Tools for Exchange & Active Directory tag:www.tools4exchange.com,2009-09-21://13 2010-07-16T05:27:11Z Movable Type Pro 4.261 Démonstration de la supervision de serveurs Exchange, facilité par Mailscape et son Dashboard. tag:www.tools4exchange.com,2010://13.992 2010-07-16T05:26:04Z 2010-07-16T05:27:11Z http://www.youtube.com/watch?v=pcvq2Bbt7ys (in Französisch)... Hans Willi Kremer http://www.NETsec.de http://www.youtube.com/watch?v=pcvq2Bbt7ys

(in Französisch)

]]> GALsync and Federation using Exchange 2010 - Part III - Provide a public certificate tag:www.tools4exchange.com,2010://13.859 2010-07-05T09:35:31Z 2010-07-06T08:25:19Z Introduction Information workers frequently need to collaborate with external recipients such as vendors, partners, and customers, and share their availability (free/busy) information, calendar, or contacts. In this third part I will describe the first required configuration tasks and the experiences... Hans Willi Kremer http://www.NETsec.de Introduction

Information workers frequently need to collaborate with external recipients such as vendors, partners, and customers, and share their availability (free/busy) information, calendar, or contacts.

In this third part I will describe the first required configuration tasks and the experiences we made with creating the federation trust using a current Exchange Comodo UC certificate.

]]> Provide a public certificate

The certificate does not require subject alternative name because it will not be used for authentication.  Because Exchange distributes the certificate to other Exchange 2010 servers in the organization, only one certificate is required for the Federation Trust.

We already had running a COMODO UC certificate which we wanted to use for the Federation trust. So we tried to make the first step with

Get-ExchangeCertificate | where {$_.IsSelfSigned -eq $false} | New-FederationTrust -Name "NETsec Federation Trust"

But we got this error (on a German server):

Fehler beim Bereitstellen von Exchange für den Partner-STS. Detaillierte Informationen: "Fehler beim Zugriff auf Window s Live. Detailinformationen: "Fehler bei der Anforderung mit HTTP-Status 403: Forbidden.".". + CategoryInfo : NotSpecified: (:) [New-FederationTrust], ProvisioningFederatedExchangeException + FullyQualifiedErrorId : 6501C8A0,Microsoft.Exchange.Management.SystemConfigurationTasks.NewLiveFederationTrust

This task using EMC had the same error as result.

I am not the expert in certificates - so I followed these steps:

Googling I found the blog from Henrik Walther (MVP) reporting that this issue might be caused by the certificate (Getting an error when setting up a federation trust in Exchange 2010? http://blogs.msexchange.org/walther/2 ... n-trust-in-exchange-2010/).

I checked the details of certificate requirements and asked COMODO for further advise.

The certificate must be signed by a trusted certification authority (CA).
Microsoft accepts only a few Certificate Authorities (See: Trusted Root Certification Authorities for Federation Trusts http://technet.microsoft.com/en-us/library/ee332350.aspx).

My verification steps:

1. The certificate must have a Subject key Identifier (SKI) field. Most X.509 certificates issued by commercial certification authorities have a SKI.

I found this in the certificate:

c1.jpg

 

 2. The certificate must use a CryptoAPI cryptography service provider (CSP). Certificates that use CryptoAPI Next Generation (CNG) providers are not supported for Federation. If you use Exchange to create a new certificate request, a CryptoAPI provider is used.

I didn't know how to evaluate this and asked COMODO for advise.

3. The certificate must use RSA as the signature algorithm.

I found this in the certificate:

c2.jpg 

 

4. The private key used to generate the certificate must be exportable.

We genereated the request with the parameter for privatekey, but I did not know how to evaluate this and asked COMODO for advise.

5. The certificate must be current.

I found this in the certificate:

c3.jpg

5. The certificate must include the Enhanced Key Usage type Client Authentication (1.3.6.1.5.5.7.3.2). This usage type is inteded for the purpose of proving your identity to a remote computer. 

I found this in the certificate:

c4.png 

So after all I sent a support call to COMODO and to different newsgroups asking for advise.

But after 1 hour I tried the command again - and it worked without having modified something! So be patient and take time for a coffee . . .

What I did a second time?

Get-ExchangeCertificate | where {$_.IsSelfSigned -eq $false} | New-FederationTrust -Name "NETsec Federation Trust"

with this result:  c4.JPG

I only wanted to validate in this last step that the certificate we are using is accepted. But in the same time we created a Federation trust. For demonstration purposes we delete this trust with:

Remove-FederationTrust "NETsec Federation Trust"

The next step you have to validate is:

Publish your Exchange to Internet

The domain used for establishing a federation trust should be resolvable from the Internet.
This requires that the domain be registered with a domain registrar, and the DNS zone for the domain be hosted on a DNS server accessible from the Internet. If the organization receives Internet e-mail for the domain, these requirements are already met.

 

Federated sharing features require

1. outbound access (port 443 for TCP)  of all CAS Servers to the Internet by using HTTPS

2. inbound access (port 443 for TCP)  to one of the CAS Servers in your organization   

 

The future:
Certificates for Federation services with Exchange 2010 SP1: you might use a Self signed certificate created by a Windows CA in your own organization. 

Further information

Public Certificates for Exchange 2010 Federation
http://www.confusedamused.com/notebook/public-certificates-for-exchange-2010-federation/

Getting an error when setting up a federation trust in Exchange 2010?
http://blogs.msexchange.org/walther/2009/10/05/getting-an-error-when-setting-up-a-federation-trust-in-exchange-2010/ 

Free/Busy Federation Troubleshooting
http://nbe.blogspot.com/2010/03/freebusy-federation-troubleshooting.html

. . . Let's go on with this in the next blog article . . .

 

]]> GALsync and Federation using Exchange 2010 - Part II tag:www.tools4exchange.com,2010://13.858 2010-07-04T12:29:19Z 2010-07-05T08:40:51Z Hans Willi Kremer http://www.NETsec.de Information workers frequently need to collaborate with external recipients such as vendors, partners, and customers, and share their availability (free/busy) information, calendar, or contacts. So we speak about

1.     Federated free/busy sharing
Access free/busy information of an external user in a partner's company. The published Exchange availability service of the partner's company answers directly using the requested information from user's mailbox. No public system folder is used anymore.

2.     Federated calendar sharing
Access calendar information of an external user in a partner's company. The user has to ask the external user to share his calendar by using the features of Outlook or Outlook Web App.

3.     Federated contact sharing
Access private contacts information of an external user in a partner's company. The user has to ask the external user before to share his contacts by using the features of Outlook or Outlook Web App.

In this second part I will give a technical level overview about what Microsoft Exchange Server 2010 Federation services provide and what the limitations are.

]]> How Federated Sharing technically works

 

  1. Have a valid public certificate present. Note:Microsoft accepts for Federation only a few Certificate Authorities.
  2. Publish Port 443 (https) for the client access server to the Internet
  3. The source organization establishes a federation trust between its Exchange 2010 organization and the Microsoft Federation Gateway. The target organization does the same. By exchanging the organization's certificates with the Microsoft Federation Gateway, every company retrieves the Microsoft Federation Gateway certificate and federation metadata.  Microsoft Federation Gateway acting as the trust broker, an identity service that runs in the cloud.
  4.  An additional DNS entry is required at each side.

The Usage of the Microsoft broker service is cost-free. Building up an own Federation Gateway is recently not possible.

For a detailed technical description how to configure federation see part III of this blog.

How free/busy sharing works in detail

1.     The user makes an free/busy request and insert the smtp-address of the other company's person in Outlook 2010 or Outlook Web App.  This address is not shown in its own companies GAL - he has to know it.

2.     The Client Access Service of his own organization then looks up to Active Directory and discovers that for this target domain is a federation configured. CAS gets the Endpoint information about the partner's organization.

3.     The CAS Server now requests a token from Microsoft's Federation Gateway which validates that the sender's organization is trusted by the target organization. MFG signs the token and encrypts it with the public key of the target organization.

4.     The token has to be received newly every time a user makes a new request. It is not stored on the client side.

5.     The token received from MFG is specific for the requesting user and the target organization. That means it is only for this purpose and must be requested again at the next free/busy request.

6.     The token is received by the source CAS server and then the free/busy request is is sent to the CAS Server of the other company's published web service.

7.     After receiving the token the CAS Server at the partner's side validates if the senders organization is in his trust list. Further on the CAS server validates if free/busy sharing is configured at organizational or users level. If all policy validations are checked the availability service gets the requested information from the users mailbox and the answer is sent back to the client.

8.     All communication is encrypted. Data are stored neither in the cloud nor in the requesting organization. It is really an "online" access.

Calendar Sharing

Calendar sharing is a bit different from free/busy sharing.

1.     You also need a federation trust to authorize the requesting user, but the requests are made directly to the external user. 

2.     After receiving a sharing invitation the external user shares it's calendar in the same way it shares it to internal users.

3.     In the user's mailbox a subscription folder is created and all new calendar information of the external users are pulled into this calendar subscription folder.  When the requesting person now views the calendar all information from the external calendar is updated by a server-side mechanism, using the federation token to ask on behalf of the requesting user the calendar data of the external user.

4.     Both users have to run Outlook 2010 or OWA 2010.

For this a GAL sync of the user objects is not required. The external user has not to be in GAL of the "publishing" user's organization.

Contact Sharing

Contact sharing works like Calendar sharing based on central federation, an users sharing invitation and an receiver's sharing.

Security and Policies

The administrator can restrict access to calendars and contacts centrally by configuring policies. These policies might be more restrictive as the user itself has configured.

Compatibility

1.     If your organization uses Exchange 2007 you have to install at least one Exchange 2010 CAS server to act as a proxy accessing the other organization. All Exchange 2007 servers require Service Pack 2. All users' requests are handled by the Exchange 2010 CAS server.

2.     If you use Outlook 2007 your organization still needs the user objects of the partners organization replicated to your Active Directory, because there is no way to access the GAL of the partners organization directly.

Further information

GALsync: http://www.netsec.de or http://www.enowinc.com

Exchange Federation:

1.     TechNet Webcast: Calendar Sharing and Federation in Microsoft Exchange Server 2010 (Level 300)

https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032440902&CountryCode=US

2.     Exchange 2010 Federation Part I-III

http://blogs.technet.com/b/ucedsg/archive/2009/10/28/exchange-2010-federation-part-i.aspx

]]> GALsync and Federation using Exchange 2010 - Part I tag:www.tools4exchange.com,2010://13.857 2010-07-04T12:27:08Z 2010-07-05T08:43:38Z Hans Willi Kremer http://www.NETsec.de Information workers frequently need to collaborate with external recipients such as vendors, partners, and customers, and share their availability (free/busy) information, calendar, or contacts. So we speak about

1.     Federated free/busy sharing
Access free/busy information of an external user in a partner's company

2.     Federated calendar sharing
Access calendar information of an external user in a partner's company

3.     Federated contact sharing
Access private contacts information of an external user in a partner's company

In this first part I will give a high level overview about what Microsoft Exchange Server 2010 Federation services provide and what the limitations are.

]]> User experience

If you and your partner's organization uses Exchange 2010, Outlook 2010 or Outlook Web App 2010 you can access free/busy information and calendars as well as contacts of the partner's organization users. This happens online and in a direct way. No data about the partner's organization are stored in your Active Directory or on client machines. The User just inserts the mail address of the partner's user he wants to get information from. If your user is offline or your or your partners company is not connected to the internet by https, it is not possible to get this information. If he does not know the mail address there is no way to get this from Federation.

Security

To secure the access Microsoft provides an own underlying trust infrastructure which acts as trust broker. So every organization which takes part in the sharing has to publish a certificate to this Microsoft Federation Gateway which is placed in the cloud. Data which are sent over the internet are encrypted. Every time a user requests information from the partner's organization first Exchange asks the Microsoft Federation Gateway to get a token for this session.

Technical implementation

The implementation is made by IT-administration. They need to

1.     Publish the Exchange web service to the internet (may be using a firewall like Microsoft ISA/TMG/UAG)

2.     Publish a certificate to the Microsoft Federation Gateway. The user's data itself are not send across this gateway.

3.     Set up policies which users are allowed to share their information with your partner

There is nothing to do for end-users.

Compatibility

If you use Outlook 2007 your organization still needs the user objects of the partners organization replicated to your Active Directory, because there is no way to access the GAL of the partners organization directly.

If your organization uses Exchange 2007 you have to install at least one Exchange 2010 server to act as a proxy accessing the other organization.

Summing Up

Exchange 2010 Federation might be a solution to get access to free/busy, calendars and personal contacts of your partners organization if you

1.     and your partner migrated fully to Exchange 2010

2.     "open" your company to the internet by publishing a web service

3.     trust the Microsoft Federation Gateway which holds your certificate and some small information about your company.

4.     your users "know" already the mail-address of the people they want to communicate with

5.     your users need this feature only if they are online

What the user has to know is the exact mail-address of the people he want to get information from (i.e. he wants to invite for a meeting).

GALsync

GALsync may be a solution for you

1.     if you cannot provide a web service to the internet (i.e. because of restrictions following companies security policies)

2.     if you do not want to trust the Microsoft Federation Gateway

3.     if you need to provide the partner's mail-addresses in your own directory so people are able to work offline too or because they use Outlook 2003 or 2007

4.     if your or your partners organization uses Exchange 2003 or Exchange 2007

5.     if you might not want to have any kind of "trust" between your and your partner's organization.

Compatibility

GALsync does not provide free/busy information to an Exchange 2010 environment and if users use Outlook 2010. For synchronizing addresses it works fine with Exchange 2003/2007/2010 and works with any client which is able to access the Global Address List.

Further information

GALsync: http://www.netsec.de or http://www.enowinc.com

Exchange Federation:

1.     TechNet Webcast: Calendar Sharing and Federation in Microsoft Exchange Server 2010 (Level 300)

https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032440902&CountryCode=US

2.     Exchange 2010 Federation Part I-III

http://blogs.technet.com/b/ucedsg/archive/2009/10/28/exchange-2010-federation-part-i.aspx

3.     "Microsoft Federation Gateway"  

http://msdn.microsoft.com/en-us/library/cc287610.aspx (from 2008).

]]> GALsync Special - Part 7:: Free Busy with Exchange 2010 tag:www.tools4exchange.com,2010://13.839 2010-03-08T16:06:44Z 2010-07-04T12:32:28Z You might want to change from using availability service to classic public folder usage for accessing and storing free/busy information. What you have to consider if using free/busy information with public folders in a pure Exchange 2010 environment after installing... Hans Willi Kremer http://www.NETsec.de You might want to change from using availability service to classic public folder usage for accessing and storing free/busy information.

What you have to consider if using free/busy information with public folders in a pure Exchange 2010 environment after installing Exchange without a public folder store?

]]> After installing Exchange 2010 by default your Exchange 2010 does not have any public folder store!

So all clients must be Outlook 2007 or Outlook 2010 to use availability service whcih collects free/busy information directly from mailbox stores.

There are several reasons for modifiying this configuartion i.e. if you want to use clients like Outlook 2003 or if you want to share free/busy information between different Exchange organizations with GALsync.

Follow these recommendations to have a new public folder store with storing free/busy in system public folders.

Create a new public folder store: But having a public folder store you do not have automatically free/busy times available. If you check presense of the required system folder with MDBVU.exe you will discover: no folder present. Follow for this our blog article How to check free/busy information in Exchange.

How to create this folder: f you use Outlook 2003 create a new appointment and save it. The best for having this information immediatly working start Outlook again from console with parameter /cleanfreebusy. This will save the new appoinment directly without time lag into the system folder.

Because Outlook 2007 and higher contacts Availability web service for free/busy lookups - and Availability service looks directly into users calendar, it is not possible to get free/busy information from public folders. So you have to force Outlook 2007 clients not to use Availability service. This you can do by:

  • HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Options
    \Calendar
  • add a dword "UseLegacyFB" with value 1 
     

Note: Outlook 2010 does not use this key, even if it is configured 

If you check presense of the required system folder with MDBVU.exe you will discover now the a public folder with a NON_IPM_subtree folder called Schedule++ Free/Busy (Follow for this our blog article How to check free/busy information in Exchange.).

For each user there is a special *.eml-file containing his free/busy data.

Links:

Paul Robichaux Blog: Creating a public folder store for Exchange 2007 free/busy or

Technet Articel At Least One Exchange 2007 Public Folder Store is Required

GALsync Special - Part 2 :: Free Busy

]]> GALsync Special - Part 6:: Encryption tag:www.tools4exchange.com,2010://13.828 2010-01-30T13:03:00Z 2010-01-30T13:19:37Z Hans Willi Kremer http://www.NETsec.de  

encrpt.JPG From customers using GALsync in a high secure environmnt we received this request:

" . . . please forward me any documentation you have which details the cryptographic mechanisms used by GALSync, specifically I'd like details of:

Which algorithms are used (I believe you said AES and RSA), Key lengths, key generation and key management, Details of the MS .Net components used.. . "

Find answers below:e

]]> We use the following documentation from Microsoft for encryption/decryption the GALsync data file.

 

http://msdn.microsoft.com/en-gb/library/ms229749%28VS.80%29.aspx

 

specially the first 4 articles

 

How to: Encrypt XML Elements with Symmetric Keys

Describes how to encrypt an XML element using the Rijndael algorithm.

 

How to: Decrypt XML Elements with Symmetric Keys

Describes how to decrypt an XML element that was encrypted using the Rijndael algorithm.

 

How to: Encrypt XML Elements with Asymmetric Keys

Describes how to encrypt an XML element using the RSA algorithm.

 

How to: Decrypt XML Elements with Asymmetric Keys

Describes how to decrypt an XML element using the RSA algorithm.

 

 

The Symmetric key is generated with RijndaelManaged by default values.

 

The Asymmetric key is generated with RSACryptoServiceProvider(4096) and a 256 bit Rijndael key.

 

We use ProtectedData Class from the .NET Framework to save the key in the policy xml file

 

ProtectedData.Protect(Encoding.UTF8.GetBytes(key), null, DataProtectionScope.LocalMachine)

 

The key xml file you generate for your partner has no protection.

 

------------------------------------------------------------------------------------------------------

We had a great time developing our products and we hope you have an equally great time working with them. If you experience any problems we are more than happy to support you.

 

]]> How to check free/busy information in Exchange tag:www.tools4exchange.com,2010://13.825 2010-01-27T10:54:28Z 2010-01-30T13:27:01Z Hans Willi Kremer http://www.NETsec.de vu08.JPG Free/busy information are provided in Exchange in a special system folder of a public folder store. This article describes how you can check if free/busy information regarding special users are present. The article is related to Exchange 2000, 2003, 2007 and 2010 (if public folders are present).]]> Description how to use MDBVU to validate existence of Free/Busy information in public folders system folders

 

1. Download mdbvu.exe from donwload.microsoft.com

2. Extract file

3. Run mdbvu32.exe

 

VU01.jpg

 

 4. Select MAPILogonEx in menu MDB. If you experience an error in loggin in please check RPC connections between your client you are running mdbvu and the exchange server. Press OK. 

 

VU02.jpg

 

5. Choose the default profile (or  create a new one). Then select OpenMessageStore in menu MDB.

 

Vu03b.JPG         

 

6. Select Public Folder (in German „Öffentliche Ordner) and click the OPEN button.

 

Vu03c.jpg

 

7. Select OPEN ROOT folder 

 

Vu04.jpg

7. Select NON_IPM_SUBTREE and scroll down to SCHEDULE+ FREE BUSY.

Vu05.jpg

 

 9. Click SCHEDULE+ FREE BUSY and you will get a list (child folders) of all stores with free/busy information related to the administrative groups you have.

 

VU06.jpg 

 

 

10. Double-Click one of the Child folders and you will get per user an entry (which represents an .eml-file containing all free/busy information of this user/contact).

 

vu07.jpg

 

Result: If there is no entry you do not have any information about free/busy regarding this user. If you see anything, every entry represents the free/busy information of the user listed.

 

]]> Dealing with SMTP proxyaddresses of users - Powershell Script tag:www.tools4exchange.com,2010://13.818 2010-01-01T19:54:02Z 2010-01-01T20:10:18Z Due to a company take-over we had to modify the primary proxyaddress of users and public folders. Unfortunatly all tests using ADModify which is a great tool didn't work. A modification with recipient policies and RUS seemed to be too... Hans Willi Kremer http://www.NETsec.de Due to a company take-over we had to modify the primary proxyaddress of users and public folders.

Unfortunatly all tests using ADModify which is a great tool didn't work. A modification with recipient policies and RUS seemed to be too critical, because most addresses had been modified different times and some tests did not have the expected result. So we decided to write some code using Powershell. We used Quest Power GUI with Active Roles Management Shell for Active Directory (free download) and installed .NET 3.1 and Powershell 1.0 on an Exchange 2003 SP2 Server / German language.

In 3 code snippets we delete a given secondary proxyaddress from users in a given group. Then we add a new primary proxyaddress and in third step we change the old primary address into a secondary address.

]]> Code Snippet 1:

# download here: RemoveSecondarySMTPOfUsers.txt

# Aus der Gruppe die Mitgliedschaften auslesen

#

"Programmstart"

$gruppe=get-qadgroup -display "Umstellung"

# über alle Gruppenmember laufen

for ($memberCount=0; $memberCount -le $gruppe.member.count-1; $memberCount++)

{

$userLangName=$gruppe.member[$memberCount]

$user=[ADSI]"LDAP://$userLangName"

$email=$user.proxyAddresses

# über alle ProxyAdressen des Users laufen

for ($adrCount=0; $adrCount -le $email.count-1 ;$adrCount++)

{

$fulladdress=$email[$adrCount]

# Typ-Teil (SMTP, X400 etc.)

$typ=$fulladdress.substring(0,5)

# wirkliche E-Mail-Adresse (foo@bar.com)

$address=$fulladdress.substring(5)

# evtl. bestehende sekundäre bgetem.de-Adresse löschen

if($typ -ceq "smtp:" -and $address -match "bgetem.de$")

{

#$email.Remove("$fulladdress")

$user.proxyAddresses.Remove("$fulladdress")

"alte BGETEM-Adresse $fulladdress gelöscht"

}

}

# Änderungen wegschreiben

$user.setinfo()

}

 

Code Snippet 2:

# download here: AddNewPrimarySMTPOfUsers.txt 

# Aus der Gruppe die Mitgliedschaften auslesen

#

"Programmstart"

$gruppe=get-qadgroup -display "Umstellung"

# über alle Gruppenmember laufen

for ($memberCount=0; $memberCount -le $gruppe.member.count-1; $memberCount++)

{

$userLangName=$gruppe.member[$memberCount]

$user=[ADSI]"LDAP://$userLangName"

$email=$user.proxyAddresses

# über alle ProxyAdressen des Users laufen

for ($adrCount=0; $adrCount -le $email.count-1 ;$adrCount++)

{

$fulladdress=$email[$adrCount]

# Typ-Teil (SMTP, X400 etc.)

$typ=$fulladdress.substring(0,5)

# wirkliche E-Mail-Adresse (foo@bar.com)

$address=$fulladdress.substring(5)

# bgete.de-Adresse ermitteln und als neue primäre SMTP auf bgete_M_.de speichern

if ($typ -ceq "SMTP:" -and $address -match "bgete.de$")

{

$newaddress = $address.Substring(0, $address.Length - 3) + "m.de"

$newaddress = $newaddress.ToLower()

$user.proxyAddresses += "SMTP:$newaddress"

"neue BGETEM-Adresse $newaddress für $fulladdress hinzugefügt"

}

}

# Änderungen wegschreiben

$user.setinfo()

}

Code Snippet 3:

# Download here: RemovePrimarySMTPOfUsers.txt 

# Aus der Gruppe die Mitgliedschaften auslesen

#

"Programmstart"

$gruppe=get-qadgroup -display "Umstellung"

# über alle Gruppenmember laufen

for ($memberCount=0; $memberCount -le $gruppe.member.count-1; $memberCount++)

{

$userLangName=$gruppe.member[$memberCount]

$user=[ADSI]"LDAP://$userLangName"

$email=$user.proxyAddresses

# über alle ProxyAdressen des Users laufen

for ($adrCount=0; $adrCount -le $email.count-1 ;$adrCount++)

{

$fulladdress=$email[$adrCount]

# Typ-Teil (SMTP, X400 etc.)

$typ=$fulladdress.substring(0,5)

# wirkliche E-Mail-Adresse (foo@bar.com)

$address=$fulladdress.substring(5)

# bgete.de-Adresse ermitteln und auf kleingeschriebens SMTP umstellen

if ($typ -ceq "SMTP:" -and $address -match "bgete.de$")

{

$modifiedFullAddress = "smtp:" + $address.ToLower()

$email[$adrCount] = $modifiedFullAddress

"auf kleines smtp für $address geändert"

}

}

# Änderungen wegschreiben

$user.setinfo()

}

 

 

]]> Modify the primary SMTP address of a Public Folder - Powershell Script tag:www.tools4exchange.com,2010://13.817 2010-01-01T19:37:12Z 2010-01-01T19:53:13Z The two scripts introduce in how to change the primary address of a Public Folder in Exchange using Powershell.... Hans Willi Kremer http://www.NETsec.de The two scripts introduce in how to change the primary address of a Public Folder in Exchange using Powershell. The architecture is as:

Code snippet 1

  1. Look for all objcts in OU Microsoft Exchange System Objects
  2. Exclude certain objects from beeing modified
  3. Traverse all addresses of each object found
  4. if you find a address by type "SMTP:" and a certain domain
    take the syntax of this entry and create a new entry using the new domain name.

Code snippet 2

  1. Set the old primary address as secondary address

Download Script code here:

ModifyPublicFolderSMTP.txt

SetPrimarySMTPasSecondaryinPublicFolders.txt 

 

Code Snippet 1:

# Autor: Hans Willi Kremer, NETsec GmbH & Co. KG, www.netsec.de

# Datum: 2010-01-01

# Ziel: Hinzufügen einer neuen primären SMTP-Proxyadresse von benutzerdefinierten Öffentlichen Ordnern

# Dabei wird der Name der bisherigen primären Adresse zur Bildung der neuen genutzt

# System: Exchange 2000

# Verwendet: Powershell, .NET 3.1, Quest Power GUI mit Active Roles Management Shell for Active Directory

# Hinweis: Im Script ist keine Fehlerbahndlung eingebaut

# Beginn

$OldPrimarySMTP = "root.domain$"

$NewPrimarySMTP = "bgetem.de$"

$Logfile="c:\ModifyPublicFolder.log"

"Start" | out-file -filepath $Logfile -encoding default -Append

# Durchsuche die Objekte in folgender Organisationseinheit. Dort sind unter anderem

# alle mail-aktivierten Öffentlichen Ordner aufgeführt.

$object=get-QADObject -SearchRoot 'root.domain/Microsoft Exchange System Objects'

$anzahl=$object.Count

"$anzahl Objekte in der OU Microsoft Exchange System Objects gefunden" | out-file -filepath $Logfile -encoding default -append

for ($memberCount=0; $memberCount -le $anzahl-1; $memberCount++)

{

$PublicFolderName=$object[$memberCount]

"$PublicFolderName wurde gefunden" | out-file -filepath $Logfile -encoding default -append

# Folgende Objekte sollen nicht überprüft werden

# die Liste kann beliebig erweitert werden

switch -wildcard ($PublicFolderName.name)

{

'Default*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'internal*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Schedule+ Free Busy*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Offline Address Book*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'schema-root*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'globalevents*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'exchangeV1*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'microsoft*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'OWAScratchPad*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'SystemMailbox*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Exchange Install*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'StoreEvents*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

default

{

# ansonsten Referenz auf das Objekt vornehmen

$PublicFolder=[ADSI]"LDAP://$PublicFolderName"

$PublicFolderEmail=$PublicFolder.proxyAddresses

"$PublicFolderName mit Pfad: $PublicFolder und Adressen: $PublicFolderEmail wird laut Regeln bearbeitet" | out-file -filepath $Logfile -encoding default -append

# alle ProxyAdressen des Öffentlichen Ordners durchlaufen

for ($adrCount=0; $adrCount -le $PublicFolderEmail.count-1 ;$adrCount++)

{

# Vollständige Adressierung ("SMTP:foo@ar.com")

$fulladdress=$PublicFolderEmail[$adrCount]

# Email-Typ-Teil (z.B.SMTP, X400 etc.)

$typ=$fulladdress.substring(0,5)

# Ermitteln des Adressteiles (z.B.foo@bar.com)

$address=$fulladdress.substring(5)

# Alte primäre Adresse ermitteln und als neue primäre SMTP mit neuer Domäne speichern

if ($typ -ceq "SMTP:" -and $address -match $OldPrimarySMTP)

{

$newaddress = $address.Replace($OldPrimarySMTP.Substring(0, $OldPrimarySMTP.Length - 1) , $NewPrimarySMTP.Substring(0, $NewPrimarySMTP.Length - 1))

$newaddress = $newaddress.ToLower()

"neue Adresse: $newaddress" | out-file -filepath $Logfile -encoding default -append

$PublicFolder.proxyAddresses += "SMTP:$newaddress"

#Änderungen wegschreiben / save modifications

if ($PublicFolder -ne $null){$PublicFolder.setinfo()}

#"Adresse: $fulladdress wurde geändert" | out-file -filepath $Logfile -encoding default -append

}

}

}

}

}

"Ende" | out-file -filepath $Logfile -encoding default -Append

 

Code Snippet 2:

 

# Autor: Hans Willi Kremer, NETsec GmbH & Co. KG, www.netsec.de

# Datum: 2010-01-01

# Ziel: Setzen einer ausgewählten primären SMTP-Proxyadresse von benutzerdefinierten Öffentlichen Ordnern auf sekundär

# Dabei wird der Name der bisherigen primären Adresse zur Bildung der neuen genutzt

# System: Exchange 2000

# Verwendet: Powershell, .NET 3.1, Quest Power GUI mit Active Roles Management Shell for Active Directory

# Hinweis: Im Script ist keine Fehlerbahndlung eingebaut

# Beginn

$SMTPAddressToModify = "bgetem.de$"

$Logfile="c:\ModifySecondaryPublicFolder.log"

"Start" | out-file -filepath $Logfile -encoding default -Append

# Durchsuche die Objekte in folgender Organisationseinheit. Dort sind unter anderem

# alle mail-aktivierten Öffentlichen Ordner aufgeführt.

$object=get-QADObject -SearchRoot 'root.domain/Microsoft Exchange System Objects'

$anzahl=$object.Count

"$anzahl Objekte in der OU Microsoft Exchange System Objects gefunden" | out-file -filepath $Logfile -encoding default -append

for ($memberCount=0; $memberCount -le $anzahl-1; $memberCount++)

{

$PublicFolderName=$object[$memberCount]

"$PublicFolderName wurde gefunden" | out-file -filepath $Logfile -encoding default -append

# Folgende Objekte sollen nicht überprüft werden

# die Liste kann beliebig erweitert werden

switch -wildcard ($PublicFolderName.name)

{

'Default*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'internal*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Schedule+ Free Busy*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Offline Address Book*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'schema-root*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'globalevents*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'exchangeV1*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'microsoft*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'OWAScratchPad*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'SystemMailbox*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Exchange Install*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'StoreEvents*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

default

{

# ansonsten Referenz auf das Objekt vornehmen

$PublicFolder=[ADSI]"LDAP://$PublicFolderName"

$PublicFolderEmail=$PublicFolder.proxyAddresses

"$PublicFolderName mit Pfad: $PublicFolder und Adressen: $PublicFolderEmail wird laut Regeln bearbeitet" | out-file -filepath $Logfile -encoding default -append

# alle ProxyAdressen des Öffentlichen Ordners durchlaufen

for ($adrCount=0; $adrCount -le $PublicFolderEmail.count-1 ;$adrCount++)

{

# Vollständige Adressierung ("SMTP:foo@ar.com")

$fulladdress=$PublicFolderEmail[$adrCount]

# Email-Typ-Teil (z.B.SMTP, X400 etc.)

$typ=$fulladdress.substring(0,5)

# Ermitteln des Adressteiles (z.B.foo@bar.com)

$address=$fulladdress.substring(5)

# Adresse ermitteln und auf sekundäre SMTP-Adresse umstellen

if ($typ -ceq "SMTP:" -and $address -match $SMTPAddressToModify)

{

$modifiedFullAddress = "smtp:" + $address.ToLower()

$PublicFolderEmail[$adrCount] = $modifiedFullAddress

#Änderungen wegschreiben / save modifications

if ($PublicFolder -ne $null){$PublicFolder.setinfo()}

"Adresse wurde geändert" | out-file -filepath $Logfile -encoding default -append

}

}

}

}

}

"Ende" | out-file -filepath $Logfile -encoding default -Append

]]> Delete a SMTP address of a Public Folder - Powershell Script tag:www.tools4exchange.com,2010://13.816 2010-01-01T18:30:23Z 2010-01-01T19:36:56Z In this script we remove a given secondary SMTP-Proxyaddress of mail-enabled Public Folders in Exchange 2003.... Hans Willi Kremer http://www.NETsec.de In this script we remove a given secondary SMTP-Proxyaddress of mail-enabled Public Folders in Exchange 2003. The architecture is as:

  1. Look for all obejcts in OU Microsoft Exchange System Objects
  2. Exclude certain objects from beeing modified
  3. Traverse all addresses of each object found
  4. if you find a address by type "smtp:" and a certain domain
    remove this entry form the proxy addresslist

Download Script code here: RemoveProxyAddressFromPublicFolder.txt 

 

code snippet:

$ProxyAddressToRemove = "bgetem.de$"

$Logfile="c:\removePublicFolder.log"

"Start" | out-file -filepath $Logfile -encoding default -Append

$object=get-QADObject -SearchRoot 'root.domain/Microsoft Exchange System Objects'

$anzahl=$object.Count

"$anzahl Objekte in der OU Microsoft Exchange System Objects gefunden" | out-file -filepath $Logfile -encoding default -append

for ($memberCount=0; $memberCount -le $anzahl-1; $memberCount++)

{

$PublicFolderName=$object[$memberCount]

"$PublicFolderName wurde gefunden" | out-file -filepath $Logfile -encoding default -append

switch -wildcard ($PublicFolderName.name)

{

'Default*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'internal*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Schedule+ Free Busy*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Offline Address Book*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'schema-root*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'globalevents*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'exchangeV1*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'microsoft*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'OWAScratchPad*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'SystemMailbox*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'Exchange Install*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

'StoreEvents*' {"$PublicFolderName wird laut Regeln nicht bearbeitet" | out-file -filepath $Logfile -encoding default -append}

default

{

$PublicFolder=[ADSI]"LDAP://$PublicFolderName"

$PublicFolderEmail=$PublicFolder.proxyAddresses

{"$PublicFolderName mit Pfad: $PublicFolder und Adressen: $PublicFolderEmail wird laut Regeln bearbeitet" | out-file -filepath $Logfile -encoding default -append}

for ($adrCount=0; $adrCount -le $PublicFolderEmail.count-1 ;$adrCount++)

{

$fulladdress=$PublicFolderEmail[$adrCount]

$typ=$fulladdress.substring(0,5)

$address=$fulladdress.substring(5)

if($typ -ceq "smtp:" -and $address -match $ProxyAddressToRemove)

{

$PublicFolder.proxyAddresses.Remove("$fulladdress")

"Adresse: $fulladdress wurde gelöscht" | out-file -filepath $Logfile -encoding default -append

if ($PublicFolder -ne $null){$PublicFolder.setinfo()}

}

}

}

}

}

"Ende" | out-file -filepath $Logfile -encoding default -Append

]]> Setup Exchange 2010 mit Windows 2008 R2 tag:www.tools4exchange.com,2009://13.750 2009-12-12T15:46:25Z 2009-12-13T08:44:13Z If you need to install Exchange 2010 quickly follow these guidelines... Hans Willi Kremer http://www.NETsec.de If you need to install Exchange 2010 quickly follow these guidelines Vorbereiten des Forests und der Domäne

  • Domänen und Forest-Schema müssen mindestens Windows 2003 native sein.

    Forest:
    aa1.JPG

    Domäne

    aa2.JPG

 

  • setup /PrepareLegacyExchangePermissions
  • setup /PrepareSchema

Quelle: http://technet.microsoft.com/de-de/library/bb125224.aspx

    •  

     
    • Installation eines CAS Servers

    Import-Module ServerManager

    Add-WindowsFeature NET-Framework
    Add-WindowsFeature RSAT-ADDS
    Add-WindowsFeature Web-Server
    Add-WindowsFeature Web-Basic-Auth
    Add-WindowsFeature Web-Metabase
    Add-WindowsFeature Web-Windows-Auth
    Add-WindowsFeature Web-Net-Ext
    Add-WindowsFeature Web-Lgcy-Mgmt-Console
    Add-WindowsFeature WAS-Process-Model
    Add-WindowsFeature RSAT-Web-Server
    Add-WindowsFeature -ISAPI-Ext,Web-Digest-Auth
    Add-WindowsFeature Web-Dyn-Compression | fl
    Add-WindowsFeature NET-HTTP-Activation
    Add-WindowsFeature RPC-Over-HTTP-Proxy
    Restart

    Dienst NET.TCP Port Sharing auf automatisch stellen 

    Installation des 2007 Office System Converter: Microsoft Filter Pack

    Setup

     

    • Installation eines MB/HUB Servers

    Import-Module ServerManager

    Add-WindowsFeature NET-Framework
    Add-WindowsFeature RSAT-ADDS
    Add-WindowsFeature Web-Server
    Add-WindowsFeature Web-Basic-Auth
    Add-WindowsFeature Web-Metabase
    Add-WindowsFeature Web-Windows-Auth
    Add-WindowsFeature Web-Net-Ext
    Add-WindowsFeature Web-Lgcy-Mgmt-Console
    Add-WindowsFeature WAS-Process-Model
    Add-WindowsFeature RSAT-Web-Server
    Add-WindowsFeature -ISAPI-Ext,Web-Digest-Auth
    Add-WindowsFeature Web-Dyn-Compression | fl
    Add-WindowsFeature NET-HTTP-Activation
    Add-WindowsFeature RPC-Over-HTTP-Proxy
    Restart

    Dienst NET.TCP Port Sharing auf automatisch stellen 

    Installation des 2007 Office System Converter: Microsoft Filter Pack

     

     

     

     

    ]]>     Upgrade instructions tag:www.tools4exchange.com,2009://13.748 2009-12-07T21:09:30Z 2009-12-07T21:18:57Z Hans Willi Kremer http://www.NETsec.de GALsync version 4 provides an important and heavily requested new feature: synchronization of free/busy information.

    Aditionally it has a new Look & Feel following Exchange 2010 and Outlook 2010. Unless we spent a lot of time in developing this feature, this version is a no chargeable upgrade.

    see upgrade instructions here . . .

    ]]>

    Download

    Download the latest version from our website http://www.netsec.de/index.php?id=download-2009&L=4

     

     

    wehadagreattime.JPG

     

    Extended information and tips

    See GALsync blog at http://www.tools4Exchange.com/galsync

     

    Upgrade Instructions for Existing Users

     

    For upgrading from GALsync versions 2.x or GALsync 3.x to GALsync 4.x we recommend to backup your GALsync program folder.

    Keep your settings written to paper before uninstalling your current version using the Add/Remove Programs applet in Windows Control Panel.

     

    After installing the new version you have to re-configure all previous profiles. There is no task to migrate them directly, because version 4 uses new data structures.

     

    You may re-use the current service account and its mailbox (if used).

     

    Downgrading Back

     

    Should you choose to downgrade back to your previous version of GALsync

    the changes you make in your new installation will not be reflected in the previous, older version. For downgrading restore the backup of the GALsync program folder and run your previous installation file.

     

     

    Licensing

     

    This is a no chargeable upgrade. But you will require a new license file.

    If you run version 4 without a license you will not be able to export more than 100 objects!

     

     

    If you have any question or queries you can contact GALsync Technical Support on +49 2421 998 78 20. Alternatively, you can email them at support@netsec.de.

     

    ]]>     GALsync v4, Exchange 2010 and Windows 2008 R2 tag:www.tools4exchange.com,2009://13.704 2009-11-18T16:53:44Z 2009-11-21T15:35:58Z Hans Willi Kremer http://www.NETsec.de You might want to install GALsync v4 on a Windows 2008 R2 member server or Windows 7. 

    ]]> Be aware to have a public folde database installed on Exchange 2010 - GALsync uses the free/busy folders of Exchange system public folders.

    Summary

    With GALsync v4 you are able to synchronize Free/Busy information between forest. This makes it easier to relaize cross-forest migration with cross-forest free/busy synchronization.

    The software GALsync can be run on Microsoft clients like XP, Vista and Windows 7 as well as on member servers with Windows 2000, Windows 2003, Windows 2008 and Windows 2008 R2. It does not matter which language you use and if you use 32 Bit or 64Bit editions.

    If you want GALsync can be installed on Domain Controllers or Exchange servers. We recommend to take a member server having good access to a Domain Controller with Global Catalog.

    ]]>     Freeware: NETsec publishes Test Data Tool (BulkEx) for test labs tag:www.tools4exchange.com,2009://13.703 2009-11-17T13:32:49Z 2009-11-21T14:23:01Z A lot of administrators are looking for scripts to create test accounts in bulk. NETsec now offers a freeware tool which creates users, groups, contacts, distribution groups. As special feature you can create free/busy information for testing purposes. The tool... Hans Willi Kremer http://www.NETsec.de A lot of administrators are looking for scripts to create test accounts in bulk. NETsec now offers a freeware tool which creates users, groups, contacts, distribution groups. As special feature you can create free/busy information for testing purposes.

    The tool works fine with Active Directory and Exchange 200x and makes creation of large numbers of Active Directory objects easy. Great for Exchange consultants and test lab needs.

    Download BulkEx for free.

    ]]>  

    What does the tool provide you with?

    1. Create mailbox-enables users
      For creating users the software uses the content of 5 files in subfolder /names which represent firstname, lastname, city, country and street. The files are pre-filled with examples. If you need to have your own "words" you might modify these files.

      Image
    2. Create mail-enabled contacts
      For creating users the software uses the content of 5 files in subfolder /names which represent firstname, lastname, city, country and street. The files are pre-filled with examples. If you need to have your own "words" you might modify these files
    3. Create mail-enabled groups
      as mail-enabled Universal Security Groups
    4. Create mail-enabled dynamic distribution lists
      Predefined filter: all mail-enabled objects
    5. Free/Busy information
      All user objects in the selected OU will get some calendar entries. At every day they will get 1 meeting with another person (randomly). The first 15 entries are by type busy, the next 15 entries by type free; the next 15 by out of office and 15 entries with tentative.
    6. Log file
      All actions are written to a log file which is placed in the installation folder. 

    BulkEx3.JPG

    BulkEx4.JPG 

    Prerequisites:

    1. You must have .Net Framework 2.x or higher installed on the machine you want to use.
    2. The machine must be member of the domain.
    3. Windows 2003/Windows 2008/Xp/Vista: The setup installs automatically CDO (if there is no Outlook software on the machine).
    4. Windows 7 / Windows 2008 R2: If you want to install the tool on a Windows 7 client or a Windows 2008 R2 member server, Outlook 2007 is required on this machine.

     

    NETsecHelpRequiredNew.JPG

    The software is as is - we take no warrenty. But we use it for internal testing purposes at our own site (programming) and at customers site (migration, testlabs & consulting scenarios). Recommendations and contributions are welcome.

     

    Summary:

    BulKEx creates Active Directory / Exchange mailbox-enabled users, mail-enabled contacts and groups in bulk as well as free/busy information.

     

    ]]>     Press Release: Synchronize Exchange Address Data And Calendar Entries tag:www.tools4exchange.com,2009://13.701 2009-11-17T04:08:30Z 2009-12-06T16:26:07Z Hans Willi Kremer http://www.NETsec.de Galsync v4 With Extended Free/Busy Functions And New User Interfaces

     

    Dueren, Germany, November 2009. The NETsec GmbH & Co. KG, supplier of productivity solutions for Active-Directory- and Exchange-Administrators, introduces the new version of Exchange-synchronization software Galsync on 15th November. Besides the synchronization of exchange address lists, Galsync v4 can now also synchronize the free-busy-information of contacts between various Exchange-Installations.

    ]]> Specifically it means that Galsync outplays both the contact data and also free-busy-entries of a user from the Exchange-Organization A in the Installation B.

    In order to import and export the address lists and calendar entries, no permanent connection should be there between the Exchange-Organisations. Even own Server is not necessary for Galsync v4. The data is exchanged by E-Mail, FTP or File-Sharing- not only between two, also between various exchange environments.

    NETsec Galsync v4 is equipped with a new user interface, which is based upon the Look & Feel of Windows 7 and Exchange 2010, over the extension of core function. Galsync v4 works together with Exchange 2003, 2007 and 2010 or combinations from these versions.

    Price wise Galsync v4 is way under the offers of the competitors as the preceding version. A licence can already be obtained from 500 Euro.

     

    Galsync belongs to the most frequently applied solutions for the synchronization of Exchange address lists, since it not only offers functional users everything for the simple, friction free work of several Exchange organizations. Galsync v4 and the preceding versions are very simple to implement, without large project, expensive training, additional Hard- or Software. The solution is ready for application within fewer hours. The users can then select Exchange address data per mouse click, in order to export or import them in user-defined many exchange organizations.

     

    The synchronization intervals can be determined arbitrarily, so that even quickly changing organizations can also work with Galsync v4. The data fields are translated, formatted and modified at the time of import and export. Thus even the synchronization of Exchange-Organizations is possible from various language areas.

     

    Safety related Galsync is however completely equipped: the address data is transferred encoded; all synchronization processes are protocolled retraceable.

     

    On customer request NETsec Galsync v4 adjusts to the respective requirements of the company.

     

    Address lists and calendar entries of various Exchange organizations must always be synchronized only then, if company does not want to and cannot work with a single installation. This is typically the case, if companies are taken over or merged and the IT is not equally consolidate, organizations co-operate or the communication with partners and customers should be lightened, without having to integrate the IT-Systems.

     

    Download GALsync v4 here

     

     


    About NETsec

     

    The NETsec GmbH & Co. KG, Düren, is a supplier of productivity tools and -services for the Administration of MS Exchange and MS Active Directory. solutions for the synchronization of global address lists of various exchange instances, archive- and documentation applications, anti-spam- and anti-virus software and many other utility programs for the Active Directory- und Exchange Administration are offered.

     

    All solutions make the work of administrators and IT-departments simpler and more productive. They help the companies to reduce costs and at the same time to make IT more efficient and optimally useful for the co-workers.

     

    In addition to product offer NETsec Company actively supports in case of administration of its IT. Numerous customers already trust NETsec over the normal product support with IT-Management-Services - from their experience new productivity tools arise now and then.

     

    NETsec is Microsoft Gold Certified Partner.

    ]]>