The more things (Ex)change, the more they don’t stay the same.

July 2, 2010 at 8:50 am | Posted in Microsoft, Study hints | Leave a comment


There are two constants in this world: taxes and change. You can complain about both, but you had better not avoid either one. In the last five years, I have had to learn three different Exchange  versions: Exchange 2003, Exchange 2007, and now Exchange 2010. I may groan and complain every step of the way, but I do enjoy the challenge of learning new things and expanding my horizons. The best way I know to handle change is to tackle it head-on.

When I had to tackle Exchange 2007, I relied on my previous experience with Exchange 2003. As you probably know, there were a whole lot of changes from Exchange 2003 to Exchange 2007, so that was some serious tackling. When I had to tackle Exchange 2010, though, I found that the leap up from Exchange 2007 was not nearly as exhausting. As with any version upgrade, Microsoft will test on topics from both the old and new versions (such as upgrades, migration, and co-existence) as well as the nuts-and-bolts of the current system’s operation. Understandably, new features also get a lot of coverage in the objectives. With that in mind, here are some new-to-2010 concepts that will be tested on the TS: Microsoft Exchange Server 2010, Configuring (70-662) exam and the Pro: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 (70-663) exam.

Here are a few major changes that you may want to study in more depth:

  • Say goodbye to databases being tied to a single Exchange 2010 server. (Free at last, free at last; the databases are free at last.)
  • Storage groups have been removed, and there are new data storage options.
  • You can have copies of the database on other mailbox servers.
  • RBAC is the new permissions model.
  • Shadow redundancy is now enabled for messages in transit.
  • Transport protection rules are integrated with AD RMS.
  • Databases are created at the organizational level.

This last change can cause a problem with naming databases since they are organization-wide; therefore, you will need a unique name for the database. You may want to include the unique name of the server in the database name, which will ensure you have a unique name for the database itself. I use numbering to determine which server has the original database and not a copy of the database. For example, you could create a database called Srv55-DB01 to indicate that the master copy of the database (01) is on Srv55. The concept of organization-wide databases falls under the “Create and configure databases” sub-objective of the 70-662 study guide, and is also covered in the “Deploy mailbox server role” sub-objective of the 70-663 study guide.

About 20% of the 70-663 exam will focus on the “Planning the Exchange Server 2010 Infrastructure” objective. Among the 2007-to-2010 changes in this category is that Exchange 2010 reduces disk I/O operations by almost 70% over Exchange Server 2007. So what? Well, that means you can use cheaper and larger disks for data storage, such as Serial ATA disks. And with so many IT departments watching their wallets, who wouldn’t love a low-cost storage solution?

One major change you may have noticed already: the  permissions model for Exchange 2007 has been replaced by Role-Based Access Control (RBAC) in 2010. RBAC allows you to apply granular permissions to users. For example, if you have a group of admins that should be allowed to manage only a certain set of users in a particular location instead of the entire organization, you can use RBAC to configure permissions for those admins. You  could create a new role group named Recipient Management-Atlanta Admins to allow a specific group of admins to manage recipient tasks in your Atlanta location only. RBAC offers you a lot of freedom to assign permissions, but it is complex, which means a lot of Exchange admins just don’t like to deal with it. Too bad; it’s specifically mentioned in the “Design and deploy Exchange permissions model” sub-objective of 70-663, and has its very own sub-objective (called, oddly enough, “Configure RBAC”) on the 70-662 exam as part of “Configuring Exchange Recipients and Public Folders,” which is weighted at 14% of the exam.

Unlike previous versions of Exchange, Exchange 2010 provides shadow redundancy. Shadow redundancy provides a failsafe for messages for the entire time the message is in transit. A message is not deleted until the transport server verifies that the message has completed delivery. The transport dumpster feature, which was introduced in Exchange Server 2007, provided a basic level of transport redundancy for message delivery in a CCR environment. However, the transport dumpster did not address the potential for message loss when messages are in transit between a Hub Transport and an Edge Transport server, whereas shadow redundancy does. Shadow redundancy is a part of the “Planning the Exchange Server 2010 Infrastructure” objective (weighted at 20%) of 70-663.

In Exchange 2010, you can integrate transport protection rules with AD Rights Management Services (RMS). AD RMS identifies users and provides the users with licenses for protected information. It also provides IRM (Information Rights Management) protection. AD RMS can work with RMS-enabled applications, such as Microsoft Office and OWA, to protect messages and documents online and offline. To use IRM protection in an Exchange 2010 organization, you will need to deploy Windows Server 2008 with AD RMS installed. For 70-663, AD RMS integration is covered under the “Designing and Deploying Security for the Exchange Organization” objective, weighted at 20 percent of the test.

Transport rules are covered under multiple objectives and sub-objectives of 70-663 that together weigh in at 40% of the exam, so I’d recommend that you know this topic backwards and forwards. For 70-662, transport rules are covered under “Configuring Message Transport” (15% of the test) and “Configuring Message Compliance and Security” (13% of the test). Again, with 28% of the exam potentially covering transport rule-related questions, I’d study up on this topic.

Good luck!

–George Monsalvatge

Exchange Server 2010 Pro Designing (70-663) and TS: Configuring (70-662) exams: take a tip from the masters

April 22, 2010 at 4:48 pm | Posted in Certification Paths, Microsoft | Leave a comment
Tags: , , ,

You know how Phil Mickelson recently won the Masters golf tournament, despite not playing well this year overall? I think he just rode the momentum of having won the Masters twice before. Me, I recently took the 70-663 exam, Pro: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010. When I was doing my studying for this test, I notice that there was a lot of overlap with the objectives of the 70-662 exam, TS: Microsoft Exchange Server 2010, Configuring. Because I had just recently taken 70-662, I risked cutting down my study time for the 70-663 and just hit the topics that weren’t on the 662 list. Like Mickelson, I rode that momentum, and the gamble worked: I passed.

If it’s at all financially feasible, if you’re prepping for the 70-662 exam, you should plan to take the 70-663 shortly afterward. Here’s why. The 70-662 exam asks you questions on how you may perform specific tasks.  For the 70-662 exam, you will need to know concepts of Exchange Server 2010 installation, message routing, and each Exchange 2010 server role. These concepts will be tested again on the 70-663, but this time the exam focuses on your understanding of how to plan and deploy different Exchange server roles, message security, and high availability of different server roles. Unlike the 70-662, you may not need to know specific switches of Exchange cmdlets, but you will have to know how to these concepts fit within a specific designing or deploying scenario.

The thing is, if  you go into the material for the 70-662 with the aim of understanding the concepts from the ground up, you’ll be studying for the 70-663 by default. If you want to get the Microsoft Certified IT Professional (MCITP): Enterprise Messaging Administrator 2010 certification, you have to pass both the 70-662 and the 70-663. Passing the 70-662 exam is not easy, but if you’ve mastered that, then knocking out the 70-663 exam doesn’t require a lot of extra effort. Just keep the momentum going.

An example of the type of question you would see on the 70-662 test would go like this: Continue Reading Exchange Server 2010 Pro Designing (70-663) and TS: Configuring (70-662) exams: take a tip from the masters…

The Hazzard County Guide to new features in Exchange 2010

January 13, 2010 at 12:46 pm | Posted in Microsoft, Technical Tips | Leave a comment
Tags: ,


What’s new for 2010? 3-D television? Flying cars? Exchange Server 2010? 3-D television sounds interesting, but I don’t look good in those dorky glasses. Back in the 1970’s they told us flying cars would be here in the year 2000, but I’m still having trouble getting my 1973 VW to get off the ground like that orange 1969 Dodge Charger called the General Lee.

Microsoft Exchange Server 2010 was released in 2009, but there are several new features in Exchange 2010 that are worth focusing on. If you plan on upgrading your Exchange certification, or plan on getting a new certification in Exchange 2010, you’ll be taking the new 70-662 test (TS: Microsoft Exchange Server 2010, Configuring). As you guessed, I am a big fan of the 1980’s TV show the Dukes of Hazzard, not that horrible movie that came out a couple of years ago. So drop a fresh cold one into your day-glo orange coozy, start the fuzzy dice a-swinging, and buckle up for a Hazzard County tour of some of the new Exchange features covered in this exam.

Exchange 2010 uses the Role Based Access Control (RBAC) permissions model. This is a big change from previous versions of Exchange Server. RBAC allows you to set either very broad permissions or very granular permissions. You can use one of the built-in role groups in Exchange 2010 or create a custom role group that may have the same permissions as the built-in role group, but with limits to the scope.

For example, the built-in role group named Recipient Management allows users to create or modify Exchange 2010 recipients (that covers actions like creating new mailboxes) within the entire Exchange 2010 organization. Suppose that you need your users Bo and Luke to manage recipients, but not for all of Georgia; no, it’s safer to keep their powers within the confines of Hazzard County. The solution with Exchange 2010 is to drop Bo and Luke into a custom role group named Recipient Management-Hazzard. The Recipient Management-Hazzard group can have the same permissions as the built-in Recipient Management role group , but you can limit the scope to only to apply to users in HazzardCounty. Bo and Luke would have the ability to create or modify Exchange 2010 recipients within HazzardCounty, not for recipients in all areas of the Exchange organization. Of course, if Bo and Luke get fired like they did in 1982, you can add users Cory and Vance to the Recipient Management-HazzardCounty role group to take over.

Exchange 2010 uses multiple mailbox database copies. You can have up to 16 copies of a single mailbox database in your Exchange Organization. This helps provide high availability and site resilience. You can also manage database-level failovers with a feature called database mobility. Database mobility allows you to disconnect mailbox databases from servers. This is different from the Exchange 2007 feature of database portability, which allowed you to move a mailbox database between servers. Database mobility allows you to have 16 copies of a single database, all of which have the same GUID. This works because only one of the mailbox database copies is active, and the rest of the database copies are passive. It’s like having fifteen General Lees sitting in a garage on the studio lot, waiting for the boys to send the active copy sailing across the river and crash it into the opposite bank. When that happens, you fire up a replacement. Also, both an active mailbox database copy and any passive mailbox database copies can be backed up using an Exchange-aware Volume Shadow Copy Service (VSS)-based backup.

Exchange 2010 uses Database Availability Groups (DAGs) to provide automatic recovery from failures that affect mailbox databases. A DAG can have up to 16 mailbox servers. DAG can be used to provide high availability within a single data center, or multiple data centers in different sites.

Exchange 2010 allows you to implement Information Rights Management (IRM)-protected e-mail functionality with Active Directory Rights Management Services (AD RMS). AD RMS identifies users, provides users with licenses for protected information, and provides IRM (Information Rights Management) protection, safeguarding data from unauthorized use. IRM protection can apply security to a document that limit the user’s ability to forward the document in a message, print the document, or copy the document. AD RMS can work with RMS-enabled applications, such as Microsoft Office and Outlook Web Access (OWA), to protect messages and documents both online and offline. This is very important if you are like Boss Hogg and you do not want anybody printing out falsified bank documents that will allow you to foreclose on the Duke’s farm. To use IRM in your Exchange 2010 organization, you can add in XML based IRM policy templates, such as the one named Do Not Forward. When this template is applied to a message, users will not be able to forward a message, copy content from the message, or print the message.

The 70-662 exam has been out for a few months. Here’s the complete list of exam objectives. There will be more Exchange 2010 exams to follow, most notably, the 70-663 exam (Pro: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010). Meanwhile, you can purchase Transcender’s practice test for the 70-662 by the third week of January.

Breaker, Breaker, if you got your ears on, take notice. Microsoft has a free 120-day trial software of Exchange 2010 available for download here, and a pre-configured Exchange 2010 VHD available for download now. Unfortunately, you will have to wait until the next Dukes of Hazzard marathon appears on TV to get your Bo and Luke fix on.

–George Monsalvatge

Entries and comments feeds.

%d bloggers like this: