Collection: Exchange 2007 Hub Transport Role Server(3)

Exchange Server 2007: Using Journaling Rules

Journaling: The traditional way...

In Exchange Server 2003, journaling took place directly in the mailbox store because there was no hub transport role.

In Exchange Server 2007 we can choose either to have the same option (allowing a Journal mailbox to receive all message traffic from a mailbox database) or to support a number of Mailbox databases. We can also create a separate mailbox database to store the mailbox which will receive the journaling.

In the following example, we are going to configure a mailbox database in Exchange Server 2007 to record all user messages that have been sent and received within the same database to be redirected to a specific mailbox.

To configure Journaling for a specific mailbox database, follow these steps:

Collection: Exchange 2007 Mailbox Server Role(2)

Exchange 2007 Messaging Records Management

Introduction

One major new feature of Exchange 2007 is that of Messaging Records Management (MRM). The main principle behind MRM is that it helps an organization with its legal compliance requirements, something that previous versions of Exchange aren’t particularly good at. It does this by placing the onus on the user to categorize their messages, leading to these messages being retained where appropriate. Obsolete messages are then removed. Sounds simple enough? In truth it is, although there are a few processes to understand and some terminology to become familiar with.

The strategy to make Exchange 2010 messaging retention management and policy enforcement more reliable, effective, and easy to use is based on three principles:

  Users classify their own messages.

  Messages that have no retention value are removed.

  Messages that have some retention value are retained.

Collection:Exchange 2007 Client Access Server Role(2)

Uncovering the New Outlook 2007 AutoConnect feature

Introduction

Microsoft Outlook 2007 AutoConnect (formerly known as AutoDiscovery) is a new Exchange Server 2007 feature, or more specifically Web Service, which makes it so much simpler as well as easier to configure the Outlook 2007 profiles in your organization. In order to automatically configure and connect previous versions of Outlook to Exchange 2000 and 2003 Servers, you needed to do so using the Custom Installation Wizard from the Office Resource Kit or a similar tool. But now the users can configure their Outlook profile themselves, as they only need to click next a few times and specify their e-mail address and password, depending on whether they're using a client machine member of the respective Active Directory domain or not.
The AutoConnect feature is provided by the Client Access Server (CAS) role, which is the server role that replaces the front-end server we know from Exchange 2000 and 2003. So in order to make use of the new AutoConnect feature, it’s a requirement that you have at least one Exchange 2007 Server, with the CAS role installed, and deployed in your organization.

Collection: Exchange 2007 Hub Transport Server Role(2)

Managing Receive Connectors

Exchange Server 2003 uses the SMTP Virtual Server that comes with the Operation System to control message flow. In Exchange Server 2007 the SMTP service bits are installed within the Exchange Server 2007 installation process. Because of this, we have two different components when we are talking about SMTP traffic in the Exchange 2007 architecture: the receive connectors and the send connectors. They are configured in two different places, the Send Connector is configured at Organization level and the receive connector at Server level. The receive connector is responsible for all SMTP incoming traffic which can originate from an external source, a client, a partner, or another Exchange Server and on top of that the receive connector uses authentication and some other features to manage all received connections.

By default Exchange Server 2007 has two new receive Connectors called Client Receive Connector and Default <Server Name>, where <Server Name> is the Netbios name of the Exchange Server. The default Receive connectors can be found under Server Configuration / Hub item using the Exchange Management Console, as shown in Figure 01. They can also be found using the Get-ReceiveConnector cmdlet through the Exchange Management Shell.  By default any new Exchange Server can receive messages from other Hub Transport servers due the Default Receive connector which is named Default <Server Name> and is configured to receive traffic from any host, to any local IP address on port 25 but this traffic must be authenticated first.

Collection: Windows Server 2003 (3)

Recursive vs Iterative Query.

With a recursive name query , the DNS client requires that the DNS server respond to the client with either the requested resource record or an error message stating that the record or domain name does not exist. The DNS server cannot just refer the DNS client to a different DNS server.Thus, if a DNS server does not have the requested information when it receives a recursive query, it queries other servers until it gets the information, or until the name query fails.

Recursive name queries are generally made by a DNS client to a DNS server, or by a DNS server that is configured to pass unresolved name queries to another DNS server, in the case of a DNS server configured to use a forwarder.

An iterative name query is one in which a DNS client allows the DNS server to return the best answer it can give based on its cache or zone data. If the queried DNS server does not have an exact match for the queried name, the best possible information it can return is a referral (that is, a pointer to a DNS server authoritative for a lower level of the domain namespace). The DNS client can then query the DNS server for which it obtained a referral. It continues this process until it locates a DNS server that is authoritative for the queried name, or until an error or time-out condition is met.This process is sometimes referred to as "walking the tree," and this type of query is typically initiated by a DNS server that attempts to resolve a recursive name query for a DNS client.

Collection: Windows Server 2003 (2)

Difference betweenw SUS and WSUS

SUS did a great job of keeping Windows up to date, but WUS will be able to 

update other products such as Microsoft Office, Exchange Server and ISA Server.

Eventually, WUS will be able to keep all current Microsoft server products

up to date.

Comparison of Windows Server 2003 Editions

Standard Edition:  4-GB RAM Maximum

Enterprise Edition:  32-GB RAM Maximum, 64-bit Support for Intel Itanium-based, Hot Add Memory

Datacenter Edition:  64-GB RAM Maximum, 64-bit Support for Intel Itanium-based, Hot Add Memory

Web Edition:  2-GB RAM Maximum

In Active Directory a single server always holds at least three directory partitions:

• The schema
• The configuration (replication topology and related metadata)
• One or more per-domain directory partitions (subtrees containing domain-specific objects in the directory)

The KCC and Replication Topology 

The Knowledge Consistency Checker (KCC) uses site link configuration information to enable and optimize replication traffic by generating a least-cost replication topology. Within a site, for each directory partition, the KCC builds a ring topology that tries to set a maximum number of hops (3) between any two domain controllers. Between sites, the KCC creates a spanning tree of all intersite connections. Therefore, adding sites and domains increases the processing that is required by the KCC.

Collection: Windows Server 2003(1)

IMP Port Number

15 – Netstat   21 – FTP  23 – Telnet  25 – SMTP  42 – WINS  53 – DNS  67 – Bootp  68 – DHCP  80 – HTTP  88 – Kerberos  101 – HOSTNAME 110 – POP3 119 – NNTP  123 – NTP (Network time protocol)  139 – NetBIOS 161 – SNMP   180 – RIS  389 – LDAP (Lightweight Directory Access Protocol)  443 – HTTPS (HTTP over SSL/TLS) 520 – RIP 79 – FINGER 37 – Time  3389 – Terminal services  443 – SSL (https) (http protocol over TLS/SSL)  220 – IMAP3  3268 – AD Global Catalog   3269 – AD Global Catalog over SSL  500 – Internet Key Exchange, IKE (IPSec) (UDP 500)

Type of Backup:     

Normal Backup, Incremental Backup, Differential Backup, Copy Backup,   Daily Backup

Difference between Windows Server 2000 and 2003

1) When installing terminal services for win2000 u r prompted to select application server functions 

or administrative functions sets can be installed sequently on one server but it performs only one 

function at one time.But in 2003 still distinguishes between application and administrative services 

but installation and management are now consolidated.

2) In Win 2000 server we can apply 620 group policies but in 2003 we can apply nearly 720 so 

Win2003 server is more secure than win 2000 server.

3) In 2000 we cannot rename domain whereas in 2003 we can rename Domain.

4) In 2000 it supports of 8 processors and 64 GB RAM (In 2000 Advance Server) whereas in 2003 

supports up to 64 processors and max of 512GB RAM.

5) 2000 Supports IIS 5.0 and 2003 Supports IIS6.0 

6) 2000 doesn’t support Dot net whereas 2003 Supports Microsoft .NET 2.0 

7) 2000 has Server and Advance Server editions whereas 2003 has Standard, Enterprise, 

  Datacenter and Web server Editions. 

8) 2000 doesn’t have any 64 bit server operating system whereas 2003 has 64 bit server operating 

systems (Windows Server 2003 X64 Std and Enterprise Edition) 

Collection: Exchange 2007 Common Query (1)

Difference between exchange server 2003 and exchange server 2007

1.Protection: anti-spam, antivirus, compliance, clustering with data replication, improved security and encryption
2.Improved Information Worker Access: improved calendaring, unified messaging, improved mobility, improved web access
3.Improved IT Experience: 64-bit performance & scalability, command-line shell & simplified GUI, improved deployment, role separation, simplified routing
4.Exchange Management Shell: a new command-line shell and scripting language for system administration (based on Windows PowerShell). Shell users can perform every task that can be performed in the Exchange Server graphical user interface plus additional tasks, and can program often-used or complex tasks into scripts that can be saved, shared, and re-used. The Exchange Management Shell has over 375 unique commands to manage features of Microsoft Exchange Server 2007.
5."Unified Messaging" that lets users receive voice mail, e-mail, and faxes in their mailboxes, and lets them access their mailboxes from cell phones and other wireless devices. Voice commands can be given to control and listen to e-mail over the phone (and also send some basic messages, like "I'll be late")
6.Removed the database maximum size limit. Database size is now limited by hardware capability and the window for backups and maintenance.
7.Increased the maximum number of storage groups and mail databases per server, to 5 each for Standard Edition (from 1 each in Exchange Server 2003 Standard), and to 50 each for Enterprise Edition (from 4 groups and 20 databases in Exchange Server 2003 Enterprise).

Collection: Exchange 2007 Common Query (2)

Exchange 2007 Mail Flow - How It Works

Exchange 2007 uses AD Sites and Services site links to get a network topology of the environment. By default Exchange 2007 will use the route with the lowest amount of site hops with the lowest site link cost.

In this diagram there are 4 ways to get from Site1 to Site3.

Site1 -> Site2 -> Site3 = Cost 20
Site1 -> Site4 > Site3 = Cost 25
Site1 -> Site2 -> Site4 -> Site3 = Cost 31
Site1 -> Site4 -> Site2 -> Site3 = Cost 16

Site1 -> Site4 -> Site2 -> Site3 provides the lowest cost however exchange 2007 will use the path of the least hops with lowest cost... which in this case is Site1 -> Site2 -> Site3. Additionally when messages are relayed from Site1 -> Site2 -> Site3, messages will not hit Site2 hub transport server, it will just use the subnet information in sites and services to send it in that direction. This is because if Site2 hub transport had to receive every email that comes through, it would use extra processing.

What if Site2 was responsible for spam filtering and you wanted email going from Site1 -> Site2 -> Site3 to actually pass through Site2's hub transport server?

This can be done by setting Site2 as a "Hub Site" by using the Set-ADSite command. This means that all messages flow along this journey must stop in site2 before being relayed on.

Collection: Exchange 2007 Common Query (3)

Exchange 2007 Message Queues

Exchange has always had a way of viewing the messages it was processing right back to the early days of Exchange 5.x, and possibly even Exchange 4.0. However, the ease with which this is possible and the functionality available to administrators have changed throughout the versions. This is again the case with the transition from Exchange 2003 to Exchange 2007. In Exchange 2007, the way queues work has changed fundamentally. We have moved away from the Exchange 2003 method where each SMTP virtual server had its own queue directory on an NTFS partition to Exchange 2007 using a standard Extensible Storage Engine (ESE) Database for its queue information. On top of that the user interface (UI) has changed completely in Exchange 2007 as it is now based on a new Microsoft Management Console (MMC) v3 snap-in. To highlight the UI difference, take a look at the screenshots below; 

                          Figure 1: The location of Exchange 2003 Queues

In Exchange 2003 the UI for viewing queues made things fairly easy to find however, it had the drawback of only being able to monitor one server’s queues at one time. 

Collection: Exchange 2007 Common Query (4)

Troubleshooting Mail Flow Between Exchange 2003 or Exchange 2000 Servers and an Exchange 2007 Hub Transport Server

This topic provides information about how to troubleshoot mail flow between servers that are running Microsoft Exchange Server 2003 or Exchange 2000 Server and an Exchange Server 2007 Hub Transport server. This problem occurs when you have deployed at least one Exchange 2007 Hub Transport server in an existing Exchange organization. When you try to send messages between the two mail systems, the messages are put in the Unreachable queue on the Hub Transport server or in the Messages with an unreachable destination queue on an Exchange 2003 or Exchange 2000 server.

This problem can occur when no routing group connector is created during the installation of the first Hub Transport server in an existing organization. A routing group connector is required for mail flow between Exchange 2007 and Exchange 2003 or Exchange 2000. During setup, two routing group connectors are automatically created to enable mail flow in both directions. If you use the Setup wizard, select an Exchange 2003 or Exchange 2000 bridgehead server to act as the source server for one routing group connector and as the target server for the reciprocal connector. If you use Setup.com to perform an unattended installation, you must provide the /legacyroutingserver parameter to automatically create the required routing group connectors. If you do not perform this procedure during setup of the first Hub Transport server, the two e-mail systems cannot determine a route between them. Messages that are sent from users with mailboxes located on Exchange 2003 or Exchange 2000 servers to recipients with mailboxes located on Exchange 2007 Mailbox servers are put in the Messages with an unreachable destination queue on an Exchange 2003 or Exchange 2000 server. Messages that are sent from users with mailboxes located on Exchange 2007 Mailbox servers to recipients with mailboxes located on Exchange 2003 or Exchange 2000 servers will queue in the Unreachable queue on the Exchange 2007 Hub Transport server. 

The Unreachable queue is a persistent queue that contains messages that cannot be routed to their destinations. Microsoft Exchange can resolve and locate the recipient. But Microsoft Exchange can't determine how to reach the destination. The messages remain in the Unreachable queue until they expire or until the administrator resubmits the messages to the categorizer.

To resolve this problem, you must create the required routing group connectors. You can't use Exchange System Manager on the server that runs Exchange 2003 or Exchange 2000 to perform this procedure. You must use the Exchange Management Shell on the Exchange 2007 server.

Collection:Exchange 2007 Client Access Server Role(1)

Client Access Role

The Client Access Role is similar to the role a Front-End server would play in an Exchange 2000/2003 organization. The Client Access server is the server that users connect to with their mail client, mobile device, or web browser. The Client Access server handles all connections whether they come from an application such as Outlook 2003 or 2007, Outlook Express, or any other MAPI, POP3 or IMAP4 client. The Client Access server also handles connections made from mobile devices such as a Windows Mobile 5 Smartphone, or any other device using Exchange ActiveSync. Exchange ActiveSync in Exchange 2007 supports all devices with PocketPC 2002/2003 and Windows Mobile 5. Figure 2 shows how all the clients and roles connect to each other.

                                              Figure 2: Exchange 2007 Client Access

This role also provides Outlook Web Access (OWA). OWA allows a user to access his or her mailbox from a web browser and have full access to all the information in the mailbox including task lists, calendar information, mail items and public folders. One of the hot new functions of OWA is Sharepoint and UNC access. Now users can access UNC shares (\\servername\share) and Sharepoint document libraries reducing the need for complex VPN configurations

Collection:Exchange 2007 Edge Transport Server Role(1)

To back up an Edge Transport Server by using ExportEdgeConfig.ps1

1. Copy the ExportEdgeConfig.ps1 script to the root folder of your user profile on the server that you are backing up.
2. Capture the configuration with the ExportEdgeConfig.ps1 script by running the following command in the Exchange Management Shell:

./ExportEdgeConfig -cloneConfigData:"C:\CloneConfigData.xml" Note:

Replace C:\CloneConfigData.xml with the full path of the XML backup file to be created by the ExportEdgeConfig.ps1 script.

The confirmation message, "Edge configuration data is exported successfully to: C:/CloneConfigData.xml," appears.

3.      Copy the output file to a secure location.

To restore an Edge Transport Server by using the ImportEdgeConfig.ps1 script

1. Perform a clean installation of the Edge Transport server that has the same server name as the server you are restoring.
2. Copy the ImportEdgeConfig.ps1 script to the root folder of your user profile on the server that you are restoring.
3. Validate the configuration file and create an answer file that will provide server-specific information when the file is imported by running the following command in the Exchange Management Shell:

./importedgeconfig.ps1 -cloneConfigData "C:\CloneConfigData.xml" -isImport $false -CloneConfigAnswer "C:\CloneConfigAnswer.xml"

4. Open the answer file and modify any settings that are invalid for the server. If no modifications are required, the answer file will have no entries. Save your changes.
5. Import the Edge Transport server configuration by using the ImportEdgeConfig.ps1 script. Run the following command in the Exchange Management Shell:

./importedgeconfig.ps1 -cloneConfigData "C:\CloneConfigData.xml" -isImport $true -CloneConfigAnswer "C:\CloneConfigAnswer.xml"

Note:

Replace C:\CloneConfigData.xml with the full path of the intermediate XML template that will be used by the ImportEdgeConfig.ps1 script. Replace C:\CloneConfigAnswer.xml with the full path of the XML answer file.

The confirmation message, "Importing Edge configuration information succeeded," appears.

6. Run the Edge Sync process to replicate Active Directory information to ADAM and perform regularly scheduled synchronization.

Collection: Exchange 2007 Mail Transport Query(1)

Troubleshooting Mail Flow from Exchange Server 2007 to Exchange 2000 or Exchange 2003 in the Same Organization

This topic provides information about how to troubleshoot Microsoft Exchange Server 2007 mail flow issues between Exchange 2007 and Exchange Server 2003 and Exchange 2000 Server. After you install Exchange 2007 into your Exchange 2003 or Exchange 2000 organization, you may notice that there is no mail flow from Exchange 2007 to Exchange 2003 or Exchange 2000. However, you can send e-mail messages from Exchange 2003 or Exchange 2000 to Exchange 2007. The queue is in retry mode with the following error information:

"451 4.4.0 Primary IP address responded with: 535 5.7.3 anonymous authentication not allowed."

This issue occurs when the fully qualified domain name (FQDN) setting on the Exchange 2003 or Exchange 2000 server's Simple Mail Transfer Protocol (SMTP) virtual server does not match the internal FQDN of the server.

 Resolution

To resolve the problem, change the FQDN to the correct name.

 Before You Begin

To perform this procedure, the account you use must be delegated the following:

• Membership in the local Administrators group

Active Directory Service Interfaces (ADSI) Edit can be run from a client computer or server. The computer does not have to be a member of a domain, but the user must have the rights to view and edit the Active Directory directory service domain to which the user is connecting.

Important:

If you use ADSI Edit or any other Lightweight Directory Access Protocol (LDAP) version 3 client, and you incorrectly modify the attributes of Active Directory objects, serious problems may occur. These problems may require you to reinstall Windows Server 2003, Exchange 2007, or both Windows Server 2003 and Exchange 2007. Microsoft cannot guarantee that problems that occur if you incorrectly modify Active Directory object attributes can be solved. Modify these attributes at your own risk.

 Procedure

 To use ADSI Edit to change the FQDN to the correct name

1. Install ADSI Edit.
2. Launch ADSI Edit. Click Start, click Run, type adsiedit.msc in the text box, and then click OK.
3. Locate the servicePrincipalName attribute for the Exchange 2003 or Exchange 2000 server by going to this location: CN=Computers under Domain Configuration.
4. Right-click the Exchange 2003 or Exchange 2000 server, and then click Properties.
5. Select the servicePrincipalName attribute for this Exchange 2003 or Exchange 2000 server.
6. Determine the value in the format of SMTPSVC/FQDN and make sure the FQDN is correct. If the FQDN is incorrect, change it to the correct FQDN.
7. In Exchange System Manager on the Exchange 2003 or Exchange 2000 server, click the SMTP virtual server that you want to configure.
8. On the Action menu, click Properties.
9. Click the Delivery tab, and then click Advanced.
10. In the Advanced Delivery dialog box, type the same FQDN as the one you identified in the servicePrincipalName attribute.
11. Click OK to close the virtual server properties.
12. Stop, and then restart the SMTP service.
13. Click OK, and then close ADSI Edit.

Collection: Exchange 2007 Hub Transport Server Role(1)

Hub Transport Role

The Hub Transport role is responsible for all internal mail flow. This role is similar to the bridgehead server in an Exchange 2000/2003 organization. In fact it originally was called the Bridgehead Role until it was changed.

The Hub Transport server, as well as the rest of the server roles, is installed on member server(s) in an Active Directory domain. There is no need for ADAM on this, or any other role aside from the Edge Transport. Because it is a member of an AD domain, all its configuration information is stored in AD and any other Hub Transport servers you install will get their configuration from AD.

Inbound mail is accepted from the Edge Transport and passed on to the user's mailbox and all outbound mail is relayed from the Hub Transport to the Edge Transport and out to the Internet. The Hub Transport and Edge Transport servers are very similar and in fact, one can forgo the Edge Transport server and configure the Hub Transport to accept mail from, and send mail to, the Internet. Hub Transport agents can also be deployed to enforce corporate message policies such as message retention, something that will come as good news to administrators attempting to comply with SarbOx rules.

The Anti-Spam and Anti-virus features of the Edge Transport can be configured on the Hub Transport in order to reduce the number of servers required. It is quite feasible that you may only have one server in your Exchange organization with all the roles installed on it. In this case you cannot have an Edge Transport and all those features will be passed on to the Hub Transport role.

Backing up Transport Servers

Unlike Mailbox Servers, the Hub Transport and Edge Transport roles do not require any special Exchange-aware backup software.  All of the necessary data for recovering a Transport server is contained within:

• Active Directory (for Hub Transport servers, but not Edge Transport servers)
• The Active Directory Application Mode (ADAM) database (for Edge Transport servers)
• The server’s file system
• The server’s System State

Hub Transport servers can be backed up using the built in Backup utility in Windows Server.  At the very least the backup should include the System State and the C:Program FilesMicrosoftExchange ServerTransportRoles location of the file system (and all sub directories).

Recovering Hub Transport Servers

In this scenario the EXCHHUB server has been lost due to hardware failure.  Spare server hardware has been used to reinstall Windows Server 2003 along with the Exchange Server 2007 pre-requisites.  The newly built server has the same name and IP address of EXCHHUB.  Now we can begin the recovery of the Hub Transport server.
First, remove any Edge Subscriptions that existed for the Hub Transport server being recovered.  If you skip this step you may receive a certificate error during the recovery install.

In a command prompt run the following command from the location of the Exchange setup files.

setup /m:RecoverServer /DoNotStartTransport

Collection: Exchange 2007 MailBox Server Role(1)

Mailbox Server Role

The Mailbox role holds the Exchange databases within which the user mailboxes are contained. It is also home to the Public Folder databases if you enabled Public Folders.Exchange Server 2007 Standard edition supports a total of 5 Storage Groups and 5 databases. Enterprise edition supports up to 50 Storage groups and a maximum of 50 databases per server.

Exchange Server 2007 Backup and Recovery  – Mailbox Servers

Backing up the Databases

In Exchange Server 2007, it is important to have a backup of mailbox server role.  Mailbox storage groups can be backup using ntbackup features of Windows Server 2003.

Restoring the Database

Before beginning the database restore operation we must first prepare the database for recovery.  To do this open the properties of the Mailbox Database and tick the “This database can be overwritten by a restore” check box.

Using the NTBackup program we can now commence the restore of the Storage Group containing the Mailbox Database.

Mailbox Database restores will not automatically initiate a transaction log replay and then mount the database unless we specifically choose to.  This is for situations where the restore will involve a “full” backup set followed by a “differential” backup set, or followed by one or more “incremental” backup sets.  In this case we are only restoring a full backup set, so we can enable the “Last Restore Set” and “Mount Database after Restore” settings.  We must also specify a temporary path for log and patch files.

Once the restore operation is complete we can see that the Mailbox Database is now mounted and online again.