1. Trang chủ
  2. » Công Nghệ Thông Tin

how to cheat at configuring exchange server 2007 phần 10 ppsx

67 290 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 67
Dung lượng 2,01 MB

Nội dung

Figure 10.8 Running Setup.com with the PrepareSchema Switch Prepare AD The Setup.com /PrepareAD command is used to configure global Exchange objects in Active Directory, create the Exchange Universal Security Groups (USGs) in the root domain, and prepare the current domain.The global objects reside under the Exchange organization con- tainer. In addition, this command creates the Exchange 2007 Administrative Group, which is named Exchange Administrative Group (FYDIBOHF23SPDLT), as well as creating the Exchange 2007 Routing Group, called Exchange Routing Group (DWBGZMFD01QNBJR). You can run the Setup.com /PrepareAD command before running /PrepareLegacyExchangePermissions and /PrepareSchema, as shown in Figure 10.9. Doing so will run the /PrepareLegacyExchangePermissions and /PrepareSchema commands automatically. Running this command requires you log on with an account that is a member of the Enterprise Admins group. Figure 10.9 Running Setup.com with the PrepareAD Switch www.syngress.com 536 Chapter 10 • Transitioning from Exchange 2000 or 2003 to Exchange 2007 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 536 As you might be aware, Exchange 2007 doesn’t use Routing Groups and Administrative Groups, as Exchange 2000 or 2003 did. Administrative Groups have been dropped com- pletely, and message routing in Exchange 2007 is based on Active Directory sites. But for Exchange 2007 to c-exist with Exchange 2000 or 2003, Exchange must create the men- tioned Administrative Group and Routing Group, which can only be viewed via an Exchange 2000 or 2003 System Manager or by using ADSI Edit, as shown in Figures 10.10 and 10.11. Figure 10.10 Exchange 2007 Administrative and Routing Group in the Exchange 2003 System Manager Figure 10.11 Exchange 2007 Administrative and Routing Groups in ADSI Edit www.syngress.com Transitioning from Exchange 2000 or 2003 to Exchange 2007 • Chapter 10 537 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 537 SOME INDEPENDENT ADVICE Okay, with all these boring switches, it’s time for a little fun! Did you know that although coding a product such as Exchange 2007 is a lot of hard work, the Exchange Product Group always has time for a little humor? To prove it, let’s take the GUID of the Administrative Group shown in Figure 10.10 and shift each letter upward. Now do the same for the GUID of the Exchange Routing Group shown in Figure 10.11, but do it downward. Did you manage to see what it translates to? Yes, it’s EXCHANGE12ROCKS! For those who don’t know, “Exchange 12” was the codename for Exchange Server 2007 until the product got a real name in April 2006. PrepareDomain and PrepareAllDomains It’s also possible to prepare a local domain or all domains in the Active Directory using the Setup.com /PrepareDomain and Setup.com /PrepareAllDomains, respectively.These switches will set permissions on the Domain container for the Exchange servers, Exchange Organization Administrators, Authenticated Users, and Exchange Mailbox Administrators; create the Microsoft Exchange System Objects container if it does not exist; set permissions on this container for the Exchange servers, Exchange Organization Administrators, and Authenticated Users; and in the current domain, create a new domain global group called Exchange Install Domain Servers. In addition, it will add the Exchange Install Domain Servers group to the Exchange Servers USG in the root domain. Like the commands we’ve already been through, these commands also need to be run from a Command Prompt window, as shown in Figure 10.12. Figure 10.12 Running Setup.com with the PrepareDomain Switch www.syngress.com 538 Chapter 10 • Transitioning from Exchange 2000 or 2003 to Exchange 2007 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 538 Preparing the Exchange 2007 Server When our environment has been prepared for Exchange Server 2007, the next step is to prepare the server on which you plan to install Exchange 2007 and then begin the actual Exchange installation. Since all these steps were covered intensely in Chapter 2, we won’t repeat them here, but we will quickly mention a couple of things that are different in installing Exchange 2007 into a legacy Exchange organization. During the installation, you’re given the option of creating a routing group connector between the administrative group containing the legacy Exchange server(s) and the Exchange 2007 administrative group, as shown in Figure 10.13. Figure 10.13 Preparing the Exchange 2007 Routing Group Connector This routing group connector is created in both directions and needs to be created to establish mail flow between the servers in the legacy routing group and the Exchange 2007 routing group. In addition, the Exchange 2007 Setup Wizard won’t ask you whether a Public Folder database to support legacy Outlook clients should be created but will instead do so automatically.The reason behind this behavior is probably that the Exchange Product Group took for granted that all organizations that will make a transition to Exchange 2007 still have legacy Outlook clients deployed in the organization. When Exchange 2007 has been installed successfully, you should remember to complete the tasks listed under the Deployment tab on the Microsoft Exchange node, or at least the tasks relevant to your environment.You should also skim through the optional tasks list on the End-to-End Scenario tab. Again, refer to Chapter 2 for further information. www.syngress.com Transitioning from Exchange 2000 or 2003 to Exchange 2007 • Chapter 10 539 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 539 Exchange 2003 and Exchange 2007 Coexistence It should come as no surprise that there are several things you should be aware of when you’re dealing with a coexistence environment consisting of Exchange or 2003 and Exchange 2007. Most of the management-related tasks (creating and moving mailboxes and administering public folders) were mentioned in Chapter 3, but there are also a few things you should be aware of when it comes to organization wide or global settings. When the first Exchange 2007 server has been deployed in the legacy Exchange organi- zation, most of the Global Settings that originally were configured on an Exchange 2000 or 2003 server will be transferred to the Exchange 2007 Server automatically, since global Exchange settings are stored in Active Directory.This means that recipient policies, Internet Message Formats, SMTP connectors, and Exchange delegation permissions are applied to user mailboxes stored on the Exchange 2007 as well. SOME INDEPENDENT ADVICE Any Exchange ActiveSync (EAS) device policy settings you have enabled on an Exchange 2003 SP2 server will not be transferred to Exchange 2007. This means that you must make sure that you enable any EAS polices you created on the Exchange 2007 server for the legacy mailboxes you move to the Exchange 2007 server. Figure 10.14 shows you the default policy originally created on our Exchange 2003 server. Figure 10.14 The Exchange 2003 Default Policy 540 Chapter 10 • Transitioning from Exchange 2000 or 2003 to Exchange 2007 www.syngress.com 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 540 Also note that when the Exchange 2007 server has been deployed in the legacy Exchange organization, any of the organization-level settings should be managed using Exchange 2007 Management tools (EMC or EMS) during the coexistence period. Replicating Public Folders to Exchange 2007 When you deploy an Exchange 2007 server with the Mailbox Server role installed into a legacy Exchange organization, Exchange Setup will create one Mailbox database and one Public Folder database on the server by default, as shown in Figure 10.15. Figure 10.15 Exchange 2007 Mailbox and Public Folder Databases The Public Folder database is created so that you can replicate any Public Folder data stored on your legacy Exchange servers to Exchange 2007. Even if you don’t use Public Folders to store data in your environment, there’s one other reason you might want to keep the Public Folder database mounted on your Exchange 2007 server.As you might know, Exchange 2007 no longer uses a Public Folder (or more specifically, a System Folder named SCHEDULE+ FREE BUSY in your Public Folder hierarchy) to store free/busy informa- tion for the mailbox users in the organization. Instead, free/busy information is stored directly in each user’s mailbox and retrieved using a new Web-based service called the www.syngress.com Transitioning from Exchange 2000 or 2003 to Exchange 2007 • Chapter 10 541 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 541 Availability service.The advantage of this new approach is that there are no longer any 15- minute delays when free/busy time for a user is updated. Instead, the update happens instantly. So why would we want to keep the Public Folder database on our Exchange 2007 server if free/busy information is retrieved using this new method? If you still have legacy Outlook clients (that is, Outlook 2003 and earlier versions) running in your organization, these clients still need to use the Public Folder method to retrieve free/busy information, since only Outlook 2007 supports the new Availability service. If you don’t use Public Folders to store data and only have Outlook 2007 clients deployed in your organization, you can safely remove the Public Folder database because you don’t have anything to use it for.This also means you can skip the following steps. Okay, let’s get going with setting up a replica for the Public Folders on our Exchange 2003 server that should be replicated with the new Exchange 2007 Public Folder database. To do so, we must use either the Exchange 2003 System Manager or the EMS. For the pur- pose of this example, we’ll use the Exchange 2003 System Manager. NOTE Managing Public Folders using the EMC is not possible in Exchange 2007 RTM but will be integrated into Exchange 2007 Service Pack 1. To add the Exchange 2007 Public Folder database to the replica list on the Exchange 2003 server, do the following: 1. Open the Exchange 2003 System Manager, then expand Administrative Groups | First Administrative Group | Folders | Public Folders, as shown in Figure 10.16. Figure 10.16 Public Folders in the Exchange 2003 System Manager 542 Chapter 10 • Transitioning from Exchange 2000 or 2003 to Exchange 2007 www.syngress.com 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 542 2. Now open the Properties page of each public folder, then click the Replication tab and add the Exchange 2007 server to the replica list, as shown in Figure 10.17. Figure 10.17 Public Folder Replication Tab NOTE Exchange 2003 Service Pack 2 introduced a new Public Folder Settings Wizard that makes it a breeze to add servers to replica lists. So if you have a lot of Public Folders in your Public Folder tree, we highly recommend that you use this wizard, which you can read more about in one of the author’s article at MSExchange.org (www.msexchange.org/tutorials/Public-Folder-Improvements- Exchange-2003-Service-Pack-2.html). If you have thousands of Public Folders, you might want to use the Public Folder replica scripts located in the Exchange Scripts folder (which can be found under C:\Program Files\Microsoft\Exchange Server). Even if you have legacy Outlook clients in your organization, you don’t need to set up a replica for the SCHEDULE+ FREE BUSY or the OFFLINE ADDRESS BOOK system folder, since this will be done automatically when you deploy an Exchange 2007 server in a legacy Exchange organization. When all Public Folders have been replicated to the Exchange 2007 server, you should remove the old Exchange 2000 or 2003 server(s) from the replica lists. When any Public Folder data has been removed from the respective Public Folder instances, you can dismount the old Public Folder stores (E2k3 SP2 won’t let you remove the Public Folder store until the www.syngress.com Transitioning from Exchange 2000 or 2003 to Exchange 2007 • Chapter 10 543 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 543 data is gone and it won’t get gone while it’s dismounted).You should verify that your clients still are capable of seeing Public Folder data as well free/busy information and accessing the offline address book before you delete it, though. If this is not the case, we recommend that you wait a little longer so that you’re sure the replication has occurred properly. SOME INDEPENDENT ADVICE Unlike previous versions of Outlook Web Access (OWA), OWA 2007 doesn’t include a GUI for accessing Public Folders. This means that to access Public Folders using Internet Explorer, you must open a separate browser window and type https://FQDN/public. It’s important that you’re aware of this missing feature. Pointing Internet Clients to the Client Access Server Now would be a good time to point any Internet client that is OWA, EAS, or RPC over HTTP (now called Outlook AnyWhere) in your organization to the client access server run- ning on the Exchange 2007 server. If you’re using a firewall such as ISA Server (which you do, right?), this change is done at your ISA Server firewall. If for some reason you don’t use an ISA Server in your DMZ but perhaps a Check Point FireWall-1 or another “firewall” such as a Cisco PIX, you should do the redirection there. If you don’t have a firewall, you should make the change on the external DNS server hosting your Internet domain. NOTE If your ISA server is configured to preauthenticate your OWA users, you must change the Authentication method for the OWA virtual directory under Server Configuration | Client Access in the EMC to Basic authentication, since it’s configured to use forms-based authentication by default. So, you ask, will any users with a mailbox on my Exchange 2000 or 2003 server still be able to use OWA, Exchange ActiveSync, or Outlook AnyWhere (formerly known as RPC over HTTP) to access their mailboxes? Yes, this will work just fine, since the client access server is backward compatible and will redirect the clients to the respective legacy mailboxes on the Exchange 2000 or 2003 server. www.syngress.com 544 Chapter 10 • Transitioning from Exchange 2000 or 2003 to Exchange 2007 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 544 NOTE When you make these changes, your users will no longer be able to access their mailboxes using Outlook Mobile Access (OMA), because OMA has been discontinued in Exchange 2007. Moving Legacy Mailboxes to Exchange 2007 Now we have reached the point at which we’re going to move our legacy mailboxes from Exchange 2000 or 2003 Server to Exchange 2007. Doing so is a straightforward process and can be done using either the Move Mailbox Wizard in the EMC or the Move-Mailbox CMDlet in the EMS. For the purpose of this book, we’ll use the EMC. Do the following: 1. If it’s not already open, launch the EMC, then expand the Recipient Configuration work center and click the Mailbox subnode. Now highlight all the legacy mailboxes, as shown in Figure 10.18, and then click the Move Mailbox task in the Action pane. Figure 10.18 Selecting Legacy Mailboxes in the Exchange Management Console www.syngress.com Transitioning from Exchange 2000 or 2003 to Exchange 2007 • Chapter 10 545 429_HTC_EXC_10.qxd 2/8/07 12:16 PM Page 545 [...]... servers to Exchange 2007, you must perform a transition, meaning that you’ll deploy Exchange 2007 into the existing Exchange organization and then move Exchange data and settings to Exchange 2007 Q: Can I do a transition from Exchange 5.5 to Exchange 2007? A: No A transition from Exchange 5.5 or earlier versions is not supported .To move from Exchange 5.5 to Exchange 2007, you must first upgrade to Exchange. .. connect to the Exchange 2007 server Decommissioning the Exchange Legacy Server Exchange 2003 server should be removed using the Exchange 2003 Setup program Before uninstalling the Exchange 2003 server, we first need to assign the Recipient Update Service (RUS) to our Exchange 2007 server Before uninstalling the Exchange 2003 server, we first need to delete the routing group connector assigned to the Exchange. .. legacy Exchange organization is running in native mode, we need to decommission any pre -Exchange 2000 servers (that is, Exchange 5.5 servers and previous versions) that exist in the Exchange organization Depending on your topology, Link State updates must be suppressed on any Exchange 2000 or 2003 servers in the Exchange legacy organization when you’re deploying an Exchange 2007 Server Bear in mind that... Server Replicating Public Folders to Exchange 2007 Managing Public Folders using the EMC is not possible in Exchange 2007 RTM but will be integrated with Exchange 2007 Service Pack 1 Even if you don’t use Public Folders to store data in your environment, there’s one other reason that you might want to keep the Public Folder database mounted on your Exchange 2007 server As you might know, Exchange 2007. ..429_HTC_EXC _10. qxd 546 2/8/07 12:16 PM Page 546 Chapter 10 • Transitioning from Exchange 2000 or 2003 to Exchange 2007 2 This will launch the Exchange 2007 Move Mailbox Wizard, where you need to specify the destination server, storage group, and mailbox database Select the Exchange 2007 Server in the drop-down box (see Figure 10. 19), and then click Next Figure 10. 19 Specifying the Exchange 2007 Server as... and Exchange delegation permissions are applied to user mailboxes stored on the Exchange 2007 as well Any Exchange ActiveSync (EAS) device policy settings you have enabled on an Exchange 2003 SP2 server will not be transferred to Exchange 2007. This means that you must make sure that you enable any EAS polices you created on the Exchange 2007 server for the legacy mailboxes you move to the Exchange 2007. .. Inbound Mail to the Exchange 2007 Server When all legacy mailboxes have been moved to an Exchange 2007 server, we can point SMTP traffic (port 25/TCP) directly to the Exchange 2007 server so that inbound messages are routed directly to it It’s recommended to deploy an Edge Transport server in your perimeter network (DMZ) and let this server route inbound messages to the Exchange 2007 server on your internal... written in Auto Attendants are replacements for human operators Auto Attendants can provide anonymous incoming calls with a series of voice prompts that help them locate the appropriate department or employee and place a call to that number.The Auto Attendant consists of voice prompts (WAV files) that callers get to hear instead of a human operator.This feature can also be used with Touch-Tone or speech... (domain), then click the Browse button under the Exchange Server text box and specify the Exchange 2007 Server instead Click OK twice and close the System Manager, as shown in Figure 10. 25 Figure 10. 25 Assigning the Recipient Update Service to the Exchange 2007 Server Microsoft will release an Exchange 2003 hotfix, which will prevent one from reassigning the RUS to an Exchange 2007 server, sometime in the future.This... 2003 to Exchange 2007 Get-Mailbox | Where-Object {$_.servername –eq “EDFS02”} | MoveMailbox –TargetDatabase:”EDFS03\Mailbox Database” or Get-mailbox Server EDFS02 | Move-Mailbox –TargetDatabase “EDFS03\Mailbox Database” Redirecting Inbound Mail to the Exchange 2007 Server When all legacy mailboxes have been moved to the Exchange 2007 server, we can point SMTP traffic (port 25/TCP) directly to the Exchange . ADSI Edit, as shown in Figures 10. 10 and 10. 11. Figure 10. 10 Exchange 2007 Administrative and Routing Group in the Exchange 2003 System Manager Figure 10. 11 Exchange 2007 Administrative and Routing. automatically when you deploy an Exchange 2007 server in a legacy Exchange organization. When all Public Folders have been replicated to the Exchange 2007 server, you should remove the old Exchange. Exchange server( s) and the Exchange 2007 administrative group, as shown in Figure 10. 13. Figure 10. 13 Preparing the Exchange 2007 Routing Group Connector This routing group connector is created in

Ngày đăng: 14/08/2014, 08:22

TỪ KHÓA LIÊN QUAN