Is Exchange 2010 Supported on VMware?

KB ID 0000333 

Problem

At time of writing (30/09/10) it seems I cant get a definitive answer! My colleague tried to log a third line support call with Microsoft this week, as soon as they found out that Exchange 2010 was running in a VMware environment, they (literally) hung up on him.

Solution

Well Microsoft’s own documentation says it IS

Reference:

Fair enough Exchange 2010 is supported on a “Third party Hypervisor ONLY if its been validated in the “Windows Server Virtualization Validation Program“”.

Lets check that then,

Reference:

Quote ” Products that have passed the SVVP requirements for Windows Server 2008 R2 are considered supported on Windows Server 2008 and Windows Server 2003 SP2 and later Service Packs, both x86 (32-bit), and x64 (64-bit).”

And The platform it was running on IS listed (ESXi 4.0 U1).

When presented with this evidence the response was “We will try and fix it on a “Best Endeavour” basis” and the problem (which had nothing to do with VMware, it was actually Microsoft Threat Management Gateway that caused the problem!) was resolved.

Sorry Microsoft that is just not good enough! My company pay handsomely for their gold partnership status, and we expect to get third line support on the products we sell. The product is either supported or it is NOT, don’t publish that it is, then use the fact that is running on third party virtualisation to get the problem off your support call queue. Because somewhere there is an Engineer/Consultant who has persuaded THEIR client to part with money to buy YOUR product.

I openly invite Microsoft – Third Line Exchange Support, The Exchange Development team and anyone else to respond to me. I will publish any pertinent response.

Related Articles, References, Credits, or External Links

Technet Exchange 2010 Requirements Windows Server Virtualization Validation Program VMware Platforms Supported and passed SVVP

Granting Users Password Change Ability (Password Administration)

KB ID 0000503

Problem

This is a two part operation, firstly you need to give the user(s) the rights to change passwords, then give them the tools to do so.

Solution

Step 1: Grant the rights (Delegation of Control)

1. Whilst logged into a domain controller with administrative access, open “Active Directory Users and Computers” and create a group that you are going to allow password reset rights to. Note: In this example I’ve created it in the same OU, in practice you would probably create the group elsewhere in AD.

2. We are going to need to create a security group, give it a sensible name.

3. At this point I’m also going to create a test user – (you will see why later), in the same OU that I’m going to grant password reset rights to.

4. Right click the OU containing the users you want to grant password reset rights to (Or like in this example, the parent OU). Then select “Delegate Control”.

5. At the welcome screen > Next.

6. Add > Locate the group you created earlier > OK > Next.

7. Grant the “Reset user passwords and force password change at next logon” > Next.

8. Finish.

9. Finally add the user(s) you want to grant reset rights to to the group you created earlier.

Step 2 Give the user the tools – Option 1 (Create a Task Pad)

1. While still on your domain controller (or a machine with the RSAT tools Installed), Start > In the search/run box type mmc {enter}.

2. File > Add/Remove snap-in > Locate and add the “Active Directory Users and Computers” snap-in > Add > OK.

3. Right click the OU you are granting rights to > “New Taskpad View” (Note: you may need to turn on advanced view {view > Advanced options}).

5. Next.

6. Set as required > Next.

7. Leave on defaults > Next.

8. Add a name and description > Next.

9. Make sure the “Add new tasks…” is selected > Finish.

10. Next.

11. Menu command > Next

12. Select the test user you created above > Select “Reset Password” > Next.

13. This is what the user will see in their taskpad as an option > Next.

14. Select an icon > Next.

15. If you want to add anything else, leave the box ticked to re-run > Otherwise > Finish. Lets remove all the bits we don’t need > View > Customise > Untick everything > OK.

16. File > Options > Give the console a name > Select “User mode – limited access single window” > Untick “Allow the user to customise views” > Note: You might want to tick “Do not save changes to the console” > Apply > OK.

17. File > Save > Put the file somewhere you can find it.

18. Now your password admins can run this taskpad and have the “Reset password option”.

Note: For them to be able to run this on their client machines they need the following installing on their machines:

XP Clients and 2003 Server: adminpack.msi (you will find it in the system32 folder on your (2003)domain controllers.

Vista Clients and 2008 Server: Install the Vista RSAT Tools (download).

Windows 7 Clients and Server 2008 R2: Install the Windows 7 RSAT Tools (download).

Step 2 Give the user the tools – Option 2 (Use NTAdmin)

1. Yes its an old tool but it’s simple and it works! Good for help desk staff and technophobes! Download NTAdmin > When you run it, browse > select the user in question > OK.

2. Click ResetPW > take the default of “welcome”, or choose a new one > Yes > OK.

 

Related Articles, References, Credits, or External Links

NA