Share via


Exchange 2010 Service Pack 2 Overview

The Exchange Product group does a great job of summarizing the most interesting changes and improvements in Exchange 2010 SP2 in this post on the MS Exchange Team blog. But because this upcoming service pack contains several new features and improvements, this Wiki page will go into more details on each as well as provide links to Exchange 2010 SP2 specific information from Microsoft sources and the Exchange community.  

 


New Features and Improvements

Cross-Site Silent Redirection for Outlook Web App

TBD

Outlook Web App Mini (OWA Mini)

As some of you know with OWA 2010 RTM and SP1 (and OWA 2007 for that sake), when a user hits a CAS server in the wrong AD site (that is another AD site than where the user’s mailbox is located), the user will be either proxied or redirected to the correct AD site depending on whether an external OWA URL has been specified or not. If no external URL has been specified for the OWA vdir on the CAS servers in the AD site holding the user’s mailbox, the CAS server in the “wrong” AD site will try to proxy the request to a CAS server in the “right” AD site. If the OWA vdir on the CAS servers in the right AD site has been configured with integrated authentication, the users will experience SSO (only be prompted for credentials once).

However, if an external URL has been specified for the OWA vdir on the CAS servers in the AD site where the user’s mailbox is stored, the CAS server in the “wrong” AD site will initiate a redirect instead of a proxy. Let’s say the user hits https://failover.exchangeonline.dk/owa which points to another AD site than where he’s mailbox is located, he will will be presented a screen similar to the following:


After clicking on the link that points to the right AD site, he will be prompted for credentials once again:

Now although this forces the user to connect to a CAS server in the “right” AD site, it doesn’t provide a real SSO experience.

Exchange 2010 SP2 will improve the redirection experience by offering a mechanism that will let the user get a cross site redirection SSO experience if FBA is enabled in both sites and CAS is providing the form. What does that mean? Well, it means that is the user will be redirected automatically (doesn’t have to click manually on a link) and not only that, he will also be allowed access to the mailbox without having to authenticate. This won't work however if the form is being generated in front of Exchange, on TMG for example.

Hybrid Configuration Wizard

TBD

Address Book Policies

How to Implement Address Book Policies in Exchange 2010 SP2 Effectively


Microsoft

  • TechEd 2011 NA Sessions:

Community Resources

International