Post on 22-Dec-2015
transcript
MSG312MSG312Microsoft Exchange Server Microsoft Exchange Server 2007: Deployment and Migration2007: Deployment and Migration
Key Exchange Server 2007 Key Exchange Server 2007 ThemesThemes
Improved Access to Inbox from various Improved Access to Inbox from various devicesdevices
Separate functions and roles for Separate functions and roles for easier deploymenteasier deployment
Enhance Management Capability Enhance Management Capability (PowerShell)(PowerShell)
Significantly improved scalabilitySignificantly improved scalability
Enhanced High Availability Enhanced High Availability
RequirementsRequirements
Hardware RequirementsHardware Requirements
Production environmentProduction environmentIntel Xeon Pentium 4 64-bit processorIntel Xeon Pentium 4 64-bit processor
AMD Opteron 64-bit processorAMD Opteron 64-bit processor
Minimum 512 MB of RAMMinimum 512 MB of RAMSeveral GBs more likelySeveral GBs more likely
1 GB disk space on installation drive1 GB disk space on installation drive200 MB on system drive200 MB on system drive
Server RequirementsServer Requirements
Microsoft Windows Server 2003 SP1Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 R2 Microsoft Windows Server 2003 R2 supportedsupported
Microsoft .NET Framework 2.0Microsoft .NET Framework 2.0
MMC 3.0MMC 3.0Both above are auto-installed if not presentBoth above are auto-installed if not present
NTFS File Systems throughoutNTFS File Systems throughoutsystem, binaries, logs, databases, other system, binaries, logs, databases, other Exchange Server 2007 filesExchange Server 2007 files
Server Role RequirementsServer Role Requirements
Server Role Requirements
Mailbox Network COM+ Access
IIS
WWW Service
Client Access WWW Service
Enable ASP .NET
Unified Messaging
Speechify
Hub Transport IIS
Edge Transport IIS
Client RequirementsClient Requirements
MAPI AccessMAPI AccessPreferably Outlook 2007, Outlook 2003, Outlook 2002Preferably Outlook 2007, Outlook 2003, Outlook 2002
Outlook Web AccessOutlook Web AccessBasic Authentication, Forms-based AuthenticationBasic Authentication, Forms-based Authentication
Any browserAny browser
Digest, Integrated WindowsDigest, Integrated WindowsGenerally Microsoft Internet Explorer 5+ Generally Microsoft Internet Explorer 5+
Mobile AccessMobile AccessWindows Mobile 2003 and Windows Mobile 5 devicesWindows Mobile 2003 and Windows Mobile 5 devices
Push requires WM5 and MSFPPush requires WM5 and MSFP
Note NO OMA supportNote NO OMA support
POP3 and IMAP4POP3 and IMAP4
Also, note requirement for Loadsim Web Release Also, note requirement for Loadsim Web Release 2.32.3
Deploying Exchange Deploying Exchange Server 2007Server 2007
InstallationInstallation
Comprehensive Pre-installation checkingComprehensive Pre-installation checking
Schema changes and domain prepSchema changes and domain prep
Can be performed during installationCan be performed during installation
Select roles to installSelect roles to install
Installation PrerequisitesInstallation Prerequisites
Windows Server Active Directory ForestWindows Server Active Directory ForestSchema Master DC must have Windows 2003 Schema Master DC must have Windows 2003 SP1SP1
GC servers running Windows 2003 or higherGC servers running Windows 2003 or higher
AD Domain Functional Level Windows 2000 AD Domain Functional Level Windows 2000 Server-native or higher in all domainsServer-native or higher in all domains
A GC in the domain into which you are installingA GC in the domain into which you are installing
Forest Functional Level Windows Server Forest Functional Level Windows Server 20032003
No Exchange 5.5 servers in the No Exchange 5.5 servers in the organization (if migrating)organization (if migrating)
Forest Preparation using SETUP/PrepareADForest Preparation using SETUP/PrepareADOccurs automatically during normal SETUPOccurs automatically during normal SETUP
PermissionsPermissions
Install using account that is member of:Install using account that is member of:
Local Administrator on the serverLocal Administrator on the server
AD Enterprise AdministratorAD Enterprise Administrator
AD Domain AdministratorAD Domain Administrator
Exchange PermissionsExchange Permissions
Admin on Exchange Organization objectAdmin on Exchange Organization object
Role SelectionRole Selection
Additional Role selection available throughAdditional Role selection available throughAdd/Remove ProgramsAdd/Remove Programs
Installation ProgressInstallation Progress
Unattended InstallationUnattended Installation
Setup.exe /console Setup.exe /console
/roles:<roles to install>/roles:<roles to install>Bridgehead (BH, B); ClientAccess (CA, C); Bridgehead (BH, B); ClientAccess (CA, C); Gateway (GW, G); Mailbox (MB, M); Gateway (GW, G); Mailbox (MB, M); UnifiedMessaging (UM, U)UnifiedMessaging (UM, U)
/mode:<setup mode>/mode:<setup mode>Install, Upgrade, Uninstall, RecoverServerInstall, Upgrade, Uninstall, RecoverServer
/targetdir:<folder>/targetdir:<folder>
/DomainController/DomainController
/prepareAD/prepareAD
/prepareSchema/prepareSchema
/prepareLegacyExchangePermissions/prepareLegacyExchangePermissions
Validating Exchange Validating Exchange Server 2007 InstallationServer 2007 Installation
After installing Exchange Server 2007After installing Exchange Server 2007
Run get-ExchangeServer from PowerShellRun get-ExchangeServer from PowerShell
Displays all installed server rolesDisplays all installed server roles
Check Event Viewer forCheck Event Viewer for
Events 1003 and 1004 in application logEvents 1003 and 1004 in application log
Run ExBPARun ExBPA
Check Help Files for additional tasksCheck Help Files for additional tasks
Deploy Supporting AD Deploy Supporting AD InfrastructureInfrastructure
Upgrade/replace existing DCs and GCs where Upgrade/replace existing DCs and GCs where necessarynecessary
Use 64-bit hardware (recommended)Use 64-bit hardware (recommended)Orgs with more than 20,000 objects will benefitOrgs with more than 20,000 objects will benefit
Also orgs with DIT >3 GB will benefit from increased Also orgs with DIT >3 GB will benefit from increased address space (assuming sufficient physical memory)address space (assuming sufficient physical memory)
Consolidation hand-in-hand with 64-bitConsolidation hand-in-hand with 64-bit
One 64-bit GC (dual CPU, 14 GB memory) can One 64-bit GC (dual CPU, 14 GB memory) can handle the workload of 11 32-bit GCs to support handle the workload of 11 32-bit GCs to support 20,000 Exchange Server mailboxes20,000 Exchange Server mailboxes
11GB DIT: 350,000 objects11GB DIT: 350,000 objects
Database caching occurs during normal e-mailDatabase caching occurs during normal e-mailactivity activity –– no prior loading no prior loading
Roles and TopologyRoles and Topology
Exchange Server 2007 Server Exchange Server 2007 Server RolesRoles
Five Server RolesFive Server RolesMailbox Server RoleMailbox Server Role
Hub Transport Server RoleHub Transport Server Role
Edge Transport Server RoleEdge Transport Server Role
Client Access Server RoleClient Access Server Role
Unified Messaging Server RoleUnified Messaging Server Role
Server Role ArchitectureServer Role Architecture
OtherOtherSMTPSMTP
ServersServersII
NN
TT
EE
RR
NN
EE
TT
Enterprise networkEnterprise network
PolicyPolicyRoutingRoutingHygienHygienee
RoutinRoutingg HygienHygien
ee
Voice Voice MessaginMessagin
gg
MailboMailboxx
PublicPublicFoldersFoldersClient AccessClient Access
ServicesServices
Programmability:Programmability:Web services, Web Web services, Web
partsparts
Protocols:Protocols:ActiveSync, POP, ActiveSync, POP,
IMAP, RPC / HTTP …IMAP, RPC / HTTP …MailboxMailboxServicesServices FaxFax
Unified Unified Messaging Messaging
ServicesServices
BridgeheadBridgeheadServicesServices
EdgeEdgeServicesServices
RoutinRoutingg
HygienHygienee
Applications:Applications:OWAOWA
PBX or PBX or VoIPVoIP
Mailbox Server RoleMailbox Server Role
Traditional RoleTraditional RoleHosts mailboxes and PFs (if present)Hosts mailboxes and PFs (if present)
Provides MAPI access to mailboxesProvides MAPI access to mailboxes
Can communicate with multiple hubsCan communicate with multiple hubsBut not in other sites, only in same siteBut not in other sites, only in same site
Supports cluster configurationSupports cluster configurationNo cluster support for other rolesNo cluster support for other roles
Unified Messaging Server RoleUnified Messaging Server Role
Messaging Services (Voice and fax)Messaging Services (Voice and fax)Outlook Voice AccessOutlook Voice Access
E-mail, voice mail, calendar, contactsE-mail, voice mail, calendar, contacts
Call AnsweringCall AnsweringOutlookOutlook
Outlook Web AccessOutlook Web Access
Automated AttendantAutomated Attendant
Client Access Server RoleClient Access Server Role
Provides client access forProvides client access forOutlook Web Access, POP3, IMAP4, RPC/HTTP, ActiveSyncOutlook Web Access, POP3, IMAP4, RPC/HTTP, ActiveSync
Proxies or redirect connections to other Client Access Proxies or redirect connections to other Client Access serversservers
Proxy to Mailbox co-located preferred to Proxy to Mailbox co-located preferred to ‘‘randomrandom’’ selection selection
Provides Auto Connect functionality for Microsoft Provides Auto Connect functionality for Microsoft Office Outlook 2007Office Outlook 2007
Provide OAB (if no PFs in use)Provide OAB (if no PFs in use)Provide access to SharePoint sites and file for Microsoft Provide access to SharePoint sites and file for Microsoft Outlook Web Access (OWA) and Active Sync connectionsOutlook Web Access (OWA) and Active Sync connections
Performs re-direct and proxy functions to other Client Performs re-direct and proxy functions to other Client Access ServersAccess Servers
Locate at least one Client Access Server in each Locate at least one Client Access Server in each site that contains Mailbox Serverssite that contains Mailbox Servers
Proxy vs. RedirectProxy vs. Redirect
ProxyProxyClient Access server uses MAPI to communicate Client Access server uses MAPI to communicate with Mailbox serverwith Mailbox server
Proxy access implies HTTP use across network if Proxy access implies HTTP use across network if initial Client Access server is remote from initial Client Access server is remote from Mailbox serverMailbox server
RedirectRedirectPreferred Client Access server for specific Preferred Client Access server for specific Mailbox serverMailbox server
Useful when mailboxes have been moved and Useful when mailboxes have been moved and are remote from original Client Access serverare remote from original Client Access server
Client Connectivity ArchitectureClient Connectivity Architecture
AutoConnectAutoConnect
Configure MAPI, OWA, ActiveSync, Configure MAPI, OWA, ActiveSync, RPC/HTTP, IMAP4, or POP3 client with best RPC/HTTP, IMAP4, or POP3 client with best Client Access ServerClient Access Server
Multi-step process:Multi-step process:Client uses e-mail address to lookup AD and Client uses e-mail address to lookup AD and determine local Client Access serverdetermine local Client Access server
Contacts local Client Access server with an XML Contacts local Client Access server with an XML requestrequest
Client Access server issues XML file with Client Access server issues XML file with configuration details for the clientconfiguration details for the client
Deals well with mailbox moves, etc.Deals well with mailbox moves, etc.
Client Access and Mixed Client Access and Mixed ExchangeExchange
Client Access ServerClient Access ServerMaintains legacy access to Exchange 2000 Maintains legacy access to Exchange 2000 Server and Exchange Server 2003 Back End Server and Exchange Server 2003 Back End serversservers
Legacy OWA user experience maintainedLegacy OWA user experience maintained
Exchange Server 2007 OWA experienceExchange Server 2007 OWA experienceRequires Exchange Server 2007 Client Access Requires Exchange Server 2007 Client Access Server, AND Exchange Server 2007 Mailbox Server, AND Exchange Server 2007 Mailbox ServerServer
You cannot use an Exchange Server 2000 You cannot use an Exchange Server 2000 or Exchange Server 2003 Front End server or Exchange Server 2003 Front End server to connect to an Exchange Server 2007 to connect to an Exchange Server 2007 Mailbox ServerMailbox Server
Hub Transport RoleHub Transport Role
Processes message for delivery across Processes message for delivery across the organizationthe organization
Routing predictabilityRouting predictability
Application of policiesApplication of policies
Ensure Hub Transport Role in every site Ensure Hub Transport Role in every site that has Mailbox Serversthat has Mailbox Servers
Even when two users on the same database Even when two users on the same database exchange e-mail, Hub Server is engagedexchange e-mail, Hub Server is engaged
Connectivity to Exchange Server 2003 Connectivity to Exchange Server 2003 via Connectorsvia Connectors
Hub Transport RoutingHub Transport Routing
Edge Transport RoleEdge Transport Role
Edge Transport Role must be on dedicated serverEdge Transport Role must be on dedicated serverAll other roles may be co-locatedAll other roles may be co-located
May be co-located with ISA Server functionMay be co-located with ISA Server function
Edge Transport (always connects to Hub)Edge Transport (always connects to Hub)Use standalone server (can be on domain-joined server)Use standalone server (can be on domain-joined server)
Not generally connected to AD ForestNot generally connected to AD Forest
Wizard config for Edge/Hub connection (EdgeSync)Wizard config for Edge/Hub connection (EdgeSync)
Requires AD Application Mode (ADAM)Requires AD Application Mode (ADAM)ADAM installed during Edge Server installADAM installed during Edge Server install
Used for storage of recipient/configuration infoUsed for storage of recipient/configuration infoOrg data and ADAM data in synch via EdgeSyncOrg data and ADAM data in synch via EdgeSync
Hashed recipient lists, routing infoHashed recipient lists, routing info
EdgeSyncEdgeSync
Synchronize recipient details from AD to Synchronize recipient details from AD to Edge serverEdge server
Only between Edge server and Hub ServerOnly between Edge server and Hub Server
Install EdgeSync Management Tool on HubInstall EdgeSync Management Tool on Hub
Uses Wizard for configuration (XML file)Uses Wizard for configuration (XML file)
EdgeSync.exe (sync scheduling EdgeSync.exe (sync scheduling mechanism?)mechanism?)
Uses LDAP (special port:1389)Uses LDAP (special port:1389)
EdgeEdgeServicesServices
BridgeheadBridgeheadServicesServices
RoutinRoutingg
HygienHygienee
RoutingRouting PolicyPolicy
Edge Transport FunctionsEdge Transport Functions
Executes Message Hygiene AgentsExecutes Message Hygiene AgentsAddress Rewrite agent (example below)Address Rewrite agent (example below)
Enable-TransportAgent -Identity "Address Rewriting Inbound Enable-TransportAgent -Identity "Address Rewriting Inbound agent"agent"New-AddressRewriteEntry -Name "Swap" -InternalAddress New-AddressRewriteEntry -Name "Swap" -InternalAddress "kmc@hp.com" -ExternalAddress "kieran.mccorry@hp.com""kmc@hp.com" -ExternalAddress "kieran.mccorry@hp.com"
Connection Filter agentConnection Filter agentRecipient Filter agentRecipient Filter agentSender Filter agentSender Filter agentSender ID agentSender ID agentContent Filter agentContent Filter agentProtocol Analysis agentProtocol Analysis agentNote: Message Hygiene can also be deployed on Hub serverNote: Message Hygiene can also be deployed on Hub serverNote also: Per-user SCLs and per-user Safe SendersNote also: Per-user SCLs and per-user Safe Senders
TopologyTopology
Exchange Server 2007 topology is based on AD Exchange Server 2007 topology is based on AD sitessites
Many organizations can rely on defaultMany organizations can rely on default
Especially if existing RG design based on AD sitesEspecially if existing RG design based on AD sites
May use AD Sites to regulate access to DCs/GCsMay use AD Sites to regulate access to DCs/GCs
Exchange routing table is subset of site topologyExchange routing table is subset of site topology
Note that all mail routing is Direct RelayNote that all mail routing is Direct RelayDirect Relay is Hub-to-HubDirect Relay is Hub-to-Hub
Inter-site relay uses SMTPInter-site relay uses SMTP
Intra-site relay uses MAPIIntra-site relay uses MAPI
Therefore, every site with Mailbox serversTherefore, every site with Mailbox serversRequires at least one Hub Server roleRequires at least one Hub Server role
Co-located Hub servers have higher precedenceCo-located Hub servers have higher precedenceNo i/b optimization of Hub selection (co-located scenario)No i/b optimization of Hub selection (co-located scenario)
Coexistence and Coexistence and MigrationMigration
Coexistence with Exchange Server Coexistence with Exchange Server 5.55.5
No coexistence with Exchange Server 5.5No coexistence with Exchange Server 5.5
Complete upgrades to Exchange Server Complete upgrades to Exchange Server 2000 or Exchange Server 2003 2000 or Exchange Server 2003 (recommend latest SPs)(recommend latest SPs)
All Exchange Server 5.5 servers must All Exchange Server 5.5 servers must be decommissionedbe decommissioned
Exchange org must be in Native ModeExchange org must be in Native Mode
Exchange Server 5.5 migrations only Exchange Server 5.5 migrations only possible via Inter-Organizational migrationspossible via Inter-Organizational migrations
Installing Exchange Server Installing Exchange Server 2007 into Existing Organization2007 into Existing Organization
Legacy organization auto detected during Legacy organization auto detected during installationinstallation
Little integration at the management levelLittle integration at the management levelExchange Server 2007 ESM v. Exchange Server 200[0|3] Exchange Server 2007 ESM v. Exchange Server 200[0|3] ESMESM
E2007 servers visible in legacy ESME2007 servers visible in legacy ESM
AG: Exchange Administrative Group <random ID>AG: Exchange Administrative Group <random ID>
RG: Exchange Routing Group <random ID>RG: Exchange Routing Group <random ID>
Legacy mailboxes are displayed in Exchange Legacy mailboxes are displayed in Exchange Server Server 2007 ESM2007 ESM
New objects created in Exchange Server 2007New objects created in Exchange Server 2007New legacyExchangeDN for new Exchange Server 2007 New legacyExchangeDN for new Exchange Server 2007 AGAG
Results in full OAB download from Exchange Server 2007 Results in full OAB download from Exchange Server 2007 serverserver
Coexistence ExampleCoexistence Example
Migrating UsersMigrating Users
OptionsOptionsMove Mailbox WizardMove Mailbox Wizard
Move-Mailbox commandMove-Mailbox command
Move-mailbox <alias> -TargetDatabase Move-mailbox <alias> -TargetDatabase <name><name>
ExampleExampleMove-mailbox carrie -targetdatabase "Mailbox Move-mailbox carrie -targetdatabase "Mailbox database"database"
RestrictionsRestrictionsCannot use E200[0|3] MMW to move mailboxes from Cannot use E200[0|3] MMW to move mailboxes from Exchange Server 2007 to Exchange Server 200[0|3] Exchange Server 2007 to Exchange Server 200[0|3] serversservers
Cannot use Exchange Server 200[0|3] MMW to move Cannot use Exchange Server 200[0|3] MMW to move mailboxes from Exchange Server 200[0|3] to mailboxes from Exchange Server 200[0|3] to Exchange Server 2007 serversExchange Server 2007 servers
Move MailboxMove Mailbox
Move MailboxMove Mailbox
MSH Move MailboxMSH Move Mailbox
PowerShell Move MailboxPowerShell Move Mailbox
Legacy RestrictionsLegacy Restrictions
SummarySummary
Start planning for 64-bitStart planning for 64-bit
Understanding New Role architecture is Understanding New Role architecture is key key to Deploymentto Deployment
Many new requirements in terms of serversMany new requirements in terms of servers
No coexistence with Exchange 5.5No coexistence with Exchange 5.5
No in-place upgrade capability with No in-place upgrade capability with Exchange Server 2000 and Exchange Exchange Server 2000 and Exchange Server 2003Server 2003
Move mailbox-only supported approachMove mailbox-only supported approach
Traditional Wizard-based approachTraditional Wizard-based approach
Exchange Management Shell approachExchange Management Shell approach
ResourcesResourcesTechnical Chats and Webcastshttp://www.microsoft.com/communities/chats/default.mspx http://www.microsoft.com/usa/webcasts/default.asp
Microsoft Learning and Certificationhttp://www.microsoft.com/learning/default.mspx
MSDN & TechNet http://microsoft.com/msdnhttp://microsoft.com/technet
Virtual Labshttp://www.microsoft.com/technet/traincert/virtuallab/rms.mspx
Newsgroupshttp://communities2.microsoft.com/communities/newsgroups/en-us/default.aspx
Technical Community Siteshttp://www.microsoft.com/communities/default.mspx
User Groupshttp://www.microsoft.com/communities/usergroups/default.mspx
session evaluationsession evaluation