Recently in HMC Category
Here is the link for the docs and sample code etc
Here is the link for the updated SDK doc.
Introduction
The HMC 3.5 deployment tool carries out a lot of automated tasks, with somewhat mysterious names like "Initialize Active Directory for Hosting". Many customers have asked me what it is actually doing to their Active Directory configuration! This info is actually buried in the HMC 3.5 documentation (in the Deployment Automation Appendix), but I have created a simple listing of what each step actually does.
Following is an overview of what each deployment automation feature does.
1.1.1 Initialize Service Account Security
Steps Performed.
1. Ensure Windows-based Hosting Service Accounts exists in the Users container. If it does not exist, create it.
2. Reference the dn of this group in an OtherWellKnownObject on the domain OU.
3. Remove the Authenticated Users group from the Pre-Windows 2000 Compatibility Group
4. Add the Domain Computers group to the Pre-Windows 2000 Compatibility Group
5. Apply a read ACL to the domain root giving the Windows-based Hosting Service Accounts group read access to the directory tree.
Exception: Microsoft.Provisioning.DeploymentTool.Engine.DeploymentExceptionDeploymentFailed
HResult: -2146233088
Message: Deployment interrupted because of a failure. See inner exception.
Stack Trace:
at Microsoft.Provisioning.DeploymentTool.Engine.Deployment.DoDeploymentWork()
at Microsoft.Provisioning.DeploymentTool.MainForm.ExecuteDeploymentSlice()
--------------------
Inner Exception (1): Microsoft.Provisioning.DeploymentTool.Engine.NamedProcedureException
HResult: -2146233088
Message: <errorContext description="The network path was not found" code="0x80070035" executeSeqNo="27"><errorSource namespace="Computer Management Provider" procedure="Group IsMember" /><errorSource namespace="Deployment Automation" procedure="TryLocalGroupAdd_" /><errorSource namespace="Deployment Automation" procedure="AddMPFConfigAdmin_" /><errorSource namespace="Deployment Automation" procedure="ConfigureMPFServiceAccounts" /></errorContext>
Stack Trace:
at Microsoft.Provisioning.DeploymentTool.Engine.ExecuteNamedProcDeploymentAction.CheckForFinished()
at Microsoft.Provisioning.DeploymentTool.Engine.DeploymentAction.Update()
|
HMC 4.0 -
Microsoft Exchange Server 2007 Service Pack 1 - White Paper |
Overview
This
white paper introduces the Microsoft Exchange Server 2007 Service Pack 1 (SP1)
new features related to the Microsoft Solution for Hosted Messaging and
Collaboration version 4.0. In particular, it addresses key features in anywhere
access, built-in protection, and operation efficiency.
External
Live Link:
千呼万唤始出来,终于明确支持 Exchange 2007 SP1了
- 以管理员身份登陆 MPS (MPSSQL),打开 Provisioning Manager
- 在名称空间 "Hosted Active Directory" 中打开 "CreateUser" 过程的属性,找到更改用户的调用脚本 - Managed Active Directory::ModifyUser: <execute namespace="Managed Active Directory" procedure="ModifyUser" impersonate="1">
注释或者去掉以下的2句判断语句
<when select="isAdmin" case="1" />
<when select="isBiz" case="0" /> - 改完之后应该类似这样
<execute namespace="Managed Active Directory" procedure="ModifyUser" impersonate="1">
<executeData>
<user/>
<properties>
<!-- sets the password to never expire -->
<property name="userAccountControl">
<value>65536</value>
</property>
</properties>
</executeData>
<before source="procedureData" sourcePath="path" destination="executeData" destinationPath="user" mode="merge"/>
<before source="data" sourcePath="preferredDomainController" destination="executeData" mode="insert"/>
</execute> - 点击 "Apply" 保存修改。
<when select="isAdmin" case="1" />
<when select="isBiz" case="0" />
这2句很好理解,就是如果创建的用户是管理员的,密码就永不过期,如果是一般用户,就是默认设置,有密码有效期的
参考的文章:
Microsoft KB:http://support.microsoft.com/kb/305144
MSDN:User-Account-Control Attribute - http://msdn2.microsoft.com/en-us/library/ms680832.aspx
Last week when I was in the Microsoft office in Russia the topic of deploying HMC4 with Windows 2003 R2 including SP2 came to the table.
As most of us know, this has been an issue for a long time, but there is light at the end of the tunnel.
Since HMC4 came out, SP2 gave serious issues on the MPS servers, so on all deployments up to now, SP1 was the way to go.
So much for the history and the bad part...
The good news is.. Microsoft has a fix for the issue since last week !! ( YEAH !!)
To obtain this fix, call Microsoft Support, open a case, asking for Hotfix 324346, kB 939216. This fix will only be available via MS Support for now.
We are planning to build an environment with SP2 soon and I'll post an update when we have first-hand experience with it.
谢谢 Bais 为我们带来的好消息
Q: I have a problem where it only seems to be for one customer where in
outlook only the distribution lists keep disappearing. We can recreate them and
they work for a week or so then they just disappear.
You can still see
them in OWA just not Outlook so I though it would be a Offline Address Book
thing but can't see anything wrong with it. How to fix it?
A:The Domain recipient update service should be disabled in HMC 3.5.
MPS
is responsible for stamping 'showInAddressBook' instead of RUS.
Here is a batch file to fix it:
echo. > %temp%\ldf.log
dsquery * "OU=%*,OU=SampleOU,OU=Hosting,DC=domain,DC=com" -filter grouptype=8 | sort > c:\l.txt
set a=%*
For /F "tokens=2 delims==, " %%a in ('type c:\l.txt') Do (
echo Fixing Group %%a
rem echo %a%
echo dn: CN=%%a,OU=%a%,OU=SampleOU,OU=Hosting,DC=domain,DC=com> %temp%\galfix.ldf
echo changetype: modify>> %temp%\galfix.ldf
echo replace: showInAddressBook>> %temp%\galfix.ldf
echo showInAddressBook: CN=%a% AL,CN=All Address Lists,CN=Address Lists Container,CN=Domain,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com >> %temp%\galfix.ldf
echo showInAddressBook: CN=%a% GAL,CN=All Global Address Lists,CN=Address Lists Container,CN=Domain,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com >> %temp%\galfix.ldf
echo - >> %temp%\galfix.ldf
echo Fixing Group %%a >> %temp%\ldf.log
ldifde -i -f %temp%\galfix.ldf >> %temp%\ldf.log
)
echo.
echo log file %temp%\ldf.log
About Grouptype:
* 2 - Global distribution group
* 4 - Domain local distribution group
* 8 - Universal distribution group
the command would be batfile.bat name_of_ou
Unofficial Consolidated Server Deployment Guide For HMC4.0
Server Names/Roles
- ISA01: Windows Server 2003, Standard/Enterprise Edition SP2 with R2, 32-bit
- ExEdge01: Windows Server 2003, Standard/Enterprise Edition SP2 with R2, 64-bit
- FE01: Windows Server 2003, Standard/Enterprise Edition SP1 with R2, 32-bit
- ExCAS01: Windows Server 2003,Standard/Enterprise Edition SP2 with R2, 64-bit
- ExMBX01: Windows Server 2003, Enterprise Edition SP2 with R2, 64-bit
- MPSSQL01 : Windows Server 2003, Standard/Enterprise Edition SP1 with R2, 32-bit
- AD01(PKIROOT): Windows Server 2003, Enterprise Edition SP2 with R2, 64-bit
Actually, I have only 6 servers to deploy HMC4.0, we use PIX 515E to replace ISA Firewall server. And I am not sure whether Windows Server 2003 with SP2 can installed on FE01/MPSSQL01, someone said it will cause problem during MPS deployment, so I only patched SP1 on these 2 servers.
Download URL:
Unofficial Consolidated Server Deployment Guide For HMC4.0
It's a draft version, so if you find any errors, please let me know, I'll update it ASAP.Thank you!
经过差不多十天的忙活,基本上把 HMC4.0 给部署好了
测了一下, Exchange 2007 的很多新特性还是比较吸引人的
测试项目包括:
1.OWA
2.OMA
3.Outlook Anywhere
5.Push Mail Service
6.Exchange Autodiscovery Service
7.UM 功能还没测,没 IP-PBX ,6月份有时间把 Asterisk 架起来用 Soft Phone 测试
OCS2007 尚未发布正式版,据 Microsoft 说会在2007年7月底发布,到时应该同时也会发布HMC4.1, 加入 OCS 的支持,这样 UM就会变成 UC
第一印象:HMC4.0给人感觉像是 MS 为了赶时间而推出的测试版本,和其主版本号的升级不相符合,很多地方借助了 Exchange 2007 的新特性, Sample UI 部分也远比 3.5 的时候做得要好.不过4.0官方文档就做得太差了,有些许错误和遗漏,第一次部署的话未免会走些弯路.
Microsoft Solution for Hosted Messaging and Collaboration version 4.0 provides hosting providers with the tools and guidance to easily deploy revenue generating services such as enterprise-class e-mail, calendaring, contacts and real-time collaboration. Hosted Messaging and Collaboration includes world-class, familiar Microsoft enterprise products such as Exchange Server and SharePoint.
终于出来了,研究文档先!
