Recently I had the opportunity to walk through complete installs of Exchange Server 2003 and Exchange Server 2010. Although I have used Exchange Server 2007 for the past two years, as with Vista, I prefer to pretend it never happened. Installing Exchange 2003 on my personal server was like spending time with an old friend: you …
What about using the free Microsoft Certificate Authority for the SAN Certiciate
If you want to save money why not install you own Microsoft Certificate Autority and issue your own SAN Certificate (totally free of charge) for Exchange....
Its easy to ge every device to trust your certificate too...(deploy through Group Policy or make it avaliable on the web for a mobile device to click on and trust).
Or simpler still....
...OpenSSL, that what I used :)
Sounds easy enough
...but in practice it's a pain. It is possible of course, but especially for OWA (where people could be checking in from other people's machines, kiosks, etc) this will make life hell for your users.
Not disagreeing per se, just thought you might have been glossing over it a little. As much as I hate the whole trusted root architecture, it does value.
RE: Sounds easy enough
You’re no doubt referring to the users having to install the CA cert in their trusted CA store and ‘trust’ the site to allow cookies. Yeah, not exactly user friendly, though I wouldn’t go as far as hell as it’ll work without the cert install, albeit it with a lot of warning screens in your way!
I think though, if you’re worrying about saving on the cost of a cert you’re probably not a corporate company rolling out a, less than cheap, Exchange email system to your minions.
Fair statement AC
No disagreements here :)
The point of being able to deploy SSL-based Outlook connectivity in my environment was to allow users who were NOT using domain connected systems the ability to cache a copy of their e-mail locally.
Your solution, while valid in a completely domain-joined world, is invalid in this scenario.
And the point is?
None of the Autodiscover functionality or UC/SAN certificate requirements have changed between Exchange 2007 and 2010. They''ve added a certificate request wizard to the console to supplement the old powershell command but apart from that it's identical.
I had the choice of 2007 or 2010 earlier this year and after playing with a RC of 2010 and knowing 2007 pretty well I opted for 2007.
It's like an R2 release - but the core is the same. Big new things are archiving (quite limited, and we deployed a different archiving solution last year) and the ability to run on cheap storage (yet I have a nice chunk of FC SAS 15k rpm disc's on my SAN waiting to be used - mainly as I allocated that storage and I want the box to be a VM)
Give it till next year and I'd probably look at moving to 2010 if I get bored (brought SA on the CAL's) but 2007 is very solid, same feature set (apart from the above) and is well proven.
No idea where the author is getting his bad ideas on 2007. Even autodiscover and Outlook Anywhere do the same in 2007....
"Exchange 2010 is a polished product"
Makes you wonder what exactly it was they polished to make Exchange 2007, doesn't it?
RE: ...what they polished.....
If you search the web for Dr Guff's product, you will get your answer.
Hell, I even did you a favor, here is a link:
This article is about Exchange 2010 vs Exchange 2003. For the purposes of this article, my sanity and sustaining the denial that keeps me running out and playing in traffic, Exchange 2007 NEVER HAPPENED. I am putting that trauma behind me. Yes, the cert reqs are the same, and many of the fundamental basics are similar between 2007 and 2010.
That however is like saying that many of Windows 7's features (or the new driver model) existed in Vista. That's not relevant. Vista never happened. The world went directly from XP to 7. It's called DENIAL. Denial makes me happy. (Thanks to denial, I’m immortal!)
Like Windows ME before it, the entire 2007 generation of Microsoft products NEVER HAPPENED. I realise there are people out there who like to pretend this horror was indeed visited on the world. I am taken to understand that like the demented souls who practice worship of Cthulhu, there are even those among you who like to believe they would have ENJOYED living through that nightmare. I pity you.
Instead, denial allows me to have lived the past few years in a happy fluffy world where I pet bunnies as I rode on horsies through a field of rainbows. Rainbows in a universe where the 2007 generation of Microsoft products NEVER HAPPENED. So even if the world has to hate me for it, the entire world went from 2003 to 2010. (Well, those using Microsoft MTAs.)
And from that perspective, Exchange 2010 was a huge leap forward from 2003. I’m quite happy with the upgrade, and it’s working well, thanks for asking.
(I apologise if I offended any followers of Cthulhu with this post. It was probably unfair to demean you by comparing you people who actually enjoyed MS2007. Unfortunately it was the only PG comparison I could think up. Honestly, you guys aren’t as far gone as MS2007 fans.)
Yes, 2007 was a bit of a pain but I think you might take off the rose tinted specs. Exch 2003 was really difficult too.
From my perspective your article has less value because it appears that once you have Exch 2007 installed there's not much benefit to Exch 2010. The features you highlight are in Exch 2007.
One of the biggest headaches of Exch 2007 is backup because the 2008 backup service doesn't know about Exchange 2007. You don't mention it so presumably this is no better in 2010. Fortunately one can resurrect ntbackup.
Actually...I have no idea as regards backup. My undertstanding is that Server 2008 R2's Windows Backup + Volume Shadow Copy + Exchange 2010 works /somehow/. Don't ask me how, I haven't the foggiest damned idea. I use Retrospect.