the latest and greatest on exchange · 2 create inbox rule in office 365 mailbox better inbox...

10TH ANNUAL CONFERENCE ABOUT MODERN IT TECHNOLOGIES

THE LATEST AND GREATEST

ON EXCHANGE


Thank you Sponsors #ThriveITconf

Silver

Evening event sponsor

Material

Media

http://www.racunalniske-novice.com/


Agenda

• What’s new in• Exchange 2016 & Exchange 2019

• Exchange Online


What‘s new in Exchange Server 2016

On-Premises Support for REST API• Requires a Hybrid deployment

Improvements in Outlook on the web (OWA)• S/Mime Control for OWA (SHA-2 compliant)

• Various GUI improvements (z.B. Look-and-feel, etc.)

AutoReseed supports BitLocker• EPA recommends BitLocker on drives with Exchange databases

• Set-DatabaseAvailabilityGroup <Name> -AutoDagBitLockerEnabled $true

DAG Improvements• Set-DatabaseAvailabilityGroup –FileSystem NTFS/ReFS

• Set-DatabaseAvailabilityGroup –PreferenceMoveFrequency (default: 1 hour)

Exchange 2016 CU6

- Enhanced support for TLS (i.e., TLS 1.2)

- Original folder item recovery

- A copy of the E-mail that is sent as „SendonBehalf“ or „SendAs“ can be added to the send items of the delegated mailbox.

Exchange 2016 CU7

- Requires Schema extension

- Forest Level Requirement: Windows 2008 R2

Exchange 2016 CU8

- Support for .NET framework 4.7.1

- Hybrid Modern Authentication

- CUs does not overwrite custom settings (e.g., web.config)

Exchange 2016 CU11

- Support for Exchange 2019

Exchange 2016 CU12

- Fix: Exchange Web Services Push Notifications can be used to gain unauthorized access

- Reducing permissions required to run Exchange Server using Shared Permissions Model

Exchange 2016 CU13

- Security update: ADV190018 | Microsoft Exchange Server Defense in Depth Update

Exchange 2016 CU14

- New daylight saving time (DST) updates

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190018


Exchange Server 2019


Secure, proven architecture Performance and manageability Delighting End Users

Exchange Server 2019 Vision


Secure, proven architecture Performance and manageability Delighting End Users

Exchange Server 2019

Windows Server Core

Scale improvements

New & improved search technology

Faster and more reliable failovers

Improved calendar management

Simplifying connectivity

Do Not Forward Meetings

Smarter calendar management

Supporting EAI/IDN mail routing


No UM for

Exchange

2019


Exchange 2019

• The latest and greatest on-premises…. For enterprise organizations that need top of the bill enterprise class messaging

• Need the latest and fanciest features? Go to Exchange Online

• Enterprise Organizations• Volume License only (including Exchange 2019 CU’s)

• No more ‘hybrid license’ for Exchange 2019 (use Exchange 2016)


Exchange 2019 Requirements

• Exchange 2019 runs on Windows 2019 only!

• Windows 2019 Server Core strongly recommended (PA)

• .NET Server 4.7.2

• Server memory recommendation is 128 GB (64 GB for Edge Transport)

• Max. supported RAM is now 256 GB

• Max. processor count is 48 (was 24)

• Oh yes…. Virtualization is still supported ☺

• AD Forest functional level (FFL) / domain functional level (DFL) is now Windows 2012 R2

• N-2 coexistence (no Exchange 2010 support)


New features in Exchange 2019

• New search engine (big funnel), based on Bing technology

• Content index stored in Mailbox• Passive copies of database have identical search indexes

• No more database copy health issues (and failing fail-overs)

• MCDB (Metacache Database)• Combination of JBOD and SSD (tiered storage)

• ‘Hot’ data is cached on SSD disk (failback to JBOD)

• SSD to disk ration is 1:3

• SSD’s store a maximum of 10% of key data in a MetaCache Database (MCDB)


U S E R R E Q U E S T E XC H A N G E

S S D &

M C D B

H D & D B

Retrieval of data from SSD and JBOD


U S E R R E Q U E S T E XC H A N G E

H D & D B

Retrieval of data from JBOD only


Exchange 2019 new features

• Dynamic database cache• Exchange 2016 – all databases have equal memory

• Exchange 2019 – mounted database have more memory


O V E R A L L S Y S T E M

M E M O R Y U S A G E

The old way…


D A T A B A S E S

Active Passive Passive Passive

U N C H A N G E D




In Exchange Server 2019


D A T A B A S E S

Active Passive Passive Passive

U N C H A N G E D




In Exchange Server 2019


U N C H A N G E D

D A T A B A S E S

Active Active Passive Passive


Exchange 2019 new features

• Dynamic database and MCDB results in:• A 20% increase to the number of users you can put on a server• The option to use much larger disks • Client latency for many operations is reduced by 50%!

• Remove-CalendarEvents - IT admins can cancel all meetings organized by a user.

Remove-CalendarEvents -Identity ″John Doe″ -CancelOrganizedMeetings -QueryStartDate 11-1-2018 -QueryWindowInDays 120

• New Client Access Rules so you can restrict access to EAC and PowerShell for Exchange Server 2019 • For EAC - Rules are applied in 2019, so the admins mailbox must be on 2019• For PowerShell the rules are evaluated on the server receiving the connection – so the connection

needs to hit 2019• = So we need to front end all connections with 2019 to block both EAC and PowerShell connections


Demo: Calendar Changes in Exchange Server 2019

CU1+

Exchange 2019 CU1 – 12.2.2019

- Calendar: Block calendar when Out of Office (Better OOF)

Exchange 2019 CU2 – 18.6.2019

- Introduction of Exchange Server Role Calculator for 2019

- New Exchange 2019 Logo

- Security update: ADV190018 | Microsoft Exchange Server Defense in Depth Update

Exchange 2019 CU3 – 18.9.2019

- Exchange Server Role Calculator for 2019 updated to 10.1

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190018


Demo: Exchange RoleCalculator for 2019


Future Roadmap for Exchange Server 2019

• On-Premises Modern Auth

• Extending Client Access Rules to other protocols

• Mailbox Encryption using Customer Keys

• Monitoring/Analytics tools

• Block Legacy AuthN

• Removing support for RPC/HTTP

• Simplified Calendar Sharing – Announced in Preview


Exchange Online – News from Ignite 2019

#ThriveITConf

MotherBones

1 Use + address for Web sites, etc.

Create an account to use MotherBones.com services easily.

Plus Addressing in Office 365

[email protected]

MotherBones.com Messages

[email protected]

'MotherBones'

2 Create inbox rule in Office 365 mailbox

Better inbox management

Easier tracking for sales/marketing campaigns

Identify source of address leaks

[email protected]

3Incoming messages from sender to plus address go directly into

designated folder

MotherBones.com

[email protected] Climate protesters march

[email protected] New study predicts top c

ContosoLoans Check your rate on personMotherbones.com

R E C I P I E N T

Here are the talking points we should be using in all communications with

DO NOT FORWARD! Talking points for press briefings t

[email protected]

To LLloyd McFarland

Send from proxy address (alias)Future behavior

S E N D E R

When send from alias the FROM and REPLY TO proxy addresses are preserved

Outlook Message Recall - Current

S E N D E R

R E C I P I E N T S R E C A L L E D ?

Recalled

Failed

Failed

Failed

Outlook only

Exchange Online Service

M A I L B O X S E R V E R

Outlook

Outlook

Message Recall in Office 365

S E N D E R

R E C I P I E N T S R E C A L L E D ?

Recalled

Recalled

Recalled

Recalled

Exchange Online Service

M A I L B O X S E R V E R

Message

Recall

Agent

Server-side recall in the cloud

by Message Recall Agent

Clients sync to

cloud mailbox

Outlook

Outlook

O365 Message Recall Status Report

1 Sender recalls a message 2 Sender gets notification with a link to Message Recall Status Report

3O365 Office 365 Postmaster

Kim Akers

Office 365 Message Recall Report for message: "DO NOT FORWARD: Talking points f

Sender clicks link to the report

DO NOT FORWA…

O365 Message Recall Status Report

Reply-all Storm Protection

Approach

Identify likely Reply-All storm

Temporarily block replying to everyone

Issue an NDR

Reply-All Storm Protection NDR

Reply-All Storm Criteria

Same conversation thread

30 replies to all (most) recipients

Sent to more than 5000 recipients

In less than 1 hour

Stop the insanity before it disrupts the business

Tenant customizable recipient limits

Current is Fixed

Fixed recipients' size is 500

Greater risk of abuse

Doesn't support large mailing like newsletters

Future Customizable

Range 1-1000

Per mailbox/Bulk edit

Set the default for new mailboxes


Modern Exchange Admin Console (EAC) Portal


Recommendation

& Insights

Service providing

insights and actions

based on intelligent

data analysis with

quick actions.

Simple Mailbox

Management

Simple mailbox

management

experience in

coherence with the

M365 portal.

Dashboard &

Reports

Customize your

dashboard with

reports for your

exchange

environment.

Simple, Wizard

Based Migration

A step-by-step

Migration Wizard

experience for

Exchange and

G-Suite Mailbox

migrations.

Modern EAC Portal – Admin Value

Recommendation

& Insights*

Service providing

insights and actions

based on intelligent data

analysis with quick

actions.

Dashboard &

Reports

Customize your

dashboard with

reports for your

exchange

environment.

Simple, Wizard

based Migration

A step-by-step

Migration Wizard

experience for

Exchange and

G-Suite Mailbox

migrations.

Simple Mailbox

Management

Simple mailbox

management

experience in

coherence with the

M365 portal.

* Will be available from H1 2020

Modern EAC Portal – Admin Value

Recommendations & Insights

Dashboard

Recipients

Mail flow

Migration

Hybrid

Classic Exchange Admin Center

Take a tourExchange admin center tutorial video

Training & Guidelines Search Mailbox Quick Actions

Add mailbox

Mailbox Quota Report

Last successful Migration: 02/06/2019

Migration Type: GSuite Migration

Mailboxes Migrated Successfully: 10,259

Mailboxes unable to migrate: 23

Migrated Data (GB): 254

Messages Processed: 30,365,234

Contacts Processed: 34532

Migration Report

Mailbox Actions

Reports

Training for adminsBest practices for exchange admin

FAQsFrequently asked questions

Edit mailbox

Convert mailbox to shared

Weekly Email Activity

View Recommendation

Increase mailbox storage

Archiving a mailbox moves your mails out of your Inbox and held safely in the Archive mailbox until you need them. Nothing irrevocable or harmful happens to emails you choose to archive.

Turn on archiving to increase mailbox storage and make sure messages are kept around as long as you want.

Get recommendations to ensure a healthy Exchange

environment

Recommendations

Recommendations & Insights

Dashboard

Recipients

Mail flow

Migration

Hybrid

Classic Exchange Admin Center

Take a tourExchange admin center tutorial video

Training & Guidelines Search Mailbox Quick Actions

Add mailbox

Mailbox Quota Report

Last successful Migration: 02/06/2019

Migration Type: GSuite Migration

Mailboxes Migrated Successfully: 10,259

Mailboxes unable to migrate: 23

Migrated Data (GB): 254

Messages Processed: 30,365,234

Contacts Processed: 34532

Migration Report

Mailbox Actions

Reports

Training for adminsBest practices for exchange admin

FAQsFrequently asked questions

Edit mailbox

Convert mailbox to shared

Weekly Email Activity

View Recommendation

Increase mailbox storage

Archiving a mailbox moves your mails out of your Inbox and held safely in the Archive mailbox until you need them. Nothing irrevocable or harmful happens to emails you choose to archive.

Turn on archiving to increase mailbox storage and make sure messages are kept around as long as you want.

Recommendations

Turn On Dismiss recommendation

Set up archiving

Although Office 365 keeps deleted email messages in case you need to review them someday, it doesn't stop your users from clearing them out on their own. Once that happens, poof! They're gone forever, regardless of whether it was a thread about where to go to lunch or your contract with a government organization. Don't worry. With Office 365 archiving, you can make sure that email is kept around as long as you need.

Recommendation

When you turn on archiving, we will:.

Admin sets duration and enables archiving

Exchange Admin Center - Rationalization

Principles:

• M365 Admin Center: Generalist Admin Experiences

• Specialist Admin Centers: Exchange, Security, Compliance, SharePoint, Intune

• Respective blades for Cross-suite Security and Compliance experiences

M365 Admin Center

• Users

• Groups

• Roles

• Resources

• License Management

• Reports

Exchange Admin Center Specialist Admin

Center

• Compliance

• Security

• IntuneRecipients Mail flow Migration Permissions

OrganizationPublic

FoldersHybrid More…

New admin values...

Try https://admin.exchange.microsoft.com

Try it nowSneak Peek@ Ignite

Existing and Modern EAC portal will continue to run side by side

All features shown today are available at : https://admin.exchange.microsoft.com

Preview becomes the default experience for all customers.

Preview Starts2020 H1

General AvailabilityTBD

Share your feedback on the new EAC

https://admin.exchange.microsoft.com/


Demo: Modern EAC


EXO PowerShell V2 Client Module

Typical PowerShell cmdlet call

Back End Server

RBAC (Role Based Access Control)

Au

thN

Http

Mo

du

le

Rem

ote

PS W

SM

an

PowerShell Runspace

Business Logic

WS-Man

Client

The client authenticates to the Exchange Online front-end server for the remote session

The script processes and the front-end connects to a backend server for the script

operations

Data is returned via the remote session

Data processes on the local workstation

Back End Server


Au

thN

Http

Mo

du

le

Rem

ote

PS W

SM

an

PowerShell Runspace

Business Logic

WS-Man

Client

Stateful:• RPS sessions are specific to the server

where it connects• Long running operations suffer in the

event of a disconnect

Reliability Performance

Pagination:

• No support for pagination

• Full object returned by default.

Throttling:

Based on resource

intensive operations.

What causes reliability and perf problems?

Back End Server


Au

thN

Http

Mo

du

le

PowerShell Runspace

Improved

Business Logic

New Client Module

EXO PowerShell V2

Reliability PerformanceA

dm

in A

pi

Http

Rest

• Stateless: No affinity to the Server. Connects to next available BE in the event of disconnect

• Pagination Support: Retry and resume from point of last failure

Data Size:

• Minset object return for enhanced performance

• Reduced object conversion time in REST API

• Direct invoke of business logic to avoid PowerShell layer

and its latencies and optimized AD Queries

Throttling: Improved logic to provide better reliability.

Solution: PowerShell client backed by REST

APIs

EXO PowerShell V2 Client Module

Single module containing the new performant EXO cmdlets along with old RPS

cmdlets.

The new module is now available on PowerShell gallery.

(https://www.powershellgallery.com/packages/ExchangeonlineManagement)

Parallelization : Multi-threading & client-side fanout to optimize perf

Backward Compatible Client-side PowerShell module provides experience like RPS

New module can be used in your existing scripts

https://www.powershellgallery.com/packages/ExchangeonlineManagement

Demo: ExO PowerShell V2

Client Module


One last thing…

Microsoft changes to unlimited archive storage quota:

(source: Exchange Online Archiving Service Description)


Tenant 2 Tenant Migration


Migration

Cross-tenant mailbox migration public preview planned to start in H1 2020

~100k mailboxes processed in last 90 days

~28 customers (~124 tenants) participating in private preview

Partner products enable cross-tenant migration of mailboxes and other workloads

How to approach tenant-to-tenant migration:http://aka.ms/t2tmigration

http://aka.ms/t2tmigration


Cross-tenant mailbox migration overview

Robust

Mailbox Replication Service (MRS) also used for onboarding, Multi-Geo, service load-balancing moves

Efficient

Direct migration stays within the service and does not traverse a middle tier

Secure

Admins in both source and target tenants enable moves; either side can disable


Cross-tenant mailbox migration updates…

What’s new?

Authentication using OAuth

Resources are protected from moving by default—source admin creates scope

Separate admin roles for establishing the relationship (AAD) and managing moves (EXO)

Support for migration service


Cross-tenant mailbox migration setup (how it works)

Stage target identities Create organization relationships

Migrate mailboxes


Future roadmap: scenarios we are planning for…

Ability to move auto-expanding archives across tenants

Ability to move SharePoint and OneDrive content across tenants

Ability to use an email domain across tenants


Free Exchange/Office 365 courses from Microsoft

My EdX courses:

• Manage Office 365 Identities

• Transitioning to Microsoft Exchange Server 2016

• Microsoft Exchange Server 2016 Hybrid Topologies

• Managing Microsoft Exchange Online in Office 365

• Onboarding Messaging to Office 365

http://bit.ly/2gpsFyp

http://bit.ly/2gpsFyp


Additional information…

• Exchange Transport News from Microsoft Ignite 2019• https://techcommunity.microsoft.com/t5/Exchange-Team-

Blog/Exchange-Transport-News-from-Microsoft-Ignite-2019/ba-p/993417

• Office 365 Tenant-to-Tenant Migrationhttp://aka.ms/t2tmigration

https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Exchange-Transport-News-from-Microsoft-Ignite-2019/ba-p/993417

http://aka.ms/t2tmigration

Come and write for us! Just email [email protected]

All writing experiences are welcomed. ☺

mailto:[email protected]


THANK YOU

Email: [email protected]

Twitter: @SigiJ

MVP: http://bit.ly/1QMuVLc

http://bit.ly/1QMuVLc

the latest and greatest on exchange · 2 create inbox rule in office 365 mailbox better inbox...

Documents