Office Communicator 2007 R2 Integration Error With Outlook

Two weeks ago, I completely rebuild the Office Communications Server (OCS) 2007 to the R2 version. Since it was only being used as a pilot for 150 users, I deleted everything and started from scratch.

Everything went ok (except for some minor problems with the certificates) except two users that were getting the following error on communicator:

There was a problem connecting to Microsoft Office Outlook. Your Outlook profile is not configured correctly. Contact your system administrator with this information.

Everything was working fine, video conferencing, global address list lookup, everything! Except for this error that just wouldn’t disappear…

On one of the users, the error disappeared a couple hours after he deleted and recreated his Outlook profile. Fair enough since it’s an integration issue with the Outlook profile and we are running on Offline Mode. But I wanted to see if there was another way of getting rid of the error.

So, I went to my HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles and I had a REG_SZ called DefaulProfile with the value Outlook, my default profile.
I went to the user’s machine and she didn’t have such a key! Like me, she only had one Outlook profile, so I don’t understand why she didn’t have that key.

Bottom line, I created that key with her default Outlook profile name and it’s working perfectly now!

Some people also suggest running fixmapi but I never tried so don’t know if that would also fix the problem.


Hope this helps!

Exchange Server 2007 SP2 available in Q3 2009

With Exchange Server 2010 expected to be available in the second half of 2009, the SP2 for Exchange Server 2007 is slated for release in the third quarter of 2009.

Customer Benefits

Key new features of Exchange Server 2007 SP2 unveiled today include:

Enhanced Auditing - New Exchange auditing events and audit log repository enable Exchange administrators to more easily audit the activities occurring on their Exchange servers. It allows the right balance of granularity, performance, and easy access to audited events via a dedicated audit log repository. This simplifies the auditing process and makes review of audited events easier by segregating audited events in a dedicated location.

Exchange Volume Snapshot Backup Functionality - A new backup plug-in has been added to the product that will enable customers to create Exchange backups when a backup is invoked through the Windows Server 2008 Backup tool. Exchange Server 2007 didn't have this capability on Windows Server 2008 and additional solutions were required to perform this task.

Dynamic Active Directory Schema Update and Validation - The dynamic AD schema update and validation feature allows for future schema updates to be dynamic deployed as well as proactively preventing conflicts whenever a new property is added to the AD schema. Once this capability is deployed it will enable easier management of future schema updates and will prevent support issues when adding properties that don't exist in the AD schema.

Public Folder Quota Management - SP2 enables a consistent way to manage quotas by improving the current PowerShell cmdlets to perform quota management tasks.

Centralized Organizational Settings - SP2 introduces new PowerShell option that enable centralized management of many of the Exchange organization settings.
Named Properties cmdlets - SP2 enables Exchange administrators to monitor their named property usage per database.

New User Interface for Managing Diagnostic Logging - SP2 enables Exchange administrators to easily configure and manage diagnostic logging from within the Exchange Management Console.

Let's see what else they will include...

Sender Policy Framework (SPF) Records

To configure Sender ID Filtering, you must first understand the Sender Policy Framework (SPF) records.

SPF records allows software to identify messages that are or are not authorized to use the domain name in the SMTP HELO and MAIL FROM commands, based on information published in a sender policy of the domain owner. Forged return paths are common in e-mail spam. SPF is defined in RFC 4408.

SPF records work with sender ID filtering to stop malicious e-mails. The SPF record is a piece of information on the DNS servers that is required by sender ID filtering to determine whether the e-mail message was sent by an authorized server for the specified domain. In simple terms, an SPF record is a listing of authorized SMTP servers for a particular domain or set of domains in the DNS database.

Publishing an SPF record in the public DNS allows the recipient SMTP servers to perform a reverse MAIL Exchanger (MX) lookup by cross-referencing the IP addresses of the authorized SMTP servers against that organization’s DNS entry for their domain.


SPF records can be in different formats. Here are a few examples:

letsexchange.com IN TXT “v=spf1 mx –all”
This indicates that all servers identified by an MX record for the letsexchange.com domain are allowed to send e-mails for that domain.

v=spf1 mx ip4:192.168.10.10 –all
This SPF record indicates that server 192.168.10.10 identified by an MX record is allowed to send e-mails from my domain.

MAIL IN TXT “v=spf1 a –all”
This one indicates that server MAIL is allowed to send e-mails for my domain.

letsexchange.com IN TXT “v=spf1 ip4:192.168.10.10 –all
This SPF record indicates that a server with the IP address 192.168.10.10 is allowed to send e-mails for the letsexchange.com domain.

v=spf1 mx mx:mail1.letsexchange.com mx:mail2.letsexchange.com –all
Where:
v=spf1 designates that this is an SPF record and it is version 1.
mx mx:mail1.letsexchange.com mx:mail2.letsexchange.com signifies that mail1, mail2 and mail3 are authorized to send and receive e-mails for letsexchange.com domain
-all designates that no one besides the IP addresses in letsexchange.com’s MX records are authorized to send e-mails.


Creating an SPF Record
To create SPF records, you can use Microsoft’s four-step wizard. If you want to use the advanced features of SPF format, you may need to manually edit the SPF record created by this wizard (in this example, letsexchange.com).

1. The wizard is found online at: http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/;

2. At Identify Your Domain, enter the domain name for which you want to create a new SPF record and click Start;

3. At Display Published DNS Records, you’ll see that the wizard checked the DNS for information about your domain, including existing SPF, MX and A records;

4. If an SPF record was found, you can verify its contents and use the remaining steps of the wizard to modify the record. If no SPF record was found, you can use information from the domain’s MX and A records to create a new SPF record. Click Next;

5. At Create SPF Record, the wizard prompts you to choose proper options to create SPF records. This step is divided into different sections. Your choices are:

Domain Not Used for Sending E-Mail
Check this option if this domain is not used for sending outbound e-mail.

Inbound Mail Servers Send Outbound Mail
If your inbound mail servers are also used to send outbound mail, you should add this option to your new SPF record.

Outbound Mail Server Addresses
If all the IP addresses listed in A records for your domain in DNS are outbound mail servers, you should include this option in your new SPF record.

Reverse DNS Lookup
Check this box if all the reverse DNS records (PTR records) for your domain resolve to outbound e-mail servers.

Outsourced Domains
Choose this option if domain’s outbound e-mail is routed through another domain.

Direct Mailing Status
If your domain only sends mail directly to its intended recipients (it does not send mail to mailing lists), you should add this attribute to the SPF record.

Policy Testing Status
If you wish to publish the SPF record in a “testing” mode where it can be read by others servers but its policies will not be implemented, select this option.

Default
Does your domain send e-mail from any IP addresses that are not identified in the above sections? Choose appropriate settings for your environment.

Scope
What e-mail identities can this SPF record used to validate. Choose appropriate settings for your environment.


6. Click Next;

7. At Generate SPF Record, the wizard will provide you with the generated SPF records.



For more information please go to:
- SPF Record Syntax: http://www.openspf.org/SPF_Record_Syntax
- WikiPedia: http://en.wikipedia.org/wiki/Sender_Policy_Framework

Subscribe/Unsubscribe from Distribution Groups

Finally we can create Distribution Groups (DG) which users can subscribe and/or unsubscribe from by themselves! Don’t know why this option wasn’t made available in Exchange 2007, but anyway... It is here!


If we go to the Properties of a DG (obviously this option is not available for a Dynamic DG), there’s a new tab, Membership Approval. Here we can configure how membership requests should be handled:

Choose whether owner approval is required to join the group
· Open: allows users to join this DG without the approval of the DG owners;
· Closed: allows only DG owners to add members. Requests to join will be rejected automatically;
· Owner approval: allows users to request membership on this DG. Requests to join must be approved by a DG owner before the user can join.

Choose whether the group is open to leave
· Open: allows users to leave the DG without the approval of the DG owners;
· Closed: allows only DG owners the ability to remove members from it. Requests to leave will be rejected automatically.

But that’s not all! On the Mail Flow Settings tab, we now have a Message Moderation option. Here we can configure whether messages sent to this DG must be approved by a moderator before they are delivered to its members.

In the Message Moderation dialog box, select the Messages sent to this group have to be approved by a moderator check box to require all messages sent to the DG to be approved by a moderator.

In the Specify group moderators list, click Add to select the recipients you want to add as moderators of the distribution group.

In the Specify senders who don't require message approval list, click Add to select the recipients you want to add who do not require message approval to send to the DG.




But how can users subscribe/unsubscribe from a DG? Since Outlook 2010 is not here yet and this functionality can’t be used with Outlook 2007, let me show you in the new version of Outlook Web Access (OWA).

In OWA, if you go to Options and then Groups you get the Public Groups I Belong To list. Here’s where we can subscribe/unsubscribe ourselves from a DG.

To join a group just click Join... and select the DG you wish to join:




To leave just click on Leave:



If you ask me, this functionality is more than welcome and should be added a long time ago. Nonetheless, thank you Exchange Team guys!