Documente Academic
Documente Profesional
Documente Cultură
2003
Chapter 1
Exchange Server 2003 is total Messaging Collaboration & contact Management Solution.
Objective
• Security
• Reliability and performance Improvements.
• Administration and Management.
• Server 2003 and Active Directory.
• Compatibility Issues.
• Enhanced Security.
• Improved Manageability.
• More Reliable.
• Better Productivity.
• Lower TCO (Total Cost of Organization)
• 8 Nodes Cluster Support (Which was earlier 2 Nodes support for Exchange 2000)
• Mailbox Recovery Centre
• Automatic Error Reporting
• Virtual Memory Reporting
• Dr. Watson 2.0 (which is a application troubleshooting tool)
• Outlook Synchronization Performance.
• Enhanced DNS-Based Internet mail Delivery.
Compatibility Issues
Chapter 2
Installing Exchange 2003
DCDiag ---- NetDiag ---- ForestPrep ---- DomainPrep ---- Exchange Setup
• .NET Framework
• ASP .NET
• Internet Information System (IIS) 6.0.
• World Wide Web Publishing Service.
• Simple Mail Transfer Protocol (SMTP) service.
• Network News Transfer Protocol (NNTP) service
Hardware Requirement:
Scenario:
Make a Service account svc_exchange in 2000 AD and make this account member of Schema Admin, Domain
Admin and Enterprise Admin.
Setup.exe /ChooseDC <Fully Qualified Domain name>: This is used to choose the DC to and from which read and
write Active Directory during the installation process.
/DisasterRecovery : this is used to recover your Exchange installation after you already configure restoration, you
restored from the backup, when use this switch because setup and skip that process of registering with AD you
need to read or write AD reinstall the binary files of Exchange, Basically you reinstall the information from the
backup to map those Databases.
/?: Shows all the Command line options with brief explanation of all the switches.
/Password <password of currently logged on user>: when it reboots during the setup process it will automatically
auto log on
/NoEventLog: Prevent any log to be written during installation process in Event viewer Application, Security etc.
/DomainPrep:, /ForestPrep: these are two major components which is necessary for Exchange installation.
Active Directory has three different partitions in which it stored its data those are:
So before running Exchange setup you have to run Forest Prep and Domain Prep to prepare the partitions. You have
to run in Forest Prep, means you have to run forest root domain which is used to contact the server which is
generally the first domain controller but in large organization it may not be to contact the server Schema Master
Operations master Role so we need to run these two programs.
You have to run Forest prep only one time for the entire forest, but you have to run domain prep for each of the
servers in the domain which is having mail Enabled objects.
Exchange installation:
You can use ADSI Edit tool to rename the Exchange server name, which is very typical process and experienced
Administrators are only responsible for that.
And the process starts for installation of Exchange server.
Chapter 3 Upgrading from Exchange 2000 to Exchange 2003
• Upgrading and Migration essentials.
• Front-End servers Vs Back-End Servers.
• Mixed mode and Native Mode.
• Post Installation issues.
• Removing and Exchange 2003 server.
This will tell you upgrading from Exchange 5.5 to 2003, which is considered to be much easier and much simpler
Some of the things which need to be done prior to the upgrade
We have to just make sure that we have to remove some of the components because server 2003 doest not support
those components but we need to follow and adhere to the following requirements for operating system and
Exchange 2000 server.
We have delete the contents for this folder Bad Mail before we start our upgrade, this folder contains the
undeliverable contents of SMTP stores the undeliverable messages that cant be returned to the sender. These
folders can also some messages from outside users who are trying to SPAM for your exchange organization. We
have to delete the contents for this folder because Exchange 2003 has to re stamp the ACL for all of the exchange
server folders. If this folder contains whole of the bunch of messages your setup will take whole lot longer then the
usual time.
Third Pre installation test which you test and investigate thoroughly, to check for any vendor upgrade all the
compatibility issues and any third party software, any third part programs and Add-ons for Exchange 2000. All the
patches and upgrades are available before the complete step. Also, if there is any third party software’s services are
running you have to manually stop those one before start installation.
• You must have Administrative permissions into source and target Domains.
• May need to setup a two way trust between those domains.
• Can use migration wizard only.
What are Mixed Mode and Native Mode?
These are some major considerations which are taken in mind when you are deploying the exchange server.
Mixed Mode:
PROS
• Interoperability between 2003 and 5.5
• You can install Additional 5.5 servers.
• Replicate objects show up in system manager.
CONS
• SITES map to Admin group.
• All members of routing groups must be in same admin group.
• Some system management functionality limited most choose native mode.
Native Mode:
PROS
• No Exchange 5.5 at all
• Greater flexibility to manage (Routing Groups and Administrative groups).
• Mail Box Movement Easier.
• Faster data transfer when routing, when you are using Bridgehead servers.
System Manager
Since we have upgraded Exchange 2000 to 2003 its already in Native mode, otherwise there is an option of making
this from Mixed to Native Mode.
After up gradation all of the mail boxes automatically transferred into Mailbox Store (server name) which is the
Database of the Exchange Server. If we are upgrading other servers we have tool to do that i.e., Deployment Tool
Migration Wizard.
We have a wide variety of options
If we choose Migrate from Microsoft Exchange that means we are migrating from other Exchange servers. This is
basically migrating from other Exchange server which is not part of this organization/system.
This step guides you to make sure after Exchange installation all of the services are running and all necessary tools
are installed on the system.
Microsoft Exchange Information Store is very important service if that service stops no mail box stores no folders
are available for the server.
Microsoft Exchange management: this is basically for WMI; if this service stops WMI is not available.
MTA Stacks: this is for X.400 services.
Routing Engine: this is also one of the core services for Exchange this provides the routing information Topology
information to all 2003 servers for optimal routing of messages.
Site Replication Service: If you are in 5.5 environments you have SMS or SRS is disabled for 2003 only used in 5.5
servers.
Exchange System Attendant: This service provides 5 things that it handles. Those are
Monitoring, Monitoring your Connectors, Monitoring your Services, Maintainace like defragmenting your Exchange
store your database, connectors or monitoring connectors forwarding AD lookups to GC servers AD functions.
Exchange Full Administrator: have the ability to do everything in Exchange organization including modifying
permissions.
Exchange Administrator: they can also do everything except for modifying permissions.
Exchange View only Administrator: This is only fro view only or read only role.
Select the group and ADD the Exchange Full Admin in this way you can delegate the control for any user or Group.
XP Pro SP1, SP2, SP3, Win 2000 server with SP3, Windows server 2003
First you need windows server 2003 Admin pack installed on that Machine for viewing AD users and computers.
Save this Console on your desktop. This MMC will be the combination for your Windows as well as your Exchange
Administration.
Administrative Groups in Nutshell:
• Sites were limited and inflexible
• Administrative Group’s define the Administrative Topology
• Separated from physical (SITE) structure
• Administrative Group’s contain: servers, policies, routing groups, public
folder trees
• A collection of objects for simpler control
Firewalls are designed in this way to stop malicious intruders and other attackers to get inside into our internal
Network. A firewall is one or more systems combined with each other which is generally a combination of hardware
or Software. By Definition a firewall is a security mechanism that prevents unauthorized Access into trusted
networks and un-trusted networks and generally it is a line of defense between Exchange organization between
Internal System and Internet. The firewall is a primary tool that will in act the overall security policy of the network.
A firewall has to protect our back end Exchange server that keeps our Public folder stores, our Mailbox store, and
our Mailbox databases. Also we have to protect our Front end servers e.g., Exchange Server, web Server, AD etc.
It is recommended that we may keep our front end server in a DMZ Zone and or you may also call it as perimeter
network. Exchange itself is not a firewall product but it can be defined as application proxy server this is because
exchange comprehends protocols like mail protocols depends on data type and they can figure out the data source
that you doing to be acceptable or even corrupted, and if you have set Exchange 2003 properly you wont need a
separate proxy server you don’t need a firewall.
SMTP : 25 this is the mail protocol which we are using to transfer mail and routing mail to different
systems.
HTTP : 80 for Web Access
Kerberos : 88 this handles the Authentication system/ Ticketing System.
LDAP : 389 which are used to do the queries of AD Global catalog servers.
Lookups in AD
Global Catalog : 3268 & 3269
TCP is allowing two separate hosts to establish an connection allowing two separate connections to exchange data
and lot of the services will be user with internet specifically are using different ports from the TCP port so this is
important for us what ports we want to leave open and what port we want to close off.
Let us configure Front End Server (nugget1) to use RPC over HTTP.
Start Control panel Add Remove Programs Add Remove windows Components Networking Services
RPC over HTTP Proxy
Start run regedit HKEY_Local_Machine SOFTWARE Microsoft RPC Rpc Proxy Valid Ports
Modify
Virus:
- Chunk of Executable code that latches on to files or applications. It replicates and proliferates from host to
host over the network.
- Require a Host computer and can also deliver and payload. Usually it consumes bandwidth, memory, and
Disk storage.
Worm:
- Replicates like a virus but doesn’t need a host program. Usually does its damage when the operating system
or program copies data.
Trojan horse:
- A program that masquerades (hide himself) as something harmless (System Tool or Game) but is potentially
dangerous. Generally comes through E mail or Floppy but does not replicate like worm or Virus.
• Message filtering matches established rules to E mail headers and body text.
• OWA and Outlook 2003 have a Junk E mail tool.
• For exchange 2003 filtering configure properties of the Global message delivery object to generate global
filters.
• SMTP virtual server is setup to use filters.
Configuring Connection Filtering: We are going to configure that our DNS lookups will see the Relay Blocking lists.
To block manually a Spammer or nay Junk E mail provider for the entire Domain.