CHAPTER 2
INTEGRATION WITH MICROSOFT WINDOWS 2000
Information
Microsoft Exchange 2000 Server takes full advantage of the features of Microsoft Windows 2000
such as the network architecture, security features, and directory services.
At first glance, you might find the new management tools of Windows 2000 puzzling because they
rely thoroughly on Microsoft Management Console (MMC).
You will read about the MMC framework and customized management tools. That is followed by
an introduction to how Exchange 2000 Server utilizes Active Directory.
Lesson 1:
Integration with Microsoft Management Console
MMC is Windows-based multiple-document interface (MDI) application representing a
framework for Windows 2000 management tools.
Microsoft encourages all independent software vendors to provide MMC-based management
applications for their systems to support a common administrative interface for Windows 2000
across all platforms.
Microsoft Management Console Overview
It is more of a framework for system developers and administrators. System developers write
administrative applications for MMC, called snapins, and administers then snap these
management applications into the MMC and use them for their system administration.
Common MMC Elements
Because all snap-ins rely on MMC, a common set of user interface elements is generally
available to all of them, such as the main menu, the action bar, standard toolbars, and
console tree and the details pane.
======================================================================
winexc2.html PAGE 2 2002/06/03
Taskpads
A taskpad is a dynamic HTML (DHTML) page that allows you to combine a details pane
displayed as a vertical or horizontal list with shortcuts to available commands.
User Mode MMC Tools
Distribute your tools manually, through e-mail messages, or via Active Directory (by using the
Group Policy snap-in’s Software Installation extension). There are three modes:
User Mode – Full Access. Save as an .msc.
User Mode – Limited Access, Multiple Windows. It is not possible to add or
remove
snap-ins or to save changes to the .msc file.
User Mode – Limited Access, Single Window. Same as User Mode Limited
Access, Multiple Windows, with the exception that additional child windows cannot
be opened.
MMC Snap-Ins and Exchange 2000 Server
Numerous snap-ins come with Windows 2000, but they do not cover all aspects of Exchange
2000 Server administration.
Exchange 2000 Snap-ins
Exchange 2000 Registers it snaps-in in the Windows 2000 Registry under the following key:
HKEY_LOCAL _MACHINE\software\Microsoft\MMC\Snapins
The following MMC-based management utilities are included in
Exchange 2000 Server:
======================================================================
winexc2.html PAGE 3 2002/06/03
Exercise Summary:
as the name implies, don’t require support from other snap-ins.
in terms of functionality.
toolbars, property pages, wizards, or Help features.
Lesson 2:
Are you administering a messaging environment already?
Are you administering a messaging environment already? The integration of Exchange 2000
Server with Active Directory overcomes the duplication of similar information in multiple
directory repositories and will help reduce your system maintenance overhead. For example,
in a Windows NT/Exchange Server 5.5 environment, you need to maintain user accounts in a
Windows NT domain and associated mailboxes in an Exchange Server directory.
Physical and Logical Structure
The physical structure is based on sites, and the logical structure is comprised of the individual
directory objects, organizational units (OUs), domains, trees, and forests.
Sites, Domains, OUs, and Directory
Objects
Sites are combinations of IP subnets connected to each other via high-speed network links.
Domains contain OUs and are arranged in a tree and a forest.
Moving Users Between OUs
Using the Active Directory Users and Computers snap-in, you can create additional OUs
in a domain.
This can provide a high level of convenience, for instance, if a user moves between
departments in an environment where departments are mapped to OUs in the Active
Directory architecture.
======================================================================
winexc2.html PAGE 4 2002/06/03
Domains and Namespaces
Windows 2000 domains include one or more domain controllers and define the security
boundary for all network resources they contain.
Domain Controllers and Access Control Lists
User the DCPROMO.EXE utility to promote a computer running Windows 2000 Server
to a domain controller.
You can arrange multiple domains in a hierarchical manner to establish a parent-child
relationship between these domains.
NOTE: It is advisable to deploy a single Active Directory forest to enable a common
security model and to be able to replicate configuration and schema information across
your organization.
Continuous and Disjointed Namespace
Every DNS name of a child domain in the hierarchy contains the name of the parent domain.
For instance, the subdomain Bluesky.com.uk. in the classroom.
Exercise Summary:
configured properly and you have the required permissions. Start the
DCPROMO.EXE utility (which resides in the \Winnt\System32 directory) and make
sure you choose the Create a New
Active Directory Replication
Replication can be performed via IP, synchronous remote procedure called (RPC)
communications, or via SMTP . IP-based and RPC communications works best over
fast and reliable network connections (such as a local LAN).
Windows 2000 Sites
Only replication links between sites need to be configured manually.
NOTE: Windows 2000 sites are only used to identify regions in the network where fast
and reliable connections are present. They do not serve any purpose for Exchange 2000
administration.
======================================================================
winexc2.html PAGE 5 2002/06/03
Exchange 2000 Attributes in the Active Directory Directory Service.
When you install Exchange 2000 Server, the setup routine automatically extends the Active
Directory forest.
First Server Installation
During the installation of the very first Exchange 2000 server in an organization, the Setup
program will take an extended period of time to extend the forestwide Active Directory
Schema. You may have noticed this when installing Exchange 2000 on Bluesky-srv1 in
your test environment. Schema extensions are required to provide you with the ability to
manage Exchange 2000 resources.
Active Directory Schema
Classes are sets of objects attributes (user name, logon name, alias, etc.) and attributes are
governed by syntaxes (single value, multiple value, data type, etc).
Exercise Summary:
They are added to Active Directory as part of the first Exchange 2000 installation and are
replicated to all domain controllers in the forest. Permissions of a schema admin (member
of the Windows 2000 group Schema Admins) are required to change the confirmation.
Active Directory Integration and Outlook Clients
When you use Outlook to connect to your server-based mailbox and open the address book
to look up recipient information from your Exchange 2000 organization, this information does
not come from your Exchange 2000 server at all; instead it is retrieved from the Windows 2000
Global Catalog Server.
======================================================================
winexc2.html PAGE 6 2002/06/03
DNS Proxy Feature
To support MAPI-based clients, Exchange 2000 server provides a feature known as DSProxy.
DSProxy forwards directory lookups of MAPI-based clients straight to a Global Catalog Server.
DSProxy also keeps a reference of connections between clients and server, ensuring that the
response from the Global Catalog is passed to the correct client.
NOTE: DSProxy requires TCP/IP, IPX or the AppleTalk Protocol. NetBEUI is not
supported.
Global Catalog Servers
By default, only the first domain controller in the forest is a Global Catalog server, but you can
add one or more to increase the fault tolerance.
NOTE: Setting the NSPI Target Server manually via the NSPI Target Server Registry
parameter may be necessary in some situations; however, this decreases system resilience.
Diversion of Smart MAPI Clients
DXProxy, especially its Directory Service Referral (RFR) Interface, also has the ability to
divert so-called smart MAPI clients to the global Catalog directly. To cause DSProxy to
divert Outlook 2000 and other smart clients, set the registry parameter RFR Target Server
(type REG_SZ) on the server to the name of the desired Global Catalog Server under:
HKEY_LOCAL_MACHINE\system\CurrentcontrolSET\Services\msexchangeSA\Parameters.
MAPI Profile Settings
Consequently, diverting Outlook 2000 to the Global Catalog can reduce the load on the
Exchange 2000 Server and the latency for address book lookups.
DNS Records for Global Catalog Servers
Global Catalog servers must be registered through service (SRV) records in DNS. If your
DNS server supports dynamic updates, Windows 2000 registers the required information
automatically.
Global Catalog Load-Balancing
MAPI-based clients communicate with the Exchange directory service in many situations,
such as for client logon, displaying the address book, resolving recipient information, and
so on.
Exchange 2000 Server can balance the generated workload between the available Global
Catalog Servers.
======================================================================
winexc2.html PAGE 7 2002/06/03
Lesson 3:
Windows 2000 Protocols and Services Integration
TCP/IP is Microsoft’s strategic network transport protocol. Exchange 2000 Server integrates
tightly with Active Directory, and Active Directory requires DNS, which in turn requires
TCP/IP. Therefore, you may consider Exchange 2000 primarily a TCP/IP-based system,
although it can also use other networking protocols such as IPX/SPX, AppleTalk, Banyan
Vines protocol.
TCP/IP Protocol Suite
The Internet has proven that the TCP/IP protocol suite is the right choice for computer
networks of any size and purpose.
MAPI-Based Clients
MAPI-based clients, such as Outlook 2000, depend on synchronous RPCs.
Server-to-Server Communication
Windows Sockets is also utilized for server-to-server communication. Servers running
Exchange 2000 Server transfer messages preferably via SMTP, which requires the Windows
Sockets interface. Unlike earlier versions of Exchange
Server, which used synchronous
RPCs
for server-to-server communication within sites, Exchange 2000 Server does not rely on RPCs
between servers. Instead, SMTP is used. As an asynchronous transport protocol, SMTP
allows Exchange 2000 Server to operate well under high-and-low bandwidth network conditions.
======================================================================
winexc2.html PAGE 8 2002/06/03
Internet Information Services 5.0
Exchange 2000 Server takes advantage of the SMTP and NNTP services that ship with Internet
Information Service (IIS) 5.0. IIS 5.0 is installed by default as a networking service of Windows
2000 Server. Exchange 2000 extends the SMTP and NNTP services to implement Exchange-
specific functionality.
Exercise Summary:
require a relatively high network bandwidth and reliable connections. The SMTP transport
allows you to focus on administrative issues when designing your environment, rather than on
the physical network structure.
Exchange 2000 Server Extensions
A sink is a way for one process to notify another process when specific criteria are met.
Exchange 2000 Server utilizes these sinks to extend the SMTP features.
SMTP Command Extensions
Among other things, Exchange 2000 Services uses protocols sinks to implement various
SMTP command extensions.
Exchange 2000 Store Driver
By default, the SMTP Service uses a simple mail drop directory on the file system to “deliver”
messages categorized for local delivery after the Exchange 2000 installation. The new mail
tore relies on events on the SMTP service to pick up, relay, and drop off messages from
Exchange 2000 message queues.
Enhanced Routing Capabilities
Exchange 2000 Server registers a number of event sinks to enhance the default SMTP
routing behaviour.
======================================================================
winexc2.html PAGE 9 2002/06/03
Advanced Queuing Engine
Finally, Exchange 2000 Server also extends SMTP message queuing by implementing its
advanced queuing engine. This engine asynchronously performs actions based on the
individual properties of the messages.
Lesson Summary:
MMC snap-ins.
that can be carried over a variety of network protocols.
for server-to-server communication.
than RPCs. Exchange 2000 Server extends the SMTP and NNTP services that ship with
messaging and collaboration solution.