Category Archives: exchange

Notes from the field: when Outlook 2010 cannot connect to Office 365

If you set up a PC to connect to Office 365, you may encounter a problem where instead of connecting, Outlook repeatedly prompts for a password – even when you have entered all the details correctly.

I hit this issue when configuring Outlook 2010 on a new PC. It was not easy to find the solution, as most technical help documents suggest that this is either a problem with the autodiscover records in DNS (not so in this case), or that you can fix it with manual configuration of the connection properties (also not so in this case).

Note that if you are using Office 2010, you should install the desktop setup software from Office 365 before trying to configure Outlook. However this still did not work.

The clue for me was when I noticed that Outlook 2010 was missing a setting in network security for Anonymous Authentication.

image

In order to fix this, I installed Office 2010 Service Pack 2, and it started working. The problem is that if you set up a new PC using an Office 2010 DVD, it takes a while before everything is up to date.

I heard of another business that had this problem and decided to upgrade their Office 365 subscription to include the latest version of Office, rather than figuring out how to fix it. Now that plans including desktop Office are reasonably priced, this strikes me as a sensible option.

Having it both ways: can Microsoft equally back Windows Phone and “Any device”?

I attended an event in London which was a kind-of UK launch for Windows Phone 8.1. The first Lumia device running 8.1, the Lumia 630, is now on sale, though this was not the main focus. It was more about asking businesses to take another look at Windows Phone (and Windows tablets), following improvements Microsoft has made. The company is particularly pleased with a new white paper from MobileIron, a well-known company in mobile device management, praising the new security and manageability features:

Windows Phone 8 did not meet the stringent policies some enterprises required for protecting corporate data and resources. The release of Windows Phone 8.1 changes the game. Microsoft is delivering a rich new feature-set for business users, and providing IT departments with the compliance and security they require. These new security and management features, called the Enterprise Feature Pack, are included as a core component of Windows Phone 8.1. When combined with an enterprise mobility management (EMM) platform, these capabilities make it much easier for enterprises to adopt the Windows Phone platform.

Fair enough, though from what I can tell Windows Phone is still struggling to get the momentum it needs. Too many companies perceive that if they support iOS and Android then that is it, job done, as evidenced by this advertisement I saw recently. This in turn dampens sales. It is an unfortunate position to be in, particularly given the good work Microsoft (and Nokia) has done on the phone OS itself. I prefer the Windows Phone user interface to that in Android, but still need an Android device in order to try out new apps.

This could change if Microsoft can continue gradually bumping up its market share, but it is tough. The wider company is now side-stepping the problem by focusing on its strengths in Office, Active Directory and Office 365, and offering first-class support for these on iOS and Android, as evidenced by the excellent Office for iPad launched earlier this year.

There is a dilemma here though. Some Windows Phone users choose the phone because they feel it will work best with Microsoft’s business platform. Could the “any device” policy end up undermining Microsoft’s efforts to promote Windows Phone?

I put this to Chris Weber, Microsoft’s Corporate Vice President of Mobile Device Sales, who has come to the company from Nokia (before which he was at Microsoft, so a true Windows veteran).

image

From a business perspective, providing cloud services, management, security, it is a multi-platform world. It is a great business decision for Microsoft to be multi-platform. Customers demand it as well.  That doesn’t mean we don’t want to create the most compelling platform and set of devices that bring Windows to life. I think the cross-platform thing is a great story … but the benefit of us [Nokia and Microsoft] coming together is now we have hardware, software and services that can be integrated in a totally different way, and we’re one of the few players that have all those components. The level of integration is much greater on the Windows platform. For example, Office is built in, you don’t have to go to a store and download it. The Linq client is built into the calendar. The email client, being able to have rights protection. The mail client itself is the best of any of them. The ability to access a SharePoint site across the firewall without a VPN connection, unique to Windows Phone.

Then we also have to win the end user. We have to win IT and those requirements, but you also have to get end users excited. Things that you see in 8.1, like Cortana, there’s a huge benefit there. And we’re bringing that across every price point.

Fair points; yet currently the iPad has a better touch-friendly Office than Windows tablets or Windows Phone; and Windows phone users have frustrations where the integration falls short. One remarkable thing, for example, is that there is no way to use a shared Exchange or SharePoint calendar on Windows Phone other than in the browser, so no integration with the built-in calendar or offline support.

What Weber describes, near-perfect integration between Windows mobile devices and Microsoft’s server applications, should be the case though; making this even better should be a high priority for CEO Satya Nadella’s new Microsoft.

Weber makes the bold claim that he can convert any user to Windows Phone, but says the challenge is to make this happen at retail level, when the customer wanders in looking for a smartphone:

If you give me fifteen minutes, I think I can convince any iPhone or Android user to move to Windows Phone. We have to do this not in fifteen minutes but in probably a minute and a half, at retail, with people who are selling multiple devices and are used to selling the competitor platform more than us.

Focusing on enterprise integration is in my view long overdue, and a few large enterprise adoptions would give Windows Phone a significant boost. At retail though, my guess is that Microsoft’s main hope is what Nokia did so well: delivering a good smartphone experience in budget devices – the “every price point” to which Weber refers.

Preventing auto-archive of Tasks in Office 365 with Retention Tags

I helped a contact set up Office 365 and encountered a curious problem.

He is a financial adviser and as part of his workflow, he uses tasks with a due date set far into the future. For example, “Call this client in two years time”.

He has an Office 365 E3 plan, which gives him enterprise-quality retention and archiving features.

We enabled archiving which by default means that messages over two years old are moved to an online archive mailbox.

He then noticed that tasks were disappearing. Then he found them in the archive mailbox. Some of the tasks that were being archived were the ones for action right now.

Why does Exchange archive tasks that are just on or even before their due date? It seems odd; but read this post carefully:

  1. A non-recurring task expires (or moves to the archive) according to its message-received date, if one exists.
  2. If a non-recurring task does not have a message-received date, it expires (or moves to the archive) according to its message-creation date.

You might not think that tasks are messages; but in Exchange everything is a message, kind-of. Nowhere does this post by Ross Smith at Microsoft refer to the task’s due date. That seems curious; but the evidence from both this post and our experience is that Exchange will indeed archive a task, regardless of its due date, if it is older than the archive period.

No problem, I thought, we’ll just set the Tasks folder not to auto-archive. Forget the folder properties though; this is Enterprise stuff set by policy and there is no auto-archive tab:

image

OK, so we have to look at the policies. This gets a little complex. If you right-click a folder in Outlook Web App, after enabling online archiving, you will notice an Assign Policy option which refers to both Archive Policy and Retention Policy:

image

However, you cannot right-click Tasks and choose “Personal never move to archive”. Nor can you use Policy tab that appears in Outlook (provided you have the right version) for most folders:

image

The Tasks folder is special. It inherits the default archiving policy for the mailbox, which cannot be overridden.

Here is how we have (I hope) fixed this. What you have to do is to set a default archiving policy of “Never archive” and then override this for the folders that you do want to archive. A bit backwards, but there it is.

You can do this either through the Office 365 Exchange admin screens, or with PowerShell. First, go to Compliance Management and select Retention tags.

Why are we looking at Retention tags and not Archive tags? The reason, as far as I can make out, is that what Microsoft calls in some places the Archive policy is implemented as a Retention policy with Action “Move to Archive”. Therefore, we have to create a new Default Retention Tag which specifies Never archive:

image

Now go to the Retention Policies tab. By default there is a single Default MRM policy. You can either amend this, or create a new policy. A policy is defined by a collection of Retention tags. The key tag in this instance is “Default 2 year move to archive”. You can either remove this and replace it with “Default never archive”, or create a new policy including “Default never archive”. It seems that Retention policies work better if they have a Default tag of some sort, so I suggest not omitting a Default tag altogether.

An Archive policy that never archives anything is not much use, so you should also include some Personal Retention tags. These let you override the default policy for specific folders, such as Inbox. You can also add Retention tags that apply automatically to specific folders (the Default MRM policy has examples for Junk Email and Deleted Items) but note that these cannot affect the Archive policy, as they cannot contain the action “Move to Archive”. Only Default and Personal tags can include Archive policy.

Finally, if you created a new policy rather than amending Default MRM Policy, you have to apply it to the mailbox. Go to Recipients, select the mailbox and click Edit, select Mailbox features, and change the Retention Policy.

image

Note that the archive policy doesn’t seem to be applied until the archiving process next runs, which by default is every seven days. You can kick it off in PowerShell like this:

Start-ManagedFolderAssistant -Identity <name of the mailbox>

My opinion: that is a lot of work simply to have Tasks not auto-archive. But on the plus side, it gives you a good understanding of how archiving and retention policies work in Office 365.

If you know an easier way, please let me know!

Further reading:

Set Up and Manage Retention Policies in Exchange Online with Windows PowerShell

Apply Retention Policies and Archive Policies to Your Messages

Changing the Organization’s Default MRM Policy (Default Retention Policy)?

Email hassles with Android and Exchange: couldn’t open connection to server

I have an Asus/Google Nexus 7 which is set up to receive mail from Exchange 2010.

At least, it was. Some time ago it stopped receiving mail. When the mail client tried to sync, I got this message:

image

“Couldn’t open connection to server due to security error”.

The message is not particularly clear. I went back into the account settings and verified everything (including Accept all SSL certificates, since mine is self-signed) and it was all fine – as I knew it would be, since it used to work.

The error, it turns out, is to do with ActiveSync policies. Exchange is detecting that the device is not in conformance, and refusing to sync. Odd, since my ActiveSync policies are relaxed and allow anything.

I removed the account and added it back. Ah, now I have this dialog:

image

I tapped Activate and everything was fine. Mail now syncs again.

I am still not sure how you find this dialog if it does not pop up automatically.

Farewell to Microsoft Small Business Server

Microsoft has announced pricing and licensing for Windows Server 2012. A dry topic perhaps; but one which confirms the end of a product with which I am perhaps too familiar: Small Business Server. It is spelt out in the FAQ:

Q33. Will there be a next version of Windows Small Business Server 2011 Standard?

No. Windows Small Business Server 2011 Standard, which includes Exchange Server and Windows server component products, will be the final such Windows Server offering. This change is in response to small business market trends and behavior. The small business computing trends are moving in the direction of cloud computing for applications and services such as email, online back-up and line-of-business tools.

The next question confirms that there will not be a new edition of Small Business Server 2011 Premium either. The official replacement is Windows Server 2012 Essentials, which is in effect the next version of Small Business Server Essentials. This handles local Active Directory, file sharing, local applications, and a connector to Office 365. However there is a 25 user account limit, whereas SBS standard supported up to 75 users, so there will be some businesses who are now forced to choose between moving to Windows Server Standard, or ditching the local server completely (which is often impractical).

image

Microsoft is pinning the reason on cloud computing, which makes some sense. Now and again I am asked by small businesses what sort of technology they should adopt; and my answer in general is to point them at either Microsoft Office 365 or Google Apps.

It is not quite clear-cut. A Small Business Server can theoretically work out cheaper, if you presume that it will not require any external maintenance. That is rarely the case though, and for most people the cloud-hosted option will be both cheaper and less troublesome.

What if you do need on-premise Active Directory, Exchange and SharePoint, which are the core components of SBS? Technically, there are in my opinion better ways to do this than with SBS. While SBS has always been excellent value for money, it is over-complex because it crams onto one box applications which are designed to run on separate boxes. It does work, but if anything goes wrong it is actually harder to troubleshoot than when you have separate servers. I prefer to see one Hyper-V box with separate Virtual Machines (VMs) for each major function, than SBS running on bare metal. VMs are also more flexible, and easier to restore if the hardware breaks.

Farewell then to SBS. I will remember it with some affection though. Think back to the nineties, when most email was POP3, and most internet was dial-up. People had problems like losing emails, because they had been downloaded to a desktop PC and they were out and about with a laptop. Moving to Microsoft Exchange, for which Outlook is the client, was bliss by comparison. Email synchronised itself to all your PCs, you could work offline, and Outlook for all its faults became a one-stop application for calendar, contacts and messages.

The beauty of SBS was that you could get Exchange along with the benefits of a Windows domain – one central directory of users and the ability to assign permissions to file shares – at a price that was more than reasonable.

I also think of SBS as a reliable product, when correctly installed. When it does go wrong it is often due to users trying to do stuff that does not quite work, or other applications which get installed on the same box, or hardware faults which users have attempted to fix by messing around with Windows, or anti-virus software misbehaving (Sophos! Confess!).

Microsoft is doing the right thing though. The SBS bundle makes little sense today, and if you do still need it, you can stick with the 2011 edition for a few years yet.

Fixing a Small Business Server 2008 broken by updates

I had a call last night from a small business whose email no longer worked. They had applied updates to the server but Exchange had failed to restart.

Looking at the services it was easy to see why. All the Exchange services and certain others including the IIS web server were set to disabled:

image

The likely culprit was Update Rollup 5 for Exchange Server 2007 Service Pack 3 (KB 2602324) – or rather, the mechanism which applies the patch, since this seems to be an issue that others have run into as far back as 2008 with other Exchange patches, though it is rare:

I installed the Update Rollup 4 and did a reboot of my Exchange Server 2007. But since then, all my services are disabled. Is this a known issue?

My guess is that the patch disables the services in order to update the binaries and then, for some unknown reason not fixed by Microsoft over these last four years, fails to re-enable them.

It seems that no harm was done other than that the services were disabled, but how can you know which services are meant to be running, which should be set to manual, and which should stay disabled?

I contemplated doing a quick test install of SBS 2008 on a VM just  to see how it is set out of the box, but fortunately found this post by Susan Bradley which shows default SBS 2008 running services.

There were a few other things wrong.  SharePoint Services was raising event 5586:

Unknown SQL Exception 33002 occured. Additional error information from SQL Server is included below. Access to table dbo.Versions is blocked because the signature is not valid.

and there was the related event 33002 from the internal SQL Server used by SharePoint. The cause of this was SharePoint Services 3.0 Service Pack 3. When you apply a major update to SharePoint Services, you have to re-run the SharePoint Products and Technologies Configuration Wizard. This is by design, though it seems odd to me that you apply an update and it silently breaks the product it is updating until you run a further manual process. Of course the error itself does not give you much clue about what is really wrong.

The third major issue was a JRNL_WRAP_ERROR from the NTFrs File Replication Service. You have to be careful with this one, since the advised fix in the event log presumes the presence of a good replica elsewhere, which in the case of SBS is unlikely. See this article for details. With SBS which it is the sole domain controller you should set the BurFlags registry key to D4. Further comment on ServerFault here.

The incident reminds me of how prickly SBS can be. It is great value for what it does, but has all the complexity of Microsoft’s server stack plus the further disadvantage of being crammed onto one machine. I prefer a pseudo multi-server approach, even for small businesses, with at least two physical servers and separate VMs for Exchange, SharePoint, domain controller, backup DC on the other physical machine, and so on. Of course this has complexity of its own.

I would guess that when upgrade time comes around, companies like this will be looking carefully at Office 365. Or Google Apps; but the advantage of Office 365 is that you can make the transition from SBS with relatively little impact on users: just migrate the Active Directory, Exchange and SharePoint. You lose flexibility and some local performance, but hand over the maintenance issues to Microsoft.

ITWriting.com awards 2011: ten key happenings, from Nokia’s burning platform to HP’s nightmare year

2011 felt like a pivotal year in technology. What was pivoting? Well, users are pivoting away from networks and PCs and towards cloud and devices. The obvious loser is Microsoft, which owns PCs and networks but is a distant follower in devices and has mixed prospects in the cloud. Winners include Apple, Google, Amazon, and Android vendors. These trends have been obvious for some time, but in 2011 we saw dramatic evidence of their outcome. As 2011 draws to a close, here is my take on ten happenings, presented as the first ever ITWriting.com annual awards.

1. Most dramatic moment award: Nokia’s burning platform and alliance with Microsoft

In February Nokia’s Stephen Elop announced an alliance with Microsoft and commitment to Windows Phone 7. In October we saw the first results in terms of product: the launch of the Lumia smartphone. It is a lovely phone though with some launch imperfections like too short battery life. We also saw greatly improved marketing, following the dismal original Windows Phone 7 launch a year earlier. Enough? Early indications are not too good. Simply put, most users want iOS or Android, and the app ecosystem, which Elop stated as a primary reason for adoption Windows Phone, is not there yet. Both companies will need to make some smart moves in 2012 to fix these issues, if it is possible. But how much time does Nokia have?

2. Riskiest technology bet: Microsoft unveils Windows 8

In September 2011 Microsoft showed a preview of Windows 8 to developers at its BUILD conference in California. It represents a change of direction for the company, driven by competition from Apple and Android. On the plus side, the new runtime in Windows 8 is superb and this may prove to be the best mobile platform from a developer and technical perspective, though whether it can succeed in the market as a late entrant alongside iOS and Android is an open question. On the minus side, Windows 8 will not drive upgrades in the same way as Windows 7, since the company has chosen to invest mainly in creating a new platform. I expect much debate about the wisdom of this in 2012.

Incidentally, amidst all the debate about Windows 8 and Microsoft generally, it is worth noting that the other Windows 8, the server product, looks like being Microsoft’s best release for years.

3. Best cloud launch: Office 365

June 2011 saw the launch of Office 365, Microsoft’s hosted collaboration platform based on Exchange and SharePoint. It was not altogether new, since it is essentially an upgrade of the older BPOS suite. Microsoft is more obviously committed to this approach now though, and has built a product that has both the features and the price to appeal to a wide range of businesses, who want to move to the cloud but prefer the familiarity of Office and Exchange to the browser-based world of Google Apps. Bad news though for Microsoft partners who make lots of money nursing Small Business Server and the like.

4. Most interesting new cross-platform tool: Embarcadero Delphi for Windows, Mac and iOS

Developers, at least those who have still heard of Embarcadero’s rapid application development tool, were amazed by the new Delphi XE2 which lets you develop for Mac and Apple iOS as well as for Windows. This good news was tempered by the discovery that the tool was seemingly patched together in a bit of a hurry, and that most existing application would need extensive rewriting. Nevertheless, an interesting new entrant in the world of cross-platform mobile tools.

5. Biggest tech surprise: Adobe shifts away from its Flash Platform

image

This one caught me by surprise. In November Adobe announced a shift in its business model away from Flash and away from enterprise development, in favour of HTML5, digital media and digital marketing. It also stated that Flash for mobile would no longer be developed once existing commitments were completed. The shift is not driven by poor financial results, but rather reflects the company’s belief that this will prove a better direction in the new world of cloud and device. Too soon and too sudden? Maybe 2012 will show the impact.

6. Intriguing new battle award: NVIDIA versus Intel as GPU computing catches on

In 2011 NVIDIA announced a number of wins in the supercomputing world as many of these huge machines adopted GPU Computing, and I picked up something of a war of words with Intel over the merits of what NVIDIA calls heterogeneous computing. Intel is right to be worried, in that NVIDIA is seeing a future based on its GPUs combined with ARM CPUs. NVIDIA should worry too though, not only as Intel readies its “Knight’s Corner” MIC (Many Integrated Core) chips, but also as ARM advances its own Mali GPU; there is also strong competition in mobile GPUs from Imagination, used by Apple and others. The GPU wars will be interesting to watch in 2012.

7. Things that got worse award: Spotify. Runners up: Twitter, Google search

Sometimes internet services come along that are so good within their niche that they can only get worse. Spotify is an example, a music player that for a while let you play almost anything almost instantly with its simple, intuitive player. It is still pretty good, but Spotify got worse in 2011, with limited plays on free account, more intrusive ads, and sign-up now requires a Facebook login. Twitter is another example, with URLS now transformed to t.co shortcuts whether you like it not and annoying promoted posts and recommended follows. Both services are desperately trying to build a viable business model on their popularity, so I have some sympathy. I have less sympathy for Google. I am not sure when it started making all its search results into Google links that record your click before redirecting you, but it is both annoying and slow, and I am having another go with Bing as a result.

8. Biggest threat to innovation: Crazy litigation from Lodsys, Microsoft, Apple

There has always been plenty of litigation in the IT world. Apple vs Microsoft regarding graphical user interfaces 1994; Sun vs Microsoft regarding Java in 1997; SCO vs IBM regarding UNIX in 2003; and countless others. However many of us thought that the biggest companies exercised restraint on the grounds that all have significant patent banks and trench warfare over patent breaches helps nobody but lawyers. But what if patent litigation is your business model? The name Lodsys sends a chill though any developer’s spine, since if you have an app that supports in-app purchases you may receive a letter from them, and your best option may be to settle though others disagree. Along with Lodsys and the like, 2011 also brought Microsoft vs several OEMs over Android, Apple vs Samsung over Android, and much more.

9. Most horrible year award: HP

If any company had an Annus Horribilis it was HP. It invested big in WebOS, acquired with Palm; launched the TouchPad in July 2011; announced in August that it was ceasing WebOS development and considering selling off its Personal Systems Group; and fired its CEO Leo Apotheker in September 2011.

10. Product that deserves better award: Microsoft LightSwitch

On reflection maybe this award should go to Silverlight; but it is all part of the same story. Visual Studio LightSwitch, released in July 2011, is a model-driven development tool that generates Silverlight applications. It is nearly brilliant, and does a great job of making it relatively easy to construct business database applications, locally or on Windows Azure, complete with cross-platform Mac and Windows clients, and without having to write much code. Several things are unfortunate though. First, usual version 1.0 problems like poor documentation and odd limitations. Second, it is Silverlight, when Microsoft has made it clear that its future focus is HTML 5. Third, it is Windows and (with limitations) Mac, at a time when something which addresses the growing interest in mobile devices would be a great deal more interesting. Typical Microsoft own-goal: Windows Phone 7 runs Silverlight, LightSwitch generates Silverlight, but no, your app will not run on Windows Phone 7.  Last year I observed that Microsoft’s track-record on modelling in Visual Studio is to embrace in one release and extinguish in the next. History repeats?

Exchange 2010 Service Pack 2 with Office 365 migration wizard and retro Outlook Mini

Microsoft has released Exchange 2010 SP2, which I have successfully installed on my small system.

image

There is a description of what’s new here. The most notable features are the Hybrid Configuration Wizard for setting up co-existence between on-premise Exchange and Office 365, and Outlook Mini for low-end phones with basic browsers.

A hybrid setup lets you include on-Premise Exchange and Office 365 Exchange in a single organisation. You can move mailboxes back and forth, archive messages online (even from on-Premise mailboxes), and synchronize Active Directory information. The feature is not new, but the wizard is.

image

This looks similar to the Exchange migration tools for BPOS and Office 365 so this is mainly a matter of baking them into the product.

Outlook Mini is very retro; I like it. It is also called Outlook Mobile Access and is similar to a feature of Exchange 2003 though it is new code; it is actually built using Outlook Web Access forms and accessed at the url yourexchange/owa/oma. There is no automatic redirection so users will have to be shown where to find it.

image image

 

Finally, this note amused me as evidence of how far litigation issues have permeated into Microsoft’s products. But what is the point of a “litigation hold” if it is so easily bypassed?

In Exchange 2010 SP2, you can’t disable or remove a mailbox that has been placed on litigation hold. To bypass this restriction, you must either remove litigation hold from the mailbox, or use the new IgnoreLegalHold switch parameter when removing or disabling the mailbox.

Disappearing items in Outlook and Exchange

I came across what looks to me like an unusual bug, most likely in Microsoft Outlook. Background: I have used the Notes folder in my Exchange mailbox for all sorts of information going back several years. This morning, I looked at the folder and found it empty, except for one solitary item. Normally there are over 1000. The surviving item was the result of my last search in that folder.

image

Now, the Exchange database is robust in my experience; and most often when items disappear it is not a bug but a result of Outlook working as designed but catching the user out in some way. Here are some common reasons:

  1. The items got auto-archived. Archives can be present on any machine on which you run Outlook. The default location for the archive folder is in a hidden location such as C:\Users\[USERNAME]\AppData\Local\Microsoft\Outlook\archive1.pst, where [USERNAME] is your Windows username. It really is hard for users to find this without expert help. How can the popular corporate mail client have usability like this? But I digress. The solution is to open the archive in Outlook and drag items back where they are wanted.
  2. The items are present, but filtered out by the view. Views in Outlook can be filtered to restrict the items on display, for example to unread items only. The user set the filter by clicking something in Outlook’s labyrinthine user interface, but does not realise it is still set. The effect is that items disappear. The solution is to reset the filter.
  3. The user accidentally dragged a folder inside another folder. This is easily done, as Outlook does not prompt you when you do this; it just moves the folder. The symptom is that a little expand symbol appears in the target folder, if it does not already have subfolders. The solution is to drag it back.
  4. The user accidentally deleted the items or folder. Outlook does not prompt when you delete items. In this case, however, the items end up in the Deleted Items folder. The solution is to drag them back where you want them.

Even if the user has subsequently emptied the deleted items folder, there is hope. Outlook has a little-known feature called Recover Deleted Items. Items go into a kind of hidden deleted items folder for a period after they get removed from the visible deleted items folder, or if they are removed with Shift-Delete. Recover Deleted Items, which is on the Folder tab in Outlook 2010 and on the Tools menu in earlier versions, will let you get them back.

My disappeared notes were nowhere to be found. Further, the evidence is that I had not deleted them, since the surviving item was the result of a search. There is no command that I know of to delete all items in a folder other than the result of a search.

Still, I wanted to get them back if possible; and preferably without restoring Exchange to an earlier date, this being a fairly slow and painful operation. I checked my laptop without connecting it to the network, to see if this had an offline copy. My laptop runs Outlook 2007. There was no offline copy, since it had synchronised subsequent to the items disappearing.

Incidentally, this is why synchronisation and redundancy are not the same as backup.

I had one more go at Recover Deleted Items. Curiously, Outlook 2007 does have a Recover Deleted Items option for the Notes folder, whereas Outlook 2010 does not. Note though that the deleted items live not in the local offline store, but in Exchange.

To my surprise, all my old notes were there. I selected them all in the Recover Deleted Items window and clicked to undelete. Now I am back where I was, except that all my old notes now have a “Created” date of today. A nuisance, but a good outcome nonetheless.

But what happened? I have two questions about this. One is how the items got deleted in the first place. The second is how they ended up in Recover Deleted Items. The documentation for Recover Deleted Items will make your head spin. It is an Exchange feature, but apparently controlled by Outlook. This knowledgebase article says it only works on the Deleted items folder, unless you are using Outlook 2007 when it works on all the folders.

Does that suggest that is was Outlook 2007 that deleted my items? But how could Outlook 2007 on one machine delete all the items except the result of a search in Outlook 2010 on another machine? It does not make sense.

My view is that Outlook has become so obscure and intricate in its inner workings that anything is possible. I think Microsoft should build a new Exchange client.

Microsoft Exchange 2010 annoyance: certificate wizard incompatible with certificate services

I’ve used the holiday break to do some testing on Exchange 2010. I have a virtual network which includes a machine running Microsoft’s Certificate Services. The wizard generates a .req file which you can submit to a certification authority. In my case I submitted to my own certificate server using the certreq command.  Here’s what you get:

image

The error message is “Certificate not issued (Incomplete)”

Kudos to Vadims Podans on the Network Steve Forum who has the answer. The Exchange 2010 wizard creates the request in a Unicode file. Certificate Services only understands Ansi. You have to open the request file in Notepad and then Save As specifying Ansi encoding. Then it works.

Actually it doesn’t work, but you get a more intelligible error. When you submit the request using certreq you have to specify a template by adding the argument:

-attrib "CertificateTemplate:WebServer"

Podans has that information too.

I realise that the majority of Exchange admins submit certificate requests to commercial authorities rather than internal ones. Still, you would hope that a Microsoft certificate wizard would be compatible with Microsoft’s own certificate server, at least if you check the right box.