Here is a link to the re-released update:
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=26910
Regards
NeilC
An interesting read from the General Manager of the Exchange Team at MS:
The Exchange Sustained Engineering team recently made the decision to recall the June 22, 2011 release of Exchange 2010 SP1 Rollup 4. This was not an action we took lightly and we understand how disruptive this was to customers. We would like to provide you with some details that will give you a deeper understanding of what actually happened and, more importantly, what improvements we are making to prevent this in the future.
Q: What actually triggered the recall?
A: While fixing a bug that prevented deleted public folders from being recovered, we exposed an untested set of conditions with the Outlook client. When moving or copying a folder, Outlook passes a flag on a remote procedure call that instructs the Information Store to open deleted items which haven’t been purged. Our fix inadvertently caused the RPC to skip all content that wasn’t marked for deletion because we were not expecting this flag on the call from Outlook on the copy and move operations.
Q: Why didn’t you test this scenario?
A: The short answer is we thought we did. We didn’t realize we missed a key interaction between Exchange and Outlook. The Exchange team has well over 100,000 automated tests that we use to validate our product before we ship it. With the richness and number of scenarios and behaviors that Exchange supports, automated testing is the only scalable solution. We execute these tests in varying scenarios and conditions repeatedly before we release the software to our customers. We also supplement these tests with manual validation where necessary. The downside of our tests is that they primarily exercise the interfaces we expose and are designed around our specifications. They do test positive and negative conditions to catch unexpected behavior and we did execute numerous folder copy and move tests against the modified code which all passed. What we did not realize is that our tests were not emulating the procedure call as executed by Outlook.
Q: Exchange has been around a while, why did this happen now?
A: In Exchange 2010 we introduced a feature called RPC Client Access. This functionality is responsible for serving as the MAPI endpoint for Outlook clients. It allowed us to abstract client connections away from the Information Store (on Mailbox servers) and cause all Outlook clients to connect to the RPC Client Access service.
As part of our investigation, we discovered that there was some specific code added to the Exchange 2003 Information Store to handle the procedure call from Outlook using the extra flag. This code was also carried forward into Exchange 2007. But when the Exchange team added the RPC Client Access service to Exchange 2010, that code was not incorporated into the RPC Client Access service because it was mistakenly believed to be legacy Outlook behavior that was no longer required. That, unfortunately, turned out not to be the case. The fact that we were not allowing a deleted public folder to be recovered was masking this new bug completely.
Q: Are there other similar issues lurking in RPC Client Access?
A: We do not believe so. The RPC Client Access functionality has been well-tested at scale and proven to be reliable for the millions of mailboxes hosted in on-premises deployment and in our own Office 365 and Live@EDU services.
Q: What are you doing to prevent similar things from happening in the future?
A: We have conducted a top-to-bottom review of the process we use to triage, develop and validate changes for Rollups and Service Packs and are making several improvements. We have changed the way we evaluate a customer requested fix to ensure that we more accurately identify the risk and usage scenarios that must be validated for a given fix. Recognizing the diversity of clients used to connect to Exchange, we are increasing our client driven test coverage to broaden the usage patterns validated prior to release. Most notably, we are working even closer with our counterparts in Outlook to use their automated test coverage against each of our releases as well. We are also looking to increase coverage for other clients as well.
General Manager
Exchange Customer Experience
Microsoft have released a new CU for Lync Server and client as of July 23rd 2011.
Links as per below:
Server: http://support.microsoft.com/kb/2571546
Client: http://support.microsoft.com/kb/2571543
Good luck
NeilC
The first public beta of Operations Manager has been released to the internet, it can be downloaded from the following link.
http://www.microsoft.com/download/en/details.aspx?id=26804
System Center Operations Manager 2012 provides the monitoring component of cloud and datacenter solutions, to help you manage your datacenter and cloud environments by:
Feature Summary
Ran into this issue when launching Outlook 2010 after a USMT migration.
Cannot open your default e-mail folders. The attempt to logon to Microsoft Exchange has failed.
The scenario is a Windows XP SP3 with Office 2003, to Windows 7 SP1 with Office 2010 RTM migration.
User State Migration Toolkit (USMT) 4.0 was used to copy the profile, this included the USMT update to support Office 2010 which can be downloaded here http://support.microsoft.com/kb/2023591
The profile and user settings had migrated successfully, however it appeared that the Outlook profile didn’t migrate.
This is a known issue and an Outlook hotfix is available from Microsoft at the following location.
http://support.microsoft.com/kb/2405793
Once the hotfix is installed the profile opens fine, and all settings are migrated.
This hotfix can be added directly into the task sequence, or into the Office package.
To add into the Office package extract the fix into the updates folder using the following command.
outlook2010-kb2405793-fullfile-x86-glb.exe /extract:c:\<extractiondirectory>
Then copy the two files into the updates folder of the Office 2010 installation sources files
Once you deploy Office 2010 from the updated media, the update will be slipstreamed into the install.
John Riseam
System Center Consultant
Risual Ltd
Had an issue at a customer whereby the AA would not forward key mappings to an extension number although it would work if you browsed the directory on the AA and entered it there… annoying.
Found this really useful blog which saved me some valuable time so thought I would re-blog it.
Thanks
NeilC
I have come across a number of issues recently where when installing Lync or Exchange on a virtual server it has continually prompted for restarts.
In Lync this has always been at the point that the SQL database is installed for SE; it usually restarts then picks up the install and continues but in this instance it would restart and after several minutes request another restart and so it goes on.
In Exchange it occurred as part of the readiness checks; it would report an outstanding restart was required, irrespective of how many times the server was rebooted.
The issue seems to be caused by the ‘PendingFileRenameOperations’ registry key.
Normally this field would be cleared down on restart but this wasn’t happening.
The fix?
Browse: HKLM>System>CurrentControlSet001>SessionManager
and delete the entries in the ‘PendFileRenameOperations’
Good luck
NeilC
I had the following scenario, Windows 7 Enterprise deployment enabling BitLocker with TPM and PIN and Dell Latitude laptop hardware.
The companies business requirement was to encrypt laptops, the cost of this could be reduced by implementing Windows 7 Enterprise edition.
The following is a high level list of the components that need to be in-place
The schema changes for BitLocker are part of the Windows 2008 R2 schema update so if a company is moving or has moved this can be rolled into a change. A Microsoft article that explains this in depth can be found at http://technet.microsoft.com/en-us/library/dd875533(WS.10).aspx
To verify or query that the schema changes exist in an environment, use ADSIEDIT, connect to the schema and check for the following entries.
Group policy needs to be set if you want recovery keys to be stored in Active Directory, this can also configure things such as minimum PIN length.
The BitLocker Recovery Password Viewer can be enabled as a feature in Windows 2008 R2, it has to be installed on a domain controller if you want to enable the feature in Windows 7 with RSAT installed.
Once this is in place, I would recommend testing the encryption manually and checking to see if the decryption keys are being written in AD. On the tested machine, export the registry from the following location. (This will be required later as part of the deployment process.)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE
With TPM ready laptops, the BIOS will show a TPM chip as disabled and its usually a two step process to enable this. First switch TPM on and reboot and secondly, activate. To automate this in the task sequence some manufacturers allow setting the BIOS via a script or executable. Dell are no different and after lots of trials using different methods (they have a few,) I followed the Dell best practice document listed in the following link.
Best Practices for Remote TPM Enablement for Dell Business Client Systems
Once you have downloaded the Dell Client Configuration Toolkit and created the task sequence using the .xml template supplied, you should be ready to copy this into an existing deployment task sequence. I had issues with the default task sequence conditions, I’m not sure if its the template but I changed the single quotes to double quotes in the WMI command and removed some of the model types to reduce complexity.
After the BIOS is set in either the WinPE or Windows Phase, we need to set the task sequence to create a boot partition. This can either be done prior if you want the boot volume at the beginning of the disk, or after, using the following command.
bdehdcfg.exe -target default –quiet
The preferred method is to set a task sequence to partition the disk in the PreInstall phase. I created two “Format and Partition” tasks. One Operating System partition and one 300mb BDE partition where the boot and system files would reside. Add the same conditioning to the task sequence as you would to the TPM BIOS and Activation parts. This could be a simple laptop query or model specific WMI.
Then in the Apply Operating System Image task, specify the partition using the variable that the WIM will be installed onto.
In the MDTIntegrated task sequence a Bitlocker task is present, however it is limited slightly in that it only has the following options.
The defaults are great once enabled, but we need another task to add a default PIN that users enter when the machine boots.
The following tasks were put together in a task sequence
The Enable Bitlocker encrypts the current Operating System drive and stores the recovery keys in AD. The BitLocker Config task adds the exported registry information from earlier which allow the pin to be added, the PIN was then added using the manage-bde task below.
%SYSTEMROOT%\system32\manage-bde.exe -protectors -add %systemdrive% -tp 123456789
John Riseam
System Center Consultant
Risual Ltd
