Harold Wong's Blog Site

Alright!  I finally finished going through the Q&A Log for Part 3 of 24 in the Exchange Server 2007 webcast series!!  There were quite a few attendees online and just like part 1 and 2, we had a lot of questions.  I have done my best to edit the Q&A log so that it is readable (I did not check spelling or grammar of questions).  I know there are duplicate questions (from different attendees) despite the fact that I did my best to eliminate them.  Thanks for your patience as it did take a little longer than I had planned.

I am posting the edited Q&A log below.  If I missed something, please let me know.  Thanks.

Harold Wong
harold.wong@microsoft.com

Exchange Server 2007 Series (Part 3 of 24) Questions and Answers Log (1-26-07)

Question: Have parts one and two of this series been posted to the Microsoft www site yet?

Answer: http://www.microsoft.com/events/series/tnexchangeserver.mspx#24HoursofExchangeServer2007.

Question: Forefront for EX07 works on a x64 machine, however Forefornt Client Management Server (which is in Beta) does not. Do you know if it will move to x64?

Answer: Yes, the 64-bit version was just made available for download on Jan 8. You can get it at http://www.microsoft.com/downloads/details.aspx?FamilyId=65C7116F-D238-463C-B3C7-E2627F210AEE&displaylang=en.  Note that registration is required for the download.

Question: can I access the personal folder from OWA 2007? Thanks

Answer: You cannot access PSTs from OWA.

Question: does every message go through a hub transport, even those within the same mailstore?

Answer: Absolutely!!! I did cover that on Wednesday's session and will touch on it again today. Since the policy engine is part of the Hub Transport, this ensures all messages are checked. - Harold

Question: How's the weather today? Why do I have a feeling that we're going to ask this question during all 24 sessions?

Answer: It is nice and sunny here in Phoenix today!!!! I hope we don't have that issue again. Of course, I will be in Seattle for some of my sessions, so hopefully, the rain won't get in the way (or the snow). - Harold

Question: Can we install OWA on the Edge Transport server or do we need to have it on its own server in the DMZ?

Answer: The Edge Transport server cannot co-exist with any other Exchange 2007 Server Roles.

Question: Can OWA be installed on its own server in the DMZ?

Answer: No, the Client Access server is not supported in a perimeter network. It must be deployed on the internal network.

Question: can owa in 2007 be configured not to use SSL, if so how can you make this config change

Answer: Yes, but I would recommend using it - Check out - http://technet.microsoft.com/en-us/library/aa996373.aspx.

Question: I have a zune can i view this later on the zune or will have a digial rights management issue?

Answer: You should be able to watch it if you obtain it in WMV format. It will not be DRM protected.

Question: Does moving mailboxes from Exchange 2003 to 2007 preserve Single instance Storage?

Answer: If you use the Move Mailbox process, yes.

Question: Is Exchange Management Shell in 2007 is what we called it Exchange System Management/ESM?

Answer: No, ESM (GUI tool) has been replaced by the Exchange Management Console (GUI tool). The Exchange Management Shell (EMS) is a new command-line interface built on top of the Windows PowerShell.  The Exchange Management Console is then built on top of the EMS.

Question: but SIS is not preserved if m/b gets moved to a different database or sg, correct?

Answer: SIS will be preserved for messages in the mailboxes that end up on the same store. It's difficult to say how SIS will be affected because each environment is unique. You can monitor your SIS ratio using performance counters before and after the move to see if your SIS ratios have changed.  If you move just one mailbox from a server to another server or one database to another database, SIS won’t be preserved since you’re only talking about one mailbox.  However, let’s take a look at an example where you have 100 mailboxes and all 100 received the same email with the same 1 MB attachment.  If you move all 100 mailboxes to the same database on a new Exchange 2007 Server, SIS will be maintained.  If you split those 100 mailboxes across three databases on the new server, SIS will be maintained for each database.

Question: Is the OWA server (client access server) still recommended as the 1st server installed in an environment?

Answer: If you have a FE / BE configuration today on Exchange 2003 and are looking to do a phased implementation, then you will need to implement an Exchange 2007 CAS prior implementing the Mailbox Role.  You can install both at the same time onto the same machine though.

Question: What is the Log Checkpoint depth cutoff in Exchange 2007? Currently it is 1024 in 2k3.

Answer: Checkpoint depth is 20 MB per storage group

Question: So, what is the PowerShell then?

Answer: http://www.microsoft.com/windowsserver2003/technologies/management/powershell/default.mspx.

Question: hi - a question relating to Wednesdays session - what happens if i leave all my sites in the default site link - will the mail just deliver direct but follow whatever routing i have on my routers ?

Answer: Yes. That is basically what happens.

Question: I have 1 exchange2003 server I want to transition to Exchange2007, do I must have 2 exchange2007 to do so, and what is the installation order for exchange2007 roles to accomplish this transition

Answer: You are going to add the Exchange 2007 server to your existing environment. The Edge transport role is not required, but highly recommended. If you are going to put it all on one server I would install the Hub, Mailbox, and Client Access at the same time

Question: My server is a dual processor XEON which is 64 bit hardware, but is currently limited to 32 bit because it is running SBS2003 with Exchange 2003. Can I do an inplace upgrade to Windows 2003 64 bit and Exchange 2007 if I only have the one server?

Answer: No, you cannot perform an in-place upgrade of Exchange 2000 or Exchange 2003 to Exchange 2007.

Question: is there documentation explaining the upgrade process from a Exchange 2003 cluster?

Answer: There is no in-place upgrade. You install a new cluster and then move the mailboxes. See http://technet.microsoft.com/en-us/library/aa997177.aspx.  

Question: So if the Log Checkpoint Depth is 20MB, and the logfiles are 1mb each, do i understand that to mean that the actual number is 20,000 logs for Checkpoint Depth?

Answer: No. Checkpoint depth is cached pages of a storage group’s databases that is updated in RAM but not yet to disk.

Question: Is it true that Exchange 2007 no longer relies on Active Directory?

Answer: NO... that's not true!  The only role that does not require AD is the Edge Transport role.  It can be a member of an AD domain such as a DMZ domain for management purposes.

Question: Is it technically possible to cluster a physical Exchange 2007 to a Virtual server (VMWARE 3.0)?

Answer: In a lab, yes. You can build both SCC and CCR clusters in a virtual environment. This would not be supported in production, however.

Question: Did he say the UM is only for out-bound?

Answer: No, he said that faxing is inbound only.

Question: I had a Hub Transport server run low on disk space and it caused messages being delivered to stop in the Drafts folder. Why the Drafts folder and not the Outbox?

Answer: Because the mail submission itself did not complete.  If this is the case, the email is not submitted to the outbox and will sit in the Drafts folder.

Question: I have been told that the edge roile is npt required, when is it required? I plan to transition from exchange2003 to exchange2007 so I need to know if I must budget 2 exchange2007 servres and licenses (1 for edge role and 1 for all other roles). My current exchange2003 box uses a smarthost to send messages out and use a 3rd party mail service provder which send messages from internet to the exhcnage2003 box

Answer: It's not strictly required. Without it you're no better or worse off than you were with 2003. But it's just a really good idea to have some kind of screening of e-mail as far from your domain as possible.

Question: how many servers do i have to have for the installation?

Answer: Minimal is 1 - It will have the Mailbox, Hub Transport and Client Access Server Roles. 2 if you want to install an Edge Transport Server.

Question: Is that correct that the Hub Transport Server is involved in the CCR & LCR?

Answer: It depends on what you mean by “involved”.  The Hub Transport is always responsible for email delivery whether you have a CCR or LCR environment or a non clustered environment.  The Hub Transport is not the mechanism used for log shipping and replaying.  See http://technet.microsoft.com/en-us/library/bb124521.aspx for more details on CCR.

Question: Can you combine um, ca, ht all in one box?

Answer: Yes.

Question: okay so Exchange 2003 and AD still operate the same as on 2003 networks?

Answer: Yes. If you're in Exchange 2003 / 2007 mixed, your 2003 servers will still use their routing groups, and will have a connector to the 2007 servers (which will route to each other via site definitions.)

Question: are there any metrics that explain or display the performance affects having combined roles on one box?

Answer: Yes. Please see http://msexchangeteam.com/archive/2007/01/16/432222.aspx and http://msexchangeteam.com/archive/2007/01/15/432199.aspx.

Question: Can i download this slide show?

Answer: You'll get an e-mail tomorrow with links to where you can get the slides. You can also "print to pdf" now in the file menu if you just want to print these or save a pdf.

Question: if i put an ISA server in the DMZ to publish OWA and ActiveSync, do I need an edge server for SMTP?

Answer: Please keep in mind that the Edge Transport has nothing to do with OWA or Exchange Active Sync.  Although the Edge Transport is not required, I would highly recommend it.

Question: May I setup a CCR consisted of one server in one town and another server in another town? If yes what is tha minimum bandwidth required?

Answer: Yes, you can, but be aware that there are subnet addressing restrictions. Both servers need to be addressed as being on the same subnet.

Question: Can you cluster the UM role for high availbility

Answer: No, only the Mailbox server role can be clustered. UM deployments can be made more resilient by deploying multiple Unified Messaging servers where two or more are in a single dial plan. The VoIP gateways supported by UM can be configured to route calls to UM servers in a round-robin fashion. In addition these gateways can retrieve the list of servers for a dial plan from DNS. In either case the VoIP gateways will present a call to a UM server and if the call is not accepted, the call will be presented to another providing redundancy at the time the call is established.

Question: Do we have a white paper on migration from Lotus Notes to Ex 07

Answer: Please take a look at the following tools: http://www.microsoft.com/technet/prodtechnol/exchange/articles/migrate_ibm.mspx as well as http://msexchangeteam.com/archive/2007/01/22/432324.aspx.

Question: If I have a 64 bit dual Processor XEON server running 32 bit SBS2003 and Exchange 2003 is there a step by step procedure for saving all the active directory information, user data and exchange data to tape and then rebuilding the system as Windows 2003 64 bit and Exchange 2007 and restoring the information from the SBS2003 backup?

Answer: These are the only supported Transition/Migration scenarios: http://technet.microsoft.com/en-us/library/a313c016-0e51-466e-a3de-953e1e0d347d.aspx. There is no direct Transition path from SBS 2003 since that is a scenario that goes just beyond Exchange.  You can introduce a new Exchange 2007 server into the existing SBS 2003 environment, but this is similar to the Transition from Exchange 2003.

Question: Since Outlook anywhere is more powerful than Outlook web access why still have OWA?

Answer: Because Outlook Anywhere still requires the full Outlook client. Sometimes all you have is a browser.

Question: is the UM role Microsft's answer to Cisco Unity? Can both products co-exist?

Answer: The UM Role is Microsoft’s solution for Voicemail.  The two can co-exist, but they don’t work together nor can you have a voicemail box on both based on a single mailbox.  The idea is that you would use one or the other solution.

Question: Is there a fix for Office Live meeting and I.E.7?

Answer: To download and install the Live Meeting Console Hotfix, please go to: http://www.microsoft.com/downloads/details.aspx?FamilyID=8bb36446-1465-4f52-b820-433b7ecda7d6&DisplayLang=en.

Question: The checkpoint depth i was referring to is the Log generation checkpoint depth. Not the RAM based checkpoint depth. What will this Log Generation Checkpoint depth be in 2k7?

Answer: 20 MB, which is 20 logs.

Question: Is there a list available of manufacturers currently making VoIP gateways compatible with E2K7 unified messaging?

Answer: Start Here - http://technet.microsoft.com/en-us/library/2516dac1-dfdc-47eb-8e6f-18b1537a57b2.aspx.

Question: where is the list of pbx's?

Answer: Start Here - http://technet.microsoft.com/en-us/library/2516dac1-dfdc-47eb-8e6f-18b1537a57b2.aspx.

Question: do you have a comparsion of Cisco Unity and Call Manager vs Microsoft Unified Messaging?

Answer: We do not have a comparison chart at this time.

Question: do you know about a link where i can find information about the installation guide?

Answer: See http://technet.microsoft.com/en-us/library/aa995902.aspx.  But see also, http://technet.microsoft.com/en-us/library/aa998636.aspx.

Question: I think Harold should say that CAS is actually not needed in an AD site (besides m/b and Hub Transport) if only MAPI clients are present - correct?

Answer: That is not true. CAS is needed in each AD site containing a Mailbox Server.

Question: What is the compression for UM voicemails?

Answer: Since it can use Windows Media it is smallest available, but also uses Standards from Industry.

Question: Is it possible to configure two DMZ servers using NLB as redundant edge servers?

Answer: You can have redundant Edge servers, and we recommend that for availability reasons. You can deploy multiple Edge Transport servers and use round robin DNS to load balance activity across those servers.

Question: Is the antispam agent the same thing as the IMF?

Answer: Antispam is more than just IMF - it's also recipient filtering, protocol filtering, and content filtering.

Question: the voip site seems to indicate that you ALWAYS need a gateway unles syou are using Cisco VM 4/5 - if I have an AVAYA 8700 or MITEL 3600 which are IP PBX's do I still need a separate VOIP gateway and, if so, why ?

Answer: No, not necessarily.  It does depend on the VOIP system you have.  If you look at Cisco’s Call Manager 4, it is not directly 100% compatible with Exchange UM.

Question: Does Microsoft now use 2007 for it's production email and if so, is all content filtering done by 2007 or do you use additional tools/services?

Answer: Yes, we moved from Exchange 2003 with 3rd party Hygeine to a Total Exchange 2007 solution.

Question: would you install antivirus on a mailbox server or just hub transport?

Answer: Some AV products require access to the mailbox. Others (Forefront) use the transport OR mailbox for checking messages. So it really depends on the product you're using.

Question: Does the Edge Transport also do message hygiene, filtering, etc Sorry if this was a redundant question

Answer: Yes this is where it happens

Question: according to some MS official guide this is stated otw, where CAS is only needed for non-MAPI clients and/or OWA is not needed

Answer: Can you provide a URL that says that? We have it well documented in many places, e.g., http://technet.microsoft.com/en-us/library/bb123517.aspx, that CAS is required in each site containing a Mailbox server – 4^th bullet under Recommended Deployment Process.

Question: Are there any plans to add an IMF admin interface to manage white lists, etc. (ie. IMFcompanion)

Answer: I know customers are asking for this.  If this is important to you as well as having quarantine queues exposed to the end user for them to self-manage, please email me at harold.wong@microsoft.com!!!  I need supporting documentation to provide to the PM in charge of Edge Server.

Question: Can you configure multiple Edge transport server for Dr and load balancing?

Answer: You can have redundant Edge servers, and we recommend that for availability reasons. You can deploy multiple Edge Transport servers and use round robin DNS to load balance activity across those servers.

Question: What are the licensing costs, per user, or per server, for ForeFront?

Answer: http://www.microsoft.com/forefront/2006/howtobuy/default.mspx.

Question: I thought the forefront came included with Enterprise licensing

Answer: http://www.microsoft.com/forefront/2006/howtobuy/default.mspx.  We do include ForeFront with the Exchange Enterprise CAL (but only on the mailboxes you purchase the Exchange Enterprise CAL for).

Question: do you know any good site where you can read how you setup Outlook RPC for Exchange 2007?

Answer: That feature is now called Outlook Anywhere. Please see http://technet.microsoft.com/en-us/library/bb123513.aspx for details on managing Outlook Anywhere.

Question: can I use the *allow safe list* without an EDGE role server? I am just trying to figure it when do I really need to budget 2 exchange2007 servers.

Answer: No, this feature is only available if you are using the Edge Transport server role.

Question: Where was that link to the list of PBXs that are supported?

Answer: http://www.microsoft.com/technet/prodtechnol/exchange/2007/um.mspx?WT.svl=2007resources.

Question: Can an Edge Transport Server be added to an existing Exchange 2007 environment at a later point without major reconfiguration?

Answer: Yes.

Question: Does the Edge Transport support TLS, or what type of secure email does it handle?

Answer: Secure SMTP (SMTPS) from Edge to Hub Transport. And from Hub to Edge it's using SMTP plus 50389 (LDAP) or 50363 (Secure LDAP) for Edge Sync traffic.

Question: External emails come into our smart host (Solaris) then forward to E2K svrs. In 2007 exchange architecture, is smart host replaced by edge server?

Answer: It can be. Or you can go to the Edge from your Solaris server. It's up to you.  Of course, we would prefer that you replace your Solaris smart host with the Exchange Edge Transport server role.  J

Question: Will there be a version of Exchange 2007 that includes unified messaging AND which installs as a part of SBS 200X? If so, what is X?

Answer: If you are referring to Exchange Server 2007 being part of the SBS server, the information is here: http://www.microsoft.com/exchange/evaluation/topquestions.mspx.  

Question: do you get Forefront licents with Exchange 2007 if you have EA?

Answer: If you include the Exchange Enterprise CAL, you do.

Question: is it recommended to install excahgne2007 on a DC?

Answer: No, for many reasons, including security, performance, and availability. Also, if you cluster a Mailbox server, the nodes cannot be directory servers; they must be member servers. Finally, once Exchange is installed, you cannot change the server's role in either direction using DCPromo, as that is also not supported.

Question: what is the min mem requirement for Ex 07

Answer: Check out - http://www.microsoft.com/technet/prodtechnol/exchange/2007/evaluate/sysreqs.mspx.  Also check out - http://www.microsoft.com/technet/prodtechnol/exchange/2007/plan/hardware.mspx.

Question: it seems that both Windows PowerShell and Exch Managment Shell provide command line interfaces. What are the difference between the two?

Answer: Exch Management Shell is really the Power Shell with additional commandlets added. Exchange installation requires the PowerShell to have been installed first, and then it adds the Exchange Commandlets and objects into the PowerShell session as you launch it.

Question: Does the interorg replication tool work with an Exchange 2007 org in one forest and an Exchange 2003 org in another forest?

Answer: Please see http://technet.microsoft.com/en-us/library/aa996010.aspx for details on this.  The short answer is: no.

Question: if you check the passive clustered mailbox role, whey are the other options greyed out?

Answer: Because that is the role you are installing.  You cannot have any other roles co-exist with an Active or Passive Node of a CCR configuration.

Question: would you still advise installing the management tools onto dc's or should all exchange tasks now be carried out on the exchange server or a management workstation ?

Answer: No need to install on DCs. You're not going to be using ADUC to create mailboxes any longer. You can create users and mailboxes seperately, or you can create both using the Exchange Management Console (or Management Shell).

Question: what is a good source for the recommended hardware minimums and recommendations and best practices for each server role?

Answer: http://www.microsoft.com/technet/prodtechnol/exchange/2007/plan/hardware.mspx.

Question: MOC 5047AT Chapter 2 Module 2 Pg 8 which says "You must have at least one Client Access server role in each Active Directory site where you have a Mailbox server role unless clients will access the mailboxes on the server only using MAPI clients."

Answer: Thank you. I'm a reviewer of that course and that will be corrected. Keep in mind that Outlook 2007 is a MAPI client, and that it will use a CAS server for Autodiscover and the Availability service which provides Free/Busy information.

Question: I thought it was stated in the earlier sessions that the Mailbox Servers were the only ones that were clusterable?

Answer: That is correct. Only the Mailbox server role can be clustered.

Question: can I install exchange2007 on a DC? (not SBS) but th eonly server in the organization. what will be the risk if any.?

Answer: You could but it is not advised - Security Risk for Exchange to be on AD

Question: Does a basic exchange server 2007 license give the user the right to install each of the 5 (?) roles, if required, on 5 separate machines?

Answer: no, each machine requires a license. Note that you can run multiple roles on a single server.

Question: Can I install 32b version with 1gig of mem in MS virtual server environment

Answer: yes that will work, I have demoed that

Question: If we use the edge and put the other 4 roles on one server does that mean we have to purchase 2 licenses on for the edge server and one for the server containing the other roles?

Answer: yes.

Question: Are the Exch Mang Console, PowerShell, and management Shell is all part of the Managament tool when one is performing Exch install?

Answer: Windows PowerShell is a separate install that is required to be installed before you run Exchange Setup. After that is installed, when you install Exchange, then the Exchange Management Console and the Exchange Management Shell are installed. The Management Tools also include ExBPA and the Exchange Help File.

Question: where do i find the baest practice tool

Answer: http://www.microsoft.com/technet/prodtechnol/exchange/downloads/2003/analyzers/default.mspx.  For Exchange 2007, look in the Toolbox section in the Exchange Management Console.

Question: Can you run CAS and a mailbox role that only has the public folder store on the same box. No mailboxes.

Answer: Yes, as long as the Mailbox server role is not clustered. :-)

Question: Is the Ex2003 rule of thumb 4 Exchange processors to 1 DC processor still vaild for Exchange 2007?

Answer: No, because we are 64 bit now

Question: Is the presenter using power shell?

Answer: Exchange Management Shell... which is running on top of PowerShell. So.. yes. :)

Question: Let's say i install the 4server roles on a server, and i have a modem card on it, will the unified messaging role work with that?

Answer: Please review this resource for supported UM configurations. http://www.microsoft.com/technet/prodtechnol/exchange/2007/um.mspx?WT.svl=2007resources.

Question: Can we allow safe emails to sync to the Edge Server to ONLY certain users? Example: Admins

Answer: I'm not sure I understand your question. "emails" don't "sync" to the edge. Mail flows between the Hub and Edge, but sync information only flows from hub to edge for the sake of valid recipient or users "safe sender" information (among other things).

Question: Are 4way active-active mailbox clusters supported w/ 2003 & 2007?

Answer: No. There are no Active/Acti