Exchange 2010 Powershell Management - Administration

Common Cmdlet Actions
The following verbs are supported by most cmdlets and are associated with a specific action.

New
The New verb creates a new instance of something, such as a new configuration setting, a new database, or a new SMTP connector.

Remove
The Remove verb removes an instance of something, such as a mailbox or transport rule.All Remove cmdlets support the WhatIf and Confirm parameters.

Enable
The Enable verb enables a setting or mail-enables a recipient.

Disable
The Disable verb disables an enabled setting or mail-disables a recipient. All Disable tasks also support the WhatIf and Confirm parameters.

Set
The Set verb modifies specific settings of an object, such as the alias of a contact or the deleted item retention of a mailbox database.

Get
The Get verb queries a specific object or a subset of a type of object, such as a specific mailbox, all mailbox users, or mailbox users in a domain.

Important Parameters
The following parameters help you control how your commands run and indicate exactly what a command will do before it affects data.

Identity
The Identity parameter identifies the unique object for the task. It is typically used with Enable, Disable, Remove, Set, and Get cmdlets. Identity is also a positional parameter, which means that you don't have to specify Identity when you specify the parameter's value on the command line.

For example: Get-Mailbox -Identity user1 queries for the mailbox of user1. Get-Mailbox user1 is equivalent to Get-Mailbox -Identity user1.

WhatIf
The WhatIf parameter instructs the cmdlet to simulate the actions that it would take on the object. By using the WhatIf parameter, you can view what changes would occur without actually applying any of the changes. The default value is $True.

Confirm
The Confirm parameter causes the cmdlet to pause processing and requires the administrator to acknowledge what the cmdlet will do before processing continues. The default value is $True.

Validate
The Validate parameter causes the cmdlet to check that all prerequisites for running the operation are satisfied and that the operation will complete successfully.

Tips and Tricks
Get-Command
This cmdlet retrieves all tasks that can be executed in Exchange Server 2010.

Get-Command *keyword*
This cmdlet retrieves tasks that have keyword in the cmdlet.

Get-task | Get-Member
This cmdlet retrieves all properties and methods of task.

Get-task | Format-List
This cmdlet displays the output of the query in a formatted list. You can pipe the output of any Get cmdlet to Format-List to view the whole set of properties that exist on the object returned by that command, or you can specify specific properties that you want to view, separated by commas, as in the following example: Get-Mailbox *john* | Format-List alias,*quota

Help task
This cmdlet retrieves Exchange Management Shell help information for any task in Exchange 2010, as in the following example: Help Get-Mailbox

Help task
Enter a partial name for task, and then press the TAB key to cycle through all cmdlets that contain the text that you specified. You can also use wildcard characters, as in the following example: Help *UM*

Get-task | Format-List > file.txt
This cmdlet exports the output of task to a text file: file.txt

Contact Management
Enable-Mailcontact -Identity "John Smith” -alias smith -externalEmailAddress smith@contoso.com
This command mail-enables the contact John Smith by specifying the distinguished name (DN) for the contact, and providing the alias smith and an external e-Mail address smith@contoso.com.

Disable-MailContact -Identity smith
This command mail-disables the contact by specifying the alias of the contact in the Identity parameter.

Set-MailContact -Identity smith -Alias jsmith
This command changes the alias of the mail-enabled contact specified in the Identity parameter from smith to jsmith by using the Alias parameter.

Set-Contact -Identity jsmith -Manager user1
This command modifies the contact jsmith’s Active Directory® directory service information by changing jsmith’s manager to User1.

Note: If the contact is not mail-enabled, you can't retrieve it by using an alias. You must use the contact's full name, GUID, or DN.

Group Management
Enable-DistributionGroup -Identity “contoso\Distribution Group” -Alias DG
This command mail-enables the existing universal distribution group named Distribution Group that is in the contoso domain. It is the alias DG.

Disable-DistributionGroup -Identity DG
This command mail-disables the mail-enabled universal distribution group named DG.

Set-DistributionGroup -Identity DG -Alias group1
This command modifies the settings of the universal distribution group named DG in Exchange by changing its alias to group1.

Add-DistributionGroupMember -Identity DG -Member user1
This command adds the recipient user1 as a member of the universal distribution group DG.

Get-DistributionGroupMember -Identity DG
This command retrieves all the members of the distribution group named DG.

Set-Group -Identity DG -DisplayName “Universal DG”
This command modifies the Active Directory settings of the Windows® group named DG by changing its display name to "Universal DG".

New-DynamicDistributionGroup -Name DDG -Alias DDGAlias -OrganizationalUnit OU -IncludedRecipients MailboxUsers
This command creates a new query-based dynamic distribution group named DDG. The IncludedRecipients parameter accepts the following values: None | MailboxUsers | Resources | MailContacts | MailGroups | | MailUsers | AppRecipients.

Set-DynamicDistributionGroup -Identity DDG -DisplayName DDG1
This command modifies the display name of the dynamic distribution group named DDG1 by changing the name to DDG1.

Mailbox Management
Enable-Mailbox -Identity contoso\user1 -Database MailboxDatabase
This command mailbox-enables an existing Active Directory user with the domain and alias combination contoso\user1 by creating a mailbox in the mailbox database named MailboxDatabase.

Disable -Mailbox -Identity user1
This command mailbox-disables the user with the alias user1 by removing its associated mailbox.

Set-Mailbox -Identity user1 -alias user2
This command modifies a mailbox by changing the existing alias user1 to user2.

Get-Mailbox | Export-Mailbox –PSTFolderPath C:\PSTFiles
This command retrieves all mailbox users and exports their mailboxes to .pst files. The .pst files are stored in C:\PSTFiles.

Note:
You can export mailbox data to .pst files by using the Export-Mailbox cmdlet only in Exchange 2010 SP1 and later versions.

Import-Mailbox john@contoso.com -PSTFolderPath C:\PSTFiles\john.pst
This command imports the mailbox data for the user john@contoso.com from the .pst file c:\PSTFiles\john.pst.

Note:
The Import-Mailbox cmdlet is available only in Exchange 2010 SP1 and later versions.

Get-Mailbox | Format-Table alias, *quota
This command retrieves all mailbox users and formats the output to include the alias of the mailbox and the mailbox quotas.

Get-Mailbox -Database MailboxDatabase
This command retrieves a summary list of all mailboxes in the mailbox database named MailboxDatabase.

Get-Mailbox -server Server
This command retrieves a summary list of all mailboxes on the server named Server.

Get-MailboxStatistics -Database MailboxDatabase
This command retrieves the mailbox statistics for all mailboxes that are located in the mailbox database named MailboxDatabase.

Get-MailboxStatistics -Server Server
This command retrieves the mailbox statistics for all mailboxes that are located on the server named Server.

Move-Mailbox -Identity user1 -TargetDatabase Server\MailboxDatabase
This command moves the mailbox associated with the alias user1 to the server named Server. The mailbox is moved to the mailbox database named MailboxDatabase.

Customizable Mailbox Quota Messages
New-SystemMessage -QuotaMessageType ProhibitSendMailbox -Text "Prohibit Send Mailbox Quota Message Text" -Language En
This command creates a new customized quota message for the ProhibitSendMailbox quota message type. The text "Prohibit Send Mailbox Quota Message Text" is displayed in English, as specified by the locale code En. The valid values for the QuotaMessageType parameter are WarningMailboxUnlimitedSize and WarningPublicFolder.

Set-SystemMessage En\ProhibitSendMailbox -Text "New Prohibit Send Mailbox Quota Message Text"
This command modifies the existing customized quota message for the ProhibitSendMailbox quota message type that is displayed in English, as specified by the locale code En. The new text is "New Prohibit Send Mailbox Quota Message Text".

Get-SystemMessage En\ProhibitSendMailbox
This command retrieves the existing customized quota message for the ProhibitSendMailbox quota message type that is displayed in English, as specified by the locale code En.

Remove-SystemMessage En\ProhibitSendMailbox
This command removes the existing customized quota message for the ProhibitSendMailbox quota message type that is displayed in English, as specified by the locale code En.

Recipient
Get-Recipient -RecipientType MailboxUser
This command retrieves a summary list of all recipients that match the RecipientType MailboxUser. The RecipientType parameter accepts the following values: User | MailboxUser | MailEnabledUser | Contact | MailEnabledContact | Group | MailEnabledUniversalDistributionGroup | MailEnabledUniversalSecurityGroup | MailEnabledNonUniversalGroup | DynamicDL | PublicFolder | PublicDatabase | SystemAttendantMailbox | SystemMailbox | MicrosoftExchange.

Get-Recipient -Anr “user”
This command retrieves a summary list of all recipients that contain the string “user” in the mailbox name. The Anr parameter indicates that the argument will be resolved by using ambiguous name resolution (ANR).

Get-Recipient -ResultSize 100
This command retrieves a summary list of recipients and returns only the first 100 recipients.

Unified Messaging
Get-UMMailbox
This command retrieves a summary list of all Unified Message (UM)-enabled recipients.

Get-UMMailbox -Identity user1 | Format-List
This command retrieves the detailed configuration of the UM mailbox that is associated with the alias user1.

Set-UMMailbox -Identity user1 -UMEnabled $True
This command modifies the UM mailbox associated with the alias user1 by changing the value of the UMEnabled parameter to $True.

User
Enable-MailUser -Identity contoso\user2 -ExternalEmailAddress user2@northwindtraders.com
This command mail-enables the Active Directory user contoso\user2 with an external address user2@northwindtraders.com. With this cmdlet, a default primary SMTP e-mail address user2@contoso.com is also created.

Disable-MailUser -Identity user2
This command mail-disables the Active Directory mail-enabled user user2.

Set-MailUser -Identity user2 -ExternalEmailAddress user2@research.northwindtraders.com
This command modifies the Active Directory mail-enabled user user2 by changing its external e-mail address to user@research.northwindtraders.com

Storage - Database Management
New-MailboxDatabase -Name MailboxDatabase -StorageGroup StorageGroup
This command creates a new mailbox database named MailboxDatabase in the storage group StorageGroup.

Set-MailboxDatabase -Identity MailboxDatabase -IssueWarningQuota 500MB
This command modifies the mailbox database MailboxDatabase by changing its mailbox warning quota limit to 500MB.

Get-MailboxDatabase -StorageGroup StorageGroup
This command retrieves a summary list of all mailbox databases in the storage group named StorageGroup.

Get-MailboxDatabase -Server Server
This command retrieves a summary list of all mailbox databases in the server named Server.

Mount-Database -Identity MailboxDatabase
This command mounts the existing mailbox database named MailboxDatabase.

Dismount-Database -Identity MailboxDatabase
This command dismounts the existing mailbox database named MailboxDatabase.

Enable-DatabaseCopy -Identity MailboxDatabase
This command enables local continuous backup for the mailbox database named MailboxDatabase.

Storage Group Management
New-StorageGroup -Name StorageGroup -Server server1
This command creates a new storage group named StorageGroup on the server named server1.

Set-StorageGroup -Identity StorageGroup -Name "Research Storage Group"
This command modifies the storage group named StorageGroup by changing its display name to "Research Storage Group".

Enable-StorageGroupCopy -Identity StorageGroup
This command enables local continuous backup on storage group named StorageGroup.

Note: You must first enable local continuous backup by using the Enable-DatabaseCopy cmdlet for each database in the storage group on which you want to enable local continuous backup.

Disable-StorageGroupCopy -Identity StorageGroup
This command disables the continuous backup of storage group named StorageGroup.

Connectors and Delivery
New-SendConnector -Name SendConnector -AddressSpaces contoso.com
This command creates a new Internet Send connector named SendConnector. The associated address space for the Send connector is contoso.com.

Set-SendConnector -Identity SendConnector -AddressSpaces northwindtraders.com
This command modifies the Send connector named SendConnector by changing its address spaces to northwindtraders.com.

New-ReceiveConnector -Name ReceiveConnector -RemoteIpRanges 10.149.0.1-10.151.0.1 -Bindings 0.0.0.0:25
This command creates a new Receive connector named ReceiveConnector. The associated remote IP range is 10.149.0.1 to 10.151.0.1. By setting the Bindings parameter to 0.0.0.0:25, you instruct the server to listen for connections on all locally configured IP addresses on port 25.

Set-ReceiveConnector -Identity ReceiveConnector -MaxMessageSize 20MB
This command modifies the Receive connector ReceiveConnector by changing the value of the MaxMessageSize parameter to 20MB.

Queues
Suspend-Queue -Identity Server\Queue
This command stops all messages in queue Server\Queue from being delivered.

Resume-Queue -Identity Server\Queue
This command allows the suspended queue Server\Queue to resume delivery of messages.

Get-Message -Identity Server\Queue\Message
This command retrieves the specific message Server\Queue\Message.

Suspend-Message -Identity Server\Queue\Message
This command stops the message Server\Queue\Message in a queue from being delivered.

Get-Queue | Freeze-Queue
This command freezes all queues on the local server.

Resume-Message -Identity Server\Queue\Message
This command allows the suspended message Server\Queue\Message in a queue to be delivered.

Delete-Message -Identity Server\Queue\Message
This command deletes the specified message Server\Queue\Message.

Export-Message -Identity Server\Queue\Message -Path FilePath
This command exports the specified message Server\Queue\Message to FilePath.

Note: Before you can export a message, you must first suspend it by using the Suspend-Message cmdlet.

Address Rewriting
New-AddressRewriteEntry -Name RewriteEntryName -InternalAddress david@contoso.com -ExternalAddress support@contoso.com
This command creates a new address rewrite entry for the internal e-mail address david@contoso.com. All e-mail messages sent from david@contoso.com are rewritten to support@contoso.com, and all inbound messages to support@contoso.com are rewritten to david@contoso.com.

Set-AddressRewriteEntry -Identity RewriteEntryName -InternalAddress chris@contoso.com
This command modifies the existing address rewrite entry RewriteEntryName by changing the value of the InternalAddress parameter to chris@contoso.com.

Anti-Spam
Set-RecipientFilterConfig -BlockedRecipients info@contoso.com, corp@contoso.com
This command modifies the recipient filtering configuration by adding the blocked recipients info@contoso.com and corp@contoso.com.

Set-SenderFilterConfig -BlockedSenders badsender@northwindtraders.com
This command modifies the sender filtering configuration for spam by adding a blocked sender badsender@northwindtraders.com.

Add-ContentFilterPhrase -Phrase “spam” -Influence BadWord
This command adds the phrase “spam” to the content filter by setting its Influence parameter to BadWord. The Influence parameter accepts the values BadWord and GoodWord.

Add-IPAllowListEntry -IpRange 127.1.0.0
This command adds the IP address 127.1.0.0 to the IP Allow list. The IP mask defaults to 255.255.255.255 because it is not specified.

Add-IPAllowListEntry -IpRange “127.1.0.0(255.255.0.0)”
This command adds the IP address 127.1.0.0 to the IP Allow list, which has a specified IP mask of 255.255.0.0.

Add-IPAllowListEntry -IpRange 127.1.0.0-127.1.255.255
This command adds an allowed range of IP addresses. In this case, the IP range is between 127.1.0.0 and 127.1.255.255.

Add-IPBlockListEntry -IpRange 127.2.0.1
This command adds the IP address 127.2.0.1 to the IP Block list. In this case, the IP mask defaults to 255.255.255.255 because it is not specified.

Test-IPAllowListProvider -Identity AllowListProvider -IPAddress 127.1.0.0
This command tests a specified IP address 127.1.0.0 to see whether it is listed as an allowed IP address with the IP Allow List provider IPAllowListProvider.

Add-IPAllowListProvider -Name Provider1 -LookupDomain www.contoso.com -IPAddressesMatch 127.1.0.0
This command adds an IP Allow List provider called Provider1, which is used to verify which IP addresses are allowed. The associated lookup domain is www.contoso.com, and the IP address that must match the result returned by the IP Allow List provider is 127.1.0.0.

Add-IPBlockListProvider -Name Provider2 -LookupDomain www.contoso.com -IPAddressesMatch 127.2.0.1
This command adds an IP Block List provider named Provider2, which is used to verify which IP addresses should be blocked. The associated lookup domain is www.contoso.com, and the IP address that must match the result returned by the IP Block List provider is 127.2.0.1.

Get-SenderIdConfig
This command retrieves the Sender ID configuration settings.

Add-AttachmentFilterEntry -Name image/jpeg -Type ContentType
This command adds an attachment filter entry that is used to block all JPEG attachments, based on the attachment's content type image/jpeg, regardless of the file name.

Add-AttachmentFilterEntry -Name *.EXE -Type FileName
This command adds an attachment file entry that is used to block all attachments that have the file name extension *.EXE.

Remove-AttachmentFilterEntry ContentType:image/jpeg
This command removes an attachment filter entry that is used to filter JPEG attachments based on the attachment's content type image/jpeg.

Remove-AttachmentFilterEntry FileName:*.EXE
This command removes an attachment filter entry that is used to filter all attachments that have the file name extension *.EXE.

Set-AttachmentFilterListConfig -RejectResponse "The attachment you included in your e-mail message was not allowed." -Action Reject
This command configures the Attachment Filter agent to reject all messages that contain filtered attachments. Both the attachment and e-mail message are blocked, and the configured text is used in the message body of the non-delivery report (NDR) that is sent to senders whose messages contain an attachment that is blocked. Available actions are Reject, Strip and SilentDelete.

Customizable Delivery Status Notification (DSN) Messages
New-SystemMessage -DsnCode 5.7.0 -Text "DSN Message Text" -Internal $False -Language En
This command creates a new customized DSN message for the DSN code 5.7.0. The text of the DSN message is "DSN Message Text", the language the message is displayed in is English, specified by the locale code En, and the DSN message is sent to both internal and external senders.

Set-SystemMessage -Identity En\External\5.7.0 -Text "New DSN Message Text"
This command modifies the existing customized DSN message for the DSN code 5.7.0. The identity consists of the language, specified by the locale code En, whether the DSN message scope is internal or external, and the DSN code En\External\5.7.0. The text of the DSN message is changed to "New DSN Message Text".

Get-SystemMessage -Identity En\External\5.7.0
This command retrieves the existing customized DSN message for the DSN code 5.7.0 by using the identity En\External\5.7.0.

Get-SystemMessage -Original $True
This command retrieves a list of all built-in DSN messages.

Remove-SystemMessage -Identity En\External\5.7.0
This command removes the existing customized DSN message for the DSN code 5.7.0 by using the identity En\External\5.7.0.

Hub Transport Rules
$Condition = Get-TransportRulePredicate BetweenMemberOf

$Condition.Addresses = (Get-DistributionGroup "Group1")

$Condition.Addreses2 = (Get-DistributionGroup "Group2")

$Action = Get-TransportRuleAction RejectMessage

$Action.RejectReason = "RejectText"

New-TransportRule -Name "RuleName" -Condition @($Condition) -Action @($Action)
This command creates the transport rule RuleName on a Hub Transport server. The rule rejects all messages sent between the Group1 and Group2 distribution groups. A NDR is sent to the sender of the messages that have the text RejectText.

Get-TransportRule -Identity RuleName | Format-List
This command retrieves the detailed configuration of the transport rule RuleName.

(Get-TransportRule -Identity RuleName).Conditions | Format-List
This command retrieves a list of conditions and their values that are configured on the transport rule RuleName.

(Get-TransportRule -Identity RuleName).Exceptions | Format-List
This command retrieves a list of exceptions and their values that are configured on the transport rule RuleName.

(Get-TransportRule -Identity RuleName).Actions | Format-List
This command retrieves a list of actions and their values that are configured on the transport rule RuleName.

Remove-TransportRule -Identity RuleName
This command removes the transport rule RuleName.

Journal Rules
New-JournalRule -Name "JournalRuleName" -Recipient MailboxToJournal@contoso.com -JournalEmailAddress "Journal Reports" -Scope Global
This command creates the journal rule JournalRuleName. Copies of all e-mail messages set to and from MailboxToJournal@contoso.com are sent to the mailbox Journal Reports as attachments within journal message envelope. The journal rule is enabled upon creation. Valid values for the Scope parameter are Internal, External, and Global.

Set-JournalRule -Identity JournalRuleName -Recipient DistributionGroupToJournal@contoso.com
This command modifies the journal rule JournalRuleName by setting the value of the Recipient parameter to DistributionGroupToJournal@contoso.com.

Set-TransportConfig -JournalingReportNdrTo AltJournalReports@contoso.com
This command configures Exchange to redirect journal reports to AltJournalReports@contoso.com if the primary journaling mailbox is temporarily unavailable.

Servers
Get-ExchangeServer
This command retrieves a summary list of all existing servers.

Get-ExchangeServer -Domain contoso.com
This command retrieves a summary list of all servers in the domain contoso.com.

Get-ExchangeServer -Status
This command retrieves a summary list of all existing servers and forces a call to update the server's current status. Without the Status parameter, some fields that change in real-time are not populated.

Different type of TLS setup in Exchange Server 2007

Exchange Server 2010 provides administrative functionality and other enhancements that improve the overall management of Transport Layer Security (TLS). As you work with this functionality, you should understand some TLS-related features and functionality. Some terms and concepts apply to more than one TLS-related feature. In this topic, the brief explanation of each feature is intended to help you understand some differences and general terminology related to TLS and the Domain Security feature set.

Transport Layer Security TLS is a standard protocol that is used to provide secure Web communications on the Internet or intranets. It enables clients to authenticate servers or, optionally, servers to authenticate clients. It also provides a secure channel by encrypting communications. TLS is the latest version of the Secure Sockets Layer (SSL) protocol.

Mutual TLS TLS with mutual authentication differs from TLS as TLS is usually deployed. Typically, when TLS is deployed, it is used only to provide confidentiality in the form of encryption. No authentication occurs between the sender and receiver. In addition to this kind of deployment, sometimes when TLS is deployed, only the receiving server is authenticated. This deployment of TLS is typical of the HTTP implementation of TLS. This implementation, where only the receiving server is authenticated, is SSL.
With mutual TLS authentication, each server verifies the identity of the other server by validating a certificate that is provided by that other server. In this scenario, where messages are received from external domains over verified connections in an Exchange 2010 environment, Microsoft Office Outlook 2007 will display a Domain Secured icon.

Domain Security Domain Security is the set of features, such as certificate management, connector functionality, and Outlook client behavior that enables mutual TLS as a manageable and useful technology.

Opportunistic TLS In earlier versions of Exchange Server, you had to configure TLS manually. In addition, you had to install a valid certificate, suitable for TLS usage, on the server running Exchange Server. In Exchange 2010, Setup creates a self-signed certificate. By default, TLS is enabled. This enables any sending system to encrypt the inbound Simple Mail Transfer Protocol (SMTP) session to Microsoft Exchange. By default, Exchange 2010 also tries TLS for all remote connections.

Direct trust By default, all traffic between Edge Transport servers and Hub Transport servers is authenticated and encrypted. Again, the underlying mechanism for authentication and encryption is mutual TLS. Instead of using X.509 validation, Exchange 2010 uses direct trust to authenticate the certificates. Direct trust means that the presence of the certificate in the Active Directory directory service or the Active Directory Lightweight Directory Service validates the certificate. Active Directory is considered a trusted storage mechanism. When direct trust is used, it doesn't matter if the certificate is self-signed or signed by a certification authority. When you subscribe an Edge Transport server to the Exchange organization, the Edge Subscription publishes the Edge Transport server certificate in Active Directory for the Hub Transport servers to validate. The Microsoft Exchange EdgeSync service updates AD LDS with the set of Hub Transport server certificates for the Edge Transport server to validate.

New features in EMC for Exchange Server 2010

1. Diagnostic Logging ManagementDiagnostic Logging Management is back in Exchange Server 2010. A new wizard based UI now enables administrators to quickly Exchange server-related logging and logging levels. This will assist in easy instrumenting of your Exchange servers for diagnostics.
2. Outlook Web App Mailbox Policy ManagementIn Exchange Server 2010, administrators will now be able to configure and manage Outlook Web App (OWA) Mailbox feature policies completely within the EMC. Once these policies have been created (with quite a granular detail of control), they can then be assigned to mailboxes (individually or in bulk) within the organization.
3. Organizational HealthThe new Organizational Health screen in the EMC gives administrators a quick, unified view of their Exchange infrastructure. Summarized information on databases, Client Access Licenses (CALs), servers (2003, 2007 and 2010 versions of Exchange), and recipients (both by type as well as feature usage) is available here.
4. PowerShell Command LoggingPowerShell continues to be the core management platform for Exchange Server 2010. To provide visibility into what commands are being run by the EMC behind the scenes, and to also aid in learning Exchange PowerShell CmdLets, the administrator now has the ability to visualize which commands are being run in the background by the EMC. As a quick learning tool, this is a great addition that will aid administrators in rapidly scripting out advanced workflows. In Exchange Server 2007, the only place where commands were exposed was at the end of wizards. In Exchange Server 2010, administrators now have full visibility across the Console.
5. Bulk EditingTo make it easier for administrators to quickly edit multiple recipient objects in one operation, the EMC now enables Bulk Editing of mailbox objects. Prior to Exchange Server 2010, administrators would be forced to switch to scripting to perform this task. With EMC in Exchange Server 2010, this is as simple as selecting desired mailboxes, bringing up the properties dialog, and making edits as needed. Additionally, the cool new feature of PowerShell Command logging is also enabled in this scenario.
6. Certificate ManagementIn Exchange Server 2010, significant improvements have gone into managing certificates with the EMC. To name just a few enhancements: you can now assign a certificate to multiple Exchange services right within the EMC, you can specify wildcard certificates to apply to all sub-domains, you can renew both self-signed as well as 3rd party CA certificates, and so on. The EMC also allows administrators to positively identify and edit domains to be included on a certificate and identify the domain that will be used for the certificates' Common Name (CN).
7. Moving MailboxesExchange Server 2010 brings about a new set of PowerShell CmdLets to move mailboxes between databases and/or forests. The Move-Mailbox CmdLet of Exchange Server 2007 has been replaced with a set of *-MoveRequest CmdLets. As expected, the EMC also builds on top of this new CmdLet set. You can move mailboxes between databases using the New Local Move Request wizard. And, if you are connected to multiple forests in the same EMC (as described previously), you can also move mailboxes between forests using the New Remote Move Request wizard. Finally, you can monitor ongoing moves in the new Move Request child node under the Recipient Configuration node in the Left Navigation pane.
8. Receiving faxes using Exchange 2010 Unified MessagingExchange 2010 no longer creates fax messages itself but instead forwards the inbound fax calls to a dedicated partner fax solution. The partner fax solution establishes the fax call with the remote endpoint and receives the fax media on behalf of the UM-enabled user. It then sends an SMTP message, which contains the fax as a TIFF attachment, to the recipient's mailbox.
9. High AvailabilityHigh Availability is one of the core themes of Exchange Server 2010. High Availability (HA) in Exchange Server 2010 combines replication techniques and Windows Clustering to deliver a highly and continuously available Exchange infrastructure. One of the key concepts in managing HA in Exchange Server 2010 is "Database Availability Group" (DAG) - a logical container for a set of Mailbox servers that provide isolation from database, server or network failures. Associated with DAGs is the concept of DAG Networks, that can be turned on or off for creating customized continuous replication and database seeding networks. Creating and configuring DAGs as well as DAG Networks, are core scenarios made easy and seamless in the EMC.
10. ArchivingArchiving is another core theme in Exchange Server 2010. Archives deliver on a core legal compliance requirement by ensuring that your Exchange Server is in charge of all mailbox data, rather than being stored away in 3rd party backups, personal archives, PST files and such. Archiving can be turned on at a per-mailbox level either during mailbox creation or later individually or in bulk, for example, say at a department level.
11. Federation and SharingFederated sharing allows organizations to effectively collaborate beyond the traditional email exchange. Exchange Server 2010 makes it simple to share and access PIM data (free/busy, calendar and contacts) stored in Exchange with users external to your Exchange organization while maintaining customer confidence around security and control, both at an information-sharing level as well as at the TLS level. Configuring and managing this is a snap with the EMC.

Exchange 2010: Delivery Reports - More Features

Exchange 2010 provides an easy way to verify whether that very important message was delivered to every recipient with a new feature we call delivery reports.

Delivery Reports contains delivery information about messages you sent, such as:

Why didn't my message go through?
Where is my message now?
Who received my message?
And about messages you received:

Am I a member of any of the groups addressed in this message?
Why is this message in a folder and not in my inbox?
Delivery Reports can be accessed by users from Outlook Web Access or by clicking on the "Options" button and then going to "Organize E-mail".

Administrators can access Delivery Reports from the Exchange Control Panel on the "Reporting" tab, and if the Administrator has access to the Exchange Management Console, the "Toolbox" section contains a link to "Message Tracking" where they can search for Delivery Reports. The Message Tracking tool included in previous versions of Exchange has been renamed "Tracking Log Explorer".

Benefits of Exchange 2010 Unified Messaging

When you deploy Exchange 2010 Unified Messaging, your users will have access to their e-mail and voice mail, messages from either Microsoft Office Outlook 2007 or the version of Outlook Live included with Exchange 2010. Additionally, users will be able to use the following features:

Access to Exchange information To offer a seamless voice mail experience for the user, UM-enabled users can access a full set of voice mail features from Windows Mobile powered phones, Outlook 2007, and Outlook Live. These features include many voice mail configuration options and the ability to play a voice message from either the reading pane using an integrated Windows Media Player or from the message list using computer speakers.

Play on Phone The Play on Phone feature lets UM-enabled users play voice messages over a telephone. If a UM-enabled user works in an office cubicle, is using a public computer or a computer that isn't enabled for multimedia, or is listening to a voice message that's confidential, the user might not want to or be able to listen to a voice message through computer speakers. Alternatively, the user can play the voice message using any telephone, including home, office, or cellular telephones.

Voice mail form The Outlook 2007 voice mail form resembles the default e-mail form. It gives users an interface for performing actions such as playing, stopping, or pausing voice messages, playing voice messages on a telephone, and adding and editing notes.
The voice mail form includes the embedded Windows Media Player and an audio notes field. The embedded Windows Media Player and notes field are displayed in either the preview pane when users preview a voice message or in a separate window when they open the voice message. If users aren't enabled for Unified Messaging or Outlook 2007 has not been installed on the client computer, they view voice messages as e-mail attachments, and the voice mail form is not available.

User configuration A user who is enabled for Unified Messaging can configure several voice mail options for Unified Messaging using Outlook Live. For example, the user can configure telephone access numbers and the voice mail Play on Phone number, and can reset a voice mail access PIN.

Call answering Call answering includes answering an incoming call on behalf of users, playing their personal greeting, recording a message, and submitting it for delivery to their Inbox as an e-mail message.

Outlook Voice Access There are two Unified Messaging user interfaces available to UM-enabled users or subscribers: the Telephone User Interface (TUI) and the Voice User Interface (VUI). In Exchange 2010, these two interfaces together are called Outlook Voice Access. Subscribers can use Outlook Voice Access when they access the Unified Messaging system from an external or internal telephone. They can use Outlook Voice Access to access their Exchange 2010 mailbox, including their personal e-mail, voice messages, and calendar information. Users can listen to, reply to, create, and forward unread e-mail messages using the telephone.

Subscriber access The subscriber access feature enables dial-in access for your organization's users. UM-enabled users or subscribers who dial in to the Unified Messaging system can access their mailbox using Outlook Voice Access. Using a telephone, a subscriber or user can:

Access voice mail.

Listen, forward, or reply to e-mail messages.

Listen to calendar information.

Access or dial contacts who are stored in the global address list or a personal contact list.

Accept or cancel meeting requests.

Set a voice mail Out of Office message.

Set user security preferences and personal options.

Auto attendant An auto attendant is a set of voice prompts that gives external or internal users access to the Exchange 2010 Unified Messaging system. Users can use the telephone keypad or speech inputs to move through the auto attendant menu structure, place a call to a user, or locate a user and then place a call to that user. An auto attendant gives the administrator the ability to:

Create a customized menu for external users.

Define informational greetings, business hours greetings, and non-business hours greetings.

Define holiday schedules.

Describe how to search the organization's directory.

Describe how to connect to a user's extension so external callers can call users by specifying their extension.

Describe how to search the organization's directory so external callers can search the organization's directory and call a specific user.

Enable external users to call the operator.

OWA 2010 in Exchange 2010

One feature of OWA 2010 was more browsers than just IE, the minimum version of IE has increased to 7 however with the addition of Safria on Mac and Firefox 3.X achieving 99% feature partity with only the exception of S/MIME this opens up to multiple platforms. If you are a chrome fan you will still be forced into OWA light. You would not believe how many companies are still using IE6 as a baseline browser, which will force you to OWA Light.
Premium OWA with Firefox 3.X
One of my favorite items is that you now have the option to use IE7 or Firefox to view OWA premium. In Exchange 2007 you only receive the light version of OWA when using firefox but now you can see running Firefox 3.5 and will receive OWA premium
Conversation views
The new default view in OWA 2010 is conversation view, this view groups messages together in an attempt to provide an easier message grouping. One of the nice features of this the view will expose the entire flow of the conversation, as user s will be able to see messages in their sent items as part of that conversation.
Persistant inbox opening
This feature is similar to Outlook in which you can right click the mailbox and choose to open another users inbox. Even after logging of OWA the next logon this connected inbox will stay resident. I would say the only limitation here is you can only see the inbox at this time so if there are any subfolder you will not be able to see them in this view and will need to use the open other users mailbox feature.
Action Menu
When using the right reading pane a new button will appear called the action menu, when selecting this menu item a user will be presented with a number of actions they can performs on the message
The actions presented are 1. Reply 2. Reply All 3. Forward 4. Chat 5. Forward as Attachment 6. Mark as read 7. Create rule 8. Junk Email 9. Delete 10. Ignore conversation 11. Move to folder 12. Copy to folder 13. Open delivery report.
There are a number of new features on the action menu that was not available in Exchange 2007 : 1. Chat 2. Forward as Attachment 3. Ignore Conversation and 4. Delivery Report
Ignore Conversation
If you have ever been apart of the a large distribution list or email chain that you did not need to be apart of this feature can be one of your favorites. If you select the ignore conversation a rule is created in your mailbox to automatically delete any message related to this conversation.
Forward as attachment
You can finally choose to forward a message as an attachment with OWA 2010
Open Delivery report
One of the newer features that can assist users is the delivery report. This feature can allow users to validate that an email they sent or received has actually left the system, been delivered, or the message has been read.
IM Integration
Exchange 2010 has been designed to work with a number of IM products and to integrate with them allow for third parties to hook into OWA. If you are running Microsoft OCS 2007 R2 you will be able to take advantage of the IM and presence in OWA.
If you have federations with your IM system your OWA users will be able to chat with those users as well.
Archive Mailbox
Exchange 2010 has introduced an archive mailbox feature, at this time
Help About
This item may be one of the most under under used and some time controversial. In the top right on the inbox there is a question mark icon with a drop down menu. When the drop down is selected if users choose about a window will open and display all the users connection options. This feature is built to assist Admins with knowing what systems the user is connected too

Exchange 2010 Database Availability Groups - DAG

A new feature in Exchange 2010. Its name is Database Abailability Group (DAG in the future) and its called to substitute Exchange 2007 's CCR and SCR. While still using the same technology to replicate and replay database logs among servers, this new technology allows to provide database high availability to database level. It's important to say that in Exchange 2010 the concept of Storage Group disappears: Exchange just manages plain databases.

Once you create a DAG and add mailbox servers, you can configure each single database to replicate to the desired servers inside the DAG. If the server in which a database is mounted fails or an administrator swith it over to another server in the DAG, then another server in the DAG will activate and mount the database, depending on the database configuration.

In order to provide this features, Exchange 2010 relays in a new component called Active Manager. This component abstracts the availability feature from Windows Failover Cluster. Although Active Manager depends on Failover Cluster service for some networking features, it does not in the storage management features. This independency from Failover Cluster storage architecture allows to simplify Exchange servers' storage system. In order to configure DAG, Failover Cluster feature must be installed on every DAG node, and a File Share Witness external to any node in the cluster will have to be provided.

Exchange 2010 New Features

A new version of Exchange 14 obviously brings a new set of features. Here are just some of the new features:

Database Availability Groups – Database Availability Groups combine CCR and SCR functionality to provide a single solution for both scenarios. What happens here is that you install a DAG member and it behind the scenes installs Failover Clustering making the High Availability deployment more intuitive for the administrator. There was one scenario we ran into here where we had two source CCR Clusters wanting to replicate to the same target SCR Standby. The problem here is that when you recoverCMS on the SCR Standby, the replication fails with the other source CCR that was still working becuase the target SCR server can only ever have 1 CMS.DAGs fix that issue.

Outlook Web Access Features – There are quite a few new features with OWA.
1. Side-by-side comparison of calendars
2. Ability to attach messages to messages
3. Integration with Communicator including presence, chat, and a contact list
4. Conversation View
5. Support for multiple browsers such as Firefox and Safari

Unified Messaging Features – There are quite a few new features with UM.
1. Message Waiting Indicator
2. Voicemail Preview – This is essentially a speech to text that will display the text in your e-mail message to get a preview of what the voice mail includes
3. Personal auto attendants
4. Protected Voice Mail – Ability to track and restrict where voice mails can go

Store Functionality – There are a ton of new features for UM. Some important things to note:
1. No more Storage Groups
2. Mailboxes are no longer connected to the server object in which the schema has been flattened to allow for this
3. I/O Improvements including JBOD support and better support for SATA disks
4. Being able to run on cheap disks (SATA) and have a backupless organization by having multiple copies stored on DAG members.

Administration – There are a ton of additions/enhancements to administration. Some important things to note:
1. Role Based Access Control (RBAC) – Allows you to create granular permissions on custom groups that you create. This essentially replaces the administration model in Exchange 2007. For example, if you want a help desk group that has access to specific pieces of functionality within Exchange, you can do so.
2. Exchange Control Panel – Ties into RBAC and shows/hides features you are not given access to.
3. Audit Logging

Other1. Multi-Mailbox Search
2. Text Messaging Integration (SMS)
3. Moderation and approval of distribution group submissions
4 .Mail Tips – Will notify an Outlook user of an impeding error before it happens so the user doesn’t get a confusing NDR. For example, if your message size limit is 10MB and the user tries sending a 15MB message, Outlook will notify the user before the user tries to send out the e-mail saving Exchange resources and making the failure experience more intuitive for the end user.