Exchange Server 2007 用戶端存取 謝合宜 微軟特約技術顧問 MCSE : Security/Messaging MVP/MCT BS7799/ISO27001 Lead Auditor

預備知識 熟悉Exchange 2000/2003或 5.5的系統管理與使用 Level 200

Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 11/24/2018 4:14 PM Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Exchange 2007伺服器角色 Mailbox Server Role Client Access Server Role 主要功能為信箱的存放區 MAPI用戶端存取 Client Access Server Role IMAP4 POP3 Web Service OWA 2007 (Outlook Web Access 2007) EAS 2007 (Exchange ActiveSync 2007) Outlook Anywhere Unified Messaging Server Role 語音信箱 傳真 語音自動導引

Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 11/24/2018 4:14 PM Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 5

What Is AutoDiscover? AutoDiscover 提供Outlook 2007設定檔的設定資訊 2 1 3 CAS從AD擷取設定 1 用戶端請求從CAS取得設定值 3 用戶端連結到Mailbox Server

設定 AutoDiscover 要設定 AutoDiscover: 1 2 設定 DNS 紀錄來讓用戶端找到適當的 CAS 設定 Autodiscover.xml 檔案 1 2 AutoDiscover 只能透過 Exchange Management Shell 來進行設定 https://autodiscover.domain/autodiscover/autodiscover.xml https://domain/autodiscovery/autodiscovery.xml

What Is Outlook Anywhere? Outlook 無所不在提供 RPC over HTTPS 連線到 Exchange Server 2007 server Back-end servers forward directory lookup requests to global catalog servers Global catalog servers Mailbox server Client Access server extracts the RPC request and forwards it to the Exchange server using ports 6001, 6002, 6004 Outlook 2003 or later client Outlook 2003 client opens HTTPS sessions to the Client Access server Client Access Server

設定 Outlook Anywhere 設定 Exchange Server 2007 來提供 Outlook 無所不在 1 2 3 4 設定一台 Windows Server 2003 做為 RPC proxy 在 EMC 中啟用 Outlook 無所不在 在 RPC proxy server 安裝憑證來使用 SSL 設定 Outlook 2003/2007 設定檔來使用 RPC over HTTPS 2 3 4 The RPC proxy server 建議使用 Client Access server

What Is the Calendar Concierge? The Calendar Concierge includes: The Calendar Attendant, which processes meeting requests for all mailboxes The Scheduling Assistant, which simplifies the process of booking meetings The Resource Booking Attendant, which manages meeting requests for meeting resources The Availability Web Service, which makes free/busy information available through a Web service

What Is the Availability Web Service? The Availability Web Service 提供 free/busy 資訊給 Outlook 2007 and Exchange Server 2007 OWA 用戶 Exchange Server 2007 Exchange Server 2003 Exchange Server 2007 2 3 4 5 1

Out-of-Office 新功能 使用者可以： Exchange 管理協助設定 out-of-office 訊息傳送： 排定不在辦公室的期間日期 傳送不同的訊息給內部與外部收件者 只傳送不在辦公室訊息給聯絡人 傳送 HTML 格式的不在辦公室訊息 Exchange 管理協助設定 out-of-office 訊息傳送： 個別使用者 收件者網域

離線通訊錄(OAB)的設定 設定 OAB 佈署 OAB 虛擬目錄建立在每一台 Client Access server OAB 以 Microsoft Exchange File Distribution service 從 Mailbox server 複製 Outlook 2007 會自動找到佈署點，並透過 HTTP 與 BITs 來下載 設定 OAB 佈署 啟用 Web-based 佈署 OAB 設定 OAB 物件屬性

AutoDiscover與新介面 Outlook Anywhere 排程的使用(含out-of-office) OAB 二○一八年十一月二十四日 Outlook的使用 AutoDiscover與新介面 Outlook Anywhere 排程的使用(含out-of-office) OAB 14 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 11/24/2018 4:14 PM Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 15

How Client Access Works Domain Controller 2 Client Access Server Kerberos LDAP Mailbox Server 3 RPC HTTPS IMAP4 POP3 1 4 SMTP Hub Transport or Edge Transport Server

2007 CAS ≠2003 Front-End 安裝 CAS 角色只安裝 CAS 所需的元件 資料庫儲存與訊息傳送元件並未安裝 沒有 CAS 角色的 Exchange 2007 伺服器不提供 OWA/EAS/WS/IMAP4/POP3 服務功能 CAS 比 Front-end 提供更多的負載卸除 OWA2003 使用介面在 mailbox server 產生； OWA2007 在 CAS 產生 每個有 Mailbox server 的 AD 站台需要一台CAS 伺服器

CAS on the inside CAS SharePoint & File Shares IMAP/ POP HTTP & SMB IMAP/ POP CAS business logic & AD Driver LDAP IIS Active Directory Web Services RPC Exch. ActiveSync OWA 2007 MAPI Exchange 2007 Mailbox RPC/HTTP MAPI OWA 2003 Proxy HTTP Exchange 2003 Mailbox

Outlook Anywhere 與 CAS 角色 CAS 角色提供適當的服務給 Outlook 用戶來使用無所不在的存取 Service Purpose Target Users Outlook RPC over HTTP Remote mailbox access Internet 2003, 2007 AutoDiscover Automated profile configuration Internet & Intranet 2007 Exchange Web Services – “Availablity” Free/busy, meeting suggestions + OOF Offline Address Book Offline directory access Internet & Intranet UM Web service Configure unified messaging settings in Outlook

Exchange Web Services for Free/Busy 1 Outlook’s Scheduling Assistant creates a web request using the URL provided by AutoDiscover 2 3 The user’s home CAS server determines which mailboxes are local vs. in remote sites Local free/busy information is retrieved via MAPI RPC from the mailbox Outlook 2007 requests free/busy for John@contoso.com Amy@contoso.com MAPI RPC HTTPS Request Exchange Web Services Free/busy results CAS Role John’s Exchange 2007 Mailbox Server 5 AD Site 1 The original CAS server combines the local and remote results and returns them to Outlook 好處 即時的結果，不會有公用資料夾複寫的延遲問題 由新的 “Scheduling Assistant”來提供排程建議 HTTPS Request Free/busy results MAPI RPC Exchange Web Services 4 Requests for remote sites are proxied to remote CAS servers CAS Role Amy’s Exchange 2007 Mailbox Server AD Site 2

OWA 2007 OWA2003改寫 佈署考量 提供文件存取，連結檔案伺服器與SharePoint 更強且多樣的管理 OWA2003 UI 由Back-End server來產生 OWA2007 UI 由CAS來產生 佈署考量 表單式驗證 (FBA) 是預設值 WebReady功能來解決OWA2003附件下載到用戶電腦的檔案暫存問題 提供文件存取，連結檔案伺服器與SharePoint 更強且多樣的管理 OWA2007 rendering on CAS Connects to MBX server using RPC, authenticating as Exchange service account FBA by default considerations Kept safe by installing with SSL by default (see later slide) Restriction that “OWA on Front-End servers support only FBA and Basic authN” is removed. Now supports client cert authN, Windows Integrated etc.

IMAP4/POP3 Exchange 2007 IMAP4/POP3 服務已經重寫 IMAP4/POP3 服務預設為手動啟動 完全受管理的程式碼 不再依靠 IIS ，是個別的系統服務 IMAP4/POP3 服務預設為手動啟動 透過 Powershell commands 來管理設定 沒有 Exchange Management Console UI Get/Set-POPSettings, Get/Set-IMAPSettings 一台伺服器只能有一個 IMAP4/POP3 服務 所有 IMAP4/POP3 連線到伺服器必須使用相同的 SSL 憑證 用戶端與 Exchange 連線如果透過 ISA，不支援 ISA-Exchnage 間的 IPSEC 連線通道 功能的改變 增加支援 TLS encryption 增加 Kerberos authentication 支援 改善過的搜尋機制 不再提供透過 IMAP 存取公用資料夾

OWA 2007 認證與多國語系的支援 二○一八年十一月二十四日 23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 11/24/2018 4:14 PM Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 24

Exchange ActiveSync (EAS) 2007 行動周邊存取信箱的同步協定 EAS is licensed by PalmOne (Treo650; LifeDrive), Motorola (A780), DataViz (RoadSync), Nokia and Symbian Ex2003 信箱使用 Ex2003 EAS；Ex2007 信箱使用 Ex2007 EAS Ex2007 CAS 代理 Ex2003信箱的 EAS 請求到後端的伺服器 需要受裝置信任的 SSL certificate 可以設定 Windows Mobile devices 登錄檔設定來允許使用不受信任的憑證 要使用新的 EAS 安全功能 在 EMC 建立 ActiveSync 原則然後套用到使用者 驗證方式：用戶端憑證或基本驗證

EAS支援的設備 Windows Mobile Motorola, Nokia, Palm, Sony-Ericsson 二○一八年十一月二十四日 EAS支援的設備 Windows Mobile Motorola, Nokia, Palm, Sony-Ericsson So, what about current devices in market? In the past year there have been many devices that came out E12 activesync fully supports devices that are in market today. You can buy the new cool Motorola Q or Palm Treo W today and will sync great with E12. In fact…they will sync even better with E12! We made some significant improvements in the Sync core engine and improved our reliability. Experience improved for all devices 26 26 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

電子郵件的使用 標籤 HTML Mail 快速擷取 <SLIDETITLE INCLUDE= ></SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=></TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> 快速擷取

會議請求的處理 允許使用者跟在 Outlook 上一樣的使用操作 從約會排程中 Forward/Reply/ReplyAll 查看不同會議參予者的接受狀態 改善衝突的解決 所有的行事曆運作是在伺服端 <SLIDETITLE INCLUDE= ></SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=></TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

文件存取 如附件一樣的在郵件中點選來取得文件 可以存取檔案伺服器與SharePoint <SLIDETITLE INCLUDE= >Document Access</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> I showed you document access earlier which allows you to access files from SharePoint sites and network file shares straight from an e-mail message. This is what that same functionality looks like from a Windows Mobile device. </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=></TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

信箱的搜尋 透過伺服器來進行搜尋 不限只能搜尋設備上暫存的項目 豐富的查詢與過濾的條件支援 – text, date, from, to, flags, attachments, importance, restricted to specific fields, etc 查詢取得的項目數量可以限制或進行分頁 <SLIDETITLE INCLUDE= > Mobile Mailbox Search </SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Search functionality plays an important role in e-mail management and hasn’t been neglected here either. Search is as full-featured as you’ve come to expect from your desktop computer an even allows you to search items that are stored on the Exchange server. </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=></TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

郵件答錄機助理員 一樣可以進行設定 <SLIDETITLE INCLUDE= > Out of Office </SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Out of Office is now available on mobile devices and is just like the functionality you’re used to in desktop Outlook. </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=></TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

原則與存取控制 內建的原則支援 擴展 Ex2003 SP2 的原則支援 More granular access control… 方便知識工作者符合企業的原則管理 改善的安全性來符合企業的要求 EAS 依然允許強制與請求式的設定方式 擴展 Ex2003 SP2 的原則支援 可設定每個使用者的原則 Allow/disallow SMS, Bluetooth, etc Allow/disallow attachments Pre-configure user “settings” Additional security settings underway (think device encryption) More granular access control… By device ID – allows only enterprise provisioned devices <SLIDETITLE INCLUDE= ></SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=></TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

EAS 2007 與裝置的關係 New Device “DirectPush” devices All Devices 二○一八年十一月二十四日 EAS 2007 與裝置的關係 Better Productivity Tool Enhanced Email (html, flags, quick message fetch) Enhanced Calendar (attendee status, Microsoft Office Outlook 2007 calendar workflow improvements) Search Doc Access (Sharepoint, UNC) Out of Office Further protection of corporate data Stronger device password policy PIN Reset Device Encryption IRM Integration Further Reduction in Deployment Costs Complete OTA provisioning w/ autodiscovery Improved Monitoring More detailed information regarding devices & device usage New Device Complete Pocket Outlook Experience Direct Push Global Address Book (GAL) lookup Task Sync Improved protection of corporate data Device Password Policy Enforcement + Local Wipe Remote Wipe Certificate Based Authentication S/MIME (will be in Ex2007 SP1) “DirectPush” devices Wrap up… 5mins Core Pocket Outlook Experience Core Email (sync, read, attachments) Improved SmartReply\Forward Contact Synchronization Core Calendar (sync, handle meeting requests) Great Network Security Encryption (SSL with 3DES or RC4) Authentication (Basic) ISA integration (web publishing) Easy deployment Tightly integrated with Exchange OTA configuration Faster 1st time sync OWA Servicing PowerShell Ready Monitoring Reporting MOM integration Diagnostic Tasks & health monitoring All Devices 33 33 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 11/24/2018 4:14 PM Agenda Exchange伺服器角色 Outlook的使用 用戶端存取伺服器的使用 Mobile使用者的經驗 整合通訊(UM)的使用 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 34

Exchange Server 2007 Architecture

Unified Messaging Server PBX 連線使用 VoIP Gateway Circuit-switched telephony protocols Mailbox Server Phone company’s Central Office VoIP Gateway Hub Transport Server Traditional PBX Unified Messaging Server External phone Internal phone Active Directory SIP/RTP/T38 protocols

Unified Messaging Server IP PBX Connectivity Mailbox Server Phone company’s Central Office Hub Transport Server IP PBX Unified Messaging Server External phone Internal phone Active Directory SIP/RTP/T38 protocols

UM的使用 存取 Voice Mail 聆聽、轉送、回覆訊息 聽取行事曆資訊 存取或撥接存於GAL或個人的聯絡人 接受或取消會議邀請 設定使用者的安全與個人選項

講題總結 Exchange 2007提供更彈性且更強的用戶端存取方式 OWA是目前非常理想的用戶端 整合訊息(UM)的使用相信是未來的趨勢

For More Information… TechNet Exchange Server 2007 TechNet 技術論壇 www.microsoft.com/taiwan/technet Exchange Server 2007 www.microsoft.com/exchange TechNet 技術論壇 www.microsoft.com/taiwan/technet/forum MVP Community社群網站 www.microsoft.com/taiwan/community MS Exchange Team Blog http://msexchangeteam.com/ Exchange 2007 online Help http://www.microsoft.com/technet/prodtechnol/exchange/E2k7/ZH-TW/Help/ExchHelp/cb24ddb7-0659-4d9d-9057-52843f861ba8.mspx?mfr=true