Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 109 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
109
Dung lượng
2,27 MB
Nội dung
Contents
Overview 1
Lesson 1: DeploymentTools 2
Lesson 2: ADCTools 39
Lab 6.1 Exchange 2003 ADC replication
featuring DeploymentandADCTools 71
Appendix A: Sample log files 86
Appendix B: Learning Measure Answers 107
Acknowledgments 107
Module 6:Deployment
Tools andADCTools
Information in this document, including URL and other Internet Web site references, is subject to
change without notice. Unless otherwise noted, the example companies, organizations, products,
domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious,
and no association with any real company, organization, product, domain name, e-mail address,
logo, person, place or event is intended or should be inferred. Complying with all applicable
copyright laws is the responsibility of the user. Without limiting the rights under copyright, no
part of this document may be reproduced, stored in or introduced into a retrieval system, or
transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or
otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
2003 Microsoft Corporation. All rights reserved.
Microsoft, MS-DOS, Windows, Windows NT, Active Directory, ActiveX, Excel, Exchange Server
5.5, Exchange 2000 Server, Exchange Server 2003, Internet Explorer, Internet Information Server,
Word are either registered trademarks or trademarks of Microsoft Corporation in the United States
and/or other countries.
The names of actual companies and products mentioned herein (Groupwise, Lotus cc:Mail, Lotus
Notes) may be the trademarks of their respective owners.
Module6:DeploymentToolsandADCTools 1
Overview
For this module, we will discuss the new deployment features available with
Exchange Server 2003 and differentiate the deployment process from Exchange
2000.
Topic 1 DeploymentTools
Topic 2 Active Directory Connector (ADC) Tools
Topic 3 Appendix
Prerequisites
1) Experience with installing Exchange 2000 into Exchange 5.5 sites
2) Prior usage of Virtual PC or Virtual Server
2 Module6:DeploymentToolsandADCTools
Lesson 1: DeploymentTools
Basic Overview
History:
Customers that installed Exchange 2000 experienced a paradigm shift in the
complexity of the underlying operating system. With Windows 2000
introducing several new concepts, installers were burdened with learning the
differences in how Active Directory uses Domain Name System (DNS),
Lightweight Directory Access Protocol (LDAP), and a variety of new server
roles for establishing suitable infrastructures for Exchange 2000. Microsoft
Product Support Services learned that these infrastructures failed too often, or
were never configured correctly at their inception. Although many of the
support calls were caused by platform-level mishaps (such as improper DNS
configurations, Active Directory permission-misconfigurations, and lack of
connectivity to operations masters), more daunting challenges existed for
migrations from Exchange 5.5. These Exchange 5.5 migration challenges were
often
discouraging customers from deploying Exchange 2000. (For example, a
customer might find it extremely difficult to roll back after a failed disaster
recovery scenario following a failed in-place upgrade.)
completely ignored or skipped by customers. For example, NTDSNoMatch
is supposed to be written on Exchange 5.5 objects, yet customers didn’t
know of the existence of NTDSNoMatch due to delayed documentation
when Exchange 2000’s retail version shipped. Additionally, many
customers skipped configuration of Connection Agreements due to their
complexity, or even worse…
improperly configured through guesswork. (Installers who were new to
Exchange 2000 were accustomed to “Install first, configure later”
methodologies, yet Exchange 2000 deviated from other server applications
Module6:DeploymentToolsandADCTools 3
by requiring tremendous configuration changes to their current topology
before installing. This approach occurred most often with small to medium-
sized companies who lacked the time or manpower to research the
deployment process, and would take a simple approach to running the setup
process without reviewing the appropriate pre-setup steps.)
By not meeting those challenges, what resulted were problems ranging from
unintended standalone orgs incompatible with Exchange 5.5 orgs, to creating
thousands of duplicate Active Directory objects that were improperly replicated
due to no NTDSNoMatching, to disaster recovery on Exchange 5.5 directories
where customers unintentionally created (and then mistakenly deleted)
mismatched accounts, to non-functional transports. These large percentages of
failed or blocked deployments rapidly cost Microsoft Product Support Services
a high price because there was no easy corrective path. Instead, Microsoft
Product Support Services would occasionally clean up corrupted Exchange 5.5
and Active Directories, and then re-deploy Exchange 2000 for customers. Even
today, where installers are armed with a great deal of knowledge that gradually
became publicly available, they are still prone to encountering problems, simply
because of the sheer quantity and complexity of deployment steps. Even
administrators who were simply migrating, who may not be concerned with
Exchange 5.5/2000 interoperability, are required to fumble through the various
coexistence measures because migrations require temporary interoperability
with Exchange 5.5. So a process was needed to improve customer education
and ensure the structural integrity of Exchange 5.5 and Active Directory
topologies, leading to improving deployment success rates.
The solution:
Efforts to prevent Exchange 2000 deployment mistakes of the past have
culminated into the creation of the Exchange 2003 deployment tools. A
multipurpose effort, the deploymenttools not only avoids the huge gap in
customer education when Exchange 2003 ships; it also proactively scans the
Active Directory and Exchange 5.5 infrastructures for possible problems that
may prevent successful Exchange 2003 deployments. The customer education
effort is achieved through a comprehensive help file/installation guide, which
takes into consideration four major deployment scenarios and provides
prescriptive deployment steps for each. A picture of the help file is shown in
figure 1.1:
4 Module6:DeploymentToolsandADCTools
Figure 1.1: An example of the deploymenttools step-by-step deployment guide, in the form of a
compiled HTML help file. (pre-release version)
Although the user-education portion may appear informational at first glance,
there are ActiveX controls embedded within each HTML page that, when
clicked, will spawn scripts to proactively check for problems on the local
system, within Exchange 5.5 directory, within Active Directory, or all of the
above. Technically, the scripts call upon the deployment tools, but the
collection of tools plus help file is most commonly-referred as the “Deployment
Tools.”
Module6:DeploymentToolsandADCTools 5
Tool Execution
There are three ways to call upon the Deployment Tools:
Method 1 – From the help file (most common): The Deployment Tools’ step-
by-step guide is a compiled HTML help file. In other words, it is a collection of
Web pages that are combined into a single file with a .CHM extension. For
customers to execute the help file, they must launch the HTML application
(exdeploy.hta), which then renders the Exdeploy.chm contents within its frame.
The CHM/HTA file may be navigated just like a collection of Web pages
within a Web site. (See the “Process flow” heading for information about
HTML applications). The CHM file may be decompiled into separate HTML
pages using Visual Studio, though that is outside the scope of this discussion.
Although you could launch the exdeploy.CHM file, and click on “Home” to get
to the starting point of the deployment steps, it is not recommended because of
Internet Explorer browsing problems. Thus, it is recommended to launch
exdeploy.HTA instead.
While browsing through a page that contains a script, users launch each
Deployment Tool by entering-in servername information onto the Web page.
When they hit “run <toolname> now”, a script takes the user input as
parameters to execute the tool(s) in a separate command window, shown by the
bottom portion of figure 1.2:
6 Module6:DeploymentToolsandADCTools
Figure 1.2: Tool execution through the help file spawns the exdeploy.exe command line tool with a
hidden switch. Under the hood, the CHM is running “exdeploy.exe /s:racecar /gc:palindromes
/t:orgprepcheck”
The command window disappears when the exdeploy tool has finished
execution. However, during execution, the tools will log success and failure
information into exdeploy.log file, typically located in c:\exdeploy logs. Log
files are appended-to, not overwritten, when tools are run more than once.
Although exdeploy.chm contains links to launch the tools, the tools themselves
may not be launched without the existence of binaries (DLLs and EXEs) within
the same directory as the CHM file. The deploymenttools help file and binaries
are located on the Exchange 2003 CD, underneath the \support\exdeploy
directory.
Method 2 – From the command prompt: The error-checking tools may also
be launched from the command line by running exdeploy.exe. Exdeploy.exe is
an executable that can launch various deploymenttools depending upon the
switches used. In fact, all of the deploymenttools may be launched using
exdeploy.exe, without requiring the CHM file. However, none of the tools may
be launched from the CHM/HTA file if the CHM/HTA exists in a directory
without exdeploy.exe supporting it.
Using Method 2 to manually execute a deployment tool should only be used
when troubleshooting, or when someone is already familiar with the ordering of
the help file (since some tools will fail unless you have performed certain steps
only mentioned in the CHM file). Here is an example of running a deployment
tool from the command prompt:
D:\SUPPORT\EXDEPLOY>exdeploy /s:55server /gc:gc01
/t:adcusercheck
Results of these tools will be logged to 'exdeploy.log'.
Exchange DeploymentTools documentation provides information
on how to solve encountered issues.
Calling ADCUserCheck
ADCUserCheck completed successfully.
Module6:DeploymentToolsandADCTools 7
Like Method 1, tools will still create/append-to logfiles located in the logging
path (c:\exdeploy logs by default). Some tools will even write their own logfile,
named after the tool itself. Often, installers will attempt to run the tools
comprehensively (using the /c switch), so that all of the tools will be run with
one command line execution. Comprehensively running the tools is not useful
for the customer before setup because many of the deploymenttools tests will
fail when it checks for existence of Active Directory objects that only exist
post-setup. However, it is useful to Microsoft Product Support Services for
troubleshooting an installation that has already completed, since a low level of
information gathering (i.e. list of server names, sites, list of unreplicated users)
is readily available in c:\exdeploy logs.
Deployment tools may also be launched in tool groups. For instance, when you
run “/t:DSScopescan” you actually launch five deploymenttools contained
within that group: DSConfigSum, DSObjectSum, UserCount, VerCheck, and
OrgNameCheck. Tool groupings are documented within exdeploy.exe usage
(simply by typing exdeploy /?) and also within the exdeploy.chm reference
topics.
Method 3 – from the Exchange 2003 setup wizard: The user has no control
here, as setup.exe will automatically launch a few of the deploymenttools to
perform some basic pre-requisite checking before continuing setup. In
Exchange 2000, there were fewer checks prior to the file-copy/register phase, so
when setup proceeded to the latter stages, it would often fail catastrophically.
The Exchange 2003 setup program is now improved with additional pre-
requisite checks, some of which look for completion of certain deployment
tools before allowing itself to proceed to file-copy/registry modification phases
of setup. Since setup.exe employs the use of the same tools as exdeploy.exe, we
will discuss the glue DLL that is utilized by both.
Figure 1.3: Exchange 2003 Glue DLL has multiple interfaces, since it is
called by exdeploy and Exchange 2003 setup.
The Exchange 2000/2003 setup program runs through prerequisite checks upon
launch, and if any prerequisite checks fail, their associated errors (possible
8 Module6:DeploymentToolsandADCTools
reasons/recommended actions) are displayed as a popup on the setup wizard’s
component selection screen.
[10:44:03] ********** Beginning Exchange DeploymentTools
**********
[10:44:03] Starting Exchange 6851 DeploymentTools on Windows
5.0.2195 at 10:44:03 01/13/2003
[10:44:03] Entering HrDirPreReq_Initialize
[10:44:03] Init called with Domain Controller tilab-dc and
Exchange 5.5 server root55. Setup's language ID is 0
[10:44:03] Entering HrRegisterAXDLL
[10:44:03] Leaving HrRegisterAXDLL
[10:44:03] Entering HrRegisterAXDLL
[10:44:03] Leaving HrRegisterAXDLL
[10:44:03] Leaving HrDirPreReq_Initialize
[10:44:21] Entering HrDirPreReq_ConfigInit
[10:44:55] Leaving HrDirPreReq_ConfigInit
[10:44:55] Entering HrDirPreReq_ObjectInit
[10:45:46] Leaving HrDirPreReq_ObjectInit
[10:45:46] Entering HrDirPreReq_UserInit
[10:46:20] Leaving HrDirPreReq_UserInit
[10:46:20] Entering HrDSConfigSum
[10:46:21] Leaving HrDSConfigSum
[10:46:21] Entering HrDSObjectSum
[10:46:21] Leaving HrDSObjectSum
[10:46:21] Entering HrUserCount
[10:46:21] Leaving HrUserCount
[10:46:21] Entering HrVerCheck
[10:46:21] VerCheck verifies if your Exchange 5.5 servers can
be upgraded to Exchange 2000. Details are logged in
vercheck.log.
[10:46:21] Leaving HrVerCheck
[10:46:21] Entering HrRunNetdiag
[10:46:21] Entering HrGetDSILog
[10:46:21] Leaving HrGetDSILog
[10:46:36] Entering HrMapFileName
[10:46:36] Entering HrMapFileHandle
[10:46:36] Leaving HrMapFileHandle
[10:46:36] Leaving HrMapFileName
[10:46:36] Entering HrFindPrintErrorMessage
[10:46:36] Warning: Possible error string '. . . : Failed'
detected in netdiag output.
[10:46:36] Leaving HrFindPrintErrorMessage
[10:46:36] HrRunNetdiag
(f:\df6851\dsa\src\deploy\dsintegchk\netdiag.cpp:888). Error
code 0X80040001(1).
[10:46:36] Leaving HrRunNetdiag
[10:46:36] Entering HrOrgNameCheck
[10:46:37] Leaving HrOrgNameCheck
[10:46:37] Entering HrDirPreReq_Terminate
[10:46:37] Leaving HrDirPreReq_Terminate
The exdeploy-progress.log can be opened using logparser.exe. However, its
filters for logging levels do not work, so leave the setting on maximum (log
level 3). The only benefit to opening in logparser is to use logparser’s ability to
[...]... KB article Q291170) 28 Module6:DeploymentToolsandADCToolsModule6:DeploymentToolsandADCTools 29 Validation Tools Validation Tools These are a series of tools used to check on the success of the server installation The output of these tests should give customers a better idea of what problems exist that are not normally seen by any existing GUI administration tool ADCConfigCheck – verifies... resdc01 succeeded Module6:DeploymentToolsandADCTools 19 In the output above, the entries “TestEXConnect” and “TestNTConnect” are the result of the additional debug logging Enabling this environment variable also causes exdeploy.log to be produced with debug output whenever Exchange 2003 setup.exe calls upon the deploymenttools glue DLL 20 Module6:DeploymentToolsandADCTools DCDiag/NetDiag... an installer and for the purposes of saving time, you could manually insert the ADCUserCheck marker using ADSIEdit and skip all of the deploymenttools However, normal customers should not utilize this shortcut since you want them to utilize deptools/adctools Module 6:DeploymentToolsandADCTools 13 Process Flow The deployment process begins when customers insert their Exchange 2003 CD or run setup.exe... certain condition (ADCUserCheck marker) is satisfied by the deploymenttools Note The backdoor executable (\CD ROOT\setup\i386\setup.exe) may still run the setup wizard, but this path is less discoverable for unexperienced installers ADCUserCheck, along with other markers, are illustrated in figure 1.4 below: Module6:DeploymentToolsandADCTools 11 Figure 1.4: The deploymenttools completion markers,... only choose the deploymenttools link 14 Module6:DeploymentToolsandADCTools Figure 1.5: The introductory splash screen, no longer allows on-demand Exchange installations The splash screen link to the deploymenttools actually points to \support\exdeploy\exdeploy.hta, which is a simple HTML application that calls upon exdeploy.chm Framed within the HTA, the CHM file’s content and ordering is... the right-hand side of figure 1.3, the glue DLL will call into the actual tools themselves The tools are EXEs, DLLs, or even scripts If the individual tool is a script or separate EXE (such as policytest.exe), then the glue DLL makes a call to CreateProcess 9 10 Module6:DeploymentToolsandADCTools Markers: Before discussing the process flow, consider that several phases of the deploymenttools will... successfully [17:43:03] #*** Policy Check finished: ***# Install Active Directory Connector and Run ADCTools The next step in the deployment process is for the deployment administrator/consultant to install the Exchange 2003 ADC Service, and then use the ADCtools to prepare for and then create connection agreements The ADCTools process is somewhat lengthy, so we will discuss its internals in more detail... deptools examines the existing Exchange 5.5 and Active Directory infrastructure for Exchange 2003 suitability Note that interorganizational (cross-forest) migrations or deployments of multiple Exchange organizations are too advanced and are not discussed by exdeploy.chm Crossforest deployments is discussed in another training module Module 6:DeploymentToolsandADCTools 17 DSScopeScan Since the “Coexistence... the behavior 22 Module6:DeploymentToolsandADCTools OrgPrepCheck Once these actions are completed, the user is prompted to run the OrgPrepCheck tool group - comprised of the following tools: OrgCheck: verifies the Exchange extensions to the Active Directory schema, checks the existence and membership of the Exchange Domain Servers group and Exchange Enterprise servers group, and checks that a... Warning: ADCTools detected that some users were not replicated from the Exchange 5.5 directory to Active Directory [00:12:08] Leaving HrDirPreReq_Test [00:12:08] Entering HrDirPreReq_Terminate [00:12:08] Leaving HrDirPreReq_Terminate 26 Module6:DeploymentToolsandADCTools In the above sample output, the ADCUserCheck marker exists, but not all of the objects have been replicated between Exchange 5.5 and . the deployment tools, but the
collection of tools plus help file is most commonly-referred as the Deployment
Tools. ”
Module 6: Deployment Tools and ADC. the deployment tools link.
14 Module 6: Deployment Tools and ADC Tools
Figure 1.5: The introductory splash screen, no longer allows on-demand Exchange