CHAPTER 4

                         PLANNING THE MICROSOFT EXCHANGE SERVER

                                                          INSTALLATION

 

The installation of Microsoft Exchange 2000 Server on a single computer is not a very complex

task.  You just did this to prepare your test environment.    Unfortunately, many Exchange

environments begin their evolution this way.

 

Lesson 1:  Deployment Considerations

 

Exchange 2000 Server is enormously flexible and offers numerous mutually exclusive deployment

options.  You have to decide what is best for your organization.  Would you prefer centralized or

decentralized system administration?

 

 

Distributed Versus Centralized Management

 

Distributed configurations have a higher total cost of ownership than their centralized counterparts. 

Directory services offer the ability to centralize administration and provide a simplified, faster, and

more coordinated organization.  That is why Microsoft, Novell and Banyan have each developed

their own directory services.

 

 

Windows 2000 Permissions

 

In a standard Windows 2000 domain environment, only the administrator of the top-level domain

has the required permissions to install Exchange 2000 Server.  In other words, no sublevel domain

administrator can just set up Exchange 2000.

 

To first install Exchange 2000 Server, you need to use and account that is a member of one of the

following Windows 2000 security groups:

 

  • Domain Admins
  • Enterprise Admins
  • Schema Admins

 

NOTE:  The installation must be updated with Windows 2000 Service Pack 1.

 

 

 

======================================================================

 

winexc4.html                                                    PAGE 2                                                     2002/06/05

 

 

 

Windows 2000 Server and Exchange 2000 Administration

 

If you are working in a single domain environment as the only administrator for both Windows 2000

Server and Exchange 2000 Server, you don’t need to delegate authority to any additional accounts. 

If you are working in a more complex environment, however, consider the following aspects of

Windows 2000 before installing Exchange 2000 server:

 

 

  •   Consolidate multiple existing domains into fewer Windows 2000 Server domains if possible to

simplify the environment.

  •   Create individual security groups for each administrative role in your environment, such as

administrators for user accounts and mailboxes and administrators for system configuration.

  •   Form a deployment team with members of both messaging administrators and administrators

managing Active Directory.

  •   Review your Windows 2000 Active Directory design prior to the installation of Exchange 2000

Server.

 

 

Exercise Summary:

 

Exchange 2000 Server administration is bound to Windows 2000 administration because both use

Active Directory to store configuration and security-related information.

 

 

Exchange 2000 Hierarchy

 

Although desirable, it is not always practical to enforce a centralized administrative model, for

instance, if you are in charge of a large computer network with server resources in different

geographic locations.

 

NOTE:  Exchange 2000 Server allows you to design the system administration independently of

physical network links and server arrangements and can be adapted to both centralized and

decentralized infrastructures.

 

 

Exchange 2000 Boundaries

 

There are three separate boundaries you need to take into consideration when planning your

Exchange 2000 infrastructure.  These are:

 

  •   Namespace,
  •   Administrative groups
  •   Routing groups

 

 

 

 

======================================================================

 

winexc4.html                                                    PAGE 3                                                     2002/06/05

 

 

 

  •   Active Directory forest, which contains all of the directory information for your

Exchange 2000 environment.  Servers are set in routing groups, and routing groups are

typically collected into administrative groups, although you can split a routing group

across multiple administrative groups.

 

 

NOTE:  The relationship between routing groups and administrative groups is not necessarily

hierarchical.

 

 

Namespace.  The namespace represents the core of the Exchange 2000 hierarchy. 

It exists in Active Directory in the form of a domain forest and contains directory

information about all of the Exchange 2000 resources, for instance, to map user

accounts to their corresponding mailboxes.

 

NOTE:  All Exchange 2000 resources must exists in the same namespace (such

as the Active Directory forest).  Consequently, Exchange 2000 organization

cannot span multiple namespace (such as multiple forests).

 

Administrative Groups.  Administrative groups help to simplify system management,

for instance to define groups of administrators separately responsible for servers in

different departments.

 

Routing Groups.  Similar to Windows 2000 sites, you should define routing groups

primarily to describe regions of high-speed connections within your network.  Messages

sent between servers in the same routing group are transferred directly and immediately

using the Simple Mail Transfer Protocol (SMTP) transport service.

 

You can use the Routing Group Connector, X.400 connector, or an SMTP Connector

to provide a message path between Exchange 2000 routing groups.

 

Grouping of Servers.  When installing the very first server, you are automatically

creating an administrative group and a routing group.  You are not prompted for their

creation.  However, when you install subsequent Exchange 2000 servers, you need to

specify an administrative and a routing group in which to add the server.

 

 

 

Exercise Summary:

 

  •   If your situation permits a centralized administration, use a single administrative group containing

all server resources, which may then be split across a number of routing groups.

 

 

 

======================================================================

 

winexc4.html                                                    PAGE 4                                                     2002/06/05

 

 

 

Mixed Mode and Native Mode

 

If you have administered previous versions of Exchange Server, you will find many of the structural

elements in Exchange 2000 server familiar, especially if you operate in mixed mode for backward

compatibility.

 

Mixed Mode.  In mixed mode, administrative groups map directly to site in an Exchange

Server 5.5 organization.  This means that Exchange Server sites replicated to Active

Directory appear as administrative groups and administrative groups replicated to the

Exchange Server directory appear as sites.

 

 

The following limitations apply in mixed mode:

 

  •   Administrative groups are handled similar to Exchange Server 5.5 sites.
  •   It is impossible to move mailboxes between server in different administrative groups.
  •   Routing groups can only contain servers from the same administrative groups. 

Although one administrative group may contain multiple routing groups, routing

groups cannot span multiple administrative groups.

 

NOTE:  By default, Exchange 2000 Server operates in mixed mode to ensure maximal

interoperability with previous Exchange Server versions.

 

Native Mode.  You can switch Exchange 2000 to native mode if you don’t plan

to use previous versions of Exchange Server or as soon as you have upgraded all

of your server.

 

 

NOTE:  Keep in mind that switching to native mode is an irreversible process:  you cannot go

back to mixed mode.  It is likewise impossible in install earlier versions of Exchange Server into

a native mode organization.

 

 

Exercise Summary:

 

  •  The msExchMixedMode attribute in Active Directory defines the mode of your Exchange

2000 Server organization as mixed mode or native mode.  Using the ADSI Edit utility,

you can verify that your organization is operating in native mode.

  •   This only switches back the display in the Exchange System Manager.  Do not manipulate the

msExchMixedMode attribute in ADSI Edit to avoid configuration inconsistencies.

 

 

 

 

======================================================================

 

winexc4.html                                                    PAGE 5                                                     2002/06/05

 

 

Order of Services to Start in the Event Viewer

 

  • Service Attendant
  • MTA Stack
  • Information Store

 

Lesson 2:  Preparing the Server Installation

 

System requirements for successful server installation will vary.  You will need to address

architectural services issues, server roles, requirements for system performance, and questions

regarding system maintenance.

 

 

Exchange 2000 Requirements

 

During the setup of the first server, you need to define the organization names.  This name

cannot be changed later.

 

Hardware Requirements

 

The actual hardware requirements for Exchange 2000 Server are difficult to ascertain. 

 

Microsoft recommends the following equipment for a typical computer running Exchange

2000 Servers:

 

  • 128 to 256 MB of RAM
  • 2GB of available disk space on the drive for Exchange 2000 Server
  • 500MB on the system drive
  • CD-ROM drive
  • 300Mhz
  • Paging file set to twice the amount of RAM or larger
  • VGA-compatible display adapter

 

 

Software Requirements

 

Exchange 2000 Server can be installed on Microsoft Windows 2000 Server, Windows 2000

Advanced Server, or Windows2000 Datacenter Server with Service Pack 1.  Not service

pack 2 & patch (don’t work)

During the installation of Windows 2000, you will need to add the NNTP service manually. 

The SMTP service is part of the default installation.

 

 

 

 

======================================================================

 

winexc4.html                                                    PAGE 6                                                     2002/06/05

 

 

 

NOTE:  You need to install Exchange 2000 Server on an NT file system (NTFS) partition.

 

Exchange 2000 Server supports Windows 2000 clustering.  To benefit from such a

configuration, however, you need to install the Advanced Server or Data Centre Server

edition of Windows 2000.

 

 

Active Directory Dependencies

 

You need to prepare Active Directory and the underlying Windows 2000 domain structure

of your organization.

 

Licensing

 

Licensing is an important issue, but Microsoft’s licensing agreements are not always easy to

understand.

 

 

Installation Preparation

 

If you are planning to install Exchange 2000 Server in an environment with multiple domains

in a forest, it might be advantageous to import the Exchange-specific schema extensions prior

to the actual installation.

 

 

Preparing the Active Directory Forest

 

If you are responsible for messaging administration and have forestwide permissions to manage

Active Directory, no special preparation is required.

 

NOTE:  You need to install the first instance of Exchange 2000 Server into the domain where

the schema master resides.  By default, this is the first Windows 2000 Domain controllers

installed in your forest.  Only one domain controller in the forest can be the schema master.

 

Exchange 2000 installation CD using the command setup /ForestPrep.

 

 

 

 

 

 

======================================================================

 

winexc4.html                                                    PAGE 7                                                     2002/06/05

 

 

 

 

Preparing Windows 2000 Domains

 

Run Setup with the option /DomainPrep in each domain including the domain where you ran

ForestPrep to add further Exchange-specific configuration information to Active Directory.

 

 

 

Setup /DomainPrep

 

NOTE:  When installing Exchange 2000 at a later time, you should install it on the server where

DomainPrep was performed.

 

 

Exchange 2000 Roles and Permissions

 

By default, only the administrator who has installed the first server or was specified during the

preparation of the domain forest receives explicit administrative privileges at the Exchange level.

 

The Exchange System Manager includes a tool called the Exchange Administration Delegation

Wizard that simplifies permission management.  Similar to its Windows 2000 counterpart,

used to delegate administrative control for OUs to individual administrators, the Exchange

Administration Delegation Wizard simplifies permission management for Exchange administrators.

 

Using the Administration Delegation Wizard, you can assign the following roles to your Exchange

2000 Server administrators (and security groups):

 

  • Exchange Full Administrator. 
  • Exchange Administrator
  • Exchange View-Only Administrator

 

 

NOTE:  Enterprise and domain administrators that have been granted the role Exchange View-

Only Administrator will remain fully capable of managing the Exchange 2000 organization due to

permission inherited from the Enterprise Admins or Domain Admins security groups.

 

 

Exercise Summary:

 

  •   Forest preparation is not necessary if you install Exchange 2000 Server immediately in the

domain where the schema master resides.

  •   The DomainPrep mode creates a global security group named Exchange Domain

Servers and a domain local security group called Exchange Enterprise Servers.

  •   Front End/Back End Configurations
  •   Configurations where numerous servers function as front end systems handling incoming client

connections and fewer function as back end servers hosting the actual mailboxes are only

interesting if you plan to support Internet-based client programs, such as IMAP4 messaging

clients or Outlook Web access.

 

 

 

======================================================================

 

winexc4.html                                                    PAGE 8                                                     2002/06/05

 

 

 

 

Back End Server Configuration

 

Back end servers are ordinarily Exchange 2000 Servers hosting mailboxes and public folders.

 

 

Front End Server Configuration

 

Front end servers are servers that proxy incoming client connections to the back end systems,

which actually contain the users’ mailboxes.

 

 

Advantages of Front End/Back End Architectures

 

The main advantage of a front end/back end (FE/BE) architecture is the concentration of

incoming client connections through front end servers.

 

Front end servers are able to retrieve information about the location of a particular mailbox,

or the home server attribute, from Active Directory.

 

 

Internet Security Issues

 

In an FE/BE configuration, you have the option to enforce encrypted connections between

front end servers and Internet-based client programs using Secure Sockets Layer (SSL),

whereas the server themselves can communicate nonencrypted over the backbone without

any SSL overhead.

 

 

Exercise Summary:

 

It is relatively easy to configure a front end server to proxy HTTP, IMAP4, and POP3

traffic to a back end server that actually contains the user’s mailbox.

 

 

 

======================================================================

 

winexc4.html                                                    PAGE 9                                                     2002/06/05

 

 

Installing Exchange 2000 Server in a Clustered Environment

 

The Advanced Server and Datacenter editions of Windows 2000 support the cluster

technology, which can be used to bind multiple servers so tightly together that they will

act as one logical unit.

 

Clustering can thus significantly improve the reliability of your server-based applications,

such as Microsoft SQL Server or Exchange 2000 server.

 

 

Configuration Requirements

 

The purpose of a cluster is to provide multiple servers to the network as one virtual server. 

Hence, a cluster required a LAN-like connection for client access, and the protocol used

in the LAN must  be TCP/IP.

 

NOTE:  Use of identical hardware platforms and configurations for all nodes of a particular

cluster server is recommended.

 

The hardware requirements for a cluster server configuration are as follows:

 

  • Central hard disk system, which is shared between the nodes.
  • Dedicated and isolated LAN link between the nodes.
  • LAN-like connection and TCP/IP support between cluster and clients
  • Local hard disk on each node for the operating system and other program files.

 

 

Chapter Summary:

 

  •   Exchange 2000 is enormously flexible and offers numerous mutually exclusive deployment options.

Administrative groups can be used to subdivide the management of resources.  It’s often

applicable to define your administrative topology according to departments or divisions

independent of physical resource arrangements.

  •   To gain full system flexibility, you have to switch your organization into native mode.
  •   If your messaging management is separated from Windows 2000 administration, you need

to ask the Active Directory administrator to prepare the forest for you by launching

  •   ForestPrep prior to installing Exchange 2000 Server.
  •   You can deploy Exchange 2000 Server in an FE/BE configuration to support large

numbers of Internet-based client.

  •   The purpose of an FE/BE configuration is to concentrate incoming client connections

through numerous front end servers, thus reducing the processing overhead on the back

end system.