Microsoft

Customize Outlook Web App for Exchange 2013

Customize the color of the sign-in page

  1. Log on to the Exchange server and use Windows Explorer to go to the Exchange server installation directory and find \V15\FrontEnd\HttpProxy\owa\auth\<version>\themes\resources.
  2. Use a text editor, such as Notepad, to open logon.css.
  3. Search for the default color value #0072c6 and replace it with the HTML RGB value for the color you want to use. You can find HTML RGB values here: Color Table.
  4. Save and close the file.

 Customize the color of the error page

  1. Log on to the Exchange server and use Windows Explorer to go to the Exchange server installation directory and find \V15\FrontEnd\HttpProxy\owa\auth\<version>\themes\resources.
  2. Use a text editor, such as Notepad, to open errorFE.css.
  3. Search for the default color value #0072c6 and replace it with the HTML RGB value for the color you want to use. You can find HTML RGB values here: Color Table.
  4. Save and close the file.

 Customize the color of the language selection page

  1. Log on to the Exchange server and use Windows Explorer to go to the Exchange server installation directory and find \V15\Client Access\OWA\version\Owa2\resources\styles.
  2. Use a text editor, such as Notepad, to open languageselection.css.
  3. Search for the default color value #0072c6 and replace it with the HTML RGB value for the color you want to use. You can find HTML RGB values here: Color Table.
  4. Save and close the file.

 Customize the images on the sign-in and error pages

Use an image editing tool to open and edit the images used to build the sign-in and error pages.

  1. Log on to the Exchange server and use Windows Explorer to go to the Exchange server installation directory and find \V15\FrontEnd\HttpProxy\owa\auth\<version>\themes\resources.
  2. Use a graphics editor to open and modify the following files:
    • owa_text_blue.png, to change the “Outlook Web App” text logo.
    • olk_logo_white.png, to change the app logo in the left bar.
    • olk_logo_white_cropped.png, to change the image in the left side panel of the error page.
    • sign_in_arrow.png, to change the icon left of the “sign in” button.
    • olk_exchange_text_blue.png, to change the “Outlook Mobile” logo on tnarrow layout.
    • olk_logo_white_small.png is used in tnarrow.
    • olk_exchange_text_stacked_white_small.png is used in tnarrow.
  3. Search for the default color value #0072c6 and replace it with the HTML RGB value for the color you want to use. You can find HTML RGB values here: Color Table.
  4. Save and close the file.

Reference: http://technet.microsoft.com/en-us/library/ee633483(v=exchg.150).aspx

Creating and managing rooms and resources

Description

Scheduling for conference rooms and resources like projectors is handled automatically by Microsoft Exchange

Create a conference room

Using the Exchange Management console, navigate to Recipient Configuration and select Mailbox so that you see the list of mailboxes

  1. Right click on Mailbox and choose New Mailbox
  2. If you are creating a conference room, choose "Room Mailbox".  If you are creating a resource such as a projector, choose "Equipment Mailbox" and click Next
  3. Leave the selection on "New User" and click Next
  4. Select the organizational unit checkbox and put the new mailbox user into the Company\Resources organizational unit
  5. First name should be descriptive like "Conference Room" or "Toshiba".  Last name should be the room number like "2N11" or the resource type of "Projector".  The display name should be modified for conference rooms to match the format of "Conference Room - 2N11".  The user login name for conference rooms should be "conference2N11" and resources should be like "toshibaprojector".  Click Next
  6. The alias should match the user login name and be left alone.  Click Next
  7. After the user and mailbox are created, find it in the Mailbox list and right click and choose Properties
  8. Click on the Resource General and make sure the "Enable the Resource Booking Attendant" is checked

The next step requires the Exchange Management shell.  Start one from a workstation or Exchange server and enter the following command

1
Set-CalendarProcessing -Identity "room1" -RemoveOldMeetingMessages $false

This will make sure the resource never deletes old appointments.  This is important for resources so that the person who checked out the resource last can be identified

Bulk Folder Permissions Changes

powershell.jpg

How to  use:

  1. Copy attached BulkSet-NTFSPermissions.ps1 script to C:\Temp
  2. Open Powershell
  3. Run this command:List Folders to File
    Get-ChildItem REPLACEWITHPATH | Where-Object {$_.psIsContainer} | Select fullname | Out-File c:\temp\FolderPermissions.txt
  4. Open the c:\temp\FolderPermissions.txt File
  5. Remove the First 3 lines.  The first line is whitespace, the second says Full Name, the third is ----.
  6. Open Powershell and navigate to c:\temp
  7. Run the following command with the persons user id.
    .\BulkSet-NTFSPermissions.ps1 -FolderListFile c:\temp\FolderPermissions.txt -SecIdentity "Domain\Group or User" -AccessRights "FullControl" -AccessControlType "Allow"

Below is original Syntax of Command

.\BulkSet-NTFSPermissions.ps1 -FolderListFile x:\xxxx\xxxx.txt -SecIdentity "Domain\Group or User" -AccessRights "FullControl" -AccessControlType "Allow"

Here is the options.

  • FolderListFile: a flat text file containing the list of path that need to apply the NTFS permission. It needs to list one folder per line. the path can be a absolute local path such as C:\temp or a UNC path such as \\computer\C$\temp.
  • SecIdentity: The security identity (such as a user account or a security group) the permission is applied for.
  • AccessRights: type of access rights, such as FullControl, Read, ReadAndExecute, Modify, etc..
  • AccessControlType: Allow or Deny

Exchange 2013 Migration via Powershell script based upon search.

ems.jpg

ExchangeMigrationWeb.ps1Overview:

During a migration from 2010 to 2013 we were working on changing some of our e-mail retention policies.  We had implemented journaling through a Barracuda Message Archiver to retain our messages per company policy. Second to that, we also wanted to migrate our e-mail storage from our existing mentality of just letting people manage an unlimited "pot" of e-mail. This isn't very cost effective for one, second to that it doesn't make for an Exchange Environment that is easy to manage and project future costs.

Because of this we were going to finally put into place e-mail box quotas to force people to clean up their mailbox.  We already had retention policies in place, however our average mailbox size was still well over 2GB.  That being the case we decided to set a max size of 2GB in order to allow for the future projection of growth, and keep a relatively static cost regarding our high end storage that is hosting our DAG.

The first issue we ran into (Other then how to deal with lowering those over 2GB) was how to migrate forward while at the same point dealing with those boxes that were larger.   Even though we could look into exchange and get a list of all the mailboxes that are currently below the 2GB quota, to have to parse through the Migration Job Wizard and manually select all those users would be tedious.  So... a script is in order to handle this for us.

The "how":

Well even as great as Exchange is, it doesn't make it easy to accomplish this.  The "TotalItemSize" property that contains the full mailbox size is stored within the Get-MailboxStatistics CMDlet.  However the New-Migration, or New-MigrationBatch CMDlets require an e-mail address in order to process a migration, and that is NOT stored in the Get-MailboxStatistics CMDlet.  There are several "commonalities" between the various CMDlets, such as GUID, Display Name and so forth, however we decided to use DisplayName from Get-Mailbox.

Essentially what we did was run Get-MailboxStatistics with a filter based upon the TotalItemSize being less then 1.5GB and not already existing in the new databases.  We then ran the Get-Mailbox Command to return all mailbox DisplayNames, and compared the two files in order to build a text file that could then be ran to return all of the "PrimarySMTPAddress" from the Get-Mailbox command to have the correct information needed to do the migration batch file.

Below is a snippet of that code.  You will also notice that there was some triming and parsing of the file in order to translate from the output of the Get-MailboxStatistics to the format needed to run the loop to pull the e-mail addresses.

###     SET YOUR VARIABLES FOR THE SEARCH CRITERIA      ####
$ServerSearchVariable="*ex2013*"
$TotalItemSizeVariable="100MB"

###     SET YOUR VARIABLES FOR THE COMPARE and IMPORT      ####
$CompareFile="c:\temp\compare.txt"
$PrimarySMTP="C:\temp\PrimarySMTP.txt"
$MigrationEmails="C:\temp\MigrationEmails.txt"
###     Do the compare of MBStats based upon Total Item size set above and the server name variable
Write-Host -foregroundcolor Yellow "Running the compare to gather the list of users who will be part of this migration"
$MBStats=Get-Mailbox | Get-MailboxStatistics | Where-Object {$_.TotalItemSize -lt $TotalItemSizeVariable -and $_.ServerName -notlike "$ServerSearchVariable"} |Select-Object DisplayName
$MBName=Get-Mailbox | Select-Object DisplayName
$FileCompare=Compare-Object $MBStats $MBName -IncludeEqual
$FileCompare | Where-Object {$_.SideIndicator -like "=="} | Out-File $CompareFile
###  Here I am Trimming the file to get it ready for the comparison
Write-Host -foregroundcolor Yellow "Trimming and parsing file"
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "@{DisplayName=", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "}", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "InputObject", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "SideIndicator", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "-----------   ", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace " --  ", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace " ==  ", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace " ", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ? {$_.trim() -ne "" } | Set-Content $CompareFile
###     Comparing the Get-MailboxStatistics search to the full list of e-mail addresses and returning PrimarySMTP to setup the text file for the migration
Write-Host -foregroundcolor Yellow Comparing the files and translating to e-mail addresses
$FinalCompare=Get-Content $CompareFile
Foreach ($line in $FinalCompare)
{
    $smtp=Get-Mailbox | Where-Object {$_.Name -eq "$line"} | Select-Object PrimarySmtpAddress
    Add-Content $PrimarySMTP $smtp
}
### Pruning File prior to import
Write-Host -foregroundcolor Yellow "Final Pruning"
(Get-Content $PrimarySMTP) | ForEach-Object {$_ -replace "@{PrimarySmtpAddress=", ""} | Set-Content $PrimarySMTP
(Get-Content $PrimarySMTP) | ForEach-Object {$_ -replace "}", ""} | Set-Content $PrimarySMTP

The above code basically gives you a list of E-Mail addresses based upon the search criteria you set and put it's into the proper format for the New-Migration CMDLet.  The file that is created will look like:

EMailAddress
user1@domain.com
user2@domain.com
user3@domain.com
user4@domain.com
...

Below is the rest of the script (Also Attached).   The first portion of it makes sure that the location of the temp files is clean on the off chance it wasn't prior.  The last portion not only starts the exchange migration, but also cleans up after itself.

#### Cleanup of Previous files if they existed 

    if (Test-Path C:\temp\compare.txt | Where-Object {$_ -eq "True"})
    {
        Remove-Item C:\temp\compare.txt
    }
    else
    {
        Write-Host -foregroundcolor Gray "Compare.txt didn't exist"
    }

    if (Test-Path C:\temp\PrimarySMTP.txt | Where-Object {$_ -eq "True"})
    {
        Remove-Item C:\temp\PrimarySMTP.txt
    }
    else
    {
        Write-Host -foregroundcolor Gray "PrimarySMTP.txt didn't exist"
    }

    if (Test-Path C:\temp\MigrationEmails.txt | Where-Object {$_ -eq "True"})
    {
        Remove-Item C:\temp\MigrationEmails.txt
    }
    else
    {
        Write-Host -foregroundcolor Gray "MigrationEmails.txt didn't exist"
    }

###     SET YOUR VARIABLES FOR THE SEARCH CRITERIA      ####

$ServerSearchVariable="*ex2013*"
$TotalItemSizeVariable="400MB"

###     SET YOUR VARIABLES FOR EXCHANGE ENVIRONMENT     ####
$ExchDB="EX2013-DAG1"
$MigrationName="Under 400 MBv2"

###     SET YOUR VARIABLES FOR THE COMPARE and IMPORT      ####

$CompareFile="c:\temp\compare.txt"
$PrimarySMTP="C:\temp\PrimarySMTP.txt"
$MigrationEmails="C:\temp\MigrationEmails.txt"

###     Do the compare of MBStats based upon Total Item size set above and the server name variable

Write-Host -foregroundcolor Yellow "Running the compare to gather the list of users who will be part of this migration"

$MBStats=Get-Mailbox | Get-MailboxStatistics | Where-Object {$_.TotalItemSize -lt $TotalItemSizeVariable -and $_.ServerName -notlike "$ServerSearchVariable"} |Select-Object DisplayName
$MBName=Get-Mailbox | Select-Object DisplayName
$FileCompare=Compare-Object $MBStats $MBName -IncludeEqual
$FileCompare | Where-Object {$_.SideIndicator -like "=="} | Out-File $CompareFile

###  Here I am Trimming the file to get it ready for the comparison

Write-Host -foregroundcolor Yellow "Trimming and parsing file"
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "@{DisplayName=", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "}", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "InputObject", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "SideIndicator", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace "-----------   ", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace " --  ", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace " ==  ", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ForEach-Object {$_ -replace " ", ""} | Set-Content $CompareFile
(Get-Content $CompareFile) | ? {$_.trim() -ne "" } | Set-Content $CompareFile

###     Comparing the Get-MailboxStatistics search to the full list of e-mail addresses and returning PrimarySMTP to setup the text file for the migration

Write-Host -foregroundcolor Yellow Comparing the files and translating to e-mail addresses
$FinalCompare=Get-Content $CompareFile
Foreach ($line in $FinalCompare)
{
    $smtp=Get-Mailbox | Where-Object {$_.Name -eq "$line"} | Select-Object PrimarySmtpAddress
    Add-Content $PrimarySMTP $smtp

}

### Pruning File prior to import
Write-Host -foregroundcolor Yellow "Final Pruning"
(Get-Content $PrimarySMTP) | ForEach-Object {$_ -replace "@{PrimarySmtpAddress=", ""} | Set-Content $PrimarySMTP
(Get-Content $PrimarySMTP) | ForEach-Object {$_ -replace "}", ""} | Set-Content $PrimarySMTP

###   SENDING NOTIFICATION MESSAGE
###   Setting Variables for the message   ###

$Smtp = "SMTP SERVER" 
$From = "noreply@DOMAIN.com" 
$CC=""
$BCC=""
$Subject = "Your E-Mail Box is Migrating"  
$Body = get-content C:\TEMP\content.html

#### Now send the email using \> Send-MailMessage  

### IF YOU NEED TO CC or BCC you can comment out the current Send-MailMessage Line and uncomment the one containing the CC and BCC arguments
# Send-MailMessage -SmtpServer $Smtp -To $To -From $From -CC $CC -BCC $BCC -Subject $Subject -Body "$Body" -BodyAsHtml -Priority high 

$NotificationPerson=Get-Content $PrimarySMTP
Foreach ($person in $NotificationPerson)
{
Send-MailMessage -SmtpServer $Smtp -To $person -From $From -Subject $Subject -Body "$Body" -BodyAsHtml -Priority high 

}

###  File pruned, need to added EMailAddress to format import file
Write-Host -foregroundcolor Yellow "Reformating Migration file"
 Add-Content -Path $MigrationEmails -Value EmailAddress
 Add-Content -Path $MigrationEmails -Value (Get-Content $PrimarySMTP)

###     BEGIN MIGRATION   ####
Write-Host -foregroundcolor Yellow "Adding Migration to Exchange 2013"
New-MigrationBatch -Name "$MigrationName" -CSVData ([System.IO.File]::ReadAllBytes("$MigrationEmails")) -Local -TargetDatabase $ExchDB -AutoStart -AutoComplete

Write-Host -foregroundcolor Yellow "##################################"

    if (Get-MigrationBatch -Identity "$MigrationName" | Where-Object {$_.Identity -like "$MigrationName"})
    {
        Write-Host -foregroundcolor Yellow "Migration Batch of $MigrationName has started"
    }
    else
    {
        Write-Host -foregroundcolor Yellow "$MigrationName did NOT START"
    }

Write-Host -foregroundcolor Yellow "##################################"
Write-Host -foregroundcolor Yellow "Cleaning Up Files"
Write-Host "Starting sleep to allow upload."
Start-Sleep 30

###   CLEANUP FILES

#Remove-Item $CompareFile
#Remove-Item $PrimarySMTP
#Remove-Item $MigrationEmails

#Write-Host -foregroundcolor Yellow "$CompareFile , $PrimarySMTP , and $MigrationEmails were removed"
Write-Host -foregroundcolor Yellow "COMPLETE"

ExchangeMigrationWeb.ps1

Script - Display File list with sizes

powershell.jpg

In Powershell we can display a list of files, such as doing a dir in a command prompt or doing a file view.  We do however have some special abilities that we can only do through powershell.  Below are a few examples.

Sort by Name with Length

Get-ChildItem FolderName | Select-Object Name, Length

Get Top 10 by size (to change the "top number" change the 10 to whatever)

Get-ChildItem FolderName | Select-Object Name, Length | sort-object length -descending | select-object -first 10

Customize Outlook Web App for Exchange 2013

images1.jpg

 Customize the color of the sign-in page

  1. Log on to the Exchange server and use Windows Explorer to go to the Exchange server installation directory and find \V15\FrontEnd\HttpProxy\owa\auth\<version>\themes\resources.
  2. Use a text editor, such as Notepad, to open logon.css.
  3. Search for the default color value #0072c6 and replace it with the HTML RGB value for the color you want to use. You can find HTML RGB values here: Color Table.
  4. Save and close the file.

 Customize the color of the error page

  1. Log on to the Exchange server and use Windows Explorer to go to the Exchange server installation directory and find \V15\FrontEnd\HttpProxy\owa\auth\<version>\themes\resources.
  2. Use a text editor, such as Notepad, to open errorFE.css.
  3. Search for the default color value #0072c6 and replace it with the HTML RGB value for the color you want to use. You can find HTML RGB values here: Color Table.
  4. Save and close the file.

 Customize the color of the language selection page

  1. Log on to the Exchange server and use Windows Explorer to go to the Exchange server installation directory and find \V15\Client Access\OWA\version\Owa2\resources\styles.
  2. Use a text editor, such as Notepad, to open languageselection.css.
  3. Search for the default color value #0072c6 and replace it with the HTML RGB value for the color you want to use. You can find HTML RGB values here: Color Table.
  4. Save and close the file.

 Customize the images on the sign-in and error pages

Use an image editing tool to open and edit the images used to build the sign-in and error pages.

  1. Log on to the Exchange server and use Windows Explorer to go to the Exchange server installation directory and find \V15\FrontEnd\HttpProxy\owa\auth\<version>\themes\resources.
  2. Use a graphics editor to open and modify the following files:
    • owa_text_blue.png, to change the “Outlook Web App” text logo.
    • olk_logo_white.png, to change the app logo in the left bar.
    • olk_logo_white_cropped.png, to change the image in the left side panel of the error page.
    • sign_in_arrow.png, to change the icon left of the “sign in” button.
    • olk_exchange_text_blue.png, to change the “Outlook Mobile” logo on tnarrow layout.
    • olk_logo_white_small.png is used in tnarrow.
    • olk_exchange_text_stacked_white_small.png is used in tnarrow.
  3. Search for the default color value #0072c6 and replace it with the HTML RGB value for the color you want to use. You can find HTML RGB values here: Color Table.
  4. Save and close the file.

Reference: http://technet.microsoft.com/en-us/library/ee633483(v=exchg.150).aspx

Creating and managing rooms and resources

Create a conference room

Using the Exchange Management console, navigate to Recipient Configuration and select Mailbox so that you see the list of mailboxes

  1. Right click on Mailbox and choose New Mailbox
  2. If you are creating a conference room, choose "Room Mailbox".  If you are creating a resource such as a projector, choose "Equipment Mailbox" and click Next
  3. Leave the selection on "New User" and click Next
  4. Select the organizational unit checkbox and put the new mailbox user into the Company\Resources organizational unit
  5. First name should be descriptive like "Conference Room" or "Toshiba".  Last name should be the room number like "2N11" or the resource type of "Projector".  The display name should be modified for conference rooms to match the format of "Conference Room - 2N11".  The user login name for conference rooms should be "conference2N11" and resources should be like "toshibaprojector".  Click Next
  6. The alias should match the user login name and be left alone.  Click Next
  7. After the user and mailbox are created, find it in the Mailbox list and right click and choose Properties
  8. Click on the Resource General and make sure the "Enable the Resource Booking Attendant" is checked

The next step requires the Exchange Management shell.  Start one from a workstation or Exchange server and enter the following command

Set-CalendarProcessing -Identity "room1" -RemoveOldMeetingMessages $false

This will make sure the resource never deletes old appointments.  This is important for resources so that the person who checked out the resource last can be identified

DirectAccess - ISATAP Issues ISATAP Configuration

The other day I had an issue with DirectAccess 2012, in the Remote Access Dashboard under Operations Status I had a yellow check box under Network Adapters stating there was a problem with one or more of my adapters. Yes ambiguous I know. None the less the DirectAccess clients appeared connected, however lost the ability to route to internal resources.  I have had this issue before with a misconfiguration, or a NAT\DNS 64 issues, but all that seemed okay. What was even stranger is this server had been operating perfectly normal for months without incident, the only change if you could call it that, was we ran into multiple bugs in OnTap 7.x and the E1000 Bug in vSphere that caused a PSOD on multiple vmware hosts, including the one this resided on.  None the less, the machine migrated hosts, and restarted as it should of per the HA in vSphere. Turns out the issue revolved around there being no default route for our ipv6 prefix.  Granted we don't use ipv6 internally but in order for the NAT64 to correctly make that distinction your ipv6 Prefix, in our case that's the one that starts with fe80:: had to be assigned to a default interface. We noticed this by doing a:

netsh int ipv6 show route

This is where we noticed our isatap adapters for our 2002: (NAT64) didn't have a default Gateway or Interface name.  In our case we could see form the Route Table that interface 15 was our Local LAN isatap gateway.  We now needed to add the route for our 2002 Prefix with the isatap as the Interface name.

We accomplished this by the following NETSH Commands:

netsh interface ipv6 add route interface="" store=persistent

Immediately at this point we could PING out from the DA Server to the clients and the clients could route.  It wasn't till a few days later realised that our other "Manage Out" clients couldn't connect to the DA Clients in the field.  Turns out we forgot some of more important settings on the route add

NETSH INT IPV6 SET INT <INDEX_NUMBER> FORWARDING =EN ADVERTISE=EN ADVERTISEDEFAULTROUTE=ENNETSH STOP IPHLPSVCNETSH START IPHLPSVC

The fact that we forgot to allow forwarding, basically killed the ISATAP ROUTER being able to forward packets, and the two commands for ADVERTISING was not allowing our Manage out clients to get a proper ISATAP address internally. For instance we had the local link ipv6 addresses under isatap , however we did not have an ipv6 address.  Once we ran the commands on the DA Server, then on the client a release and renew all was well.[/fusion_text]

Enterprise Windows Lock Screen Customization

images.jpg

[fusion_text]Lately we have been attempting to reign in the personal customization of Corporate Resources, not because of being authoritative but to provide a unified presence. Initially we were just going to do the computers that are "Public", such as digital signage, conference rooms, but being that it had a great reception we decided to go all the way through all computers. In our case, we have some legacy XP machines and then a mixture of Windows 7\8. Each OS has it's own process, albeit similar

Windows XP:

Create WMI Filter for GPO:
  1. Open the Group Policy Editor and proceed to WMI Filters:
  2. Create a new Filter, I titled mine "Lockscreen - Windows XP"
    1. Namespace: rootCIMv2
    2. Query: select * from Win32_OperatingSystem where (Version like "5.1%") and ProductType="1"
Create the GPO:
  1. Create and Link a GPO to the OU Where the workstations reside.I called mine Lockscreen - Windows XP so that as you create them for the other OS's it's easy to know which is which.
  2. Go to: Computer Config \ Preferences \ Windows Settings \ Files
    1. Create a File Action with the following information
    2. Action: Replace
    3. Source: the Network or Accessible location for the original BMP File. ( *** Must be a BMP file for XP ***)
    4. Destination: Local location. I tend to put everything for the company in c:\COMPANY. In this case I also made the filename Lockscreen.bmp so that it is always overwritten as it's changed thus not filling up the HD.
    5. In order to apply the the LockScreen you need to add a registry setting.
      1. Action: Update
      2. Hive: HK_Users
      3. Key Path: .DEFAULT\Control Panel\Desktop
      4. Value Name: Wallpaper
      5. Value Type: REG_SZ
      6. Value Data: Path in step 2d for the local file

Windows 7:

Create WMI Filter for GPO:
  1. Open the Group Policy Editor and proceed to WMI Filters:
  2. Create a new Filter, I titled mine "Lockscreen - Windows 7"
    1. Namespace: rootCIMv2
    2. Query: select * from Win32_OperatingSystem where (Version like "6.1%") and ProductType="1"
Create the GPO:
  1. Create and Link a GPO to the OU Where the workstations reside.I called mine Lockscreen - Windows XP so that as you create them for the other OS's it's easy to know which is which.
  2. Go to: Computer Config \ Preferences \ Windows Settings \ Files
    1. Create a File Action with the following information
    2. Action: Replace
    3. Source: the Network or Accessible location for the original PNG or JPEG
    4. Destination:c:\windows\system32\oobe\Info\Backgrounds\backgroundDefault.jpg The path is critical here in Windows 7. It has to be the above location and the file name has to be as stated.
    5. Now we have to enable the "OEM Background" by creating a registry item under WIndows Settings.
      1. Action: Update
      2. Hive: HKEY_LOCAL_MACHINE
      3. Key Path: SOFTWARE\Microsoft\Windows\CurrentVersion
      4. Value Name: OEMBackground
      5. Value Type: REG_DWORD
      6. Value Data: 00000001
      7. Base: Hex

Windows 8:

Create the GPO:
  1. Create and Link a GPO to the OU Where the workstations reside.I called mine Lockscreen - Windows 8 so that as you create them for the other OS's it's easy to know which is which.
    1. Go to: Computer Config \ Preferences \ Windows Settings \ Files
    2. Create a File Action with the following information
    3. Action: Replace
    4. Source: the Network or Accessible location for the original PNG File.
    5. Destination: Local location. I tend to put everything for the company in c:\COMPANY. In this case I also made the filename Lockscreen.PNG so that it is always overwritten as it's changed thus not filling up the HD.
    6. Computer Config \ Policies \ Admin Templates \ Control Panel \ Personalization
      1. Configure "Force a specific default lock screen image" to Enabled with the path mentioned above
        1. Personally I also chose to enable "prevent Changing Lock Screen Image as well. This stops the end user from also switching it.
        2. Another optional setting I also chose to implement was changing the start menu background color. In our case we are trying to go for a "look" or image. By default it would be setup however the user had set it up. Thus your image could be a black background with white lettering. If they have an alternate monitor and the end user selected purple you would have your LOGO with a purple screen vice something that "flowed". In this case you can:
          1. Computer Config \ Policies \ Admin Templates \ Control Panel \ Personalization
          2. Select Force a specific background and accent color. You can use HEX codes to set a matching color.
          3. Secondly I sent to Force a specific Start Background. Either pick the same matching color, or chose 20 for transparent so it uses the desktop.

[/fusion_text]

Create CAS Array

imgres.jpg

Overview: You will configure access for MAPI clients (for example, Microsoft Outlook clients). Perform the following steps once for the Exchange domain.

  • The clients will access their mailboxes using RPC. They will connect to the FQDN of the RPC Client Access Array set on the mailbox database.
  • The FQDN resolves to a Virtual IP address on the Load Balancer. In turn, the Load Balancer connects with one of the Client Access servers for each connection request.  The load balancer must be configured to serve each of the CAS Servers.

To configure this do the following steps:

  1. On the DNS Server, add an A record to the DNS zone that associates the VIP address with the FQDN.  This is the address that will be used by the clients to connect to the Client Access server array.
  2. On one Exchange server in the array, open the Exchange Management Shell
  3. Using the Exchange Management Shell, enter the following command to verify that there are no existing CAS arrays:
    1. Get-ClientAccessArray
  4. Using the Exchange Management Shell, enter the following command to create a new CAS array where cas.fhpaschen.com is the FQDN of the Client Access server array, and Default-FirstSite-Name is the Active Directory site to which the Client Access server array belongs.
    1. New-ClientAccessArray -Fqdn <cas.example.com> -Site <sitename>
  5. Ping the FQDN (e.g. Cas.example.com). The ping should fail because the Service has not yet been created on Load Balancer, but make sure that the domain name resolves correctly to the VIP address.
  6. You need to run the following commands to set the CAS for each database.  At the time of installation the code is below, if new databases are created you would have to run that against those databases or adjust the code to include them.
    1. Set-MailboxDatabase -Identity "<Mailbox Name>" -RpcClientAccessServer cas.example.com