Recently Sprint started offering Palm Pre device, touting a revolutionary new WebOS and integration with social networking. Initially, this device was described by it’s funding partners as an iPhone Killer and has certainly attracted it’s fair amount of attention for it’s very cool feature set. But how about using it in business, with Exchange?

The Setup

Click here for Sprint Interactive Setup Guides. Sprint also offers a very handy interactive setup for Exchange, just click on each step and it will highlight the part to click on. (Exchange Setup). For ExchangeDefender purposes:

1. Tap the Email icon on the Quick Launch.

2. Note: If you have already set up an email account and want to add another one, tap the Email applications menu > Preferences & Accounts > Scroll Down > Add an Account, before following these instructions.

Enter in the your Microsoft Exchange email. For this example, press J to prompt one to fill in.

3. Tap the Password field and type in the corresponding password. Here, press 0 to prompt one to fill in.

4. Tap Sign In.

5. Tap the MAIL TYPE field then tap Exchange (EAS).

6. Verify the information in the other fields and change the info as needed based on the information you obtained from your email provider or system administrator. Server names are either donald or daisy or scrooge or huey or duey or … In support.ownwebnow.com click on Service Manager > Exchange Hosting and click on the Info tag for any of the accounts you require information for. You will need the full server name as well as the domain name (which is the OWN NT domain name, not your fully qualified domain name like yourcompany.com)

7. Once the information is complete, tap Sign In.

8. Once setup is complete, you can exit the application by first pressing the Center button.

9. Click the animated arrow to simulate throwing the card off the top of the screen, to close the application.

The Security Gotcha

There are several factors you need to consider when deploying Palm Pre in business with Exchange. Namely, the Exchange Remote Device Wipe feature is not present at the moment so you will not be able to wipe the device from your Exchange Outlook Web Access. There is an alternative however, Palm Pre supports SMS wipe:

“Enhance security by remotely erasing data from your device if it gets lost or stolen without the need for IT support regardless of what email system you are using.”

Disclaimer: “Remote erase deletes all data from your phone including files stored using USB drive mode. Remote erase command sent via SMS and must be received by activated phone within 24 hours. Wireless coverage area only. Requires data services at additional cost.”

The SMS message must be received by the device within 24 hours in order to wipe the device. If someone steals your device, powers it down for at least 24 hours, you will not be able to remotely wipe it.

This restriction may cause you to consider storing sensitive data on your device and is a good cause for establishing other security policies like a complex device password, keeping a limited amount of data on the phone, etc.

Other Exchange Security Considerations and Exchange requirements

Palm Pre does not support ActiveSync Security policies, so if you have a firmly defined security policy in Exchange before allowing ActiveSync (such as PIN requirements) you will have to set those manually on the device before attempting the first sync. From Palm:

“Palm understands that some business customers need support for specific Exchange ActiveSync (EAS) policies. We are working to develop support for EAS PIN and password enforcement, as well as EAS remote wipe, for webOS and hope to announce these new features within the next 60 days. We will deliver the features through our over-the-air update system, which Palm has already started using to bring new updates to Pre users as they become available. Until then, Palm Pre customers can enable a PIN or password directly on a device, and can also remotely wipe a device via a Palm profile. Palm profiles can be managed by Pre users at palmws.com.”

As of firmware 1.0.3, Palm Pre can connect to an Exchange server without using SSL. This is an optional upgrade so if your server does not have SSL support installed you will have to either install a certificate or upgrade to this firmware:

Note: None of the ExchangeDefender servers allow plain text / non-SSL connections. All connections require encryption.

Special gotcha for SBS 2003 users and the SSL Certificate issue: If you use the self-signed certificate automatically generated by CEICW, Palm Pre will attempt to connect to the CN for the .internal host, not the public domain name.

Furthermore, advanced EAS functionality started with Exchange 2003 SP2 so to get the most out of your device you will need to upgrade. The build number for Exchange 2003 SP2 is 7638.2

Conclusion

While Palm Pre supports Exchange to an extent, it is primarily designed as a consumer device and currently does not support the basic security policies required for safe business use. While HTML email, push mail and Exchange sync will work, make sure you consider the security tradeoffs.

Needless to say, the consumer appeal of webOS and Palm Pre will make Palm Pre show up in corporate world just as the iPhone did. Start preparing your network and educating your users now.

At one point last year the DSBL blacklist, quite popular in it’s hayday, lost it’s entire database in a RAID system crash. The name servers kept on answering requests in the meantime. Yesterday, this activity stopped.

This means that if you still use the DSBL, you might be delaying or bouncing your inbound mail. Check your servers and make sure the DSBL is not listed. In short, everything with *.dsbl.org must go.

Note: We have not / do not use DSBL in ExchangeDefender so if you are with us, you were not affected.

Sorry for the last minute notice, I tried to surprise my wife by coming back home a week early and she reads the blog.

I’m going to miss all’y'all a ton. I had every plan to be there and even Sir Richard Bronson didn’t give me my money back (although Alaskan gave me like 90% of the ticket back).

I’ve been on the road pimping and basically traveling like a forty year old junkie. I took to the road with antibiotics and cough syrup laced with narcotics. I like to call that the good old times. Then I got the stomach bug. Bright side: lost 5lb. Downside: when everything you eat makes you instantly religious and you can’t even stand up because you don’t know in which direction you’re about to fall… not really good times. And I don’t trust you fers not to wake up in a ditch

So I’m missing out on the Microsoft fun and really one of a kind of an event in the MVP Summit. Have a great time folks!

If you’re unfortunate enough to have chosen a Mac for a business computer you are no longer bound to the crippled enterprise mail experience. Microsoft’s Macintosh Business Unit has a new beta available which let’s your Entourage talk to Microsoft Exchange 2007 SP1 UR4 via Web Services.

This means you now get sync for tasks, notes, categories, autodiscovery. Bye-bye WebDav, hello rich integration.

It’s beta, so you have to ask for it politely. Good luck!

P.S. All our Exchange 2007 servers are on UR4 so you’re welcome to use it with our ExchangeDefender Exchange 2007 infrastructure. However, unless you work with me over IM frequently you are on your own because our official stance on beta software is that it’s someone elses problem, not within our ability to test/troubleshoot/assist.

There is no such thing as a publicly available Exchange 2007 SP2, just a reporter poorly paraphrasing press releases. And Exchange has supported Direct Push since Exchange 2003 SP2 which is available as a free update for both SBS 2003 and SBS 2003 R2 so the headline is misleading as well.

Yet, press and ad sponsored web sites are wondering why their jobs are disappearing..

Own Web Now legal strongly recommended that I do not publish this blog post on our corporate blog to answer a question from Diana, Amy Babinchak’s techie. Personally I don’t see what’s wrong with it, if you see a problem with it please let me know.

Put on the thick gloves, this one is going to get dirty. I would like to preface with the fact that most Mac users are dirty unemployed losers, so the odds that a Mac user would see this article, or even be capable of reading, are slim to none.

Exchange 2007 Outlook Web Access includes the ability for users to access Public Folders in the rich version of Outlook Web Access. This feature is only available to the Microsoft Internet Explorer users 6.0 and better, you know.. business computers.

So what if you have a Mac? Well… You go browse myspace, upload a photo of your nipple ring to Facebook, maybe record yourself on your camera and share with your other middle school friends and after you’re done with that and grow up you get a real business computer one day? Cause you’re not getting Public Folders through OWA without paying for Entourage.

First, download a real web browser. Don’t worry, Disney’s Toontown Online will still work on your Mac, but the latest versions of Firefox will let you actually use your Mac for something useful. In the address bar type:

about:config

You will be given a nastygram about how doing this will void your warranty. Yeah. For the free software that comes with no guarantees or warantees of any kind. Do the math. My bad, I forgot that you paid twice as much as you should have for a computer.

Create a new string, called general.useragent.override. You will want to right click

If your brain didn’t explode looking for the right button on your retard mouse/touchpad, just hold Ctrl down when you click. De-de-de.

Set the value to: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)

That’s all there is to it. You still have a Mac so you’re still required to ride the short bus to school But you now have Public Folders.

Now you have more than just a shiny toy.

My name is Vlad, and I’m a PC.

* Believe me, this is the clean version.

To the scene of the slaughter, which is precisely what we’re about to do our competitors in antispam and message management space. So come by tomorrow for the first announcement and general availability of the 4.0 feature set.

This is pretty big. How big? Microsoft and OWN teamed up on it and the offering crushes even what Microsoft has or will likely ever have. Yes, that Microsoft. It also takes OWN and it’s partners a mile ahead of the S+S game and instantly makes everyone, I said EVERYONE, an enterprise messaging user with the kind of scale and ___ you won’t get even in an executive role at Fortune 500.

Oh, and it won’t cost you anything more than what you’re already paying, that is if you listened to me. See ya at da bloodbath.

Back in Exchange 2003 times the most frequent complaint users had with Exchange was the 32kb quota on e-mail rules. Even casual users would hit this limit as they tried to organize their Inbox and Microsoft listened to the feedback. So with Exchange 2007 the rule size doubled to 64kb, still far short of some demands. Exchange 2007 supports 256kb rules, but how do you enable that?

Click here to find out…

P.S. Yup, back to writing technical articles again. With the Exchange 2007 about to land into the laps of SMB folks in a few months it’s time to start talking about this two year product again

Microsoft has released two important updates to the messaging infrastructure this week. Exchange 2007 SP1 (which you should be running) now goes to Update Rollup 3 fixing the issues of it taking foreeeeever to open the Exchange System Manager MMC console to launch. Outlook 2007 also gets a refresh aleviating the issues where hung dialog boxes and forms would stop Outlook from responding and eventually required a three finger salute to take out and then wait for the ost to be checked and rebuilt.

These have been significant problems for us and our clients so if you’ve experienced them get to patching. We have tested the Exchange update rollup significantly and its currently running on the OWN enterprise grid around the world and so far 0 trouble tickets raise. Outlook I wouldn’t know about, I’m OWA2007 all the way - the desktop be damned.

Note: If you are new to Microsoft Exchange 2007 be careful with the patches. Microsoft Exchange 2007 currently has two production branches with two production patch updates. If you are running the Exchange 2007 without Service Pack 1 you have one update rollup to install, if you have the version with Service Pack 1 there is another update rollup to apply.

So Howard emails me yesterday about a problem he’s been trying to figure out. His Outlook Web Access 2007 on the Exchange 2007 installation suddenly stopped working. Nothing changed

There are many reasons why Outlook Web Access 2007 will give you the “Service Unavailable” error message, mostly because the mail/public databases are not running, something you will be able to quickly determine from the Event Viewer. However, this one was slightly different. This event viewer generated the following error message, with event code 2268:

Event ID: 2268
Raw Event ID : 2268
Record Nr. : 3746
Source: W3SVC-WP
Category: None
Type : Error
Machine : ACISERVER2
Description:
Could not load all ISAPI filters for site/service. Therefore startup aborted.

Event ID: 2274
Raw Event ID : 2274
Record Nr. : 3745
Source: W3SVC-WP
Category: None
Type : Error
Machine : ACISERVER2
Description:
ISAPI Filter ‘C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll’ could not be loaded due to a configuration problem. The current configuration only supports loading images built for a AMD64 processor architecture. The data field contains the error number. To learn more about this issue, including how to troubleshooting this kind of processor architecture mismatch error, see http://go.microsoft.com/fwlink/?LinkId=29349.

Confirm it, restart IIS and you will see the following error:

Basically, you (or the software you were installing) switched your IIS site where OWA is installed into either a 32bit mode or ASP.NET 1.1. Since Exchange 2007 Outlook Web Access 2007 only runs on ASP.NET 2.0 in 64bit mode, you need to fix it back.

First, disable the 32bit mode for your web site. By default OWA goes into the Default Web Site context (0) so the following will take care of that:

cscript C:\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0

Second, register ASP.NET 2.0 as the default framework for that web site:

C:\Windows\Microsoft.NET\Framework64\v2.0.50727>
aspnet_regiis.exe -i
Start installing ASP.NET (2.0.50727).
……………………………….
Finished installing ASP.NET (2.0.50727)

Restart IIS and you should be all set.

Remember, you have to be careful with third party software deployments and IIS on the 64bit platform. Before you do your rollouts create the web site for it, put it in its own worker group. If you allow it to do its own deployment it will usually go into the Default Web Site, DefaultAppPool and you’ll be reading this blog post again. Also remember that just because the software says it’s 64bit it doesn’t mean all the components of it (like web control panels) are 64bit as well.

In this case, it was Symantec AV that did it.

Also, I write technical articles on weekends so that Damian Leibaschoff can score a few hours of overtime. Time to give brother a raise…