Improvements in Outlook 2003

Outlook 2003 provides improved functionality in the following areas:

• Cached Exchange Mode

• RPC over HTTP

• Kerberos authentication

Some of the improvements in these areas depend on whether you are running Windows Server 2003 or Outlook 2003. These improvements and their dependencies are discussed below.

Cached Exchange Mode

Cached Exchange Mode in Outlook 2003 significantly improves the experience for users who are located in offices that have low-bandwidth, high-latency connections because it gives users access to mail from either a local cache (.ost file) or from the Exchange 2003 server. Exchange 2003 provides better support for Cached Exchange Mode than previous versions of Exchange because it efficiently synchronizes the mailbox on the server and the .ost file on the client computer. Requests for updates from the client computer to the Exchange server are eliminated.

Cached Exchange Mode is especially useful in branch office scenarios, where remote offices have slow or unreliable connections. Users can work from their local cache with or without a network connection, and Exchange synchronizes the local cache and the server mailbox when a connection is available. In addition, Cached Exchange Mode requires fewer requests to the server, which reduces server load per user and helps you support more users per server.

Deployment Considerations for Cached Exchange Mode

When you deploy Outlook 2003 in your messaging environment, you can allow your users to use the Cached Exchange Mode feature for Outlook. However, when you deploy this feature, you should make sure to stage your rollouts. A user's .ost file is created on his or her computer when the user attempts to synchronize with an Exchange server. This means that all of the information in the user's mailbox will be transferred from the server to his or her computer. For this reason, you should stage rollouts to reduce the number of users attempting to perform an initial synchronization between their Exchange server and their computer running Outlook 2003. Staging your rollout for Cached Exchange Mode is necessary because users will effectively download a complete copy of their mailbox from the Exchange server to use on their local computer. This initial download could adversely affect performance on your Exchange server if many of your users download their mailboxes at one time.

The amount of data is of special concern if the connection is slow and several users connect at the same time. If users' mailboxes are very large (for example, greater than 2 GB each), synchronization with the .ost file could have a significant impact on the network connection. This situation can occur especially in organizations that place no limits on mailbox size.

You should also note that the .ost file is placed in the profile directory by default so, if a user has roaming profiles (for example, across different branch offices), the cache is available in only one of the profiles.

RPC over HTTP

The RPC over HTTP feature in Windows Server 2003 eliminates the need for remote office users to connect to their Exchange servers by using a virtual private network (VPN). Users running Outlook 2003 can connect directly to an Exchange 2003 server within a corporate environment over the Internet. For Exchange to support RPC over HTTP, all Exchange servers that users with Outlook 2003 will access must be running Exchange Server 2003. Additionally, RPC over HTTP is supported only by Outlook 2003. Finally, all computers in your messaging environment that your users will need to use with RPC over HTTP communication must be running Windows Server 2003. This includes the following computers:

• All global catalog servers

• All Exchange servers that your Outlook 2003 users will access

After you configure the recommended Exchange front-end and back-end server architecture with Internet Security and Acceleration (ISA) Server, users can use RPC over HTTP to connect to your Exchange 2003 servers.

The recommended method for deploying RPC over HTTP is to install ISA Server with Feature Pack 1 in the perimeter network and position your RPC proxy server within the corporate network. Your RPC proxy server can be either your Exchange front-end server or another Web server that you allow users to connect to from the Internet. For more information about deployment options, see "Exchange Server 2003 RPC over HTTP Deployment Scenarios."

To enable RPC over HTTP for your organization, you need to do the following:

• **Configure a server as an RPC proxy server   **If you have a server that your users can access from the Internet, such as an Exchange front-end server, you can configure the server to be your RPC proxy server. This RPC proxy server is responsible for specifying which ports communicate with the global catalog servers and all Exchange 2003 servers with which the Outlook 2003 client computer needs to communicate.

• **Configure your internal network to use RPC over HTTP  ** Computers that Outlook 2003 users will access, including any Exchange Server 2003 computers and the global catalog servers, must be configured for RPC over HTTP communication. Additionally, the perimeter network must be configured to allow for RPC over HTTP communication.

Kerberos Authentication

Exchange 2003 and Outlook 2003 can now use Kerberos to authenticate users to the Exchange servers. If your network uses Windows Server 2003 domain controllers, your users can authenticate across forests to the domain controllers in trusted forests, thereby allowing user accounts and Exchange servers to exist in different forests.

Exchange 2003 uses Kerberos when sending user credentials between an Exchange front-end server and the Exchange back-end servers. Previous versions of Exchange used Basic authentication for applications such as Outlook Web Access to send their credentials between an Exchange front-end server and an Exchange back-end server. As a result, companies had to use a security mechanism such as Internet Protocol security (IPSec) to encrypt information from the Exchange front-end server to the Exchange back-end servers.