How do Exchange on premises and the various Outlook clients line up against Domino on premises and its clients? In this session we'll look at the configuration options and management interfaces for each server as well as the client options and client behaviours. We'll also discuss the general ecosystems, considerations for migrating or co-existing and lessons learned. A great session for Domino admins who want to know more about the other side.
Presented at Engage.ug in Brussels May 2019
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Face Off Domino vs Exchange On Premises
1. Gabriella Davis - IBM Lifetime Champion
Technical Director - The Turtle Partnership
Brussels May 14th 2019
FACE/OFF DOMINO VS EXCHANGE ON PREMISES
2. • Admin of all things and especially quite
complicated things where the fun is
• Working with the design, deployment and security
of IBM technologies within global infrastructures
• working with the real world security and privacy
aspects of expanding data ecosystems
• Stubborn and relentless problem solver
• http://turtleblog.info
• https://www.turtlepartnership.com
• IBM Lifetime Champion
3. WHY THIS PRESENTATION?
• As a Domino admin managing on premises Domino you may not know much about the
Exchange environment
• Much of my work is spent on integrating Domino and Exchange environments
• Many of us have to support Outlook to some degree
• Let’s review how Exchange on premises works and differs from Domino
• The goal is to provide you with a whistle stop tour of an Exchange environment
• and to show you how we work with Exchange 2019 on premises
• which is essentially unchanged since Exchange 2010, 2013, 2016 etc
4. We can all agree that Domino is a better solution for on premises
mail so that isn’t the goal of this presentation
I am going to talk about Exchange and Domino and hopefully
help you understand how to work with Exchange
6. OPERATING SYSTEMS
Exchange 2019
• Will not install on any but Windows 2019
Domino v10
• AIX 7.2
• RHEL 7
• SLES 12
• Windows 2012 R2
• Windows 2016
• IBM i 7.2/7.3
7. PRE-REQUISITES
Exchange 2019
• Active Directory Domain Controller
• Forest must be upgraded to 2003
or later
• Internal DNS server
• IIS
• The required individual
dependencies and features are
many
Domino v10
• None
8.
9. WORKING TOGETHER
• Exchange architecture assigns behaviour to each dependent feature or application
• IIS handles the web front end for services such as the Administration Center and Outlook
Web Access
• It’s a regular IIS server so technically can be used for other websites and services
• Active Directory handles all the user accounts, computer accounts and authentication
• Internal DNS handles client server and server to server communications
• Countless other seemingly unrelated dependencies
• for example kerberos key distribution center service which needs to run on every directory
server or outbound mail may stop delivering
11. EXCHANGE ADMINISTRATION
• The Exchange Admin Center is the graphical interface for managing your server through a
browser using https:/hostname/ecp (not “eac” which you might expect)
• There is no “console” to see second by second behaviour
• There is no single log to show you activity
• Let’s look at the Exchange Administration Center
12. EXCHANGE MANAGEMENT TOOLS
• Most changes can be made via the Administration Center however I have found the Exchange
Management Tool commands are more immediate
• these are Exchange specific powershell commands
• https://docs.microsoft.com/en-us/powershell/module/exchange/?view=exchange-ps
• documentation refers to both EAC and EMT configuration instructions
• both EAC and EMT can be run remotely to the server
• EAC can run through https on most browsers
• EMT (Exchange Management Tools) can also be installed on a client running Windows 10
14. ADMINISTRATION
• Exchange admin commands are often not immediate and require a restart of the impacted
service before they will take effect
• Making mass changes to multiple mailboxes usually requires using the command line and
referencing an OU or group to act on so if you want to apply a setting to 5 random users it is
usually quicker to apply the setting 5x individually
• Having the ability to use a command line instead of a graphical interface is useful but much
more complicated and so easier to make a mistake
• There is little on screen feedback once a command is submitted
• The Domino Admin client is more granular and less technical than the command line
• The ECA through a browser provides 90% of the day to day functionality but it’s really
designed for single mailbox or server wide actions
15. LOGS
• Logs are text files stored on the file system
• The server log locations are defined in the server configuration in the EAC
16.
17. MESSAGE TRACKING
• If Message Tracking is enabled messages can be tracked from within the EAC
20. STORAGE
• The Exchange server stores all its data in a Exchange database file that sits on the Exchange
servers
• There are usually multiple mail database files for an organisation but each contain multiple
mailboxes
• You can’t open and look at a single user mailbox they way you can see and change a single
user mail database in Domino
• To access an Exchange user mailbox you need to use an Outlook client and will need an
account with delegation rights, you can then open the mailbox via that client
• Moving mailbox from Server A to Server B is simple if the servers are in the same Active
Directory Forest, otherwise it’s not because the servers use AD trust relationships to find and
communicate with each other
21. SERVER RULES
• Exchange server rules are extensive and extremely granular allowing settings to be applied to
users, OUs and management teams
• moderation, content review, custom disclaimers, auto bcc, redirection and rights protection
23. MAILBOX ANALYSIS
• Most analysis is done via the Exchange Management Tool for example
• Get-MailBoxFolderStatistics -Identity gabdavis@turtlehost.net -FolderScope Inbox produces
a report on my inbox including number of messages , sizes, quota restrictions
• In the majority of cases you will want to output these commands to a text file so you can
review the results
• https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/get-
mailboxfolderstatistics?view=exchange-ps
• The Exchange Admin Center gives you a simple way to set and review things like quota,
storage and permissions for individual mailboxes but doesn’t provide any detail on things like
folders, message count etc
24. USER PROFILES
• All Exchange mailbox users must have an Active Directory account
• To open a mailbox on a workstation you must first set up a profile in Windows control panel
• Microsoft assumes you are logged into AD and using internal DNS for Activesync to find the
mail server and complete the setup of your profile
• A lot of things are assumed
• Profiles can be set up remotely but require considerably more configuration on public DNS
and often the workstation itself
• The Microsoft Remote Connectivity Analyzer is your friend
• https://testconnectivity.microsoft.com
25. USER PROFILES
• The authentication into Outlook is automatic once the user logs into Windows
• Enabling Kerberos will also let the user access Outlook on the Web without further
authentication
• The personal data in Active Directory such as location and manager is important to maintain
as it’s used for security and workflow in Exchange
27. CLIENTS
• Outlook 2013 or higher
• Microsoft typically has a N-2 support
model so Exchange 2016 supports
Outlook 2010 and higher etc
• Outlook for the Web (previously OWA)
• Activesync enabled mail clients
• Outlook for iOS and Android
28. OUTLOOK DESKTOP
• Outlook desktop when run in Windows uses a local profile to determine which mailbox to
open
• By default the profile configuration will be in cached mode which means working locally and
syncing to the server
• This isn’t the same as a local replica, only most recent and commonly used items are synced
• Folders will often declare themselves “empty” when data is on the server but not locally
• Outlook desktop accessed from different machines could look different if they each use
cached mode
29. OUTLOOK WEB
• https://hostname/owa opens Outlook for Web
• this isn’t the same as VOP on premise even though you are accessing the mail file directly on
the server via a browser not all messages will be visible
• Exchange supplies the messages it consider most recent or used to the browser client
• Often folders will show empty and require a refresh to get even old messages from the server
• In other words the only way to check what the mail file actually looks like is to disable caching
in the desktop profile and look at it through outlook desktop
31. CHANGING THE UI
• There are many Outlooks themes that control the colour and font etc of your mail file that are
available to the clients
• These themes can be modified by users to give the custom look they want
• The Outlook clients store themes locally as part of the client in html files
• Outlook for the web pulls themes from the server where they are stored as CSS files
• There is no simple way to modify an out of the box theme for an entire company across all
clients - the focus appears to be primarily on empowering users to customise their themes
• Users can also modify their layout and create their own views but those too are client specific
32.
33.
34. MAILBOX RULES
• Rules are primarily user created and driven so there
are a lot of options and ability to run them in sequence
• There are also sweep rules created by the user that
can perform inbox cleanup on a regular basis
36. CHECKING RULES
• Since Inbox rules are created by the user directly there’s no simple overview of what rules are
in place - use Exchange Management Tools
• Get-InboxRule
• New-InboxRule (to create)
• Disable-InboxRule
37. SHARING CONTENT
• The primary method for sharing content is to empower the user to share directly
• A user can create a folder or a calendar and then send links to other people who
would add those links to their own Outlook profile
• There are also shared mailboxes as well as shared resources (such as meeting
rooms and equipment)
38. PUBLIC FOLDERS
• Exchange has the concept of public folders which are shared hierarchical folder storage that
can hold posts, attachments and calendar content
• Most of that is controlled by the server Administrator who can delegate permissions to users
to create additional folders, add and delete content
• Content is very unstructured and is not intended for collaboration
• Not all features of public folders are available on Outlook for Web
39. SHARING CALENDARS
• Sharing a personal Exchange calendar to another user is a one to one process - you create a
link and send it as an email the user has to click on
• Adding an iCal to Outlook will work for both Outlook desktop and Outlook Web but Microsoft
only support checking the iCal source every 48 hrs
• Let me tell you a story about trying to recreate a Domino shared calendar with custom colours
triggered by dates in Exchange
• Long story short.. what was a simple thing to do in Domino was not in Outlook
• date triggered colour changes are possible but only by user profile
• iCal integration is possible but Microsoft’s only guarantees updates every 48hours
40. SHARING CONTACTS
• There is a contacts area on the server where
contacts can be added by an Exchange
Administrator
• these contacts are visible to everyone on
your server
• To share contacts a user would have to create
a new contacts folder and share that with
another user, similarly to how they would share
their calendar
• This isn’t designed to be a collaborative
solution
41. • Exchange on premises isn’t O365
• On premises Exchange requires very specific additional software and
configuration that must all work together, it also tends to be backwards
compatible to N-2
• if something stops working there are a lot of places to check
• The design focus is on enabling the user to work the way they want which
means lots of individual settings in the user mailboxes but potentially less
administration
• Log files are hard to find and read
• A good grasp of Powershell syntax will help you a lot
• The focus in Exchange on premises is not on collaboration