Exchange Server 2003 is designed to meet all the messaging and collaboration needs of any organization, no matter how large or small. Exchange Server has many features and offers wide support for industry-standard mail protocols.
The key features you should focus on initially are those involving scalability, reliability, and availability, including the following:
Enhanced wireless and mobile user support. Exchange Server features built-in support for wireless services and adds remote procedure call (RPC) over Hypertext Transfer Protocol (HTTP) as an option for mobile users. With RPC over HTTP, Outlook 2003 and other RPC clients can use a standard Internet connection to securely access Exchange Server over the Internet. This means mobile users no longer have to rely on a virtual private network (VPN) connection to access Exchange Server as if they were on the corporate network.
Note
RPC over HTTP is made possible through Internet Information Services 6, which is only available when running Exchange Server 2003 on Microsoft Windows Server 2003.
Fault-tolerant SMTP support. Simple Mail Transfer Protocol (SMTP) is the Internet standard for transferring and delivering e-mail. Exchange Server uses SMTP as the default transport protocol for routing messages. SMTP provides major performance and reliability improvements over RPCs, which previous versions of Exchange Server used for message routing. Also, the SMTP implementation for Exchange Server has been enhanced considerably to ensure that the message delivery system is fault tolerant. You’ll find more information on fault tolerance in later chapters.
Mailbox recovery support. Mailboxes can become disconnected if their associated user account in Active Directory is deleted. With previous editions of Exchange Server, you could only recover these mailboxes one at a time. The new Mailbox Recovery Center allows you to perform recovery or export operations on multiple disconnected mailboxes simultaneously. You can export mailbox information, reassociate user accounts with the mailboxes, and reconnect the mailboxes all from the Mailbox Recovery Center.
Multiple message database support. Exchange Server allows you to divide the message store into multiple databases that you can manage either individually or in logical groupings called storage groups. You can then store these message databases on one or more Exchange servers. Because you can manage transaction logging and recovery for each of these databases separately, the repair or recovery of one database doesn’t affect other databases in the Exchange installation.
Multiple protocol and virtual server support. Exchange Server supports many industry-standard messaging protocols, and each of these protocols can be installed on one or more virtual servers. A virtual server is a server process that has its own configuration information, which includes Internet Protocol (IP) addresses, port numbers, and authentication settings. Each messaging protocol configured for use on Exchange Server has its own virtual server. You can create additional virtual servers as well. You can use virtual servers to handle messaging needs for a single domain or for multiple domains. For large installations, you can install virtual servers on separate systems, dividing the workload on a per-protocol basis.
Advanced clustering support. Exchange Server Enterprise Edition supports two-node active/active clustering and eight-node active/passive clustering. If a disk drive or server fails on one server, you can distribute the workload to the remaining servers and begin recovery on the failed server. This means that the failure of a single server doesn’t halt message processing, and you don’t need to have a dedicated failover server.
Exchange Server is tightly integrated with Windows Server 2003, and many of the core features are fully integrated. As you get started with Exchange Server, the operating system integration is a key area that you should focus on. Other areas you should focus on include hardware and component requirements, as well as the availability of administration tools.
Several editions of Exchange Server 2003 are available, including Exchange Server 2003 Standard Edition and Exchange Server 2003 Enterprise Edition. The various server editions support the same core features and administration tools, which means you can use the techniques discussed throughout this book regardless of which Exchange Server 2003 edition you are using. For reference, the specific feature differences between Standard Edition and Enterprise Edition are as follows:
Exchange Server 2003 Standard Edition. Designed to provide essential messaging services for small to medium-sized organizations and branch office locations. This server edition supports up to 2 storage groups (with one of the storage groups, called the recovery storage group, being reserved for database recovery operations) and a maximum of 2 databases per storage group. Each database is limited to a maximum size of 16 gigabytes. Additionally, Windows clustering is not supported and the X.400 connector is not included.
Exchange Server 2003 Enterprise Edition. Designed to provide essential messaging services for organizations with increased availability, reliability and manageability needs. This server edition supports up to 5 storage groups (with one of the storage groups, called the recovery storage group, being reserved for database recovery operations) and a maximum of 5 databases per storage group. Each database is limited to a maximum size of 16 terabytes (limited only by hardware). Windows clustering is fully supported, and the X.400 connector is included.
Note
Throughout this book, I refer to Exchange Server in different ways, and each has a different meaning. Typically, I refer to the software product as Exchange Server. If you see this term, you can take it to mean Microsoft Exchange Server 2003. When necessary, I use Exchange Server 2003 to draw attention to the fact that I am discussing a feature that’s new or has changed in the most recent version of the product. Each of these terms means essentially the same thing. If I refer to a previous version of Exchange Server, I always do so specifically, such as Exchange 2000 Server. Finally, I often use the term Exchange server (note the lowercase s in server) to refer to an actual server computer, as in "There are eight Exchange servers in this routing group."
Exchange Server 2003 is optimized to run on Windows Server 2003 and can be installed with the following operating systems:
Windows Server 2003 Standard Edition. Designed to provide services and resources to other systems on a network. It’s a direct replacement for Microsoft Windows NT 4.0 Server and Microsoft Windows 2000 Server. The operating system has a rich set of features and configuration options. Windows Server 2003 Standard Edition supports up to 4 gigabytes (GB) of RAM and two CPUs.
Windows Server 2003 Enterprise Edition. Extends the features provided in Windows Server 2003 to include support for Cluster Service, metadirectory services, and Services for Macintosh. It also supports 64-bit Intel Itanium-based computers, hot swappable RAM, and nonuniform memory access (NUMA). Enterprise servers can have up to 32 GB of RAM on x86, 64 GB of RAM on Itanium, and eight CPUs.
Windows Server 2003 Datacenter Edition. The most robust Windows server. It has enhanced clustering features and supports very large memory configurations with up to 64 GB of RAM on x86 and 128 GB of RAM on Itanium. It has a minimum CPU requirement of 8 and can support up 32 CPUs in all.
Windows Server 2003 Web Edition. Designed to provide Web services for deploying Web sites and Web-based applications. As such, this server edition includes the Microsoft .NET Framework, Microsoft Internet Information Services (IIS), ASP.NET, and network load-balancing features but lacks many other features, including Active Directory. In fact, the only other key Windows features in this edition are the distributed file system (DFS), Encrypting File System (EFS), and Remote Desktop for administration. Windows Server 2003 Web Edition supports up to 2 GB of RAM and two CPUs.
Although Exchange Server 2003 can also be installed on Windows 2000 Server editions with Service Pack 3 or later, running Exchange Server 2003 on Windows Server 2003 has many benefits. It ensures all the latest Exchange features and enhancements are available, including the following:
Improved memory allocation. Exchange Server can more efficiently reuse blocks of virtual memory to reduce fragmentation and improve performance. Additionally, using the USERVA switch in the Boot.ini file, administrators can optimize user and kernel mode memory allocations on a permegabyte basis.
Volume Shadow Copy support. Shadow copy backup is a feature of Windows Server 2003 that allows the operating system to create point-in-time snapshots of data. Volume Shadow Copy provides additional options for backup and recovery of Exchange Server.
Cross-forest Kerberos authentication support. When using Exchange Server and Outlook 2003, Exchange can use Kerberos to authenticate users, and when transitive trusts are in place, the authentication can take place across forest boundaries, allowing Exchange Servers and user accounts to be in different forests.
Improved Active Directory architecture. When using Exchange Server on Windows Server 2003, all Windows Server 2003 Active Directory enhancements are available to improve performance and allow for better integration of the operating system and Exchange server. These improvements improve performance, reduce replication traffic, allow for rollback of Active Directory changes, and provide additional configuration and administration options.
Security Alert
It is important to note that on a new Exchange Server 2003 installation, some features are disabled for security reasons. Specifically, you’ll find that the Microsoft Exchange POP3, Microsoft Exchange IMAP4 and Microsoft Exchange Site Replication services are disabled. If you use these services with Exchange, you’ll need to enable them for automatic startup and then start them using the techniques discussed in the section of Chapter 4 entitled, "Using and Managing Exchange Server Services." You may also find that wireless browsing for Outlook Mobile Access (OMA) is not enabled. To enable wireless browsing, see the section of Chapter 3 entitled, "Managing Wireless Browsing."
In Exchange Server 2003, e-mail addresses, distribution groups, and other directory resources are stored in the directory database provided by Active Directory. Active Directory is a directory service running on Windows domain controllers. When there are multiple domain controllers, the controllers automatically replicate directory data with each other using a multimaster replication model. This model allows any domain controller to process directory changes and then replicate those changes to other domain controllers.
The first time you install Exchange Server 2003 in a Windows domain, the installation process updates and extends Active Directory. The changes made to Active Directory allow you to centrally manage many Exchange functions, including user administration and security. Not only does centralized management reduce the administration workload, it also reduces complexity, making it easier for administrators to manage large Exchange installations.
The Exchange installation process also updates the Active Directory Users And Computers Snap-In for Microsoft Management Console (MMC). These updates are what make Active Directory Users And Computers the tool of choice for performing most Exchange administration tasks. You can use Active Directory Users And Computers to do the following:
The main window for Active Directory Users And Computers is shown in Figure 1-1. If you’re familiar with Windows Server administration, you’ll note that the main window has been updated for Exchange Server. By selecting View, Add/Remove Columns, you can add four new columns as well:
E-Mail Address. Shows the e-mail address of the user or group, such as <[email protected]>.
Exchange Alias. Shows the e-mail alias for the user or group within Exchange, such as williams. For users, this is also the name of the Exchange mailbox.
Exchange Mailbox Store. Shows the identifier for the mailbox store in which the mailbox is stored. (Only users can have mailboxes, so this entry doesn’t apply to groups.)
X.400 E-mail Address. Shows the e-mail address that is used with the X.400 connector.
Figure 1-1. Use Active Directory Users And Computers to manage tasks for mailboxes and distribution groups.
Although these changes to Windows Server are relatively minor, other changes to Windows Server have far-reaching effects. Security is a prime example.
Exchange Server 2003 fully supports the Windows Server security model and relies on this security mechanism to control access to directory resources. This means you can control access to mailboxes and membership in distribution groups and you can perform other Exchange security administration tasks through the standard Windows Server permission set. For example, to add a user to a distribution group, you simply make the user a member of the distribution group in Active Directory Users And Computers.
Because Exchange Server uses Windows Server security, you can’t create a mailbox without first creating a user account that will use the mailbox. Every Exchange mailbox must be associated with a domain account—even those used by Exchange for general messaging tasks. For example, the SMTP and System Attendant mailboxes that Exchange Server uses are associated by default with the built-in System user.
Use of Windows Server security also means that access to Exchange Server is controlled through standard Windows Server groups. The key groups are as follows:
Domain Admins. Members of Domain Admins can manage user accounts and related account permissions. They can create mailboxes, modify distribution groups, and perform other Exchange administration functions. They can also manage the configuration of Exchange Server.
Enterprise Admins. Members of Enterprise Admins have full access to Exchange Server. They can create mailboxes, modify distribution groups, and perform other Exchange administration functions. They can also delete trees and subelements, tasks that cannot be performed by Domain Admins.
Exchange Domain Servers. Computers that are members of this group can manage mail interchange and queues. All Exchange servers should be members of this group. This global group is in turn a member of the domain local group Exchange Enterprise Servers.
Like Windows Server, Exchange Server also supports policy-based administration. You can think of policies as sets of rules that help you effectively manage Exchange Server. You can create two general types of policies:
System policies. You use system policies to manage Exchange servers, public data stores, and mailbox data stores.
Recipient policies. You use recipient policies to manage e-mail addresses for users.
You can use system and recipient policies to automate many administration tasks. For example, you can create a system policy to automate replication and maintenance of data stores. You could then apply this policy to multiple Exchange servers. This is discussed in more detail in Chapter 8.
Before you install Exchange Server 2003 you should carefully plan the messaging architecture. Key guidelines for choosing hardware for Exchange Server are as follows:
Memory. Minimum of 256 MB of RAM. This is twice the minimum memory suggested by Microsoft. The primary reason for this additional memory is to enhance performance. That said, most of the Exchange installations I run use 512 MB of RAM as a starting point, even in small installations (and especially if you plan to run all Exchange services from a single server).
CPU. Exchange Server is designed for Intel x86 and Itanium CPUs. Exchange Server 2003 achieves benchmark performance with Intel Pentium 4 3.06 GHz, Intel Xeon 3.06 GHz and Intel Itanium 2 1.0 GHz. These CPUs provide good starting points for the average Exchange Server 2003 installation.
Symmetric multiprocessing. Exchange Server supports symmetric multiprocessors, and you’ll see significant performance improvements if you use multiple CPUs. Still, if Exchange Server is supporting a small organization with a single domain, one CPU should be enough. If the server supports a medium or large organization or handles mail for multiple domains, you might want to consider adding processors. An alternative would be to distribute the workload to virtual servers on different systems.
Disk drives. The data storage capacity you need depends entirely on the number and the size of the databases that will be on the server. You need enough disk space to store all your data, plus workspace, system files, and virtual memory. Input/output (I/O) throughput is just as important as drive capacity. In most cases, Small Computer System Interface (SCSI) drives are faster than Integrated Device Electronics/Enhanced Integrated Drive Electronics (IDE/EIDE) and are therefore recommended. Rather than use one large drive, you should use several smaller drives, which allows you to configure fault tolerance with redundant array of independent disks (RAID).
Data protection. Add protection against unexpected drive failures by using RAID. RAID 0, RAID 1, and RAID 5 are supported by Windows Server. Other RAID levels can be implemented using hardware RAID configurations. I recommend using RAID 1 or RAID 5 for drives containing messaging databases. RAID 1 (disk mirroring) creates duplicate copies of data on separate drives, but recovery from drive failure usually interrupts operations while you restore the failed drive from transaction logs or database backups. RAID 5 (disk striping with parity) offers good protection against single drive failure but has poor write performance.
Uninterruptible power supply. Exchange Server 2003 is designed to maintain database integrity at all times and can recover information using transaction logs. This doesn’t protect the server hardware, however, from sudden power loss or power spikes, both of which can seriously damage hardware. To prevent this, connect your server to an uninterruptible power supply (UPS). A UPS gives you time to shut down the server or servers properly in the event of a power outage. Proper shutdown is especially important on servers using write-back caching controllers. These controllers temporarily store data in cache, and without proper shutdown, this data can be lost before it is written to disk.
Many Exchange Server features require IIS 5.0 or later. Before you install Exchange Server, you should ensure that the target server is configured properly. With Windows 2000 Server using Service Pack 3 or later, any required IIS components are installed automatically prior to installing Exchange Server 2003. However, with Windows Server 2003, the following IIS components must be installed prior to installing Exchange Server 2003 for it to run properly:
Windows .NET Framework
ASP.NET
SMTP Service
NNTP Service
World Wide Web Service
On a Windows 2003 Server system, you can determine if these components are installed or add necessary components by completing the following steps:
In Control Panel, double-click Add/Remove Programs.
Start the Windows Components Wizard by clicking Add/Remove Windows Components. You should now see the Windows Components Wizard page shown in Figure 1-2.
With Windows Server 2003, IIS is now under Application Server, so the Application Server entry should be selected in the Components list box. If it isn’t, select it.
Note
Throughout this book, I refer to double-clicking, which is the most common technique used for accessing folders and running programs. With a double-click, the first click selects the item and the second click opens or runs it, or both. In Windows Server 2003 you can also configure single-click open/run. Here, moving the mouse over the item selects it and a click opens or runs it, or both. You can change the mouse click options with the Folder Options utility in Control Panel. To do this, select the General tab, and then choose Single-Click To Open Item or Double-Click To Open Item as appropriate.
Click Details, then select .NET Framework, ASP.NET, and Internet Information Services (IIS).
Select (but do not clear) Internet Information Services (IIS) and then click Details. Select these subcomponents of IIS:
Common Files
Internet Information Services Manager
SMTP Service
NNTP Service
World Wide Web Service
Click OK twice.
Complete the installation process by clicking Next and then clicking Finish.
If you follow these hardware and component guidelines, you’ll be well on your way to success with Exchange Server 2003.
Several types of tools are available for Exchange administration. The ones you’ll use the most for managing local and remote servers are the graphical administration tools. With proper configuration, these tools let you centrally manage Exchange servers regardless of where they’re located.
One of the key tools for Exchange administration is Active Directory Users And Computers, which was discussed previously in this chapter. Another key tool is System Manager. System Manager provides an integrated toolbox for managing Exchange installations, and it’s the equivalent of the Exchange Administrator in previous versions of Exchange Server. As Figure 1-3 shows, you can use System Manager to manage the following:
Global settings for all Exchange servers in the organization
Policies, address lists, and address templates for recipients
System policies for servers, mailbox stores, and public folder stores
Connectors—including connectors for Lotus Notes and Novell GroupWise
Site replication, message tracking, and monitors
Public folders
If you selected the Exchange System Management Tools component when you installed Exchange Server, you’ll find that Active Directory Users And Computers and System Manager are already installed on your server. In this case, you can find these tools by clicking Start, choosing Programs or All Programs, and then choosing Microsoft Exchange.
You don’t have to run Active Directory Users And Computers or System Manager from the Exchange server. You can install these tools on any Microsoft Windows XP Professional, Windows 2000 Server, or Windows Server 2003 system by completing the following steps:
Log on to the system using an account with full Exchange administrator privileges. Insert the Exchange Server 2003 CD-ROM into the CD-ROM drive.
If Autorun is enabled, an introductory dialog box should be displayed automatically. Select Exchange Server Setup to start the Microsoft Exchange Server Installation Wizard. Otherwise, you’ll need to start the Setup program on the CD-ROM.
If you are prompted to provide administrator credentials prior to installation, select Run The Program As The Following User, and then provide the user name and password of a domain administrator account.
On the Microsoft Exchange Server Installation Wizard page, click Next to continue. Accept the end user license agreement by selecting I Agree and then click Next.
As Figure 1-4 shows, you should now see the Component Selection Wizard page. You need to install the Microsoft Exchange Server component and the Microsoft Exchange System Management Tools. Once you’ve selected these options for installation, click Next, and then complete the installation process.
Other administration tools that you might want to use with Exchange Server are summarized in Table 1-1.
Table 1-1. Quick Reference Administration Tools to Use with Exchange Server 2003
Administrative Tool | Purpose |
|---|---|
Active Directory Cleanup Wizard | Identify and merge multiple accounts that refer to the same person. |
Computer Management | Start and stop services, manage disks, and access other system management tools. |
Configure Your Server | Add, remove, and configure Windows services for the network. |
DNS | Manage the Domain Name System (DNS) service. |
Manage events and logs. | |
Exchange Server Migration Wizard | Migrate user accounts from other e-mail servers to Exchange Server. |
Internet Information Services (IIS) Manager | Manage Web, File Transfer Protocol (FTP) and SMTP servers. |
Microsoft Network Monitor | Monitor network traffic and troubleshoot networking problems. |
Performance | Display graphs of system performance and configure data logs and alerts. |
Most of the tools listed in Table 1-1 are accessible from the Administrative Tools program group. Click Start, point to Programs or All Programs, and then point to Administrative Tools.