Difference between revisions of "Update Notices"

Jump to: navigation, search
[checked revision][checked revision]
(Upgrading to 13.x)
 
(18 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
== General Information ==
 
== General Information ==
* The installation process upgrades the software automatically by uninstalling any previous version first. Administrators will be asked during setup to confirm the uninstallation.  
+
* The installation process upgrades the software automatically by uninstalling any previous version first. Administrators will be asked during setup to confirm the uninstallation. The new version must be installed in the same directory as the old version. The installation directory has to be adjusted manually in case the old version has been installed in a non default directory.
 
* During the installation process services are automatically stopped and restarted afterwards. Running archiving profiles will be cancelled and may show up as failed. Active user sessions will be terminated. Should stopping the service fail for any reason, please stop the service manually and run the installation again.
 
* During the installation process services are automatically stopped and restarted afterwards. Running archiving profiles will be cancelled and may show up as failed. Active user sessions will be terminated. Should stopping the service fail for any reason, please stop the service manually and run the installation again.
 
* In a multi server environment, upgrade the components in the following order: Management Server, Instance Host, Client Access Server
 
* In a multi server environment, upgrade the components in the following order: Management Server, Instance Host, Client Access Server
 +
* After each update check the files in the sample branding folder to identify if new settings or template variables have been introduced.
 
* Please note the following version specific upgrade notices. Also read the notices from all version numbers between yours and the one you are going to install.
 
* Please note the following version specific upgrade notices. Also read the notices from all version numbers between yours and the one you are going to install.
 +
 +
== Upgrading to 13.x ==
 +
* '''Microsoft 365 Support'''
 +
*; A new directory service synchronization profile ''Microsoft 365 (Modern Authentication)'' as well as new profiles for archiving and exporting emails from or to Microsoft 365 have been introduced. These support modern authentication (OAuth 2.0 & OpenID Connect) and customers of Microsoft 365 are advised to regularly check for Microsoft's announcement on the timeline for removing HTTP Basic Auth from Microsoft Exchange Web Services (EWS) and to plan the migration to the new profiles in advance.<br/><p class="mswarning">Once Microsoft disables support for HTTP Basic Auth in Exchange Web Services on Microsoft 365, the existing directory service synchronization profile ''Microsoft 365 (Basic Auth)'' (formerly named ''Office 365'') and the Microsoft Exchange archiving and export profiles will stop working.</p>
 +
* '''Google G Suite Support'''
 +
*; The Google ''G Suite'' directory service synchronization profile has been extended with support for modern authentication (OAuth 2.0 & OpenID Connect). Customers of G Suite are advised to regularly check for Google's announcement on the timeline for removing support for less secure apps, and should plan the migration to the new setting in advance.<br/><p class="mswarning">Once Google disables support for Less Secure Apps in G Suite, the existing directory service synchronization profile ''G Suite'' will no longer allow users to login to MailStore as long as the  authentication method is still set to ''IMAP''.</p>
 +
* '''Outlook Add-in'''
 +
*; Due to the required changes of the login process to support modern authentication with Microsoft 365 and Google G Suite, the Outlook Add-in must be updated to version 13 to be able to connect to a MailStore SPE 13.x instance. Connecting to an older version of a MailStore SPE instance is no longer possible after the update.
 +
* '''GPO Templates'''
 +
*; GPO templates are now bundled with the application. End customers may download the GPO templates from the default page of the Client Access Server. See the index.html file in the sample branding folder on how to integrate the corresponding link. As the Email Archive Client and Email Archive Outlook Add-in use the same registry keys as MailStore Server and MailStore Outlook Add-in, the GPO templates provided are those bundled with the original MailStore products.
 +
* '''IMAP Access to Archive'''
 +
*; When using either the new ''Microsoft 365 (Modern Authentication)'' or ''Google G Suite'' directory service synchronization profile, user that have been added by these profiles, can not access their archive via the integrated IMAP server as a MailStore SPE instance is not able to verify those passwords itself.
 +
* '''Mobile Web Access'''
 +
*; The dedicated Mobile Web Access has been removed due to no longer supported third-party components (e.g. jQuery Mobile) and in favor of MailStore Web Access, which has been received major enhancements in terms of performance and usability.
 +
* '''Legacy Web Access'''
 +
*; As parts of Legacy Web Access are representing the server-side of the Outlook Add-in, the Legacy Web Access is still present, but no longer advertised on the login screen of the Web Access.
 +
* '''Group Policies'''
 +
*; The following group policy settings are no longer supported in MailStore 13:
 +
** '''MailStore Client: Accept Thumbprint'''
 +
**; If a server name has been defined by a group policy, the certificate used by the Client Access Server must be trusted by the client computer and it must not be revoked or expired.
 +
** '''MailStore Outlook Add-in: Accept Thumbprint'''
 +
**; If a server name has been defined by a group policy, the certificate used by the Client Access Server must be trusted by the client computer and it must not be revoked or expired.
 +
 +
== Upgrading to 12.1 ==
 +
* '''TLS Compatibility'''<br/>To connect to Instances in environments that support TLS version 1.1 or 1.2  only via the MailStoreCmd command line util, the Email Archive Client launcher must be updated by downloading and reinstalling it either manually or through a GPO.
 +
 +
== Upgrading to 12 ==
 +
* '''Expired Certificates'''
 +
*; Irrespective of whether the certificate's trust can be verified, no connection is established by the E-Mail Archive Client to Client Access Server's whose certificate has expired or was revoked. In such a case, the certificate on the Client Access Server must be replaced first.
 +
 +
== Upgrading to Version 11 ==
 +
* '''Upgrading Archive Stores'''
 +
*; <p class="mswarning">'''Depending on the archive size this can take an excessive amount of time. On average 50.000 messages are processed per minute during the upgrade.'''</p>
 +
*; Until the archive stores have been upgraded, not all functionality of the software is available. To facilitate
 +
** retention policies,
 +
** the search functionality,
 +
** the improved recovery records,
 +
*; the databases of the archive stores must be upgraded.
 +
*; Proceed as follows to upgrade:
 +
** Log in to the Management Console.
 +
** Click on ''Instances''
 +
** Select the instance to upgrade
 +
** Open the ''Storage'' tab
 +
** Right-click on an archive store and select ''Perform Upgrade'' to upgrade a single archive store.
 +
** Carefully read the notices and click on ''OK'' to start the upgrade process or click on ''Cancel''.
 +
* '''Retention Policies'''<br/>If not all attached archive stores are available (State: ''Archive here'', ''Normal''), or their status is ''Write-Protected'', no automatic processing of retention policies takes place. Therefore verify if an archive store is set to ''Disabled'' or ''Write-Protected'' after the upgrade and change it to one of the above states or detach it completely. Please notice that only end customers are allowed to manage retention policies.
 +
* '''Jobs'''<br/>With the release of this version, the service provider administrator ''$archiveadmin'' is limited to manage only his own jobs.
 +
* '''Access via Integrated IMAP Server'''<br/>To access the archive via the integrated IMAP server, an encrypted connection is now mandatory. If necessary, adjust the configuration of your email clients accordingly and enable TLS or STARTTLS.
 +
* '''SMTP Settings'''<br/>In order to being able to select system administrators as notification recipients in the new SMTP settings, the email address needs to be configured in the properties of the corresponding system administrator.
 +
* '''Management API Commands Get-/SetComplianceConfiguration'''<br/>The property ''globalRetentionTimeYears'' has been removed from the commands. Own scripts using these commands have to be adjusted accordingly. To manage retention policies, two new commands  are available: ''GetRetentionPolicies'' and ''SetRetentionPolicies''.
 +
 +
== Upgrading to 10.2 ==
 +
* '''Branding'''<br/>For the new responsive Web Access additional branding parameters were introduced. Please review your branding configuration after installing the upgrade. See [[Branding]] for the full list of options.
 +
 +
== Upgrading to 10.1 ==
 +
* '''Archiving Emails'''<br/>If not all attached archive stores are available (State: ''Archive here'', ''Normal'', or ''Write-Protected''), no archiving takes place. Running archiving profiles are terminated with an appropriate message. Under certain circumstances this prevents the creation of duplicate emails while archiving. Therefore verify if an archive store is set to ''disabled'' after the upgrade and change it to one of the above states or detach it completely.
  
 
== Upgrading to Version 10 ==
 
== Upgrading to Version 10 ==

Latest revision as of 16:07, 14 July 2020

General Information

  • The installation process upgrades the software automatically by uninstalling any previous version first. Administrators will be asked during setup to confirm the uninstallation. The new version must be installed in the same directory as the old version. The installation directory has to be adjusted manually in case the old version has been installed in a non default directory.
  • During the installation process services are automatically stopped and restarted afterwards. Running archiving profiles will be cancelled and may show up as failed. Active user sessions will be terminated. Should stopping the service fail for any reason, please stop the service manually and run the installation again.
  • In a multi server environment, upgrade the components in the following order: Management Server, Instance Host, Client Access Server
  • After each update check the files in the sample branding folder to identify if new settings or template variables have been introduced.
  • Please note the following version specific upgrade notices. Also read the notices from all version numbers between yours and the one you are going to install.

Upgrading to 13.x

  • Microsoft 365 Support
    A new directory service synchronization profile Microsoft 365 (Modern Authentication) as well as new profiles for archiving and exporting emails from or to Microsoft 365 have been introduced. These support modern authentication (OAuth 2.0 & OpenID Connect) and customers of Microsoft 365 are advised to regularly check for Microsoft's announcement on the timeline for removing HTTP Basic Auth from Microsoft Exchange Web Services (EWS) and to plan the migration to the new profiles in advance.

    Once Microsoft disables support for HTTP Basic Auth in Exchange Web Services on Microsoft 365, the existing directory service synchronization profile Microsoft 365 (Basic Auth) (formerly named Office 365) and the Microsoft Exchange archiving and export profiles will stop working.

  • Google G Suite Support
    The Google G Suite directory service synchronization profile has been extended with support for modern authentication (OAuth 2.0 & OpenID Connect). Customers of G Suite are advised to regularly check for Google's announcement on the timeline for removing support for less secure apps, and should plan the migration to the new setting in advance.

    Once Google disables support for Less Secure Apps in G Suite, the existing directory service synchronization profile G Suite will no longer allow users to login to MailStore as long as the authentication method is still set to IMAP.

  • Outlook Add-in
    Due to the required changes of the login process to support modern authentication with Microsoft 365 and Google G Suite, the Outlook Add-in must be updated to version 13 to be able to connect to a MailStore SPE 13.x instance. Connecting to an older version of a MailStore SPE instance is no longer possible after the update.
  • GPO Templates
    GPO templates are now bundled with the application. End customers may download the GPO templates from the default page of the Client Access Server. See the index.html file in the sample branding folder on how to integrate the corresponding link. As the Email Archive Client and Email Archive Outlook Add-in use the same registry keys as MailStore Server and MailStore Outlook Add-in, the GPO templates provided are those bundled with the original MailStore products.
  • IMAP Access to Archive
    When using either the new Microsoft 365 (Modern Authentication) or Google G Suite directory service synchronization profile, user that have been added by these profiles, can not access their archive via the integrated IMAP server as a MailStore SPE instance is not able to verify those passwords itself.
  • Mobile Web Access
    The dedicated Mobile Web Access has been removed due to no longer supported third-party components (e.g. jQuery Mobile) and in favor of MailStore Web Access, which has been received major enhancements in terms of performance and usability.
  • Legacy Web Access
    As parts of Legacy Web Access are representing the server-side of the Outlook Add-in, the Legacy Web Access is still present, but no longer advertised on the login screen of the Web Access.
  • Group Policies
    The following group policy settings are no longer supported in MailStore 13
    • MailStore Client: Accept Thumbprint
      If a server name has been defined by a group policy, the certificate used by the Client Access Server must be trusted by the client computer and it must not be revoked or expired.
    • MailStore Outlook Add-in: Accept Thumbprint
      If a server name has been defined by a group policy, the certificate used by the Client Access Server must be trusted by the client computer and it must not be revoked or expired.

Upgrading to 12.1

  • TLS Compatibility
    To connect to Instances in environments that support TLS version 1.1 or 1.2 only via the MailStoreCmd command line util, the Email Archive Client launcher must be updated by downloading and reinstalling it either manually or through a GPO.

Upgrading to 12

  • Expired Certificates
    Irrespective of whether the certificate's trust can be verified, no connection is established by the E-Mail Archive Client to Client Access Server's whose certificate has expired or was revoked. In such a case, the certificate on the Client Access Server must be replaced first.

Upgrading to Version 11

  • Upgrading Archive Stores

    Depending on the archive size this can take an excessive amount of time. On average 50.000 messages are processed per minute during the upgrade.

    Until the archive stores have been upgraded, not all functionality of the software is available. To facilitate
    • retention policies,
    • the search functionality,
    • the improved recovery records,
    the databases of the archive stores must be upgraded.
    Proceed as follows to upgrade
    • Log in to the Management Console.
    • Click on Instances
    • Select the instance to upgrade
    • Open the Storage tab
    • Right-click on an archive store and select Perform Upgrade to upgrade a single archive store.
    • Carefully read the notices and click on OK to start the upgrade process or click on Cancel.
  • Retention Policies
    If not all attached archive stores are available (State: Archive here, Normal), or their status is Write-Protected, no automatic processing of retention policies takes place. Therefore verify if an archive store is set to Disabled or Write-Protected after the upgrade and change it to one of the above states or detach it completely. Please notice that only end customers are allowed to manage retention policies.
  • Jobs
    With the release of this version, the service provider administrator $archiveadmin is limited to manage only his own jobs.
  • Access via Integrated IMAP Server
    To access the archive via the integrated IMAP server, an encrypted connection is now mandatory. If necessary, adjust the configuration of your email clients accordingly and enable TLS or STARTTLS.
  • SMTP Settings
    In order to being able to select system administrators as notification recipients in the new SMTP settings, the email address needs to be configured in the properties of the corresponding system administrator.
  • Management API Commands Get-/SetComplianceConfiguration
    The property globalRetentionTimeYears has been removed from the commands. Own scripts using these commands have to be adjusted accordingly. To manage retention policies, two new commands are available: GetRetentionPolicies and SetRetentionPolicies.

Upgrading to 10.2

  • Branding
    For the new responsive Web Access additional branding parameters were introduced. Please review your branding configuration after installing the upgrade. See Branding for the full list of options.

Upgrading to 10.1

  • Archiving Emails
    If not all attached archive stores are available (State: Archive here, Normal, or Write-Protected), no archiving takes place. Running archiving profiles are terminated with an appropriate message. Under certain circumstances this prevents the creation of duplicate emails while archiving. Therefore verify if an archive store is set to disabled after the upgrade and change it to one of the above states or detach it completely.

Upgrading to Version 10

  • Upgrade of Master Database
    To facilitate encryption of the master database it is upgraded to Firebird 3 during the first start of an instance and encrypted afterwards. This process might extend the time required for the first start of the instance by several minutes.
  • Upgrading Archive Stores
    To facilitate encryption the databases of the archive store must be upgraded. Proceed as follows to upgrade:
    • Log in to the Management Console.
    • Click on Instances
    • Select the instance to upgrade
    • Open the Storage tab
    • Right-click on an archive store and select Perform Upgrade to upgrade a single archive store.
    • Carefully read the notices and click on OK to start the upgrade process or click on Cancel.
  • Archives of Other Users
    These are no longer visible for instance administrators if the Archive Access (formerly knows as E-mail Preview) is blocked. Administrative functions such as deleting or renaming user archives are accessible through Administrative Tools > Users and Archives > Archives in the Email Archive Client.
  • Export E-mails
    The previous change may also have an impact on export profiles owned by an instance administrator, in case the export scope contains archives of other users. As these are no longer visible to instance administrators if the Archive Access (formerly knows as E-mail Preview) is blocked, they are not taken into account by export profiles.
  • Auditing
    All activities that are exclusively executable by instance administrators are displayed as Enabled (locked) at Compliance > Auditing. Irrespective of the Disabled status, all activities of instance administrators, excluding MessageRetrieveContent, are written into the audit log.

Upgrading to Version 9.x

  • System Requirements
    Please ensure that your system configuration matches the updated system requirements. MailStore Service Provider Edition now requires .NET Framework 4.5.1. The E-mail Archive Client and E-mail Archive Add-in for Outlook now require .NET Framework 4.5.1 and Internet Explorer 8 or higher.
  • E-mail Archive Client Compatibility
    Due to a bug in version 8.5 of the E-mail Archive Client, it cannot update itself to version 9. Therefore re-deployment of version 9 of the E-mail Archive Client is required.
  • PDF Support of Full Text Search
    PDF support has been removed from MailStore SPE's own indexer. Therefore it is required to either install a recent version of Adobe Reader or an appropriate IFilter driver (i.e. Adobe PDF iFilter on the Instance Host machines.
  • MailStore Management API
    The Management API is now listening on its own TCP port, 8474 by default. It does no longer support sessions, thus login, logout and cookie handling is no longer required nor supported. HTTP basic authentication must be used instead. Please make sure to modify your scripts accordingly. The API is not enabled by default. You have to activate it in the Management Role.