Thursday, November 29, 2007

E12 SP1 Released and its features

Hi Friends,
As we all know that Exchange 2007 SP1 will be released for production tomorrow 30/11/2007 after a while in market as a beta release. Now I will navigate you for the SP1 features and enhancements:
- Support for IPv4 and IP6
If you installed Exchange 2007 SP1 on windows Server 2008 you have an option to enter the IPv6 format
- CAS Improvement
o GUI for administering POP3 and IMAP4 for authentication, connection and ports setting
o EAS Improvement:
§ An Exchange ActiveSync default mailbox policy is created.
§ Enhanced Exchange ActiveSync mailbox policy settings have been added.
§ Remote Wipe confirmation has been added
§ Direct Push performance enhancements have been added
o Changes to Outlook Web Access Light so that Outlook Web Access does not time out while a user is composing a long entry.
o Changes to Outlook Web Access Premium The following features have been added to Outlook Web Access Premium in Exchange 2007 SP1:
§ Users can create and edit Personal Distribution Lists.
§ Users can create and edit server side rules.
§ WebReady Document Viewing has added support for some Office 2007 file formats
§ Users will have access to the dumpster from Outlook Web Access and will be able to use the Recover Deleted Items feature.
§ A monthly calendar view has been added.
§ Move and copy commands have been added to the Outlook Web Access user interface.
§ Public Folders are supported through the /owa virtual directory.
§ S/MIME support has been added.
- HUB Improvement
o Improvements in Transport Rule in the Back Pressure Future
o The addition of transport configuration options to the Exchange Management Console
- MB Improvement
o Public folder management by using the Exchange Management Console in MB server Role
o New public folder features
o Mailbox management improvements
o Ability to import and export mailbox by using .pst files
o New performance monitor counters for online database defragmentation
o Standby continuous replication
o New quorum models (disk and file share witness)
- Unified Communication
o Many features and enhancement for UM server role [ check the website]

And Support for public folder access. Public folders can now be created, deleted, edited, and synchronized by using the Exchange Web Services.


I will give a brief of SCR new feature in Exchange 2007 SP1

o Standby continuous replication

Basically, a regional cluster solution, or remote site recovery that Microsoft present to us out of the box. In brief instead of using LCR to replicate the database to a local hard drive in the Exchange Server 2007 server, SCR lets the copy of the storage group take place on multiple remote Exchange Server 2007 server within the site or between two sites. In the event the production server fails, then the copy generated by SCR can be mounted and run. I really love the MS Exchange team !


Regards,

Saturday, November 24, 2007

SCCM Extras

Microsoft Links



1- System Center Configuration Manager 2007 Toolkit

Overview
The following list provides specific information about each tool in the toolkit.
Client Spy - A tool to help troubleshoot issues related to software distribution, inventory, and software metering on Configuration Manager 2007 clients.
Policy Spy - A policy viewer to help review and troubleshoot the policy system on Configuration Manager 2007 clients.
Trace32 - A log viewer that provides a way to easily view and monitor log files created and updated by Configuration Manager 2007 clients and servers.
Security Configuration Wizard Template for Configuration Manager 2007 - An attack-surface reduction tool for the Microsoft Windows Server 2003 operating system with Service Pack 1 and Service Pack 2 (SP1 and SP2) that determines the minimum functionality required for a server's role or roles, and disables functionality that is not required.
DCM Model Verification - A tool used by desired configuration management content administrators for the validation and testing of configuration items and baselines authored externally from the Configuration Manager console.
DCM Digest Conversion - A tool used by desired configuration management content administrators to convert existing SMS 2003 Desired Configuration Management Solution templates to Desired Configuration Management 2007 configuration items.
DCM Substitution Variables - A tool used by desired configuration management content administrators for authoring desired configuration management configuration items that use chained setting and object discovery.

http://www.microsoft.com/downloads/details.aspx?FamilyID=948E477E-FD3B-4A09-9015-141683C7AD5F&displaylang=en



=========================



2- System Center Configuration Manager 2007 Configuration Pack

Overview
Software installation errors and misconfigurations compromise security and stability, resulting in escalated support costs. The System Center Configuration Manager 2007 Configuration Pack can help prevent errors, increasing your organizational uptime and helping you build a more secure and reliable Configuration Manager 2007 infrastructure. This Configuration Pack contains Configuration Items intended to manage your Configuration Manager 2007 site system roles using the desired configuration management component in Configuration Manager 2007. This configuration pack monitors the following site system roles: management points, distribution points, and software update points. The Configuration Pack can also monitor Windows Server Update Services (WSUS) components on software update points or upstream WSUS servers. To manage your site system roles with this Configuration Pack, import and assign the Microsoft System Center Configuration Manager 2007 Server Roles configuration baseline to a collection which contains your Configuration Manager 2007 site systems. While there is one configuration baseline for all site systems, it evaluates compliance only for roles configured on the site system. For example, if a computer has only the distribution point role, it will not be evaluated for management point configurations. To understand in detail what each configuration item will be evaluating, review the properties of that configuration Iitem in the context of the Configuration Manager 2007 Server Role being addressed. System Center Configuration Manager 2007 site roles covered:
• Management points • Distribution points • Software update points



http://www.microsoft.com/downloads/details.aspx?familyid=45586F82-1816-4AEB-A0DC-ADE1859820B9&displaylang=en


=================================



3- System Center Configuration Manager 2007 Vulnerability Assessment Configuration Pack

Overview
Software installation errors and misconfigurations compromise security and stability, resulting in escalated support costs. System Center Configuration Manager 2007 Vulnerability Assessment Configuration Pack can help prevent errors, increasing your organizational uptime and helping you build a more secure infrastructure. This configuration pack provides vulnerability assessment reporting for common software misconfigurations using the desired configuration management component in Configuration Manager 2007. The Configuration Manager 2007 Vulnerability Assessment Configuration Pack monitors the configuration of Microsoft Windows operating systems, Internet Explorer, Microsoft Office, SQL Server, and Internet Information Services (IIS). To use this Configuration Pack, import and assign the three configuration baselines (Vulnerability Assessment: IIS Baseline, Vulnerability Assessment: SQL Server Baseline, Vulnerability Assessment: Windows Baseline) to a collection containing the computers you want to monitor. To understand in detail what each configuration item will be evaluating, review the properties of the configuration item. Scenarios:
• Scan for potential security issues that may exist because of misconfigurations. • Example checks:
o Are unnecessary services installed and running? o Do shared folders have appropriate permissions? o Is Windows Firewall enabled? o Are strong passwords enforced? o Are unsecured guest accounts enabled?

http://www.microsoft.com/downloads/details.aspx?familyid=FC6989E9-68A3-43B1-8019-72BC1B9C5FF3&displaylang=en

Sunday, November 18, 2007

Step-By-Step Guide: Configure System Center Configuration Manager 2007 For Native Mode By Certificate

Hi Guys

Today, I present to you the first document in the internet that guide you to configure certificates for SCCM 2007 preparing it for the native mode

the file is attached as .pdf and it's allowed to be published everywhere but please credit that to Dr.Kernel as the owner

Download Link:
http://msaadexpert.googlepages.com/SCCM_NativeMode.pdf

Thursday, November 15, 2007

10 Steps guide to configure Certificate based authentication between Agents and Management Server

I made this guide to configure certificate based authentication between ths SCOM RMS server and agents in non-trusted domain. Tarek did helped me at the first place by telling me about momcertimport.exe tool that i didn't knew about it at the time being, then i figured it out after a while

Download:
http://tarek.ismail.googlepages.com/CertificateOpsMgr2007.pdf

it's posted at Tarek's blog earlier that i had no blog at that time :)

Monday, November 12, 2007

SCOM 2007 Parametrs

Well well well, what we have here ...


have you tried to run the /? command on every .exe file you ever see ? actually that's me :)


and here is the result of what i got on the SCOM executable file

C:\Program Files\System Center Operations Manager2007>Microsoft.MOM.UI.Console.exe /?



i liked that /clearcache one looks usefull

Microsoft Forefront Client Security Health Management Pack for MOM 2005

The Forefront Client Security Management Pack allows you to monitor key Client Security components from a centralized MOM location in order to ensure that your Client Security environment is running efficiently.

This is to mention that it's just arrived, more details will come soon

http://www.microsoft.com/downloads/details.aspx?FamilyID=0672b4ca-c6dc-4093-bae6-30eb1560a429&DisplayLang=en

Microsoft Fantastic 4 :Forefront and System Center Demonstration Toolkit

virtual-machine based demo environment containing Forefront and System Center products. After installing this demo, please read the accompanying Script Steps document that will show you how to demo the following capabilities:

1. System Center Configuration Manager pushing Forefront Client Security signatures to keep a client machine updated
2. Forefront Security for Exchange Server blocking viruses in emails received in Outlook 2007
3. System Center Operations Manager monitoring the health of servers and clients in the environment
4. Intelligent Application Gateway adapting user access to SharePoint 2007 based on end-point policy detection
5. Forefront Client Security performing Real-time Protection against malware.

[Require Registeration]

http://www.microsoft.com/downloads/details.aspx?familyid=4d7329b8-2bd1-4ab4-a73c-75e9e0912de8&displaylang=en

Microsoft Forefront Client Security Best Practice Analayzer

Microsoft Forefront Client Security Best Practice Analayzer Ready For Download !

http://www.microsoft.com/downloads/details.aspx?familyid=0CEFAC3F-91ED-40C3-A684-603F149A4E32&displaylang=en

install and run it from
C:\Program Files\Microsoft Forefront\Client Security\BPA\fcsbpa.exe

or the command prompt version
C:\Program Files\Microsoft Forefront\Client Security\BPA\fcsbpacmd.exe

Microsoft Forefront Client Security Product Documentation

Download the product documentation for Forefront Client Security. Documentation includes guidelines and information from the Microsoft Forefront Client Security team, including deployment instructions and more.The June 2007 release contains:

• Microsoft Forefront Client Security Getting Started Guide

• Microsoft Forefront Client Security Planning and Architecture Guide

• Microsoft Forefront Client Security Deployment Guide

• Microsoft Forefront Client Security Administrator's Guide

• Microsoft Forefront Client Security Performance and Scalability Guide

• Microsoft Forefront Client Security Disaster Recovery Guide

• Microsoft Forefront Client Security Security Guide

• Microsoft Forefront Client Security Troubleshooting Guide

• Microsoft Forefront Client Security Technical Reference Guide


http://www.microsoft.com/downloads/details.aspx?familyid=90044d88-299b-49fb-b762-eae17a1f01f4&displaylang=en

http://rapidshare.com/files/69134941/FCS_Docs.zip.html

FCS Service Kit: Scripts to uninstall Mcafee, Symantic, Sophos, E-trust and Trend AVs

Hi guys, today and after all here it comes the uninstall scripts for the Antivirus products

This rar file include:
FCS-SampleScript Install FCS Client.vbs
FCS-SampleScript Uninstall Anti-Spyware Products.vbs
FCS-SampleScript Uninstall eTrust AV.vbs
FCS-SampleScript Uninstall McAfee AV.vbs
FCS-SampleScript Uninstall Sophos AV.vbs
FCS-SampleScript Uninstall Symantec AV.vbs
FCS-SampleScript Uninstall Trend AV.vbs
FCS-SampleScript-XPSP2 HotFix Install.vbs

That helps you to uninstall other AV Products before installing FCS Agent, you can edit it to target specific version or product

http://rapidshare.com/files/69132716/FCSScripts.rar.html

Please use wise

Regards

How to uninstall Forefront Client Security Agent From All Computers By Startup Script

Well, after a lot of deployment scenarios. I wondered what if i want to uninstall FCS from all computers, the TechNet says that you will manually uninstall it. but i again i wan't completly convinced by this solution for the enterprise.. so

i managed to get the hash for the FCS agent and use it with MSIEXEC /I command to uninstall the Agent

well here is the way:

To uninstall put the red line in a .bat file and made it startup script

Microsoft Forefront Client Security Antimalware Service v 1.5.1941.9
MsiExec.exe /I{D3E31640-DC20-4722-A1CF-604FF6C540B0}

Microsoft Forefront Client Security State Assessment Service V 1.0.1703.0
MsiExec.exe /X{E8B56B38-A826-11DB-8C83-0011430C73A4}

Regards