Using a hardware load balancer is very common to spread workload across multiple servers, as well as direct traffic to surviving servers when one goes down or is being patched. When using an HLB, there are several methods that can be used. The more conventional SNAT is quite popular, but another method, Direct Server Return, or DSR, provides for substantially increased performance. This can be key in environments where a lot of traffic from Exchange and/or Lync is going through the HLBs, or where the same HLBs are being used for many apps. Update: Tom Pacyk and John Cook pointed out that I neglected to mention that DSR based HLB is not supported on Lync Edge servers (and it won’t even work based on my testing). See Microsoft’s support statement at the bottom of http://technet.microsoft.com/en-us/library/gg425779.aspx. Sorry about the omission, guys!

The difference from a server side perspective, is that to use the DSR method, extra configuration is required when building the server. To configure a server for DSR based load balancing a loopback adapter is added and configured with the IP address of the load balancer VIP. This allows the server to accept packets targeted for the VIP address. Without it, the server would ignore them.

• Add the Microsoft Loopback adapter
• Unbind all services and protocols except IPv4
• Rename the loopback adapter to “loopback” and rename the regular NIC to “net”
• Assign an IP address and subnet mask (but no gateway)
• Configure the adapter to not register its address in DNS
• Set the adapter’s metric to 254
• Adjust the adapter bindings so that it is lower than the normal NIC in the server
• Set WeakHostSend and WeakHostReceive settings on both adapters

While adding and configuring the loopback adapter is simple enough, it’s a list of steps that is ideally suited for PowerShell – especially if you build a fair number of servers. Unfortunately, there is no straightforward methods to accomplish all of the required tasks. In order to configure the adapter bindings, a separate file must be downloaded. In order to even add the loopback adapter, yet another file needs to be downloaded. It’s almost more grief to try it through PowerShell than to just manually do it, right? Not so fast!

PowerShell is quite powerful. We can download the required files, unzip them if needed, and then use them as required to fulfill our needs. Of course, this assumes that the server has Internet connectivity.

Run the script one of two ways. Run just the script itself by typing

.\New-LoopbackAdapter.ps1

and the script will prompt you for the VIP IP and subnet mask.

Or, type

.\New-LoopbackAdapter.ps1 -vipip [ip address] -vipsm [subnet mask]

for example

.\New-LoopbackAdapter.ps1 -vipip 10.1.0.100 -vipsm 255.255.255.0

As with most of my scripts, tab completion for the parameters works, and there is a full help section by typing:

Get-Help .\New-LoopbackAdapter.ps1

Once the script completes, Explorer will open to the network adapters section so that you can verify the various steps have completed:

No services or protocols other than IPv4 bound to the loopback adapter:

IP address and subnet mask configured:

Metric set to 254:

DNS registration unchecked:

Loopback adapter at the bottom of the adapter bindings:

The script also creates a full transcript in the same folder as the script.

Installation

Execution Policy: Third-party PowerShell scripts may require that the PowerShell Execution Policy be set to either AllSigned, RemoteSigned, or Unrestricted. The default is Restricted, which prevents scripts – even code signed scripts – from running. For more information about setting your Execution Policy, see Using the Set-ExecutionPolicy Cmdlet.

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

Download

New-LoopbackAdapter.zip

UPDATE: This UR has been pulled from the Download Center due to problems with copying folders in Outlook. Please see Kevin Allison’s comments for more information.

Microsoft has released the following update rollup for Exchange Server 2010:

• Update Rollup 4 for Exchange Server 2010 SP1 (2509910)

If you’re running Exchange Server 2010 SP1, you need to apply Update Rollup 4 for Exchange 2010 to address the issues listed below.

Remember, you only need to download the latest update for the version of Exchange that you’re running.

Here is a list of the fixes included in update rollup 4:

1. 2537099 “80040154” error message when you try to configure external Client Access namespaces on an Exchange Server 2010 server
2. 2536700 Outlook stops responding when you try to copy a folder to its subfolder by using Outlook in online mode in an Exchange Server 2010 SP1 environment
3. 2536517 The Microsoft Exchange RPC Client Access service crashes intermittently on an Exchange Server 2010 server
4. 2536494 It takes a long time to return results when you perform an Advanced Find search on a mailbox by using Outlook in online mode in an Exchange Server 2010 SP1 environment
5. 2535648 The EMC takes a long time to open in an Exchange Server 2010 environment
6. 2535130 Performance in Outlook or in OWA decreases when you use IMAP4 to access the contacts folder in an Exchange Server 2010 environment
7. 2535105 There is no option to disable the Availability service in an Exchange Server 2010 environment
8. 2533543 Event ID 2153 is logged on each database availability group member in an Exchange Server 2010 environment
9. 2533538 You cannot look up the free/busy information of a user who is located on an Exchange Server 2010 organization from another Exchange Server 2010 organization
10. 2533451 A RBAC role assignee can unexpectedly run the “Update-FileDistributionService” command on an Exchange Server 2010 server that is outside the role assignment scope
11. 2519359 “Changes to the rule cannot be saved.” error message when you try to create a reply rule by using Outlook in an Exchange Server 2010 environment
12. 2518850 You cannot receive email messages on a mobile phone by using ActiveSync in an Exchange Server 2010 environment
13. 2517088 Public folder conflict resolution does not work as usual in an Exchange Server 2010 environment
14. 2515259 “The items could not be copied.” error message when you run the Get-MailboxSearch cmdlet in an Exchange Server 2010 SP1 environment
15. 2514709 Event ID 1001 after you successfully the install Exchange Server 2010 Unified Messaging server role
16. 2514574 The Exchange RPC Client Access service crashes in an Exchange Server 2010 environment
17. 2513723 The “New-MailboxImportRequest” cmdlet does not import all messages in a .pst file in the ANSI format in an Exchange Server 2010 environment
18. 2512023 “GetUserOofSettings”, “SetUserOofSettings” and “GetUserAvailability” operations do not support Exchange Impersonation on the Exchange Server 2010 SP1 schema
19. 2511897 You cannot send an email message to a mailbox for a brief period when you move the mailbox by using online move in an Exchange Server 2010 environment
20. 2507463 You cannot move a mailbox that contains a corrupted Search Folder in an Exchange Server 2010 environment
21. 2506820 The free/busy information does not display of a user whose mailbox is located on an Exchange Server 2003 server
22. 2506049 The hierarchy of a new public folder database on an Exchange Server 2010 SP1 server is not replicated
23. 2505968 The EdgeTransport.exe process crashes when you apply a rule that contains a bad email address in an Exchange Server 2010 environment
24. 2504453 You cannot retrieve statistical information about a public folder by using the “Get-PublicFolderStatistics” cmdlet in an Exchange Server 2010 SP1 environment
25. 2503337 Comments of your meeting response message is missing when you decline a meeting request in an Exchange Server 2010 environment
26. 2501070 A RBAC role assignee can stop queue processing on an Exchange Server 2010 Hub Transport server or an Exchange Server 2010 Edge Transport server that is outside the role assignment scope
27. 2500903 A space is missing in the subject line of a “Tentative” meeting response in an Exchange Server 2010 environment
28. 2500648 “There are no items to show in this view.” error message when you try to view a folder in Outlook in an Exchange Server 2010 environment
29. 2495167 You cannot recover a deleted public folder by using Outlook or MFCMAPI in an Exchange Server 2010 environment
30. 2495010 The EdgeTransport.exe process consumes 100% CPU usage on an Exchange Server 2010 Edge Transport server or an Exchange Server 2007 Edge Transport server
31. 2493393 You cannot use ECP to perform a wipe on a mobile phone in an Exchange Server 2010 SP1 environment
32. 2492068 “The item cannot be saved to this folder.” error message when try to post an item to a mail-disabled public folder in an Exchange Server 2010 SP1 environment
33. 2491354 You cannot view the free/busy information of users in a mixed Exchange Server 2007 and Exchange Server 2010 environment
34. 2490134 A deferred delivery email message is not delivered by using Outlook 2007 in online mode in an Exchange Server 2010 environment
35. 2489964 An update enables range 0x-0x1F characters in the display name of an Exchange Server 2010 user account
36. 2489938 The “Connect-ExchangeServer” function does not change the target Exchange server in Exchange Server 2010
37. 2489130 A RBAC role assignee can unexpectedly change mailbox properties that are outside the management role group scope in an Exchange Server 2010 environment
38. 2488643 Outlook downloads duplicated POP3 email messages in an Exchange Server 2010 environment
39. 2479188 The iCal parts of an email message contain invalid entries when they are sent from an Exchange Server 2003 mailbox to an Exchange Server 2010 mailbox
40. 2477273 The DomainController parameter does not work when you use the “MoveMailbox.ps1” script to move mailboxes in an Exchange Server 2010 environment
41. 2471964 A NDR is sent to the sender when you move an email message to a personal folder file in an Exchange Server 2010 SP1 or a later version environment
42. 2467619 A user who manages a distribution group cannot remove another user whose mailbox is disabled in an Exchange Server 2010 environment
43. 2465292 “MAPI_E_FAILONEPROVIDER (0x8004011D)” error message when you access an Exchange Server 2010 mailbox by using a MAPI application
44. 2446908 ESE event descriptions are missing in Event Viewer when the Eseutil utility is called on an Exchange Server 2010 SP1 server
45. 2394554 An email message is not delivered if it contains unsupported encoded characters in the subject line in an Exchange Server 2010 environment
46. 2491951 You cannot install Exchange Server 2010 SP1 if the NetBIOS domain name of the domain controller contains an ampersand (&) character
47. 2507066 Administrator audit logging is disabled unexpectedly during an Exchange Server 2010 SP1 installation

Download the rollup here.

Installation Notes:

If you haven’t installed Exchange Server yet, you can use the info at Quicker Exchange installs complete with service packs and rollups to save you some time.

Microsoft Update can’t detect rollups for Exchange 2010 servers that are members of a Database Availability Group (DAG). See the post Installing Exchange 2010 Rollups on DAG Servers for info, and a script, for installing update rollups.

Update Rollups should be applied to Internet facing Client Access Servers before being installed on non-Internet facing Client Access Servers.

If you’re installing the update rollup on Exchange servers that don’t have Internet access, see “Installing Exchange 2007 & 2010 rollups on servers that don’t have Internet access” for some additional steps.

Also, the installer and Add/Remove Programs text is only in English – even when being installed on non-English systems.

Note to Forefront users:

If you don’t disable Forefront before installing a rollup or service pack, and enable afterwards, you run the risk of Exchange related services not starting. You can disable Forefront by going to a command prompt and navigating to the Forefront directory and running FSCUtility /disable. To enable Forefront after installation of a UR or SP, run FSCUtility /enable.

Microsoft has released the following update rollup for Exchange Server 2010:

• Update Rollup 3 for Exchange Server 2010 SP1 (2492690)

If you’re running Exchange Server 2010 SP1, you need to apply Update Rollup 3 for Exchange 2010 to address the issues listed below.

Remember, you only need to download the latest update for the version of Exchange that you’re running.

Here is a list of the fixes included in update rollup 3:

1. 2506998 A call is disconnected when transferring the call from the main auto attendant to an auto attendant that has a different language configured in an Exchange Server 2010 environment
2. 2497682 The store.exe process crashes when you try to dismount an active copy of a mailbox database that is hosted by a mailbox server in an Exchange Server 2010 SP1 environment
3. 2497669 A meeting request cannot be opened after you disable the “Display sender’s name on messages” option in the EMC on an Exchange Server 2010 server
4. 2494798 Certain email messages cannot be downloaded when you log on to an Exchange Server 2010 mailbox by using an IMAP4 client application
5. 2494389 Unnecessary events are logged in the Application log when you run the “Test-EcpConnectivity” cmdlet in an Exchange Server 2010 environment
6. 2489822 “The Mailbox you are trying to access isn’t currently available” error when you use OWA Premium to try to delete an item that is in a shared mailbox
7. 2489713 Exchange Server 2010 SP1 supports the remote archive feature after an update changes Outlook cookies name
8. 2489602 The “Get-FederationInformation” cmdlet cannot query federation information from an external Exchange organization in an Exchange Server 2010 environment
9. 2487852 “You do not have sufficient permissions. This operation can only be performed by a manager of the group.” error message when you try to change the “ManagedBy” attribute in an Exchange Server 2010 SP1 environment
10. 2487501 The body of an email message is empty when you try to use an IMAP client application to read it in an Exchange Server 2010 environment
11. 2484862 You cannot read an email message by using an IMAP client in an Exchange Server 2010 environment
12. 2482471 A content search fails in an IMAP client application that connects to an Exchange Server 2010 mailbox
13. 2482103 It takes a long time to expand a distribution list by using EWS in an Exchange Server 2010 environment
14. 2482100 You cannot create or update an inbox rule that specifies the “NoResponseNecessary” value by using EWS in an Exchange Server 2010 environment
15. 2481283 Various issues occur after you use Outlook to sign and then forward an email message in an Exchange Server 2010 environment
16. 2479875 The Microsoft Exchange Mailbox Replication Service service crashes when you run the “New-MailboxImportRequest” cmdlet to import a .pst file into a mailbox in an Exchange Server 2010 environment
17. 2479227 A forwarding rule does not function and the EdgeTransport.exe process crashes on an Exchange Server 2010 server
18. 2476973 Event ID 2168 is logged when you try to back up Exchange data from a DAG in an Exchange Server 2010 SP1 environment
19. 2469341 Various issues occur after you forward a signed email message by using Outlook in online mode in an Exchange Server 2010 environment
20. 2468514 OWA 2010 removes Calendar links that you add into multiple calendar groups by using Outlook 2010 calendar
21. 2467565 You cannot install an update rollup for Exchange Server 2010 with a deployed GPO that defines a PowerShell execution policy for the server to be updated
22. 2464564 You cannot change your password if the user name that you type in OWA is in UPN format when you enable Exchange Server 2010 SP1 Password Reset Tool
23. 2463858 A request to join a distribution group does not contain the distribution group name in an Exchange Server 2010 SP1 environment
24. 2463798 Users may experience a decrease in performance in Outlook or in OWA when you use IMAP4 to access the calendar folder in an Exchange Server 2010 SP1 environment
25. 2458543 A memory leak occurs in the Exchange RPC Client Access service on Exchange Server 2010 servers
26. 2458522 Entries disappear from a junk email blocked list or a junk email safe list after you install Exchange Server 2010 SP1
27. 2457868 “HTTP Error 400 Bad Request” error message when you use OWA in Exchange Server 2010 SP1 to receive instant messages by using Internet Explorer 9
28. 2457688 Error message when you try to add an external email address to the safe sender list in OWA in an Exchange Server 2010 SP1 environment
29. 2457304 You receive a synchronization failed email message when you synchronize your mobile device by using ActiveSync on an Exchange Server 2010 mailbox
30. 2451101 7 BIT is not in quotation marks when you use the “FETCH (BODYSTRUCTURE)” command to request for a specific message in an Exchange Server 2010 environment
31. 2447629 Event ID 4999 is logged when the Exchange Mail Submission Service crashes intermittently on an Exchange Server 2010 Mailbox server
32. 2445121 A memory leak occurs in the Microsoft.Exchange.Monitoring.exe process when you run the “Test-OwaConnectivity” cmdlet or the “Test-ActiveSyncConnectivity” cmdlet in the EMS on an Exchange Server 2010 server
33. 2443688 Event ID 10003 and Event ID 4999 are logged when the EdgeTransport.exe process on an Exchange Server 2010 server crashes
34. 2432494 You cannot view the mailbox database copies that are hosted on certain Mailbox servers by using the Exchange Management Console after you install Exchange Server 2010 SP1
35. 2426952 You cannot remove a mailbox database copy from a database on an Exchange Server 2010 server
36. 2424801 The Microsoft Exchange Service Host service on an Exchange Server 2010 server crashes
37. 2423754 The recipient response status is incorrect after you add another user to an occurrence of a meeting request in an Exchange Server 2010 environment
38. 2417084 A public folder disappears from the Public Folder Favorites list of an Exchange Server 2010 mailbox
39. 2410571 A RBAC role assignee can unexpectedly change permissions of mailboxes that are outside the role assignment scope in an Exchange Server 2010 environment
40. 2398431 Using Pipelining in SMTP to check email addresses does not work correctly when you disable tarpitting functionality on a Receive connector in an Exchange Server 2010 environment
41. 2277649 You receive misleading information when you run the “New-TestCasConnectivityUser.ps1” script on an Exchange Server 2010 server
42. 2009942 Folders take a long time to update when an Exchange Server 2010 user uses Outlook 2003 in online mode

Download the rollup here. The Update Rollup will be available via Microsoft Update on March 22nd 2011.

Microsoft has announced that Update Rollup 4 for Exchange Server 2010 SP1 is expected to be released in May 2011.

Installation Notes:

If you haven’t installed Exchange Server yet, you can use the info at Quicker Exchange installs complete with service packs and rollups to save you some time.

Microsoft Update can’t detect rollups for Exchange 2010 servers that are members of a Database Availability Group (DAG). See the post Installing Exchange 2010 Rollups on DAG Servers for info, and a script, for installing update rollups.

Update Rollups should be applied to Internet facing Client Access Servers before being installed on non-Internet facing Client Access Servers.

If you’re installing the update rollup on Exchange servers that don’t have Internet access, see “Installing Exchange 2007 & 2010 rollups on servers that don’t have Internet access” for some additional steps.

Also, the installer and Add/Remove Programs text is only in English – even when being installed on non-English systems.

Note to Forefront users:

If you don’t disable Forefront before installing a rollup or service pack, and enable afterwards, you run the risk of Exchange related services not starting. You can disable Forefront by going to a command prompt and navigating to the Forefront directory and running FSCUtility /disable. To enable Forefront after installation of a UR or SP, run FSCUtility /enable.

Organizations who use Exchange server typically develop checklists or procedures for day-to-day maintenance operations. This includes updates, backups, security, disaster recovery planning, etc. Sometimes, new Exchange orgs cobble together these checklists based on other server platforms already in place, or from colleagues at other organizations, online materials, etc. Microsoft has made available several checklists for each version that will allow an organization to provide comprehensive checklists for maintaining Exchange. These can be used as-is, or customized for each environment.

• Exchange Server 2010 – Operations Checklists http://msdn.microsoft.com/en-us/library/bb232187(EXCHG.140).aspx
• Daily Operations Checklist
• Weekly Operations Checklist
• Monthly Operations Checklist
• Summary Checklist
• Exchange Server 2007 – Operations Checklists http://technet.microsoft.com/en-us/library/bb232187(EXCHG.80).aspx which includes:
• Daily Operations Checklist
• Weekly Operations Checklist
• Monthly Operations Checklist
• Summary Checklist
• Exchange Server 2003 – Operations Checklists http://technet.microsoft.com/en-us/library/aa998774(EXCHG.65).aspx which includes:
• Disaster Recovery Preparation Checklist
• Summary Checklist
• Monthly Operations Checklist
• Weekly Operations Checklist
• Daily Operations Checklist

Today, Microsoft released a cumulative update for Outlook 2007 that provides access to Exchange 2010’s Archive mailbox. A long awaited feature, Outlook 2007 users previously had to rely on Outlook Web Access to access their archive. Some organizations have held off deploying Exchange’s archive feature because they had Outlook 2007 deployed. Now, the wait is over.

Hotfix 2458611 is now available for the download for the x86 platform. Among the features that will become available to Outlook 2007 users are:

1. Accessing messages in the archive
2. Moving messages into the archive
3. Accessing the archive of a manager when granted delegate access

There are some known limitations when compared to Outlook 2010 and the archive. Among them are the lack of support for archive policies and the ability to search independently of the mailbox and archive.

For more information on Exchange 2010’s personal archive feature, see:

• Email Archiving in Exchange 2010
• Understanding Personal Archives

Microsoft has released the following update rollup for Exchange Server 2010:

• Update Rollup 5 for Exchange Server 2010 RTM (2407133)

If you’re running Exchange Server 2010 RTM, you need to apply Update Rollup 5 for Exchange 2010 to address the issues listed below.

Remember, you only need to download the latest update for the version of Exchange that you’re running.

Here is a list of the fixes included in update rollup 5:

1. 2266458 Setup cannot perform a mode:/uninstall on a HT role server since RU2 delivered MSFTE.msi

Download the rollup here.

Microsoft also announced that there are no plans to release further updates for Exchange 2010 RTM. Customers are advised to upgrade to SP1.

Installation Notes:

If you haven’t installed Exchange Server yet, you can use the info at Quicker Exchange installs complete with service packs and rollups to save you some time.

Microsoft Update can’t detect rollups for Exchange 2010 servers that are members of a Database Availability Group (DAG). See the post Installing Exchange 2010 Rollups on DAG Servers for info, and a script, for installing update rollups.

Update Rollups should be applied to Internet facing Client Access Servers before being installed on non-Internet facing Client Access Servers.

If you’re installing the update rollup on Exchange servers that don’t have Internet access, see “Installing Exchange 2007 & 2010 rollups on servers that don’t have Internet access” for some additional steps.

Also, the installer and Add/Remove Programs text is only in English – even when being installed on non-English systems.

Note to Forefront users:

If you don’t disable Forefront before installing a rollup or service pack, and enable afterwards, you run the risk of Exchange related services not starting. You can disable Forefront by going to a command prompt and navigating to the Forefront directory and running FSCUtility /disable. To enable Forefront after installation of a UR or SP, run FSCUtility /enable.

Microsoft has released the following update rollup for Exchange Server 2010:

• Update Rollup 2 for Exchange Server 2010 SP1 (2425179)

If you’re running Exchange Server 2010 SP1, you need to apply Update Rollup 2 for Exchange 2010 to address the issues listed below.

Remember, you only need to download the latest update for the version of Exchange that you’re running.

Here is a list of the fixes included in update rollup 2:

1. 2322161 Passive DAG Copy Doesn’t Replay Logs if “Don’t mount this database at startup” is Checked
2. 2431500 Cannot connect using Outlook Anywhere as the same user from multiple XP Clients
3. 2409597 Implement OpenFlags.AlternateServer for PublicLogon

Download the rollup here.

Microsoft also announced that UR3 for Exchange 2010 SP1 should be released in February.

Installation Notes:

If you haven’t installed Exchange Server yet, you can use the info at Quicker Exchange installs complete with service packs and rollups to save you some time.

Microsoft Update can’t detect rollups for Exchange 2010 servers that are members of a Database Availability Group (DAG). See the post Installing Exchange 2010 Rollups on DAG Servers for info, and a script, for installing update rollups.

Update Rollups should be applied to Internet facing Client Access Servers before being installed on non-Internet facing Client Access Servers.

If you’re installing the update rollup on Exchange servers that don’t have Internet access, see “Installing Exchange 2007 & 2010 rollups on servers that don’t have Internet access” for some additional steps.

Also, the installer and Add/Remove Programs text is only in English – even when being installed on non-English systems.

Note to Forefront users:

If you don’t disable Forefront before installing a rollup or service pack, and enable afterwards, you run the risk of Exchange related services not starting. You can disable Forefront by going to a command prompt and navigating to the Forefront directory and running FSCUtility /disable. To enable Forefront after installation of a UR or SP, run FSCUtility /enable.

In many organizations, creating new mailbox enabled users includes checking the “User must change password at next logon” box on the account. From a security perspective, that makes sound sense. However, if the user is a mobile user and only signs in to OWA, this has been a problem, as checking the box would prevent the user from being able to log in the first time. The same problem exists if a user’s password expires before they change it. The resolution is a call to the Help Desk to have the account unlocked.

Microsoft recently added a feature that helps aleviate this issue. When enabled, users are allowed to change their password and then login – thus eliminating the call to the Help Desk.

In Exchange 2007, the feature was added in SP3, while in Exchange 2010, it was added in SP1. One important note is that the feature only works in Exchange servers running on Windows 2008 or later.

Enabling the feature is very easy, and takes only a minute. For either version of Exchange, go to the server(s) holding the Client Access Server role and open regedit.

Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange OWA

Create a new DWORD (32-bit) value called ChangeExpiredPasswordEnabled

Assign the new DWORD a value of 1 as shown below.

Note: If the ChangeExpiredPasswordEnable registry key already exists, set its value to 1. Any value other than 1 will disable the feature.

Restart IIS by opening a cmd prompt and typing IISRESET /NOFORCE.

Repeat this process for all Client Access Servers. Once finished, when a user logs in with an expired password, they are prompted with a new screen as shown in both Exchange 2007 (left) and Exchange 2010 (right) below:

Once the user enters a valid new password, they are shown the following screen:

Once the user clicks on “OK”, they are prompted to login with their new password. Enjoy!

Those who remember the print version of TechNet Magazine will recall the giant posters you’d sometimes get showing the architecture of various products such as Windows Server, SQL, and Exchange. When the print version of TechNet was stopped, many thought we’d seen the end of these valuable tools. Well, that’s not the case. The Exchange product group has released the Exchange 2010 Architecture poster. This downloadable .pdf file is in the same format as the print versions, and it’s huge. A wealth of information is contained on it. Now, to find a printer that can handle it!

Also, the product group released released the Exchange 2010 Transport Architecture Diagrams. The two diagrams available there cover Hub Transport Role Architecture and Hub Transport Extensibility.

If you’re looking for the 2007 poster, it can be found at Exchange Server 2007 Component Architecture.

Microsoft has released the following update rollup for Exchange Server 2010:

• Update Rollup 1 for Exchange Server 2010 SP1 (2407028)

If you’re running Exchange Server 2010 SP1, you need to apply Update Rollup 1 for Exchange 2010 to address the issues listed below.

Remember, you only need to download the latest update for the version of Exchange that you’re running.

Here is a list of the fixes included in update rollup 1:

1. 2028967 Event ID 3022 is logged and you still cannot replicate a public folder from one Exchange Server 2010 server to another
2. 2251610 The email address of a user is updated unexpectedly after you run the Update-Recipient cmdlet on an Exchange Server 2010 server
3. 978292 An IMAP4 client cannot send an email message that has a large attachment in a mixed Exchange Server 2010 and Exchange Server 2003 environment

Download the rollup here.

Microsoft also announced that UR2 for Exchange 2010 SP1 should be released in early December.

Installation Notes:

If you haven’t installed Exchange Server yet, you can use the info at Quicker Exchange installs complete with service packs and rollups to save you some time.

Microsoft Update can’t detect rollups for Exchange 2010 servers that are members of a Database Availability Group (DAG). See the post Installing Exchange 2010 Rollups on DAG Servers for info, and a script, for installing update rollups.

Update Rollups should be applied to Internet facing Client Access Servers before being installed on non-Internet facing Client Access Servers.

If you’re installing the update rollup on Exchange servers that don’t have Internet access, see “Installing Exchange 2007 & 2010 rollups on servers that don’t have Internet access” for some additional steps.

Also, the installer and Add/Remove Programs text is only in English – even when being installed on non-English systems.

Note to Forefront users:

If you don’t disable Forefront before installing a rollup or service pack, and enable afterwards, you run the risk of Exchange related services not starting. You can disable Forefront by going to a command prompt and navigating to the Forefront directory and running FSCUtility /disable. To enable Forefront after installation of a UR or SP, run FSCUtility /enable.