Thursday, September 22, 2011

Exchange 2010 Mailbox Permissions

I freely admit that I don't do much with mailbox permissions and I've been stuck in thinking about them much like I did in Exchange 2003. That is, that you can give people the following permission to a mailbox:
  • Send As
  • Send on Behalf Of
  • Full Mailbox (Receive As)
Those permissions have been around for a long time and you can use them in combination to provide someone with access to a mailbox and the ability to send as that mailbox. This is useful for shared mailbox or sometime when an assistant needs to do things on behalf of someone. It can also be useful for vacation coverage.

In class this week I was asked about applying read only permissions to a mailbox and thought it could not be done. Turns out I was wrong.

In Exchange 2010 and Exchange 2007, you can use the Add-MailboxPermission cmdlet to assign read only access to an entire mailbox. If you want to assign permission to just a subfolder within the mailbox you can use the Add-MailboxFolderPermission cmdlet. The Add-MailboxFolderPermission cmdlet is new in Exchange 2010 SP1.

Wednesday, September 14, 2011

ImageX vs Clonezilla

In the last little bit I've been playing with imaging systems as part of a project trying to virtualize an old NetWare servers. As part of this I learned of Clonezilla. Clonezilla is open source disk imaging software that can be downloaded as a live CD.

Clonezilla has a lot of options:
  • Clone partitions
  • Clone whole disk
  • Clone to file (local disk, Windows share, SSH server, NFS)
  • Clone directly to disk
Clonezilla works with multiple partition types. From a Windows perspective, it understands both FAT and NTFS partitions. For any partition type that Clonezilla understands, the blank space in the partition is skipped. For any partition type that Clonezilla does not understand a sector by sector copy is performed.

Lately when I've been moving Windows computers with failing hard drives, I've been using ImageX. My general process has been:
  1. Boot from WindowsPE disk with ImageX
  2. Use ImageX to copy local partition contents to file over the network
  3. Replace hard drive
  4. Boot from Windows PE disk with ImageX
  5. Use diskpart to create necessary partitions
  6. Use ImageX to copy image file contents back to local partitions
This process allows me to make partitions on the new disk of any size, but requires me to manually make those partitions. The Clonezilla process can be simpler.

  1. Add new disk to computer
  2. Boot from Clonezilla Live CD and clone disk to disk.
  3. Configure new disk as first in the boot order.
As you can see, there are definitely less steps. If you don't have the cables to connect the new disk internally, you can also use a USB drive for the initial cloning. Alternatively, even if I save the whole disk as an image file, it includes the partitions which saves me the hassle of creating them. Which also means that I don't forget about utility partitions included by many vendors.

The main problem with Clonezilla pops up if you are cloning to a smaller disk than the original. Clonezilla has no way to directly clone to a smaller disk. To overcome this, you can use GParted Live cd to shrink the NTFS partition before cloning. Clonezilla is smart enough not to care about unpartitioned space. So, as long as the partitions fit on the new disk, all is good.

I like Clonzilla because it is menu driven rather than me having to remember various switches to get things done.

Note: After using GParted to shrink the NTFS, the NTFS partition was in an unclean state. I had to boot the original OS and do a proper shutdown before Clonzeilla would image it. You can also get around this by manually force the status to clear within the live CD, but that was an unnecessary risk.

Links:

Tuesday, September 13, 2011

Exchange 2010 Test Domain to Production

A client recently implemented Exchange 2010 as a replacement for an existing externally hosted POP3 mail system. The client is relatively small. So, the plan was to have no coexistence and the real domain name was not used for testing. A new domain name was used for testing. Consequently during testing, all of the external URLs were configured as testdomain.com.

During switchover day, we obtained a new certificate with the proper names, including realdomain.com. During testing of OWA, the web browser was redirected to testdomain.com. Aha, I forgot to update the external URL. Exchange 2010 has a nice wizard for updating external URLs for all web services. All fixed up and tested in 10 minutes.

A week later, I get a call from the client indicating that there is a certificate problem and users are being redirected to testdomain.com. After some back and forth communication this is only for Outlook Anywhere clients.

Outlook Anywhere does not have an external URL, but it does have a host name associated with it. This host name is not updated by the wizard that updates all of the external URLs. Under Server Configuration, you need to go into the Properties of the server and modify the host name on the Outlook Anywhere tab. It's a 30 second fix as long as you remember to do it.

See here for detailed instructions: http://technet.microsoft.com/en-us/library/aa996902.aspx