Exchange Server 2010 SP1 Beta Hosting Deployment… Part #5 – Exchange Control Panel (ECP) in Hosting Deployment…


When you are doing the Exchange 2010 SP1 Hosting Deployment, one of the sections teaches you how to create a registry key in all the CAS server to fully disable Exchange Control Panel as in the following picture,

So, it said IF your hosting organization is going to provide an interface for tenant admins to control their tenant organization, you will need to disable ECP. They key word here is 'IF'. What it means is that you can use it if you don't intend to provide a custom interface for tenant admins to manage their tenant organization and I have to say, it is more than sufficient to do the job. Of course, there are a few things to be aware of too if you choose to allow this.

So, how do get into it. First thing, of course, you do not put this registry key in, in other word, skip the above step. And once everything has been setup, browse to your CAS and put a ecp at the end. Like the following,

https://CAS URL/ecp

In my case, mail.consolidatedmessenger.com will point to my CAS server, so, my URL will be https://mail.consolidatedmessenger.com/ecp

And like OWA, you will be prompted for login. Login with aTenant Administrator, in my case, I am trying to get into AlpineSkiHouse and manage that, so, I am using AlpineSkiHouse Administrator which is administrator@alpineskihouse.com

You will then be presented with a beautiful Exchange Control Panel like the following,

In this control panel, you can do quite a fair bit of things. Here is a quick list (by no mean the full list),

  • It allows you to create, delete and manage mailboxes (including changing password and their attributes like phones and etc.)
  • It allows you to create, delete and manage contacts
  • It allows you to create, delete and manage groups and membership
  • It also allows you to manage Administrator roles and user roles.
  • It allows you to generate audit reports such as "Run a non-owner mailbox access report"... which is searches for mailboxes that have been accessed or changed by someone other than the owner.

  •  Not enough? It allows you to create Rules for your Organization only, such as totally reject mail from certain domain.
  • It allows you configure journaling rule.
  • It allows you to search mailboxes in your organization for email and messages with specific keywords
  • It allows you to look at Delivery Reports to find out if a message been sent out or not.

 

 

 

 

 

 

 

 

 

 

  • It also allows you to manage ActiveSync policy, quarantine devices and etc.

 

Folks, these are really neat stuff and all these are available out of the box, believe it or not. In other word, in order for your to provide Exchange Hosting, and if you don't want a customized control panel for your tenant organization admins, you really don't need to do a great deal other than having a page to allow them to sign up (I will provide a very simple sign up page for you guys when I have some time, it is really simple to do). In my opinion, I think this is really neat because this is what Outlook.com is using, firstly and secondly, it is part of Exchange and hence you can get support directly from Microsoft.

Of course, there are a few things that you need to be aware of. It may not give you the kind of control that you want and I am currently not aware that Microsoft is opening this up for any customization. So, you may not be able to put your customized policy or the type of package you design. It also does not integrate with your other stuff for example your billing and customer database. Also, if you offer multiple hosting services like OCS, SharePoint, you may want to maintain a good user experience by offering a centralized control panel instead of this one.

However, consider the benefits of using the above ECP, I am sure you folks can think of some clever ways to work around that such as having a script to run nightly to find out if any new user have been created, deleted or modified and hence bill the customer accordingly and etc. So, do explore it, work out the pros and cons as you are planning for your Exchange 2010 SP1 Hosting Deployment and Migration.

 

Previous Articles

Exchange Server 2010 SP1 Beta Hosting Deployment... Part #1 - The First Look
http://blogs.technet.com/b/provtest/archive/2010/06/25/exchange-server-2010-sp1-beta-hosting-deployment-the-first-look-part-1.aspx

Exchange Server 2010 SP1 Beta Hosting Deployment... Part #2 - Creating New Organization
http://blogs.technet.com/b/provtest/archive/2010/07/08/exchange-server-2010-sp1-beta-hosting-deployment-the-first-look-part-2.aspx

Exchange Server 2010 SP1 Beta Hosting Deployment... Part #3 - Creating New Mailbox
http://blogs.technet.com/b/provtest/archive/2010/07/14/exchange-server-2010-sp1-beta-hosting-deployment-part-3-creating-new-mailbox.aspx

Exchange Server 2010 SP1 Beta Hosting Deployment... Part #4 - Wait wait... are you saying mail contact actually works now? No way!
http://blogs.technet.com/b/provtest/archive/2010/07/16/exchange-server-2010-sp1-beta-hosting-deployment-part-4-wait-wait-are-you-saying-mail-contact-actually-works-now-no-way.aspx

Continue Reading

Exchange Server 2010 SP1 Beta Hosting Deployment

http://blogs.technet.com/b/provtest/archive/tags/hosted+exchange+server+2007/

Comments (9)
  1. Anonymous says:

    @ Pinemail Admin. I am glad the posts have been useful to you. Thanks you for giving me your feedback. I appreciate it a lot.  Autodiscover redirection , ah yes, the concept hasn't change much from HMC. I do have the intention to write about this, probably in the next few posts, probably after I have written Transport and Address List segregation.

    Kip

  2. Anonymous says:

    @ Vinay Reddy, yes, that's expected in this Exchange 2010 SP1 beta because the transport tries to deliver the stuff in the scope of the organization. Whether this behaviour will change or not when it releases, I am not sure. However, I do see reason why we want to do that. I am surprised that no one has asked this until now, honestly. This is a topic I intend to write about next.

    Anyway, very quickly here. When you deliver a mail, do a Get-Queue, you will realize that the hub transport will attempt to deliver the email out to the internet via DNS. The transport is only looking at the accepted domains of that tenant organization. If it can find it, then it will deliver it, if not, it will attempt to deliver out, assuming if you have configured the send connector and everything.  If you define the MX record, it will attempt to deliver back to itself and that fail because of message loop. A quick workaround is to have it deliver out to another box and then deliver it back in or design your environment to  dedicated for inbound and outbound servers. I will write about this, next. So, hang on there.  

  3. Anonymous says:

    Hello Kip,

    I have deployed the Exchange Sp1 as mentioned in your Post, I have observed that the internal hosted Organizations are unable to send an Email to another Organization.

    Let me explain you lets consider I have 2 hosted Organizations "Org1" & "Org2". The mail flow is fine within "Org1" and within "Org2" and external Domains. But if I try to send an email from "Org1" mailbox to "Org2" mailbox. I get a failure delivery…

    Could you please let us know what is that, required or am I missing something here.

    Thanks a lot.

    Vinay Reddy.K

  4. Anonymous says:

    Hi Joao,

    Those are good questions and those are the areas I intend to address as I am blogging this. Just haven't gotten to those parts yet. I wish I have more time to blog about a number of these questions.

    1. The concept changes from HMC. In the days of HMC, we have Resellers which sit at an OU higher than the tenants. This isn't the case in Exchange 2010 SP1 beta. If you think about it, what's the real reason of having the reseller in an OU higher? Primarily because of some permission but in Exchange 2010, RBAC is being used instead and that changes. I will discuss this in detail in my near future blog and how one can have reseller.

    2 & 3. There hasn't been any official on multi-server at the moment. So, if you are looking for something official, I think we will need to wait. However, in my opinion, there is no reason why it isn't possible.  If you look back HMC, the integration with AD and MPS for OCS and SharePoint and CRM really are quite basic. So, the integration isn't a big of a deal.

    Of course, what's the official guidance, that we will need to wait till our product team comes up with something. As I am writing this blog, I will also share with you all what I have in my mind and how I would do the migration from HMC to this new solution.

    My intention is to first explore some of the features in the product and then will move on to some more advance topics, integration, possible hosting scenarios, migration scenarios and challenges and etc.

    Now, let me also do one final disclaimer here. What's in this blog cannot be considered as official response or guidance from Microsoft. It purely represents my personal opinion.

    Thanks.

    Kip

  5. Pinemail Admin says:

    Hello Kip

    This series of posts are really good. It really helps. Appreciate your efforts.

    Would be great if you could write the Autodiscover redirection part when we create multiple tenant organization.

    Thanks very much.

  6. Joao Carmona says:

    Hi Kip,

    I have been reading your posts regarding Exchange 2010 SP1 and i have some doubts.:

    1 – In HMC, we have resellers and customers, but now in Exchange 2010 I don't see any reference to Resellers. Is this right? Or I'm missing something?

    2- With this new Active Directory Organization ( named Microsoft Exchange Hosted Organizations) , it's still possible to inter operate with others Microsoft Products, (OCS, WSS, CRM), like HMC does?

    3- Does all the Wave 14 Products could co-exist easily, on a Hosting (multi tenancy) environment?

  7. prasad says:

    Anyway, very quickly here. When you deliver a mail, do a Get-Queue, you will realize that the hub transport will attempt to deliver the email out to the internet via DNS. The transport is only looking at the accepted domains of that tenant organization. If it can find it, then it will deliver it, if not, it will attempt to deliver out, assuming if you have configured the send connector and everything.  If you define the MX record, it will attempt to deliver back to itself and that fail because of message loop. A quick workaround is to have it deliver out to another box and then deliver it back in or design your environment to  dedicated for inbound and outbound servers. I will write about this, next. So, hang on there.   (Any update for the post as said here)

  8. Steve P says:

    Great post and excellent screenshots. I was looking for the specifications and my service provider of Hosted Exchange 2010 (http://www.egocentrix.com/…/hosted-exchange-2010.html) has smartly done implementation and  I am happy I could still control my hosted exchange mailboxes.

Comments are closed.

Skip to main content