Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 42 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
42
Dung lượng
1,21 MB
Nội dung
Contents Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Overview Introduction to Outlook Web Access Examining Outlook Web Access Components and Process Lab A: Sending E-mail Messages by Using Outlook Web Access 15 Configuring an HTTP Virtual Server 21 Securing Outlook Web Access Communications 23 Lab B: Configuring an HTTP Front-end Server 30 Review 35 Information in this document is subject to change without notice The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted Complying with all applicable copyright laws is the responsibility of the user No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation If, however, your only means of access is electronic, permission to print one copy is hereby granted Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property 2000 Microsoft Corporation All rights reserved Microsoft, Active Directory, BackOffice, Jscript, NetMeeting, Outlook, Windows, Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A and/or other countries The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted Other product and company names mentioned herein may be the trademarks of their respective owners Program Manager: Steve Thues Product Manager: Megan Camp Instructional Designers: Bill Higgins (Volt Technical), Jennifer Morrison, Priya Santhanam (NIIT (USA) Inc), Samantha Smith, Alan Smithee Instructional Software Design Engineers: Scott Serna Subject Matter Experts: Krista Anders, Megan Camp, Chris Gould (Global Logic Ltd), Janice Howd, Elizabeth Molony, Steve Schwartz (Implement.Com), Bill Wade (Wadeware LLC) Technical Contributors: Karim Batthish, Paul Bowden, Kevin Kaufman, Barry Steinglass, Jeff Wilkes Graphic Artist: Kimberly Jackson (Independent Contractor) Editing Manager: Lynette Skinner Editor: Kelly Baker Production Manager: Miracle Davis Build Manager: Julie Challenger Production Support: Marlene Lambert (Online Training Solutions, Inc) Test Manager: Eric Myers Courseware Testing: Robertson Lee (Volt) Creative Director, Media/Sim Services: David Mahlmann Web Development Lead: Lisa Pease CD Build Specialist: Julie Challenger Localization Manager: Rick Terek Operations Coordinator: John Williams Manufacturing Support: Laura King; Kathy Hershey Lead Product Manager, Release Management: Bo Galford Lead Product Manager, Messaging: Dave Phillips Group Manager, Courseware Infrastructure: David Bramble Group Product Manager, Content Development: Dean Murray General Manager: Robert Stewart BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access iii Instructor Notes Presentation: 60 Minutes Lab: 45 Minutes This module provides with students of an overview of Microsoft® Outlook® Web Access functionality Students examine the components of Outlook Web Access and learn how they work together to process client requests Students will be able to create and configure an (Hypertext Transfer Protocol) HTTP virtual server In addition, they will learn Outlook Web Access security and firewall configuration options After completing this module, students will be able to: ! Describe the benefits of Outlook Web access, the capabilities that HTTPDAV (Distributed Authoring and Version) provides to Outlook Web Access users, and the clients that are supported by Outlook Web Access ! Explain the function of each component used by Outlook Web Access to process a client request in a single server environment and front-end/backend environment ! Create and configure an HTTP virtual server ! Describe the authentication and encryption methods available when using Outlook Web Access with a single server configuration and a backend/front-end server configuration Materials and Preparation This section provides you with the required materials and preparation tasks that are needed to teach this module Required Materials To teach this module, you need the following materials: ! Microsoft PowerPoint® file 1572a_11.ppt Preparation Tasks To prepare for this module, you should: ! Read all of the materials for this module ! Read the white paper, “Outlook Web Access in Exchange 2000 Server,” located in the Additional Readings folder on the instructor compact disc ! Complete the labs BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY iv Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Module Strategy Use the following strategy to present this module: ! Introduction to Outlook Web Access In this topic, briefly explain the function of Microsoft Outlook Web Access Describe the features and limitations of Outlook Web Access Next, describe the function that Hypertext Transfer Protocol-Distributed Authoring Version (HTTP-DAV) provides Outlook Web Access users Review the clients and operating systems that Outlook Web Access supports; explain the difference in functionality between Web browsers and their versions ! Examining Outlook Web Access Components and Process In this topic, discuss the different components that enable Outlook Web Access clients gain access to Microsoft Exchange 2000 data Next, provide an step-by-step explanation of how the different components process client requests Next, explain how the process differs when using front-end/backend server configuration By understanding the components and the process, it will help students troubleshoot related issues Lastly, briefly review the directories and aliases that are associated Outlook Web Access ! Configuring an HTTP Virtual Server In this topic, briefly explain how to configure and HTTP virtual servers and how to connect to and disable the virtual server The important point to discuss is how Active Directory and the Directory Service to metabase (DS2MB) service both update the virtual server configuration information in the metabase ! Securing Outlook Web Access Communications In this topic, explain the benefits and limitations of each authentication method Explain the authentication limitations when using a front-end/backend server Next, discuss Secure Sockets Layer (SSL) encryption and how it is implemented in a standard configuration versus a front-end/back-end server configuration Lastly, discuss the firewall placement options and the benefits and limitations of each placement option BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access v Customization Information This section identifies the lab setup requirements for a module and the configuration changes that occur on student computers during the labs This information is provided to assist you in replicating or customizing Microsoft Official Curriculum (MOC) courseware Important The labs in this module are also dependent on the classroom configuration that is specified in the Customization Information section at the end of the Classroom Setup Guide for course 1572A, Implementing and Managing Microsoft Exchange 2000 Lab Setup The following list describes the setup requirements for the labs in this module Setup Requirement The labs in this module require Exchange 2000 and a custom MMC To prepare student computers to meet this requirement, perform one of the following actions: ! Complete the labs for Module 2, “Installing Microsoft Exchange 2000,” in course 1572A, Implementing and Managing Microsoft Exchange 2000 ! Install Exchange 2000 at D:\Program Files\Exchsrvr on each server into an organization named Northwind Traders Components installed are Microsoft Exchange Messaging and Collaboration Services, Microsoft Exchange System Management Tools, and Microsoft Exchange Instant Messaging Service Have the students create a custom MMC in the C:\Documents and Settings\All Users\Desktop that is saved as your_firstname Console The MMC contains the Active Directory Users and Computers snap-in and the Exchange System snap-in Setup Requirement The labs in this module require a custom organizational unit, a user account for each student, a mailbox for each student, an Outlook profile, and for the Domain Admins group to be delegated full control of the organization To prepare student computers to meet this requirement, perform one of the following actions: ! Complete the labs for Module 3, “Administering Microsoft Exchange 2000,” in course 1572A, Implementing and Managing a Microsoft Exchange 2000 ! Create an organizational unit in Active Directory that is named your_servernameOU for each server in the classroom Create a user account in each server’s OU for each student The account is a member of the Domain Admins group and has a mailbox on the student’s Exchange server Create an Outlook profile for each student on their own server that opens their mailbox Delegate the full administrator role on the Northwind Traders organization BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY vi Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Lab Results There are no configuration changes on student computers that affect replication or customization BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Overview Topic Objective To provide an overview of the module topics and objectives ! Introduction to Outlook Web Access Lead-in ! Examining Outlook Web Access Components and Process ! Configuring an HTTP Virtual Server ! Securing Outlook Web Access Communications In this module, you will learn how to deploy Outlook Web Access in a single-server environment and a front-end back-end server environment Outlook Web Access enables users to gain access to their Microsoft Exchange 2000 mailboxes by using an Internet browser By deploying Outlook Web Access, you provide access to data in public folders, network shares, and company intranets to remote and local users After completing this module, you will be able to: ! Describe the benefits of Outlook Web access, the capabilities that HTTPDAV (Distributed Authoring and Version) provides to Outlook Web Access users, and the clients that are supported by Outlook Web Access ! Explain the function of each component used by Outlook Web Access to process a client request in a single server environment and front-end/backend environment ! Create and configure an HTTP virtual server ! Describe the authentication and encryption methods available when using Outlook Web Access with a single server configuration and a backend/front-end server configuration BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access # Introduction to Outlook Web Access Topic Objective To introduce Outlook Web Access Lead-in Outlook Web Access provides a secure environment for users to access Exchange 2000 data by using an Internet browser, such as Microsoft Internet Explorer ! Outlook Web Access Benefits and Limitations ! Benefits of HTTP-DAV ! Outlook Web Access Client Support Outlook Web Access enables users to access their Exchange 2000 mailbox using a Web browser, such as Microsoft Internet Explorer Outlook Web Access can also provide access to mailbox data from UNIX, Macintosh®, and Microsoft Windows®-based computers that are connected to a server running Exchange 2000 These users can view and work with any public folder, mailbox, global address list, or calendar Note For UNIX users connecting to a server running Exchange 2000, Outlook Web Access is the primary solution for e-mail, calendar, and collaboration functionality Outlook Web Access uses HTTP-DAV to access mailbox data in Exchange 2000 With the integration of Internet Information Services (IIS) with Exchange 2000, Outlook Web Access uses components from both platforms to send and receive client requests to the client BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Outlook Web Access Benefits and Limitations Topic Objective Benefits To summarize the features and limitations of Outlook Web Access in Exchange 2000 Supports messages that contain Supports messages that contain embedded items and Microsoft embedded items and Microsoft ActiveX objects ActiveX objects Supports public folders that contain Supports public folders that contain contract and calendar items contract and calendar items Lead-in Outlook Web Access provides remote users with an efficient method to access their e-mail However, it may not provide the messaging solution for all users Supports multimedia message Supports multimedia message Uses named URLs to reference items Uses named URLs to reference items Supports front-end and back-end Supports front-end and back-end server configuration server configuration Supports Microsoft Internet Supports Microsoft Internet Explorer Explorer Limitations No Offline access No Offline access No advanced security No advanced security No advanced e-mail functions No advanced e-mail functions No calendaring and group scheduling No calendaring and group scheduling No task management No task management Outlook Web Access provides Internet users a convenient method for accessing Exchange 2000 However, it may not provide the client messaging solution for all users Benefits Outlook Web Access provides increased client performance and functionality by providing the following benefits ! Supports messages that contain embedded items (messages, appointments, contacts, and so on) and Microsoft ActiveX® objects For example, when a user opens a message containing an ActiveX object, Outlook Web Access renders and displays the object ! Supports public folders that contain contact and calendar items ! Supports multimedia messages Outlook Web Access enables you to easily add and send audio and video files ! Reference items by using a named Uniform Resource Locators (URLs) Previous versions of Outlook Web Access used globally unique identifiers (GUIDs) to access items like messages, folders, and so on from the Information Store Outlook Web Access now accesses these items using URLs, such as http://server/exchange/mailbox/inbox This simplifies accessing Information Store data for users and developers ! Supports front-end and back-end server configuration, which improves performance and provides scalability of Exchange 2000 ! Supports Microsoft Internet Explorer Internet Explorer users benefit from an interface that is similar to Microsoft Outlook 2000 Outlook Web Access is also more efficient for Internet Explorer users because it does not require that constant communication with the server running Exchange 2000 to perform a task BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Limitations Outlook Web Access was not designed to provide all of the advanced e-mail functions and collaborative solutions that are provided by Microsoft Outlook 2000 As a result, Outlook Web Access does not support the following: ! Offline access A user must connect to a server running Exchange 2000 to view mailbox data Outlook Web Access offers no offline support or synchronization capabilities ! Advanced security Outlook Web Access does not support Exchange 2000 digital encryption, signature support, and Secure/Multipurpose Internet Mail Extensions (S/MIME) support ! Advanced e-mail functionality Outlook Web Access does not include replied and forwarded flags in list view, message flags and Inbox rules, three-pane view, search for messages, and WordMail and Microsoft Office integration ! Calendar and group scheduling Outlook Web Access does not support displays of discontinuous days side-by-side, appointment list views, view detailed free and busy time, track acceptance of meeting attendees, and export to devices such as DataLink watches ! Task Management Outlook Web Access does not support task management, however, you can view and read tasks BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 22 Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Starting and Stopping Virtual Servers You can stop, start, or pause an HTTP virtual server by right-clicking the virtual server object and then clicking the appropriate option Important You can stop the default Exchange Virtual Server by using Exchange System Manager; however, this also stops the Default Web Site in IIS Synchronizing the Metabase When you use the Internet Services Manager to configure an HTTP virtual server, the configuration details are written to the metabase When you use the Exchange System Manager to configure an HTTP virtual server, the configuration details are written to Active Directory The configuration information in the metabase and the Active Directory must be synchronized DS2MB synchronizes the two by periodically reading information from the Active Directory and writing it into the metabase To ensure the proper configuration information is saved to the metabase, it is very important to perform all available tasks using Exchange System Manager and use Internet Services Manager only when you cannot perform the task in Exchange System Manager BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access 23 # Securing Outlook Web Access Communications Topic Objective To introduce this topic Lead-in You can provide a secure environment for users connecting to your Exchange server using Outlook Web Access ! Verifying User Names by Using Authentication ! Securing Communications by Using Encryption ! Securing Access by Using Firewalls To secure the transmission of messages between Exchange 2000 and Outlook Web Access clients, you can choose to authenticate users and encrypt the information being transmitted by using Secure Sockets Layer (SSL) To provide further security, you can also configure firewalls between the Internet and a front-end server or between the front-end server and the back-end server BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 24 Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Verifying User Names by Using Authentication Topic Objective To explain how a server running Exchange 2000 obtains authentication credentials from a domain controller Lead-in User Name: Password: IIS IIS Susanf@nwtraders.msft ******** Domain: Outlook Web Access server computers must first obtain authentication credentials before logging on to an Exchange server Exchange 2000 Active Active Directory Directory Domain Controller Before the IIS enables Outlook Web Access users to gain access to Exchange 2000, the W3Svc verifies the user’s credentials by passing the user information to a domain controller for authentication A number of authentication methods are available for Outlook Web Access You need to select an authentication method depending on the capabilities of the client operating system and specific security policies You can enable or disable these authentication methods by using the Exchange Services Manager and modifying the properties of the virtual directory Anonymous Authentication You can create a user account in IIS that enables users to connect anonymously Anonymous access provides limited access for specific public folders and directory information Anonymous authentication is supported by all clients and is an easy way to allow access to unsecured content in public folders Basic Authentication Uses clear text to perform a simple challenge and response authentication Basic authentication requires users to enter their user name, domain, and password to gain access to mailbox data It is recommended that you implement basic authentication in conjunction with SSL to encrypt the user name and password BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access 25 Integrated Windows Authentication For clients running Internet Explorer 5.0, Integrated Windows Authentication uses Kerberos and offers the best security, efficient communication, and transparency Integrated Windows authentication uses the Windows NT LAN Manager (NTLM) protocol for non-Windows 2000 networking clients With Integrated Windows Authentication, the password is sent as an encrypted value for highest security Integrated Windows Authentication provides native authentication from Windows networking clients and allows browser access without prompting the user for their username and password Integrated Windows Authentication does not work through a front-end server Integrated Windows Authentication does not work with browsers other than Internet Explorer and BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 26 Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Securing Communications by Using Encryption Back-End Back-End Servers Servers Topic Objective To explain the concept of encryption Exchange 2000 HTTP1 HTTP1 Lead-in EXIPC Secure Sockets Layer (SSL) secures a session between the server and a client by encrypting the session IIS Web Browser Exchange ISAPI DAVEx Front-End Server HTTP2 HTTP2 ExProx W3Svc Port 80 Port 443 (SSL) Port 80 Port 443 SSL HTTP3 HTTP3 Authentication Authentication Active Directory HTTP4 HTTP4 You can use SSL to encrypt all of the communication between the client and server, regardless of the authentication method selected SSL establishes a secure communication channel between the client and the server, which secures communication between the client and server by encrypting the session The drawback of SSL is that is uses additional resources because additional processing is required to encrypt and decrypt the session Thus, SSL communications reduce the overall performance of the authenticating server Authentication and Encryption Using Front-end/Back-end Servers There are limitations to the authentication and encryption options when using front-end back-end server configuration: ! Only anonymous and basic authentication is supported You cannot use Windows Integrated Authentication ! SSL is not supported between the front-end server and the back-end server If you configure the front-end server to authenticate the user, the front-end server passes the user’s credentials to back-end server to verify access If the front-end is set to Anonymous authentication, then the back-end will then prompt the user to provide credentials for authentication This is known as passthrough authentication A front-end server can use only port 80 to communicate with a back-end server; therefore it cannot use SSL encryption Use port 80 and, if necessary, Internet Protocol Security (IPSEC) for secure communication between the front-end and back-end servers BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access 27 Configuring SSL If you want to encrypt communication between the Outlook Web Access client and the front-end server using SSL, you must first configure the certificates and then enable SSL This can be accomplished by using the Internet Service Manager BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 28 Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Securing Access by Using Firewalls Topic Objective To discuss the firewall placement options Global Catalog Server You need to You need to pass HTTP pass HTTP Lead-in Firewall Placement and configuration of firewalls for network security should be carefully considered when deploying Outlook Web Access Outlook Web Access Client Firewall Front-end Exchange Server Perimeter Network Back-end Exchange Servers You need to pass HTTP, NetBIOS, You need to pass HTTP, NetBIOS, RPC, Kerberos and LDAP RPC, Kerberos and LDAP You should plan the placement and configuration of firewalls for network security when deploying Outlook Web Access There are three typical locations for firewalls in an Outlook Web Access deployment: ! Front-end server sits within a perimeter network In this scenario, a front-end server sits between two separated firewalls The first firewall separates the front-end server from the Internet and allows requests only to that front-end server The second firewall separates the front-end server from the internal company This configuration provides an extra measure of security by ensuring that even if the front-end server is compromised, the intruder is still isolated from the rest of the corporation ! Front-end server outside the firewall If you place the front-end server outside the firewall, without anything between it and the Internet, the front-end server is vulnerable to attempts at unauthorized access to server resources In the graphic, only firewall would exist when placing the front-end server outside the firewall ! Front-end server inside the firewall If you place the front-end server inside the firewall, you limit the TCP ports that are accessed by Internet hosts Placing a front-end server inside the firewall will require firewall ports enabled from the front-end server to the necessary hosts outside the firewall In the graphic, only Firewall would exist when placing the front-end server outside the firewall BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access 29 Outlook Web Access clients communicate with the front-end server running Exchange 2000 by using HTTP and SSL (optional encryption) protocols These protocols require TCP ports 80 and 443 to be open at a firewall between the client and the server Client authentication methods other than Kerberos are encapsulated in the HTTP/SSL protocols and not require any additional firewall considerations Note For more information on firewall configurations when using frontend/back-end servers, see the white paper titled, “Exchange 2000 Front-end and Back-end Topology“ in Additional Readings on the Student Materials compact disc BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 30 Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Lab B: Configuring an HTTP Front-end Server Topic Objective To introduce the lab Lead-in In this lab, you will create and configure an HTTP front-end server Explain the lab objectives Objectives After completing this lab, you will be able to: ! Configure a front-end server and access a mailbox through the front-end server ! Reset the front-end server to its original configuration Prerequisites Before working on this lab you must have: ! Knowledge of Windows 2000 ! Knowledge of Exchange System Manager ! Knowledge of Outlook Web Access Lab Setup To complete this lab, you need the following: ! To have Microsoft Exchange 2000 installed at D:\Program Files\Exchsrvr into an organization named Northwind Traders Components installed are Microsoft Exchange Messaging and Collaboration Services, Microsoft Exchange System Management Tools, and Microsoft Exchange Instant Messaging Service ! To have a custom MMC in the C:\Documents and Settings\All Users\Desktop that is saved as your_firstname Console The MMC contains the Active Directory Users and Computers snap-in and the Exchange System snap-in ! An organizational unit is in Active Directory that is named your_servernameOU BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access ! A user account in your_servernameOU The account is a member of the Domain Admins group and has a mailbox on the your Exchange server ! The Domain Admins group is delegated Full Administrator role on the Northwind Traders organization ! 31 To identify the values for the variables listed in the following table: Variable Value your_domain your_servername your_firstname your_partner’s servername Estimated time to complete this lab: 30 minutes BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 32 Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Exercise Configuring a Front-End Server In this exercise, you will configure a front-end server and then access a mailbox through the server You will work in pairs with someone from your domain team Scenario As a result of your decision to deploy Outlook Web Access, you need to simplify your namespace so that all users connect to their mailboxes by using the same URL To accomplish this, you will deploy front-end servers and back-end servers Tasks Detailed Steps Note: In this exercise, you will be working with a partner who is in your domain One person (Partner A) will configure their server as a front-end server and the other person (Partner B) will test the configuration Partner B: Use Outlook Web Access to access your mailbox by using the URL http://your_partner’s servername/exchange/your_ username a Log onto Windows 2000 as your_username b Click Start, click Programs, and then click Internet Explorer c In the Address box, type http://your_partner’s servername/ exchange/your_username and then press ENTER d After your mailbox appears, write down the URL displayed in the Address box _ e Close Microsoft Internet Explorer How did Outlook Web Access redirect the client to the correct server? Outlook Web Access used the home server information associated with your account in Active Directory to determine your mailbox location The server redirected the browser to connect to your mailbox server Partner A: Use Exchange System Manager to configure your server as a front-end server, and then restart the POP3, IMAP4, and WWW services a Log onto Windows 2000 as your_username b Open your_firstname Console c Expand Northwind Traders (Exchange), and then expand Servers d Right-click your_servername, and then click Properties e Select the This is a front-end server check box, and then click OK f Click OK to acknowledge that this server will not become a front-end server until the POP, IMAP, and HTTP services are restarted g Click Start, point to Programs, point to Administrative Tools, and then click Services BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access 33 Tasks Detailed Steps h Restart the Microsoft Exchange POP3, Microsoft Exchange IMAP4, and World Wide Web Publishing Service services by right-clicking each of them and clicking Restart i Close the Services window (continued) Important: Do not proceed until Partner A’s services have restarted Partner B: Use Outlook Web Access to open your mailbox When your mailbox appears, note the URL a Click Start, point to Programs, and then click Internet Explorer b In the Address box, type http://your_partner’s servername/ exchange/your_username c In the Username box, type your_domain\your_username d In the Password box, type password and then click OK e When your mailbox appears, write down the URL displayed in the Address box _ f Close Internet Explorer Was your browser redirected to your server? Why or why not? The URL was not redirected The information for the mailbox was redirected The correct mailbox is displayed, but the URL still points to your partner’s server Outlook Web Access requested your mailbox from Partner A’s server; however, Partner A’s server is configured as a front-end server and therefore passes all requests directly to your mailbox server BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 34 Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Exercise Resetting a Server to a Back-End Server In this exercise, Partner A will reconfigure their server so that it is no longer a front-end server, and everyone will log off Windows 2000 Tasks Detailed Steps b Expand Northwind Traders (Exchange) and then expand Servers c Right-click your_servername, and then click Properties Clear the This is a front-end server check box, and then click OK Click OK to acknowledge that this server’s role will not change until the POP, IMAP, and HTTP services are restarted f Click Start, point to Programs, point to Administrative Tools, and then click Services g Restart the Microsoft Exchange POP3, Microsoft Exchange IMAP4, and World Wide Web Publishing Service services by right-clicking each of them and clicking Restart a Close your_firstname Console b When prompted to save console settings, click Yes c Close all windows and log off Windows 2000 Open your_firstname Console e Partner A: Configure your server to not be a front-end server a d Log off Windows 2000 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access 35 Review Slide Objective To reinforce module objectives by reviewing key points ! Introduction to Outlook Web Access Lead-in ! Examining Outlook Web Access Components and Process ! Configuring an HTTP Virtual Server ! Securing Outlook Web Access Communications The review questions cover some of the key concepts taught in the module What capabilities does HTTP-DAV provide Outlook Web Access users? Overwrite protection (file locking), which makes it possible for Web users to write, edit, and save shared documents without overwriting another person’s work Namespace management, which enables users to conveniently manage Internet files and directories, including the ability to move and copy files Property (metadata) access, which provides an efficient means of storing and retrieving metadata When processing an Outlook client request, which IIS components help process the request and what are their functions? W3svc receives requests from the clients and performs user authentication DAVEx passes the client request between W3Svc and the Information Store and renders data received from the Information Store, and then passes the data back to the W3Svc to return to the client browser If using a front-end/back-end configuration, ExProx acts as a protocol gateway on a front-end server ExProx receives the request from W3svc, and then accesses Active Directory to locate the user’s mailbox server ExProx then passes the request to correct back-end server The back-server passes the data to ExProx, which then sends the data to the W3Svc to return to the client browser BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 36 Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access An administrator uses Internet Services Manager to change the authentication method on the exchange alias to disenable Integrated Windows authentication Shortly there after the configuration is changed back to allow Integrated Windows Authentication What is the problem? Changes to authentication of the exchange alias must be done using Exchange System Manager If changes are made using Internet Services Manager, DS2MB will overwrite them with the configuration that is in Active Directory What limitations with regard to security are there when using Exchange 2000 HTTP in front-end and back-end configuration? Only basic authentication is supported SSL is not supported between the front-end server and the back-end server You are securing your company’s network from the Internet Your remote clients require encryption when sending requests to Exchange 2000 You also need to optimize performance for authentication and data transfer What server configuration and firewall option meets these requirements? First, you would configure a minimum of two servers running Exchange 2000 in a front-end/back-end configuration This provides the performance optimization Second, you would configure SSL between the Outlook Web Access clients and the front-end server Third, place the firewall between the client and the front-end server with port 443 open for SSL You also place a second firewall between the front-end and back-end servers with port 80 open for HTTP-DAV communications This places your front-end server in the perimeter network for optimal security BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY ... of Outlook 2000 along with the features available with Outlook Web Access in Exchange 2000 and Exchange Server 5.5 Outlook Web Access in Exchange Server 5.5 Function Outlook 2000 Outlook Web Access. .. Microsoft Exchange 2000 with the Web Storage System.” BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Outlook. .. FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 11: Accessing Microsoft Exchange 2000 with Outlook Web Access Components Used by Outlook Web Access Topic Objective Exchange 2000