Exchange Server 2019 Protocols

Agenda
➢ New in Exchange Server 2019
➢ Exchange Protocols scope
➢ Exchange Protocols details
➢ Choice of protocol family
➢ Resources
Exchange Server 2019
 Exchange Server 2019

Secure, proven architecture Performance and manageability Delighting End Users

Windows Server Core Faster and more reliable failovers Do Not Forward Meetings

Scale improvements Improved calendar management Smarter calendar management

New & improved search technology Simplifying connectivity Supporting EAI/IDN mail routing
Secure, Proven
Architecture
 Exchange Server 2019 runs on Windows Server 2019 ONLY

Cloud Scale We made changes working with the Windows Server team to make this the most secure combination, and those

Code in Your changes exist only in Windows Server 2019.

Datacenter We RECOMMEND you run Exchange 2019 on Server Core

Most secure option

Smaller disk footprint

Smaller attack surface

So what does that mean to things like HCW?

Or queue viewer or… <insert mmc tool of choice>?

 New Exchange Server 2019 installs will only use TLS 1.2
Cloud Scale
Code in Your Legacy ciphers and hashing algorithms such as RC2, RC4, DES,
3DES, MD5 and SHA will be disabled during install
Datacenter
We have prioritized the cipher order to prefer elliptic curve key
exchange.

And we use forward key secrecy mechanisms, so compromise of

long-term keys does not compromise past session keys

It’s important to ensure Exchange Server 2013/16 are up-to-date

for co-existence
Cloud Scale We’ve re-engineered search (yes, we know - again)
Code in Your
Datacenter Codenamed “Big Funnel” and uses Bing technology

No more search index files to manage

Indexes are now inside the database itself – in fact, inside each mailbox

So ‘normal’ log replication includes search indexes

For details refer this session: https://myignite.techcommunity.microsoft.com/sessions/65646

Performance and
Manageability
 We’ve optimized our code to remove a lot of files that shipped
on the DVD and were installed onto the server
Performance and
Manageability This makes installs slightly faster, but the primary benefits are
reduced surface area, less disk usage and an overall
improvement to security

And no more UM Language packs to install, and re-install, and

re-install and re-install….

With all the improvement in Dynamic and Meta caching :

A 20% increase to the number of users you can put on a server

The option to use much larger disks

We cut client latency for many operations in half

 Calendar Management can be hard
Performance and We’re giving Admins more tools to help with calendar
Manageability management

Remove-CalendarEvents - IT admins can cancel all meetings

organized by a user.

Examples:
Remove-CalendarEvents -Identity “Greg Taylor" -
CancelOrganizedMeetings -QueryStartDate 11-1-2018 -
QueryWindowInDays 120

It does not cancel appointments or meetings without attendees

or resources..
Delighting End
Users
Delighting Default End Date
End Users Clients will set a default end date when creating recurring series
instead of leaving it as no-end-date.
Do Not Forward
Organizers using OWA to create a meeting can mark it so that
attendees won't be able to forward
Transport in Exchange Server 2016 and 2019 will respect the flag
and prevent forwarding
Delighting Better OOF
End Users Additional options when setting up automatic replies. With
these options, the user can:

Block my calendar for this period

Decline new meeting invitations during specified period

Decline and cancel meetings during a specified period

 Email Address Internationalization

Support for the latest standards, enabling the use of non-English characters in email
Delighting addresses to be routed and delivered natively

End Users This means you can send and receive to/from external users with EAI addresses – but
you can’t add an EAI proxy or Accepted Domain to your mailbox yet

What’s an EAI email address?

Examples of EAI email addresses:

Latin alphabet (with diacritics): Pelé@example.com

Greek alphabet: δοκιμή@παράδειγμα.δοκιμή
Traditional Chinese characters: 我買@屋企.香港
Japanese characters: 甲斐@黒川.日本
Cyrillic characters: чебурашка@ящик-с-апельсинами.рф
Hindi email address: संपर्क@डाटामेल.भारत
 System
Requirements 1. Windows Server 2019 (Server Core preferred)

Summary 2. .NET Framework 4.7.2

3. AD FFL 2012R2 or later

4. 128GB recommended minimum RAM for mailbox role

5. Co-existence n-2 (Outlook and Exchange Server) – so no Exchange 2010 co-

existence
Exchange Protocols
 Exchange
Online
Microsoft
Graph 365
Services

Cloud (M365)
Apps
E E
On Prem (Exchange Server
Exchange 2019)
W A
S On Prem S
MAPI

MS Clients
Client communication with Exchange Server

EAS Storage

EWS

ROPs
M
A NSPI
P
I MAPIHTTP

POP/IMAP

SMTP
 There is more to Exchange then email
Calendars Recurring meetings, cross time zone scheduling
Availability – both attendees and conference rooms
Tasks One-time or recurring
Tracking Due Date and Assignment
Contacts Multiple Contacts Folders, Suggested Contacts
Address book for mobile devices
Reminders For Calendars, Tasks, Emails

Notifications Server notifies Client that mailbox changed (new mail, etc.)
Push or Pull
There is even more to Exchange then email
Rules Server Side and Client Side
Applied on messages on arrival, even when client is not connected
Out of Internal and External recipients can get different OOF messages
Office Time restrictions
Mail Tips Show user that recipient is Out of Office
Warning that mail includes very large DL, etc.
Compliance Legal Search (eDiscovery)
Legal Hold
Archiving Separate Archive for old emails, accessible by client
Retention policies set per folder
And so on... Delegate Access, Load Balancing. Mailbox moves, High Availability, and more.
ROP Protocols
 History of terminology – what is “ROP”?
▅ Initial name: RPC protocols
• Remote Operations (ROPs) over RPC connection
• RPC is just a channel to exchange binary blobs between client and server
• This binary blob can be transmitted by other underlying protocols
• RPC over TCP or RPC over HTTPS (MS-OXCRPC)
• Pure HTTPS (MS-MAPIHTTP)

▅ MAPIHTTP is RPC replacement (Exchange Server 2013)

• The same binary blob is now transmitted over HTTP, bypassing RPC
▅ Since it’s not RPC any more, we now call them ROP Protocols
• In many places it is still called “Exchange RPC protocols”, sometimes MAPI
 ROP Protocols
▅ Transport layers: RPC/TCP, RPC/HTTPS or pure HTTPS
▅ Low-level access to Exchange Server Storage
• Optimized to minimize traffic on the wire
• Very complex parsing
▅ Used by MAPI
• Workhorse for Outlook for Windows Desktop
communication with Exchange Server
▅ Originally implemented in Exchange 4.0
• Extended and re-architected several times
 ROP Protocols - Continue
▅ ROPs protocols define both Server and Client behaviors
▅ Client behaviors are very complex
• Wrapped in MAPI implementation on Outlook for Windows
Desktop
• Client performs logic to maintain complex items: Messages,
Folders, Calendar, Contacts, Tasks, etc…
• MAPI/CDO library is no longer supported
▅ Document Naming: [MS-OXO*] and [MS-OXC*]
• Over 40 Protocols, ~3000 pages
 Example of complexity in ROP Protocols
RPC/HTTPS: Header Binary Blob
(EcDoRpcExt2)

RopSize ROP1 ROP2 … HSOT Table

RopID ROP Data RopID ROP Data

Note: No ROP Data size or end marker.

Every ROP Data in the blob must be parsed.
Every RopID has different ROP Data structure.
Number of documented RopIDs: 130+
Where to start: ROP Protocols
 ROP Protocols Summary
▅ Not recommended for new applications due to complexity
▅ Modern Exchange Server has good alternatives
• Exchange Web Services for On-Prem Server
• Microsoft Graph for Exchange Online
Exchange Web Services (EWS)
 EWS Protocols
▅ Alternative to ROP protocols
▅ Higher level of abstraction compared with ROP protocols
• EWS implements messages, attachments, calendar events,
contacts on server side
• Outlook for Windows Desktop uses subset of EWS protocols
• Unified Messaging, MailTips, Availability, OOF, Office Apps, Room
List, Archive, Mailbox Policies, Calendar Sharing, Site Mailboxes, etc.
▅ Intuitive/readable XML (easier troubleshooting)
 EWS Protocols- continued
▅ Versioning
• Clearly defined
• RequestServerVersion header element in each request let’s client to request
version-specific behavior
▅ Transport:
• SOAP over HTTP(S)
▅ Code in any language/platform that supports HTTP/SOAP calls
• SDKs are available as well

▅ Document Naming: [MS-OXW*]

• 43 Protocols, ~2000 pages
▅ First implementation: Exchange Server 2007
 Where to start: EWS
▅ Not hierarchical
▅ Start with
MS-OXWSCORE
 EWS SDKs
▅ Exchange Web Services (EWS) Managed API
• https://www.nuget.org/packages/Microsoft.Exchange.WebServices/

• https://github.com/OfficeDev/ews-managed-api

• https://docs.microsoft.com/en-us/exchange/client-developer/exchange-
web-services/explore-the-ews-managed-api-ews-and-web-services-in-
exchange
 EWS Summary
▅ Recommended protocol for on-prem Exchange Server
applications
▅ Basic authentication only
• No OAUTH
▅ GRAPHAPIs is better alternative for Exchange Online
and Hybrid Exchange Server
• Modern authentication
• Seamless integration with other services (SharePoint,
OneDrive, Azure Active Directory, etc.)
• Feature updates will happen in Microsoft Graph APIs
Exchange Active Sync (EAS)
 EAS Protocols
▅ Lightweight synchronization protocol for Exchange Server
• Optimized to work on high-latency and low-bandwidth networks
• Designed to minimize device power usage
▅ High level of abstraction, similar to EWS in complexity
• Provides access to email, calendar, contacts, tasks, documents,
etc...
▅ Transport Layer: WBXML over HTTPS
▅ Industry standard
• Several non-Exchange Server implementations
• Wide range of clients –iOS, Android, Windows, etc…
 EAS Protocols Details
▅ Versioning
• Clearly defined version negotiation
• Version-specific features documented in open
specifications
▅ Document Naming: [MS-AS*]
• 15 Protocols; ~900 pages
▅ First Implementation: Exchange Server 2003
 MS-ASPROV

MS-ASCNTC

MS-ASDOC

MS-ASCAL

MS-ASNOTE

MS-ASMS

MS-ASTASK
MS-ASCMD

MS-ASHTTP
MS-ASWBXML

MS-ASCON

MS-ASRM
MS-ASEMAIL
Where to start: EAS

MS-ASDTYPE

MS-ASAIRS
 Typical Usage of Exchange ActiveSync
▅ Mobile Applications
▅ Tablets and lightweight desktop applications
• Allows for low-bandwidth and high-latency data (Internet)
connections while scaling reasonably on high-speed
connections.
▅ Additional considerations
• Not feature parity with Exchange ROPs and Web Service (EWS)
protocols
• Licensing requirements
▅ Microsoft Graph APIs is better alternative for Exchange online
 Other Exchange protocols
▅ Autodiscover
▅ Content Conversion
▅ Standards-based protocols – Compliance and
Extensions
▅ [MS-OXPROTO] is a good reference
Which Protocol to use?
 On-Premises choice
▅ EWS is recommended for new applications
Outlook for Mac uses EWS
▅ ROPs protocols are very complex
▅ EAS has special purpose
▅ Hybrid mode brings on-line richness to on-prem
implementations
 Exchange Online has more…
▅ If you develop for Exchange Online, consider
Microsoft Graph APIs
• https://developer.microsoft.com/en-us/graph/
• https://aka.ms/30DaysMSGraph
Resources
 Exchange Protocol Test Tools
▅ Protocol Test Suites
• Protocol families: EAS, EWS, and ROPs (RPC/MAPIHTTP)

▅ Fiddler Inspectors:
• Protocol families: ROPs (MAPIHTTP)
• Additional associated protocols
 Exchange Protocol Resources
▅ All Exchange protocol documents
• https://docs.microsoft.com/en-us/openspecs/exchange_server_protocols
▅ Fiddler inspectors for Office and Exchange protocols
• https://github.com/OfficeDev/Office-Inspectors-for-Fiddler
▅ Protocol Test Suites
• https://github.com/OfficeDev/Interop-TestSuites
▅ Help with Open Specifications:
• mailto:[email protected]
▅ Office Interoperability blog:
• https://docs.microsoft.com/en-us/openspecs/blog/ms-offintbloglp/61fc0f77-b3e6-
4b4f-aea9-ce472fa98835