1 Installation Prerequisites : Exchange Server 2003 requires the following components and services:
• • • •
Windows 2000 Server with SP3 or Windows Server 2003 Active Directory DNS services Internet connectivity for sending and receiving e-mail over the Internet
Active Directory performs many of the services that earlier versions of Exchange performed. Active Directory has three partitions (also referred to as naming contexts). Each partition has its own replication and permissions configuration. Partition Schema
Function The schema defines the rules for how objects are created and the properties and bounds for object properties. When you install Exchange, the schema is extended to:
• •
Configuration
The configuration partition controls communication and replication for all Exchange 2003 servers. The configuration partition:
• • • •
Domain
Add Exchange-specific objects Add Exchange-specific properties to existing objects
Stores information on the physical structure of the Exchange organization Stores information for routing groups and connectors Stores replication configuration Replicates data to all domain controllers in the forest
The domain holds all data for individual users, contacts, and mailboxes. As Exchange runs, it stores and modifies data in the domain.
Before installing Exchange Server 2003, you should prepare the forest and Active Directory domains. Although these actions can be performed during installation, doing them first allows for enough time to complete the replication process. The following table describes the actions to take. Phase Forest Preparation
Description Forestprep extends the Active Directory schema by adding classes and attributes used by Exchange.
• •
Run Setup.exe /forestprep once on the forest root domain. To run /forestprep, the account you use must have the following roles: • Schema Administrator • Enterprise Administrator • Domain Administrator
2 •
Domain Preparation
Local machine Administrator
Domainprep adds the necessary objects for Exchange administration.
•
Run Setup.exe /domainprep once in the following domains: • The forest root domain • Any domain that hosts an Exchange server • Any domain that contains users that will access Exchange mailboxes
To run /domainprep, the account you use must have the following roles:
• •
Domain Administrator Local machine Administrator
In order for Exchange Server 2003 to use Active Directory properly, a good DNS infrastructure must be set up. Exchange Server 2003 uses DNS for the following:
• • •
An Exchange server contacts DNS to get service locator records (SRV) to locate Active Directory domain controllers. An Exchange server contacts DNS servers to retrieve MX (mailbox) records and to locate SMTP domains. An Exchange server uses DNS to resolve hosts names, especially when locating hosts on the Internet.
Core Component of Microsoft Exchange Server 2003 : The following table identifies the core components of Exchange. Component Information Store (IS)
Service and Function Store.exe is a service running on the Exchange server that manages the database process of Exchange. This service is required for databases to be loaded and for clients to connect to Exchange server. Note: Store.exe requires more memory than most other processes that are running on the Exchange server
Internet Information Services (IIS) Exchange relies on IIS and several of its services including:
• • •
The IIS Admin Service to provide security and reliability by isolating an application's authentication, processes, and extensions. The SMTP Service handles message transfer, inside and outside of the Exchange server. The Routing Engine enables message transfer from server to server and executes and tracks multiple
3 process instances in an Exchange folder.
System Attendant (SA)
Mad.exe is a service running on the Exchange server that is responsible for:
• •
Active Directory (AD)
Tracking messages and recipients Running the Recipient Update Service (RUS) which updates Active Directory object properties.
Exchange requires Active Directory for locating users and routing processes. NTDS.dit is the name of the Active Directory database. Note: It is recommend that you don't install Active Directory on Exchange Server unless you have only one server in the organization.
Exchange Organization and Objects : The following table lists some of the major objects that are used to organize and administer Exchange. You will learn more details about each throughout this course. Object
Description
Organization
The organization is the top Exchange infrastructure object.
Administrative Group
An administrative group is a logical administrative structure that is used to manage permissions and delegate permissions to Exchange servers.
• • •
Administrative groups organize servers for management purposes. Administrative groups match your network administrative structure. Groups are often based on locations or major departments. Use permissions to allow administrators to manage the Exchange servers within the group.
Server
The server object in Exchange System Manager represents a physical Exchange server. Objects below the server identify resources and processes running on the server.
Queue
The queue folder beneath a server holds the messages or jobs that are awaiting transmission or processing.
Virtual Server
A virtual server identifies a protocol running on the Exchange server. You can have multiple different protocols running at the same time or multiple instances of the same protocol running on a single server. Each instance of a protocol is represented by a different virtual server. Virtual servers used in Exchange are:
4
• • • • •
SMTP, used for communication between mail servers and by clients for sending mail X.400, used to communicate with X.400 mail servers POP3 and IMAP used to communicate with e-mail clients NNTP used for communicating with news clients and servers HTTP used to provide mail access through a Web browser
The virtual servers you will need on your Exchange server depends on the servers and clients that will need to communicate with your server. Recipient
A recipient is an Active Directory object that has Exchange mail capabilities. Potential recipient objects include users, groups, contacts, and InetOrgPerson objects.
Mailbox
A mailbox is a logical storage location associated with a recipient. The mailbox is where all e-mail messages are stored. The In Box and all other associated folders make up the mailbox.
Store
A store is a database of Exchange information. The store contains individual recipient mailboxes. All mailboxes in the store share common configuration settings.
Storage Group
A storage group is a collection of stores. All stores in the storage group are held on the same physical server.
Address Lists
An address list is a list of recipients. The global address list is an address list that is automatically generated by Exchange and which includes all recipients in the Exchange organization. In addition, you can define custom address lists.
Public Folder
A public folder is a repository for data that can be accessed by multiple users. A public folder is a recipient that can have an associated e-mail address. Users can e-mail or post content into the public folder. Content in the public folder is accessible through the Outlook clients.
Routing Group
A routing group is a group of Exchange servers that are connected by constant, high-speed links. The routing group identifies Exchange servers that can contact each other without any additional routing considerations. The routing group topology typically mirrors sites in your organization that are connected by WAN links. Routing groups identify the physical routes that messages take. By default all Exchange servers are in the First Routing Group.
Routing Group Connector
Connectors identify paths between routing groups, to the Internet, or to external mail systems. Connectors identify the protocols used to communicate between routing groups. You can also control how communication occurs by controlling delivery time, message size, and users among other criteria.
Recipient Update Service
The Recipient Update Service is responsible for updating Active Directory with Exchange-specific information. For example, the Recipient Update Service updates e-mail addresses associated with user accounts.
5
Exchange Management Tools Facts : You have several tools available to you to monitor and manage Exchange servers. The table below describes some common Exchange management tools. Tool Exchange System Manager
Description The System Manager tool is installed by default and is the primary tool you use to monitor and manage your Exchange Server 2003 configuration. Use System Manager to:
• • • • •
Change server settings Change database settings Move databases Create additional databases Enable message tracking
System Manager runs on Windows 2003 or Windows 2000 SP3 as long as Active Directory Users and Computers is running on the machine. You can also use System Manager on a Windows XP machine with SP1 as long as SMTP service is running on the machine during the installation of the tools. Active Directory Users and Computers
Active Directory Users and Computers is the primary tool you use to manage users in an Exchange Server 2003 environment. Use Active Directory Users and Computers to:
• • • •
Create recipients Modify recipients Hide recipients Manipulate additional recipient options
Active Directory Users and Computers runs on Windows 2003, Windows 2000 SP3, or Windows XP. Adsiedit
Adsiedit is the tool you use to modify advanced properties in Active directory. Use Adsiedit to:
• •
Grant advanced security permissions Add, modify, delete, and organize user accounts, computer accounts, security and distribution groups
Adsiedit runs on any Windows 2003, Windows 2000 SP3 or Windows XP machine that is part of the domain. Install Adsiedit using the Support Tools available on the Windows 2000 or Windows 2003 CD. LDAP Viewer
The LDAP viewer allows you to view advanced properties of recipients such as:
6
• • • •
The SMTP addresses of users The date and time of a user's last log on SID of an object Object history
•
How an object was migrated
Keep in mind the following facts regarding management tools:
• • •
Because Exchange System Manager and the Active Directory Users and Computers are snap-ins, you can create custom MMCs for both of them. You do this by typing MMC.exe at the command line to run the Microsoft Management Console. Exchange System Manager can only be used to administer Exchange Server 2003. Use Active Directory Users and Computers to move mailboxes within an organization. Use the migration wizard and other migration tools to move mailboxes between organizations.
Administrative Groups and Permission : An administrative group is a logical administrative structure that is used to manage permissions and delegate permissions to Exchange servers. Note the following facts about installing Administrative Groups:
• • • •
During installation you specify the name of the administrative group into which you install the Exchange server. It is important to select the correct administrative group for each server because you cannot change it after installation. During the installation, if there is only one administrative group, all Exchange servers will automatically be installed in that group. You are not prompted to select the administrative group if Exchange only has a single administrative group. You can set up administrative groups prior to the installation of the first Exchange server. This gives you the advantage of being able to select multiple administrative groups during the install of the first Exchange Server. To set up administrative groups prior to installation: • Run /forestprep • Use Adsiedit to create administrative groups in Active Directory.
After installation, you can use Exchange System Manager to create new administrative groups. If Exchange is running in native mode, you can rename administrative groups in Exchange System Manager. Otherwise, use Adsiedit to rename administrative groups. Using permissions you can delegate Exchange server administrative tasks to other users. Keep in mind the following facts for managing Exchange permissions:
• • • •
Permissions are assigned either at the organizational level or the administrative group level. Use the Exchange Delegation Wizard in Exchange System Manager to manage delegations. While running /forestprep or during the Exchange Server 2003 installation, you identify the default Exchange System Administrator. This administrator has all permissions to the Exchange organization. Exchange administrators must have specific permissions in Active Directory for the objects and levels they will be working. They must also have permissions on the local computer.
7 The following table identifies the permissions of each Exchange administrator role. Administrator Role
Administrative Rights
Full Administrator
Full control over all objects within the hierarchy Change all permissions Delegate permissions Read mailboxes
Administrator
Full control over all objects, except cannot change permissions
View Only Administrator
View configuration
Note: When you assign the Full Administrator or Administrator roles to an administrative group, the user also receives View Only permissions to the organization, allowing the administrator to view the configuration of the entire organization. Exchange Modes : An Exchange Server 2003 organization runs in one of two modes of operation: mixed mode or native mode. The following table defines each mode and identifies characteristics of each. Mode Type Mixed
Description Mixed mode is the default Exchange mode that is designed for backwards compatibility with other Exchange servers. When operating in mixed mode:
• •
Overall Exchange functionality is limited to features shared by all servers in the organization. Exchange 2003 servers appear as just another server to earlier versions of Exchange.
Used mixed mode if your organization includes servers running previous versions of Exchange. Native
An organization in native mode contains only computers that are running Exchange 2000 Server or Exchange Server 2003 or later. To switch to native mode, the following conditions must exist:
• •
All Exchange servers must be upgraded to Exchange Server 2003. Domain controllers that communicate with Exchange servers must be running Windows 2000 Server SP3 or later.
Note: After you change to native mode, you cannot change back to mixed mode. This means that no earlier releases can be added to the Exchange organization. It is important to understand the implications of the conversion before you convert. Use native mode to take advantage of the following features:
•
Moving servers between routing groups in different
8
• •
administrative groups. Creating query-based distribution groups. Moving mailboxes between administrative groups.
•
Mail-enabling or mailbox enabling the InetOrgPerson object.
To determine the mode of the Exchange organization, view the properties of the Organization object in Exchange System Manager. Edit the setting on the General tab to change the Exchange mode.