 |
| Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
| Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
| Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
|
|
|
|
|
|
|
|
|
11/20/2009
Issues and OAB Generation Server migration:
Once installation is over, the first issue i found with Exchange 2010 was related to the OWA/EAS/OAB Virtual directories enumeration. Both from EMC and Powershell retrieving virtual directories resulted in an error:
[PS] C:\>Get-OwaVirtualDirectory |FL
An IIS directory entry couldn't be created. The error message is Access is deni
ed.
. HResult = -2147024891
+ CategoryInfo : NotInstalled: (GLEX2007\owa (Default Web Site):A
DObjectId) [Get-OwaVirtualDirectory], IISGeneralCOMException
+ FullyQualifiedErrorId : 46C81F27,Microsoft.Exchange.Management.SystemCon
figurationTasks.GetOwaVirtualDirectory
The problem was due to the Exchange Trusted Subsystem (see post 1) group which should be member of the local administrators group of each Exchange 2007 server. I’m wondering why this wasn’t performed by the SP2 installation routine, which actually created the group. However, once added the group, Virtual directories enumeration worked like a charm.
This is probably due to security issues, I’m planning to have a deep look into all new groups created and the RBAC model.
The next step required for migration is to move the OAB generation server. It can be safely performed by the EMC or Powershell. For those who prefer EMC you need to point under Organization Configuration –> Mailbox –> Offline Address Book.
Right Click “Default Offline Address Book”, then move, and choose your exchange 2010 server. Wait or force generation.
At this point, moving mailbox is the next step. Once the process completes, you can safely uninstall Exchange 2007 from your old server and then demote it to completely remove it's account from domain. 11/17/2009
Installation of binaries:
Here we are again. Once i met all the requirements, I’m ready to fire up setup.. the journey begins!
Please note: I’ve already extended AD Schema to Exchange 2010 as a part of the exchange 2007 Sp2 update process. Migrations from Exchange 2007 Sp1 organizations are not supported by Microsoft.
The setup is as straightforward as Microsoft has always used us to. During the installation process you’re required to tell the wizard if the CAS server you’re deploying is facing the internet or not, and which external name should hold, if so. For any multisite installation, you’re required to first install all internet CAS Servers. The correct plan for deployment should be:
-
Internet Facing CAS
-
Internal CAS
-
HubTransport
-
MBX Server
A little note: There’s no backward compatibility between 2010 and 2007 CAS/HubTransport Server. Backward compatibility for OWA is provided by using a redirect from 2010 to old CAS in case the mailbox isn’t yet migrated to the new mailbox server. 2010 Transport servers cannot deliver mail to 2007 mailboxes and vice-versa. This means you must have a CAS/hub 20xx in every site you have a 20xx Mailbox Server.
After the setup completes you’re ready to fire up the new 2010 MMC/Powershell. You’re likely to have some problems while enumerating OWA/EAS/OAB directories both using MMC or Powershell. I’ll explain this issue in the next part.
As a note, even if not required, reboot. During installation your computer is added to the Exchange Trusted Subsystem group (note it, later you will need it again), and, as far as i know, a reboot is required to refresh memberships of Computer accounts. I might be mistaken, but rebooting at this point is not that damaging, so better be safer.
In the next part I’ll address an annoying problem with enumerating all virtual directories but EMC. 11/13/2009
Prerequisites:
I’ve finally managed to put my hands on Exchange 2010 RTM Standard, this means i will proceed to upgrade my current 2007 organization soon.
Being mine a test network, some best practices to configure legacy support is not that important, as i just need to migrate a single test mailbox; however, coexistence between Exchange 2007 and 2010 should be carefully planned before starting installing new bits.
I’m installing Exchange 2010 on a Windows Server 2008 Enterprise, which means i will need extra tools before being able to install new bits.
According to Technet, Exchange 2010 requires Windows Server 2008 Sp2, and some other tools:
-
The .NET Framework 3.5 SP1.
-
The Family Update for Windows Server 2008 x64. (You can apply both from Microsoft update during the first update cycle).
-
The Windows Server 2008 Sp2. (Again, from MS Update)
-
WinRM 2.0 and Powershell (Currently RC, from here). -
Microsoft Filter Pack, required from MBX and Hub Transport Roles. ( here).
The long long list is over. Next step is to set the NetTcpPortSharing service to automatic (please note the space between the equal sign and auto) and to install required components, which are kindly provided as an XML script from the Exchange team in the script directory! Thanks dudes! This saves some time.
sc config NetTcpPortSharing start= auto
ServerManagerCMD –ip Exchange-Typical.xml
You’re over. I’m now ready to proceed with the GUI setup, which i’ll cover in the next part. 10/17/2009Publishing Exchange 2010 Outlook Web App under Isa server 2006 requires little modifications of standard Isa server publishing rules for exchange 2007, mainly due to new EMC webapp. ECP (Exchange Control Panel) is what once was OWA Settings with much more, such as Distribution Groups Management and other improvements. To successfully publish exchange 2010 OWA you must first create a 2007 publishing rule (this is not a scope of this topic) as you’re publishing a 2007 CAS. Remember to set up basic authentication on both OWA and ECP directories on the 2010 CAS server and reset iis. If you try to access OWA right now everything would work OK until you hit the settings tab. ISA should return an error, telling you it refuses the URL requested.  Open the properties of the publishing rule and choose the Paths tab. You should end up with something like the figure on the left.
Remove both Excweb and Exchange paths, as they’re no longer needed if you removed all 2003 servers. Create a new path map. As Internal Path use /ECP/* and make sure same as external option is selected. And apply modifications. You’re over. NOTE: If you don’t use PF anymore you can safely remove the PF path. Remember to disable PF access from OWA segmentation properties though, just to avoid broken links. 10/8/2009
Finally the long wait is over!
Exchange reached the RTM state as announced by the exchange team here. Looking forward to see it published on technet to test it! 9/1/2009
There's a lot of buzz about the next release of Exchange (aka exchange "14" or 2010), however some improvements are already deployed when upgrading 2007 with latest bits.
The suspect first hit me when, after upgrade, i noticed a new group under the exchange OU: the Exchange Trusted Subsystem, that I found in a test installation of the 2010 beta bits.
According to documentation this group allows the exciting RBAC administrative model to work correctly, but how comes it is shipped with 2007 Sp2? This post from the exchange team explains it: to reduce the number of times we weed to extend the schema! How great: while upgrading to exchange SP2 you also prepare for the next release!
Please Note: extending the schema to 2010 does not unlock new features: it is just for convenience... 8/15/2009As you should have noticed, Windows 2008 R2 reached the RTM state as it’s best friend, Windows 7, does last week. In this post I’m sharing the upgrade process from Windows Server 2008 to R2 version. Unlike Windows 2003 R2 version, in fact, windows 2008 R2 should be considered as a new server OS and not as a secondary release. This means, to upgrade Active Directory schema to R2 version and take advantage of new features, you need a complete promotion of DC servers to R2. I actually have 2008 DC server, one that holds all FSMO roles. Both have Active Directory and DNS services, and both provides DHCP split configuration. First thing you need before promoting first R2 server as a domain controller, is to perform schema preparation from the Schema Master DC through adprep utility. As R2 is reserved to x64 bit only, microsoft provides a 32bit version of it’s adprep called adprep32 to all those who still deploys 32bit OS. Forestprep switch actually pulls active directory schema from 44 to 47.
Domainprep switch seems to do nothing at all in windows 2008 mode, however it does not hurt to run it either. Once replication is over, we need to actually demote the “secondary” 2008 DC, the one who doesn’t hold any FSMO role. As i have server core edition, i had to perform demotion from command line: -
sc stop DHCPServer will put dhcp services in stopped state, ready to be uninstalled. -
ocsetup DHCPServerCore /uninstall will uninstall completely DHCP server. -
ocsetup DNS-Server-Role-Core /uninstall will uninstall the DNS Services. I’m used to remove DNS services before demoting a domain controller becouse of the netlogon error in windows 2000/2003 demotion. I’m not sure it’s still necessary. -
dcpromo /AdministratorPassword:12345 will demote the active directory: from next reboot your windows server 2008 is just a member server. Note password is not secure, as we remove the server completely later on. -
netdom remove serverFQDN /domain:<domainname> /userd:<domain\administrator> /passwordd:* will remove completely the server from active directory and disable it’s account. Done. You can wipe your server and install R2 over it. In the meanwhile the OS is installing take care of removing DNS delegations from the remaining DNS server. I assume you’re already familiar with inserting product keys and configuring the server IPs from server core. -
Join your fresh installation of R2 to domain with:
Netdom join <srvname> /domain:<domainname> /userD:<domain\administrator> /passwordd:* -
Prepare your answer file and shoot dcpromo /answer:file.txt. -
As soon as the server reboots, you have your first R2 dc. -
Transfer *all* FSMO roles to R2 Dc with ntdsutil: this will allow you to remove the other 2008 Dc. -
Repeat all previous steps for demoting your next 2008 dc. Remember to check static configuration of other servers, if you use different IPs for your new installations. Once you remove your last 2008 dc, you have all prerequisites to upgrade your Functional Levels to 2008 R2 mode. This will allow you to enable AD recycle bin and other nasty things. Remove old DC containers from sites and services console. NB: This post is provided as is, and should be not considered a step-by-step guide. Indeed, remember ALWAYS to check replication has been completely before demotion. 7/11/2009Yes. Hell. I haven’t found anything less documented than the configuration of the DirMan on sharepoint services. DirMan is that service which allows to create and destroy contacts in active directory when mail enabling lists. Technet reserves a small paragraph about it. Looking to requirements, DirMan needs: -
Privileges to read and write objects under a specific ou where all lists will be created (should be simple, according to technet) -
A domain account to run the Central Administration (already done right after installation). Besides that, to mail enable a list you need also to configure the SMTP service on the server (that’s the easyest part LOL). Well, forget it. It’s not enough. Really. DirMan configuration requires google. And patience. You need to search almost the whole network to find solution to all thoose “little” problems you need to solve after installing smtp and configuring dirman. Installation of SMTP service is a piece of cake. Just install it from server manager, under features. It doesn’t even require to reboot the server. Once installed, firewall is automatically configured to allow connection to port 25.  From the IIS 6.0 Manager, all you need is to configure SMTP domain and relay restriction.
It’s all done with that. Next part concerns delegation of privilege to SPCAAppPool account. Create a new OU let’s call it SPContacts. It’s DN will be:
OU=SPcontacts,DC=domain,DC=domain (note it, you will need it later). Right-Click on the OU as domain administrator and run the delegation wizard. Add the user SPCAAppPool, select to “Create a custom task to delegate” and select “This folder, existing object in this folder, creation of new object in this folder” on the next screen of the wizard. Assign the Create All Child Objects and Delete All Child Objects. Click on finish. This would be enough to create contacts, but you will receive an Application Error when removing the email functionality from a list. That’s it, technet don’t mention that. On the AD Users and computers management console, select View –> Advanced to enable the security tab on OUs properties. Right click on SPContacts OU, choose properties then security. Click the advanced button, and from the permission entries double click the record related to SPCAAppPool user. In the new window that pop ups, assign the right of “Delete Subtree", then accept changes. This is just the beginning. In the next part we’ll configure Incoming Mail from Central Administration and try to mail enable a list, failing miserably. 7/10/2009In the last month, my interest for MOSS growed that much i finally decided to transfer this site from WSS to MOSS, which means, in detail, from WSS 3.0 on Windows 2003 x64 to MOSS 2007 on Windows 2008 x64. The motto is: if you use it, you really know it (hopefully). As many might know, MOSS requirements are strict on windows 2008. It must be SP1. And some prerequisites need to be installed from servermanager. Fortunately there’s a list of features required available on technet.. well, i admit i haven’t found them, but thanks to Mark Garcia and his blog article i’ve been able to review prerequisites and install them using his xml script. While windows update was running, i started with Active Directory Prerequisites. I needed two domain user account: | DOMAIN\SPSAdmin | This user will be the domain user / local administrator account which i will use to install SPS. | | DOMAIN\SPSCAAppPool | This account will be used later to differentiate the CA Application Pool accoun from others. It will have some privileges to write on some OUs to create mail enabled lists. | Once done and rebooted i’ve just logged in as SPSAdmin and run the installer. I decided for a base install becouse of the lack of space in my virtual server. Microsoft however suggest to use base install on test environment only, and it’s probably right. Using Windows internal database is not that smart on corporates. I decided to turn off the windows firewall during the setup. It’s a matter of ports. Actually central administration comes installed without the option to set a default port. Shame on it. Better to open up everything and tune the firewall later. Once the installation is done, run the Server Config. At the end you’ll end up with Sharepoint Central Administration Page. Forget all the administration tasks in the general page: the first thing to do is to set a domain user for the CA application pool. This is a command line feature, no matter where you look for. Sintax is quite simple: stsadm –o updatefarmcredentials –username domain\SPCAAppPool –password password Wait 2-3 minutes then reset IIS. MOSS is now on, fully functional, and with a user account for the Central Administration. Wait! There are a lot of permission denied (DOH). I just forgot to add SPCAAppPool account to thoose SQL##blablabla groups. Once added and rebooted everything worked smootly. Last thing is to take notes of TCP ports for sharepoint services to add to firewall rules and enable firewall again. 5/29/2009Today, after applying the Exchange 2007 Sp1 Rollup 8 my Outlook 2007 SP2 stopped to start. The only message it gave each time, was: Cannot start Microsoft Office Outlook. Cannot open the Outlook window. I’ve tried safe mode (obviusly wasn’t that. I hadn’t install anything on my client), but responded the same. Then i started thinking the rollup changed something in the way OL and Exchange talks (who knows?). I tried to run outlook with the /resetnavpane switch. Gotcha. Problem fixed instantly. I’m just in need to know what happened, though. | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
|
|
|
|
|
|