Was caused when recyclying the enterprise server. Encrypted session get got a
lenght of 24 which resulted into a loop and finally a 500 error.
When encrypted sessionid does not match, session is logged off and redirected to
default page and encrypted session key restored.
User general settings added to the mailbox details tab
FirstName, Lastname added to the create user and mailbox forms
DisplayName is generated and editable based on provided first and last name
Issue fixed with mailbox details to show "[None]" if user has no plan assigned
Option added to the hosting plan to enable or disable the maintenance of
mailboxplans by tenants.
content on a remote (highly available) filesystem and enabled the scenario
of webfarm with a shared IIS configuration as well.
The netbios domain name will need to be set in the configuration of the provider.
and off course "Create Active Directory accounts" checked as well
mailboxes that have no mailbox plan assigned yet.
The following SQL statement will 'upgrade' the user data to work with the new
exchange 2010 SP2 provider. Ensure you replace the variables with values that
matches your environment.
DECLARE @NetBIOSDomain nvarchar(20)
DECLARE @ExchangeOrgRoot nvarchar(256)
SET @NetBIOSDomain = 'MYDOMAIN'
SET @ExchangeOrgRoot = 'CN=First Organization,CN=Microsoft Exchange,CN=Services,
CN=Configuration,DC=mydomain,DC=local'
UPDATE ExchangeAccounts SET SamAccountName = @NetBIOSDomain+'\'+AccountName
WHERE AccountID IN (SELECT AccountID FROM ExchangeAccounts
WHERE AccountType IN (3,7) AND SamAccountName = '')
INSERT INTO ServiceItemProperties (ItemID, PropertyName, PropertyValue)
(SELECT SP.ItemID, 'AddressBookPolicy',
PV = 'CN='+SP.PropertyValue+' Address Policy,CN=AddressBook Mailbox Policies,'
+ @ExchangeOrgRoot
FROM ServiceItemProperties AS SP
WHERE (PropertyName = 'OrganizationID') AND (ItemID IN
(SELECT ItemID
FROM ServiceItemProperties AS ServiceItemProperties_1
WHERE (PropertyName = 'GlobalAddressList') AND (PropertyValue <> ''))))
UPDATE SP SET PropertyValue='CN='+SP2.PropertyValue+' Rooms,CN=All Address Lists
,CN=Address Lists Container,'+@ExchangeOrgRoot
FROM ServiceItemProperties AS SP
JOIN ServiceItemProperties AS SP2 ON SP.ItemID = SP2.ItemID
AND SP.PropertyName='RoomsAddressList'
WHERE (SP2.PropertyName = 'OrganizationID') AND (SP2.ItemID IN
(SELECT ItemID
FROM ServiceItemProperties AS ServiceItemProperties_1
WHERE (PropertyName = 'GlobalAddressList') AND (PropertyValue <> '')))
Add the element ExcludedRolesToLogin tp the SiteSettings.config and specify
comma separate which roles are not allowed to login to the panel. e.g.:
<ExcludedRolesToLogin>Administrator,Reseller</ExcludedRolesToLogin>
By doing this you can eliminate the attack surface by publishing the portal
twice. One for the organization administrators and an internal one for the
adminsitrators and reseller admins
Available roles now in the platform: Administrator, Reseller, User, PlatformCSR,
PlatformHelpdesk, ResellerCSR, ResellerHelpdesk.
The platform CSR and Helpdesk are peer accounts on platform root level.
The names can be used within the websitepanel_pages.config on Page and Module
level. On module level the roles can be specified on the viewRoles attribute and
readOnlyRoles attribute. When specifying the later all controls will be disabled
within the Modile, the viewRoles just show the page or not. When nothing
specified the page is just shown
A) to route platform internal traffic of the
platform
B) To ensure internal OOF are not delivered to other platform tenants
The WSP Exchange SP2 Transport Agent is responsible for the following:
A) Determine that an email is being sent between tenants on the same system,
and re-routes the mail to deliver to a smart host elsewhere in the network, for
subsequent routing back to Exchange.
B) Since Exchange Server 2007, a user has been able to set both an internal and
an external OOF, and have Exchange deliver the OOF based on the sender being
inside or outside the same Exchange Organization. In a multi-tenant
configuration of Exchange such as that described in this document, all users
in all tenants are considered internal to each other, and so the Internal OOF
is sent between them if emails are exchange and OOF is set on a mailbox.
The transport agent will prohibit to exchange internal OOF between different tenants
The transport agent will override the recipient destination for inter tenant
email exchange to an alternative domain. The platform will have a send
connector defined pointing assigned to the alternative domain name space and
pointing to the next hop, a smart hosts (This can be a Windows SMTP Service).
The smarthost will have a smarthost defined as well that will route back
the message to the platform.
Perform the following steps:
A) Copy the files WSPTransportAgent.dll and WSPTransportAgent.dll.config
to “C:\Program Files\Microsoft\Exchange Server\V14\Public”
B) Import the WSPTransportAgent.reg to create the event source
C) Use the registry editor and provide the” NETWORK SERVICE” Full Control
on the following Key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\WSPTransportAgent
D Run the following powershell command in the exchange management shell:
Install-TransportAgent “WSPTransportAgent” –TransportAgentFactory
WSPTransportAgent.MEACPRoutingAgentFactory
–AssemblyPath
“C:\Program Files\Microsoft\Exchange Server\V14\Public\WSPTransportAgent.dll”
D) Enable-TransportAgent “WSPTransportAgent”
E) Restart the Microsoft Exchange Transport Service
The configuration file contains the following configurable items:
Key Value
A) routingDomain This is the alternative domain that will be added to
the recipient domain name. This should be aligned with the namespace for the
send connector. A sample value could be “.tmp”. The send connector will in
that case serve the *.tmp namespace
logFile Full qualified path to log file that will be used when verbose logging
is enabled (e.g. c:\temp\WSP.log)
enableVerboseLogging Possible values: true or false. Enables or disables
verbose logging. This should be disabled by default
blockInternalInterTenantOOF Possible values: true or false.
Enabled the internal auto reply between tenants. Auto replies within the
tenant or with external tenants (not hosted on the platform) will receive the
internal or external auto reply message.
See http://www.microsoft.com/en-us/download/details.aspx?id=28192
Exchange 2010 SP2 provisioning separated through a new provider
Exchange 2010 SP2 now compliant with product group guidelines
Support for Database Availability Group
Fixed Distribution List view scope to only tenant
Consumer support (individual mailboxes as hotmail) added
Mailbox configuration moved to mailbox plans concept
CN creation is now based on UPN
sAMAccountName generation revised and decoupled from tenant name
2007 (ACL Based), 2010 (ACL Bases), 2010 SP2 (ABP) supported
Automated Hosted Organization provisioning added to create hosting space
Enterprise Server webservice extended with ImportMethod
Mobile tab fixed
Added more information to users listview
A) Powershell support added within the provider
B) Now returns the actual deployed language packs
C) The PeoplePicker points to the organization OU and shows only the users from
the tentant organization. A requirement when used with Exchange 2010 SP2
Addressbook Policies
D) Shared SSL root added to use wild card certificates as part of hosting plan.
When enabled the host name is generated.
E) Search fix: Provisioning of localhost file where the server component is
active. This system expected to be the search server. Within the local hostfile
the sites are listed with their local ip address so the search server can resolve
the site and crawl through their data.
This component needs to be compiled with .NET 2.0 together with Provers.Base,
OS.Windows2003, OS.Windows2008, Server.Utils, and Server components.
Out standing is to update the build and deployment package for a dedicated
deployment packaged so this component is using .NET 2.0, all other should be
using .NET 4.0. This will eliminate the configuration circus that was required
to get the .NET 4.0 version of this component working previously.
All authentication related cookies tagged as httpOnly
web.config: enabledVersionHeader=false
autocomplete disabled
Login url injection redirection fixed
session hijacking implemented
Dont forget to apply ssl to your website with https and to set the requireSSL="false" to true
Upgraded: Database scripts install_db.sql and upload_db.sql in order to support MSSQL2012
Upgraded: Installer to allow setup WebsitePanel with MSSQL2012
Added: MsSqlServer2012.cs
