Tuesday 29 April 2008

SharePoint as an application platform!

I've previously talked about the potential of Exchange and CRM as application development platforms and how the support of a provisioning platform opens these up for ISV application development.

What I haven't mentioned is the powerful and unifying platform of SharePoint;
  • Sharepoint use a Windows platform running SQL Server and IIS6.
  • SharePoint is a .NET application and provides a powerful platform for building .NET applications & solutions
  • SharePoint is widely deployed and adopted by information workers providing a familiar interface
  • Close integration with Microsoft Office applications
These are a number of features that Sharepoint does pretty well now, these being;
  • SharePoint & WSS are pretty well known for their collaboration features - document libraries are probably the most widely used feature of SharePoint. With WSS3, the search functions improved to support this properly too
  • Support for forms & InfoPath in SharePoint (MOSS) and business process automation, including workflows, which don’t require MOSS.
  • Of course, SharePoint provides an intranet/extranet solutions with a Portal into other sites, and the personal/social elements of My Site
  • The core functionality of document management is OK and supports basic requirements for compliance and information security. Note: there is no formal compliance support in Sharepoint. Beyond this the reporting and auditing features do not stand up and there is no support for HSM.
  • The business intelligence (BI) features have improved greatly with the use of Excel Services, KPIs, and the Business Data Connector (BDC). Excel Services is pretty cool and renders Excel worksheets including charts and pivot tables, in SharePoint sites.

We are going to be developing some concept services that use the features of SharePoint, Exchange and CRM. If you're interested in this, or developing your own applications, see http://www.saas.co.uk/

thanks, Dan

Friday 18 April 2008

Hosted Exchange for the world

Large Hosted Exchange providers can get bitten by scheduled maintenance – it will always be in everyones contract, but what happens when a certain percentage of your customers are outside your timezone? – worse still, substantially.

To expand your Hosted mailboxes you have to reach further than your own country – and a lot of Hosted Exchange providers can say they host mailboxes for companies across both the Americas, Europe and the Middle East/Asias.

Intelligence has to be added to your provisioning portal – otherwise your Hong Kong users from Company A could be put on the same Exchange Server (not necessarily the same Mailstore or even Storage Group) as the rest of Company A’s users from Europe. And what’s worse? The rest of the users on the Exchange Server are based in Europe. How is the scheduled maintenance justified to the Hong Kong contigent when it's happening during their working day?

So how does scheduled maintenance come into effect here?

Working out of hours to GMT isn’t going to cut it for the users in Hong Kong as their day is still in full swing – this is where careful planning and design is required. The ideal answer is to carve up the World Map into set zones, so whether a single company is from Dubai, or a single company has offices in Dubai, Europe and the USA you do not affect their respective core working hours. This requires a lot of Dev work - as although HMC supports provisioning to multiple stores for a customer, it doesn’t have the intelligence of splitting users between ‘time zone Exchange Server farms’ based on their location for example. This is where in-house or outsourced Dev work is required.

Suffice to say our current Exchange 2003 solution doesn’t have this feature – we support the provisioning to multiple databases – even across multiple Exchange Servers – however there is not the intelligence that is required for a Hosted Exchange supplier to rule all time zones and keep customers that have offices in some or all, happy.

This might have to be a phase 2 or 3 step in most Hosters plans, but it is a much needed step to successfully achieve 100,000 mailboxes and beyond.

Oliver Moazzezi

MVP - Exchange Server

Exporting email addresses from Active Directory

This seems to be a hot topic all the time in the newsgroups so....

Run this at the cmd prompt on one of your Windows 2000 and above servers.

ldifde -f C:\youremailexport.txt -l proxyaddresses

Replace C:\youremailexport.txt with whatever drive letter and text file name you want.

Here's a great kb explaining ldifde http://support.microsoft.com/kb/237677

Have fun!

Oliver Moazzezi

MVP - Exchange Server

Wednesday 9 April 2008

Exchange as an application platform

I’m really happy to announce that Cobweb will be launching another major service later this year – Hosted Microsoft Dynamics CRM 4.0
We’ve made the purchase and scheduled the deployment, thus making our commitment to this.
This is made possible with the deployment of Parallels Automation (aka SWsoft PEM) into our hosted platform. Parallels Automation is key to the development of this platform, giving us an online shop and a suitable billing system for hosted per-user/per-month service subscriptions. Deploying CRM and connecting this to Exchange 2007 is really exciting for me. It’s going to finally unlock the power of the platform that we’ve build and developed. Our platform is about so much more than just an Exchange mailbox - it's an application platform.

The news was released today at the Microsoft Hosting Summit in Seattle – Mark and I are there at the moment, and it’s raised a few surprised eye brows that we'll be quick to market with this. We will be one of the first in Europe to be doing this in a way that connects this to Hosted Exchange. Parallels are pushing out some PR in the industry around this too - http://www.hostreview.com/news/press/080408SWsoft.html which is nice to see.

CRM4.0 is an in-demand service at the moment so exciting times lie ahead.

Tuesday 8 April 2008

Windows 2008 Core Configurator Tool !

I came across this very cool tool to help configure a Windows 2008 Core server without needing to lookup all the CLI commands :-)


Wayne Hollomby

Mutual authentication and URL Branding with an Outlook Anywhere / RPC over HTTPs connection

With Exchange 2007 not ‘officially’ supporting Forms Based Authentication nor Outlook Anywhere on more than one site (whether that’s the Default Site or not), it has become slightly more difficult to create URL branding for customers that require this within a Hosted environment. With Exchange 2003 you could create multiple sites and FBA was supported in all – Microsofts stance with Exchange 2007 is that if you need FBA on more than one site per CAS then you use ISA Server to support this. And another issue, although the use of ISA allows multiple sites with FBA enabled (albeit offloaded on the ISA server/s) still only one site is supported for the use of Outlook Anywhere (read: RPC over HTTPs). Again with Exchange 2003 it was simply a case of copying the RPC Virtual Directory to your other sites.

The advent of SAN (Subject Alternative Name) certificates have greatly helped our design of a Hosted Exchange 2007 infrastructure here at Cobweb. This has allowed us to implement cost effective Client Access Server design and support URL branding for the customers that require it – whilst minimising costs (dedicated CAS servers for every branding OWA URL we support or indeed take on with new business). For example an Exchange Hoster that wants to stay within a supported solution by Microsoft, that had say, 10 dedicated OWA URL’s would at a minimum have to deploy 10 CAS servers – and that doesn’t even take into account HA. To achieve that (at the most basic level without taking the numbers of users hitting each URL) you would need 20.

This is where SAN Certs come into their own. All branded OWA URLs can be appended to the certificate along with other Exchange services/protocols (autodiscover, POP3, IMAP4 etc). This helps a Hoster significantly as well as give benefits to normal in-house deployments.

There is one ‘gotcha’ however when using a SAN Cert for multiple OWA URLs for Outlook Anywhere access, if you enable mutual authentication for the session, you can’t connect on any of the Subject Alternative Names. This is due the client explicitly looking for a principle name in the certificate (which is matched to the Subject field of the cert):

Mutual Authentication isn’t necessary as all client machines connecting to us are deemed non domain joined (they could very well be in their own domain however) and these clients machines are unlikely to have any certificates published to them from their own Certificate Authorities.

Once this checkbox was removed, Outlook Anywhere worked for any of the branded OWA URLs held in the Subject Alternative Name field of the certificate.

Here is the Subject Alternative Name field of a cert:

Interestingly, the first OS to support Subject Alternative Names was Windows 98.

For Microsoft reference on creating Exchange Certificates and support for SAN certs with Exchange 2007 using the New-ExchangeCertificate PowerShell command see:

‘Certificate Use in Exchange Server 2007’ http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx

‘Exchange 2007 lessons learned - generating a certificate with a 3rd party CA ‘ http://msexchangeteam.com/archive/2007/02/19/435472.aspx

‘Unified Communications Certificate Partners for Exchange 2007 and for Communications Server 2007 ‘ http://support.microsoft.com/kb/929395

Oliver Moazzezi

MVP - Exchange Server