites (hence the name in the pics being my real name not my user name on here)

Go to Original Article
Author:

For Sale – ***Poss Part Ex***Custom Spec Gaming PC i7 6700K rtx 2080 32gb Ram

For Sale…

RTX Gaming PC with great Spec!

Part Exchange considered towards the following…

Oculus Quest VR headset
Oculus Rift S VR Headset
Nintendo Switch
Good Quality Hybrid Laptop (Tablet & PC)

Case = Corsair Carbide Air 540

Motherboard = Asus ROG Max VIII Hero Z170

Processor = Intel Core i7 6700K

CPU Cooler = Corsiar Hydro Series H100i

RAM = 32GB Corsair Vengeance 3200 DDR4

Graphics Card = ZOTAC RTX 2080

Hard Drive 1 = WD Green 240GB M.2

Hard Drive 2 = 6TB WD Green

Monitor = LG Ultrawide U9UB67

Fresh Install of windows with a new Key

Collection Only due to size and value… or can deliver within reason

Demo Welcome

For sale on other sites (hence the name in the pics being my real name not my user name on here)

Go to Original Article
Author:

How to manage Exchange hybrid mail flow rules

An Exchange hybrid deployment generally provides a good experience for the administrator, but it can be found lacking in a few areas, such as transport rules.

Transport rules — also called mail flow rules — identify and take actions on all messages as they move through the transport stack on the Exchange servers. Exchange hybrid mail flow rules can be tricky to set up properly to ensure all email is reviewed, no matter if mailboxes are on premises or in Exchange Online in the cloud.

Transport rules solve many compliance-based problems that arise in a corporate message deployment. They add disclaimers or signatures to messages. They funnel messages that meet specific criteria for approval before they leave your control. They trigger encryption or other protections. It’s important to understand how Exchange hybrid mail flow rules operate when your organization runs a mixed environment.

Mail flow rules and Exchange hybrid setups

The power of transport rules stems from their consistency. For an organization with compliance requirements, transport rules are a reliable way to control all messages that meet defined criteria. Once you develop a transport rule for certain messages, there is some comfort in knowing that a transport rule will evaluate every email. At least, that is the case when your organization is only on premises or only in Office 365.

Things change when your organization moves to a hybrid Exchange configuration. While mail flow rules evaluate every message that passes through the transport stack, that does not mean that on-premises transport rules will continue to evaluate messages sent to or from mailboxes housed in Office 365 and vice versa.

No two organizations are alike, which means there is more than one resolution for working with Exchange hybrid mail flow rules.

Depending on your routing configuration, email may go from an Exchange Online mailbox and out of your environment without an evaluation by the on-premises transport rules. It’s also possible that both the mail flow rules on premises and the other set of mail flow rules in Office 365 will assess every email, which may cause more problems than not having any messages evaluated.

To avoid trouble, you need to consider the use of transport rules both for on-premises and for online mailboxes and understand how the message routing configuration within your hybrid environment will affect how Exchange applies those mail flow rules.

Message routing in Exchange hybrid deployments

A move to an Exchange hybrid deployment requires two sets of transport rules. Your organization needs to decide which mail flow rules will be active in which environment and how the message routing configuration you choose affects those transport rules.

All message traffic that passes through an Exchange deployment will be evaluated by the transport rules in that environment, but the catch is that an Exchange hybrid deployment consists of two different environments, at least when they relate to transport rules. A message sent from an on-premises mailbox to another on-premises mailbox generally won’t pass though the transport stack, and, thus, the mail flow rules, in Exchange Online. The opposite is also true: Messages sent from an online mailbox to another online mailbox in the same tenant will not generally pass though the on-premises transport rules. Copying the mail flow rules from your on-premises Exchange organization into your Exchange Online tenant does not solve this problem, but that can lead to some messages being handled by the same transport rule twice.

When you configure an Exchange hybrid deployment, you need to decide where your mail exchange (MX) record points. Some organizations choose to have the MX record point to the existing on-premises Exchange servers and then route message traffic to mailboxes in Exchange Online via a send connector. Other organizations choose to have the MX record point to Office 365 and then flow to the on-premises servers.

There are more decisions to be made about the way email leaves your organization as well. By default, an email sent from an Exchange Online mailbox to an external recipient will exit Office 365 directly to the internet without passing through the on-premises Exchange servers. This means that transport rules, which are intended to evaluate email traffic before it leaves your organization, may never have that opportunity.

Exchange hybrid mail flow rules differ for each organization

No two organizations are alike, which means there is more than one resolution for working with Exchange hybrid mail flow rules.

For organizations that want to copy transport rules from on-premises Exchange Server into Exchange Online, you can use PowerShell. The Export-TransportRuleCollection PowerShell cmdlet works on all currently supported versions of on-premises Exchange Server. This cmdlet creates an XML file that you can load into your Exchange Online tenant with another cmdlet called Import-TransportRuleCollection. This is a good first step to ensure all mail flow rules are the same in both environments, but that’s just part of the work.

Transport rules, like all Exchange Server features, have evolved over time. They may not work the same in all supported versions of on-premises Exchange Server and Exchange Online. Simply exporting and importing your transport rules may cause unexpected behavior.

One way to resolve this is to duplicate transport rules in both environments by adding two more transport rules on each side. The first new transport rule checks the message header and tells the transport stack — both on premises and in the cloud — that the message has already been though the transport rules in the other environment. This rule should include a statement to stop processing any further transport rules. A second new transport rule should add to the header with an indication that the message has already been though the transport rules in one environment. This is a difficult setup to get right and requires a good deal of care to implement properly if you choose to go this route.

I expect that the fairly new hybrid organization transfer feature of the Hybrid Configuration Wizard will eventually handle the export and import of transport rules, but that won’t solve the routing issues or the issues with running duplicate rules.

Go to Original Article
Author:

Consider these Office 365 alternatives to public folders

As more organizations consider a move from Exchange Server, public folders continue to vex many administrators for a variety of reasons.

Microsoft supports public folders in its latest Exchange Server 2019 as well as Exchange Online, but it is pushing companies to adopt some of its newer options, such as Office 365 Groups and Microsoft Teams. An organization pursuing alternatives to public folders will find there is no direct replacement for this Exchange feature. There reason for this is due to the nature of the cloud.

Microsoft set its intentions early on under Satya Nadella’s leadership with its “mobile first, cloud first” initiative back in 2014. Microsoft aggressively expanded its cloud suite with new services and features. This fast pace meant that migrations to cloud services, such as Office 365, would offer a different experience based on the timing. Depending on when you moved to Office 365, there might be different features than if you waited several months. This was the case for migrating public folders from on-premises Exchange Server to Exchange Online, which evolved over time and also coincided with the introduction of Microsoft Teams, Skype for Business and Office 365 Groups.

The following breakdown of how organizations use public folders can help Exchange administrators with their planning when moving to the new cloud model on Office 365.

Organizations that use public folders for email only

Public folders are a great place to store email that multiple people within an organization need to access. For example, an accounting department can use public folders to let department members use Outlook to access the accounting public folders and corresponding email content.

A shared mailbox has a few advantages over a public folder with the primary one being accessibility through the Outlook mobile app or from Outlook via the web.

Office 365 offers similar functionality to public folders through its shared mailbox feature in Exchange Online. A shared mailbox stores email in folders, which is accessible by multiple users.

A shared mailbox has a few advantages over a public folder with the primary one being accessibility through the Outlook mobile app or from Outlook via the web. This allows users to connect from their smartphones or a standard browser to review email going to the shared mailbox. This differs from public folder access which requires opening the Outlook client.

Organizations that use public folders for email and calendars

For organizations that rely on both email and calendars in their public folders, Microsoft has another cloud alternative that comes with a few extra perks.

Office 365 Groups not only lets users collaborate on email and calendars, but also stores files in a shared OneDrive for Business page, tasks in Planner and notes in OneNote. Office 365 Groups is another option for email and calendars made available on any device. Office 365 Groups owners manage their own permissions and membership to lift some of the burden of security administration from the IT department.

Microsoft provides migration scripts to assist with the move of content from public folders to Office 365 Groups.

Organizations that use public folders for data archiving

Some organizations that prefer to stay with a known quantity and keep the same user experience also have the choice to keep using public folders in Exchange Online.

The reasons for this preference will vary, but the most likely scenario is a company that wants to keep email for archival purposes only. The migration from Exchange on-premises public folders requires administrators to use Microsoft’s scripts at this link.

Organizations that use public folders for project communication and data sharing repository

The Exchange public folders feature is excellent for sharing email, contacts and calendar events. For teams working on projects, the platform shines as a way to centralize information that’s relevant to the specific project or department. But it’s not as expansive as other collaboration tools on Office 365.

Take a closer look at some of the other modern collaboration tools available in Office 365 in addition to Microsoft Teams and Office 365 Groups, such as Kaizala. These offerings extend the organization’s messaging abilities to include real-time chat, presence status and video conferencing.

Go to Original Article
Author:

What’s new with the Exchange hybrid configuration wizard?

Exchange continues to serve as the on-ramp into Office 365 for many organizations. One big reason is the hybrid capabilities that connect on-premises Exchange and Exchange Online.

If you use Exchange Server, it’s not difficult to join it to Exchange Online for a seamless transition into the cloud. Microsoft refined the Exchange hybrid configuration wizard to remove a lot of the technical hurdles to shift one of the more important IT workloads into Exchange Online. If you haven’t seen the Exchange hybrid experience recently, you may be surprised about some of the improvements over the last few years.

Exchange hybrid setups have come a long way

I started configuring Exchange hybrid deployments the first week Microsoft made Office 365 publicly available in June 2011 with the newest version of Exchange at the time, Exchange 2010. Setting up an Exchange hybrid deployment was a laborious task. Microsoft provided a 75-page document with the Exchange hybrid configuration steps, which would take about three workdays to complete. Then I could start the troubleshooting process to fix the innumerable typos I made during the setup.

In December 2011, Microsoft released Exchange 2010 Service Pack 2, which included the Exchange hybrid configuration wizard. The wizard reduced that 75-page document to a few screens of information that cut down the work from three days to about 15 minutes. The Exchange hybrid configuration wizard did not solve all the problems of an Exchange hybrid deployment, but it made things a lot easier.

What the Exchange hybrid configuration wizard does

The Exchange hybrid configuration wizard is just a PowerShell script that runs all the necessary configuration tasks. The original hybrid configuration wizard completed seven key tasks:

  1. verified prerequisites for a hybrid deployment;
  2. configured Exchange federation trust;
  3. configured relationships between on-premises Exchange and Exchange Online;
  4. configured email address policies;
  5. configured free/busy calendar sharing;
  6. configured secure mail flow between the on-premises and Exchange Online organizations; and
  7. enabled support for Exchange Online archiving.

How the Exchange hybrid configuration wizard evolved

Since the initial release of the Exchange hybrid configuration wizard, Microsoft expanded its capabilities in multiple ways with several major improvements over the last few years.

Since the initial release of the Exchange hybrid configuration wizard, Microsoft expanded its capabilities in multiple ways with several major improvements over the last few years.

Exchange hybrid configuration wizard decoupled from service pack updates: This may seem like a minor change, but it’s a significant development. Having the Exchange hybrid configuration wizard as part of the standard Exchange update cycle meant that any updates to the wizard had to wait until the next service pack update.

Now the Exchange hybrid configuration wizard is an independent component from Exchange Server. When you run the wizard, it checks for a new release and updates itself to the most current configuration. This means you get fixes or additional features without waiting through that quarterly update cycle.

Minimal hybrid configuration: Not every migration has the same requirements. Sometimes a quicker migration with fewer moving parts is needed, and Microsoft offered an update in 2016 for a minimal hybrid configuration feature for those scenarios.

The minimal hybrid configuration helps organizations that cannot use the staged migration option, but want an easy switchover without worrying about configuring extras, such has the free/busy federation in calendar availability.

The minimal hybrid configuration leaves out the following functionality from a full hybrid configuration:

  • cross-premises free/busy calendar availability;
  • Transport Layer Security secured mail flow between on-premises Exchange and Exchange Online;
  • cross-premises eDiscovery;
  • automatic Outlook on the web (OWA) and ActiveSync redirection for migrated users; and
  • automatic retention for archived mailboxes.

If these features aren’t important to your organization and speed is of the essence, the minimal hybrid configuration is a good option.

Recent update goes further with setup work

Microsoft designed the Exchange hybrid configuration wizard to migrate mailboxes without interrupting the end user’s ability to work. The wizard gives users a full global address book, free/busy calendar availability and some of the mailbox delegation features used with an on-premises Exchange deployment.

A major new addition to the hybrid configuration wizard its ability to transfer some of the on-premises Exchange configurations to the Exchange Online tenant. The Hybrid Organization Configuration Transfer feature pulls configuration settings from your Exchange organization and does a one-time setup of the same settings in your Exchange Online tenant.

Microsoft expanded the abilities of Hybrid Organization Configuration Transfer in November 2018 so it configures the following settings: Active Sync Mailbox Policy, Mobile Device Mailbox Policy, OWA Mailbox Policy, Retention Policy, Retention Policy Tag, Active Sync Device Access Rule, Active Sync Organization Settings, Address List, DLP Policy, Malware Filter Policy, Organization Config and Policy Tip Configuration.

The Exchange hybrid configuration wizard only handles these settings once. If you make changes in your on-premises Exchange organization after you run the Exchange hybrid configuration wizard, those changes will not be replicated in the cloud automatically.

Go to Original Article
Author:

Know your Office 365 backup options — just in case

Exchange administrators who migrate their email to Office 365 reduce their infrastructure responsibilities, but they must not ignore areas related to disaster recovery, security, compliance and email availability.

Different businesses rely on different applications for their day-to-day operations. Healthcare companies use medical records to treat patients or a manufacturing plant needs its ERP system to track production. But generally speaking, most businesses, regardless of their vertical, rely on email to communicate with their co-workers and customers. If the messaging platform goes down for any amount of time, users and the business suffer. A move to Microsoft’s cloud-based collaboration platform introduces new administrative challenges, such as determining whether the organization needs an Office 365 backup product.

IT pros tasked with all things related to Exchange Server administration — managing multiple email services, including system uptime; mailbox recoverability; system performance; maintenance; user setups; and general reactive system issues — will have to adjust when they move to Office 365. Many of the responsibilities related to system performance, maintenance and uptime become the responsibility of Microsoft. Unfortunately, not all of these outsourced activities meet the expectations of Exchange administrators. Some of them will resort to alternative methods to ensure their systems have the right protections to avoid serious disasters.

A move to Microsoft’s cloud-based collaboration platform introduces new administrative challenges, such as determining whether the organization needs an Office 365 backup product.

To keep on-premises Exchange running with high uptime, Exchange admins rely on setting up the environment with adequate redundancies, such as virtualization with high availability, clustering and proper backup if a recovery is required. In a hosted Exchange model with Office 365, email administrators rely heavily on the hosting provider to manage those redundancies and ensure system uptime. However, despite the promised service-level agreements (SLAs) by Microsoft, there are still some gaps that Exchange administrators must plan for to get the same level of system availability and data protection they previously experienced with their legacy on-premises Exchange platform.

Hosted email in Exchange Online, which can be purchased as a stand-alone service or as part of Office 365, has certainly attracted many companies. Microsoft did not provide exact numbers in its most recent quarterly report, but it is estimated to be around 180 million Office 365 commercial seats. Despite the popularity of the platform, one would assume Microsoft would offer an Office 365 backup option at minimum for the email service. Microsoft does, but not in the way Exchange administrators know backup and disaster recovery.

Microsoft does not have backups for Exchange Online

Microsoft provides some level of recoverability with mailboxes stored in Exchange Online. If a user loses email, then the Exchange administrator can restore deleted email by restoring an entire mailbox with PowerShell or through the Outlook recycle bin.

The Undo-SoftDeletedMailbox PowerShell command recovers the deleted mailbox, but there are some limitations. The command is only useful when a significant number of folders have been deleted from a mailbox and the recovery attempt occurs within 30 days. After 30 days, the content is not recoverable.

Due to this limited backup functionality, many administrators look to third-party Office 365 backup vendors such as SkyKick, BitTitan, Datto and Veeam to expand their backup and recovery needs beyond the 30 days that Microsoft offers. At the moment, this is the only way for Exchange administrators to satisfy their organization’s back up and disaster recovery requirements.

Microsoft promises 99.9% uptime with email

No cloud provider is immune to outages and Microsoft is no different. Despite instances of service loss, Microsoft guarantees at least 99.9% uptime for Office 365. This SLA translates into no more than nine hours of downtime per year.

For most IT executives, this guarantee does not absolve them of the need to plan for possible downtime. Administrators should investigate the costs and the technical abilities of an email continuity service from vendors, including Mimecast, Barracuda or TitanHQ, to avoid trouble from unplanned outages.

Email retention policies can go a long way for sensitive content

The ability to define different type of data access and retention policies is just as important as backup and disaster recovery for organizations with compliance requirements.

Groups that need to prevent accidental email deletion will need to work with the Office 365 administrator to set up the appropriate on-hold policies or archiving configuration to protect that content. These are native features in Exchange Online that administrators must build their familiarity to ensure they understand how to meet the different legal requirements of the different groups in their organization.

Define backup retention policies to meet business needs

For most backup offerings for on-premises Exchange, storage is always a concern for administrators. Since it is generally the dictating factor behind the retention period of email backup, Exchange admins have to keep disk space in mind when they determine the best backup scheme for their organization. Hourly, daily, weekly, monthly and quarterly backup schedules are influenced by the amount of available storage.

Office 365 backup products for email from vendors such as SkyKick, Dropsuite, Acronis and Datto ease the concerns related to storage space. This gives the administrator a way to develop the best protection scheme for their company without the added worry of wondering when to purchase additional storage hardware to accommodate these backups.

Go to Original Article
Author:

Are you ready for the Exchange 2010 end of life?

Exchange Server 2010 end of life is approaching — do you have your migration plan plotted out yet?

Exchange Server 2010 reached general availability on November 9, 2009, and has been the cornerstone of the collaboration strategy for many organizations over the last decade. Since that time, Microsoft also produced three releases of Exchange Server, with Exchange Server 2019 being the most recent. Exchange Server 2010 continues to serve the needs of many organizations, but they must look to migrate from this platform when support ends on January 14, 2020.

What exactly does end of support mean for existing Exchange Server 2010 deployments? Your Exchange 2010 servers will continue to operate with full functionality after this date; however, Microsoft will no longer provide technical support for the product. In addition, bug fixes, security patches and time zone updates will no longer be provided after the end-of-support date. If you haven’t already started your migration from Exchange Server 2010, now is the time to start by seeing what your options are.

Exchange Online

For many, Exchange Online — part of Microsoft Office 365 — is the natural replacement for Exchange Server 2010. This is my preferred option.

The cloud isn’t for everyone, but in many instances the reasons organizations cite for not considering the cloud are based on perception or outdated information, not reality.

A hybrid migration to Exchange Online is the quickest way to migrate to the latest version of Exchange that is managed by Microsoft. Smaller organizations may not need the complexity of this hybrid setup, so they may want to investigate simpler migration options. Not sure which migration option is best for you? Microsoft has some great guidance to help you decide on the best migration path.

The cloud isn’t for everyone, but in many instances the reasons organizations cite for not considering the cloud are based on perception or outdated information, not reality. I often hear the word “compliance” as a reason for not considering the cloud. If this is your situation, you should first study the compliance offerings on the Microsoft Trust Center. Microsoft Office 365 fulfills many industry standards and regulations, both regionally and globally.

If you decide to remain on premises with your email, you also have options. But the choice might not be as obvious as you think.

Staying with Exchange on premises

Exchange Server 2019 might seem like the clear choice for organizations that want to remain on premises, but there are a few reasons why this may not be the case.

Migrating from Exchange 2010 to Exchange 2016

First, there is no direct upgrade path from Exchange Server 2010 to Exchange Server 2019. For most organizations, this migration path involves a complex multi-hop migration. You first migrate all mailboxes and resources to Exchange Server 2016, then you decommission all remnants of Exchange Server 2010. You then perform another migration from Exchange Server 2016 to Exchange Server 2019 to finalize the process. This procedure involves significant resources, time and planning.

Another consideration with Exchange Server 2019 is licensing. Exchange Server 2019 is only available to volume license customers via the Volume Licensing Service Center. This could be problematic for smaller organizations without this type of agreement.

Organizations that use the unified messaging feature in Exchange Server 2010 have an additional caveat to consider: Microsoft removed the feature from Exchange Server 2019 and recommends Skype for Business Cloud Voicemail instead.

For those looking to remain on premises, Exchange Server 2019 has some great new features, but it is important to weigh the benefits against the drawbacks, and the effort involved with the migration process.

Microsoft only supports Exchange Server 2019 on Windows Server 2019. For the first time, the company supports Server Core deployments and is the recommended deployment option. In addition, Microsoft made it easier to control external access to the Exchange admin center and the Exchange Management Shell with client access rules.

Microsoft made several key improvements in Exchange Server 2019. It rebuilt the search infrastructure to improve indexing of larger files and search performance. The company says the new search architecture will decrease database failover times. The MetaCacheDatabase feature increases the overall performance of the database engine and allows it to work with the latest storage hardware, including larger disks and SSDs.

There are some new features on the client side as well. Email address internationalization allows support for email addresses that contain non-English characters. Some clever calendar improvements include “do not forward” work without the need for an information rights management deployment and the option to cancel/decline meetings that occur while you’re out of office.

What happens if the benefits of upgrading to Exchange Server 2019 don’t outweigh the drawbacks of the migration process? Exchange Server 2016 extended support runs through October 2025, making it a great option for those looking to migrate from Exchange Server 2010 and stay in support. The simpler migration process and support for unified messaging makes Exchange Server 2016 an option worth considering.

Go to Original Article
Author: