Exchange & Outlook UPDATE, Exchange Edition, August 28, 2003

1. Commentary

- Inside RPC-over-HTTP

2. Announcements

- Need Help Managing Your Storage Investment?

- Find Your Next Job at Our IT Career Center

3. Resources

- Configuring Outlook 2003 for RPC-over-HTTP

- Featured Thread: Public Folder Permissions on a Local Machine

- Outlook Tip: Limiting Meeting Attendees with Group Schedules

4. Events

- New--Mobile & Wireless Road Show!

5. New and Improved

- Protect Email from Security Threats

- Submit Top Product Ideas

6. Contact Us

- See this section for a list of ways to contact us.

~~~~ Sponsor: Windows Scripting Solutions ~~~~

Windows Scripting Solutions for the Systems Administrator

You might not be a programmer, but that doesn't mean you can't learn to create and deploy timesaving, problem-solving scripts. Discover Windows Scripting Solutions, the monthly print publication that helps you tackle common problems and automate everyday tasks with simple tools, tricks, and scripts. Try a sample issue today at:

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BBTy0Ap

==== 1. Commentary: Inside RPC-over-HTTP ==== by Paul Robichaux, News Editor, [email protected]

Whenever I see a new gadget or software product, I try to disengage my techno-lust momentarily and ask two questions: Which of the product's features are cool and which are actually useful? Often, the answers don't match up, although in the case of a few products (e.g., TiVo, iPod) they match really well. Exchange Server 2003 has a new feature that's both cool and useful: the ability to tunnel remote procedure calls (RPC) over standard HTTP connections. I've written briefly about this subject before, but I want to delve a little more into RPC-over-HTTP so that you can see how it can benefit your Exchange deployment.

Exchange and Outlook have always worked together using the Messaging API (MAPI) protocol. Over time, Microsoft has added support for IMAP and POP connections so that you can use Outlook in IMAP mode with an IMAP-enabled Exchange server. The problem with doing so is that you lose a lot of MAPI-based functionality, including follow-up flags, delegate access, voting buttons, and message recall. (Well, OK, maybe no one actually misses that last one.) MAPI traffic is covered over the Windows RPC ports (TCP port 135 is the RPC locator service; ports 137, 139, and 445 are used for other traffic). For security reasons, most sites have closed these ports on their firewalls, so Outlook, by itself, can't connect using MAPI.

Until Exchange 2003, the most prevalent solution was to provide a VPN service so that users can connect directly to the internal LAN. This solution, of course, requires you to set up and maintain a VPN, and it requires users to connect to the VPN every time they want to check email. Exchange 2003's RPC-over-HTTP feature does away with this requirement by letting RPC traffic nestle inside HTTP packets that are carried across port 80 or port 443. The latter port uses Secure Sockets Layer (SSL), which you should always use for external-to-internal Web traffic, particularly traffic that involves Outlook Web Access (OWA).

Another solution, of course, is to use RPC-over-HTTP to connect your Outlook 2003 clients to your Exchange 2003 server. This approach gives your clients full MAPI functionality without requiring them to use a VPN (thus improving client performance and network usage) and without requiring you to put RPC traffic directly on the Internet--advantages even when the client is behind a firewall. The best part is that Outlook supports automatic transition between plain RPC and RPC-over-HTTP. Laptop users can launch Outlook at work, pick up email, take the laptop home, plug it in, and get new email without tweaking any settings.

How does this magic work? Well, obviously you need Outlook 2003 and Exchange 2003. However, there's another requirement. Exchange's RPC support actually comes from Windows. In this case, that relationship means that you need to run Exchange 2003 on Windows Server 2003 to get RPC-over-HTTP support. In fact, you also need Windows 2003 on the Global Catalog (GC) servers that your Exchange servers use because the client will forward directory requests to those GC servers.

When an Outlook 2003 client attempts to connect to an Exchange server using RPC-over-HTTP, the client will first encounter a firewall, which should pass port 443 traffic. (Don't use RPC tunneling over port 80--doing so is a security nightmare.) The RPC packets will arrive at the target host, which must proxy them to the Exchange server. The proxying requires an additional software component; you can follow Microsoft's recommendation an use Internet Security and Acceleration (ISA) Server or you can send packets directly to a Microsoft IIS 6.0 or Exchange 2003 front-end server. In the latter case, you should use the RPC-over-HTTP Proxy service, which you install by using the Windows Components Wizard.

There are some other installation steps that I won't go into because the Exchange 2003 release notes and reference manuals document them. I will give you a handy tip, though. The Web release of the Exchange 2003 toolset includes an automatic setup script called RPCHTTP_Setup.vbs. By running this script on your Exchange 2003 servers and Windows 2003 GC servers, you can quickly set up RPC-over-HTTP on the server side. The client side doesn't need much special setup, although in my experience the easiest approach is to have clients make their initial connection (with the accompanying deep sync that creates local copies of the user's email data) on the LAN. Use RPC-over-HTTP with cached mode whenever possible.

RPC-over-HTTP has some interesting implications for site and server consolidation, too, which I briefly mentioned in the April 18 UPDATE. Even if you aren't interested in consolidating, you--and your users--will probably find plenty of advantages to RPC-over-HTTP.

~~~~ Sponsor: Oracle Collaboration Suite ~~~~

Revolutionize the Way You Do Business

Click here for a free Radicati report and see why Oracle Collaboration Suite is #1 in reliability and TCO.

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BCHK0As

Or, click here to watch the latest chapter in our online event.

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BCHK0As

==== 2. Announcements ==== (from Windows & .NET Magazine and its partners)

Need Help Managing Your Storage Investment?

Planning and managing your storage deployment can be costly and complex. Check out Windows & .NET Magazine's Storage Administration Web site for the latest advice, news, and tips to help you make the most of your storage investment. You'll find problem-solving articles, eye-opening white papers, a technical forum, and much more!

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0rvk0Ar

Find Your Next Job at Our IT Career Center

Check out our new online career center in which you can browse current job openings, post your resume, and create automated notifications to notify you when a job is posted that meets your specifications. It's effective, it's private, and there's no charge. Visit today!

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BBGS0Ay

==== 3. Resources ====

Configuring Outlook 2003 for RPC-over-HTTP

The "Microsoft Office 2003 Resource Kit" has a wealth of useful information about Outlook. This article about configuring Outlook 2003 to use Remote Procedure Calls (RPC)-over-HTTP has good information about client-side configuration.

http://www.microsoft.com/office/ork/xp/beta/three/ch8/outc07.htm

Featured Thread: Public Folder Permissions on a Local Machine

A forum reader is looking for help with a machine that can't be used to view a public folder. To offer your advice or join the discussion, go to the following URL:

http://www.winnetmag.com/forums/rd.cfm?cid=40&tid=62740

Outlook Tip: Limiting Meeting Attendees with Group Schedules

by Sue Mosher, [email protected]

Q: How can I use a group schedule in Outlook 2002 to create a meeting with just a few of the individuals listed in the group schedule?

A: Group schedules are a new feature in Outlook 2002 that lets you easily see free/busy time for the groups of people you meet with most often. To start working with group schedules, switch to your Calendar folder, select Actions, then select View Group Schedules. This action presents a dialog box in which you can create, open, and delete group schedules, which are just special variations of Outlook appointment items.

The choices you see when you click Make Meeting on the group schedule don't include an option for creating a new meeting with just selected contacts. Select New Meeting with All; then when Outlook displays the meeting request, you can delete the recipients you don't want to invite.

See the Exchange & Outlook Administrator Web site for more great tips from Sue Mosher.

http://www.exchangeadmin.com

==== 4. Events ==== (brought to you by Windows & .NET Magazine)

New--Mobile & Wireless Road Show!

Learn more about the wireless and mobility solutions that are available today! Register now for this free event!

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BA8Y0Ao

==== 5. New and Improved ==== by Carolyn Mader, [email protected]

Filter Out Spam

Mail-Filters.com announced SpamPlug, software that monitors email traffic to filter out spam. The software rejects messages or sidelines them for review. Each message goes through 11 categories of tests to determine its validity. SpamPlug is compatible with Exchange Server and SMTP-based servers. The software supports Outlook, Outlook Express, Netscape, and Qualcomm Eudora. For pricing, contact Mail-Filters.com at 650-655-7700.

http://www.mail-filters.com

Submit Top Product Ideas

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions to [email protected].

==== Sponsored Links ====

Ultrabac

FREE live trial-Backup & Disaster Recovery software w/ encryption

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BBi50A3

CrossTec

Free Download - NEW NetOp 7.6 - faster, more secure, remote support

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BBnb0As

MailFrontier

Eliminate spam once and for all. MailFrontier Anti-Spam Gateway.

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BCEC0Ah

==== 6. Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.winnetmag.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring UPDATE -- [email protected]