ch07 70 284 MCSE Guide to Microsoft Exchange Server 2003

Document Sample
ch07 70 284 MCSE Guide to Microsoft Exchange Server 2003 Powered By Docstoc
					 70-284 MCSE Guide to
Microsoft Exchange Server
   2003 Administration

           Chapter Seven
Configuring and Managing Exchange
              Server
                             Objectives

• Understand how and why additional administrative
  groups should be created
• Understand how and why additional routing groups
  should be created
• Describe front-end and back-end server
  configurations
• Describe how to manage virtual servers and virtual
  directories



 70-284 MCSE Guide to Microsoft Exchange Server 2003   2
 Administration
 Configuring and Managing Exchange
               Server

• Organizations usually need additional servers
    – Greater volume of users may be hosted
    – Dedicated servers perform specific tasks
         • Load-balance processing across servers
• Two perspectives for organizing servers
    – Connectivity
    – Administrative
• HTTP virtual servers
    – Grant access and transfer files to client work stations
    – Are administered using Internet Services Manager
70-284 MCSE Guide to Microsoft Exchange Server 2003        3
Administration
                   Administrative Groups

• Administrative groups
   – Define admin topology for an Exchange organization
   – Based on geography, department, division, or function
• Assigning administrative permissions
   – Is simplified by using administrative groups
   – Objects created or moved into an admin group object
     inherit its permissions
• Four objects may be created in administrative group
   – Policies, Routing Groups, Public Folder Trees, Servers


 70-284 MCSE Guide to Microsoft Exchange Server 2003     4
 Administration
                  Administrative Models

• Three administrative models organize admin groups
    – Centralized, Decentralized, Mixed
• Centralized administrative model:
    – One group has full control over the Exchange servers
    – Routing group need not reflect administrative topology
• Decentralized administrative model:
    – Each location has a team of Exchange administrators
    – Groups are based on geographical or departmental
      needs
    – Groups can contain policies, servers, public folder
      trees, and other objects specific to the group
 70-284 MCSE Guide to Microsoft Exchange Server 2003      5
 Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   6
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   7
Administration
    Administrative Groups (continued)

• Issues migrating from Exchange Server 5.5 at
  multiple sites:
    – Forces use of decentralized administrative model
    – Exchange 5.5 sites are created as separate admin
      groups
• Mixed administrative model:
    –   Restricts certain administrative functions
    –   Does not create specialization for every function
    –   Create admin groups by function, not department
    –   Combines specialized admin functions and
        geographical factors into one model

70-284 MCSE Guide to Microsoft Exchange Server 2003         8
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   9
Administration
Activity 7-1: Creating an Administrative
                 Group

• Time Required: 10 to 20 minutes
• Objective: Create an additional administrative
  group
• Description: Create an additional administrative
  group for your organization. By default when you
  install your first Exchange 2003 server, a default
  administrative group called First Administrative
  Group is created.


70-284 MCSE Guide to Microsoft Exchange Server 2003    10
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   11
Administration
      Managing Administrative Groups

• Exchange Server 2003 has two modes of operation
    – Mixed mode: pre-Exchange 2000 Servers are
      supported
    – Native mode: only Exchange 2000 Server and
      Exchange Server 2003 are supported




70-284 MCSE Guide to Microsoft Exchange Server 2003   12
Administration
                            Mixed Mode
• Mixed: the default operation mode for Exchange Server 2003
• Mixed mode accommodates Exchange Server 5.5
• Exchange 5.5 limits Exchange Server 2003
   – Each admin group has only one functional routing group
   – Mailboxes cannot be moved between servers in different
     administrative groups
   – Some System Manager commands do not apply to Exchange
     Server 5.5
   – You cannot edit directory object properties in Active Directory
   – InetOrgPerson and query-based distribution groups are not
     available



 70-284 MCSE Guide to Microsoft Exchange Server 2003                   13
 Administration
                          Native Mode

• Native mode operation
    – Exchange Server 2003 is not subject to mixed mode
      limitations
• Using Exchange Server 2003 you can:
    – Enable routing group support
    – Create additional routing groups as necessary
• Native mode drawback:
    – It cannot work with Exchange Server 5.5 or lower
      versions


70-284 MCSE Guide to Microsoft Exchange Server 2003      14
Administration
                       Routing Groups

• Routing group: physical collection of servers
• The links between routing groups are assumed to be
  slow or unreliable
• Connectors join routing groups over slow WAN links
   – Costs may be implemented on connectors
   – Costs enable you to channel physical path
• Target server handles message communication
  within a routing group
• Bridgehead server handles message communication
  among routing groups

70-284 MCSE Guide to Microsoft Exchange Server 2003   15
Administration
           Routing Groups (continued)
• Bridgehead server is designated in each routing
  group
• Routing group connector is used by the bridgehead
  server to join routing groups
• Exchange System Manager is used to create
  separate routing groups
• Factors for deciding whether to set up a routing
  group:
   – Persistent connectivity
   – Common Active Directory forest
   – Relatively high bandwidth

70-284 MCSE Guide to Microsoft Exchange Server 2003   16
Administration
           Routing Groups (continued)

• Place servers prone to failure in separate routing
  groups
• Place a global catalog server in each routing group
• Five reasons for dividing Exchange Server 5.5 into
  multiple routing groups:
    –   Minimum requirements outlined are not met
    –   Messaging path must be altered to multiple hops
    –   Messages must be queued and sent by schedule
    –   Bandwidth between servers is less than 16 Kbps
    –   Routing client connections to specific public folder
        replicas
70-284 MCSE Guide to Microsoft Exchange Server 2003            17
Administration
Activity 7-2: Creating a Routing Group

• Time Required: 10 to 20 minutes
• Objective: Create an additional routing group
  using Exchange System Manager
• Description: Create an additional routing group
  within your organization. Routing groups help you
  to control mail flow and public folder referrals.
  Within a routing group, all servers communicate
  and transfer messages directly to one another.


70-284 MCSE Guide to Microsoft Exchange Server 2003   18
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   19
Administration
  Activity 7-3: Installing a Server into a
       New Administrative Group
            and Routing Group
• Time Required: 90 to 120 minutes
• Objective: Install an Exchange Server 2003 server
  into a second administrative and second routing
  group.
• Description: With administrative groups already
  preconfigured, you are prompted during the
  installation of any new servers as to which
  administrative group and routing group you want to
  install the server into

70-284 MCSE Guide to Microsoft Exchange Server 2003   20
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   21
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   22
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   23
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   24
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   25
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   26
Administration
    Front-End/Back-End Configurations
• Front-end/back-end configuration
   – Tasks are distributed between front-end/back-end
     servers
• Front-end server duties accept requests from clients
   – Proxies requests to appropriate back-end server
• Recommended topology for the following:
   – Multiple server organizations
   – Users of Microsoft Outlook Web Access, POP, IMAP,
     or Outlook 2003 (using RPC over HTTP)
• Front-end server specially configured
• No configuration option to designate back-end server
 70-284 MCSE Guide to Microsoft Exchange Server 2003    27
 Administration
   Advantages of Front-End/Back-End
            Configuration
• Three advantages of front-end/back-end topology:
   – Single namespace across organization
        • User need not know name of server hosting mailbox
          (accessed with Web, POP, or IMAP interface)
   – Ability to balance load across servers
        • Front-end server handles SSL encryption/decryption
        • Encryption/decryption offloaded from back-end servers
   – Ability to use firewalls to protect back-end
        • Front-end provides additional layer behind firewall
        • Front-end hides back-end configuration
        • Front-end authenticates mailbox/public folder requests

70-284 MCSE Guide to Microsoft Exchange Server 2003           28
Administration
     Front-End/Back-End Functionality

• Front-end proxies client requests to back-end
• Front-end/back-end configuration with a firewall
    – Complex due to communication with Active Directory
    – Exchange Server uses DSAccess to detect directory
      servers
    – DSAccess uses LDAPs and RPCs
    – RPCs require many open ports on the firewall
    – High number of open ports introduces security
      issues

70-284 MCSE Guide to Microsoft Exchange Server 2003   29
Administration
        Front-End/Back-End Functionality
                  (continued)
• Front-end/back-end configuration without a firewall:
    – Helps maintain a single namespace for e-mail servers
    – Scalable using Outlook Web Access, POP, IMAP
• Using IMAP or POP access:
    –   Client sends log-on request with mailbox name
    –   Front-end determines location of user's mailbox
    –   Front-end proxies request to back-end
    –   User is authenticated
    –   Back-end sends results of log-on to front-end
    –   Front-end presents results to user

 70-284 MCSE Guide to Microsoft Exchange Server 2003      30
 Administration
 Activity 7-4: Setting Up a Front-End Server
  Configuration for POP and OWA Access


• Time Required: 20 to 30 minutes
• Objective: Configure a front-end server to act as a
  POP server for the Exchange Server 2003
  organization
• Description: Configure the newly installed server
  that was created in the previous activity as a front-
  end server for POP access to the organization.
  This server will accept POP connections and proxy
  the requests to the back-end server on behalf of
  the client to retrieve information from the mailbox.

70-284 MCSE Guide to Microsoft Exchange Server 2003   31
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   32
Administration
    Front-End Server Configuration for
          POP and OWA Access
• SMTP protocol should be configured on the front-
  end
• SMTP is used by IMAP and POP clients for
  outgoing communication
• Using Outlook Web Access:
   – HTTP client requests are sent to the front-end server
   – Front-end server uses Active Directory to isolate
     back-end server
   – Front-end server forwards request to back-end server
   – HTTP host header remains unchanged
70-284 MCSE Guide to Microsoft Exchange Server 2003    33
Administration
    Front-End Server Configuration for
          POP and OWA Access
               (continued)
• Exchange Server 2003 improvements for front-
  end/back-end configuration:
   – Kerberos authentication
   – RPC over HTTP: encapsulate RPC within HTTP
   – Forms-based authentication




70-284 MCSE Guide to Microsoft Exchange Server 2003   34
Administration
        Managing HTTP Virtual Servers

• IIS: Internet Information Services
   – Provides transport services to access folders/mailboxes
   – Uses Internet protocol (HTTP, POP, or IMAP)
• Exchange integrates with Windows 2000/2003 IIS
• Exchange stores configuration in IIS metabase
• Directory Service Metabase Synchronization (DS2MB)
   – Part of Exchange System Attendant
   – Replicates configuration changes made in Active
     Directory to the metabase
   – Overrides changes made directly to the IIS metabase
 70-284 MCSE Guide to Microsoft Exchange Server 2003    35
 Administration
        Managing HTTP Virtual Servers
                 (continued)
• Each HTTP virtual server is represented as a Web site
• Default Web site represents default HTTP server
• Five important HTTP virtual server directories:
    – Exadmin: Web-based administration of the HTTP virtual server
    – Exchange: used to access mailboxes
    – ExchWeb: provides calendaring, address book, other functions
    – OMA: directory to which Outlook Mobile Access users connect to
      access Exchange data
    – Public: used to access the default public folders tree




 70-284 MCSE Guide to Microsoft Exchange Server 2003             36
 Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   37
Administration
 Activity 7-5: Configuring an Additional
              Virtual Server

• Time Required: 20 to 40 minutes
• Objective: Create an additional HTTP virtual
  server to host an additional domain
• Description: Create an additional HTTP virtual
  server that will be configured to host an additional
  SMTP domain in three stages. A fourth stage will
  test the new virtual server.




70-284 MCSE Guide to Microsoft Exchange Server 2003   38
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   39
Administration
70-284 MCSE Guide to Microsoft Exchange Server 2003   40
Administration
    Activity 7-6: Configuring Additional
             Virtual Directories

• Time Required: 20 to 40 minutes
• Objective: Create an additional HTTP virtual
  directory to host an additional domain
• Description: Create an additional HTTP virtual
  directory that will be configured to host an
  additional SMTP domain in two stages




70-284 MCSE Guide to Microsoft Exchange Server 2003   41
Administration
   Activity 7-7: Configuring Connection
                  Values

• Time Required: 10 to 15 minutes
• Objective: Walk through the steps outlining how to
  configure connection settings for your HTTP virtual
  server
• Description: Walk through the steps for how you
  could configure the connection limits and
  connection timeout values for your SMTP virtual
  server


70-284 MCSE Guide to Microsoft Exchange Server 2003   42
Administration
   Activity 7-8: Starting and Stopping
   Virtual Servers and the World Wide
               Web Service
• Time Required: 10 to 20 minutes
• Objective: Walk through the steps outlining how to
  start and stop an HTTP virtual server and the
  World Wide Web publishing service
• Description: Walk through the steps that you can
  take to stop and start HTTP virtual servers within
  your Exchange Server 2003 organization as well as
  the World Wide Web publishing service


70-284 MCSE Guide to Microsoft Exchange Server 2003   43
Administration
                             Summary
• Administrative groups define admin topology
• Admin groups are based on geography,
  department, division, function
• Three approaches to administrative group design:
  centralized, decentralized, mixed
• Admin group operation is based on Exchange
  Server 2003 mode (native or mixed)
• Routing group: collection of servers with high-
  bandwidth connectivity



70-284 MCSE Guide to Microsoft Exchange Server 2003   44
Administration
                 Summary (continued)
• Routing groups are determined by physical topology
• Connectors join routing groups over slow WAN links
• Exchange Server 2003 perceives a single routing
  group (default)
• Front-end/back-end configuration distributes tasks
• Front-end server receives client requests




70-284 MCSE Guide to Microsoft Exchange Server 2003   45
Administration
                 Summary (continued)
• Front-end servers proxy requests to back-end
• Front-end servers may or may not fall behind a
  firewall
• IIS virtual servers provide transport services
• Multiple virtual servers require one SSL certificate
  for each domain name
• HTTP virtual servers run under World Wide Web
  Publishing Service



70-284 MCSE Guide to Microsoft Exchange Server 2003   46
Administration

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:1
posted:2/14/2012
language:
pages:46
wangping12 wangping12 http://
About