Santhosh's Articles

Exchange  |  ISA  |  Windows

Active Directory

User Migration and Merging Using ADMT

Pre-creating user account in the target domain is a common scenario these days due to single-sign-on solution, HR management procedure etc. This will make the user migrate procedure more challenging. During the migration you need to make sure these accounts are properly “merged” with correct SID information.

Active Directory Migration Using ADMT

Here is a graphical representation of the high level steps involved in an Active Directory migration using ADMT version 3.1. The following sections will explain the procedure of migrating the Groups, Users and Computers.

Computer Migration - Things to Consider

Here are a few points which you can consider while doing computer migration. These points are applicable to all migrations irrespective of the migration tool (ADMT, NetIQ, Quest etc). Here is a high level flow chart that describes the computer migration process:

User Migration and Merging Using Quest Migration Manager

Pre-creating user account in the target domain is a common scenario these days due to single-sign-on solution, HR management procedure etc. This will make the user migrate procedure more challenging. In this example, I will explain a procedure to migrate and merge user accounts using Quest Migration Manager (QMM). You can read the Part I (User Account Migration and Merging – Part I (ADMT)) of this document in the following link.

Get control of your severs using Startup/Shutdown Script

In many situations we need to reset the Local Administrator password and add Domain Admins to the Local Administrator group on a server or client machine without visiting each machine. If you don’t know the password and don’t have access to the severs, you can run this simple script as a Startup/Shutdown script in conjunction with Group Policy.

Microsoft Right Management Service (RMS)

Rights Management Service and Exchange 2003 (Part 3)
It is time to talk about custom templates since we have discussed built-in Do Not Forward templates in Part 2 of this document. In this part of the article, I will explain the procedure of creating and using custom templates. I will use the following scenario to better explain the use of a custom template.

Rights Management Service and Exchange 2003 (Part 2)
I hope you enjoyed Part 1 of my RMS document. Thanks to all who sent emails. As I explained in the previous part of the RMS document, my focus was to explain the RMS functionality from an Outlook 2003 client. I received a lot of questions regarding RMS and Exchange integration. RMS is not integrated with Exchange so you don’t need to have Exchange to use RMS. You can use RMS with any RMS aware application but RMS does require Active Directory.

Rights Management Service and Exchange 2003 (Part 1)
We would like to welcome Santhosh Sivarajan to our team of authors as he presents his first article to MSExchange.org readers. The purpose of this article is to explain the details of Rights Management Service (RMS) technology and how beneficial it is to your organization.

Email Security – Outlook Forms and Right Management Service
As we all know we can use Right Management Service to protect sensitive information and keep internal information internal. You can read one of my Rights Management Service (RMS) article on the following location

Microsoft ISA Server

Bypassing the Firewall Client using Locallat.txt File
As we all know, ISA Server 2004 is a firewall and its function is to block all unnecessary traffic. But sometimes it is also necessary to bypass the traffic without going through the ISA Server. The following section will explain the options available on ISA Server 2004 and on the client side to achieve this.

ISA Server 2004 is Ignoring my Web Publishing Rule

I heard the following comment from a few clients: "ISA Server is ignoring my server publishing rule and it is always using the default rule". This will happen especially if you are working on a complicated network where the ISA firewall and the application servers are on different subnets. Check out this article for an explanation why this happens and a solution.

Cannot Logon to the Domain or Contact Other Servers After the ISA Server Installation

I am sure we have all either encountered or heard of this "problem" one time or another if the ISA Server is part of the Active Directory Domain. Is it a problem? No, it is by design. To block all unnecessary traffic is the job of the firewall. I know Domain Controller traffic is not unnecessary unreachable traffic, but we have to "explain" to the ISA Server that DC traffic is reachable.

Simplifying Access Rules for ISA Firewall

We are all familiar with creating firewall access rule policies on ISA Server 2004. Let’s say we want to create a two way Firewall access rule. How do you do it? We can create two one way firewall rules from Source to Target and from Target to Source. If you’re like me, you are too lazy to create two firewall policies if we can find an easier method. Here is a simple trick to achieve this without creating two separate one way firewall policies. The trick is to select the same “Source” and “Destination” networks in the Firewall Access Rule. Here is an example:

SharePoint 2010

SharePoint 2010 Installation and Configuration – Part I

I started testing SharePoint 2010 in my lab. I took some screenshots and notes during the installation. I would like to share these findings in this article. The first part of this article explains the installation details and in the second part, I will include the configuration details.

Data Protection Manager (DPM)

Monitoing DPM 2007 Using SCOM 2007

You can centrally monitor Data Protection Manager (DPM) server, state of the data protection and protected servers using the Microsoft System Center Operations Manager (SCOM). The following high level steps are involved in properly configuring the monitoring for DPM server:

DPM 2007 To DPM 2010 Upgrade

I have started testing the DPM 2010 installation and DPM 2007 to DPM 2010 upgrade scenarios in my lab. I have success fully upgraded my DPM 2007 to DPM 2010. Here are my observations during the upgrade process:

Lab setup: SQL 2005 64 bit and DPM 2007 64 Bit running on a Windows 2008 64 bit Server

Exchange 2010

My First Peek into Microsoft Exchange 2010

Before I really dive into Exchange 2010, I thought I would install and play with it first. I took some screen shots and notes during the installation. I would like to share these findings in this article.

I am in a process of creating a "Things to Consider….." document for Exchange 2010. It will be added to my blog soon. Thanks again for all your feedbacks regarding my "Things to Consider when Installing Exchange 2007" article ( http://santhoshsivarajan.blogspot.com/2007/01/my-new-articles_12.html). It is really a good inspiration for me to come up with more articles like this.

Exchange 2007

Things to Consider when Installing Exchange 2007 - Part I

As we all know there is a lot of information out there about how to install and configure an Exchange 2007 server. But when considering an upgrade, I am sure we all have questions about how to upgrade an existing system to a new one and what are the supported or non-supported features in the new environment. I think it is very important to get a thorough understanding of the new system and application before even thinking about an upgrade. In this article my goal is to go through the Exchange 2007 “transition” path and supported configuration in terms of Active Directory and Exchange.

Things to Consider when Installing Exchange 2007 - Part II

When considering an Exchange upgrade, the first question that normally comes to mind is an in-place upgrade versus a parallel migration. Since Microsoft only supports the 64 bit Exchange 2007 version in production, you may ask “what I am going to do with our existing Exchange 2000 or Exchange 2003 servers?” The answer is there is no direct upgrade (in-place) from Exchange 2000 or Exchange 2003 to Exchange 2007. You must install Exchange 2007 on a new server and join it with your existing Exchange organization.

Microsoft Active Directory Connector (ADC)

ADC Before or After the User Migration

Do you install and configure Active Directory Connector (ADC) before or after the user migration? Good question, right? Yes, I know we have all heard or at least thought about this question during an Active Directory or Exchange migration. The answer to this “complicated” question is either you can install and configure ADC and Connection Agreements (CAs) before or after the user migration. I remember having this conversation with a few migration specialist but some believe you have to configure ADC before the user migration and some believe you can only do it after the user migration. Here are my explanations for both scenarios.

MOM 2005

Custom Provider Creation in MOM

Sometimes we need to use custom providers to create MOM Rules. Here is an example of creating a custom provider to return free hard drive space information from drive H.


Home     |       Profile       |     Publications         Blog      Scripts  | Contact Me