Evaluate the real Power Consumption of your PC using PowerCfg

PowerCfg is a utility built into Windows 7 OS, that can be used for evaluating system energy efficiency of the system. IT professionals can use these PowerCfg enhancements to diagnose and resolve end-user problems with portable computer battery life and desktop energy efficiency.

In addition to power policy configuration, PowerCfg also enables system manufacturers to inspect a Windows platform for common energy efficiency problems. Many individual energy efficiency problems can be detected, including inefficient power policy settings, USB device selective suspend issues, and platform firmware problems that relate to processor power management capabilities. Here is a video that shows how to use PowerCfg to evaluate system energy efficiency and details the energy efficiency problems that might be detected.

Automating with Windows Powershell

Windows PowerShell™ is a task-based command-line shell and scripting language designed especially for system administration. Built on the .NET Framework, Windows PowerShell™ helps IT professionals and power users control and automate the administration of the Windows operating system and applications that run on Windows.

Built-in Windows PowerShell commands, called cmdlets, let you manage the computers in your enterprise from the command line. Windows PowerShell™ providers let you access data stores, such as the registry and certificate store, as easily as you access the file system. In addition, Windows PowerShell™ has a rich expression parser and a fully developed scripting language.

Windows PowerShell™ includes the following features:

• Cmdlets for performing common system administration tasks, such as managing the registry, services, processes, and event logs, and using Windows Management Instrumentation.
• A task-based scripting language and support for existing scripts and command-line tools.
• Consistent design. Because cmdlets and system data stores use common syntax and naming conventions, data can be shared easily and the output from one cmdlet can be used as the input to another cmdlet without reformatting or manipulation.
• Simplified, command-based navigation of the operating system, which lets users navigate the registry and other data stores by using the same techniques that they use to navigate the file system.
• Powerful object manipulation capabilities. Objects can be directly manipulated or sent to other tools or databases.
• Extensible interface. Independent software vendors and enterprise developers can build custom tools and utilities to administer their software.

Watch this video to see how easily you can automate IT Tasks with Windows Powershell:

 

Technorati Tags: Powershell,Windows 7,Windows Server 2008,R2,exchange,scripting

Wish to migrate to Windows 7 ? Here’s how to do it in a few Easy steps!

You can easily migrate from your existing Windows XP platform to the new Windows 7 platform without losing your data, pictures and documents! You can just use Windows Easy Transfer, a free download, to help you move your files and settings to another location before you install Windows 7. Then, you can use Windows Easy Transfer again to move your files and settings back to your PC after Windows installation is completed.

If you don’t use Windows Easy Transfer, you’ll need to copy your files manually to an external location, such as CDs, DVDs, an external hard disk, or a USB flash drive before installing Windows 7, and then move them back after Windows installation is completed.

Windows Easy Transfer creates a single file containing your files and settings. The file could be quite large depending on the amount of data you have, which is why we recommend using an external hard disk.

As you prepare to move your files off of your computer to an external storage device, remember the following:

• Windows Easy Transfer doesn’t move your programs, only your files and settings. You’ll need to reinstall your programs by hand after Windows 7 installation is complete. Windows Easy Transfer will provide you with a list of programs that you are currently using with Windows XP.
• Don’t use the File and Settings Transfer Wizard in Windows XP to move your files. It isn’t compatible with Windows 7, and if you use it, you won’t be able to restore your files in Windows 7. Use Windows Easy Transfer instead.
• Windows Easy Transfer can’t transfer files from a 64-bit version of Windows to a 32-bit version of Windows. If you’re running a 64-bit version of Windows XP, but you plan to install a 32-bit version of Windows 7, you’ll need to copy your files manually to an external location before installing Windows 7, and then move them back after Windows installation is completed.
• Windows Easy Transfer moves your music and video files, but doesn’t migrate the licenses for content protected by digital rights management (DRM). This means that you’ll need to re-obtain rights to DRM‑protected files from the online store that provided them after you finish installing Windows 7 and restoring these files to your computer. For more information, see Step 4: Moving your files and settings back to your computer.

Note:

Some online stores don’t restore rights to their DRM‑protected files. For details about store policies, refer to your store’s customer support or Help information. If your music or video was obtained from a store that’s no longer in business, you won’t be able to restore your rights to that content.

You’ll also need Windows XP Service Pack 2 or higher. If you’re not sure of what you have, click Start, right-click My Computer, and then click Properties. Under System, if you see “Service Pack 2″ or “Service Pack 3,” you can use Windows Easy Transfer. If you’re not running Service Pack 2 or 3, go to the Windows XP service pack page on the Microsoft website to update your PC.

Download and install Windows Easy Transfer

1. Download Windows Easy Transfer from the Windows website. If you’re running a 32-bit version of Windows XP, under For Windows XP, click Download 32-bit. If you’re running a 64-bit version of Windows XP, click Download 64-bit.
2. On the Microsoft Download Center webpage, click Download, and then click Run.
3. In the Security Warning dialog box, click Run.
4. In the Software Update Installation Wizard, click Next.
5. If you agree to the license terms, select I Agree, and then click Next.
6. After installation is complete, click Finish.

Open and run Windows Easy Transfer to save your files and settings

1. Make sure your external hard disk or other storage device is connected to your computer.
2. Click Start, click All Programs, and then click Windows Easy Transfer for Windows 7.
3. Click Next.
4. Select An external hard disk or USB flash drive.
5. Click This is my old computer, and then wait while Windows Easy Transfer scans the computer.
6. Clear the check boxes next to any user accounts that you don’t want to transfer data from, and then click Next.
7. Enter and retype a password, and then write it down and keep it in a safe place; or leave the boxes blank, and then click Save.
8. Browse to the external hard disk or other storage device where you want to save your Easy Transfer file, and then click Save.

   Note:

   You must save the Easy Transfer file to your external hard disk or other storage device, and not to the default location My Computer. If you don’t save the Easy Transfer file to your external hard disk, the file you just created will be deleted during the custom installation of Windows 7.

9. Windows Easy Transfer will begin saving your files and settings. Do not use your computer during this time.
10. When you see the message These files and settings have been saved for your transfer, click Next.

    Windows Easy Transfer displays the file name and location of the Easy Transfer file you just created. Write down the file name and location so you can easily find it when you’re ready to transfer files to Windows 7.

11. Click Next, and then click Close.
12. Ensure that the file is saved to your external hard disk or storage device, and then disconnect the device from your computer.

Gather your program discs and setup files

It’s important to remember that the Custom installation option doesn’t preserve any of your programs, so you’ll need to reinstall the programs that you want to use in Windows 7.

• Make sure you have the installation discs for the programs you want to keep using in Windows 7.
• You might have downloaded some programs from the Internet. If you still have the installation files on your computer (often called setup.exe, install.exe, or similar), copy those setup files to your external hard disk as well. If you don’t have the installation files, you’ll need to download them again after Windows 7 installation is complete.
• If you’re running a 64-bit version of Windows and plan to install a 32-bit version of Windows 7, programs that were designed to run only on a 64-bit operating system might not work. Check the software manufacturer’s website for more information, or go to the Windows 7 Compatibility Center. You can search the Compatibility Center for product names or browse many different categories of hardware and software tested to be compatible with both 32-bit and 64-bit versions of Windows 7.

Next: Install Windows 7 using the Custom option

Watch this video to know some free tools that you can use to perform a successful migration from Windows XP to Windows 7 in your enterprise:

 

Technorati Tags: Windows 7,Windows XP,Migration

What makes Windows 7 and Windows Server 2008 ‘Secure by Default’

Security is an integral part of how Microsoft’s new Client (Windows 7) and Server (Windows Server 2008) are designed and coded.

Microsoft Security Development Lifecycle

The concepts that make up the Microsoft Security Development Lifecycle (SDL) were formed with the Trustworthy Computing (TwC) directive of January 2002. At that time, many software development groups at Microsoft instigated "security pushes" to find ways to improve the security of existing code.

Becoming a mandatory policy in 2004, the Microsoft SDL was designed as an integral part of the software development process at Microsoft. The development, implementation and constant improvement of the SDL represents a strategic investment for Microsoft, and an evolution in the way that software is designed, developed, and tested.

Watch this video to know what makes Windows 7 and Windows Server 2008 ‘Secure by Default’ and ‘Secure by Design’

 

 

The Microsoft SDL has now matured into a well defined methodology. The increasing importance of software to society emphasizes the need for Microsoft and the industry as a whole to continue to improve software security. To that end, Microsoft committed in 2005 to supporting a more secure and trustworthy computing ecosystem and has made guidance papers, tools and training resources available to the public.

Next Steps

Know more about the Security in Windows Server 2008 and Windows Server 2008 R2

Know more about Security Enhancements in Windows 7

 

 

Technorati Tags: Windows 7,Security,Windows Server 2008,R2,SDL

Using a Data Recovery Agent to Recover BitLocker-Protected Drives in Windows 7

Data recovery agents are individuals whose public key infrastructure (PKI) certificates have been used to create a BitLocker key protector, so those individuals can use their credentials to unlock BitLocker-protected drives. Data recovery agents can be used to recover BitLocker-protected operating system drives, fixed data drives, and removable data drives. However, when used to recover operating system drives, the operating system drive must be mounted on another computer as a data drive for the data recovery agent to be able to unlock the drive. Data recovery agents are added to the drive when it is encrypted and can be updated after encryption occurs.

Pre-requisites

To complete the procedures in this scenario:

• You must be able to provide administrative credentials.
• Your computer must meet BitLocker requirements.

 

Complete the following procedures in order.

To enable BitLocker to use self-signed certificates

1. Click Start, type regedit in the Search programs and files box, right-click regedit.exe, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.

2. In Registry Editor, navigate to \HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\FVE.

3. On the Registry Editor menu, click Edit, point to New, and then click DWORD (32-bit) Value.

4. Type SelfSignedCertificates, and then press ENTER to create the SelfSignedCertificates key value.

5. Right-click SelfSignedCertificates, and then click Modify.

6. In Value data, type 1.

BitLocker can now use self-signed certificates.

To obtain a self-signed certificate to test BitLocker and data recovery agents

1. Open a text editor such as Notepad, and paste the following information into a new file:

   [NewRequest]

   Subject = "CN=BitLockerDRA"

   KeyLength = 2048

   ProviderName = "Microsoft Smart Card Key Storage Provider"

   KeySpec = "AT_KEYEXCHANGE”

   KeyUsage = "CERT_KEY_ENCIPHERMENT_KEY_USAGE"

   KeyUsageProperty = "NCRYPT_ALLOW_DECRYPT_FLAG"

   RequestType = Cert

   SMIME = FALSE

   [EnhancedKeyUsageExtension]

   OID=1.3.6.1.4.1.311.67.1.2

2. Save the file with the name bldracert.txt.

3. Insert a smart card into the smart card reader of the computer.

4. Click Start, type cmd in the Search programs and files box, right-click cmd.exe, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.

5. In the Command Prompt window, navigate to the location where you saved the blcert.txt file, and type certreq –new bldracert.txt to request a new certificate based on the parameters identified in the file. There may be a slight delay while the request is carried out, and you may be prompted to insert your smart card and type your PIN.

6. When prompted to save the request file, type a file name, and click Save.

You now have a data recovery agent smart card certificate that is appropriate for use with BitLocker.

To export a BitLocker DRA certificate

1. Click Start, and then type certmgr.msc to open the Certificates snap-in.

2. In the console tree, expand Personal, and then click Certificates.

3. Double-click the BitLockerDRA certificate to display the certificate properties sheet.

4. Click the Details tab, and then click Copy to File to start the Certificate Export Wizard.

5. On the Welcome to the Certificate Export Wizard page, click Next.

6. On the Export Private Key page, verify that No, do not export the private key is selected, and then click Next.

7. On the Export File Format page, verify that DER encoded binary x.509 (.CER) is selected, and then click Next.

8. On the File to Export page, click Browse to display the Save as dialog box. In File name, type BitLockerDRA. In Save as type, verify that DER Encoded Binary X.509 (.cer) is selected, and then click Save to return to the File to Export page. The File name box on the wizard page should now display the path to the BitLockerDRA.cer file in your document library. Click Next.

9. On the Completing the Certificate Export Wizard page, verify that the information displayed is correct, and then click Finish.

10. When the certificate has been exported, the Certificate Export Wizard dialog box will be displayed with the message The export was successful. Click Close to close the dialog and the wizard.

To add a BitLocker data recovery agent and unlock a drive

1. Click Start, type gpedit.msc in the Search programs and files box, and then press ENTER.

2. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.

3. In the console tree under Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Public Key Policies, right-click BitLocker Drive Encryption, and then click Add Data Recovery Agent to start the Add Recovery Agent Wizard.

4. On the Select Recovery Agents page, click Browse Folder to select the BitLockerDRA.cer file you exported in the previous procedure. If you did not need to export a certificate because you already had deployed a PKI with the necessary certificates, click Browse directory to choose a certificate from Active Directory Domain Services.

5. If you are prompted to install the certificate, click Yes. You can repeat this process as necessary to add multiple data recovery agents. After all data recovery agent certificates you want to use have been specified, click Next.

6. On the Completing the Recovery Agent Wizard page, click Finish to add the data recovery agent.

7. If you have not configured the Group Policy setting to specify the BitLocker identification field, complete Configuring the BitLocker Identification Field (Windows 7) before continuing with this scenario.

8. Encrypt a data drive as described in Turning On BitLocker Drive Encryption on a Fixed or Removable Data Drive (Windows 7). For a data recovery agent to be able to unlock a drive, the BitLocker identification field must be present and match the identification field defined for your organization.

9. To put the drive into a locked state so that you can test the data recovery agent, click Start, point to All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes. Type the following command, replacing Volume with the drive letter of the BitLocker-protected drive you want to lock:

   Manage-bde –lock Volume :

   Do not close the Command Prompt window.

10. Now that the drive is locked, you can unlock it by using the data recovery agent. First, you need the certificate thumbprint of the data recovery agent. To find this, at the command prompt, type the following command, replacing Volume with the drive letter of the BitLocker-protected drive you want to unlock:

    Manage-bde –protectors –get Volume :

    The key protectors identified for the drive are displayed. Find the key protector identified as Data Recovery Agent (Certificate Based), and record the certificate thumbprint.

11. To unlock the drive, type the following command, replacing CertificateThumbprint with the actual certificate thumbprint of the data recovery agent recorded in the previous step:

    Manage-bde –unlock Volume : -cert –ct CertificateThumbprint -PIN

12. Enter your smart card PIN when prompted. The drive is unlocked.

By completing the procedures in this scenario, you have assigned data recovery agents to BitLocker and used a data recovery agent to unlock a BitLocker-protected drive.

 

Excerpt from : BitLocker Drive Encryption Step-by-Step Guide for Windows 7

 

 

Technorati Tags: Windows 7,Security,Bitlocker,BDE,Recovery,Data Protection

How to Access/Configure different features in Exchange 2010

I found the following table quite useful as it has organized the Exchange 2010 features accessed by EMC, alphabetically by feature. It includes the click path that shows you how to get to the feature and the related topics that explain how to manage the feature

Exchange 2010 features managed in the EMC and Shell

Feature	How to get there in the Exchange Management Console	Related management topics
Accepted domains	Organization Configuration > Hub Transport > Accepted Domains tabEdge Transport > Accepted Domains tab	Managing Accepted and Remote Domains
Address lists	Organization Configuration > Mailbox > Address Lists tab	Managing Address Lists
Archive quotas, apply to mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Settings tab > Archive Quota > Properties	Configure Personal Archive Quotas for a Mailbox
Best Practices Analyzer	Toolbox > Best Practices Analyzer > Open Tool	Microsoft Exchange Analyzers
Calendar settings, apply to mailbox	Recipient Configuration > Mailbox > (Select Mailbox) Properties > Calendar Settings tab	Managing User Mailboxes
Client Access server settings	Server Configuration > Client Access > (Select Server) > Properties	Managing Client Access Servers
Content filtering	Edge Transport > (Select Server) > Anti-spam tab > Content Filtering	Configure Content Filtering Properties
Customer Experience Improvement Program, opt-in or opt-out organization	Microsoft Exchange On-Premises > Customer Feedback tab	Opt-in or Opt-out of the Customer Experience Improvement Program
Customer Experience Improvement Program, opt-in or opt-out servers	Server Configuration > (Select Server) > Properties > Customer Feedback Options tabServer Configuration > (Select Server Role Node) > (Select Server) > Properties > Customer Feedback Options tab	Opt-in or Opt-out of the Customer Experience Improvement Program
Database availability group networks	Organization Configuration > Mailbox > Database Availability Groups tab > (Select Database Availability Group) > Networks tab	Create a Database Availability Group NetworkConfigure Database Availability Group Network Properties
Database availability groups	Organization Configuration > Mailbox > Database Availability Groups tab	Managing Database Availability Groups
Database copies	Organization Configuration > Mailbox > Database Management tab > (Select Mailbox Database) > Database Copies tab	Managing Mailbox Database Copies
Database switchover	Organization Configuration > Mailbox > Database Management tabOrganization Configuration > Mailbox > Database Management tab > (Select Mailbox Database) > Database Copies tab	Switchovers and Failovers
Databases	Organization Configuration > Mailbox > Database Management tab	Managing Mailbox DatabasesManaging Public Folder Databases
Details Templates Editor	Toolbox > Details Templates Editor > Open Tool	Managing Details Templates
Diagnostic logging	Server Configuration > Mailbox > (Select Server) > Manage Diagnostic Logging Properties	Manage Diagnostic Logging Levels
Distribution groups	Recipient Configuration > Distribution Group	Managing Distribution Groups
Dynamic distribution groups	Recipient Configuration > Distribution Group	Managing Distribution Groups
Edge Subscriptions	Organization Configuration > Hub Transport > Edge Subscriptions tab	Managing Edge Subscriptions
Edge Transport server settings	Edge Transport > (Select Server) > Properties	Managing Transport Servers
E-mail address policies	Organization Configuration > Hub Transport > E-mail Address Policies tab	Managing E-Mail Address Policies
E-mail addresses, apply to public folder	Toolbox > Public Folder Management Console > Default Public Folders > (Select Mail-Enabled Public Folder) > Properties > E-Mail Addresses tab	Configure Public Folder Properties
E-mail addresses, apply to recipient	Recipient Configuration > (Select Recipient) > Properties > E-Mail Addresses tab	Configure User and Resource Mailbox PropertiesConfigure Mail User Properties Configure Mail Contact Properties Configure Distribution Group Properties Configure Dynamic Distribution Group Properties
Exchange ActiveSync mailbox policies	Organization Configuration > Client Access > Exchange ActiveSync Mailbox Policies tab	Managing Exchange ActiveSync with Policies
Exchange ActiveSync mailbox policies, apply to mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Features tab > Exchange ActiveSync > Properties	Add Users to an Exchange ActiveSync Mailbox Policy
Exchange Control Panel Web site	Server Configuration > Client Access > Exchange Control Panel tab > (Select Web Site) > Properties	Configure ECP Virtual Directory Properties
External Client Access domains	Server Configuration > Client Access > Configure External Client Access Domain	Configure External Client Access Namespaces
Federation trusts	Organization Configuration > Federation Trust tab	Managing Federation
Full Access permission, mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Manage Full Access Permission	Manage Full Access Permissions
Hub Transport server settings	Server Configuration > Hub Transport > (Select Server) > Properties	Managing Transport Servers
IMAP4, configure	Server Configuration > Client Access > POP3 and IMAP4 tab > IMAP4 > Properties	View or Configure IMAP4 Properties
IMAP4, enable, disable, or specify the MIME format for a mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Features tab > IMAP4	Enable or Disable IMAP4 Access for a User
IP Allow List providers	Edge Transport > (Select Server) > Anti-spam tab > IP Allow List Providers	Configure IP Allow List Providers Properties
IP Allow lists	Edge Transport > (Select Server) > Anti-spam tab > IP Allow List	Configure IP Allow List Properties
IP Block lists	Edge Transport > (Select Server) > Anti-spam tab > IP Block List	Configure IP Block List Properties
IP Block List providers	Edge Transport > (Select Server) > Anti-spam tab > IP Block List Providers	Configure IP Block List Providers Properties
Journal rules	Organization Configuration > Hub Transport > Journal Rules tab	Managing Journaling
License, input key	Server Configuration > Enter Product Key Group	Enter Product Key
License, view server and client licensing information	Microsoft Exchange On-Premises > Collect Organizational Health Data tab	Collect Organizational Health Data
Mail contacts	Recipient Configuration > Mail Contact	Managing Mail Contacts and Mail Users
Mail Flow Troubleshooter	Toolbox > Mail Flow Troubleshooter > Open Tool	NA
Mail users	Recipient Configuration > Mail Contact	Managing Mail Contacts and Mail Users
Mailbox server settings	Server Configuration > Mailbox > (Select Server) > Properties	Managing Mailbox Servers
Mailboxes, configure	Recipient Configuration > Mailbox	Managing User Mailboxes
Mailboxes, disconnected	Recipient Configuration > Disconnected Mailbox	Connect to the Disconnected Mailbox ServerConnect a Disconnected Personal Archive
Mailboxes, move	Recipient Configuration > Mailbox > (Select Mailbox) > New Local Move Request or New Remote Move Request	Managing Move Requests
MAPI, enable or disable for mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Features tab > MAPI	Enable or Disable MAPI for a User Mailbox
Message delivery	Organization Configuration > Hub Transport > Global Settings tab > (Select Transport Settings) > Properties > Message Delivery tab	Configure Transport Settings Properties
Message delivery restrictions, apply to recipient	Recipient Configuration > (Select Recipient) > Properties > Mail Flow Settings tab > Message Delivery Restrictions > Properties	Configure Message Delivery Restrictions
Message size restrictions, apply to recipient	Recipient Configuration > (Select Recipient) > Properties > Mail Flow Settings tab > Message Size Restrictions > Properties	Configure Message Size Limits for a Mailbox or a Mail-Enabled Public Folder
Message tracking	Toolbox > Message Tracking > Open Tool > (Log On to Outlook Web App) > (Select to Manage My Organization) > Reporting > Delivery Reports tab	Track Messages with Delivery Reports
Move request, view or remove	Recipient Configuration > Move Request	Managing Move Requests
Offline address book virtual directory, configure	Server Configuration > Client Access > Offline Address Book Distribution tab	Configure Offline Address Book Distribution Properties
Offline address books (OABs)	Organization Configuration > Mailbox > Offline Address Book tab	Managing Offline Address Books
Organization relationships	Organization Configuration > Organization Relationships tab	Managing Federated Sharing
Organizational health, update	Microsoft Exchange On-Premises > Organizational Health tab> Collect Organizational Health Data	Collect Organizational Health Data
Organizational health, view	Microsoft Exchange On-Premises > Organizational Health Data tab	Collect Organizational Health Data
Outlook Anywhere, configure	Server Configuration > Client Access > (Select Server) > Properties > Outlook Anywhere tab	Managing Outlook Anywhere
Outlook Anywhere, enable or disable	Server Configuration > Client Access > (Select Server) > Enable Outlook Anywhere	Enable Outlook AnywhereDisable Outlook Anywhere
Outlook Web App mailbox policies	Organization Configuration > Client Access > Outlook Web App Mailbox Policies tab	Managing Outlook Web App Mailbox Policies
Outlook Web App mailbox policies, apply to mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Features tab > Outlook Web App > Properties	Apply an Outlook Web App Mailbox Policy to a Mailbox
Outlook Web App virtual directories, configure	Server Configuration > Client Access > Outlook Web App tab	Managing Outlook Web App Virtual Directories
Performance Monitor	Toolbox > Performance Monitor > Open Tool	Performance and Reliability Monitoring Step-by-Step Guide for Windows Server 2008
Performance Troubleshooter	Toolbox > Performance Troubleshooter > Open Tool	NA
Personal archive, disconnected	Recipient Configuration > Disconnected Mailbox	Connect a Disconnected Personal Archive
Personal archive, enable or disable	Recipient Configuration > Mailbox > (Select Mailbox) > Enable ArchiveOR Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Features tab > Archive > Enable or Disable	Enable a Personal Archive for a New MailboxEnable a Personal Archive for an Existing Mailbox
POP3, configure	Server Configuration > Client Access > (Select Server) > POP3 and IMAP4 tab > POP3 > Properties	Managing POP3 and IMAP4
POP3, enable or disable for mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Features tab > POP3	Enable or Disable POP3 Access for a User
Public folder databases	Organization Configuration > Mailbox > Database Management tab	Managing Public Folder Databases
Public folder replication	Toolbox > Public Folder Management Console > Default Public Folders > (Select Public Folder) > Properties > Replication tab	Configure Public Folder Replication
Public folders	Toolbox > Public Folder Management Console > Default Public Folders	Managing Public Folders
Queue Viewer	Toolbox > Queue Viewer > Open Tool	Using Queue Viewer
Receive connectors	Server Configuration > Hub Transport > Receive ConnectorsEdge Transport > Receive Connectors	Managing Connectors
Recipient filtering	Edge Transport > (Select Server) > Anti-spam tab > Recipient Filtering	Managing Anti-Spam and Antivirus Features
Remote Connectivity Analyzer	Toolbox > Remote Connectivity Analyzer > Open Tool	Exchange Remote Connectivity Analyzer Tool
Remote domains	Organization Configuration > Hub Transport > Remote Domains tab	Managing Accepted and Remote Domains
Resource mailbox, configure	Recipient Configuration > (Select Resource Mailbox) > Properties	Managing Resource Mailboxes and Scheduling
Role Based Access Control (RBAC) User Editor	Toolbox > Role Based Access Control (RBAC) User Editor > Open Tool > (Log On to Outlook Web App) > Administrator Roles tab and User Roles tab	Administrator Roles TabUser Roles Tab
Routing Log Viewer	Toolbox > Routing Log Viewer > Open Tool	Using the Routing Log Viewer
Send As permissions, mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Manage Send As Permission	Manage Send As Permissions for a Mailbox
Send As permissions, mail-enabled public folder	Toolbox > Public Folder Management Console > Default Public Folders > (Select Mail-Enabled Public Folder) > Manage Send As Permission	Manage Send As Permissions for Mail-Enabled Public Folders
Send connectors	Organization Configuration > Hub Transport > Send Connectors tabEdge Transport > Send Connectors tab	Managing Connectors
Send on behalf, mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mail Flow Settings tab > Delivery Options > Properties	Configure User and Resource Mailbox Properties
Send on behalf, mail-enabled public folder	Toolbox > Public Folder Management Console > Default Public Folders > (Select Mail-Enabled Public Folder) > Properties > Mail Flow Settings tab > Delivery Options > Properties	Configure Public Folder Properties
Sender filtering	Edge Transport > (Select Server) > Anti-spam tab> Sender Filtering	Managing Anti-Spam and Antivirus Features
Sender ID	Edge Transport > (Select Server) > Anti-spam tab > Sender ID	Managing Anti-Spam and Antivirus Features
Sender reputation	Edge Transport > (Select Server) > Anti-spam tab> Sender Reputation	Managing Anti-Spam and Antivirus Features
Server switchover	Server Configuration > Mailbox > (Select Server) > Switchover Server	Perform a Server Switchover
Sharing policies	Organization Configuration > Mailbox > Sharing Policies tab	Managing Federated Sharing
Sharing policies, apply to mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Settings tab > Federated Sharing > Properties	Managing Federated Sharing
Storage quotas, configure for a mailbox	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Settings tab > Storage Quotas > Properties	Configure Storage Quotas for a Mailbox
Tracking Log Explorer	Toolbox > Tracking Log Explorer > Open Tool	NA
Transport dumpster	Organization Configuration > Hub Transport > Global Settings tab > Transport Settings > Properties > General tab	Configure Transport Settings Properties
Transport limits	Organization Configuration > Hub Transport > Global Settings tab > (Select Transport Settings) > Properties > General tab	Configure Transport Settings Properties
Transport rules	Organization Configuration > Hub Transport > Transport Rules tabEdge Transport > Transport Rules tab	Managing Transport Rules
Transport settings	Organization Configuration > Hub Transport > Global Settings tab	Configure Transport Settings Properties
UM auto attendants	Organization Configuration > Unified Messaging > UM Auto Attendants tab	Managing UM Auto Attendants
UM dial plans	Organization Configuration > Unified Messaging > UM Dial Plans tab	Managing UM Dial Plans
UM hunt groups	Organization Configuration > Unified Messaging > UM IP Gateways tab > (Select IP Gateway) > UM Hunt Groups tab	Managing UM Hunt Groups
UM IP gateways	Organization Configuration > Unified Messaging > UM IP Gateways tab	Managing UM IP Gateways
UM mailbox policies	Organization Configuration > Unified Messaging > UM Mailbox Policies tab	Managing UM Mailbox Policies
UM-enabled users	Recipient Configuration > Mailbox > (Select Mailbox) > Properties > Mailbox Features tab > Unified Messaging > Properties	Managing Unified Messaging Users
Unified Messaging server settings	Server Configuration > Unified Messaging > Properties	Managing Unified Messaging Servers
Unified Messaging server, enable or disable	Server Configuration > Unified Messaging > (Select UM Server) > Disable Immediately or Disable After Calls	Enable Unified Messaging on Exchange 2010Disable Unified Messaging on Exchange 2010

 

Exchange 2010 features managed only in the Shell

Feature	Manage by using
Address rewriting	AddressRewriteEntry cmdlet setSee Transport Cmdlets
Attachment filter agent	AttachmentFilterEntry cmdlet setAttachmentFilterListConfig cmdlet set See Anti-Spam Cmdlets
Client access array	ClientAccessArray cmdlet setSee Client Access Cmdlets
Database availability group network encryption and compression	Set-DatabaseAvailabilityGroup
Database availability groups: alternate witness server and alternate witness directory	Set-DatabaseAvailabilityGroup
Database availability groups: Datacenter Activation Coordination mode	Set-DatabaseAvailabilityGroup
Database availability groups: IP Address	Set-DatabaseAvailabilityGroup
Database availability groups: replication port	Set-DatabaseAvailabilityGroup
Delivery agent connectors	DeliveryAgentConnector cmdlet setSee Transport Cmdlets
Edge synchronization (EdgeSync) service settings, configure	EdgeSyncServiceConfig cmdlet setSee Transport Cmdlets
EdgeSync, forcing or testing	Start-EdgeSynchronizationTest-EdgeSynchronization
Exchange ActiveSync connectivity, test	Test-ActiveSyncConnectivity
Exchange ActiveSync log, export	Export-ActiveSyncLog
Exchange Control Panel connectivity, test	Test-EcpConnectivity
Exchange Search	Set-MailboxDatabase, with the -IndexEnabled parameterTest-ExchangeSearch Get-FailedContentIndexDocuments
Global address lists (GALs)	GlobalAddressList cmdlet setSee Mailbox Cmdlets
IMAP4 connectivity, test	Test-ImapConnectivity
Import\export mailbox data	Import-MailboxExport-Mailbox
Information Rights Management (IRM), configure	IRMConfiguration cmdlet setSee Messaging Policy and Compliance Cmdlets
IP Allow and Block List providers, test	Test-IPAllowListProviderTest-IPBlockListProvider
IP site link costs, Exchange-specific	ADSiteLink cmdlet setSee Transport Cmdlets
Message flow, test	Test-MessageTest-Mailflow
Messaging records management (MRM) 1.0: Managed folders	ManagedFolder cmdlet setManagedFolderMailboxPolicy cmdlet set Start-ManagedFolderAssistant See Messaging Policy and Compliance Cmdlets
MRM 2.0: Retention policies	RetentionPolicy cmdlet setRetentionPolicyTag cmdlet set See Messaging Policy and Compliance Cmdlets
Multi-Mailbox Search	MailboxSearch cmdlet setSee Messaging Policy and Compliance Cmdlets
Offline address book virtual directory, create	New-OABVirtualDirectory
Outlook client connectivity, test end-to-end	Test-OutlookConnectivity
Outlook Protection Rules	OutlookProtectionRule cmdlet setSee Messaging Policy and Compliance Cmdlets
Outlook Web App connectivity, test	Test-OwaConnectivity
Outlook Web App virtual directories, create or remove	New-OwaVirtualDirectoryRemove-OwaVirtualDirectory
Outlook Web services connectivity, test	Test-OutlookWebServices
POP3 connectivity, test	Test-PopConnectivity
Recovery database, create	New-MailboxDatabase
Recovery database, extract data	Restore-Mailbox
Recovery items	Set-Mailbox, using the following parameters:· RecoverableItemsQuota · RecoverableItemsWarningQuota · SingleItemRecoveryEnabled
Routing group connectors	RoutingGroupConnector cmdlet setSee Transport Cmdlets
Safelist aggregation, force	Update-SafeList cmdlet setSee Transport Cmdlets
Sender ID, test	Test-SenderId
Service e-mail channel	ServiceEmailChannel cmdlet setSee Client Access Cmdlets
Transport agents	TransportAgent cmdlet setSee Transport Cmdlets
Transport latency, calculating	MessageLatencyReport cmdlet setSee Transport Cmdlets
Transport pipeline analysis	Get-TransportPipeline
UM connectivity, test	Test-UMConnectivity
UM incoming calls, view active	Get-UMActiveCalls
Web services connectivity, test	Test-WebServicesConnectivity
X.400 authoritative domains	X400AuthoritativeDomains cmdlet set

 

Note: If you’re looking for a feature that was in Exchange Server 2007 or Exchange Server 2003 and you can’t find it in this topic, the feature may have been renamed or removed in Exchange 2010. For more information, see Discontinued Features and De-Emphasized Functionality.

Technorati Tags: Exchange 2010,Exchange Server,2010

Configuring Exchange Server 2010 for Best Performance and Scalability

Generally, the maximum level performance for a server is determined by the component that has the lowest performance—the bottleneck in the system. The key to improving performance is being able to identify bottlenecks, determine their cause, and take the appropriate corrective action.

Processor Performance

Exchange 2010 benefits significantly when running on multi-core processors.

Recommended Load - The processor usage on a server should maintain a load of about 60 percent during peak working hours. This percentage level allows room for periods of extreme load.

Bottleneck – If the processor usage is consistently greater than 75 percent, processor performance is considered a bottleneck.

Selecting the Appropriate Processor

The release to manufacturing (RTM) version of Exchange 2010 is only supported in production environments when the x64 version of Exchange 2010 is installed on a computer with x64-compatible processors running 64-bit editions of Windows Server 2008 or Windows Server 2008 R2.

Hyper-Threading

Hyper-threading causes capacity planning and monitoring challenges, and as a result, the expected gain in CPU overhead is likely not justified. Hyper-threading should be disabled by default for production Exchange servers and only enabled if absolutely necessary as a temporary measure to increase CPU capacity until additional hardware can be obtained.

Virtual Deployments

The CPU overhead associated with running a guest operating system in a virtual machine was found in testing to range between 9 percent and 12 percent. For example, a guest operating system running on a virtual machine typically had available 88 percent to 91 percent of the CPU resources available to an equivalent operating system running on physical hardware. It is recommended to reduce the user capacity of Mailbox servers by 10 percent to account for hypervisor processor overhead.

Processor configurations for Exchange 2010 server roles

Exchange 2010 Server Role	No. of Recommended Processor Cores	Notes
Edge Transport	12
Hub Transport	12	A configuration for the Hub Transport server role of 8 x processor cores is recommended in organizations where Hub Transport servers are deployed with several Mailbox servers and thousands of mailboxes. Servers with larger processor cores can be efficiently used when the Hub Transport server is configured to use antivirus and anti-spam tools. Processor utilization is based on several factors such as message rate, average message size, number of enabled transport agents, antivirus configuration, and third-party applications.
Client Access	12	In Exchange 2010 architecture, most of the client-specific functions have been moved from the Mailbox server to the Client Access server. In Exchange 2010, messages are converted on the Client Access server when they’re accessed by a non-MAPI client (for example, POP3 and IMAP4 clients). In addition, rendering for Microsoft Office Outlook Web App is performed on the Client Access server, as opposed to the Microsoft Exchange Information Store service in previous versions of Exchange. These architectural changes allow the Client Access server to offload significant processing from the Mailbox server and to effectively utilize 8 x processor cores. Servers with 2 x processor cores can be utilized for Client Access servers in organizations where there aren’t enough mailboxes or insufficient non-MAPI client traffic to warrant using 4 x processor core servers.
Unified Messaging Note: Recommendations based on Unified Messaging being deployed with the default configuration that includes Voice Mail Preview enabled.	12	A configuration for the Unified Messaging server role of 8 x processor cores is recommended. Multiple cores are used on the Unified Messaging server for several architectural functions such as .wav to Microsoft Windows Media Audio (WMA) conversions for voice mail messages. Servers with 2 x processor cores can be used for Unified Messaging servers in organizations where there aren’t enough mailboxes or insufficient Unified Messaging server activity to warrant using 4 x processor core servers.
Mailbox	12	The recommendation configuration for the Mailbox server role is based predominantly on mailbox count and user profile. A 4 x processor core server provides a good balance between price and performance, and it should be able to host several thousand mailboxes. Sizing for the Mailbox server requires an understanding of the average client user profile. This profile can be collected using transport performance counters that indicate overall message throughput within an Exchange system. You can use the Microsoft Exchange Server Profile Analyzer or third-party tools.
Client Access/Hub Transport combined role (Client Access and Hub Transport roles running on the same physical server)	12
Multiple role (Client Access, Hub Transport, and Mailbox server roles running on the same physical server)	24	As a general guideline, a multiple role server should be sized to use half of the available processor cores for the Mailbox role and the other half for the Client Access and Hub Transport roles. The maximum recommended processor core configuration is listed at 24 x processor cores for the multiple server roles configuration to indirectly provide guidance on the maximum number of users that should be hosted on a multiple role server. Although this configuration can use more than 24 x processor cores, it is not recommended.

For more information about how different processors perform, see Understanding Processor Configurations and Exchange Performance.

Memory Performance

Exchange 2010 on the 64-bit editions of the Windows Server 2008 operating system can efficiently utilize upwards of 64 GB of memory (Mailbox server role).

Different server architectures have different memory limits. It is recommended that you check the following technical specifications of the server to determine the most cost-efficient maximum memory configuration for your servers:

Memory speed – Some server architectures require slower memory modules to scale to the maximum supported amount of memory in a specific server. For example, maximum server memory could be limited to 32 GB with PC3 10666 (DDR3 1333) or 128 GB using PC2 6400 (DDR2 800). You should check with the manufacturer to ensure that the memory configuration target for Exchange 2010 is compatible in terms of speed.

Memory module size – Consider the largest memory module size that the server will support. Generally, the larger the memory module, the more expensive. For example, two 2 GB DDR SDRAM memory modules generally cost much less than one 4GB DDR SDRAM memory module and two 4 GB DDR SDRAM memory modules generally cost much less than one 8GB DDR SDRAM memory module. Make sure the maximum memory module size allows you to meet your target memory requirements for Exchange 2010.

Total number of memory slots – Consider how many memory modules that a specific server will support. The total number of slots multiplied by the maximum memory module size provides the maximum memory configuration for the server. Keep in mind that memory modules must sometimes be installed in pairs.Be aware that some servers experience a performance improvement when more memory slots are filled, while others experience a reduction in performance. Check with your hardware vendor to understand this effect on your server architecture.

Recommended Memory Configurations

The following table shows the minimum supported and recommended maximum memory configurations for Exchange 2010.

Memory configurations for Exchange 2010 servers based on installed server roles

Exchange 2010 server role	Minimum supported	Recommended maximum
Edge Transport	4 GB	1 GB per core (4 GB minimum)
Hub Transport	4 GB	1 GB per core (4 GB minimum
Client Access	4 GB	2 GB per core (8 GB minimum)
Unified Messaging	4 GB	2 GB per core (4 GB minimum)
Mailbox	4 GB	4 GB plus 3-30 MB additional memory per mailbox: The total required memory is based on the user profile and database cache size.
Client Access/Hub Transport combined role (Client Access and Hub Transport server roles running on the same physical server)	4 GB	2 GB per core (8 GB minimum)
Multiple roles (combinations of Hub Transport, Client Access, and Mailbox server roles)	8 GB	4 GB plus 3-30 MB additional memory per mailbox: The total required memory is based on the user profile and database cache size.

For more information about how different memory configurations perform, see Understanding Memory Configurations and Exchange Performance.

Network Performance

For Mailbox servers, gigabit Ethernet (1,000 megabits per second (Mbps) or 1 gigabit per second (Gbps)) is recommended.

Multiple switched fast Ethernet networks of gigabit Ethernet connections are recommended.

Storage Performance

Physical Disk Types

Supported physical disk types

Physical disk type	Description	Supported/best practices
SATA	Serial ATA (SATA) is a serial interface for ATA and integrated device electronics (IDE) disks. SATA disks are available in a variety of form factors, speeds, and capacities. In general, choose SATA disks for Exchange 2010 mailbox storage when you have the following design requirements: High capacity Moderate performance Moderate power utilization	Supported: 512 byte sector disks only. 4KB sector disks, including those which use 512-byte emulation, are currently not supported. Requires battery backed caching array controller for optimal data reliability and I/O performance. Physical disk-write caching must be disabled when used without an uninterruptable power supply (UPS). When considering SATA disks, we recommend considering Enterprise class SATA disks, which generally have better heat, vibration, and reliability characteristics.
SAS	SAS is a serial interface for Small Computer System Interface (SCSI) disks. SAS disks are available in a variety of form factors, speeds, and capacities. In general, choose SAS disks for Exchange 2010 mailbox storage when you have the following design requirements: Moderate capacity High performance Moderate power utilization	Supported: 512 byte sector disks only. 4KB sector disks, including those which use 512-byte emulation, are currently not supported. Physical disk-write caching must be disabled when used without a UPS.
Fibre Channel (FC)	FC is an electrical interface used to connect disks to Fibre Channel-based SANs. FC disks are available in a variety of speeds and capacities. In general, choose FC disks for Exchange 2010 mailbox storage when you have the following design requirements: Moderate capacity High performance SAN connectivity	Supported: 512 byte sector disks only. 4KB sector disks, including those which use 512-byte emulation, are currently not supported. Physical disk-write caching must be disabled when used without a UPS.
Solid-state drive (SSD) (flash disk)	An SSD is a data storage device that uses solid-state memory to store persistent data. An SSD emulates a hard disk drive interface. SSD disks are available in a variety of, speeds (different I/O performance capabilities) and capacities. In general, choose SSD disks for Exchange 2010 mailbox storage when you have the following design requirements: Low capacity Extremely high performance	Supported: 512 byte sector disks only. 4KB sector disks, including those which use 512-byte emulation, are currently not supported. Physical disk-write caching must be disabled when used without a UPS. In general, Exchange 2010 Mailbox servers don’t require the performance characteristics of SSD storage.

Database and log file choices for the Exchange 2010 Mailbox server role

Database and log file options	Description	Stand-alone: supported/best practices	High availability: supported/best practices
File placement: Database/log isolation	Database/log isolation refers to placing the database file and logs from the same mailbox database onto different volumes backed by different physical disks.	Best practice: For recoverability, move database file (.edb) and logs from the same database to different volumes backed by different physical disks.	Isolation of logs and databases isn’t required.
File placement: Database files/volume	Database files/volume refers to how you distribute database files within or across disk volumes.	Best practice: Based on your backup methodology.	Supported: When using JBOD, divide a single disk into two volumes (one for database, one for log stream).
File placement: Log streams/volume	Log streams/volume refers to how you distribute database log files within or across disk volumes.	Best practice: Based on your backup methodology.	Supported: When using JBOD, divide a single disk into two volumes (one for database, one for log stream). Best practice: When using JBOD, single database per log per volume.
Database size	The on disk database file size (.edb).	Supported: Approximately 16 terabytes (TB) Best practice: 100 gigabytes (GB) or less. Provision for 120 percent of calculated maximum database size	Supported: Approximately 16 TB Best practice: 2 TB or less. Provision for 120 percent of calculated maximum database size.
Log truncation method	The process for truncating and deleting old database log files. There are two mechanisms: Circular logging, in which Exchange deletes the logs. Log truncation, which occurs after a successful full or incremental Volume Shadow Copy Service (VSS) backup.	Best practice: Use backups for log truncation (for example, circular logging disabled). Provision for three days of log generation capacity.	Best practice: Enable circular logging for deployments that use Exchange 2010 data protection features. Provision for three days beyond replay lag setting of log generation capacity.

 

 

 

Technorati Tags: exchange,server,2010,best performance,scalability

Microsoft RemoteFX – Finally here in SP1

Were you always missing the rich media experience while using Windows 7 in a virtualized environment? Were always wishing that the external devices like USB sticks attached to the client could work seamlessly with the virtual system? All this and much more… is finally here.

With the addition of Microsoft RemoteFX in Windows Server 2008 R2 SP1, a new set of remote user experience capabilities that enable a media-rich user environment for virtual desktops, session-based desktops and remote applications is introduced. Harnessing the power of virtualized graphics resources, RemoteFX can be deployed to a range of thick and thin client devices, enabling cost-effective, local-like access to graphics-intensive applications and a broad array of end user peripherals, improving productivity of remote users.

RemoteFX can function independently from specific graphics stacks and supports any screen content, including today’s most advanced applications and rich content (including Silverlight and Adobe Flash), ensuring that end users maintain a rich, local-like desktop experience even in a virtualized thin-client environment.

RemoteFX also adds mainstream USB device support to virtual desktop computing, including support for USB drives, cameras and PDAs connected to the client device. RemoteFX also provides a platform for hardware and software partners to enhance RemoteFX capabilities in a variety of possible host, client and network configurations.

To use RemoteFX, the virtualization server must be running Windows Server 2008 R2 with SP1, the virtual machine must be running Windows 7 Enterprise with SP1 or Windows 7 Ultimate with SP1, and the remote client computer must be running either Windows Server 2008 R2 with SP1 or Windows 7 with SP1. To connect to the virtual machine, the remote client computer requires an updated version of Remote Desktop Services (included in the service pack for all editions of Windows 7).

A new Blog, a new World, oustide Microsoft!

Welcome to my new blog, my new world outside Microsoft. As I start my new career outside Microsoft, here is a fresh start to my blog. Thanks to all of you for your continuos support and communication with me.

Continue to know technology more closely with me on my blog, as I explore new technologies and dive deeper into them.

Here is a promise to provide deep dive technical content on the latest in Client/Server technologies.

Welcome!

My Blog has been shifted

This blog has been shifted to http://blogs.technet.com/ranjanajain with immediate effect.

 

Hope you will keep enjoying my posts on my new blog page too!!