Date post: | 30-Dec-2015 |
Category: |
Documents |
Upload: | willis-walters |
View: | 215 times |
Download: | 0 times |
Module Overview
• Designing the Network Infrastructure
• Designing the Active Directory Infrastructure
• Designing the DNS Infrastructure
• Planning Exchange Server Administration
Lesson 1: Designing the Network Infrastructure
• Identifying the Network Requirements for Exchange Server 2010 Deployments
• Identifying the Internet Access Considerations for Client Access
• Identifying the Network Considerations for Client Access
• Identifying the Network Considerations for Message Routing
Identifying the Network Requirements for Exchange Server 2010 Deployments
AD DS
Routing topology Internet
southsouth
nwtradersnwtraders
comcom
westwest easteast
orgorgnetnet
DNS
Identifying the Internet Access Considerations for Client Access
Mobile device security
Public computer access
Certificates
Firewall ports
High availability
Load balancing
DNS configuration
Device types
Identifying the Network Considerations for Client Access
AD DS
Site design Public Key Infrastructure
Perimeter network
Identifying the Network Considerations for Message Routing
Global catalog
Site designRouting topology
Edge configuration
Lesson 2: Designing the Active Directory Infrastructure
• Identifying the AD DS Design Owners
• Designing the Active Directory Forest
• Designing the Active Directory Domain
• Designing the Active Directory Sites for Exchange Server 2010
• Deploying Exchange Server 2010 Servers in Active Directory Sites
• Designing a Domain Controller Placement Strategy
• Discussion: Considerations for Modifying the Current Active Directory Design
• Planning for AD DS Preparation to Support the Exchange Server 2010 Deployment
Identifying the AD DS Design Owners
• An individual administrator or group of administrators who are responsible for the overall design and management of the Active Directory infrastructure
• Personnel responsible for the regular Active Directory administration
Active Directory design owners include:
Designing the Active Directory Forest
Forest option Description
No forest
• In this design, a computer is running the Edge Transport server role that uses AD LDS for storing server configuration information
Single forest
• Exchange Server is installed in a single Active Directory forest that spans the whole organization
• This is the easiest deployment to maintain
Resource forest
• Exchange Server is installed in an Active Directory forest that does not contain the recipient accounts
• This requires a one-way forest trust
Cross-forest
• Exchange Server is installed into multiple, different Active Directory forests
• This may require directory and availability synchronization between forests
Designing the Active Directory Domain
Domain option Description
Single domain The most common domain deployment for small and medium-sized businesses
Multiple domains in the same Active Directory tree
Contains a single, top-level parent domain, and all of the domains share a contiguous DNS namespace with that parent domain
Multiple domains in multiple Active Directory trees
Contains multiple top-level parent domains with multiple DNS namespaces
Designing the Active Directory Sites for Exchange Server 2010
All Exchange Server roles use Active Directory sites*All Exchange Server roles use Active Directory sites*
• Understand the rationale for the current Active Directory site design
• Consider using a centralized Exchange Server deployment
• Consider modifying the Active Directory site design
When designing the Active Directory site configuration:
*except the Edge Transport server role
Deploying Exchange Server 2010 Servers in Active Directory Sites
• Determine whether to place a server running the Mailbox server role in the Active Directory site
• Place a Hub Transport server role and Client Access server role in the site, when placing a Mailbox server role in the site
• Determine whether to place multiple Hub Transport or Client Access servers in each site
Considerations for deploying Exchange servers in an Active Directory site:
Designing a Domain Controller Placement Strategy
• Deploy at least one global catalog server in each site that contains an Exchange Server
• Do not run Exchange Server 2010 on computers that also function as Windows domain controllers
• Upgrade domain controllers and global catalog servers to 64-bit hardware when an Active Directory organization contains more than 20,000 objects
• Implement Exchange server processors to global catalog server processors in an 8:1 ratio in each site
Considerations for placement of domain controllers and global catalog servers:
Discussion: Considerations for Modifying the Current Active Directory Design
15 min15 min
• What is the impact of changing the Active Directory design in a large, complex company?
• How can you balance the complications of modifying the current Active Directory design with the optimal Exchange Server-based design?
• How can you help an organization determine whether to modify the Active Directory design?
Planning for AD DS Preparation to Support the Exchange Server 2010 Deployment
Consider the following factors when preparing AD DS to support Exchange Server:
• Delegation of preparation tasks
• Coexistence with earlier Exchange Server versions
• Domain preparation
• Schema preparation
Lesson 3: Designing the DNS Infrastructure
• Considerations for DNS
• What Is Split DNS?
• Designing a DNS Infrastructure for Exchange Server
Considerations for DNS
• Disjoint namespace considerations
• WINS is not usually required by Exchange 2010
• DNS must be configured correctly
• Service (SRV) resource records, mail exchanger (MX) resource records, Host resource records, and Sender Policy Framework (SPF) resource records configuration
What Is Split DNS?
Internal
External
Adatum.com Adatum.com
HostRecord type IP address
www CNAME Webserver1.adatum.com
Relay CNAME Exchange1.adatum.com
Webserver1 A 192.168.1.200
Exchange1 A 192.168.0.201
HostRecord type IP Address
www A 131.107.1.200
Relay A 131.107.1.201
MX Relay.adatum.com
Your DNS infrastructure should support the following Exchange Server functionalities:
Designing a DNS Infrastructure for Exchange Server
• Client-to-server resolution
• Server-to-server resolution
• Inbound delivery from the Edge server to the Hub server
• Inbound delivery to the Edge server from the Internet
• Outbound delivery from the Edge server to the Internet
• Outbound delivery from the Hub server to the Edge server
Lesson 4: Planning Exchange Server Administration
• Exchange Server 2010 Permissions
• What Is the Default Role Based Access Control Configuration?
• Designing a Custom Management Delegation Strategy
• Designing a Management Tool Strategy
• Demonstration: How to Manage Exchange Server 2010
Exchange Server 2010 Permissions
• Management role groups
• Management role assignment policies
• Direct user role assignment
The Exchange Server 2010 permissions model is based on:
What Is the Default Role Based Access Control Configuration?
• Organization Management
• View-Only Organization Management
• Recipient Management
• UM Management
• Discovery Management
• Records Management
• Server Management
• Help Desk
• Public Folder Management
• Delegated Setup
The following are built-in role groups
Designing a Custom Management Delegation Strategy
You can customize the default administrative model in these ways:
• Modify assignment policies
• Configure custom role groups
Designing a Management Tool Strategy
Exchange Server 2010 provides a number of management tools:
• Exchange Management Console
• Exchange Management Shell
• Windows Remote PowerShell
• Exchange Control Panel
Demonstration: How to Manage Exchange Server 2010
In this demonstration, you will see how to use the Exchange Server 2010 management tools
Lab: Designing Exchange Server Integration with the Current Infrastructure
• Exercise 1: Evaluating the Current Network Infrastructure at Contoso
• Exercise 2: Determining Suitability for Exchange Server 2010
• Exercise 3: Preparing the AD DS Forest For Exchange Server 2010
• Exercise 4: Configuring Exchange Server Delegation
Logon information
Estimated time: 30 minutes
Lab Review
• In Exercise 1, Contoso is using a unified namespace – i.e. the internal and external domain names are the same (Contoso.com). If the internal domain name was different, for example Contoso.priv, what issues would this raise when you deployed Exchange Server?
• Instead of deploying an Edge Transport server in the head office to handle e-mail to and from the Internet, what other options could you consider?
Lab Scenario
• Contoso, Ltd is planning to deploy Exchange Server 2010. You are a messaging consultant from A. Datum Corporation, and have been tasked with verifying that the existing network infrastructure is suitable to support Exchange Server 2010.
• Once you have determined that the prerequisites are met, you will prepare the AD DS forest so that the server deployment team can begin the Exchange Server 2010 deployment.