The Hazzard County Guide to new features in Exchange 2010

January 13, 2010 at 12:46 pm | Posted in Microsoft, Technical Tips | Leave a comment
Tags: ,


What’s new for 2010? 3-D television? Flying cars? Exchange Server 2010? 3-D television sounds interesting, but I don’t look good in those dorky glasses. Back in the 1970’s they told us flying cars would be here in the year 2000, but I’m still having trouble getting my 1973 VW to get off the ground like that orange 1969 Dodge Charger called the General Lee.

Microsoft Exchange Server 2010 was released in 2009, but there are several new features in Exchange 2010 that are worth focusing on. If you plan on upgrading your Exchange certification, or plan on getting a new certification in Exchange 2010, you’ll be taking the new 70-662 test (TS: Microsoft Exchange Server 2010, Configuring). As you guessed, I am a big fan of the 1980’s TV show the Dukes of Hazzard, not that horrible movie that came out a couple of years ago. So drop a fresh cold one into your day-glo orange coozy, start the fuzzy dice a-swinging, and buckle up for a Hazzard County tour of some of the new Exchange features covered in this exam.

Exchange 2010 uses the Role Based Access Control (RBAC) permissions model. This is a big change from previous versions of Exchange Server. RBAC allows you to set either very broad permissions or very granular permissions. You can use one of the built-in role groups in Exchange 2010 or create a custom role group that may have the same permissions as the built-in role group, but with limits to the scope.

For example, the built-in role group named Recipient Management allows users to create or modify Exchange 2010 recipients (that covers actions like creating new mailboxes) within the entire Exchange 2010 organization. Suppose that you need your users Bo and Luke to manage recipients, but not for all of Georgia; no, it’s safer to keep their powers within the confines of Hazzard County. The solution with Exchange 2010 is to drop Bo and Luke into a custom role group named Recipient Management-Hazzard. The Recipient Management-Hazzard group can have the same permissions as the built-in Recipient Management role group , but you can limit the scope to only to apply to users in HazzardCounty. Bo and Luke would have the ability to create or modify Exchange 2010 recipients within HazzardCounty, not for recipients in all areas of the Exchange organization. Of course, if Bo and Luke get fired like they did in 1982, you can add users Cory and Vance to the Recipient Management-HazzardCounty role group to take over.

Exchange 2010 uses multiple mailbox database copies. You can have up to 16 copies of a single mailbox database in your Exchange Organization. This helps provide high availability and site resilience. You can also manage database-level failovers with a feature called database mobility. Database mobility allows you to disconnect mailbox databases from servers. This is different from the Exchange 2007 feature of database portability, which allowed you to move a mailbox database between servers. Database mobility allows you to have 16 copies of a single database, all of which have the same GUID. This works because only one of the mailbox database copies is active, and the rest of the database copies are passive. It’s like having fifteen General Lees sitting in a garage on the studio lot, waiting for the boys to send the active copy sailing across the river and crash it into the opposite bank. When that happens, you fire up a replacement. Also, both an active mailbox database copy and any passive mailbox database copies can be backed up using an Exchange-aware Volume Shadow Copy Service (VSS)-based backup.

Exchange 2010 uses Database Availability Groups (DAGs) to provide automatic recovery from failures that affect mailbox databases. A DAG can have up to 16 mailbox servers. DAG can be used to provide high availability within a single data center, or multiple data centers in different sites.

Exchange 2010 allows you to implement Information Rights Management (IRM)-protected e-mail functionality with Active Directory Rights Management Services (AD RMS). AD RMS identifies users, provides users with licenses for protected information, and provides IRM (Information Rights Management) protection, safeguarding data from unauthorized use. IRM protection can apply security to a document that limit the user’s ability to forward the document in a message, print the document, or copy the document. AD RMS can work with RMS-enabled applications, such as Microsoft Office and Outlook Web Access (OWA), to protect messages and documents both online and offline. This is very important if you are like Boss Hogg and you do not want anybody printing out falsified bank documents that will allow you to foreclose on the Duke’s farm. To use IRM in your Exchange 2010 organization, you can add in XML based IRM policy templates, such as the one named Do Not Forward. When this template is applied to a message, users will not be able to forward a message, copy content from the message, or print the message.

The 70-662 exam has been out for a few months. Here’s the complete list of exam objectives. There will be more Exchange 2010 exams to follow, most notably, the 70-663 exam (Pro: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010). Meanwhile, you can purchase Transcender’s practice test for the 70-662 by the third week of January.

Breaker, Breaker, if you got your ears on, take notice. Microsoft has a free 120-day trial software of Exchange 2010 available for download here, and a pre-configured Exchange 2010 VHD available for download now. Unfortunately, you will have to wait until the next Dukes of Hazzard marathon appears on TV to get your Bo and Luke fix on.

–George Monsalvatge

Leave a Comment »

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Entries and comments feeds.

%d bloggers like this: