Recently in Microsoft Category
In Outlook, go to Tools|Address Book. From the drop-down list, choose the "CRM Contacts" Address Book. Is it blank?
If so, there's an easy way to correct the problem.
- In Outlook, choose Options from the CRM Menu
-
Click on the Address Book tab:
- Select "Match all contacts in Microsoft Dynamics CRM" and "Match all items in Microsoft Dynamics CRM"
- Click OK
- Synchronize with CRM by choose "Synchronize with CRM" from the CRM menu
-
Return to CRM Address book. You should now see entries there.
后来,在网上又搜到了这篇文章,发布日期还挺新的,看来部署这种场景的人不多
http://rc.crm.dynamics.com/rc/regcont/en_us/OP/articles/crm_server_nlb.aspx
Here is the link for the docs and sample code etc
Here is the link for the updated SDK doc.
Configuration-->CN=Service-->CN=Microsoft Exchange-->CN=<Exchange ORG. Name>-->CN=Global Settings-->CN=Message Delivery-->鼠标右键-->内容
delivContLength:<10240> (0~2097151KB) 预设值为10MB,最大可以设为2097151KB (2GB)
submissionContLenght:<10240> (0~2097151KB) 同上
msExchReciplimit:<5000> (0~2147483647) 不用改
Exchange 2007传送大小,使用MAPI时会受限于Global limits、Organizational limits、使用者信箱传送大小的限制、Pickup大小的限制、集线传输规则的附件档大小限制、Connector limits、OWA 2007 (Web.config file)的上传下载大小限制。
传送大小的限制原则是:使用者的传送大小或接收大小取决于使用者信箱的传送大小限制的设定,若保持预设(没有特别指定),再由Global及ORG.两者的传送大小限制来决定,但预设上,Global是限制10MB,而ORG是没有限制,因此Global与ORG之间再取最小值,所以若使用者信箱没有特别 设定传送大小限制,预设值会被限制在10MB。
以上为纯Exchange 2007安装时的情况,若是由Exchange 2003或Exchange 2000升级上来的,则Global会保留原有设定, 一般人比较容易疏忽的是Global设定,因为这是旧版本Exchange的设定,只能由Exchange 2000或2003的管理界面去查看或设定,若是纯Exchange 2007的安装,并没有直接的管理界面或命令去指定,必须通过ADSI工具来修改
上次微软面试官问的问题,很可惜,他的答案是错误的,虽然他一再坚持并叫我回来自己查证,其实CAS/HUB Server 安装在一起做NLB是可行的.
NLB can be used to provide high availability in the following scenarios:
1. Load balancing of inbound SMTP connections for POP and IMAP client connections to the default Receive connector named "Client <Server Name>" that is created only on Hub Transport servers.
2. Load balancing of inbound SMTP connections for applications that submit e-mail to the Exchange organization.
NLB should not be used to distribute connections for internal routing between Hub Transport servers.
Besides,NLB is only avaliable on Exchange 2007 with SP1 installed.
1. For the first question: should NLB be setup before or after Ex2007 installation?
NLB should be configure after we have these roles have installed.
2. IP address you want to use as the Windows NLB cluster IP address should be an IP address on the same subnet as the NLB member servers.
3. When we begin to setup NLB the first thing is to do is to create an A-record for the NLB cluster name in DNS. So that we can use these two Hub transport/Client Access server as one. Then you have to point your MX record to Windows NLB cluster IP address, which you specified when you create the A record. So that Client will find the Hub transport/Client Access server.
4. Yes, you are right. Internally, you can use https://mail.internal.domain.com/owa ,external URL should be the https://mail.domain.com/owa
More information share with you:
How you can load-balance Exchange Server 2007 Service Pack 1 (SP1) Hub Transport Servers using Windows Network Load Balancing technology.
Using Network Load Balancing
Update
In order to keep the number of servers down in a high availability environment, administrators have been looking at using Network Load Balancing (NLB) for CAS and then co-locating the HT role on each node of the NLB cluster to also provide high availability for the HT role.
This configuration can work, and it really is not too difficult to configure. It is extremely important to note that using NLB to load balance the default SMTP receive connectors (using port 25) is not supported and is completely unnecessary since they are load balanced for all intra-Exchange communications like HT to HT communications. However, using NLB to provide redundancy and load balancing for connections to HTs that are hosting Client SMTP receive connectors (using port 587) is fully supported and may be desireable if you have a large number of external SMTP/POP and SMTP/IMAP clients that need to connect to this receive connector.
The steps that you need are to:
-
Setup two servers running Windows Server 2003 with two NICs in each server
-
Install Exchange Server2007 Hub Transport and Client Access Service (CAS) on each server
-
Configure one NIC for the Network Load Balance cluster and setup the other NIC in a separate network so it can be managed through that IP address
-
Configure NLB with Unicast and even load balancing
-
Setup the port rules:
-
Port 25 to 25 for both TCP and UDP and select the radio button to disable this port range (this will exclude port 25 from being listed to using the virtual IP address of the NLB cluster, but still allow the individual server IPs to still listen to port 25)
-
Port 465 to 465 for both TCP and UDP and selected the radio button to disable this port range
-
Port 80 to 80 for both TCP and UDP and set affinity to none (I recommend "none" so you can easily test and verify that it works)
-
Port 587 to 587 for both TCP and UDP, affinity none (this is for the client SMTP receive connector)
-
Port 443 to 443 for both TCP and UDP, affinity none
-
Port 110 to 110 for both TCP and UDP, affinity none
-
Port 993 to 993 for both TCP and UDP, affinity none
-
Port 143 to 143 for both TCP and UDP, affinity none
-
Port 995 to 995 for both TCP and UDP, affinity none
-
With affinity set to none, you can more readily test the CAS (after updating the web pages to show which server is actually responding) and verify that the load is being shared. You can also test to make sure the NLB cluster does not respond to SMTP on port 25, which it shouldn't if you set it right, and verify that each server does respond to SMTP as an individual server name.
-
You can configure protocol logging for the other protocols and telnet to the ports using the NLB IP address to see if they are loading balancing like they should. You can also use the NLB IP for the testing by sending and receiving messages and checking the message tracking logs to see that the traffic was being balanced. It all worked.
NOTE: You may want to change affinity to either single (especially if it is being used internally) or Class C (especially if it is accessible from the Internet) once your testing is done.
Introduction
The HMC 3.5 deployment tool carries out a lot of automated tasks, with somewhat mysterious names like "Initialize Active Directory for Hosting". Many customers have asked me what it is actually doing to their Active Directory configuration! This info is actually buried in the HMC 3.5 documentation (in the Deployment Automation Appendix), but I have created a simple listing of what each step actually does.
Following is an overview of what each deployment automation feature does.
1.1.1 Initialize Service Account Security
Steps Performed.
1. Ensure Windows-based Hosting Service Accounts exists in the Users container. If it does not exist, create it.
2. Reference the dn of this group in an OtherWellKnownObject on the domain OU.
3. Remove the Authenticated Users group from the Pre-Windows 2000 Compatibility Group
4. Add the Domain Computers group to the Pre-Windows 2000 Compatibility Group
5. Apply a read ACL to the domain root giving the Windows-based Hosting Service Accounts group read access to the directory tree.
If you are using a web application that uses Windows Live, such as Microsoft Dynamics CRM Live, you might be wondering, how does authentication work.
The first step in the process is that the
web application registers with the Windows Live ID service. This
registration includes creating unique keys for the application and
storing a URL that the Live ID service will use to redirect users after
they sign into Windows Live ID.
The 2nd step is when the
application wants to authenticate the user. The application will
provide the 'sign-in' link on it's web page. When clicking on the link,
the user will be redirected to a sign-in page hosted by Windows Live
ID. When this happens a token is also passed that identifies the
application. By passing in a token that was given to the application at
time of registration, the sign-in page understands who is calling it.
The
3rd step is that the user logins into Live ID. After logging into Live,
the Live service redirects the user to the applications designated page
that it registered with. The application can then redirect back to the
original landing page the user came in on. Presto, you are
authenticated to the Web application.
Windows Live does not store or pass any permissions ( or personal ) information to the application. It's the applications responsibility to manage the permissions. Windows Live is used to handle the authentication. Authentication is validating that the user is who the user claims they are. Below is a high level architectural diagram of the Windows Live ID Service.
For client side applications it's little different. On the client side, applications utilize a special component named MSIDCRL40.dll. This component handles a variety of services such as encryption. The client side application will need a to create or retrieve a key that is used. In a software+service model, this might include calling into a web service of a online application to retrieve a dynamically generated key that is used. After the call is made, a token is used that can be presented to the application that can be checked against the original key to ensure that the authentication was not compromised. After that the user is authenticated and again the application handles permissions internally. In both scenarios, the authentication is time stamped to be valid only for a specific time. The time stamped token can be 'cached' just like cookies are used in web application.
Mark..
MOSS Form Based Authentications
Part 1 - http://msdn2.microsoft.com/en-us/library/bb975136.aspx
Part 2 - http://msdn2.microsoft.com/en-us/library/bb975135.aspx
Part 3 - http://msdn2.microsoft.com/en-us/library/bb977430.aspx
Part 1 - http://blogs.msdn.com/sharepoint/archive/2007/03/06/what-every-sharepoint-administrator-needs-to-know-about-alternate-access-mappings-part-1.aspx
Part 2 - http://blogs.msdn.com/sharepoint/archive/2007/03/19/what-every-sharepoint-administrator-needs-to-know-about-alternate-access-mappings-part-2-of-3.aspx
Part 3 - http://blogs.msdn.com/sharepoint/archive/2007/04/18/what-every-sharepoint-
Exception: Microsoft.Provisioning.DeploymentTool.Engine.DeploymentExceptionDeploymentFailed
HResult: -2146233088
Message: Deployment interrupted because of a failure. See inner exception.
Stack Trace:
at Microsoft.Provisioning.DeploymentTool.Engine.Deployment.DoDeploymentWork()
at Microsoft.Provisioning.DeploymentTool.MainForm.ExecuteDeploymentSlice()
--------------------
Inner Exception (1): Microsoft.Provisioning.DeploymentTool.Engine.NamedProcedureException
HResult: -2146233088
Message: <errorContext description="The network path was not found" code="0x80070035" executeSeqNo="27"><errorSource namespace="Computer Management Provider" procedure="Group IsMember" /><errorSource namespace="Deployment Automation" procedure="TryLocalGroupAdd_" /><errorSource namespace="Deployment Automation" procedure="AddMPFConfigAdmin_" /><errorSource namespace="Deployment Automation" procedure="ConfigureMPFServiceAccounts" /></errorContext>
Stack Trace:
at Microsoft.Provisioning.DeploymentTool.Engine.ExecuteNamedProcDeploymentAction.CheckForFinished()
at Microsoft.Provisioning.DeploymentTool.Engine.DeploymentAction.Update()
