Kirk Ouimet

I recently got my hands on copies of Microsoft’s Windows Server 2008 and Exchange Server 2007 SP1. I’ve always been an early adopter and I was super excited to upgrade from Server 2003 and Exchange 5.5. It was an absolute nightmare to get everything up and running, but I’ve got it all working now and want to share some pointers for you guys out there who might be running into the same problems I did.

My goal was to have a setup that would allow my workstation, laptop, and smart phone to all sync with Exchange using my residential Internet connection. My setup is simple:

1. Server - Windows Server 2008 and Exchange Server 2007 SP1
2. Workstation - Windows Vista Business Edition with Outlook 2007
3. Laptop - Windows Vista Ultimate Edition with Outlook 2007
4. Smart Phone - Cingular 3125 with Windows Mobile 5

My workstation syncs directly with Exchange 2007 using my LAN, my laptop syncs using “Outlook Anywhere” (previously titled RCP over HTTP), and my smart phone syncs using ActiveSync with Direct Push.

I installed Windows Server 2008, did some basic configuration, and installed Active Directory with Domain Services. Everything was stable, and I started to install Exchange 2007 SP1. Note that you MUST have an 64 bit version of Windows Server 2008, and you MUST have the SP1 version of Exchange Server 2007 in order for things to work on Windows Server 2008.

Exchange 2007 SP1 died several times during the installation. I couldn’t figure it out! Each time it was saying different services weren’t starting on time. After banging my head on this problem for several DAYS reformatting/reinstalling I finally found out that the Exchange services freak out unless you have IPv6 enabled. I had disabled it every time I installed Active Directory. The services dying problem disappeared after I re-enabled IPv6 on my network connection.

Now that I had everything installed I had to migrate my mailbox from Server 2003/Exchange 5.5 to my new Server 2008/Exchange 2007 SP1 configuration. Easier said than done. Long story short I used ExMerge to export my Exchange 5.5 mailbox as a .PST file and then used the Exchange Server 2007 Management Shell to import the .PST file.

First test was to see if Outlook Web Access worked. I hit up http://mydomain/owa. I got an access denied error, so I tried https. It worked but griped about untrusted the SSL cert. I hate messing around with SSL on my personal e-mail so I jumped into inetmgr and changed the Default Web Site SSL Settings to not require SSL. Now I could use the less secure http protocol, but at least I don’t have to see those SSL cert warnings.

Next I wanted to get my workstation syncing. I used “Mail” from the control panel, removed my existing profile, and added a new one with my new Exchange server’s name. It kept saying it couldn’t find the server, even though I could browse to it on my workstation. In order to get it to connect I had to change my network connection to use the DNS server, which just so happens to be hosted on the same machine as Exchange. Once it was using the local DNS server it could resolve my Exchange server, which is Server.home.local. Outlook 2007 synced without a problem and pulled down everything.

I wanted to get my phone with Windows Mobile 5 to sync with Exchange. This was the easiest part! I removed my existing Exchange server source on my phone and added a new server source pointing to “mydomain” without using SSL. It instantly worked and synced without an error. Direct Push works without any additional configuration.

Last up was the laptop and getting Outlook Anywhere working. I enabled Outlook Anywhere on Exchange Server 2007. Make sure you use Basic authentication! To my disappointment I did some quick research and found that (1) Outlook Anywhere absolutely requires a certificate, and (2) Outlook Anywhere does not support self-signed certificates. What the! I didn’t want to spend $30/year on some crappy GoDaddy cert so I decided to push through these limitations. I found out that you can actually use a self-signed certificate you just need to make sure it is in the Trusted Root Certificate Authorities division of your certificate storage.

Here is how you generate a self-signed certificate with Exchange Server 2007 to use for Outlook Anywhere on any of your Outlook 2007 client machines:

1. Open the Exchange Management Shell in Windows Server 2008.

(You need to be logged in as a local Administrator and that Administrator needs to be a member of the Exchange Server Administrator group as well as the Exchange View-Only Administrators group in Active Directory. Make Administrator a member of those accounts and reboot for good measure.)

2. Run the following commands:

New-ExchangeCertificate -PrivateKeyExportable $True -Services “IMAP, POP, IIS, SMTP” -SubjectName “cn=[*SEE NOTE]”

*Note: this needs to be the exact name of the external domain you are going to use to access Outlook Anywhere.

Enable-ExchangeCertificate -Thumbprint [THUMBPRINT FROM NEW CERT]

Export-ExchangeCertificate -Thumbprint [THUMBPRINT FROM NEW CERT] -Path C:\Certificate.pfx -Password:(Get-Credential).password

3. Now you have a cert named Certificate.pfx sitting on C:\ on your Exchange Server. The cert is good for all of the basic Exchange 2007 services. Copy that file to any client machine you want to use to connect to Exchange Server 2007 using Outlook Anywhere.

4. Install the certificate on your client Windows machine by going to Internet Explorer > Tools > Internet Options > Content > Certificates > Trusted Root Certificate Authorities > Import. Grab the cert you generated on your server, accept the warning dialog, and the import is successful.

5. Run Mail from the control panel on the client machine. Add a new profile and setup an account to use an Exchange server. Type the LOCAL NAME of the Exchange server (mine was Server.home.local). Click on “More Settings” and navigate to the “Connection” tab. At the bottom of the “Connection” check the box next to “Connect to Microsoft Exchange Using HTTP.” Click on “Exchange Proxy Settings”. Type the name of your domain in the top URL box. Uncheck the next two boxes. Check the two boxes next to “On fast networks…” and “On slow networks…”. Set your Proxy authentication settings to use Basic Authentication. Click OK a bunch of times and you should be good to go!

Please note that the self-signed certificate will expire after 1 year, so every year you’ll need to hop in and redo the above process.

A friend of mine asked me to build an AJAX shipping calculator for his e-commerce site. I accepted the project, thinking that his request would be easy to fulfill. I soon learned that his site was hosted by a third party e-commerce hosting company that does not (a) allow FTP access to his site and (b) process PHP or any other server-side scripting language. Using AJAX was going to be next to impossible. The reason it was going to be so hard is the same-origin policy.

The same-origin policy is incorporated into every major browser and prevents a script loaded from one site of origin from communicating with a document loaded from another site of origin.

I needed the shipping calculator to make a request to the R+L Carriers quote service, located at: http://www.rlcarriers.com/b2brateparam.asp. Same-origin policy says I can’t make a direct AJAX request (that will return a response) to any domain and port other than the one that the site content is on.

Normally circumventing the same-origin policy is a breeze, you just use a proxy on your domain to make the request. For example, you would use a URL like this in your AJAX request:

var url = '/proxy?url=' + encodeURIComponent('http://www.rlcarriers.com/b2brateparam.asp?weight1=1000')


See this Prototype JS documentation for further details.

I usually use a PHP proxy on my server to make requests to other domains. Unfortunately, my friend’s web host will not allow me to use a proxy script on my friend’s domain. But there is always a solution to every problem.

Turns out the <script> tag doesn’t care about same-origin policy. You can specify any domain you want in the ’src’ attribute of the script tag. My friend’s web host does allow me to put custom script tags into the checkout page.

Here’s kind of what it looks like:

<script src="http://www.foreigndomain.com/checkout.js" language="javascript"></script>

checkout.js has a function in it that runs code that looks like this, using the Prototype JavaScript library:

// Create the new script element and assign the a src attribute
var newScript = new Element('script', { 'src': 'http://www.foreigndomain.com/calculate-shipping.php?weight1=1000'});

// Put the new script into the page
document.body.appendChild(newScript);

When the function that contains this code is activated, a new script tag is created and added to the page on the fly. You can throw whatever variables from the current page into the parameters of your script tag src attribute. In the instance above I grab a zip code from the checkout page and pass it along with the weight. calculate-shipping.php, hosted on one of my domains, then makes the request to R+L Carriers and gets the shipping cost. All that is left is to have calculate-shipping.php echo out some JavaScript for the client to process. This is PHP echoing JavaScript:

// Process the shipping cost and put it into a variable called $shippingCharges
// Echo it out
echo "
$('shippingCharge').value = {$shippingCharges}; // This will update a form field on the checkout page with the estimated shipping cost
";


Turns out it the technique works like a charm. The purpose of all of the code above is just to explain the concept of using the <script> tag to circumvent the same-origin policy. The actual code that I am using has a lot more checks to make things a little more secure. You can check it out by visiting my friend’s e-commerce site at http://www.emergencymre.com/. Add something to your cart and go to the checkout page to see it in action.

Comments welcome!

Famous author Robert Kiyosaki has been sponsoring a “Learn to Be Rich” campaign across the nation. I had the opportunity to attend one of the events, and took notes throughout the two hour session.

Some basic financial definitions (of Robert’s making):

Income: Any money you get
Cash Flow: Any money you get after your expenses
Asset: Anything that brings cash flow
Liability: Something that takes money away from you

The instructor also touched on the four different ways people are compensated. These include being compensated as an employee, as someone who is self-employed, as a business owner, and as an investor. True wealth is most often obtained by the latter two.

And finally, there were five lessons about how rich people think.

Lesson #1: The Rich Don’t Use Their Own Money
Lesson #2: There is a Solution to Every Problem
Lesson #3: The Rich Understand Tax Law
Lesson #4: The Rich Create Wealth with Creativity
Lesson #5: The Rich Work to Learn, They Don’t Work for Money

My favorite quote from the session was:

“Once we have a sure financial footing it becomes our duty to help others.”

The things we fill our minds with will come to us - both good and bad.

Search engines are particularly harsh to sites that use hard redirects to another page. If you are using PHP and need to have a page redirect to another location, use this code:

<?php
header(”HTTP/1.1 301 Moved Permanently”);
header(”Location: http://www.newdomain.com/newpage/newurl.htm”);
exit();
?>

“There is no friendship greater than your own, clear conscience.”

- Thomas S. Monson

“We see ourselves in terms of yesterday and today. Our Heavenly Father sees us in terms of forever. Although we might settle for less, Heavenly Father won’t, for He sees us as the glorious beings we are capable of becoming.”

- Joseph B. Wirthlin

• When you walk into a room where you will be conducting/teaching/leading smile and introduce yourself to as many people in the room as possible. Be sure to get people’s names and repeat them back to them so you won’t forget.
• Ask for people to share some news from their life at the beginning of the meeting to facilitate openness and sharing from the beginning.
• Acknowledge the presence of any other authorities in the room.
• Stress/emphasize the value of everyone’s involvement in the meeting.
• Reward comments with candy if appropriate.
• Be confident with your body language and in everything you say. Nobody likes to listen to someone who isn’t sure themselves.
• Use names as much as possible. If you don’t know them, ask.
• When people are commenting maintain eye contact with them.
• Show excitement when a good comment or point is raised.
• If someone is reading from some type of source material ask them about a portition of what they read immediately after they finish. e.g., “Tell me how you feel about [section of text].”
• When a topic is covered sufficiently/beat to death say “Let’s move on to [new discussion topic].”
• Ask questions to specific people in addition to asking the group in whole.

Sacrifice is giving up something good for something better.

“A religion that does not require the sacrifice of all things never has power sufficient to produce the faith necessary unto life and salvation; for, from the first existence of man, the faith necessary unto the enjoyment of life and salvation never could be obtained without the sacrifice of all earthly things.” - Joseph Smith

Found this site last week when researching SEO. The SEO Mini Book covers some important search engine optimization topics, such as:

• How search engines work
• Keywords
• Links
• Metatags
• Content
• Paid submissions

This free online book is a great starting point for anyone who wants a concise introduction to SEO.