AD DS is most important part for exchange server.

AD DS stores all configurations and recipient’s

information’s that Exchange Server uses.

AD DS consists of several components. Since Exchange Server deeply integrates with AD DS, it is
important to understand the purpose of each of the following AD DS components:

1. AD DS: - AD DS is a database that store information’s of users, groups, computers, network

services etc and provides a unique identity to them for access enterprise services as well as
login.
1. Domain: - it is a logical security boundary within a forest that grants permission to access it
resources. All DCs inside a domain replicates information’s of users, groups and computers.
2. Domain Controller: - A server within a forest or domain that hold local domain database and
performs authentication solution for users, groups, computers, network services etc that called
a DC.
3. Read only domain controller:- A server within a forest or domain that contain read only AD
database and performs authentication solution for users, groups, computers, network services
etc that called a DC.
4. Forest: - Forest is a logical security boundary of AD. It can contain one or more Domains and
share common configuration and schema information among all DCs in forest.
5. Forest Tree: - it is set of domains that share the same Domain Name System (DNS) namespace.
6. A global catalog server: - it is a domain controller that holds objects information’s of another
domain controllers from other domains in the forest. It use port 3268.
Note: - Global catalog server has limited information about all users in a forest.
7. Active Directory Sites: - it is site that is defined as one or more IP subnets. Typically, all of the IP
subnets in a given physical location are part of the same site.
8. Active Directory Replication: -AD DS replicates information between domain controllers.
It replicates domain information between domain controllers in the same domain and to global
catalog servers in the forest.
AD DS also replicates configuration data and the schema between all domain controllers in the
same forest.
Active directory replicates the information between all domain controllers within a few seconds
in same sites.
Between Active Directory sites, replication can be scheduled, and happens every three hours by
default. Also, all replication traffic between sites is sent through a bridgehead server in each
site.

Active Directory Partitions

Active Directory information falls into four types of partitions: domain, configuration, schema, and
application. These directory partitions are the replication units in AD DS.

1. Domain Partition: -A domain partition contains all objects in the domain’s directory. Domain
objects replicate to every domain controller in that domain, and include user and computer
accounts, and groups.
 A subset of the domain partition replicates to all domain controllers in the forest that are global
catalog servers. If you configure a domain controller as a global catalog server, it holds a
complete copy of its own domain’s objects and a subset of attributes for every domain’s objects
in the forest.
2. Configuration Partition: -The configuration partition contains configuration information for AD
DS and applications, including Active Directory site and site link information. Additionally, some
distributed applications and services store information in the configuration partition. This
information replicates through the entire forest so each domain controller has a replica of the
configuration partition.
When application developers choose to store application information in the configuration
partition, the developers do not need to create their own mechanism to replicate the
information. The configuration partition stores each type of configuration information in
separate containers. A container is an Active Directory object similar to an OU that you use to
organize other objects.
3. Schema Partition: - The schema partition contains definition information for all object types and
their attributes that you can create in AD DS. This data is common to all domains in the forest,
and AD DS replicates it to all domain controllers in the forest. However, only one domain
controller maintains a writable copy of the schema. By default, this domain controller, known as
the Schema Master, is the first domain controller installed in an Active Directory forest.
4. Application Partitions: - An administrator or an application during installation creates
application partitions manually. Application partitions hold specific application data that the
application requires. The main benefit of application partitions is replication flexibility. You can
specify the domain controllers that hold a replica of an application partition, and these domain
controllers can include a subset of domain controllers throughout the forest. Exchange Server
2010 does not use application partitions to store information.

How Exchange Server 2010 Uses AD DS

Exchange Server 2010 communicates with AD DS and uses Active Directory information to function. AD
DS stores most Exchange Server 2010 configuration information.

Note: - The Exchange Server 2010 Edge Transport server role is the only Exchange Server role that does
not use AD DS to store configuration information. Instead, the Edge Transport server role uses Active
Directory Lightweight Directory Services (AD LDS) for this purpose

1. Forest: - An Exchange Server organization and an Active Directory forest have a one-to-one
relationship. A forest can contain only one exchange organization as well as you can spent a
exchange organization in multiple forest.

Note: - In Exchange Server 2010, you can add multiple Exchange Server organizations in different forests
to the Exchange Management Console. This enables you to manage multiple organizations from a single
management console, but does not enable the integration of the two Exchange Server organizations.

2. Schema Partition: - The Exchange Server 2010 installation process modifies the schema
partition to enable the creation of Exchange Server-specific objects. The installation process also
adds Exchange Server-specific attributes to existing objects.
 3. Domain Partition: - The domain partition holds information about recipient objects. This
includes mailbox-enabled users, and mail-enabled users, groups, and contacts. Objects that are
mailbox-enabled or mail-enabled have preconfigured attributes, such as email addresses.
4. Global Catalog: - When you install Exchange Server 2010, the email attributes for mail-enabled
and mailbox-enabled objects replicate to the global catalog. The following is true:
 The global address list is generated from the recipients’ list in an Active Directory
forest’s global catalog.
 Exchange Hub Transport servers access the global catalog to find the location of a
recipient mailbox when delivering messages.
 Exchange Client Access servers access the global catalog server to locate the user
Mailbox server and to display the global address list to Microsoft Office Outlook®,
Microsoft Outlook Web App, or Exchange ActiveSync clients.

Note: - Exchange Server 2010 does not use RODCs even if you have configured as global catalog servers
This means that you should not deploy an Exchange 2010 server in any site that contains only RODCs or
ROGCs.

Preparing AD DS for Exchange Server 2010.

To install Exchange Server 2010, you need to run the Exchange Server 2010 setup command for
preparing the Active Directory forest for the installation. You can use the setup command with the
following switches.

/PrepareAD /OrganizationName:“organizationname”

 Prepares the global Exchange Server objects in Active Directory

 Creates the Exchange Universal Security Groups in the root domain
 Prepares the current domain
 Must be run by a member of the Enterprise Admins group

/PrepareLegacy ExchangePermissions

 Necessary if the organization contains Exchange Server 2003 servers

 Modifies the permissions assigned to the Enterprise Exchange Servers group to allow the
Recipient Update Service to run
 Must be run by a member of the Enterprise Admins group

/PrepareSchema

 Prepares the schema for the Exchange Server 2010 installation

 Must be run by a member of the Enterprise Admins and Schema Admins groups

/PrepareDomain , /PrepareDomain domainname, /PrepareAllDomains

 Prepares the domain for Exchange Server 2010 by creating a new global group in the Microsoft
Exchange System Objects container called Exchange Install Domain Servers
 Not required in the domain where /PrepareAD is run Can prepare specific domains by adding
the domain’s fully qualified domain name (FQDN), or prepare all domains in the forest
 Must be run by a member of the Enterprise Admins and Domain Admins groups
Note: - You must prepare the Active Directory forest in the same domain and the same site as the
domain controller that hosts the Schema Master role.

Hybrid Deployment with Office 365

In Exchange Server 2010 Service Pack 2 (SP2), it is possible to create a hybrid deployment between on-
premises Exchange Server and Exchange Online from Office 365. A hybrid deployment offers
organizations the ability to extend the user experience and administrative control they have with their
existing on-premises Microsoft Exchange organization to the Office 365 cloud. A hybrid deployment
provides you with a view of a single Exchange organization between an on-premises organization and a
cloud-based organization. In addition, a hybrid deployment can serve as an intermediate step to moving
completely to a cloud-based Exchange organization. A hybrid deployment of Exchange Server and Office
365 provides the following features:-

 Mail routing with a shared domain namespace. For example, both on-premises and cloud-based
organizations use the @contoso.com SMTP domain.
 A unified global address list, also called a “shared address book”. With this address list, users can
view all contacts from both on-premises Exchange and Office 365.
 Free/busy and calendar sharing between on-premises and cloud-based organizations.
 Centralized control of mail flow. The on-premises organization can control mail flow for the on-
premises and cloud-based organizations.
 A single Outlook Web App URL for both the on-premises and cloud-based organizations.
 The ability to move existing on-premises mailboxes to the cloud-based organization.
 Centralized mailbox management using the on-premises Exchange Management Console.
 Message tracking, MailTips, and multi-mailbox search between on-premises and cloud-based
organizations.