Help us learn how you use Exchange management tools to manage your server and organization objects!

Published Jun 03 2011 10:38 AM 2,130 Views

Note 6/3/2011: we have now fixed the survey link; sorry for the disruption, you can now take the survey.

We wanted to reach out to you again to help us think and plan about evolution of Exchange in the future.

This time, we wanted to get a better understanding on how you use Exchange management tools to manage your server or organization-level objects. Those would, generally speaking, be objects that are not recipient objects (so not management of mailboxes, groups etc. but rather server or org configuration.)

We have created a ~15 minute anonymous survey that will give you the opportunity to tell us which of those scenarios are most important for you, what is most valuable to expose in GUI and if there are improvements that you feel we should make based on what you use today.

You can find the survey here.

We absolutely value your feedback and will go through this carefully. Thank you for your time!

- Nino Bilic

Not applicable

The form seems broken when submitted.

Not applicable

@ Paul: thank you for letting us know; I have temporarily removed the survey link and have escalated the problem internally.

Not applicable

And you don't want to ask how we manage users, groups and DLs because you do not want to hear that we miss the ADUC? Think about, to get users managed in environment where you have Lync and Exchange, you need three built-in tools to do the job.

1. To manage AD objects you need ADUC

2. To manage Exchange attributes, you need Exchange tools

3. To manage Lync attributes (even they are not so much in AD anymore) you need Lync's tools.

Do you have any good explanation why we are here with three different tools? Isn't silly??

Not applicable

We have now fixed the survey at the above link; sorry for the inconvenience, please take the time if you want to help us with this! :)

Not applicable

"The answer of the question is too long."

You want to hear us or not ?  ;)

Not applicable

@Petri X

I think it makes a lot of sense to use three different tools to manage those things. In a large environment the people managing AD, Exchange, and Lync are three seperate entities. Why would you give Exchange administrators access to edit AD objects like security groups or non-Exchange objects or properties of a user when they don't need to touch that stuff? Why would Lync administrators care about Remote Login details or Group Policies?

Exchange has the ability, with RBAC roles, to give better flexibility to organizations to give administrators the ability to do their job without opening up ACLs in AD to allow them to do things you don't really want them to do. Instead of giving a junior administrator full-permissions with ACLs to move a mailbox, now you can give them the RBAC permissions for the Move-Mailbox cmdlet, without giving them full ACL rights to all the mailboxes in an organization.

I can't imagine a single tool available that can deal with Exchange's RBAC permissions and AD's ACLs and not being a complete mess.

Not applicable


Good point, but why should we forgot the normal helpdesk and user administrators in the large organizations or the IT all together in a smaller organizations. I'm not sure why I have to ask them to use:

1. ADUC for creating user object into AD by ADUC (e.g. roaming profile settings can set on there only, and password reset)

2. Then they have to enable mailbox by the Exchange tool

3. And last, use the Lync tools for enabling the Lync

I see that we are looking for too close how the admins are working and are they happy, but there are others as well..

Not applicable

@Petri X: The future is supposed to be powershell. Admins shouldn't be going into various GUI consoles to create users etc if they use powershell. If you had a request to create 10+ new user accounts and your using GUI tools then you need to review your processes.

Alternatively theres tools like FIM but I don't see many companies using that at the momment.

Not applicable

Enable/Disable the Outlook Anywhere feature per user.

Now you can only enable it or disable it for All Users.

Only in the Powershell it's possible to disable it on User accounts.

Not applicable

Creating out-of-box Reports for Management in the GUI?

Now it's only possible to create reports from Powershell query's and to export them to CSV.

But maybe it's possible to have some "most used reports" in the GUI.

Like : Mailbox sizes, mobile phone usage/models, how many mails sent/received from users, mailbox quota's, etc

Not applicable

The ability to define specific LOGs and audit them with simple queries is a significant issue for me.

Nir Hus

Not applicable

Also there is a no good unified management tool...why??

Nir Hus

Not applicable

It is not working.  The message is: Cannot find the formfeedback!

Not applicable

Form is now closed but ill sit back and vocalize my main issues ....  (brace yourself!)

1.  Throttle Policies.  Now that this is enabled by default in 2010 SP1 and it impacts almost ANYTHING that uses MAPI to open mulitple mailboxes or companies that like to run in online mode instead of cache, this really should have a tab in the Org -> CAS section.

2.  Sense we're talking about CAS, why don't the EWS services have an internal/external URL tab just like OAB/OWA/ECP?  It's not too big of a deal for the one-off CAS Array config, but when a client pays for "e,emergency help"  telling him where to click is much less painful then telling him what to type down to the syntax.  Bonus points for the SCP record.

3.  Ditto for Outlook Anywhere.  Why do I have to right click the server instead of just another tab?  Breaks the flow of the GUI.  Yeah you have to install a piece, but you have to remember to start things like POP so I dont think that's a big deal.

4.  Final nail in the CAS coffin:  the configure external domain right-click wizard is handy .... let me do the same for internal URLs.

5.  Moving on HTS: I like the receive connector processing rules EXCEPT I personally find the "most explicit gets processed first" a little difficult at times, especially if the client has LOTS of rules.  Copy the firewall world and simply have them process in order instead and let us increase/decrease the order.  More control, more inline with what admins experience ... better everything really.

6.  Bigger deal in HTS:  You SERIOUSLY need an extra check box in the GUI for anonymous relaying.  This has to be the most common custom configuration on the planet, yet it's a powershell command and arguably buried as an AD permission on top of all of that, at least allow an "-allowanonrelay:$true" flag in set-recieveconnector cmdlet.  I've YET to visit a single client that didn't need this in some capacity, and it's easily a a daily admin task to add new scanners with email capabilities and custom what have yous.

7.  Not directly your area, but talk to the AD folks over in charge of ADAC and extend it to include Exchange management.  Telling clients they can't use the MMC as a one-stop admin point anymore and having _nothing_ to offer as a replacement .... well ... blows.

8.  Security Group Support.  We need this.  Badly.  There are tons of custom policies available to the average user object and all of them must be explicitly defined.  From Throttle Controls, to Retention Policies, to OWA/ActiveSync policies, there is no easy way to carve out a group of people and have the right policy assigned.  Instead we have to create a ps1 script that enumerates group membership then applies the policy to all the members and then store that as a scheduled task to run each night .... it's silly.  If security groups are too much due to query load/nested group complications at least let us do something similar to recipient policies where we can create a search filter via opath then prioritize it.  Id be fine explaining that to a client.

That's a good place to start I think. :)

Not applicable

since the form isn't working

Object Version Management - the ability to see the settings of last x versions of an object and who updated them - good for Audit.

and to boot: Messaging Statistics - time to include native statistical data reporting instead of reliance on third party.  including track a mailboxes store history - good for ediscovery or point in time restore.

Not applicable

i'd like to put my vote behind wanting to have exchange management possible from ADUC

Not applicable


I am trying to update my Exchange server 2010 from RTM to SP1. Every thing seems ok but Organization Preparation is taking too long. It took 1:42:00 mins and still the progress bar is in the half. The task bar shows the processes status = Running

Any Idea why? or how long it generally take?

Not applicable

@Gary Hay

As I mentioned earlier, we should not forgot the other admins on our area, other than us as an experts (as we call ourselfs ;-). We should not require them to use PowerShell, or should we? I would like to make their work as simple as possible: reset the password, change the typo on the name, change the phone numbers, group members, change the out of office message for users etc. We can be in deep sh....t with the PowerShell, but not them,

Not applicable

Cheap Coach Outletsell all types of Coach leather products and accessories at really discounted prices. Any one who would like to get a actually sumptuous purse, purse, wallet, baggage or any other accessories, at significantly lower prices than normal, they should visit Coach outlets. Some also question the quality of these products being sold so cheap.

If you like coach purses and coach wallets on the coach outlet,no matter what your fashion,be sure to check out what has to offer. This massive amount of listings creates competition that in turn brings down the prices and that's great news for you! Just use a little warning as well as you'll find that buying for Coach wallets is a lot of fun.

Not applicable

Is there a way to extract as a csv or anything else a list of shared mailboxes on Exchange server 2007 or 2003

Version history
Last update:
‎Jul 01 2019 04:00 PM
Updated by: