Welcome to Exchange Team Blog Sign in | Join | Help
Search
BlogsVideos

Syndication

This Blog

Post Categories

Archives

Sometimes good intentions hurt

When Exchange 2000 was released one of the goals was to allow third-party developers to write custom applications that they could use to automate mailing, CDO for Exchange was build into Exchange 2000, and CDOSYS was distributed with Windows.  These were fairly simple to implement and to make them even easier they were built to be able to discover where the SMTP server was that would ultimately send the message.  This discoverability was based on “Everyone” having read access to the IIS metabase.  When SendUsingPickup was used CDO for Exchange or CDOSYS would find out where the SMTP Pickup directory was by reading the IIS metabase. 

 

In Exchange 2000 SP3 “Everyone” was removed from having read access to the IIS metabase.  While we saw this as important to making Windows and Exchange servers more secure, we also realized that this has the potential of affecting thousands of customers.  So a hunt was on to find the best way to help customers who would be affected by this change.

 

One thing that there is no lack of here at Microsoft is an opinion on what is the best way to help our customers.  In this case we knew of several ways to resolve this problem, and after a few hallway meetings we determined that we should present the problem as well as both administrative and programming ways to work around it.

 

What followed is one example of the Product Group, Product Support Services and Exchange Partners working together to mitigate the storm we saw building on the horizon.  In collaboration the Exchange Team and PSS wrote instructions detailing the problem and outlined the workarounds.  We shared this with the Exchange Development Partners and took their feedback to improve the instructions.  More discussions ultimately led to the creation of a script that we provided to make it easier for customers to grant the proper rights to accounts that needed access to the metabase.  Finally we published a KB article, which went through a further revision after it was released to the public.

 

The final result is this KB article, http://support.microsoft.com/default.aspx?scid=kb;EN-US;816789  which I am happy to say resulted in easing the problem, making it easier for our customers to implement the new security rules, and decreased support costs for both Microsoft and our customers.  This is just one example of what can happen when a problem is recognized, and teams work together to solve it before the problem becomes widespread.

- Ed Beck

Published Thursday, June 03, 2004 9:31 AM by Exchange
Filed Under: , , , ,

Comments

No Comments
New Comments to this post are disabled

News

This is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified in the Terms of Use.

New! Would you like to suggest a topic for the Exchange team to blog about? Send suggestions to us.

Post Calendar

<June 2004>
SuMoTuWeThFrSa
303112345
6789101112
13141516171819
20212223242526
27282930123
45678910

Other Exchange Blogs

Exchange Websites

International

[MS] Exchange Blogs

[MVP] Blogs/Sites