Thursday, November 29, 2007
As we all know that Exchange 2007 SP1 will be released for production tomorrow 30/11/2007 after a while in market as a beta release. Now I will navigate you for the SP1 features and enhancements:
- Support for IPv4 and IP6
If you installed Exchange 2007 SP1 on windows Server 2008 you have an option to enter the IPv6 format
- CAS Improvement
o GUI for administering POP3 and IMAP4 for authentication, connection and ports setting
o EAS Improvement:
§ An Exchange ActiveSync default mailbox policy is created.
§ Enhanced Exchange ActiveSync mailbox policy settings have been added.
§ Remote Wipe confirmation has been added
§ Direct Push performance enhancements have been added
o Changes to Outlook Web Access Light so that Outlook Web Access does not time out while a user is composing a long entry.
o Changes to Outlook Web Access Premium The following features have been added to Outlook Web Access Premium in Exchange 2007 SP1:
§ Users can create and edit Personal Distribution Lists.
§ Users can create and edit server side rules.
§ WebReady Document Viewing has added support for some Office 2007 file formats
§ Users will have access to the dumpster from Outlook Web Access and will be able to use the Recover Deleted Items feature.
§ A monthly calendar view has been added.
§ Move and copy commands have been added to the Outlook Web Access user interface.
§ Public Folders are supported through the /owa virtual directory.
§ S/MIME support has been added.
- HUB Improvement
o Improvements in Transport Rule in the Back Pressure Future
o The addition of transport configuration options to the Exchange Management Console
- MB Improvement
o Public folder management by using the Exchange Management Console in MB server Role
o New public folder features
o Mailbox management improvements
o Ability to import and export mailbox by using .pst files
o New performance monitor counters for online database defragmentation
o Standby continuous replication
o New quorum models (disk and file share witness)
- Unified Communication
o Many features and enhancement for UM server role [ check the website]
And Support for public folder access. Public folders can now be created, deleted, edited, and synchronized by using the Exchange Web Services.
I will give a brief of SCR new feature in Exchange 2007 SP1
o Standby continuous replication
Basically, a regional cluster solution, or remote site recovery that Microsoft present to us out of the box. In brief instead of using LCR to replicate the database to a local hard drive in the Exchange Server 2007 server, SCR lets the copy of the storage group take place on multiple remote Exchange Server 2007 server within the site or between two sites. In the event the production server fails, then the copy generated by SCR can be mounted and run. I really love the MS Exchange team !
Saturday, November 24, 2007
1- System Center Configuration Manager 2007 Toolkit
The following list provides specific information about each tool in the toolkit.
Client Spy - A tool to help troubleshoot issues related to software distribution, inventory, and software metering on Configuration Manager 2007 clients.
Policy Spy - A policy viewer to help review and troubleshoot the policy system on Configuration Manager 2007 clients.
Trace32 - A log viewer that provides a way to easily view and monitor log files created and updated by Configuration Manager 2007 clients and servers.
Security Configuration Wizard Template for Configuration Manager 2007 - An attack-surface reduction tool for the Microsoft Windows Server 2003 operating system with Service Pack 1 and Service Pack 2 (SP1 and SP2) that determines the minimum functionality required for a server's role or roles, and disables functionality that is not required.
DCM Model Verification - A tool used by desired configuration management content administrators for the validation and testing of configuration items and baselines authored externally from the Configuration Manager console.
DCM Digest Conversion - A tool used by desired configuration management content administrators to convert existing SMS 2003 Desired Configuration Management Solution templates to Desired Configuration Management 2007 configuration items.
DCM Substitution Variables - A tool used by desired configuration management content administrators for authoring desired configuration management configuration items that use chained setting and object discovery.
2- System Center Configuration Manager 2007 Configuration Pack
Software installation errors and misconfigurations compromise security and stability, resulting in escalated support costs. The System Center Configuration Manager 2007 Configuration Pack can help prevent errors, increasing your organizational uptime and helping you build a more secure and reliable Configuration Manager 2007 infrastructure. This Configuration Pack contains Configuration Items intended to manage your Configuration Manager 2007 site system roles using the desired configuration management component in Configuration Manager 2007. This configuration pack monitors the following site system roles: management points, distribution points, and software update points. The Configuration Pack can also monitor Windows Server Update Services (WSUS) components on software update points or upstream WSUS servers. To manage your site system roles with this Configuration Pack, import and assign the Microsoft System Center Configuration Manager 2007 Server Roles configuration baseline to a collection which contains your Configuration Manager 2007 site systems. While there is one configuration baseline for all site systems, it evaluates compliance only for roles configured on the site system. For example, if a computer has only the distribution point role, it will not be evaluated for management point configurations. To understand in detail what each configuration item will be evaluating, review the properties of that configuration Iitem in the context of the Configuration Manager 2007 Server Role being addressed. System Center Configuration Manager 2007 site roles covered:
• Management points • Distribution points • Software update points
3- System Center Configuration Manager 2007 Vulnerability Assessment Configuration Pack
Software installation errors and misconfigurations compromise security and stability, resulting in escalated support costs. System Center Configuration Manager 2007 Vulnerability Assessment Configuration Pack can help prevent errors, increasing your organizational uptime and helping you build a more secure infrastructure. This configuration pack provides vulnerability assessment reporting for common software misconfigurations using the desired configuration management component in Configuration Manager 2007. The Configuration Manager 2007 Vulnerability Assessment Configuration Pack monitors the configuration of Microsoft Windows operating systems, Internet Explorer, Microsoft Office, SQL Server, and Internet Information Services (IIS). To use this Configuration Pack, import and assign the three configuration baselines (Vulnerability Assessment: IIS Baseline, Vulnerability Assessment: SQL Server Baseline, Vulnerability Assessment: Windows Baseline) to a collection containing the computers you want to monitor. To understand in detail what each configuration item will be evaluating, review the properties of the configuration item. Scenarios:
• Scan for potential security issues that may exist because of misconfigurations. • Example checks:
o Are unnecessary services installed and running? o Do shared folders have appropriate permissions? o Is Windows Firewall enabled? o Are strong passwords enforced? o Are unsecured guest accounts enabled?
Sunday, November 18, 2007
Step-By-Step Guide: Configure System Center Configuration Manager 2007 For Native Mode By Certificate
Today, I present to you the first document in the internet that guide you to configure certificates for SCCM 2007 preparing it for the native mode
the file is attached as .pdf and it's allowed to be published everywhere but please credit that to Dr.Kernel as the owner
Thursday, November 15, 2007
it's posted at Tarek's blog earlier that i had no blog at that time :)
Monday, November 12, 2007
i liked that /clearcache one looks usefull
This is to mention that it's just arrived, more details will come soon
1. System Center Configuration Manager pushing Forefront Client Security signatures to keep a client machine updated
2. Forefront Security for Exchange Server blocking viruses in emails received in Outlook 2007
3. System Center Operations Manager monitoring the health of servers and clients in the environment
4. Intelligent Application Gateway adapting user access to SharePoint 2007 based on end-point policy detection
5. Forefront Client Security performing Real-time Protection against malware.
install and run it from
C:\Program Files\Microsoft Forefront\Client Security\BPA\fcsbpa.exe
or the command prompt version
C:\Program Files\Microsoft Forefront\Client Security\BPA\fcsbpacmd.exe
• Microsoft Forefront Client Security Getting Started Guide
• Microsoft Forefront Client Security Planning and Architecture Guide
• Microsoft Forefront Client Security Deployment Guide
• Microsoft Forefront Client Security Administrator's Guide
• Microsoft Forefront Client Security Performance and Scalability Guide
• Microsoft Forefront Client Security Disaster Recovery Guide
• Microsoft Forefront Client Security Security Guide
• Microsoft Forefront Client Security Troubleshooting Guide
• Microsoft Forefront Client Security Technical Reference Guide
This rar file include:
FCS-SampleScript Install FCS Client.vbs
FCS-SampleScript Uninstall Anti-Spyware Products.vbs
FCS-SampleScript Uninstall eTrust AV.vbs
FCS-SampleScript Uninstall McAfee AV.vbs
FCS-SampleScript Uninstall Sophos AV.vbs
FCS-SampleScript Uninstall Symantec AV.vbs
FCS-SampleScript Uninstall Trend AV.vbs
FCS-SampleScript-XPSP2 HotFix Install.vbs
That helps you to uninstall other AV Products before installing FCS Agent, you can edit it to target specific version or product
Please use wise
i managed to get the hash for the FCS agent and use it with MSIEXEC /I command to uninstall the Agent
well here is the way:
To uninstall put the red line in a .bat file and made it startup script
Microsoft Forefront Client Security Antimalware Service v 1.5.1941.9
Microsoft Forefront Client Security State Assessment Service V 1.0.1703.0