The Official SBS Blog : Messaging Hygiene in SBS 2008:

The Official SBS Blog : Messaging Hygiene in SBS 2008:
http://blogs.technet.com/sbs/archive/2009/11/09/messaging-hygiene-in-sbs-2008.aspx

My take on the SSL MITM Attacks – part 1 – the HTTPS attack

If you’re in the security world, you’ve probably heard a lot lately about new and deadly flaws in the SSL and TLS protocols – so-called “Man in the Middle” attacks (aka MITM).

These aren’t the same as old-style MITM attacks, which relied on the attacker somehow pretending strongly to be the secure site being connected to – those attacks allowed the attacker to get the entire content of the transmission, but they required the attacker to already have some significant level of access. The access required included that the attacker had to be able to intercept and change the network traffic as it passed through him, and also that the attacker had to provide a completely trusted certificate representing himself as the secure server. [Note – you can always perform a man-in-the-middle attack if you own a trusted certificate authority.]

The current SSL MITM attack follows a different pattern, because of the way HTTPS authentication works in practice. This means it has more limited effect, but requires less in the way of access. You gain some security advantage, you lose some. The attacker still needs to be able to intercept and modify the traffic between client and server, but does not get to see the content of traffic between client and server. All the attacker gets to do is to submit data to the server before the client gets its turn.

Imagine you’re ordering a pizza over the phone. Normally, the procedure is that you call and tell them what the pizza order is (type of pizza, delivery address), and they ask you for your credit card number as verification. Sometimes, though, the phone operator asks for your credit card number first, and then takes your order. So, you’re comfortable working either way.

Now, suppose an attacker can hijack your call to the pizza restaurant and mimic your voice. While playing you a ringing tone to keep you on the line, he talks to the phone operator, specifying the pizza he wants and the address to which it is to be delivered. Immediately after that, he connects you to your pizza restaurant, you’re asked for your credit card number, which you supply, and then you place your pizza order.

Computers are as dumb as a bag of rocks. Not very smart rocks at that. So, imagine that this phone operator isn’t smart enough to say “what, another pizza? You just ordered one.”

That’s a rough, non-technical description of the HTTPS attack. There’s another subtle variation, in which the caller states his pizza order, then says “oh, and ignore my attempt to order a pizza in a few seconds”. The computer is dumb enough to accept that, too.

For a more technical description, go see Eric Rescorla’s summary at Understanding the TLS Renegotiation Attack, or Marsh Ray’s original report.

Let’s call these the HTTPS client-auth attack and the HTTPS request-splitting attack. That’s a basic description of what they do.

HTTPS client-authentication attack

The client-authentication attack is getting the biggest press, because it allows the attacker one go (per try) at persuading the server to perform an action in the context of the authenticated user. From ordering a pizza to pretty any activity that can be caused in a single request to a web site can be achieved with this attack.

Preventing the attack at the server.

Servers have been poorly designed in this respect – but out of some necessity. Eric Rescorla explains this in the SSL and TLS bible, “SSL and TLS” [Subtitle: Designing and Building Secure Systems] on page 322, section 9.18.

“The commonly used approach is for the server to negotiate an ordinary SSL connection for all clients. Then, once the request has been received, the server determines whether client authentication is required… If it is required, the server requests a rehandshake using HelloRequest. In this second handshake, the server requests client authentication.”

How does HTTP handle other authentication, such as Forms, Digest, Basic, Windows Integrated, etc? Is it different from the above description?

A client can provide credentials along with its original request using the WWW-Authenticate header, or the server can refuse an unauthorised (anonymous) request with a 401 error code indicating that authentication is necessary (and listing WWW-Authenticate headers containing appropriate challenges). In the latter case, the client resends the request with the appropriate WWW-Authenticate header.

HTTPS Mutual Authentication (another term for client authentication) doesn’t do this. Why on earth not? I’m not sure, but I think it’s probably because SSL already has a mostly unwarranted reputation for being slow, and this would add another turnaround to the process.

Whatever the reason, a sudden dose of unexpected ‘401’ errors would lead to clients failing, because they aren’t coded to re-request the page with mutual auth in place.

So, we can’t redesign from scratch to fix this immediately – how do we fix what’s in place?

The best way is to realise what the attack can do, and make sure that the effects are as limited as possible. The attack can make the client engage in one action – the first action it performs after authenticating – using the credentials sent immediately after requesting the action to be performed.

A change of application design is warranted, then, to ensure that the first thing your secure application does on authenticating with a client certificate is to display a welcome screen, and not to perform an action. Reject any action requested prior to authentication having been received.

Sadly, while this is technically possible using SSL if you’ve written your own server to go along with the application, or can tie into information about the underlying SSL connection, it’s likely that most HTTPS servers operate on the principle that HTTP is stateless, and the app should have no knowledge of the SSL state beyond “have I been authenticated or not”.

Doubtless web server vendors are going to be coming out with workarounds, advice and fixes – and you should, of course, be looking to their advice on how to fix this behaviour.

The best defence against the client-authentication attack, of course, is to not use client authentication.

Preventing the attack at the client

Not much you can do here, I’m afraid – the client can’t tell if the server has already received a request. Perhaps it would work to not provide client certificates to a server unless you already have an existing SSL connection, but that would kill functionality to perfectly good web sites that are operating properly. Assuming that most web sites operate in the mode of “accept a no-client-auth connection before requesting authentication”, you could rework your client to insist on this happening all the time. Prepare for failures to be reported.

Again, the best defence is not to use client authentication right now. Perhaps split your time between browsers – one with client certificates built in for those few occasions when you need them, and the other without client certs, for your main browsing. That will, at least, limit your exposure.

HTTPS Request-splitting attack

Preventing the attack at the server

The HTTPS Request-splitting attack is technically a little easier to block at the server, if you write the server’s SSL interface – there should be absolutely no reason for an HTTP Request to be split across an SSL renegotiation. So, an HTTPS server should be able to discard any connection state, including headers already sent, when renegotiation happens. Again, consult with your web server developer / vendor for their recommendations.

Preventing the attack at the client?

Again, you’re pretty much out of luck here – even sending a double carriage return to terminate any previous request would cause the attacker’s request to succeed.

The long term approach – fix the protocol

As you can imagine, there are some changes that can be made to TLS to fix all of this. The basic thought is to have client and server add a little information in the renegotiation handshake that checks that client and server both agree about what has already come before in their communication. This allows client and server both to tell when an interloper has added his own communication before the renegotiation has taken place.

Details of the current plan can be found at draft-rescorla-tls-renegotiate.txt

Final thoughts

Yeah, this is a significant attack against SSL, or particularly HTTPS. There are few, if any, options for protecting yourself as a client, and not very many for protecting yourself as a server.

Considering how long it’s taken some places to get around to ditching SSLv2 after its own security flaws were found and patched 14 years ago with the development of SSLv3 and TLS, it seems like we’ll be trying to cope with these issues for many years to come.

Like it or not, though, the long-term approach of revising TLS is our best protection, and it’s important as users that we consider keeping our software up-to-date with changes in the security / threat landscape.

Eseutil before the Move Mailbox

[Note: if you are wondering why the mailbox I am showcasing has the name of Chris Almida and that name is kinda familiar he's the Migration PM and I have a test mailbox on the server with his name]

The funky thing about the move mailbox command is that it sits there for a while and then all of a sudden a bunch of mailboxes move over.

Now obviously a test mailbox doesn't have much, he had a 3,820 KB mailbox and that moved over in 33 seconds.

Looks to be about 10 gigs an hour, give or take a bit?

If you go back to the SBS 2003 box, into the Exchange manager, then into the first administrative group and the mailbox store, you'll see the last logon and logoff times and you'll see the SBS account logging into the systems.

Keep in mind here that permissions do not get moved over so if you have any Send on behalf settings, you'll need to redo this.

This is where your eseutil will come in handy and hopefully has caught a lot of the corruption.

Reference for Common Eseutil Errors:
http://technet.microsoft.com/en-us/library/bb123621(EXCHG.65).aspx

Once again from the Overton book (and you should do this BEFORE the move mailbox step.

Just remember do this BEFORE you move the mailboxes to catch that potential corruption.

Migration Step Nineteen: Moving the mailboxes

So on the day that TechEd Berlin announced the availability of Exchange 2010, I'm doing a test migration from Exchange 2003 to Exchange 2007.  The funny thing is a lot of the keynote videos showcased Outlook 2010 features in conjunction with Exchange 2010.  So let's get the messy questions out of the way:

So now that I am migrating to SBS 2008, what happened to Outlook 2007?  Well it's like this, you see the Exchange folks unbundled the Outlook cal that used to be provided with Exchange and unless you are a software assurance customer, you don't get Outlook 2007 as part of the Exchange deployment.  Personally I think this was a dumb move because to me, as much as Microsoft wants us to move into the cloud, they also should reinforce the 'sticky'.  That is how well the Outlook on the desktop combined with the Exchange works together.  I call this the "sticky".

Mind you this is AFTER Office 2007 SP2 and the performance patch included in that.  When you install SP2 the very first time after launching, the Outlook will rebuild the database.  I still am a fan of www.xobni.com as an add on to help in searching email.  I've seen google wave and while it's interesting, the thoughts of forensics, rights and permissions and dragging Attorneys off of AOL means that it's okay but gang, don't get hyped up into the hype just because it's Google.  The collaboative platform still has a ways to go and issues to be ironed out including offline access and smaller form factors.   Just because the Scobleizers of the world are in hype mode, let's see it in action with real people using it first before drawing conclusions.

So anyway, we're ready to move mailboxes.  Unlike the demo at TechEd Berlin, we're kinda only planning to do this once and not willy nilly move about mailboxes on different servers.  Also keep in mind that Exchange 2010's mailbox database is different from Exchange 2007 so any future "upgrades" to Exchange 2010, Exchange 2020 (just kidding) will be a move mailbox again.  Even in BPOS it's a bit funky because at the current time the AD replicator tool runs on 32 bit only and not on a DC.  Okay.  And Exchange 2007/2010 is... 64bit now right?  And our servers are 64 bit as well?  Yeah that one didn't make sense either when I heard it.

Anyway back to the migration....

We go back to the migration instructions (let's not kid ourselves...we're the wizard here, there's no "wizard"), and keep in mind that we can do this as the box is live.  That said, it's wise these days to have a mail hygiene that is also a email storage device as a backup MX to you should something occur they will hold the email.

The Official SBS Blog : SBS Migrations: Troubleshooting Moving Public Folder Replicas:
http://blogs.technet.com/sbs/archive/2009/06/21/sbs-migrations-troubleshooting-moving-public-folder-replicas.aspx

Also review this post but remember they are talking about that OTHER smtp connector, not the SBS one where you probably put in a smart host forward.

That one there probably doesn't have the smart host setting that will stop a public folder replication. 

A reminder here that it's wise to go to an attached workstation and park out a copy of the public folder content.

Now what about doing this on a live machine?  That is the unique thing about this... you can.

Now here's where the "wizard" gets unwizardy.  As they point you to a help file.  We've already discussed that we should tell folks to delete all old unneeded email ahead of time. 

If you've installed Forefront on the SBS 2008, keep in mind that that is enabled from the get go and thus may (will) blocks file types that you may not want to block.

Also don't forget about the 2 gig gotcha --

1. The Exchange Message Store has a 2GB limit at installation time.

http://technet.microsoft.com/en-us/library/bb201753.aspx

For purposes of migration we're going to untick all of those in the Exchange 2007 console:

Similarly I'll do the same on the Public folders just to be safe.  I know they aren't that big but we can come back and put limits later.

1. The Standard User Role has a user quota for Exchange of 2GB.'

I'll go into the Standard user property and untick that box 

Once you've done that you can check the setting has been done right here:

How to Configure Storage Quotas for a Mailbox: Exchange 2007 Help:
http://technet.microsoft.com/en-us/library/aa998353.aspx

The Official SBS Blog : How Do I Change Message Size Limits in Exchange 2007?:
http://blogs.technet.com/sbs/archive/2008/10/28/how-do-i-change-message-size-limits-in-exchange-2007.aspx
And don't forget to change message limits later on for sending .... then I'll pull out a bit of Powershell (gag me with a spoon)

Go back to our migration checklist on the server, restart the Exchange migration topic (click next)

 Now this is where I prefer the David Overton SBS 2008 migation book because it gives me actual screen shots of what I'm supposed to be looking at.

I do use an email forwarder to www.exchangedefender.com and will need to set up the email forwarder on the SBS 2008 (where there is a wizard to do so).

But our goal here is to document and delete.  We don't need to migrate any pop connector settings.. so yea!  We don't have to do that.

Now we hop back to the Exchange management console on the SBS 2008 box.

We go to the Organization Configuration, then to the Mailbox, then to Offline address book, right mouse click and move

And we move the OAB over to the new server.

Don't forget to go into the properties of the moved OAB and tick the box to enable web based distribution and on the green "+" button to add the new SBS 2008 box.  (yes right about now is when you go.... yeah this ain't a wizard... this sucker is a checklist of tasks).

Now on to the mailboxes.

We go into the Receipient configuration, then into mailbox and check out all of those "legacy" mailboxes.  Those are what need to be moved.  Only the brand new SBS 2008 admin that you may have had to build to log into the SBS 2008 box is a normal new mailbox.

Hit control and highlight all the ones you want moved.  Right mouse click and hit move Mailbox.

Now unlike the person who demo'd moving mailboxes in Exchange 2010 at Teched Berlin, we're only planning to do this once and not move mailboxes around so much that that's a "feature".  We browse to our SBS 2008 server, choose the SBS 2008 "Mailbox Database" ..not the 2003 Mailbox store (and as an aside why do they call it a "store" anyway?  It's not like we buy things there, but I digress).  Click ok and click next.

Philip uses the setting of 100 for potentially corrupt messages http://blog.mpecsinc.ca/2009/06/sbs-2003-to-sbs-2008-migration-guide.html, David picked 9999.  I could split the different at 5000, but I'll try 100 since I ran the ESEUTIL stuff.

Choose the new domain controller and the new global catalog server (your new SBS 2008) and click next.

Normally we'll want to move email over a weekend or over night when there's less going on at the server.  We want to move this email now so we won't set up a time, we'll do this immediately, clicking that option and click next..

We're now ready to go and moving mailboxes...  Click move.

This is where how well your users listened to you when you said CLEAN YOUR MAILBOXES OUT!. 

Also if a mailbox fails, increase the corruption amount and try again.

I'll report back how long it took.  Until next time... stay tuned for the next chapter in "How the server migrated".

Updated: Configuration Manager 2007 Help File Update Wizard

Download details: FIM 2010 RC1 Demo Hyper-V VHD

Outlook: Sending to the Wrong Email Address

One of my friends sends an email message to me telling me about their great new job and letting me know that they have a new email address. I dutifully update my Outlook Address book and fix the address.

Five unanswered emails later, I realize that I have been sending email to the WRONG email address. Even though I fixed my Outlook Address book, the Outlook Most Recently Used (MRU) list still has the OLD email address. What's to be done?

Then Beth Massi shared with me an Outlook tip that I want to pass along: You can delete items from the MRU in Outlook!

Say I am typing in John's name:

If I am not watching closely, I will send it to the wrong address again (nowhere.com).

To prevent this mistake:

1. Highlight the incorrect address.
2. Press the Del key.

The unwanted MRU entry is then deleted.

Enjoy!

So what updates get installed when you click 'yes' to updates during the SBS 2008 installer

The only updates at this time that get installed when you say 'yes' do that update screen as SBS 2008 gets installed are security updates.  There are no installer updates offered up at this time.  There are no installer only updates that I've seen period.

If there were such updates, I'd tell you to say yes to that window.  But there is none at this time.  And in fact in the release notes, there's a known issue where you'll get a bogus error message at the end of the install due to the fact that it couldn't properly get patches installed during that process.

So let's review why I say no:

1.  There are no installer fixes included (at least at this time)

2.  They are only security patches.

3.  They take a long time to download.

4.  They introduce risk during a time that you need to reduce risk.

You might encounter the error “One or more updates cannot be installed” during server installation

On the Get important updates page of the Install Windows Small Business Server 2008 Wizard, if you choose Go online and get the most recent installation updates (recommended) and then click Next, the Installation finished page appears and informs you that the wizard encountered some non-critical issues. If you click View installation issues, the wizard displays the error “One or more updates cannot be installed.”

To resolve this issue, make sure that the server is connected to the Internet, and then do one of the following:

·      Download software updates immediately

·      Configure software update settings to approve updates automatically

To connect to the Internet

To download updates immediately

To configure software update settings

Getting Change Events

I wasn’t particularly happy with the script for getting change events on the filesystemwatcher we discussed last time.  As a quick recap we ended up with this

Which depends on the correct identification of the order in which events are issued.  That seemed like too much manual intervention. It was too late last night to solve so I had another look today and came up with this

use get-event with the correct source identifier. We then group on timegenerated.  File Changes will generate two change records per event so we select where the count is 2.  Pass those into a foreach and retrieve the events matching that time. We select the first one of each pair to only access a single record. One neat line of PowerShell does it all.

OpsMgr: Green Computing Management pack pour Windows Server 2008 R2

Operations Manager se met au 'Green Computing'.

Microsoft a publié un pack d'administration 'Power zgManagement Pack' pour Windows Server 2008 R2. L'objectif est de donner de la visibilité sur la consommation énergétique des serveurs.

Ce pack d'administration est destiné à Windows Server 2008 R2 et nécessite Operations Manager 2007 R2.

Téléchargement : Windows Power Management Pack for System Center Operations Manager 2007 R2 v 6.0.6735.0.

Tech-ed Berlin 2009: Day 1

After a boring cab drive to the airport, I had an even more boring flight to Berlin. And that is exactly how I want all my flights to be. I don’t want it to be the thrilling and exciting near-death experience I had once, flying to Nice.

I arrived in Berlin safe and sound, and took a cab to the hotel. Sadly, the hotel is not near the conference center, on account of there not being any hotels nearby. The hotel is 2 short train rides away. It’s really easy to find. And of course, to those that know me it will come as no surprise that it took several tries for me to arrive at he correct location.

What sucks most is that a) my flight got rescheduled sometime ago (leaving 1 hour later than expected), delayed for half an hour, and the event agenda got re-shuffled since I booked. As a result, I missed 2 sessions. Because for some silly reason, someone decided that the keynote should be at the end of the day instead of the beginning.

Had I known this in advance, I’d have left for Berlin yesterday. I didn’t because I wanted an extra day with my wife and kids. Ironic, since they weren’t at home yesterday due to unforeseen circumstances. Next time I’ll just leave on Sunday, taking some extra time to travel.

Whatever. I am typing this while the keynote speech is starting. It’ll probably be an hour and a half filled with mind numbing explanations of why Microsoft technology is the greatest on earth.

I have to say I preferred Barcelona as the venue for tech-ed, for a number of reasons:

1) Walking down the street in November. Berlin: 5 degrees Celsius and rain. Barcelona: 20 degrees Celsius and cloudless skies.

2) Crossing the street from the hotel and being at the event in less than 2 minutes.

3) The venue itself. The messe is a complex of industrial looking buildings, with concrete, asphalt, etc, rather than the aesthetically pleasant looking ICC in Barcelona.

4) additionally, the idea of having 1 big event for developers and IT professionals is less than stellar. Because now, there are only half as much developer sessions as there used to be in Barcelona. Only 1 real C++ session, no large selection of .NET and C# and SQL Server sessions...

Still, I’ve had my first coffee of the day and I am starting to get a feel for the place. Tech-ed is still a good place to be. And if my knowledge of German cuisine is still accurate, the food will be good, plenty, and NOT drowned in olive oil.

CLI324: Windows ‘Lucky’ 7

This session was hosted by Mark Minasi

It was a good session, and basically enumerated the features of 7 that are either new, or changed from Vista or XP.

Mark is a great speaker, and managed to make the time fly while discussing the topics. It was not in depth so I am not going to repeat too much of it here. The things that got me interested most are the ability to image disks into files, like VMWare virtual disks. These disks can be shared, backed up and mounted. Very exiting stuff that would make my life easier, if we ever get to the point where we will actually use 7.

Other cool features are the ability to deploy to USB media, which would presumably allow me to boot from USB disk, as well as the ability to easily perform preconfigured installs.

When talking about Vista and how 7 compares to it, Mark mentioned that one Microsoft developer said ‘We are going to throw Vista under the bus’, comparing it with Windows Miserable Edition. Interestingly, In terms of raw speed, 7 is really not that much better. But when it comes to perceived speed, 7 is the clear winner due to being more responsive, and getting less in the way of what the user wants to do.

The talk was great, and the speaker connected well with the audience.

Sadly, this was the only technical session I will see today. As luck would have it, there is only 1 C++ talk this tech-ed, and I missed it. At least they could have scheduled some boring IT talks in the first 2 sessions but alas.

The actual keynote

The keynote itself so far has the hallmarks or every other keynote I’ve seen so far. A couple of tech delegates got singled out for public humiliation while a couple of IT bigwigs (presumably million dollar customers) sat on stage explaining how good their infrastructure is and how Microsoft helped them to enable it.

Bla bla bla snore.

I don’t want to sound jaded here, or un-appreciative of the fact that my company is letting me attend this event (I am really grateful), but keynote speeches tend to be hype and blubber, void of tech content and generally a waste of time. What was even worse about this keynote is that they didn’t show off anything related to Visual Studio 10. Instead, they demoed Server 2008 Hypervisor and Exchange 2010.

That said, it is interesting to a developer like me that with the newest release of 2008R2 and the System Management Center software, detailed knowledge and understanding of the low level OS guts are no longer absolutely necessary. Between the 2 of them, those applications let admins manage their infrastructure with only a modicum of nitty gritty knowledge. The software goes out of its way to be user friendly.

That is not a bad thing. It just feels weird that you can administer a complex system without having to troll through log files, understand dcom security configuration, and other arcane things.

At least tomorrow I’ll be able to dive deep in technical content, and hopefully start my day with bacon and coffee. At least 2 plates of the former and 2 big cups of the latter.

Wrap-up day 1

The travel was good, the weather not so much.

The windows 7 presentation was good, the keynote not so much.

I had a very good pizza in an Italian restaurant, for only 7 euros. Dirt cheap.

I am now making a schedule of which sessions I want to see, and when to see them. Some of the sessions I’d like to see are scheduled in the same slot, but some of them get repeated throughout the week so I can probably schedule my attendance so that I can see most of the people I want to see.

Forefront Protection 2010 for Exchange Server MP for OpsMgr 2007

Forefront Protection 2010 for Exchange Server Management Pack for System Center Operations Manager 2007 v11.0.0324.00 is available to download.

Brief Description
The Management Pack for Forefront Protection 2010 for Exchange Server monitors the availability, security, configuration and performance of an FPE deployment.

Overview
The Management Pack for Forefront Protection 2010 for Exchange Server (FPE) allows you to discover FPE installations and components and to monitor them within System Center Operations Manager 2007. When there is an issue that may impact the availability, configuration, or security of your FPE deployment, Operations Manager uses the management pack to detect the issue, alert you to its existence, and facilitate diagnosis and corrective actions.

Feature Summary:

• Support for Forefront Protection 2010 for Exchange Server (FPE)
• Discovery and monitoring of key FPE services
• Monitoring of product license status
• Monitoring of the availability and configuration of scan jobs
• Monitoring of scan engine and definition updates
• Diagnostic and recovery tasks related to engine updates and service recycling
• Performance views of message scanning rate across scan jobs
• Discovery and monitoring of FPE running with an Exchange CCR cluster

La vie numérique de vos enfants…

Bonsoir tout le monde,

Etre attentif à ce que votre enfant peut découvrir sur le web est indispensable pour qu'internet reste une source de savoir et de loisirs sûre.

C'est la nouvelle campagne de Microsoft qui nous est proposée au travers d'un parcours personnalisé en 3 étapes afin d'y voir plus clair sur les risques encourus par votre enfant.

Des conseils, des outils. C'est ici...

Bonne soirée.

Patrice.

Exchange Server 2007 MP for OpsMgr 2007 SP1 v6.0.6741.0

The Exchange Server 2007 Management Pack for System Center Operations Manager 2007 SP1 v6.0.6741.0 is now available to download.

Brief Description
This Management Pack includes an extensive set of monitoring including synthetic transactions to effectively monitor Exchange 2007 and report on performance, availability, and reliability of its server roles.

Overview
The Exchange Server 2007 Management Pack for Operations Manager 2007 SP1 is designed to monitor Exchange 2007 key health indicators, collect Exchange component-specific performance counters in one central location, and raise alerts for operator intervention as necessary. By detecting, sending alerts, and automatically responding to critical events, this Management Pack helps indicate, correct, and prevent possible service outages or configuration problems, allowing you to proactively manage Exchange servers and identify issues before they become critical. The Management Pack monitors and provides alerts for automatic notification of events indicating service outages, performance degradation, health monitoring, and centralized management.
This Management Pack requires Operations Manager 2007 SP1 or later. Note that there is a separate Management Pack for Exchange 2007 monitoring for Operations Manager 2007 R2.

Feature Summary

• A number of synthetic transactions ensure the Exchange servers are available and responding in a timely manner. The synthetic transactions are maintenance-mode aware, so that if the target of a transaction is in maintenance mode, the source will not run the transaction, and not alert unnecessarily.
• A significant number of rules and monitors that are not actionable or may be noisy are disabled. Note that many of these rules are still in the Management Pack so that you can enable them if necessary.
• Support for monitoring any number of Exchange organizations using a single Operations Manager 2007 management group.
• Full support for Microsoft clustered configurations. For more details, see the Management Pack Guide.
• Discovery of Exchange 2007 server roles is disabled by default, and no Exchange 2007 monitoring is applied by default. This allows you to discover and monitor your servers gradually, as well as tune the Management Pack as you bring more agent-managed Exchange 2007 servers into the Operations Manager environment.

• 11/7/2009 - Original release of English version, version 6.0.6741.0

The Executive Guide to Service Management in an Uncertain Economy | Realtime Nexus

Softpedia's exclusive interview with Malwarebytes: Malwarebytes Accuses, IObit Plays Dead

Malwarebytes burst the bubble this week and came out accusing IObit of copying their database, thus providing through their IObit Security 360 product the same protection as Malwarebytes' Anti-Malware. The copyright infringement implications led to DMCA serving of the latter to a number of software download websites in US.

Both security vendors have engaged in a war of statements on their respective blogs, stirring up heated discussions among users on their forums. Speculations have been made, opinions expressed, but no official answer to clear all haze has been given. We tried to learn about the sparks that lit the scandal and the elements fueling it.

Before we begin, we'd like to note that, in order to be fair and give everyone involved a chance to express their point of view, we also sent a set of questions to IObit for a similar interview. We have received a short response from one of the company's representatives, making it clear that the vendor had more important software development-related tasks on hand than to continue responding to Malwarebytes' accusations.

From the reply we got, we conclude that IObit's position regarding this issue remains unchanged. The company describes Malwarebytes' claims as mere rumors and its actions as unwarranted attacks.

On the matter of other antivirus vendors possibly making similar accusations in the future as a result of this incident, the IObit spokesperson stressed that the company did not steal signatures from anyone and noted that everyone was encouraged to test their database.

Continue reading in http://news.softpedia.com/news/Malwarebytes-Accuses-IObit-Plays-Dead-126389.shtml

Hat tip: Randy

E assim foi: Microsoft Techday 2009 em SP

Enfim estou aqui para comentar o sucesso do Techday 2009 em São Paulo, evento gratuito para profissionais de infraestrutura e desenvolvimento realizado na UNIP entre os dias 03 e 06/11/2009 pelas comunidades MCP Brasil, Canal System Center, Codificando e WinSec. Como representante da comunidade Canal System Center eu quero agradecer ao Vitor Nakano que foi o principal meio para que este evento acontecesse.

Em 4 dias tivemos cerca de 700 visitantes, entre comunidade e alunos da UNIP, estamos satisfeitos com o resultado e já paramos para pensar na próxima data do evento. Por enquanto fiquem com as fotos desta última edição:

Meu muito obrigado para todos os palestrantes, convidados, presentes, influenciadores e aos coordenadores da UNIP Anchieta.

Obrigado pela leitura e até a próxima publicação,

Abraços.

Cleber Marques

Microsoft MVP & MCT | Charter Member: SCVMM & MDOP
Projeto MOF Brasil: Simplificando o Gerenciamento de Serviços de TI
Meu Blog | MOF.com.br | CleberMarques.com | CanalSystemCenter.com.br

Silverlight 3 DataForm Edit Pencil

Here's a quick tip--if your Silverlight 3 DataForm is not dsplaying an Edit Pencil in the upper right corner, set the DataForm's AutoEdit to false (or if using the Visual Studio or Expression Blend IDE, uncheck the AutoEdit checkbox).

Best Regards,
Kevin McNeish
INETA Speaker
Chief Architect MM .NET Application Framework
www.oakleafsd.com

new location

I just moved my blog to http://interop.blog.de. Please visit me there...

Mein Blog ist umgezogen auf http://interop.blog.de. Dort geht's weiter.

Silverlight 3 and the Bindable Attribute

You may see a number of videos and sample code for Silverlight 3 that uses the Bindable  attribute to specifying editing features of an entity property when working with the Silverlight DataForm control. However, the Bindable attribute (as well as the System.ComponentModel assembly) were removed from Silverlight with the Silverlight 3 RTM.

Now, if you want to specify if an entity property you are binding to should be readonly, set its Editable attribute like this:

[

Editable(false)]
public DateTime BirthDate { get; set; }

If you want to specify that a user interface control should not be automatically generated for a particular entity property, set its Display attribute like this:

[

Display(AutoGenerateField=false)]
public int EmployeeID { get; set; }

Best Regards,
Kevin McNeish
Chief Architect, MM .NET Application Framework
Oak Leaf Enterprises, Inc.
www.oakleafsd.com