MCSE: Exchange 2000 Server Design Study Guide
William Heldman
SYBEX®
MCSE: Exchange 2000 Server Design Study Guide
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
MCSE: Exchange 2000 Server Design Study Guide
William Heldman
San Francisco • Paris • Düsseldorf • Soest • London Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Associate Publisher: Neil Edde Contracts and Licensing Manager: Kristine O’Callaghan Acquisitions and Developmental Editor: Elizabeth Hurley Editors: Brianne Hope Agatep, Carol Henry, Colleen Wheeler Strand Production Editor: Nathan Whiteside Technical Editors: Joshua L. Konkle, Ed Crowley Electronic Publishing Specialists: Susie Hendrickson, Jill Niles Book Designer: Bill Gibson Graphic Illustrator: Tony Jonick Proofreaders: Jennifer Campbell, Leslie E. H. Light, Nancy Riddiough, Andrea Fox, WordOne Proofreading Service Indexer: Ted Laux CD Coordinator: Erica Yee CD Technician: Kevin Ly Cover Designer: Archer Design Cover Photographer: Natural Selection Copyright © 2001 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher. Library of Congress Card Number: 01-086744 ISBN: 0-7821-2897-1 SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries. Screen reproductions produced with FullShot 99. FullShot 99 © 1991-1999 Inbit Incorporated. All rights reserved. FullShot is a trademark of Inbit Incorporated. The CD interface was created using Macromedia Director, © 1994, 1997-1999 Macromedia Inc. For more information on Macromedia and Macromedia Director, visit www.macromedia.com. Microsoft ® Internet Explorer © 1996 Microsoft Corporation. All rights reserved. Microsoft, the Microsoft Internet Explorer logo, Windows, Windows NT, and the Windows logo are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. SYBEX is an independent entity from Microsoft Corporation, and not affiliated with Microsoft Corporation in any manner. This publication may be used in assisting students to prepare for a Microsoft Certified Professional Exam. Neither Microsoft Corporation, its designated review company, nor SYBEX warrants that use of this publication will ensure passing the relevant exam. Microsoft is either a registered trademark or trademark of Microsoft Corporation in the United States and/or other countries. TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the capitalization style used by the manufacturer. The author and publisher have made their best efforts to prepare this book, and the content is based upon final release software whenever possible. Portions of the manuscript may be based upon pre-release versions supplied by software manufacturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or indirectly from this book. Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
To Our Valued Readers: In recent years, Microsoft’s MCSE program has established itself as the premier computer and networking industry certification. Nearly a quarter of a million IT professionals have attained MCSE status in the NT 4 track. Sybex is proud to have helped thousands of MCSE candidates prepare for their exams over these years, and we are excited about the opportunity to continue to provide people with the skills they’ll need to succeed in the highly competitive IT industry. For the Windows 2000 MCSE track, Microsoft has made it their mission to demand more of exam candidates. Exam developers have gone to great lengths to raise the bar in order to prevent a papercertification syndrome, one in which individuals obtain a certification without a thorough understanding of the technology. Sybex welcomes this new philosophy as we have always advocated a comprehensive instructional approach to certification courseware. It has always been Sybex’s mission to teach exam candidates how new technologies work in the real world, not to simply feed them answers to test questions. Sybex was founded on the premise of providing technical skills to IT professionals, and we have continued to build on that foundation, making significant improvements to our study guides based on feedback from readers, suggestions from instructors, and comments from industry leaders. The depth and breadth of technical knowledge required to obtain Microsoft’s new Windows 2000 MCSE is staggering. Sybex has assembled some of the most technically skilled instructors in the industry to write our study guides, and we’re confident that our Windows 2000 MCSE study guides will meet and exceed the demanding standards both of Microsoft and you, the exam candidate. Good luck in pursuit of your MCSE!
Neil Edde Associate Publisher—Certification Sybex, Inc.
SYBEX Inc. 1151 Marina Village Parkway, Alameda, CA 94501 Tel: 510/523-8233 Fax: 510/523-2373 HTTP://www.sybex.com Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Software License Agreement: Terms and Conditions The media and/or any online materials accompanying this book that are available now or in the future contain programs and/or text files (the “Software”) to be used in connection with the book. SYBEX hereby grants to you a license to use the Software, subject to the terms that follow. Your purchase, acceptance, or use of the Software will constitute your acceptance of such terms. The Software compilation is the property of SYBEX unless otherwise indicated and is protected by copyright to SYBEX or other copyright owner(s) as indicated in the media files (the “Owner(s)”). You are hereby granted a single-user license to use the Software for your personal, noncommercial use only. You may not reproduce, sell, distribute, publish, circulate, or commercially exploit the Software, or any portion thereof, without the written consent of SYBEX and the specific copyright owner(s) of any component software included on this media. In the event that the Software or components include specific license requirements or end-user agreements, statements of condition, disclaimers, limitations or warranties (“End-User License”), those End-User Licenses supersede the terms and conditions herein as to that particular Software component. Your purchase, acceptance, or use of the Software will constitute your acceptance of such End-User Licenses. By purchase, use or acceptance of the Software you further agree to comply with all export laws and regulations of the United States as such laws and regulations may exist from time to time. Software Support Components of the supplemental Software and any offers associated with them may be supported by the specific Owner(s) of that material but they are not supported by SYBEX. Information regarding any available support may be obtained from the Owner(s) using the information provided in the appropriate read.me files or listed elsewhere on the media. Should the manufacturer(s) or other Owner(s) cease to offer support or decline to honor any offer, SYBEX bears no responsibility. This notice concerning support for the Software is provided for your information only. SYBEX is not the agent or principal of the Owner(s), and SYBEX is in no way responsible for providing any support for the Software, nor is it liable or responsible for any support provided, or not provided, by the Owner(s).
identical format at no charge by sending the defective media, postage prepaid, with proof of purchase to: SYBEX Inc. Customer Service Department 1151 Marina Village Parkway Alameda, CA 94501 (510) 523-8233 Fax: (510) 523-2373 e-mail:
[email protected] Web: www.sybex.com After the 90-day period, you can obtain replacement media of identical format by sending us the defective disk, proof of purchase, and a check or money order for $10, payable to SYBEX. Disclaimer SYBEX makes no warranty or representation, either expressed or implied, with respect to the Software or its contents, quality, performance, merchantability, or fitness for a particular purpose. In no event will SYBEX, its distributors, or dealers be liable to you or any other party for direct, indirect, special, incidental, consequential, or other damages arising out of the use of or inability to use the Software or its contents even if advised of the possibility of such damage. In the event that the Software includes an online update feature, SYBEX further disclaims any obligation to provide this feature for any specific duration other than the initial posting. The exclusion of implied warranties is not permitted by some states. Therefore, the above exclusion may not apply to you. This warranty provides you with specific legal rights; there may be other rights that you may have that vary from state to state. The pricing of the book with the Software by SYBEX reflects the allocation of risk and limitations on liability contained in this agreement of Terms and Conditions. Shareware Distribution This Software may contain various programs that are distributed as shareware. Copyright laws apply to both shareware and ordinary commercial software, and the copyright Owner(s) retains all rights. If you try a shareware program and continue using it, you are expected to register it. Individual programs differ on details of trial periods, registration, and payment. Please observe the requirements stated in appropriate files.
Warranty
Copy Protection
SYBEX warrants the enclosed media to be free of physical defects for a period of ninety (90) days after purchase. The Software is not available from SYBEX in any other form or media than that enclosed herein or posted to www.sybex.com. If you discover a defect in the media during this warranty period, you may obtain a replacement of
The Software in whole or in part may or may not be copyprotected or encrypted. However, in all cases, reselling or redistributing these files without authorization is expressly forbidden except as specifically provided for by the Owner(s) therein.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
This book is dedicated to my wife Kimmie, whose loving patience and understanding keep me writing.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Acknowledgments I’d like to acknowledge the following people for their fine help with this book. Thanks first to Neil Edde for giving me my original opportunity to write with Sybex. He has been a mentor and constant encourager for me and I appreciate his willingness to hang on and work with me. I’d also like to thank the editors of this book: Brianne Agatep, Carol Henry, Nathan Whiteside and Colleen Strand (and the rest of the “cast of thousands” that I don’t know about). Additionally, I’d like to thank the acquisitions editor, Elizabeth Hurley, not only for choosing me for this cool opportunity, but also just for being Elizabeth. Finally, I’d like to thank the proofreaders who go through the galleys and pencil in their changes—what a job that must be, not necessarily caring about what the text is saying, but about the way that it appears in print; and I’d also like to thank the artwork folks who render my silly little Word boxes into something that looks like the picture I’m trying to draw. Thanks to Sybex for being there and being the best computer book company on the face of the planet.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
Microsoft’s new Microsoft Certified Systems Engineer (MCSE) track for Windows 2000 is the premier certification for computer industry professionals. Covering the key technologies around which Microsoft’s future will be built, the new MCSE certification is a powerful credential for career advancement. This book has been developed, in cooperation with Microsoft Corporation, to give you the critical skills and knowledge you need to prepare for one of the most popular electives of the new MCSE certification program: Exchange 2000 Server Design. You will find the information you need to acquire a solid understanding of Exchange 2000 Server Design, to prepare for Exam 70-225: Designing and Deploying a Messaging Infrastructure with Microsoft Exchange 2000 Server, and to progress toward MCSE certification.
Why Become Certified in Windows 2000? As the computer network industry grows in both size and complexity, the need for proven ability is increasing. Companies rely on certifications to verify the skills of prospective employees and contractors. Whether you are just getting started or are ready to move ahead in the computer industry, the knowledge, skills, and credentials you have are your most valuable assets. Microsoft has developed its Microsoft Certified Professional (MCP) program to give you credentials that verify your ability to work with Microsoft products effectively and professionally. The MCP credential for professionals who work with Microsoft Windows 2000 networks is the new MCSE certification. Over the next few years, companies around the world will deploy millions of copies of Windows 2000 as the central operating system for their missioncritical networks. This will generate an enormous need for qualified consultants and personnel to design, deploy, and support Windows 2000 networks. Windows 2000 is a huge product that requires professional skills of its administrators. Consider that Windows NT 4 has about 12 million lines of code, while Windows 2000 has more than 35 million! Much of this code is needed to deal with the wide range of functionality that Windows 2000 offers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
xxiii
Windows 2000 actually consists of several different versions: Windows 2000 Professional The client edition of Windows 2000, which is comparable to Windows NT 4 Workstation 4, but also includes the best features of Windows 98 and many new features. Windows 2000 Server/Windows 2000 Advanced Server A server edition of Windows 2000 for small to mid-sized deployments. Advanced Server supports more memory and processors than Server does. Windows 2000 Datacenter Server A server edition of Windows 2000 for large, wide-scale deployments and computer clusters. Datacenter Server supports the most memory and processors of the three versions. With such an expansive operating system, companies need to be certain that you are the right person for the job being offered. The MCSE is designed to help prove that you are.
As part of its promotion of Windows 2000, Microsoft has announced that MCSEs who have passed the Windows NT 4 core exams must upgrade their certifications to the new Windows 2000 track by December 31, 2001, to remain certified. The MCSE Study Guide series, published by Sybex, covers the full range of exams required for either obtaining or upgrading your certification. For more information, see the “Exam Requirements” section later in this Introduction.
Is This Book for You? If you want to acquire a solid foundation in the design of Exchange 2000 Server Design, this book is for you. You’ll find clear explanations of the fundamental concepts you need to grasp. If you want to become certified as an MCSE, this book is definitely for you. However, if you just want to attempt to pass the exam without really understanding Windows 2000, this book is not for you. This book is written for those who want to acquire hands-on skills and in-depth knowledge of Windows 2000. If your goal is to prepare for the exam by learning how to use and manage the new operating system, this book is for you. It will help you to achieve the high level of professional competency you need to succeed in this field.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xxiv
Introduction
What Does This Book Cover? This book contains detailed explanations, hands-on exercises, and review questions to test your knowledge. Think of this book as your complete guide to Exchange 2000 Server Design. It begins by covering the most basic concepts, such as the features of the system and how to install and configure it. Next, you will learn how to perform important tasks, including:
Setting up routing groups
Understanding the new topologies in E2K
Designing around foreign messaging systems
Deploying different virtual protocol instances
You also learn how to ensure that your E2K design is highly available, well-designed, and effectively deployed. Throughout the book, you will be given example design scenarios, which give you practical design experiences for each exam objective. At the end of each chapter, you’ll find a summary of the topics covered in the chapter, which also includes a list of the key terms used in that chapter. The key terms represent not only the terminology that you should recognize, but also the underlying concepts that you should understand to pass the exam. All of the key terms are defined in the glossary at the back of the study guide. Finally, each chapter concludes with 10 review questions and a sample case study exam that test your knowledge of the information covered. Many more questions, including two complete Bonus Exams with 50 questions and two case study exercises each, as well as multimedia demonstrations of the hands-on exercises, are included on the CD that accompanies this book, as explained in the “What’s on the CD?” section at the end of this Introduction.
The topics covered in this book map directly to Microsoft’s official exam objectives. Each exam objective is covered completely.
How Do You Become an MCSE? Attaining MCSE certification has always been a challenge. However, in the past, individuals could acquire detailed exam information—even most of
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
xxv
the exam questions—from online “brain dumps” and third-party “cram” books or software products. For the new MCSE exams, this simply will not be the case. To avoid the “paper-MCSE syndrome” (a devaluation of the MCSE certification because unqualified individuals manage to pass the exams), Microsoft has taken strong steps to protect the security and integrity of the new MCSE track. Prospective MSCEs will need to complete a course of study that provides not only detailed knowledge of a wide range of topics, but true skills derived from working with Windows 2000 and related software products. In the new MCSE program, Microsoft is heavily emphasizing hands-on skills. Microsoft has stated that, “Nearly half of the core required exams’ content demands that the candidate have troubleshooting skills acquired through hands-on experience and working knowledge.” Fortunately, if you are willing to dedicate time and effort with Windows 2000, you can prepare for the exams by using the proper tools. If you work through this book and the other books in this series, you should successfully meet the exam requirements.
This book is a part of a series of MCSE Study Guides, published by Sybex, that covers the core requirements as well as the electives you need to complete your MCSE track.
Exam Requirements Successful candidates must pass a minimum set of exams that measure technical proficiency and expertise:
Candidates for MCSE certification must pass seven exams, including four core operating system exams, one design exam, and two electives.
Candidates who have already passed three Windows NT 4 exams (70-067, 70-068, and 70-073) may opt to take an “accelerated” exam plus one core design exam and two electives.
If you do not pass the accelerated exam after one attempt, you must pass the five core requirements and two electives.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xxvi
Introduction
The following tables show the exams a new certification candidate must pass. All of these exams are required: Exam #
Title
Requirement Met
70-216
Implementing and Administering a Microsoft® Windows® 2000 Network Infrastructure
Core (Operating System)
70-210
Installing, Configuring, and Administering Microsoft® Windows® 2000 Professional
Core (Operating System)
70-215
Installing, Configuring, and Administering Microsoft® Windows® 2000 Server
Core (Operating System)
70-217
Implementing and Administering a Microsoft® Windows® 2000 Directory Services Infrastructure
Core (Operating System)
One of these exams is required: Exam #
Title
Requirement Met
70-219
Designing a Microsoft® Windows® 2000 Directory Services Infrastructure
Core (Design)
70-220
Designing Security for a Microsoft® Windows® 2000 Network
Core (Design)
70-221
Designing a Microsoft® Core (Design) Windows® 2000 Network Infrastructure
Two of these exams are required: Exam #
Title
Requirement Met
70-219
Designing a Microsoft® Windows® 2000 Directory Services Infrastructure
Elective
70-220
Designing Security for a Microsoft® Windows® 2000 Network
Elective
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
70-221
Designing a Microsoft® Elective Windows® 2000 Network Infrastructure
70-225
Designing and Deploying a Messaging Infrastructure with Microsoft® Exchange 2000 Server
Elective
Any current MCSE elective
Exams cover topics such as Exchange Server, SQL Server, Systems Management Server, Internet Explorer Administrators Kit, and Proxy Server (new exams are added regularly)
Elective
xxvii
For a more detailed description of the Microsoft certification programs, including a list of current MCSE electives, check Microsoft’s Training and Certification Web site at www.microsoft.com/trainingandservices.
The Exchange 2000 Server Design Exam The Exchange 2000 Server Design exam covers concepts and skills required for the support of Exchange 2000 Server systems. It emphasizes the following areas of Exchange 2000 Server support:
Standards and terminology
Planning
Implementation
Troubleshooting
This exam can be quite specific regarding Exchange 2000 Server requirements and operational settings, and it can be particular about how administrative tasks are performed in the messaging system. It also focuses on fundamental concepts relating to Exchange 2000 Server’s operation. Careful study of this book, along with hands-on experience, will help you prepare for this exam.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xxviii
Introduction
Microsoft provides exam objectives to give you a very general overview of possible areas of coverage of the Microsoft exams. For your convenience, we have added in-text objectives listings at the points in the text where specific Microsoft exam objectives are covered. However, exam objectives are subject to change at any time without prior notice and at Microsoft’s sole discretion. Please visit Microsoft’s Training and Certification Web site (www.microsoft.com/Trainingandservices) for the most current exam objectives listing.
Types of Exam Questions In the previous tracks, the formats of the MCSE exams were fairly straightforward, consisting almost entirely of multiple-choice questions appearing in a few different sets. Prior to taking an exam, you knew how many questions you would see and what type of questions would appear. If you had purchased the right third-party exam preparation products, you could even be quite familiar with the pool of questions you might be asked. As mentioned earlier, all of this is changing. In an effort both to refine the testing process and to protect the quality of its certifications, Microsoft has introduced adaptive testing, as well as some new exam elements. You will not know in advance which type of format you will see on your exam. These innovations make the exams more challenging, and they make it much more difficult for someone to pass an exam after simply “cramming” for it.
Microsoft will be accomplishing its goal of protecting the exams by regularly adding and removing exam questions, limiting the number of questions that any individual sees in a beta exam, limiting the number of questions delivered to an individual by using adaptive testing, and adding new exam elements.
Exam questions may be in multiple-choice, select-and-place, simulation, or case study–based formats. You may also find yourself taking an adaptive format exam. Let’s take a look at the exam question types and adaptive testing, so you can be prepared for all of the possibilities.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
xxix
Multiple-Choice Questions Multiple-choice questions include two main types of questions. One is a straightforward type that presents a question, followed by several possible answers, of which one or more is correct. The other type of multiple-choice question is more complex. This type presents a set of desired results along with a proposed solution. You must then decide which results would be achieved by the proposed solution.
You will see many multiple-choice questions in this study guide and on the accompanying CD, as well as on your exam.
Select-and-Place Questions Select-and-place exam questions involve graphical elements that you must manipulate in order to answer a question successfully. For example, a question could present a diagram of a computer network, as shown below.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xxx
Introduction
The diagram shows several computers next to boxes that contain the text “Place here.” The labels represent different computer roles on network, such as print server and file server. Based on information given for each computer, you are asked to drag and drop each label to the correct box. You need to place all of the labels correctly. No credit is given if you correctly label only some of the boxes.
We recommend that you try the Edge Test Select-and-Place exam, which is included on the CD that accompanies this study guide.
Simulations Simulations are the kinds of questions that most closely represent and test the actual skills you use while working with Microsoft software interfaces. These types of exam questions include a mock interface on which you must perform certain actions according to a given scenario. The simulated interfaces look nearly identical to what you see in the actual product, as shown in the example below.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
xxxi
Simulations are by far the most complex element introduced into Microsoft exams to date. Because of the number of possible errors that can be made on simulations, it is worthwhile to consider the following recommendations from Microsoft:
Do not change any simulation settings that don’t pertain to the solution directly.
Assume that the default settings are used when related information has not been provided.
Make sure that your entries are spelled correctly.
Close all of the simulation application windows after completing the set of tasks in the simulation.
The best way to prepare for the simulation questions is to spend time working with the graphical interface of the product on which you will be tested.
We recommend that you study with the Edge Test WinSim 2000 product, which is included on the CD that accompanies this study guide. By completing the exercises in this study guide and working with the WinSim 2000 software, you can greatly improve your level of preparation for simulation questions.
Case Study–Based Questions Case study–based questions first appeared in the Microsoft Certified Solution Developer program (Microsoft’s certification program for software programmers). Case study–based questions present a scenario with a range of requirements. Based on the information provided, you need to answer a series of multiple-choice and ranking questions. The interface for case study–based questions has a number of tabs that each contain information about the scenario. At present, this type of question appears only in the Design exams.
Adaptive Exam Format Microsoft presents many of its exams in an adaptive format. This format is radically different from the conventional format previously used for Microsoft certification exams. Conventional tests are static, containing a fixed number of questions. Adaptive tests change, or “adapt,” depending on your answers to the questions presented.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xxxii
Introduction
The number of questions presented in your adaptive test will depend on how long it takes the exam to ascertain your level of ability (according to the statistical measurements on which the exam questions are ranked). To determine a test-taker’s level of ability, the exam presents questions in increasing or decreasing order of difficulty.
Unlike the previous test format, the adaptive format will not allow you to go back to see a question again. The exam only goes forward. Once you enter your answer, that’s it—you cannot change it. Be very careful before entering your answer. There is no time limit for each individual question (only for the exam as a whole.) Your exam may be shortened by correct answers (and lengthened by incorrect answers), so there is no advantage to rushing through questions.
How Adaptive Exams Determine Ability Levels As an example of how adaptive testing works, suppose that you know three people who are taking the exam: Herman, Sally, and Rashad. Herman doesn’t know much about the subject, Sally is moderately informed, and Rashad is an expert. Herman answers his first question incorrectly, so the exam presents him with a second, easier question. He misses that, so the exam gives him a few more easy questions, all of which he misses. Shortly thereafter, the exam ends, and he receives his failure report. Sally answers her first question correctly, so the exam gives her a more difficult question, which she answers correctly. She then receives an even more difficult question, which she answers incorrectly. Next, the exam gives her a somewhat easier question, as it tries to gauge her level of understanding. After numerous questions of varying levels of difficulty, Sally’s exam ends, perhaps with a passing score, perhaps not. Her exam included far more questions than were in Herman’s exam, because her level of understanding needed to be more carefully tested to determine whether or not it was at a passing level. When Rashad takes his exam, he answers his first question correctly, so he is given a more difficult question, which he also answers correctly. Next, the exam presents an even more difficult question, which he also answers correctly. He then is given a few more very difficult questions, all of which he answers correctly. Shortly thereafter, his exam ends. He passes. His exam was short, about as long as Herman’s test.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
xxxiii
Benefits of Adaptive Testing Microsoft has begun moving to adaptive testing for several reasons:
It saves time by focusing only on the questions needed to determine a test-taker’s abilities. An exam that might take an hour and a half in the conventional format could be completed in less than half that time when presented in adaptive format. The number of questions in an adaptive exam may be far fewer than the number required by a conventional exam.
It protects the integrity of the exams. By exposing a fewer number of questions at any one time, it makes it more difficult for individuals to collect the questions in the exam pools with the intent of facilitating exam "cramming."
It saves Microsoft and/or the test-delivery company money by reducing the amount of time it takes to deliver a test.
We recommend that you try the Edge Test Adaptive Exam, which is included on the CD that accompanies this study guide.
Exam Question Development Microsoft follows an exam-development process consisting of eight mandatory phases. The process takes an average of seven months and involves more than 150 specific steps. The MCP exam development consists of the following phases: Phase 1: Job Analysis Phase 1 is an analysis of all of the tasks that make up a specific job function, based on tasks performed by people who are currently performing that job function. This phase also identifies the knowledge, skills, and abilities that relate specifically to the performance area to be certified. Phase 2: Objective Domain Definition The results of the job analysis provide the framework used to develop objectives. The development of objectives involves translating the job-function tasks into a comprehensive set of more specific and measurable knowledge, skills, and abilities. The resulting list of objectives—the objective domain—is the basis for the development of both the certification exams and the training materials.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xxxiv
Introduction
Phase 3: Blueprint Survey The final objective domain is transformed into a blueprint survey in which contributors are asked to rate each objective. These contributors may be past MCP candidates, appropriately skilled exam development volunteers, or Microsoft employees. Based on the contributors’ input, the objectives are prioritized and weighted. The actual exam items are written according to the prioritized objectives. Contributors are queried about how they spend their time on the job. If a contributor doesn’t spend an adequate amount of time actually performing the specified job function, his or her data is eliminated from the analysis. The blueprint survey phase helps determine which objectives to measure, as well as the appropriate number and types of items to include on the exam. Phase 4: Item Development A pool of items is developed to measure the blueprinted objective domain. The number and types of items to be written are based on the results of the blueprint survey. Phase 5: Alpha Review and Item Revision During this phase, a panel of technical and job-function experts reviews each item for technical accuracy, then answers each item, reaching a consensus on all technical issues. Once the items have been verified as technically accurate, they are edited to ensure that they are expressed in the clearest language possible. Phase 6: Beta Exam The reviewed and edited items are collected into beta exams. Based on the responses of all beta participants, Microsoft performs a statistical analysis to verify the validity of the exam items and to determine which items will be used in the certification exam. Once the analysis has been completed, the items are distributed into multiple parallel forms, or versions, of the final certification exam. Phase 7: Item Selection and Cut-Score Setting The results of the beta exams are analyzed to determine which items should be included in the certification exam based on many factors, including item difficulty and relevance. During this phase, a panel of job-function experts determines the cut score (minimum passing score) for the exams. The cut score differs from exam to exam because it is based on an item-by-item determination of the percentage of candidates who answered the item correctly and who would be expected to answer the item correctly. Phase 8: Live Exam As the final phase, the exams are given to candidates. MCP exams are administered by Sylvan Prometric and Virtual University Enterprises (VUE).
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
xxxv
Microsoft will regularly add and remove questions from the exams. This is called item seeding. It is part of the effort to make it more difficult for individuals to merely memorize exam questions passed along by previous test-takers.
Tips for Taking the Exchange 2000 Server Design Exam Here are some general tips for taking the exam successfully:
Arrive early at the exam center so you can relax and review your study materials. During your final review, you can look over tables and lists of exam-related information.
Read the questions carefully. Don’t be tempted to jump to an early conclusion. Make sure you know exactly what the question is asking.
Answer all questions. Remember that the adaptive format will not allow you to return to a question. Be very careful before entering your answer. Because your exam may be shortened by correct answers (and lengthened by incorrect answers), there is no advantage to rushing through questions.
On simulations, do not change settings that are not directly related to the question. Also, assume default settings if the question does not specify or imply which settings are used.
Use a process of elimination to get rid of the obviously incorrect answers first on questions that you’re not sure about. This method will improve your odds of selecting the correct answer if you need to make an educated guess.
Exam Registration You may take the exams at any of more than 1,000 Authorized Prometric Testing Centers (APTCs) and VUE Testing Centers around the world. For the location of a testing center near you, call Prometric at 800-755-EXAM (755-3926), or call VUE at 888-837-8616. Outside the United States and Canada, contact your local Prometric or VUE registration center.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xxxvi
Introduction
You should determine the number of the exam you want to take, and then register with the Sylvan Prometric or VUE registration center nearest to you. At this point, you will be asked for advance payment for the exam. The exams are $100 each. Exams must be taken within one year of payment. You can schedule exams up to six weeks in advance or as late as one working day prior to the date of the exam. You can cancel or reschedule your exam if you contact the center at least two working days prior to the exam. Same-day registration is available in some locations, subject to space availability. Where same-day registration is available, you must register a minimum of two hours before test time.
You may also register for your exams online at www.2test.com or www.vue.com.
When you schedule the exam, you will be provided with instructions regarding appointment and cancellation procedures, ID requirements, and information about the testing center location. In addition, you will receive a registration and payment confirmation letter from Prometric or VUE. Microsoft requires certification candidates to accept the terms of a NonDisclosure Agreement before taking certification exams.
What’s on the CD? With this new book in our best-selling MCSE study guide series, we are including quite an array of training resources. On the CD are numerous simulations, practice exams, and flashcards to help you study for the exam. Also included are the entire contents of the study guide. These resources are described in the following sections.
The Sybex Ebook for Exchange 2000 Server Design Many people like the convenience of being able to carry their whole study guide on a CD. They also like being able to search the text to find specific information quickly and easily. For these reasons, we have included the entire contents of this study guide on a CD, in PDF format. We’ve also included Adobe Acrobat Reader, which provides the interface for the contents, as well as the search capabilities.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
xxxvii
The Sybex MCSE Edge Tests The Edge Tests are a collection of multiple-choice questions that can help you prepare for your exam. There are three sets of questions:
Bonus questions specially prepared for this edition of the study guide, including 100 questions that appear only on the CD
An adaptive test simulator that will give the feel for how adaptive testing works
All of the questions from the study guide presented in a test engine for your review
A sample screen from the Sybex MCSE Edge Tests is shown below.
Sybex MCSE Flashcards for PCs and Palm Devices The “flashcard” style of exam question offers an effective way to quickly and efficiently test your understanding of the fundamental concepts covered in the Exchange 2000 Server exam. The Sybex MCSE Flashcards set consists of
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xxxviii
Introduction
more than 50 questions presented in a special engine developed specifically for this Study Guide series. The Sybex MCSE Flashcards interface is shown below.
Because of the high demand for a product that will run on Palm devices, we have also developed, in conjunction with Land-J Technologies, a version of the flashcard questions that you can take with you on your Palm OS PDA (including the PalmPilot and Handspring’s Visor).
How Do You Use This Book? This book can provide a solid foundation for the serious effort of preparing for the Exchange 2000 Server Design exam. To best benefit from this book, you may wish to use the following study method: 1. Study each chapter carefully. Do your best to fully understand the
information. 2. Complete all hands-on exercises in the chapter, referring back to the
text as necessary so that you understand each step you take. If you do not have access to a lab environment in which you can complete the exercises, install and work with the exercises available in the WinSim 2000 software included with this study guide.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction
xxxix
3. Answer the review questions at the end of each chapter. If you would
prefer to answer the questions in a timed and graded format, install the Edge Tests from the CD that accompanies this book and answer the chapter questions there instead of in the book. 4. Note which questions you did not understand and study the corre-
sponding sections of the book again. 5. Make sure you complete the entire book. 6. Before taking the exam, go through the training resources included on
the CD that accompanies this book. Try the adaptive version that is included with the Sybex MCSE Edge Test. Review and sharpen your knowledge with the MCSE Flashcards.
In order to complete the exercises in this book, your hardware should meet the minimum hardware requirements for Exchange 2000. See Chapter 2 for the minimum and recommended system requirements.
To learn all of the material covered in this book, you will need to study regularly and with discipline. Try to set aside the same time every day to study and select a comfortable and quiet place in which to do it. If you work hard, you will be surprised at how quickly you learn this material. Good luck!
Contacts and Resources To find out more about Microsoft Education and Certification materials and programs, to register with Sylvan Prometric or VUE, or to get other useful information, check the following resources. Microsoft Certification Development Team www.microsoft.com/trainingandservices Contact the Microsoft Certification Development Team through their Web site to volunteer for one or more exam development phases or to report a problem with an exam. Address written correspondence to: Certification Development Team Microsoft Education and Certification One Microsoft Way Redmond, WA 98052
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xl
Introduction
Microsoft TechNet Technical Information Network www.microsoft.com/technet/subscription/about.htm (800) 344-2121 Use this Web site or phone number to contact support professionals and system administrators. Outside the United States and Canada, contact your local Microsoft subsidiary for information. Microsoft Training and Certification Home Page www.microsoft.com/trainingandservices This Web site provides information about the MCP program and exams. You can also order the latest Microsoft Roadmap to Education and Certification. Palm Pilot Training Product Development: Land-J www.land-j.com (407) 359-2217 Land-J Technologies is a consulting and programming business currently specializing in application development for the 3Com PalmPilot Personal Digital Assistant. Land-J developed the Palm version of the Edge Tests, which is included on the CD that accompanies this study guide. Prometric www.prometric.com (800) 755-EXAM Contact Prometric to register to take an MCP exam at any of more than 800 Prometric Testing Centers around the world. Virtual University Enterprises (VUE) www.vue.com (888) 837-8616 Contact the VUE registration center to register to take an MCP exam at one of the VUE Testing Centers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Assessment Test 1. Your company receives substantial Internet e-mail. What is one
method you can use to enhance the E2K environment to support this incoming e-mail load? A. Create a virtual HTTP instance. B. Create a front-end/back-end server installation. C. Create a second mailbox store. D. Create a virtual SMTP instance. 2. What are the two DLL files that are installed by Exchange 2000 Server
setup on a cluster node? A. Exres.dll B. Exclus.dll C. Excluadm.dll D. Exnode.dll 3. True or False: Exchange 4.x servers can coexist with Exchange 2000
Server. A. True B. False 4. You have an Exchange 2000 server in Germany that connects with
your network in Brazil via a VPN. Mail has stopped flowing. Where do you begin troubleshooting first? A. Service account B. WAN connections C. VPN configuration D. ISP E. Server services F. Name resolution
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xlii
Assessment Test
5. What security protocol will Exchange 2000 natively use? A. IPSec B. MPPE C. Kerberos D. DES 6. What is the Exchange Interprocess Communication (EXIPC, Epoxy)
used for? A. Links Chat Management Protocol (CMP) servers B. Links bridgehead servers with Routing Group Masters C. Links the Information Store and Internet Information Service (IIS) D. Links legacy Exchange sites with Exchange 2000 Servers 7. You have an Exchange deployment that has several remote system
managers. You want to apply permissions to servers according to the manager who maintains the site in which the server resides. What tool can you use for this? A. Routing groups B. Mailbox store permissions C. Administrative groups D. Active Directory permissions 8. The Reconnect option on a specific mailbox allows you to do what? A. Enable support for dial-in users. B. Link a mailbox with a newly created user account. C. Recover deleted e-mail items. D. Connect the mailbox to a specific server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Assessment Test
xliii
9. Kerberos version 5 has the ability to perform authentication delegation.
What does this mean? A. The service can log on several users at a time. B. The service can impersonate a user in order to access another server. C. The service can log the user on to multiple services at once. D. The service can transfer the user to a different validating
Kerberos server. 10. What are the protocols supported by Exchange 2000 Server? A. POP3 B. IMAP4 C. HTTP D. NNTP E. SMTP F. S/MIME G. HTTPS H. FTP I.
AOL
J. LDAP
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xliv
Assessment Test
11. What are the foreign e-mail system connectors that come with
Exchange 2000 Server? A. SNADS B. PROFS C. X.400 D. X.25 E. AppleTalk F. MS Mail G. Lotus Notes H. cc:Mail I.
Collabra Share
J. TAO K. GroupWise 12. From the list below, select four new features of Exchange 2000 Server. A. Three separate server products to pick from B. Multiple message databases C. Integration with Unix mail D. Can be managed through a browser E. Supports S/MIME F. Able to integrate with Office 2000
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Assessment Test
xlv
13. You select a freeware POP3 client for certain users on your network
to use to access the Exchange system. You’re surprised to find that the users can download their e-mail just fine, but can’t reply to the e-mail items or send any new e-mail documents out. What could be the problem? A. Need an IMAP4 client for this B. Exchange server not configured correctly C. POP3 client doesn’t have SMTP D. Exchange POP3 server service not started 14. What Exchange 2000 Server service is responsible for notifying all
E2K servers in a routing group that a link to another routing group is down? A. Routing Group Connector (RGC) B. Bridgehead server C. Routing Group Master (RGM) D. Exchange Interprocess Communication (EXIPC) 15. You have several Outlook Web Access (OWA) users who are having
difficulty getting into their e-mail this morning. Where’s the first place you should check? A. Internet mail service on the E2K server B. SMTP virtual server C. HTTP virtual server D. Information store properties E. Internet Information Service (IIS)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xlvi
Assessment Test
16. You’re setting up an Exchange 2000 server, and you need to supply
a list of the users, groups, and computers that are on the GAL to a partner corporation’s Exchange 5.5 SP3 system. You talk to your business-partner corporation through a high-speed VPN. What do you need to do to accomplish this? A. Set up a one-way Connection Agreement. B. Set up a two-way Connection Agreement. C. Install the Exchange 2000 site connector. D. Install the Exchange 2000 X.400 connector. 17. Of the five protocol instances that you can create in Exchange 2000,
which two are the most likely to be the ones that most of your clients will use? A. MAPI B. IMAP4 C. POP3 D. HTTP E. NNTP 18. An administrator is checking the permissions for a given Exchange
object. She finds that there are no entries in the Security tab for this object. What are the net permissions for this object? A. Everyone - full permission B. No access C. Administrators only - full permission D. Everyone - read permission
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Assessment Test
xlvii
19. Huey’s Exchange server has crashed. What are the steps needed to
recover Exchange after he has rebuilt the server? A. Reinstall Exchange using Disaster Recovery mode. B. Install Windows 2000. C. Restore storage groups from tape. D. Restore mailbox stores from tape. E. Make sure DNS settings are correct. F. Join the domain. 20. What service is responsible for determining optimum routes between
Exchange servers? Is it an Exchange 2000 or a Windows 2000 service? A. Routing Engine; E2K B. Routing Engine; W2K C. Advanced Queuing Engine; E2K D. Advanced Queuing Engine; W2K 21. You have a cc:Mail system that Exchange 2000 needs to talk to. What
component will you use to accomplish this? A. The Active Directory connector B. The cc:Mail connector C. The X.400 connector D. The SMTP connector 22. Of all of the clients, which two are the ones that are most likely not
going to be used very much by standard Exchange rollouts? A. MAPI B. IMAP4 C. POP3 D. HTTP E. NNTP
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
xlviii
Assessment Test
23. What is the clustering paradigm that Exchange 2000 Server utilizes? A. Shared-nothing B. Shared-everything C. Shared-storage D. Shared-database 24. The Conference Management System (CMS) handles Data Conferencing
between Exchange 2000 users. What two things does CMS utilize to accomplish this? A. Mailbox-enabled accounts B. Conference calendar mailboxes C. Exchange free/busy times D. Mail-enabled accounts 25. You have a VINES messaging system that uses an SMTP trick to send
e-mail to the new Exchange 2000 system until such time as you’ve migrated users off of the old system. When you migrate a user, you set up an SMTP alias in the profile for that user that points to the new SMTP address. When an e-mail user who is unaware of the change composes and sends an e-mail to someone who has been migrated, it first flows into the old system and is then routed to the new system via the Internet and SMTP e-mail. You are suddenly getting barraged with calls that users on the old system aren’t receiving any e-mail from the Internet. What could be the problem? A. Internet e-mail service on new server B. Internet e-mail service on old server C. Connection with ISP D. SMTP queues on old server full E. SMTP queues on new server full
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Assessment Test
xlix
26. What is a virtual protocol server? A. An additional instance of a given protocol B. A new mailbox store C. A second IIS instance D. A server designed to support E2K protocols 27. When you use ADCLEAN.EXE /S, what are you accomplishing? A. Merging all duplicate Exchange 5.5 mailboxes into one Exchange
2000 mailbox-enabled user account B. Merging all duplicate AD accounts for a mailbox into a CSV file C. Merging all duplicate AD accounts into one account D. Merging all connection agreements into one CA 28. Which of the following protocols can be used to access a POP3 virtual
server? Select all that apply. A. NNTP B. IMAP4 C. MAPI D. HTTP
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Assessment Test 1. B. Use front-end/back-end server E2K technology to put a front-end
server out on the DMZ expressly for the purpose of allowing Internet e-mail to be handled more speedily. See Chapter 6 for more information. 2. A, C. Exchange 2000 detects that its installing itself on a cluster,
notifies the installer that it knows this and then installs exres.dll and excluadmn.dll for the purpose of interoperating with Windows 2000 Cluster Server Service. Exres.dll is the workhorse DLL and excluadm.dll provides the User Interface (UI) for setting up and managing the Exchange Virtual Servers (EVS). For more information, see Chapter 12. 3. B. It is recommended that Exchange servers that are not 5.5 SP3 be
upgraded before they can coexist with Exchange 2000. Exchange 5.5 SP3 is needed because it provides for Active Directory integration. There must be at least one Exchange 5.5 SP3 server in the organization, but it’s to your benefit to upgrade them all. For more information, see Chapter 1. 4. E. This is a really tough subjective question! Because VPN traffic hap-
pens over your ISP’s cloud, you might likely suspect the ISP, especially if you’ve had trouble there before. But in any troubleshooting situation, you should start low and work high, looking at the small stuff first, just so you can rule out the obvious. Maybe somebody booted one of the servers. It’s a good idea to verify that the services are operational first. Then ping the hosts, making sure that they’re up and that name resolution is working. Then, if that fails, you can begin to suspect other things. For more information, see Chapter 13. 5. C. Exchange 2000 Server uses Windows 2000 Server as its base.
Thus, it utilizes native Windows 2000 Kerberos security. For more information, see Chapter 2.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Assessment Test
li
6. C. The Epoxy service links the Information Store (IS) with the Inter-
net Information Service (IIS) 5.0. This is because the IS in legacy Exchange systems used to house the protocols Exchange needed to operate. In Exchange 2000 Server, the protocols needed are used by IIS. See Chapter 3 for more information. 7. C. You use administrative groups to segment by administrators the
permissions that are applied to Exchange 2000 objects. For more information, see Chapter 10. 8. B. If a mailbox is accidentally deleted, you can reconnect a deleted
mailbox to a new user account. See Chapter 9 for more information. 9. B. The most common example of authentication delegation is that of
an Outlook Web Access (OWA) Kerberos 5–compatible client coming in from the Web. The client first obtains authentication with the KDC, which then formulates a forwardable flag on this client’s service ticket in order to use the Internet Information Service (IIS) server. IIS needs to access the Exchange store but can do so because of the ticket presented by the client. See Chapter 4 for more information. 10. A, B, C, D, E, F, G, J. Exchange 2000 Server utilizes Windows 2000
Internet Information Server (IIS) 5 for its protocols. Thus, the standard Web protocols that IIS supports can be utilized in Exchange 2000. It’s necessary to assure that any firewalls in the enterprise are capable of passing these protocols in order for smooth operation of Exchange 2000 Server to take place. For more information, see Chapter 2. 11. C, F, G, H, K. Exchange 2000 Server provides connectors for Lotus
Notes/Domino, GroupWise, cc:Mail, and Microsoft Mail for PC Networks servers. There are other methods available for connecting to those foreign messaging systems that don’t have specific connectors for them. The X.400 connector ships with the Enterprise version of E2K. For more information, see Chapter 5. 12. A, B, E, F. Exchange 2000 Server cannot talk to Unix mail, though
Unix users can point their browsers to the Exchange Web store. You cannot manage an Exchange 2000 Server through a browser, you must use the MMC. For more information, see Chapter 1.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
lii
Assessment Test
13. C. POP3 clients are only able to download and review their e-mail.
A shareware client would have to have SMTP built into it in order for clients to be able to reply to or compose new e-mail documents and send them out. See Chapter 11 for more information. 14. C. The RGM is responsible for notifying other E2K (or Exchange 5.5)
servers in the routing group that a link to a different routing group is down. The bridgehead server is responsible for communicating with a bridgehead server on the other routing group and may be the first one to notice the DOWN status, but ultimately it falls on the RGM to notify others of the event. For more information, see Chapter 7. 15. E. IIS handles the Web-based traffic for the e-mail system. Check to
see if the Web service has somehow stopped for some reason. It’s also possible that someone stopped the HTTP virtual server. Internet mail service works with SMTP, not HTTP, so an HTTP virtual server would not affect OWA. For more information, see Chapter 14. 16. A. The text doesn’t imply that you need to receive a GAL from the
partner corporation. You’ll install the Active Directory Connector (ADC) and set up a one-way Connection Agreement (CA) between you and the partner corporation. You’ll need a trust relationship established between the domains to accomplish this. For more information, see Chapter 5. 17. A, D. Most clients will access the new e-mail system either through a
MAPI client, such as Outlook 2000, or through a Web browser, such as IE 5. For more information, see Chapter 8. 18. A. When there are no users, groups, or computers keyed into the
security area of an Exchange 2000 object, the implicit permissions are Everyone - full permission. If a list of users, groups, or computers is keyed into the security area, this is called an Access Control List (ACL). Permissions are granted to the members of the ACL relative to the permissions each member has been given. If an ACL exists but permissions are set to None for all members of the ACL, the effective permissions are Everyone - no access. See Chapter 4 for more information.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Assessment Test
liii
19. A, B, C, E, F. Huey should first reinstall Windows 2000 on the
rebuilt server. He should install it as a member server using the same machine name as before. After ensuring that DNS entries are correct, he can then join the domain, install Exchange 2000 Server using the Disaster Recovery option, and finally, restore the storage groups from tape. See Chapter 9 for more information. 20. A. The Exchange 2000 Server Routing Engine is responsible for cal-
culating routes to other Exchange servers in other routing groups. For more information, see Chapter 7. 21. B. There is a cc:Mail connector supplied with Exchange 2000 for
connecting cc:Mail systems with E2K. For other systems that may not have an Exchange 2000–supplied connector, you might be able to use the X.400 connector to gain connectivity. For more information, see Chapter 10. 22. B, C. While POP3 and IMAP4 are extremely popular on the Web as
free e-mail services, it is not likely that you’ll utilize these clients in ordinary workaday environments. If you were an ISP hosting such e-mail services, you’d be more likely to utilize IMAP4 or POP3, but, even then, the majority of your internal clients will likely be MAPI- or HTTP-based. For more information, see Chapter 8. 23. A. The shared-nothing paradigm means that the host computer (or
node, as it’s called in clustering) is the only computer that talks to the database. But in a cluster environment, the database cannot be on the computer because if it fails then there is nothing to fail over to. So we utilize a shared-storage environment where we keep the databases on a separate storage device. This way, if the node fails over the receiving node can map itself to the database and continue operations. Shared-everything is a more complex clustering paradigm requiring that all nodes in a cluster be able to simultaneously access a database object. Shared-database is a made-up term. For more information, see Chapter 12. 24. A, B. CMS uses mailbox-enabled accounts as its data conferencing
users, and utilizes conference calendaring mailboxes for the information needed for online meetings. See Chapter 3 for more information.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
liv
Assessment Test
25. B. You’re not told in this question that users on the new server are
having any difficulties. This implies that the ISP connection is okay, but that the service (or daemon) on the old server is down. Look there first, then work your way up. The new server seems to be fine. For more information, see Chapter 13. 26. A. You can create additional instances of HTTP, IMAP4, NNTP,
POP3, and SMTP on a physical E2K server. The design requirement for this might be to simply separate different groups or to allow for scalability. See Chapter 6 for more information. 27. B. ADCLEAN.EXE /S allows you to stipulate a filename that you’ll use
to populate a comma-delimited CSV file with the names of duplicate accounts found in AD. You can later merge these accounts into one using other ADCLEAN.EXE command line switches. For more information, see Chapter 14. 28. A, D. MAPI clients (in particular Microsoft Outlook) generally have
IMAP4 and POP3 capabilities into them so they can access POP3 stores. IMAP4 clients are generally capable of accessing POP3 stores. You can’t access a POP3 store with either the NNTP or the HTTP protocols. For more information, see Chapter 11.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Chapter
1
Knowing and Understanding the Business Requirements MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Analyze factors that influence organizational policy requirements. Factors include planned mergers and acquisitions, and existing and planned human resources. Analyze the existing and planned business models. Considerations include user distribution, and user mail needs and habits. Analyze the existing and planned business security model. Analyze the existing and planned administrative model.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
W
hen you begin considering the design and deployment of a messaging infrastructure, such as one you might encounter with Exchange 2000 Server (E2K), you might immediately run into a host of non-technical issues that you have to confront and deal with before any sort of actual hands-on deployment work can happen. Now that Microsoft Network Operating Systems (NOS) and associated enterprise application software such as Exchange Server, Internet Information Server (IIS) and so forth have gotten a firm foothold in enterprises throughout the world, administrators face a new problem: integrating new releases with the old. Or, alternatively, introducing Microsoft Exchange Server software to replace or augment older legacy messaging systems. In all cases, the initial discovery process has very little to do with technical issues, but rather turns into a discussion about “whys”: why the messaging infrastructure needs to be upgraded; why the old messaging system needs replaced; why it’s important to disrupt fully functional business processes to introduce new software (and new techniques for using the software) to users who might have had a tough time adjusting to the old software. Microsoft (not to mention administrators who’ve been through this kind of thing) is well aware of the ramifications of introducing new or updated software; hence the non-technical exam objectives you see at the beginning of this chapter. Now here’s the interesting thing about this non-technical rather businesslike chapter. Do you need to know this information for the test? Yes, you absolutely do! Microsoft has come up with a way to test you on your business acumen as well as your technical knowledge. Why would this be so important to Microsoft—so vital that you need to be tested on it? Simple, if you go into a deployment scenario and don’t take into consideration important business aspects such as the layout of the corporation and its model structure, you’re more likely to botch up the Exchange 2000 Server deployment. Then you’ll have egg on your face, and so will Microsoft. But if you
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Factors that Influence Organizational Policy
3
take that extra time and make the effort to discover the enterprise, you’ll uncover problem areas that you’ll need to deal with before you deploy and you’ll be able to design a much smoother deployment plan. Project planning in this enterprise age turns out to be everything, the biggest tool in the designer’s tool pouch. In this chapter, we’ll talk about analyzing current and projected business conditions. It’s a very important first step to take because it provides a blueprint for you as you figure out how the Exchange 2000 Server deployment fits into the enterprise puzzle. We’ll first examine a nebulous thing called organizational policy. This particular subject has several factors that we must consider. Then we’ll examine business models. Next we’ll discuss the existing and planned security models. We’ll round out the chapter talking about the existing and planned administrative models.
Analyzing Factors that Influence Organizational Policy
W
hen you begin to think about factors that influence your company’s organization policy, what sorts of things come to mind? Certainly the size of the messaging infrastructure you’re thinking about will be key to the amount of planning that’s required to get the E2K deployment done. If you’re working for a smaller company with only a few hundred users and one or two existing messaging servers, the decisions you have to make won’t be nearly as oblique. The human resources that you have at your disposal also come very heavily into play as you make your design. The company’s overall health and stability-—will there be mergers or acquisitions?-—also enter into the picture. Moreover, management’s attitude about future software upgrades might either detain you for years or require you to upgrade immediately. (Or, for most folks, fall somewhere in between.)
Microsoft Exam Objective
Analyze factors that influence organizational policy requirements. Factors include planned mergers and acquisitions, and existing and planned human resources.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
4
Chapter 1
Knowing and Understanding the Business Requirements
The Size and Disparity of the Messaging Infrastructure Let’s pretend for a while that you’re a consultant at the company you’re working for. You’ve been retained to design and deploy an Exchange 2000 infrastructure. This is your first day on the job, and you’re intent on getting this deployment done quickly and well. Question: What’s the first thing you’re going to try to determine? If you answered something like this: “The type of messaging software that’s currently in use and the number of users utilizing the system,” you’d be right on track! But suppose that this company you’re working for is huge. What then? Assuming that you were hired to do the entire organization’s messaging infrastructure, you’d have a much larger task on your hands, but you’d still need to assess that same bottom-line question. What type of system(s) is/are currently in place, and how many users are utilizing the system(s)? These are very basic questions that require honest objective answers. But you might ask a second question: “How fast will this system grow in the future, if at all?” And again you’d be asking a very fundamental question that requires a highly accurate answer. Both of these questions have at their center the idea of organizational policy. We’ll deal more topically with these questions in a later section of this chapter, but for now I want focus on why the organizational flavor of the company has a lot to do with how messaging infrastructures are sized and how they grow. Do you work for a high-tech corporation or one that uses high-tech equipment to accomplish its mission? If you do, then it’s almost a certain bet that e-mail has something to do with the day-to-day activities of the organization. It could probably be said that e-mail is a mission-critical component of the organization, though you might run into managers who will tell you it’s not. They’re wrong. A company that uses its e-mail system for everything from sending jokes around the office, to sending out the monthly training newsletter, to setting up custom forms for submitting trouble-resolution tickets, to introducing virtual on-line collaboration is used the software as it was meant to be used. Furthermore, if the system ever goes down, the company is toast for however long it takes to get it fixed. Right? Would it be too far out of line to say that even though management might not see the system as mission-critical, it actually is quite so?
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Factors that Influence Organizational Policy
5
What about the company that uses e-mail for simply sending an occasional e-mail out onto the Internet? Is this system mission-critical? Maybe not quite so much. Maybe the company could get along without the system for a protracted period of time. But then a new question arises: Why isn’t this company doing more to leverage its messaging resources? An even more interesting question revolving around organizational policy is one where you’ve determined that the company has two or more disparate systems and the people involved in maintaining each of the systems won’t let go! You have a turf war on your hands. One manager says: “Darn it! We’ve used GroupWise since its inception, and we’re going to continue to use it. You won’t ram Exchange server down our throats!” Or something to that effect. If you’ve been in Information Technology (IT) very long at all, I’m sure you’ve heard this mantra from at least one management team about at least one system of some kind. This is very common stuff. Facing this scenario, you’ve got a large messaging enterprise that’s being handled by separate messaging systems. You’ve got organizational policies that aren’t being managed at the top, but rather by the various “tribal chiefs” at the mid-layers of the company, and you’ve somehow got to get Exchange 2000 Server deployed throughout. Do you still go forward and figure out the size of the messaging infrastructures? Yes. Do you still try to assess how many users are involved? Yes. Do you care about how many servers are involved in the overall process? Certainly, but you also care about which servers will be required for the new system; the old servers may not be able to handle the job of the new system. Additionally, you care about the type of messaging client that’s being used by the users. Whether they’re accessing e-mail through their favorite browser or through some sort of proprietary client, it’s important to evaluate how users are getting to the systems. Finally, it’s very wise to assess the organizational climate about the messaging infrastructures: How is e-mail being used? Is the company utilizing the system to its fullest capability? Are there myriads of functions that might benefit the company if they were only aware of them? How might you integrate these new functionalities into organizational policy in such a way that they are incorporated into the corporate culture and become commonly used?
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
6
Chapter 1
Knowing and Understanding the Business Requirements
Design Scenario: Solving the Tribal Chief Problem To solve the tribal chief problem, there is one (hyphenated) word for you: buy-in. The secret to solving the tribal chief problem is to be retained by the leader that manages both of the warring parties, then get her to say: “We’re doing it this way.” That’s easier said than done. I’ve been that position before and oftentimes you wind up with a very strong personality in one of the tribal chiefs. This person lords it over both his manager and the other tribal chief. Sad but true. The manager looks at you with a hangdog look and says something like, “Isn’t there a way we can make both systems work?” So you sigh and begin the process of setting up and maintaining an integrated system. This is probably one reason why Microsoft wants you to study the interconnecting of systems. Because you may never get an organization to fully part with its GroupWise server, nor may you want to. And you’ll probably never get the tribal chiefs to agree completely.
Existing and Planned Human Resources This deployment of yours is going to take bodies. Mountain Dew guzzling admins who are at your disposal to help you get your deployment knocked out. Got a one-server Exchange 5.5. site? You can probably get things done with one assistant. Got a disparate GroupWise, cc:Mail, Notes, Microsoft Mail for PC Networks, Exchange Server deployment? Then you need droves of Subject Matter Experts (SMEs) capable of assisting you with the integration of the legacy systems and the cutover of the new. Chances are you probably fall somewhere in between these two extremes, but you get the idea. You need people to help you accomplish the cutover and, for disparate systems, you need SMEs. If you don’t know Lotus Notes, now isn’t the time to buy the Neophyte’s Guide and see what you can figure out. Moreover, the admins that you work with can help you assess the corporate climate relative to this deployment. For example, you might think that you can go in and get a group of 15 Macintosh users up and running on the new Exchange 2000 system in no time flat. But then you find that the users aren’t at all happy about moving to the new system. They’re just comfortable as they can be with System X. So an admin or a PC Tech has to come into play, one
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Factors that Influence Organizational Policy
7
that is comfortable working with these folks, and help them through the various nuances of learning and growing comfortable with the new system. Great, you’ve knocked out 15 users. Only 6500 to go! Assessing how many resources you’re going to need to get the new system deployed and operational means that you seriously scratch your head and make hardcore estimations about what’s needed. Then add 20 percent. There’s also the SME aspect of the human resource situation. Take a look at Figure 1.1. Here, we show a network of three geographically separate locations all using Exchange 5.5: Site A, Site B, and Site C. You’ve got three sites under one organization set up in this Exchange environment. Site A has the Internet Mail Service (IMS) connector set up to talk to the Internet so that people can send and receive Simple Network Transport Protocol (SMTP) e-mail from users on the Internet. You’ve installed Windows 2000 on the majority of your Domain Controllers (DCs) and you’ve enabled Active Directory (AD), though you have not yet moved to native mode. You have an admin at each of the three sites. Currently the Exchange permissions are set up such that the admin at Site A has Organization and Site permissions, but the admins at Site B and Site C only have Site-level permissions and read-only permissions to the Organizational level. FIGURE 1.1
A standard Exchange Server 5.5 site setup
Site A Internet
Site B
Copyright ©2001 SYBEX , Inc., Alameda, CA
Site C
www.sybex.com
8
Chapter 1
Knowing and Understanding the Business Requirements
Question: Will you need additional SMEs in place at any of the sites? Answer: It depends not only on the level of skill that each remote admin has relative to Exchange Server but also the level of skill that each individual has relative to Windows 2000 and Active Directory. Why? Because now we’re not only going to introduce a new messaging system which may present learning obstacles that each admin needs to overcome, but we’re also doing our messaging over AD as opposed to separate databases that use periodic replication. The differences are not all that vast, but in terms of human resource understanding and capability, they can be miles apart from one another. As a designer, the training and updating of your admins’ skill levels is something you must plan and budget for.
Upgrades from older versions of Exchange Server to Exchange 2000 Server require that at least one Exchange server be upgraded to Exchange 5.5 SP3. But it’s to your benefit to upgrade all vintage Exchange servers to 5.5 SP3 prior to moving forward with your E2K rollout—simply to avoid any complexity issues that may arise from having multiple vintages of the same messaging infrastructure.
Planned Mergers and Acquisitions This objective showed up in the “Designing a Windows 2000 Infrastructure” (Test 70-221) objectives and it shows up here as well. Why, you ask, is it so important to understand whether a company has any planned mergers or acquisitions? When a company merges with another, what happens to the current computing environment that users utilize? Chances are that things stay the way they are for only a brief time. Behind the scenes there is momentum to merge the two computing environments into one, and that’s where the turf wars start. Company A uses Exchange, Company B uses cc:Mail. How complicated will it be to convert all Exchange users to cc:Mail, or vice-versa? Probably pretty darned complicated. Furthermore, in which direction should the companies convert? Or should they convert at all? And if they choose to convert, how will the two systems interconnect with one another untill the conversion is complete? Figure 1.2 shows this scenario.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Factors that Influence Organizational Policy
FIGURE 1.2
9
A company merger Before: At merger time, but not before conversion time
Company A
Exchange Server
Company B
Exchange CC:Mail connector
CC:Mail
After: Company has merged and converted to Exchange
New Company
Exchange Server
In the conversion interim, when things are politically up in the air and you’re making conversion decisions, how do you handle the interconnectivity between the two messaging environments? Probably the best approach will be to use an Exchange connector. Now let’s complicate this scenario. Suppose that at merger time you were in the throes of designing an Exchange 2000 Server messaging infrastructure. You had gone through the issues of designing a Windows 2000 deployment. You had plans to convert the DCs to Windows 2000 Server along with the implementation of AD. Then you would upgrade the existing messaging environment to Exchange 2000 Server. But now this merger has introduced non-Windows 2000 servers and a cc:Mail system! You are sent seriously back to the drawing board. And your project deployment is delayed several months, or at least partially so. This kind of scenario is the reason why Microsoft includes a test objective that covers the issues associated with mergers. Acquisitions present an even more interesting twist because an acquisition typically means that one company is going to be told to do things the other
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
10
Chapter 1
Knowing and Understanding the Business Requirements
company’s way, regardless of whether the acquisition was desired or not. Company A acquires Company B. Company A already has a bookkeeping techniques, stationery, computing environments, management layouts—all that stuff’s in place. They’ve been doing things a certain way. Company B is going to have to fall into line and begin doing things the way that Company A has done them all along. Rarely is an acquired company allowed to continue to pursue its own methodologies, unless the company was acquired precisely for its capability of doing something so uniquely and so well that it doesn’t matter how the acquired company goes about doing it. Even then, certain practices are going to be required of the newly-acquired company. So let’s revisit the scenario we presented above in Figure 1.2. You’ve been hired as a design consultant by Company A. Your charge is to design a Windows 2000 and Exchange 2000 deployment over the existing Exchange 5.5 site. But Company B acquires Company A. Company B is doing cc:Mail. Will Company A be able to continue to use Exchange and go forward with its upgrade intentions? Answer: Company A will probably be allowed to temporarily use Exchange until it has converted to cc:Mail. Company A will probably not be allowed to upgrade to Exchange 2000 (though a Windows 2000 upgrade might still be up in the air). Practically speaking, it is to Company B’s advantage to get all users on one messaging platform, and since they’ve probably got a heavy investment in cc:Mail and its associated features, the Exchange 2000 Server upgrade isn’t likely to go forward. A second, less likely scenario: Company B might be persuaded by you that it is to their advantage to migrate their cc:Mail system to Exchange 2000 Server and you wind up getting your contract extended in order to bring both sites up on the same messaging platform!
Management Attitudes As a technoid, you’re undoubtedly interested in seeing high-quality hardware and software combinations deployed so that users have a robust computing environment in which to work. Your intentions aren’t altogether altruistic though. You want to play with intense gear and cool software. And I don’t blame you, because that’s what I like to play with too. But managers take a solidly different view. They’re looking at things from a strictly pragmatic “what’s good for the business” standpoint. Here’s what they’ll ask you: Is the current Exchange environment running smoothly and meeting end-user needs? OK, maybe it’s running a little bit slowly since
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Factors that Influence Organizational Policy
11
PRIV.EDB is now up to 15GB, but hey, it’s still running and it’s not that slow! Tell me why we need to upgrade to Exchange 2000 Server, which will probably mandate the changing out of some slower servers to updated hardware, thus incurring more costs? What benefit will I/we gain from such a move? Moreover, what evidence can you provide me so that when I go to my boss and pitch for this upgrade, she’ll see the business practicality in it? Managers are thinking about how to accomplish business requirements. If you’re like the standard admin/designer/architect, you’re probably thinking about ways to make the servers run better and produce more throughput for users, but you’re probably not all that interested in the practical outcome of all that computing. If I can say it without offending anyone, you might be a little bit myopic about the overall reason your company is in business. Your tunnel vision is trained on the servers and the computing environment, not on the reason your company makes the best widgets in North America. But the managers are very cognizant of (or should be if they’re not) the company’s business. So it’s to your benefit to figure out ahead of time why Exchange 2000 Server needs to go into production where you are. Can you name real, practical reasons for installing it? Can you tell managers how users are going to benefit from the change? More importantly, can you produce a project management document with timelines and backout procedures that explains exactly how you intend to implement this upgrade? Following are some new or enhanced features that Exchange 2000 Server brings to the table: Enhanced usage of Internet protocols and standards Exchange 2000 Server supports the usage of URLs and browsers so that users can access their mailboxes and public folders. SMTP is included as the standard messaging protocol. Windows 2000 DNS is utilized for naming and name-resolution. Multipurpose Internet Mail Extensions (MIME) content can be directly stored in and retrieved from the Exchange database, as can Secure MIME (S/MIME). Vastly improved scalability and fault tolerance features It is possible to separate the E2K functions such as protocols, databases, and so forth onto separate servers and to come up with a “front-end/back-end” design. You can also use multiple databases. Clustering is supported, as it was in Exchange 5.5, and has been improved. Centralized management The Microsoft Management Console (MMC) can be utilized to centrally manage all Exchange servers. (I know, I know. The old Exchange Server Administration console could centrally manage
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
12
Chapter 1
Knowing and Understanding the Business Requirements
things too. But you can’t snap an Exchange 2000 server into your Exchange 5.5 admin console. You can, however, snap an Exchange 5.5 server into your Exchange 2000 MMC.) Virtual collaboration enhancements This is probably the biggest enhancement that Exchange 2000 Server brings to the table, apart from integrating into AD. By using Exchange Enterprise or Conferencing you can create server-based conferencing that can include audio, video and virtual collaboration. Other collaborative features include Instant Messaging—a kind of one-on-one version of chat—and chat itself. Updated Information Store (IS) capabilities The IS has been enhanced to act as a foundation for a new store called the Web Store. The Web Store acts as a place where messaging, files, and collaboration are all kept in a multimedia repository. Information that can be kept in this Web Store include things like e-mail, voice-mail, faxes, Web pages, documents, you name it. The central idea behind the Web Store is one of people working with other people—collaborating and communicating.
Design Scenario: Which E2K software do I pick? You are the Windows architect for a mid-sized company that has several geographically separated networks (all connected by high-speed WAN circuits). There are about 5000 users collectively. You have five separate Exchange Server 5.5 sites, each of which has its own server, database, and admin on site who has permissions to manage the Exchange server. All sites belong to one organization. You have designed an upgrade to Windows 2000 that is now almost complete. Now you are in the middle of designing the Exchange 2000 Server upgrade. You have several issues that you must grapple with. First, management has approached you with a desire to get away from the on-site administrative capabilities of the remote admins and migrate to a more centralized administration environment. Secondly, they want to know how much this upgrade is going to cost them. You must determine what the licensing and pricing policies are for E2K.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Factors that Influence Organizational Policy
13
The first problem is answered quite nicely with Exchange 2000 Server. Because the mailboxes are now a new set of objects with attributes that have been added to the Active Directory database, centralized administration is handled much more easily. You can choose to have separate databases at each site, or optionally, come up with a centralized database that lives at headquarters. You can also opt to offload various processes to other servers for more efficient processing. Remote admins can still be given the rights to create users (and hence their mailboxes), but they won’t have the same power they had to work with the database as they had before. The second issue, pricing, depends on what you want to do with collaboration. You ask management how they feel about E2K’s new collaboration features and the reaction is very positive. It is a genuine pain to try to put together meetings where somebody from a remote site must participate with others at the local site, especially when design and technique issues must be discussed. A picture is worth a thousand words, and management feels that virtual collaboration can be a big time-saver. You review the E2K pricing information at www.Microsoft com/exchange and find the following information:
Exchange 2000 Server comes in three flavors.
Exchange 2000 Server—for mid-sized organizations and branch offices
Exchange 2000 Enterprise Server—adds support for clustering and multiple databases
Exchange 2000 Conferencing Server—includes the capability of voice, video and data-conferencing
Each server package must be individually purchased. In addition to the server products, you must also purchase a Client Access License (CAL) for each user who’s going to be accessing a mailbox on the system. The only exception to this is a user who will be accessing public folders and will never be using a mailbox. This user does not need a CAL.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
14
Chapter 1
Knowing and Understanding the Business Requirements
Furthermore, you find that you can purchase server software at an upgrade price, provided you’re already running Exchange Server in your current environment. You can also purchase CALs at an upgrade price, rather than buying a whole new CAL for each user.
You decide to purchase four copies of Exchange 2000 Server, one for each server in the remote sites, and one copy each of Enterprise and Conferencing Server for the headquarters Exchange server. You purchase upgrade CALs for each user on the system. To meet the centralized design goal, your intent is to host separate databases on each remote server but centrally manage all databases from the headquarters site.
Analyzing Existing and Planned Business Models
L
ook at your business today. How is it organized? Are there logical segmentations in the work areas? For example, does Marketing have its own wing? Does the Marketing department have a workgroup server or a dedicated piece of a file and print server for the purposes of keeping data that strictly pertains to the interests of Marketing? Can you distinctly define other entities throughout your company? Or are things more nebulous than that?
Microsoft Exam Objective
Analyze the existing and planned business models. Considerations include user distribution, and user mail needs and habits.
The point of this objective is two-fold: First to look around you and understand how your company is organized. Secondly, to be able to answer the question: What happens if this organization changes markedly? When we speak of business models, we’re speaking about the way in which the business is organized so as to facilitate a smooth operation.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing and Planned Business Models
15
Perhaps the business isn’t so smoothly organized today, and there are plans to change it. The computing environment that’s in place would then have to change right along with the logical business change, wouldn’t it? Let’s look at Figure 1.3 to get a better picture of what I’m trying to convey here. In the Before section, you see a company who has an MIS department that’s broken out into logical subsections. FIGURE 1.3
A typical MIS department breakout, before and after reorganization Before: A very normal, very logical business segmentation of a typical MIS department. Acme Widgets, Inc.
Information Systems
Admins
Dev
Test
Web
DBA
PC Tech
Help Desk
After: A department that has been reorganized into more esoteric entities Acme Widgets, Inc.
Information Systems
Unix
NT 2000
Dev Test
Web
DBA
PC Tools
Apps
Management takes a look at the way that the MIS department is run today, decides that some changes might be in order, and comes up with a reorganization that looks like the After picture in Figure 1.3. The functionality has changed somewhat, as has the model, but the overall business outcome has not. Certainly, user needs and collaboration habits might be modified a bit
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
16
Chapter 1
Knowing and Understanding the Business Requirements
according to this new layout. That’s the intent behind understanding the company’s current and anticipated new business models. You want to know how things are laid out today, then set up your E2K systems in such a way that changes can be readily and quickly absorbed. To do this we need to understand two key items: user distribution and user mail needs and habits.
User Distribution In some legacy e-mail systems, the user database, or directory, is stored locally on a server. In an Exchange Server 5.5 example, you might have a site in Dallas that has an Exchange server with all of the Dallas mailboxes on it, a server in Houston with all of the Houston mailboxes, and so on. Each site, depending on whether it’s large enough to merit its own server or not, has a dedicated server, of which the directory is a part. Other smaller sites might have mailboxes set up on a server that’s at a little larger place. Figure 1.4 shows this kind of arrangement. FIGURE 1.4
A typical Exchange Server 5.5 installation Dallas 120 users
Exchange Server
Houston 675 users
Austin 1500 users (including El Paso) El Paso
Exchange Server
Exchange Server
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing and Planned Business Models
17
In Figure 1.4, you can see that the El Paso site does not have an Exchange server of its own but does have some kind of WAN connection. Users at the El Paso site have mailboxes set up on the Austin server and participate in the e-mail services. Additionally, each server can talk to the others, sending out periodic updates to its database so that all servers are “on the same page” as far as who’s in the directory and what’s in the public folders. I make it simpler than it is, but a good Exchange 5.5 design isn’t difficult to get going. In thinking about the users on these various systems, you get a feel for the user distribution involved in the Exchange deployment. It’s a little bit difficult moving a mailbox from one site to another. You have to use the Exchange resource kit mbmigrate.exe or Exmerge and do some fiddling around. But you can get it done. If a user moved from the Austin to the Houston office, for example, you’d have to use mbmigrate to move that user’s mailbox. How will this change with Exchange 2000 Server? Well, recall that the mailboxes in Exchange 2000 are a part of the Active Directory. A mailbox is an Active Directory object and has various attributes associated with it. Thus, a native Exchange 2000 deployment that talks to Active Directory has no directory of its own. User distribution wouldn’t be nearly as big a concern. But in the design world, we know that we’re going to have to migrate servers from Exchange (or another messaging system) to E2K. To help facilitate this, the Active Directory Connector (ADC) that comes with both Windows 2000 Server and Exchange 2000 provides you with the ability to connect legacy Exchange 5.5 systems to Active Directory, providing you a stopgap until you get the Exchange 5.5 servers converted and working in AD. However, it is important that you use the Exchange ADC, not the Windows 2000 ADC because the Exchange ADC is a superset of the Windows 2000 ADC and allows Exchange 5.5 and Exchange 2000 servers to coexist.
On top of that, prior to doing anything about Exchange 2000, we’re going to have to migrate NT 4.0 environments to Windows 2000 and AD. E2K cannot run in non-AD environments.
So, looking at Figure 1.4 again, we can see that after updating the network to Windows 2000 Server and AD, we’ll have to provide an ADC to each Exchange site server until such time as the servers are updated and talking to AD. Hence the need for a user distribution summary in your design plans.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
18
Chapter 1
Knowing and Understanding the Business Requirements
User Mail Needs and Habits How do users utilize the current messaging system? This bottom-line question has to be answered while in design mode. The question centers not only around the determination about what kind of mail is sent, to whom and when, but also what sorts of applications are bundled in with the messaging system. For example, Lotus Domino is a very powerful client/server messaging system that has lots of customizable collaboration applications that people can use. But suppose that your company has decided to migrate to E2K for more seamless integration with AD, and now you have to figure out how to mimic the applications that were being utilized in the Domino realm. Or, for another example, suppose that you’ve got an Exchange 5.5 system and that a VBScript developer has developed some customized forms that are heavily in use. How will these forms work in the new system? We’re actually asking a larger design question here—when dealing with idiosyncratic systems, which of the following three approaches will we take:
You want to add some new features to the messaging system so that users have more things for which they can use the system.
You won’t want to modify anything—users are utilizing the system to its fullest extent.
You might want to actually downsize the way that the current system is being utilized, stripping away unused forms or components.
This kind of design activity, of course, adds significant delay to the buildout of a new system. Exchange 2000’s collaboration tools, including the Web Storage System, a database that manages messaging collaboration, rich document storage, and Web-enabled applications, will certainly play a spotlight role in the new infrastructure. But how? That’s the question—how will I take what users are doing today and migrate that into a new E2K thing? A second question has to do with the habits that users have when using your current messaging system. For example, you might have everybody up and running using the Outlook client. It’s taken a long time and lots of training to get all users comfortable with this interface. But now you make a decision that users will use IE to access their e-mail instead. What ramifications does this kind of move have on users? What about your forms? If you decide to move to the Web Storage System method, do your forms have to change? You can make your forms more Weboriented using E2K’s Web Forms or the new Web Application Platform, a development environment that allows you to use FrontPage 2000, Visual Basic (VB),
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing and Planned Business Models
19
VB for applications, the Microsoft Visual Development Studio or third party development tools to create Outlook or browser-enabled forms. Will you scrap the forms altogether and let people simply collaborate over E2K using the built-in tools of Office 2000 and the E2K support for Web Distributed Authoring and Versioning (WebDAV)? E-mail systems tend to take on a life of their own with regards to the outside world, as well. For example, you might be getting a lot of e-mail in the door from spammers, people who send you junk e-mail. Exchange 5.5 SP3 provided a pretty cool way of simply eliminating spamming. Virus scanning methodologies were another important part of legacy messaging systems. Microsoft has provided a Virus API (VAPI) for developers who want to write virus-scanning software that hooks directly into E2K, but it may take some time for development companies to provide high-quality robust enterprise virus scanning solutions. Consider whether users send a lot of e-mail out onto the Internet. E2K is not only Web-centric and natively supports Office 2000, but when coupled with WebDAV, it allows users to actually open Office 2000 files, copy them, or save them across the Web, giving them intercollaboration capabilities that were undreamed of not very long ago. Additionally, the new E2K Event Model will allow you to set it up so that e-mail going out to over a certain value to be forced to go through an approval process first. All outgoing e-mail can now be branded with a disclaimer notice. Disclaimers may help reduce the culpability that a corporation might be held accountable if an irresponsible user sends an e-mail out that creates trouble or mischief somewhere.
Design Scenario: Many Specialized Custom Forms Julie is a network architect with a group of hospitals. The hospitals utilize Exchange Server 5.5 and are heavily using customized forms that were created a year or two earlier. The forms are indispensable to the various departments in the hospitals. On top of that, a lot of the forms are specifically written for one hospital and can’t be used in another. Julie’s been charged with designing the Exchange 2000 deployment and is worried about these forms because she’s afraid they’re not going to make over into the new system at upgrade time. And she’s right.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
20
Chapter 1
Knowing and Understanding the Business Requirements
Since the hospitals, like most everyone else, will have to take their time and perform a piecemeal upgrade instead of an all-at-once forklift operation, she knows that the forms can stay operational for a time. But by the same token, that time isn’t protracted at all. She must react. Happily, Julie discovers that Exchange 2000 supports standard Webdevelopment tools. As soon as she has Exchange 2000 server up and running, she assigns a developer to use FrontPage 2000 to re-design the forms and begins a testing procedure to make sure that they’ll work equally as well as the old custom forms. Since the rights to the forms can be maintained through AD, she has great granularity in the security she can apply to each of the forms.
Analyzing Existing and Planned Security Models
Microsoft Exam Objective
Analyze the existing and planned business security model.
A
nalysis of the security model will take up a major portion of your design time. If you’ve worked with Exchange Server 5.5, you’ve probably found that there are three scopes of permissions that you can assign: Organization scope Applies to admins who have rights throughout the entire organization. Site scope Applies to those who have specific permissions allocated to them on a site-by-site basis. Configuration scope Applies to admins who are allowed to modify the configuration of a site.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing and Planned Security Models
21
Added to this are ten different Rights: Add Child, Delete, Log On, Mailbox Owner, Modify Admin Attributes, Modify Permission, Modify User Attributes, Replication, Search As and Send As. These various security permissions are listed in Table 1.1 TABLE 1.1
Rights and Permissions Right
Permissions Granted with this Right
Add Child
Create objects below a container, such as distribution lists or mailboxes.
Delete
Delete objects.
Log on Rights
Access to the directory. All administrators, users and services need this right.
Mailbox Owner
Read and delete messages in a mailbox.
Modify Admin Attributes
Modify admin-level attributes on objects. Typically, most object attributes are adminlevel, but this can be changed in the schema.
Modify Permission
Change permissions for an object. This right is not necessarily needed by all administrators
Modify User Attributes
Modify user-level attributes. This would include distribution list membership or any mailbox attribute that is considered a user-level attribute.
Replication
Replicate directory information with other servers. This right is only required by the service account user.
Search
View and search the objects in a container.
Send As
Send a message with the object's address. If a user is given this right to another mailbox, the user can send messages as if they were using that mailbox.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
22
Chapter 1
Knowing and Understanding the Business Requirements
Finally, there are six definable striations of people with permissions— who have various capabilities based upon the rights listed above that were given to them—Admin, Permissions Admin, Service Account Admin, ViewOnly Admin, User and Send As. TABLE 1.2
Striations of People with Permissions
Role
Admin
Permissions Admin
Add Child
X
X
X
Modify User Attributes
X
X
X
Modify Admin Attributes
X
X
X
Delete
X
X
X
Log on Rights
X
X
X
X
X
Modify Permission
Service Account
View Only Admin
User
X
X
Replication
X
Mailbox Owner
X
X
Send As
X
X
Search
X (not enabled by default )
X (not enabled by default)
Copyright ©2001 SYBEX , Inc., Alameda, CA
Send As
X (not enabled by default)
www.sybex.com
X
Analyzing Existing and Planned Security Models
23
There are also the three levels of administrators to consider: TABLE 1.3
Three Kinds of Administrators Administrator
Description
Security Admin
Limited to a select few people. Permissions admin at the Org, Site and Config levels.
Systems Admin
Admin at the Org, Site and Config levels. Permissions admin for specific public folders in the hierarchy.
Recipients
Manage Distribution List [DL], Custom recipients. Administrator admin at the Org & Site levels, view-only on Config.
Looking at the Table 1.2, it’s clear that Service Account Admin has the most permissions. But it’s not usually necessary for normal Exchange admins to have the kinds of permissions the Service Account Admin has. So depending upon the site, you’ll probably find various iterations of permissions that have been given to people. I’d be willing to bet that sometimes the permissions were given out in haste. In your permissions probing that you do in your design work, you’ll probably find that there are people who don’t really need access to Exchange sites, but have been given it nonetheless, just to solve a problem. In other cases, it’s possible that some permissions were planned and given out based upon need. Some permissions were probably “horked,” meaning that somebody found a back door, got into the Exchange system, and gave himself the necessary rights. The question you have to determine as you work through your design is this: How will these Exchange 5.5 permissions map to Windows 2000 AD? Will admins who had the luxury of administering old Exchange 5.5 sites be allowed to administer E2K? Or not? If you’re going to be forced to do a partial upgrade, keeping the Exchange 2000 connector to Exchange 2000 going while you cut over to the new system, will old Exchange admins continue to keep their security rights? There’s a second interesting feature of Exchange 2000 security that we need to talk about. Recall that in Exchange 5.5, distribution lists (DLs) could be used for two purposes: a list of mailboxes that users could send an e-mail to, or to allocate permissions to a Public Folder (called an Access Control List [ACL]). How do these 5.5 DLs map to an E2K/AD environment? They
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
24
Chapter 1
Knowing and Understanding the Business Requirements
too can be used almost identically, but the terminology and the usage are somewhat different. A Universal Distribution Group (UDG) is a Windows 2000 group that can accept members from any domain in the forest. So, in the Exchange 2000 world, a DL turns into a UDG. In other words, when you want to create the equivalent of a DL, you create a UDG. There is a more specialized group called a Universal Security Group (USG). This group can be granted security permissions to any domain in the forest. It turns out that USGs will be helpful in your E2K design because they will be used to allocate Public folder ACLs to users. Finally, we must talk about Microsoft Certificate Server (CS), a server product that is separate from E2K but is automatically built into all Windows 2000 Server flavors. Exchange 2000 supports a Key Management Service (KMS) that works hand-in-glove with Exchange Server and Outlook 2000 clients to provide a public key encryption security paradigm. If a CS is not currently in place in your environment, and you want to enable KMS, you’ll need to either make plans to add at least one CS server, or to outsource your certificate services to a third-party, such as Verisign.
Interestingly, one of the security breaches that could be had in older implementations of Exchange was the idea that only a single administrator logon was required to be able to change keys and hence compromise the system. Today, Exchange 2000 Server provides a dual logon structure, similar to that of the missile silos where two keys are required to arm a missile. The theory behind this is that if one admin were to have a desire to compromise the system, she would have to elicit help from another in order to do it.
Design Scenario: Planning KMS and CA into the E2K Rollout Morris is designing a Windows 2000 Server and Exchange 2000 Server rollout in a mid-sized network that is currently running another vendor’s product. The company he works for heavily utilizes Internet e-mail in its customer services. Because of this, there has always been managerial tension regarding the security of the e-mail that is sent out and sent in. Can it be hacked? Can someone intercept an e-mail that contains secure information? Is there an opportunity here for a hacker to read some e-mail that is highly confidential?
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing and Planned Administrative Models
25
In his design role, Morris determines that it is important to introduce the concept of a Certificate Authority (CA) early on in the design, so that security and network admins can adjust to the idea of granting certificates to users who need to send encrypted e-mail. The Windows 2000 rollout will include at least one CA server, though Morris understands that there is a fault-tolerance/scalability capability of Windows 2000 Server CA to allow a hierarchical design component whereby one CA server receives its certificates from a root authority. In this way he could conceivably introduce CA servers at remote sites, all of which report to their parent CA Server. Additionally, Morris sees to it that all users on the network will be equipped with Outlook 2000. Though Outlook 98 also can work with certificates and public key encryption, he wants to utilize the latest and greatest e-mail client for enhanced security and features. Morris plans to introduce a KMS in his Exchange 2000 server rollout so that employees sending Outlook e-mail to customers can encrypt the e-mail if they so choose. Finally, Morris asks the Web developers to update any pages that contain the ability for a visitor to send an e-mail to the company to send it in encrypted format.
Analyzing Existing and Planned Administrative Models
Microsoft Exam Objective
Analyze the existing and planned administrative model.
I
f you have a steadily entropic Exchange organization—that is, one where remote admins wind up “owning” their share of the Exchange deployment— and you want to try to rein things back into a more centralized setup,
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
26
Chapter 1
Knowing and Understanding the Business Requirements
Exchange 2000 Server provides you with some unique opportunities to do so. For starters, one of the cooler features of Exchange 2000 is the ability to separate the databases into logical chunks. But in times past, the single database notion has always been restrictive. For example, suppose that you want to keep your Executive staff’s e-mail system on one database and the Marketing team’s on another. This is now possible. If the Executive database craters for whatever reason, the Marketing users don’t go down. This setup provides you with more fault tolerance capabilities such as providing increased recovery times due to smaller database sizes. Additionally, more users are allowed on a single system. Conversely this feature also allows you to segment out the administrative roles. You could apply a database that belongs to one domain to a specific set of administrators and another to a different set of admins. Understanding and appreciating the way that today’s messaging infrastructure is administratively organized, then mapping what you see today into tomorrow’s E2K rollout is wise. By doing so, ou can much more easily anticipate large changes that you need to implement now in order to accomplish your desired destination.
Design Scenario: Coping with the Locked-Out Exchange Site Betsy works for a large organization that has 13 Exchange 5.5 servers spread out over as many geographically diverse sites. Each geographic site corresponds to an Exchange 5.5 site that’s visible in Betsy’s Exchange admin console. All of the sites have at least one NT admin on staff; some have more. Two or three of the sites have admins that have gotten carried away and have locked out Betsy’s rights to their site. She cannot view configuration information, nor modify anything having to do with these sites. This is frustrating to her because she has been charged with upgrading the organization to Exchange 2000 Server. A different Project Manager (PM) has been assigned the task of upgrading the organization to Windows 2000. Betsy first maps out the current permissions structure of the Exchange Server organization. She plots out each right, first by organization, then by site, then by configuration. Next she fights the political battle, making sure that the managerial personnel over each of the admins are on board with the upgrade project and are united in their acceptance of it.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
27
She writes up an updated security document that contains the new permissions listings for the various admins. Since the site is so large, Betsy opts to split up the database into site-specific chunks and makes plans accordingly. As she works on the above steps, she also works with the Windows 2000 PM to make sure that the steps he’s taking are happening in stride with her plans. Once the Windows 2000 upgrade is in place and she is ready to begin deploying her E2K design, Betsy installs E2K and implements the permissions designed earlier in the project. The end result is a centrally controlled E2K deployment that she now has control over in terms of applying permissions where they are needed throughout the organization.
Summary
T
hough this chapter is more business-oriented than technical, I’ve tried to introduce some things to think about not only for the test, but for your E2K upgrade as well. Microsoft’s new testing paradigm requires that you understand project management concepts, management structure, the nature of the enterprise, and other non-technical things that have a way of finding their way into design decisions—hence the non-technical test objectives. We started out by talking about things that might influence organization policy requirements for such an upgrade. We said that the very size and disparity of the messaging infrastructure would have a lot to do with how complicated your design plans were. We also introduced the notion that planned mergers and acquisitions could potentially have a huge impact on your planned rollout. Additionally we talked about the need for human resources to get this project done. And finally we introduced the concept that management attitudes about the rollout need to be in basic alignment for the project to take place and come to a happy conclusion. It’s important as well to understand the business model in place within your organization, not only today’s model, but any planned new model as well. You have some things to take into consideration when thinking about the model, specifically user distribution—how spread out the users are that are utilizing the system—and the user mail needs and habits.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
28
Chapter 1
Knowing and Understanding the Business Requirements
We discussed the need for considering any existing and planned security models. There are changes in Exchange 2000 that will map old Exchange 5.5 DLs to UDGs and UDS’s. We also introduced the concept of a CA server, a server component independent of E2K and of Key Management Service (KMS). Finally we talked about the way that the current messaging infrastructure is administered and how you might use Exchange 2000 Server to modify the administration structure upon rollout.
Key Terms Access Control List (ACL) Certificate Server (CS) Internet Mail Service (IMS) Key Management Service (KMS) Microsoft Management Console (MMC) Multipurpose Internet Mail Extensions (MIME) public key encryption Secure Multipurpose Internet Mail Extensions (S/MIME) Simple Mail Transport Protocol (SMTP) Subject Matter Expert (SME) Universal Distribution Group (UDG) Universal Security Group (USG) Web Distributed Authoring and Versioning (WebDAV)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
29
Review Questions 1. A new feature of Exchange 2000 Server allows people to collaborate
over the Web on documents, regardless of the authoring tools they’re using. Users can copy, move, and delete files. Office 2000 can be used to publish documents to the Web store and replicated outward. What is this new feature called? A. Web Distributed Authoring and Versioning B. Web Application Platform C. Web Storage System D. Extensible Management Interface E. Collaboration Data Objects 2. In thinking about a migration from an Exchange 5.5 infrastructure to
an Exchange 2000 infrastructure, what is the one critical component that Exchange 2000 cannot do without in order to function? A. Remote Procedure Call (RPC) B. Active Directory (AD) C. Internet Information Server (IIS) D. Active Directory Connector (ADC) 3. Jeremy is an Exchange 5.5 administrator who has rights throughout
the entire organization with the exception of Replication, Send As, and Mailbox Owner. What type of permissions does he have? A. Admin B. Permissions Admin C. Service Account Admin D. View-only Admin
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
30
Chapter 1
Knowing and Understanding the Business Requirements
4. You’re designing an Exchange 5.5 to Exchange 2000 upgrade. Currently,
you have several site servers that are in remote geographic places connected by high-speed WAN circuits. Your intent is to migrate to a single high-power clustered server for all Exchange activities. What aspect of the design are you considering at this point? A. Organizational policy requirements B. Business models C. Administration models D. Security models 5. As a designer of an Exchange 2000 Server deployment in an environment
populated with disparate legacy messaging infrastructures, what is the most important thing you’ll need to equip yourself with? A. Database administrators B. Network experts C. Web developers D. Subject Matter Experts 6. In your work designing an Exchange 2000 Server deployment, you’ve
determined that you want to split up the Exchange database into several “mini-databases” to gain a more logical geometry. You want the IT group to use one database while the rest of the business uses others. What version of Exchange 2000 Server will you need to accomplish this? A. Exchange 2000 Server B. Exchange 2000 Enterprise Server C. Exchange 2000 Collaboration Server D. Exchange 2000 DataCenter Server
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
31
7. You’re designing an Exchange 5.5 upgrade to Exchange 2000 Server.
What happens to the public folder permissions? A. The DLs that are used as ACLs in legacy public folder permissions
are most likely turned into Universal Security Groups (USG). B. The DLs that are used as ACLs in legacy public folder permissions
are most likely turned into Universal Distribution Groups (UDG). C. The DLs that are used as ACLs in legacy public folder permissions
are always turned into Universal Security Groups (USG). D. The DLs that are used as ACLs in legacy public folder permissions
are always turned into Universal Distribution Groups (UDG.) 8. You’ve been retained as a design consultant for a large insurance firm. At
your first meeting with the managers who’ve hired you, they convey to you that they want their site converted from their current messaging infrastructure to Exchange 2000 Server. From a real-world design perspective, what are some of the first informational points you’ll want to gather regarding this upgrade? Choose all that apply. A. Which protocols they’re running on the network B. How many servers there are C. What the current messaging infrastructures are D. How many users there are E. How many different messaging infrastructures are in place F. If Windows 2000 Server is installed G. If Active Directory has been enabled
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
32
Chapter 1
Knowing and Understanding the Business Requirements
9. Chris is a network architect for a mid-sized corporation that has a large
Exchange 4.x and 5.x deployment. The corporation has already installed Windows 2000 Server on some of its DCs and has enabled AD. Now they want to upgrade the Exchange system to Exchange 2000 Server. What is the first thing that needs to be done to begin the project? A. Install the Exchange Active Directory Connector B. Install the Windows 2000 Active Directory Connector C. Upgrade at least one server to Exchange 5.5 SP3 D. Run the ForestPrep utility 10. Jenny is working on an upgrade to a legacy messaging infrastructure.
She’s going to upgrade the infrastructure from a combination of GroupWise and Exchange Servers to Exchange 2000 Server. All clients are currently using either Outlook or the GroupWise client for Windows to access their e-mail. What kind of purchasing will she have to do to make sure the network is licensed completely correctly? Select all that apply. A. Purchase an Exchange 2000 Server license for each non-Exchange
server B. Purchase a competitive upgrade Exchange 2000 Server license for
each non-Exchange server C. Purchase a Client Access License for each GroupWise user D. Purchase a competitive upgrade Client Access License for each
GroupWise user E. Purchase a Client Access License upgrade for each Outlook user
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
33
Answers to Review Questions 1. A. Web Distributed Authoring and Versioning or WebDAV is a new
HTTP-based protocol that allows people to collaborate on and author documents over the web into the Exchange Web store. 2. B. Exchange 2000 Server has to use Active Directory. It cannot function
as its own standalone directory like Exchange 5.5 could. This means that the network has to be running Windows 2000 with AD enabled. (Though it doesn’t necessarily mean that the network has to be running in native mode.) 3. B. Jeremy has the second-highest level of administrative rights, Per-
missions Admin rights. Since he doesn’t need to be involved directly in Replication, he doesn’t need to Send As rights to other mailboxes and he doesn’t need to own all Mailboxes. Permissions Admin is a perfect choice for an all-around administrator. 4. C. You’re determining that you’re going to take the environment from
a decentralized mode to centralized. There could be a number of reasons for this: cowboy administrators at the remote site, database centralization, enhanced security, proximity to CA server. The decision revolving around decentralization versus centralization is a highly important one and centers predominantly on the administration of the enterprise— hence answer C. 5. D. Subject Matter Experts (SMEs) are those people who know every-
thing there is to know about a given thing. In the case of an infrastructure that consists of “legacy disparate messaging infrastructures” (perhaps Exchange Server 5.0, cc:Mail, GroupWise or some other combination), it’s important to surround yourself with people who completely know and understand the systems you’re going to be integrating with. SMEs are always a part of good project planning. “No man is an island.” 6. B. The ability to separate databases comes with Exchange 2000 Enter-
prise Server. There is no such thing as Exchange 2000 DataCenter Server (though there is a Windows 2000 DataCenter Server).
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
34
Chapter 1
Knowing and Understanding the Business Requirements
7. C. Exchange 2000 Server is picky about the Exchange 5.5 Server DLs.
In an upgrade scenario, only those DLs that were used as ACLs in public folders are put into USGs. If a DL wasn’t utilized as an ACL in a public folder, it’s only put into a UDG. You, of course, could modify as you saw fit. This is the default operation as Exchange Server 5.5 sees it. By the way, if you have the Active Directory Connector (ADC) enabled and you’re running a native Exchange 5.5 Server infrastructure (having not yet upgraded to Exchange 2000), the treatment of the DLs will be the same as if you had performed an Exchange 2000 upgrade, meaning that they’ll be converted to Universal Distribution Groups, UDGs. 8. A, C, D, E, F, G. At the earliest stages of discovery, you’re probably
interested in the amount of servers and how many users. You also need to be very sure that TCP/IP is running on the network and you need to go through a discovery process that illustrates to you exactly what the messaging infrastructures are, how many there are, and what brand and version they are. Additionally, you’ll need to know if Windows 2000 and AD have been installed and are operational. Otherwise, your contract is going to extend out quite a bit further than first anticipated! 9. C. One Exchange servers needs to be at 5.5 SP3 level. It is recom-
mended that you upgrade all of the vintage servers to 5.5 SP3, then install the Exchange ADC. SP3 provides Windows 2000 connectivity that Exchange will require in order to talk to the Windows 2000 part of the network. 10. B, D, E. Jenny needs to check into competitive upgrade licensing for
her GroupWise servers and CALs. She can purchase upgrade CALs for her Outlook users. Both steps will save her company quite a bit of money over purchasing the licenses at cost.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Traveling Consultant
35
You should give yourself 10 minutes to review this case study, diagram as needed, and complete the questions for this mini-test.
Background You’ve been hired as a network design consultant for a newspaper in a major metropolitan city. The paper wants you to take their legacy cc:Mail system and convert it to Exchange 2000 Server. The paper’s offices are located downtown and are in a large building with 20 floors. There are about 1000 users.
Current System All of the NT DCs have been converted to Windows 2000, and Active Directory has been enabled running in mixed mode. The network is not in native mode yet. You have cc:Mail residing on two servers, both of which are non-DC Windows NT 4.0 SP6a computers.
Problem Statement Your biggest obstacle will be the fact that you know nothing about cc:Mail!
Envisioned System You envision running a temporary cc:Mail connector or migration tool just long enough to migrate the mailboxes to E2K, which will be installed on new severs. Then you’ll down the cc:Mail servers and give them back to the administrators for use as something else. The CIO, the person responsible for hiring you, calls you into the office on the first day and gives you the following information: CIO “To be honest with you, cc:Mail has given the administrators here a run for their money. I’m sure it’s a fine product, but it has been difficult to maintain and troubleshoot. Furthermore we’d like to go to an integrated system where our Office tools can interoperate with the Exchange system, and I understand that Exchange 2000 can make this kind of synergy happen.”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Case Study: The Traveling Consultant
CASE STUDY
36
Chapter 1
Knowing and Understanding the Business Requirements
The Vice President of Marketing has read about the conferencing capabilities of Exchange server and would like to leverage those capabilities. VP Marketing “I’m not overly thrilled with cc:Mail. I’d like for you to consider leveraging the Exchange 2000 conferencing services I’ve been reading about.” VP Sales “Is there any way that you can send messages to the cell phones of my salespersons?”
Security Security is of paramount importance. CIO “Only two administrators will have permissions to administer the system. Since we do so much Internet e-mail due to our Web presence, it is vital that we be as secure as possible.”
Availability The system must be available 24×7×365.
Maintainability Overview Your thoughts are that since the mailboxes are on cc:Mail, you must find a way to move the users’ mail from the current mail database to the new E2K database. Also, you must make sure that there is a one-to-one match, Windows 2000 username to Exchange 2000 mailbox. Exchange 2000 cannot abide one user having more than one mailbox. Once the mailboxes are migrated to E2K, you’ll turn the reins over to the admins.
Performance Users have complained that the old system was slow. You need to do something about the performance and you’re concerned that all this new big horsepower code that’s in Windows 2000 and Exchange 2000 might slow down a legacy set of servers even more.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Traveling Consultant
37
1. What is the first thing you must do to begin designing this messaging
infrastructure? A. Ascertain the size of the infrastructure and the amount of users on it B. Investigate whether there is a indeed something that will allow
cc:Mail mailboxes to be imported into Exchange C. Install the Windows 2000 ADC D. Allocate and build the new E2K Servers E. Write a project plan 2. You overhear some of the users complaining about the new upgrade
and what a nuisance it’s going to be. What are some things that you can tell people about Exchange 2000 that might make them more optimistic about the upgrade? Choose all that apply. A. Users can collaborate on documents using the Exchange Webs
store and Office 2000 (or any other web-authoring tool). B. Forms designers will be able to use FrontPage 2000 to design custom
Web forms that can be utilized in the E2K system. C. Users will have a choice of e-mail tools they can use to view their
e-mail including their favorite (supported) browser and Outlook. D. There are custom hooks built into E2K for QuarkXpress, a favorite
desktop publishing tool of the editors at the paper. 3. What cc:Mail attributes will need to be migrated to the new system?
Select all that apply. A. Mailboxes B. Personal address books C. Folders D. Bulletin boards E. Client tools F. Known spammer’s list G. Custom forms
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Questions
CASE STUDY
38
Chapter 1
Knowing and Understanding the Business Requirements
4. One of the features that’s new to Exchange 2000 Enterprise Server is the
capability of separating the databases into logically separate entities. What ways might you be able to utilize this feature in your E2K deployment? Select the best answer. A. It might be helpful to separate the databases into distinct entities
such as editorial staff, support, administration, and so forth. B. In a network of only 1000 users, there’s not much sense in separating
databases. C. The database that contains the e-mail that came in from the
Web destined to those users that typically answer such e-mail might be a good candidate for separation. D. Separating the databases and putting them onto a cluster server
would provide fault tolerance 5. Given the following table, rank in order the tasks that you’ll per-
form in accomplishing your design. Note that the list certainly is not all-inclusive! Order Rank
Project Migrate user mail Down cc:Mail servers Purchase migration software Build the E2K servers Develop a project plan Train users
6. How will you handle Public Folder permissions in this new system? A. Create Universal Distribution Groups, populate with AD user groups B. Create Universal Security Groups, populate with AD user groups C. Create Distribution Groups, populate with AD user groups D. Create Security Groups, populate with AD user groups
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Traveling Consultant
39
1. E. The other steps, with the exception of C, are all components of a
well-designed project plan. Item C is incorrect. You always want to install the Exchange 2000 ADC if you intend to use it. The first thing you need to do is quickly assess the environment, then formulate a knockout project plan. 2. A, B, C. Sorry, no known interface with QuarkXpress at this time, but
who knows down the road. The other three answers are absolutely correct. 3. A, B, C, D. Visit the Microsoft Exchange Web site for more informa-
tion: www.Microsoft.com/exchange. You can migrate mailboxes, Personal Address Books (PABs), folders and bulletin boards in the cc:Mail system to Exchange Server. 4. D. The CIO told you that the system needs to be highly reliable. Sep-
arating the databases into two and putting them on a cluster server would provide you with such fault tolerance. Answer: Start with your project plan. This plan will document in great detail exactly how you intend to accomplish this project. Run the project plan by all stakeholders to make sure everybody understands the plan. (You’re not necessarily looking for buy-in, you’re wanting to make sure that all parties know what’s involved.) Evaluate and purchase the software that you think will help you get the user migration done. Build the servers. Migrate the mail. Down the cc:Mail servers. Train those users! Don’t skip the user training step. Note that this step is included at the end of the project, but it actually should occur during the other steps in the project. Project Develop a project plan Purchase migration software Build the E2K servers Migrate user mail Down cc:Mail servers Train users
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
Answers to Questions
CASE STUDY ANSWERS
40
Chapter 1
Knowing and Understanding the Business Requirements
5. B. The answers to this question imply that the cc:Mail migration
didn’t bring across any distribution lists which Exchange 2000 could turn into USGs. If you’re accustomed to Exchange Server administration, remember that you need to adjust your thinking slightly from the old Exchange distribution list to user groups that are handled by Windows 2000. But in this case, you don’t have the luxury of an Exchange Server migration, so it’s possible that the migration tool you purchase won’t handle any distribution list work for you. Remember, too, that since you’re dealing with Windows 2000 users and groups now, the ACLs you create will be in the form of user groups that are populated into a USG and then applied to Exchange 2000 Server public folders.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Chapter
2
Resource Needs Determination MICROSOFT EXAM OBJECTIVE COVERED IN THIS CHAPTER: Analyze existing server roles. Factors include existing and anticipated server load. Roles include mailbox server, public folder server, and firewall configuration. Analyze existing and planned network resources. Resources include hardware, available bandwidth, network topology, and firewall configuration. Analyze existing directory and name resolution configurations. Analyze the impact of Exchange 2000 Server on the existing and planned network. Considerations include requirements for local authentication servers and local global catalog servers, delegation and rights assignments, bandwidth, and messaging traffic. Analyze the existing messaging system architecture and potential changes to this architecture. Considerations include potential message routing changes, client computer access changes, administrative model changes, and changes to messaging-based applications. Analyze existing messaging client configurations. Considerations include hardware, operating system, access methods, existing message store requirements and existing messaging client(s).
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
T
his chapter is about determining which resources you have at your disposal in order to accomplish your Exchange 2000 Server upgrade. We’ve gone through the business assessment, now we’ll go through the physical assessment. A solid network design has three components to it:
Taking stock of the existing infrastructure
Determining which pieces of the infrastructure are weak components that need either bolstered up or replaced
Analyzing any plans for additions to the business which could potentially result in subsequent additions to the infrastructure
Within this chapter we’re going to consider server roles, network resources, directory and name-resolution components, how Exchange 2000 Server will impact the existing network, the existing messaging architecture, and finally, the existing messaging clients and their configurations. Assessing each of these physical elements performs a practical step toward a healthy rollout. Before we begin, it’s important that we take some time to discuss what is meant by the term “enterprise.” When you’re working with a network, you’re involved with an enterprise, even though you may only manage a small portion thereof. The servers (which I like to call the “server farm”), the network infrastructure, the cabling that links everything together, the WAN circuitry, the applications, the administration team, and the users all compose the enterprise. Take any one of these out of the picture, and your enterprise is either considerably weakened or completely ineffective. Therefore, it’s to your benefit to understand and be cognizant of every component of the enterprise, which is why Microsoft has developed these huge test objectives.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Server Roles
43
Analyzing Server Roles
We begin by discussing the various server roles that are involved in the network. But since we’re focusing on the messaging infrastructure, we’ll not dwell on other critical server functions such as domain controllers or other application servers. (Even though later on in this chapter, we will touch on both directory and name-resolution services.)
Microsoft Exam Objective
Analyze existing server roles. Factors include existing and anticipated server load. Roles include mailbox server, public folder server, and firewall configuration.
Existing and Planned Server Load There are lots of questions that revolve around estimating the planned server load. As with everything else concerning Windows 2000, there seems to be a multiplicity of choices about which way to do things. In the Exchange 2000 Server load analysis, for example, the first question you should ask is whether you’d like to consolidate a large existing Exchange 5.5 into a smaller Exchange 2000 Server installation (that runs on fewer but more powerful servers). We’ll talk about this option in a moment. But first, let’s just suppose that you’re evaluating your current messaging infrastructure, regardless of what type it is, in order to see what the server load might be. More importantly, what minimum requirements will each instance of E2K Server mandate, and can your current servers live up to the demands? Here are the minimum system requirements for an Exchange 2000 server:
Intel Pentium or compatible 300Mhz processor or higher (Exchange 2000 Server is symmetric-multiprocessing-aware, meaning that it will work fine on computers equipped with more than one processor)
Microsoft Windows 2000 operating system
128 megabytes (MB) of physical RAM; 256MB recommended
2 gigabytes (GB) of disk space available on the drive on which you install Exchange
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
44
Chapter 2
Resource Needs Determination
500MB of space available on the system drive (where Windows 2000 is installed)
CD-ROM drive
VGA or higher resolution monitor
Paging file must be set to a minimum of twice the amount of RAM
While these minimum requirements sound pretty doable, keep in mind that as soon as you stack a few hundred users onto these servers, you’ll be wishing you had really upsized the hardware. So our first question in looking at server load is this: Can the servers that are currently at work in the enterprise hang with the new E2K requirements? If not, you’ve got to replace them. Moreover, if you’re going to retain the old infrastructure while upgrading to the new, you’ll probably have to buy equipment anyway. I have an architecture friend who is very good about over-engineering (as opposed to under-engineering). In the case of Exchange 2000 Server, it’s well worth the few extra dollars it’s going to take to add more RAM than you think you’ll need; maybe pop in that extra processor and boost the disks up to 10,000 RPM SCSI drives. Might as well put them on a hardware Redundant Array of Inexpensive Drives (RAID) array controller card while you’re at it, so that you optimize disk throughput relative to the processor activity. If the server you’re considering for the installation of Exchange 2000 is already loaded with Windows 2000, run System Monitor (the successor to NT 4’s Performance Monitor) and see if you can get some baselines on how the system is performing. Alternately, you can do a very cursory check by simply right-clicking the taskbar, selecting Task Manager, moving to the Performance tab, and seeing how the processors and physical memory are doing. I’m going to go out on a limb here and tell you that if you’ve got a processor that’s consistently sitting at or above 30–50%, you probably don’t want to put E2K on the computer before upgrading it. If the server you’re checking is currently using almost all of its physical RAM or even dipping above it, the server is what we call RAM-starved and needs RAM thrown at it right away. Again, this server may not be the best choice for Exchange 2000. (I know, I know…the minimum requirements are 256MB. But that’s very much a minimal number and one for which you’ll want to extensively over-engineer the RAM, even in smaller deployments. The server that I’m using to help me write this book is a dual-Pentium 500 with 256MB of RAM. With no Exchange 2000 Server installed and very little else running on it except Windows 2000, the CPUs are
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Server Roles
45
snoozing at anywhere between 0–3% but the RAM is consistently at 148MB. Imagine my adding Exchange 2000 Server, with its intense processing requirements, and you get the idea.)
Consolidating Exchange 5.5 Servers into Fewer Exchange 2000 Servers Typically when we talk about messaging infrastructures, we talk about them in terms of mailboxes. How many mailboxes can a messaging server hold? Even though Exchange Server 5.5 has an unlimited database size— meaning that you can theoretically have unlimited mailboxes—as the size of the database grows, so does the lack of ability to restore it from tape should anything catastrophic happen. With typical backup tape restoration speeds of somewhere around 25GB per hour, a database of any significant size at all could potentially take a very long time to restore. Maybe you’ve lived in a server room all night long, waiting on a tape backup unit to finish restoring an Exchange database. There are very few activities that are quite as fun and interesting as that: watching paint dry or grass grow, maybe. To get around this, lots of companies have installed numerous Exchange servers, each one with its own database. Though these servers are often connected together by fast networks, you can imagine that there’s a huge management hassle associated with this. This aspect of Exchange 2000 Server brings to us the concept of a storage group, which is nothing more than a grouping of Exchange databases. Each storage group can have up to five Exchange databases in it. Exchange 2000 Server can be clustered, you can set up some well-equipped cluster servers, and you can maintain four storage groups (20 total Exchange databases) on just a couple of servers.
Upgrading from Exchange 5.5 to Exchange 2000 There are three methods you can use when upgrading from Exchange 5.5 to Exchange 2000: In-Place Upgrade Use this technique when you simply want to upgrade your current Exchange 5.5 SP3 servers to Exchange 2000. It requires that Windows 2000 and Active Directory be installed in at least one domain. Native mode is not required, though it is desirable. In order to continue
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
46
Chapter 2
Resource Needs Determination
to talk to the rest of the Exchange 5.5 sites, you must have at least one Exchange 5.5 SP3 server prepared to be the gateway between your legacy site(s) and the new Exchange 2000 Server site. Move Mailbox Upgrade This method is useful when you have a situation where you may not want to upgrade an existing Exchange 5.5 SP3 server to Exchange 2000 Server. For example, you may have some connectors that you need to retain for a time that are not Exchange 2000 Server compliant, but you do want to update the mailboxes. So, you move the mailboxes on the server to the new Exchange 2000 Server. Additionally, the old server can stay available if needed as a backout plan. Swing Server Upgrade In a swing server upgrade, you first move the mailboxes to a new Exchange 2000 server from an Exchange 5.5 SP3 server. You then upgrade the old Exchange 5.5 SP3 server to Exchange 2000, and then move the mailboxes back. The upgrade method you choose has in large part to do with how large your Exchange organization is. An Exchange 5.5 SP3 conversion to Exchange 2000 Server is going to take approximately 30 minutes for the initial server software upgrade, then an additional hour per 30 gigabytes (GB) of database. By and large the only things holding you back from upgrading an Exchange server are as follows:
If the Exchange server you’re planning to upgrade is earlier than version 5.5 SP3
If there are foreign connectors on the Exchange server that are not supported in Exchange 2000. (Supported Exchange 2000 connectors are: Lotus cc:Mail, Lotus Notes, MS Mail for PC Networks, and Novell GroupWise. There are no supported Exchange 2000 connectors for mainframe systems yet.)
It’s important to note that during your upgrade process you cannot remove the first Exchange 5.5 server (known as the first server). Removing this server removes hosted folders and other responsibilities that are a key component of the Exchange organization. Upgrade the Exchange first server instead. For more information see the following Knowledge Base articles: Q152959 and Q152960.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Server Roles
47
Server Roles Exchange 2000 Enterprise Server allows you to thoroughly pick and choose which servers will perform which tasks. You’re provided with heavy-duty granularity in the way that you design your e-mail databases, where you put your databases, which servers do which tasks, and so forth. But before you can segue into those future roles, you must first decipher what’s going on with your current messaging system. Assay the existing messaging environment to see if you can discover which servers perform the following functions. Note that some of the functions listed below may be combined in one or more servers: Mailbox Server(s) Mailbox servers simply house mailboxes. They may also handle connectors, public folders, or other special functions (such as specialized connectors). Public Folder Server(s) Public folder servers are responsible for handling the enterprise’s public folders. Many different kinds of things can be kept in public folders, everything from contact lists, specialized calendars, how-to documents, help-desk e-mails, and so forth. (Some well-known virusscanning software products quarantine virus-infected e-mail documents into a special public folder.) Well-planned public folder implementations can grow enormously large and take up huge quantities of disk and CPU time. Connector Server(s) More for Exchange 5.5 SP3 to Exchange 2000 Server situations, connector servers give you the ability to bring up Exchange 2000 servers, test the connectivity while you utilize the old system for regular mail, then migrate to the new system. Site Connector Server(s) Exchange 5.5 installations that have several sites require replication between the sites in order to keep directory concurrency. Exchange 2000 Server provides the Exchange 2000 Site Connector, which, when installed, installs a Site Replication Service (SRS). Because you may be using the SRS in a mixed environment, you can bring up an Exchange 2000 Server, get the SRS going, test, and still keep the legacy environment going while you’re testing. Third-Party Connectors There may be a specialized connector that you purchased to use with your Exchange 5.5 system. For example, users of the RightFax enterprise fax software system can utilize a special Exchange connector that allows Exchange server clients to send and receive faxes from the e-mail system. Planning for these types of connectors during upgrade means contacting the vendor to see what plans there are for supporting Exchange 2000 Server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
48
Chapter 2
Resource Needs Determination
Firewall Configuration Exchange 2000 doesn’t use the same protocols that earlier Exchange Server versions used. Exchange 2000 Server uses Internet Information Server (IIS) 5.0 as its protocol server and hence supports the major Web protocols: HTTP, NNTP, IMAP4, SMTP, POP, and LDAP. Exchange 2000 Server also kicks the idea of sites up a notch to something called routing groups. A routing group is a set of servers that are no more than one router hop away from one another. A routing group needs to have a well-established connection, one that’s 24/7, is high-speed, and does not fail in its operation. Suppose, for example, that you had three Exchange 2000 servers at one of your campuses, Campus A. Suppose also that you had two other Exchange 2000 servers at a different campus, Campus B. The three Exchange 2000 servers at Campus A would compose a routing group as would the two Exchange 2000 servers at Campus B, as shown in Figure 2.1. The two campuses are connected together by a high-speed WAN circuit, and the two routing groups can talk to one another. FIGURE 2.1
Two routing groups
Because you have the capability of having several routing groups talking to one another using IIS protocols through routers and probably firewalls (a condition that’s new to Exchange), you’ll need to make sure that the internetworking (router) folks correctly configure the firewalls to allow this potentially new type of traffic across them. I say potentially because it’s a possibility that you’ve got intranets introduced into the enterprise, and
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Server Roles
49
you’re already passing the kind of traffic that IIS will utilize. It’s also possible that your firewall is preconfigured to allow these kinds of protocols across it. Nonetheless, you’ll need to verify that the following firewall ports are open and available to allow traffic across them:
Hypertext Transfer Protocol (HTTP)—Port 80
Network News Transport Protocol (NNTP)—Port 119
Internet Message Access Protocol version 4 (IMAP4)—Port 143
Simple Mail Transfer Protocol (SMTP)—Port 25
Post Office Protocol version 3 (POP3)—Port 110
Lightweight Directory Access Protocol (LDAP)—Port 389
Design Scenario: The “Un-connected” Connector One time I was hired to perform a Banyan VINES to Windows NT 4.0 conversion on a network, including a conversion of their e-mail system. One of the problems I quickly discovered was that all of the clients were using VINES’ built in e-mail program (“blue mail”), along with a GUI-based third-party client called “SharkMail.” There was no connector between VINES and what was then Exchange Server 4.0. How was I going to get these e-mail systems connected up? The way I saw it, I had two options: 1) Cut everyone off of the old e-mail system and bring them up with a clean slate on the new, or 2) Find a way to slowly migrate users across without destroying all of their old e-mail in the process. Solution 1 was not an option to me because there were power users in the VINES system who absolutely could not, would not relinquish their e-mail without being guaranteed that they’d see it again when they got over to the Exchange side of the house. Fortunately, in my Websurfing, I found a company that had written some Exchange gateway software products. They had one that would interface VINES e-mail servers to Exchange. They didn’t call it an Exchange connector, but used the term “gateway” instead.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
50
Chapter 2
Resource Needs Determination
In using this product you had to target the users you were moving out of the VINES system. The gateway would then create a mailbox in the Exchange sys-tem and copy across their mailboxes, any folders they had created, and their address books, while logging any errors that might have been encountered in the move. The whole thing worked pretty well. We did just a few users at a time, carefully checking the logs to make sure that users really did get their e-mail copied across. If we had a failure and had to rerun the process, it was pretty funny because on the Exchange side the client would wind up with duplicate e-mail documents. One other problem was that we had to find a way for the two systems to talk to each other while we were in the transfer process. In other words, since there wasn’t really a connection between the two systems (only a gateway that allowed you to copy mailboxes from one place to another), if you were a VINES e-mail user you couldn’t send e-mail to an Exchange user and vice versa. Since that would never fly, we had to figure out a way to handle the situation. We solved it by setting up all of the remaining VINES users as Custom Recipients (now called “Mail-enabled contacts” in Exchange 2000 Server) and then keyed an alias—one that pointed to the user’s new Exchange SMTP address—into the VINES e-mail system for each user who had been converted to Exchange. So, if you wanted to send e-mail to a user on the VINES system, you picked his or her custom recipient name off of the Global Address List (GAL). If you were a VINES user you simply sent your e-mail to the person in the address list, just like before, only now the system would redirect the e-mail through SMTP to the Exchange system. The whole thing went off very well, and we had 850 users converted in about four months’ time.
Analyzing Existing and Planned Network Resources
N
ext we’ll analyze the backbone of your network. I love this part because infrastructures are so cool and they’re so integrated into the server farm. Yet many newbie admins tend to overlook the network when they’re planning new enterprise application deployments. Because server and
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing and Planned Network Resources
51
enterprise application software grows steadily in capability and resource requirements and requires more and more from the network, we must be ever-vigilant to make sure the network can handle the load.
Micrisoft Exam Objective
Analyze existing and planned network resources. Resources include hardware, available bandwidth, network topology, and firewall configuration.
What are the components of the network that we must be concerned with? They are as follows:
Cabling infrastructure(s) (what I like to call the “cable plant”)
Routers
Switches
Hubs
Wide Area Network (WAN) circuits
Wireless interconnectivity (such as satellite or microwave connections)
Server farm
Backup infrastructure
It’s funny how fast time flies. Back in the early ’90s 100Base-T was just beginning to be talked about. Today it’s almost old hat and is quickly being replaced by 1000Base-T—the “gigabit” Ethernet standard. Yesterday’s 56K links between sites (using bridges, not routers) amounts to the speed that a standard modem can easily attain over a phone line today. The huge chassisbased hubs that were vogue just eight or nine years ago are good for nothing more than very tiny networks or for doorstops and boat anchors. So now that you’re heavily into Windows 2000 (or at the very least reading this book because you’re considering going there), it’s time to take stock of what the network looks like. As an admin in a smaller network, you won’t have a problem getting a handle on everything. In a larger environment, you’ve got a lot of work ahead of you. Let’s briefly discuss each of the items listed above so you have a feel for where you’re going and how to get there. Cabling Infrastructures The cable plant consists of the wiring that runs through the cable chases—in the walls to the closets, to the jacks at user’s
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
52
Chapter 2
Resource Needs Determination
desks, and to the servers—and other associated peripheral gear. There are patch cables that run from patch panels to switches, from wall jacks to user computers, and from peripheral gear (such as servers) to switches. You have a choice of whether to choose solid cabling for your inner-wall runs or stranded cabling, typically used as patch cords. When considering the cable plant, you also want to take into consideration the patch panels. There is a difference in quality among the various patch panel vendors, and you have several choices you can make. Pictured in Figure 2.2 is a Leviton patch panel. Note that the quality of the terminations at both the patch panel and in the cable ends can make a huge difference in the quality of the cabling infrastructure and hence the data traversing it. In an environment where your cabling runs from a centralized place such as a server room to outer closets, you would call the centralized place a Main Data Facility (MDF) and the outer closet an Intermediate Data Facility (IDF). If all cable runs are not certified at least to Category 5 (Cat 5) or higher, it’s much to your benefit to get them that way. FIGURE 2.2
A typical patch panel
I would recommend outsourcing any cabling work to a reputable cable installer. The work is usually guaranteed, the installers know all about the do’s and don’ts of cabling, and they’ll be able to get it done much faster than you can. Order extra patch cables while you’re at it. Any fiber-optic cabling absolutely needs to be done by certified fiber-optic installers.
Routers Windows 2000 Server (all three versions) can act as software routers. Windows 2000 Server supports Routing Information Protocol (RIP) version 1, RIP version 2, Internet Group Management Protocol (IGMP), Border Gateway Protocol (BGP), and Open Shortest Path First (OSPF). Of the four, only IGMP is specialized, typically intended for use in connecting multicast clients together. It’s possible that in a new deployment, or in smaller networks, you might want to set up a Windows 2000
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing and Planned Network Resources
53
router. A Windows 2000 router could be potentially used internally for campus interconnectivity, as a backup router for your conventional routing farm, or even as a routing connection to the Internet. The caveat with any router that you intend to place is that it must have the performance features that are needed to keep up with the network’s needs. Especially important in software routers would be the processors and RAM necessary to keep the routers at optimal performance. In all but the smallest of networks you’ll find hardware routers. Typically, hardware routers and their associated WAN circuitry are maintained by an internetworking group that maintains a routing and switching specialty. When considering hardware routing, your interests will go toward the speed and performance of the routers that are currently in place, the protocols they work with, the version level of software they use, the WAN connections they support, and, if you’re working with a chassis-based router, any cards (sometimes called “blades”) that are in them.
You can get certified in Cisco routers and switches by passing a Cisco Certified Network Associate (CCNA) test and hence obtaining your CCNA certification. This is a certification I’d heartily recommend to go along with your MCSE, because in studying for the CCNA test you’ll learn a ton of information about routing protocols, VLANs, switches, and other interesting infrastructure components.
Switches Today’s networks should not be using hubs. Radical statement? I don’t think so. Hubs, even so-called “smart” hubs, operate at layer 1 of the OSI model and are simply dumb packet-passing devices. You’re sharing whatever bandwidth the hub is capable of providing among all of the users connected to the hub. What you want is some capability to manage the throughput in such a way that someone requesting a huge report off of a server can’t hang up other users. In other words, you want to be able to manage the users’ throughput and associated aggregate bandwidth. Switches are what you need. Switches operate at layer 2 (and oftentimes at layer 3) and are capable of providing intelligent decision making regarding the data coming into and going out of the switch. Switches typically come with a smorgasbord of options that you can add. Of particular interest will be the uplink port, the part that connects the switch to the rest of the cabling infrastructure. Oftentimes you’ll buy an uplink port that’s an order of magnitude faster than the user ports on the
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
54
Chapter 2
Resource Needs Determination
switch. For example, you might buy a switch that has a gigabit (1 billion bits per second—1Gbps) uplink port and each user port 100 million bits per second (100Mbps). The switches linked together on their uplink ports compose what we call the backbone. Generally servers in the server farm connect to a high-speed switch in the MDF, a switch whose user ports are capable of the same speed as the uplink port. Servers can put out data very fast onto the wire and will benefit from a fast switch connection. Users don’t have as much network throughput and therefore don’t need the huge capacity that servers do. Switches are considerably more costly than hubs. If you can buy an 8-port hub for $100, an 8-port switch will cost over $1000 (oftentimes not including the cost of add-on cards for uplink ports, management, and so on). That’s because switches come with software and processors that manage the switch fabric. When we say switch fabric, we’re talking about the internal components of a switch that manage its bandwidth and multiplexing. You can speak of the switching fabric of a single switch, i.e. “Because Ted and Alice are on the same switch, data going between their computers doesn’t have to leave the internal switch fabric.” Or you can use the phrase colloquially, i.e. “Since we’ve gotten rid of hubs and moved to switches, we’re not on an infrastructure-wide switching fabric.” Hubs As you’ve probably already gathered, I’m not a big fan of hubs in an enterprise environment. I think they’re fine for Small Office/Home Office (SOHO) setups, but they don’t have a place in commercial networks. If you’re working on a network that’s still using those old hubs, my guess is they’ve paid for themselves over years of continual service and you can (and should) consider retiring them. Your servers will thank you, your users will thank you, and you’ll have a much faster network. Be advised that if you’re going to migrate the network from, say, 10Base-T shared to 10/100/1000Base-T switched, the cabling infrastructure will have to be at least at Cat 5 levels, if not Cat 6. That’s why we talked about cabling first. If the cable plant isn’t up to snuff, the switches won’t be able to work correctly. WAN Circuits In a network that spans across several geographic regions and is interconnected by routers and WAN circuits, you have to be able to know at what speeds the data is traveling across the wire. In smaller environments, often the connection to the Internet or to other campuses is at 56Kbps or Integrated Services Digital Networks (ISDN) speeds, often over conventional modem circuits. But today’s WAN
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing and Planned Network Resources
55
connectivity has gotten so specialized, what with the various optical connections and so forth, that it’s important to be able to clearly delineate which circuits you’ve got and what their speeds are. Especially important is the concept of a Committed Information Rate (CIR). When you negotiate a Frame Relay circuit with a provider (such as AT&T or Sprint, for example) you negotiate the speed of the circuit and also a CIR. The CIR is the rate at which, should your data stream go over it, the packets are considered to be discard-eligible, meaning that the provider can choose to toss them out. That doesn’t mean the provider will, but in today’s era of overprovisioning of circuits, it’s a pretty good bet that if you have packets considered discard-eligible, they will be discarded. Which means that the receiving side has to do a Negative Acknowledgment (NACK) and then you have to retransmit the packet, thus slowing your network down. Today’s huge software environment requires loads of WAN bandwidth. Wireless Interconnectivity Some facilities aren’t connected together by a cable circuit of some kind but rather by wireless connectivity. You can obtain high-speed connectivity through microwave, satellite, or other types of wireless connections. You need to ascertain what these connections are and what their speeds are. Server Farm For an Exchange rollout, you’re probably not going to be terribly interested in what the domain controllers and other servers are made up of. But you are going to be very interested in how robust your current messaging servers are, and if they need to be upgraded or replaced. No matter what role a messaging server will play in an Exchange 2000 Server environment, it needs to have high-quality, highspeed componentry in it. An Exchange 2000 Server rollout isn’t going to be very powerful running on Pentium 233 servers with 96MB of RAM. Additionally, each server in the Exchange 2000 farm needs to be on the Windows 2000 Hardware Compatibility List (HCL). Backup Infrastructure Something you may not think to take into consideration, but which turns out to be extremely important, is your backup infrastructure, including the tape backup units and the backup software you’re going to use. Because you have the ability with Exchange 2000 Enterprise Server of separating databases out in order to facilitate shorter backup and recovery times, you may be able to continue on with the current backup infrastructure. On the other hand, if this is your first segue into messaging—that is, you have no other messaging systems running on the network—you need to make plans to be sure you have the tape capacity to back up your messaging
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
56
Chapter 2
Resource Needs Determination
environment. Also it’s important to verify that the software you’re using will be able to back up Exchange 2000 data.
Topology A network’s topology is the way in which you’ve got the network wired according to Institute of Electrical and Electronics Engineers (IEEE) standards. There are three very common basic topologies that you may encounter: bus, star, and ring. The bus topology is not in wide use anymore due to its limitations. For star topology, typically Ethernet, is the most common. There are still some legacy networks that utilize Token Ring technology. Knowing the topology of the network will reveal to you the total bandwidth the network can support and any hardware changes that you may need to introduce before going forward with the rollout.
Firewall Configuration The firewall configuration that we spoke about previously is of concern, because Exchange 2000 Server utilizes IIS 5 as its protocol server, if you will, and therefore needs to have certain ports on the firewall opened in order to maintain functionality.
Design Scenario: The CIR Crunch I’ve been in environments where the genius that negotiated the WAN circuits negotiated a zero CIR, meaning that anything over zero packets could be considered discard-eligible. The company got a huge break on the monthly circuit charges, but you can imagine that as the network loaded up, things got pretty slow. Moral of the story: Don’t be stingy with CIR!
Analyzing Directory and Name Resolution Configurations
T
his section is concerned with directory and name resolution configurations. We’ll talk first about directory structures, then about name-resolution services.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Directory and Name Resolution Configurations
Microsoft Exam Objective
57
Analyze existing directory and name-resolution configurations.
Directory Configurations Exchange 2000 Server’s directory is now simply a part of Active Directory. A mailbox is an extension of a user account, and a distribution list is converted into group. Your biggest concerns when performing an Exchange 2000 Server design revolve around several key issues:
The number of domains that are now running AD within your company
Whether you’re going to have to maintain an interconnected relationship between older messaging systems (such as Exchange Server 5.5 and older)
Plans for upgrading both the domains and the older systems
Exchange 2000 Server will run in harmony with Exchange 5.5 SP3 as long as you run the Active Directory Connector (ADC) installation at the time you install Exchange 2000. All Exchange servers don’t have to be running Exchange 5.5 SP3, but at least one must be in order to communicate with the, Exchange 2000 installation. Additionally, the Windows 2000 domain in which you install Exchange 2000 Server should ideally be running in native mode, which means that all of the domain controllers (DCs) in the domain have been upgraded to Windows 2000 and the domain has been converted to native mode. Note that once the domain has been converted, there is no turning back. You cannot revert from native back to mixed mode. The problem is that you won’t be really leveraging your Exchange 2000 deployment until such time as all domains are converted to Windows 2000 and native mode. You will be able to successfully run parallel environments and, indeed, the older Exchange sites can talk to the new deployment, but you’re going to be running a V8 on two or three cylinders instead of all eight. For example, distribution lists in the vintage Exchange systems are shown in the E2K system as Universal Distribution Groups, etc. The potential for confusion and some nastiness here is high—consider a full-fledged cutover to both W2K native mode and E2K on all servers. This, of course, requires much more extensive project planning and the resistance to temptation to just see what one server looks like. Because Exchange 2000 is designed to make full use of Windows 2000 organizational units (OUs), domains, trees, and forests running in native
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
58
Chapter 2
Resource Needs Determination
mode, you’re at a juncture where you need to make a critical design decision. Should you go forward with making the DCs compliant and getting every one up on Windows 2000 and then convert to native mode throughout, or should you try to run a parallel universe doing both your DC upgrades and your Exchange upgrades as you go? To a large extent this type of decision is based upon the size and organizational makeup of the enterprise. A second, but equally as critical, design decision is what to do with non-Exchange messaging systems. Since some connectors are present and ready to run with Exchange 2000, you can interoperate with certain legacy messaging systems. But others, such as the VINES example in the sidebar earlier, will require a full-blown conversion to Exchange 2000 Server. So how will you accomplish this feat? Solving the directory configuration issue will be of great help to you. Take a look at Figure 2.3 to see what I’m talking about. In the top half, you see a forest in which you have a single Windows 2000 domain that’s has a two-way nontransitive trust with two NT 4 domains. The W2K domain could be in either mixed or native mode—it matters not to the forest deployment. But you do have an issue of non-transitive trusts and their associated maintenance due to the connectivity with NT 4 domains. Designers need to consider the subtle nuances of such environments. FIGURE 2.3
A heterogeneous forest consisting of W2K and NT4 domains
In the second half of Figure 2.3, you see that we’ve migrated the other two domains to Windows 2000, and they are now domains that are under
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Directory and Name Resolution Configurations
59
the root domain, yourcompany.com. Alternatively, we could’ve elected to upgrade the two NT 4 domains in such a way that they joined the root domain and then we could separate the users out into OUs, such as Marketing and Sales. Either way works, and the whole thing depends on the size of the domain being considered, the geographical scope, and other considerations. Because a single AD domain can hold millions of objects, you’re not forced to maintain multiple domains anymore, and you can logically separate your working areas out into OUs.
Name-Resolution Services We need to consider two separate name-resolution services when we’re thinking about how name resolution fits into the Exchange 2000 Server design: Domain Name Service (DNS) and Windows Internet Name Service (WINS).
DNS In order for Windows 2000, and hence Exchange 2000, to work, DNS has to be installed somewhere on the network. Windows 2000 doesn’t care if it or some other NOS provides the Domain Name Service (DNS) functionality, as long as the DNS server that’s providing such services supports some of the newer DNS features. A Unix DNS server running Berkeley Internet Name Domain (BIND) DNS must be able to support SRV resource records. The other stuff—secure and incremental zone transfers, WINS lookups, and things like that—aren’t necessary for Windows 2000 DNS operation. The very minimum requirement you have for DNS is the support of SRV resource records. In bigger installations, you will undoubtedly be working with Unix BIND servers for your DNS resolution, and that’s fine. Things can stay the way they are; there’s no need to get into DNS religious wars. However, the BIND version is something you’ll need to ascertain from the Unix admins, and if the version isn’t compatible with what you need for Windows 2000, you’ll have to see to it that it’s upgraded. The chart below shows some common BIND versions and the updated support they provide: BIND Version
Supplies
4.9.6 or later
Support for SRV records
8.1.2 or later
Support for dynamically updated DNS zone database
8.2.1 or later
Support for incremental zone updates
8.2.2
Support for AD
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
60
Chapter 2
Resource Needs Determination
WINS Windows Internet Name Services (WINS) will probably still be needed in networks for some time to come. Legacy applications that require WINS for their name-resolution services aren’t likely to go away just because Windows 2000 is out and it’s the hot thing to have these days. Taking stock of WINS servers, whether they’re Windows 2000– or NT 4–based, is a part of the Exchange 2000 Server design agenda. Exchange 2000 Server doesn’t use WINS, it uses DNS. But earlier Exchange versions, those that are pre–Exchange 5.5–SP3, may.
Analyzing How Exchange Server 2000 Will Impact the Existing Network
T
his objective has some interesting features to it that you may not initially think about. We’ve already discussed in some detail how you’re required to have at least one Windows 2000 domain installed, and how, in order to fully leverage the features of Exchange 2000, that domain should be in native mode. Clearly you’re only going to want to keep your Windows NT 4 domains around until such time as you’ve had a chance to convert them to Windows 2000. A conversion of all Windows NT 4 domains to a Windows 2000 forest is in order. You can install AD and set the network to native mode at such time as all domain controllers have Windows 2000 installed on them. At that time, it makes the most sense to begin deploying Exchange 2000 Server.
Microsoft Exam Objective
Analyze the impact of Exchange 2000 Server on the existing and planned network. Considerations include requirements for local authentication servers and local global catalog servers, delegation and rights assignments, bandwidth, and messaging traffic.
Requirements for Local Authentication Servers and Local Global Catalog Servers Users logging onto the network will be validated by a Global Catalog (GC) server using their User Principal Name (UPN). The UPN is a combination of the Relative Distinguished Name (RDN) plus the domain in which the user
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing How Exchange Server 2000 Will Impact the Existing Network 61
is located. For example, user RalphP in the sales.verybigcompany.com domain would log on with the UPN
[email protected]. Administrators can provide an alias to longer, more complicated domain names like this so that users don’t have to type huge strings in order to get logged on. Once a user is validated, he or she has access to the e-mail system, provided the account is a mailbox-enabled account. Because AD is used as the directory, very granular changes to the directory, down to the object attribute level, can be replicated. For example, when a mailbox record is updated, instead of replicating all of the mailbox information to other directory servers, only the attribute of the mailbox object that has changed is replicated. This helps minimize traffic on the network. Updates to the schema are replicated more slowly than updates to the directory and may take a longer time to replicate to outer sites, creating some “object not found” errors. This is a self-healing error but will take time to correct itself. Administrators will find that they’ll have to monitor the security associated with the Exchange 2000 Server system much more closely. There are three factors that play into Exchange 2000 Security: Routing Groups Exchange 2000 Servers that are well connected and have point-to-point 24/7 connectivity can send messages directly from source to receiver. Routing groups connect with a bridgehead server running a bridgehead connector. Administrative Groups An administrative group is a collection of AD objects that have been brought together for the purposes of permissions management of some aspect of the Exchange 2000 system. Coupled with Exchange 2000 Server’s virtual server capability—that is, the ability to run two separate instances of Exchange on the same server under two separate sets of administrative permissions—it is possible to come up with very complex security granularity when designing the rollout. Policies Access to all Exchange 2000 objects is administratively controlled through policies. At this time, administrators can manage recipients through policies, but only to the extent that they can apply the default proxy address. Other objects such as server, public store, and mailbox store policies can be fully administered.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
62
Chapter 2
Resource Needs Determination
Bandwidth Because of the bridgehead servers set at the edge of routing groups, your WAN bandwidth can be controlled, to a certain extent. Internet bandwidth, especially in the area of Conferencing Server, will be of concern to you. Today, hardly anyone on your network is using virtual collaboration. Tomorrow, with the advent of Conferencing Server, people could be holding virtual meetings across WAN circuits and the Internet, saving lots of time and money. Can the circuits handle the load? If you’re planning on purchasing Exchange Conferencing Server to go along with your implementation, and you’re going to roll in full-bodied collaboration operations, plan on much more activity on the network than before. Two users utilizing instant messaging or a group of users utilizing Office 2000 connectivity tools to collaborate over the Web will undoubtedly mean extra packets flowing over the wire. The extent to which this wire is loaded is in direct relation to the amount that you intend to leverage these services.
Messaging Traffic Messaging traffic can increase in ways that were not previously utilized. Because Exchange 2000 Server supports multiple public folder trees, you may wind up utilizing public folders much more than previously, and this could have some bandwidth impact on the network. Also, public folder trees that are additions to the initial tree are only visible by NNTP or Web clients. The only exception is if you’ve got a Web page in the secondary public folder trees; these can be read by Outlook 2000 clients. Outlook 2000 provides the capability of setting home pages for each folder. When using Web-based secondary trees, consider the impact of deploying O2K clients that automatically pull up the home page for the folder. The capability of separating protocols, stores, and directories onto separate servers may have an impact on the network in terms of where you place these different servers and how much they have to talk to one another. Instant Messaging (IM)—the capability of one person to bring up the address book to see who’s online, then connect with a person, much like you would a phone call—will have an impact on both bandwidth and messaging traffic. Virtual collaboration techniques, once they are understood by users and fully leveraged, will increase messaging traffic. IM differs from NetMeeting in that it looks similar to a chat client. It does not have the robust virtual conferencing features that NetMeeting has and is intended for quick person-to-person conversations.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing How Exchange Server 2000 Will Impact the Existing Network 63
Design Scenario: Figuring Out How Much Mail’s Going Across the Messaging System Today Freddy is the administrator of a large Exchange Server organization. He wants to roll out Exchange 2000 Server. The Windows 2000 rollout was accomplished earlier this year, and all DCs are fully deployed with Windows 2000 Server and are running AD in native mode. The Exchange 5.5 SP3 servers that Freddy maintains are non-DCs currently running NT 4. Freddy wants to know how he can analyze the extent to which the messaging system is being used today in order to have some understanding of how the system will be used tomorrow. Some virtual collaboration using NetMeeting is going on, but not much. Freddy runs Performance Monitor on his Exchange Servers (Performance Monitor is called System Monitor on Windows 2000 servers) to obtain the following reports of Exchange Server activity: Bytes Total/sec Gives him the number of bytes per second that each server is sending and receiving. Freddy can use this number and compare it to the maximum bandwidth the server can attain. If the total number of bytes is close to the maximum bandwidth number, Freddy’s got a hardware bandwidth issue he’s got to deal with. Messages/sec (MSExchangeMTA) Yields the number of messages per second the system is sending out. Freddy monitors this number during various times of the day to get a feel for peak and lax times. He captures the data from this monitor and feeds it into a report for later viewing. Message Bytes/sec (MSExchangeMTA) This counter gives Freddy the amount, in bytes, of the messages that the Mail Transfer Agent (MTA) is regularly sending out. The combination of this counter and the one above creates some good baseline numbers for use in planning an Exchange 2000 Server deployment. Reads/sec (MSExchangeDS) Freddy uses this counter to figure out how many replications the Directory Store (DS) undergoes with its fellow site servers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
64
Chapter 2
Resource Needs Determination
If Freddy had Systems Management Server 2.0 installed in the environment, which he does not, he could use the Network Monitor tool that comes with the product to analyze the client computers using NetMeeting during a virtual collaboration in order to get an idea of the load placed on the system. Alternatively, he could ask the internetworking people to sniff the network and make some estimations about how much bandwidth these kinds of collaborations take up, then multiply according to estimates about how involved the new Exchange Conferencing Server system will be in virtual collaboration on a day-to-day basis.
Analyzing the Existing Messaging System Architecture
S
o it appears from the previous discussion that there is a logical method to figuring out where you’re starting from and where you’re heading. The plan is straightforward: analyze the existing architecture, make decisions about how the architecture must change going forward into the new environment, make the changes, and provide a backout in the event of failure. Optionally, you can introduce a parallel path where you implement the new system while the old is running, copy users over as the opportunity arises, and eventually dismantle the old systems.
Microsoft Exam Objective
Analyze the existing messaging system architecture and potential changes to this architecture. Considerations include potential message routing changes, client computer access changes, administrative model changes, and changes to messaging-based applications.
Message Routing Changes First take stock of the hardware with which the existing infrastructure is built. If you’re going with a parallel path where you’re going to keep the old system going alongside the new, you’ll need new hardware for your Exchange 2000
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing the Existing Messaging System Architecture
65
Servers. Hardware is going to play an important role in the design, because you have so many options in how you design and build the new system. For example, suppose that you decide to put the Exchange 2000 system on a cluster. This means you have at least two servers that are identical and have very healthy hardware, but also implies that there is some SCSI-to-SCSI or fibre-channel gear that can measure the heartbeat between them. As you might expect, terrific expenses can be incurred when setting up clustered environments. Suppose too that you intend to separate the server roles, directory, store, and protocol, onto different servers. This will also require separate server purchases. Next, examine how the users utilize e-mail, what their mailboxes are like, what the distribution lists are made up of, how users send e-mail out onto the Internet, and what specialized folders or applications are in use. You’ll have to somehow duplicate these things in the new realm. Finally, ascertain what sort of shape the Windows 2000/Active Directory layout is like enterprise-wide, noting that where there is no Windows 2000 with AD running in native mode, you’re not going to do yourself any good rolling out Exchange 2000 Server. The two operate hand in glove (along with IIS 5.0). Message routing changes have to do with the way that you set up the new Exchange 2000 Server routing groups, whether you choose to consolidate the various databases onto one or two servers and the extent to which Windows 2000 has been rolled out to the enterprise.
Client Computer Access Changes Some changes might occur when we talk about client computer access, but there are only a couple of different scenarios that you really have to watch out for:
If you have users that currently log into a non-Windows system, such as Novell NetWare then utilize Exchange messaging systems through a Windows to NetWare connector, you’ll have to take stock of how an Exchange 2000 upgrade will affect these users. Windows 2000 supports the same NetWare connector functions that NT 4 supported, so things shouldn’t change too much for your NetWare users. However, if users were used to logging into a NetWare server, then passing in a set of credentials to access their Exchange accounts, the credentials will very definitely change. Again, this is relative to the type of client that’s installed on the client computer, whether a Windows client, NetWare client, or both, but it is something to be cognizant of and to plan for.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
66
Chapter 2
Resource Needs Determination
Users utilizing non-Windows and non-NetWare computers, such as Macintoshes or Unix computers, may require some special handling. Windows 2000 supports Services for Macintosh (SFM) just as NT 4 did, so with the exception of the changed logon name (moving from a standard logon name to a UPN in Windows 2000), Mac users shouldn’t notice any difference. Windows 2000 supports Services for Unix (SFU), which can help you get your Unix (Linux, x-window, etc.) users talking to the Windows system. See www.Microsoft.com/Windows2000/sfu for more details.
Administrative Model Changes Older messaging systems, especially older Exchange systems, may have spawned a slightly decentralized administration model in your network. If you had a dozen Exchange servers, for example, spread out over equally as many states, you may have had to rely on admins in those other states to maintain the servers. The DS and the Information Store (IS) were probably both kept at the site server in each of the various states, and additions, deletions, and corrections to the store databases were handled by the admin controlling that particular server. Nothing was really centralized, with the possible exception of standards that emanated from your group. You have a chance to change that model, if you so desire, now that you’re planning an Exchange 2000 Server rollout. It’s possible to centralize the stores, using storage groups, if need be. It’s also possible to separate out the server roles. And, since Windows 2000 handles the directory structure and associated replication, you don’t have to worry about directory changes. But the administrative model does change somewhat, because now you’re going to control who has access to administer the Exchange servers through domain groups, rather than adjusting the permissions from within Exchange Server itself.
Changes to Messaging-Based Applications Take a look at the kind of messaging software that’s running. In heterogeneous environments, where you’ve got two or more messaging systems talking to each other, you’ve go to figure out how the interaction works and then how to make it happen in Exchange 2000. In some cases this will be easy enough because of the connectors that ship with Exchange 2000, but in others you may have to get creative in the way that you get the systems to talk to each other. In homogeneous environments, your work isn’t as difficult but requires the same kind of thought.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing the Existing Messaging System Architecture
67
Determine what sorts of plans you have for the new environment. Web collaboration may require that you thoroughly investigate the user requirements for their collaborative efforts. Specialized Web forms might require the retention of a developer (or the re-routing of developers within the IT area to code up the Web forms). Collaboration using WebDAV with users over the Internet may require that you nail up a virtual private network (VPN) using Windows 2000 VPN tools, that you spruce up your Internet bandwidth, and that you train users on how to do such collaboration. On top of that, you will, of course, probably want to purchase Exchange Conferencing Server. Ascertain what, if any, kinds of third party add-on or snap-in applications are running in the current environment. Contact the vendor and determine if there is support for the application in the Exchange 2000 Server environment, or if you’re going to have to maintain legacy support until such time as a suitable Exchange 2000 replacement is found. You now have a clear plan on where you’re coming from and where you need to go. But it needs to be stressed that this kind of project management and logical layout of the way things are versus the way they need to be might take weeks or months to prepare before you ever install the first server. It cannot be stressed enough that a good plan well implemented will lead to a successful conclusion. It’s the difference between plinking at pop cans versus sharpshooting.
Design Scenario: The Good, the Bad, and the Ugly of Corporate VPNs You’re really getting psyched up for this new Exchange 2000 Server rollout. Especially interesting to you is the Internet-based collaboration you can set up. Since your company has many software developers who would like to frequently work from home, but who need to come into work for crucial design meetings, you feel that you can really leverage the virtual collaboration features nicely, especially since most of the developers already have a high-speed DSL or cable modem connection to their homes. You get involved with the Windows 2000 admins and set up a Windows 2000 VPN server that utilizes Layer Two Tunneling Protocol (L2TP) and IP Security (IPSec). You have a 6 MB pipe to your ISP, a 100Mbps per user standard connection and a 1000 Mbps backbone. You test the VPN and it works very nicely.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
68
Chapter 2
Resource Needs Determination
However when several developers working from home begin to access the network through a VPN, internal users cannot access the Internet, and the network slows to a crawl. In investigating, you have a Homer Simpson moment when you realize that the six developers you have coming in at 256KB speeds takes up 1256KB, and the three developers you have with cable modems can each utilize up to 2MB apiece! When all nine developers are on line at once, the aggregate bandwidth has completely exhausted the Internet pipe, and between that, the virtual collaboration efforts going on with these remote users, plus the efforts of everybody in the building trying to access the Internet—not to mention the ordinary workaday efforts of the people in the company— you’ve steadily brought the net to its knees.
Analyzing Existing Messaging System Clients and Client Configurations
Existing messaging clients and commensurate client configurations won’t play quite as complex a role as some other things we’ve mentioned previously, but they’ll certainly need to be taken into consideration. Exchange 2000 Server supports the full legacy cadre of Outlook clients, as we mentioned before. Web clients, including Unix clients, will be able to access the Exchange 2000 system, provided they have the correct credentials and that you’ve accurately set the permissions. The old Exchange client is also supported.
Microsoft Exam Objective
Analyze existing messaging client configurations. Considerations include hardware, operating system, access methods, existing message store requirements and existing messaging client(s).
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Analyzing Existing Messaging System Clients and Client Configurations 69
Hardware Client computer hardware will not be of huge import, provided that you have the hardware base to connect to today’s messaging infrastructure. Any new clients coming on line must be brought up to hardware standards that are sufficient to support any messaging clients you want to introduce.
Operating System Considerations The predominantly supported messaging clients are Microsoft Outlook, in all its flavors, and an Internet browser. Between these striations of clients, you have Unix, Macintosh, and all the Windows operating systems covered for messaging client support.
Access Methods In order to access the Exchange 2000 messaging system, users must log on to the Windows 2000 network with a valid UPN that is associated with a mailboxenabled account (as opposed to a mail-enabled account—mail-enabled accounts are what legacy Exchange server Custom Recipients were). You can have only one mailbox per account.
Existing Message Store Requirements Limitations that were imposed on older messaging systems may be able to be maintained with the new system. For example, in older Exchange Server environments, it’s possible to limit the size of both incoming and outgoing e-mail, thus reducing the load on the servers and the size of the database to be maintained. These limitations can be maintained in the new Exchange 2000 system. Other limitations that may have been imposed by non-Exchange systems need to be investigated to see if there is a compatible way to limit the message store in the Exchange 2000 environment.
Existing Messaging Clients You can mess yourself up in certain situations and find that you have to backpedal a bit. Additions to the schema using ADSI or the MMC (you can only use the MMC if you have Schema Administrator permissions) can create some confusion if not correctly implemented. Fortunately, schema modifications can be inactivated if they’re wrong, but they cannot be deleted.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
70
Chapter 2
Resource Needs Determination
Why would a client configuration be of interest relative to a schema modification? Because some clients (think of Outlook 97, for example) cannot support robust schema components that other clients may be able to. Suppose, for example, that you want to add an attribute called “Agency ID” in the schema. How would this translate to an Outlook 97 client configuration component? As a custom field? Questions like these need to be answered prior to rollout. Public folder design is also of concern to you relative to client configurations. In earlier Exchange systems, permissions were applied by the Exchange administrator. Now public folder and distribution list access is controlled through AD groups. Correct enumeration of these groups will be of concern during rollout— to make sure that users can continue to access public folders and their DLs. Finally, if you have non-Exchange messaging systems that you’re utilizing, you’ll have to make decisions about whether the client software being used by these “foreign” systems will be compatible with Exchange 2000. If not, a workaround of some kind has to be discovered and put in place. All that being said, the Talking Head’s song “Same as It Ever Was” should basically apply to your rollout, unless you’ve got a very large enterprise, a very complicated parallel implementation you have to go through, or you’re converting from non-Exchange systems.
Design Scenario: The Linux Developer Needs Her Mail! You’re the administrator of a large Exchange 5.5 SP3 environment. Several of your developers are Linux developers that write C code for firmware that goes into integrated circuits (ICs) that your company produces. One of the developers approaches you to see if there’s a way she can use her Linux machine to access her e-mail. Currently she also has a Windows computer at her desk and uses it for e-mail, but there are times, especially when she’s in the test lab, that there are no Windows computers available, and she’d like to send some e-mail without having to return to her desk. All of the Linux development computers run Netscape as their browser. Your answer for this person is very simple. She can use Outlook Web Access (OWA) to access the e-mail system through her browser. OWA will prompt her for valid logon information and then, once she’s validated, present her with a Web-based mail screen from which she can do her work.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
71
Summary
A thorough examination of your existing messaging enterprise is in order before you can go forward with an upgrade. Even in a setting where there is no current messaging environment you should still go through the design steps involved in analyzing the environment, to see what you’ve got and, more important, what you’ll need. You start by examining the server roles being played in the existing messaging environment. You need to take into account which servers are mailbox, public folder, connector, or site connector, respectively. Planning an old-to-new correlation with these servers entails a big part of your design. Because Exchange 2000 Server’s protocols are accessed through IIS 5, you’ll also have to verify your firewall configuration(s) to make sure the firewalls are capable of passing the correct protocols. You’ll also take an analysis of the current network resources available to you. Of interest is the infrastructure and associated hardware, the bandwidth the network can provide, the network topology, and again, any firewall configurations that may need adjustment. Because Exchange 2000 Server works hand-in-hand with Windows 2000, it requires DNS for its name-resolution services. The analysis of existing nameresolution services as it pertains to both DNS and WINS is of importance as you go through your design procedure. The impact that Exchange 2000 Server will have on the existing and planned network is worth analyzing as well. For starters, we’re interested in finding out how authentication happens, i.e., where the global catalog servers (GCs) are. Users log in using their User Principal Name (UPN) and are validated by a GC. Thus, there has to be at least one GC on the network to validate users, though there may be more. We’re also interested in how the rights are going to be assigned to administrators, users, and groups. It’s important, especially in a virtual collaboration setting, to be cognizant of network bandwidth and the traffic that’s generated by the messaging systems. In this chapter, we also analyzed the messaging system architecture and any potential changes we might introduce. Especially important to us is the ability to put the messaging databases into a centralized environment and to separate the server functions into directory, store, and protocol servers. We need to analyze the client software that’s going to access the messaging systems, making sure that we somehow provide support for legacy messaging applications that need to be maintained, and for a variety of different OS clients.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
72
Chapter 2
Resource Needs Determination
Key Terms Active Directory Connector (ADC) Berkeley Internet Name Domain (BIND) Border Gateway Protocol (BGP) Committed Information Rate (CIR) Domain Controller (DC) Domain Name Server (DNS) Global catalog Hypertext Transfer Protocol (HTTP) Intermediate Data Facility (IDF) Internet Group Management Protocol (IGMP) Internet Message Access Protocol version 4 (IMAP4) Lightweight Directory Access Protocol (LDAP) Main Data Facility (MDF) Message Transfer Agent (MTA) Negative Acknowledgment (NACK) Network News Transport Protocol (NNTP) Open Shortest Path First (OSPF) organization unit (OU) patch panel Post Office Protocol version 3 (POP3) Relative Distinguished Name (RDN) routing groups Routing Information Protocol (RIP) small office / home office (SOHO) switch fabric uplink port User Principle Name (UPN) virtual server well-established connection Windows Internet Name Server (WINS)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
73
Review Questions 1. You’re the administrator of an Exchange Server organization. You
want to upgrade to Exchange 2000 Server, but you find that you’ll need to retain some of your legacy Exchange servers and perform a slower, more methodical upgrade. What component will you need to install in order to allow Exchange 2000 and Exchange 5.5 to be able to interoperate with one another? A. Exchange Directory Connector (EDC) B. Exchange Storage Engine (ESE) C. Active Directory Connector (ADC) D. Active Directory Interface (ADI) E. Exchange Store Connector (ESC) 2. What is the minimum recommended wiring standard in a network
infrastructure if you’re going to run 100Base-T throughout? A. Category 3 B. Category 4 C. Category 5 D. Category 6 3. When a user logs on to the Windows 2000 network, what server
answers the logon request? A. Domain Controller B. Infrastructure master C. PDC Emulator D. RID server
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
74
Chapter 2
Resource Needs Determination
4. You’re implementing Exchange 2000 Server in a Windows 2000/Unix
environment. The Unix servers run BIND and currently host DNS. What is the minimum that BIND servers must provide in order to be able to support Windows 2000 DNS resolution requests? A. Support for Active Directory B. Support for SRV resource records C. Support for incremental zone transfers D. Support for secure zone transfers 5. What ports must you consider opening on a firewall in order to support
Exchange 2000 clients? Choose all that apply. A. 20 B. 25 C. 42 D. 80 E. 110 F. 119 G. 137 H. 389 I.
143
J. 1433 6. In your work designing an Exchange 2000 Server deployment, you’ve
determined that you want to host the three Exchange subsystems on different servers. What are the three Exchange 2000 subsystems? A. Public folder B. Mailbox C. Store D. Protocol E. Directory F. Storage
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
75
7. What are the three distinct concepts you must take into consideration
when you think about the layout of your Exchange servers as you go through your design? A. Policies B. Firewall ports C. Routing groups D. Administrative groups 8. You’ve been retained as a design consultant for a large insurance firm.
The managers at this firm want you to migrate their legacy Exchange system to Exchange 2000. In your research you find that there are three Exchange 5.5 sites that are at other geographic locations, as well as a fourth site that’s at the headquarters offices. Additionally, you find that there are people at each site who, while not dedicated Exchange admins, are charged with adding new mailboxes and helping out with routine Exchange administration tasks. What design modifications will you recommend when implementing the new rollout? A. Move current stores into one centralized storage group. B. Control administration with routing groups. C. Control administration with administrative groups. D. Put the servers in separate sites. 9. You have a mid-sized Windows 2000 network of about 5000 users and
75 servers. All of the DCs are running Windows 2000 Active Directory and are in native mode. You’ve got a three-site Exchange 5.5 system that you need to convert a piece at a time. Since your company is very e-mail–centric, it’s important that users experience minimal e-mail downtime. What hardware considerations will you need to take into account? A. Need at least one additional computer for the first Exchange 2000
server B. Need two servers for an Exchange 2000 cluster C. Need an additional server for the ADC installation D. Need an additional server to act as a routing group connector
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
76
Chapter 2
Resource Needs Determination
10. You want to install additional public folder trees in order to facilitate
some disparate areas in the Exchange system for keeping private corporate information that not everyone should know about. What clients can use these additional public folder trees? Select all that apply. A. NNTP B. OWA (browser based) C. Outlook D. POP3 E. IMAP4
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
77
Answers to Review Questions 1. C. Seems like a misnomer—Active Directory Connector—doesn’t it?
But recall that Exchange 2000 Server utilizes Active Directory for its directory structure. Windows 2000 server comes with its own ADC, but you don’t want to install it! You’ll install the ADC that comes with Exchange 2000 Server. This connector allows Exchange 5.5 SP3 servers to share directory information with Exchange 2000 servers. 2. C. Category 5 (Cat 5) wiring is required for 100Base-T infrastructures.
Cat 6 is used for 1000Base-T (gigabit) infrastructures, though some claim that Cat 5 wiring will work just as well. 3. A. The Domain Controllers (DCs) are responsible for authenticating
and logging on a user. Infrastructure masters keep track of changes to groups. A PDC Emulator is responsible for maintaining password changes and for providing PDC services to NT DCs. A RID server is responsible for maintain Relative IDs. A RID is a user, group, or computer’s unique ID. The RID combined with a domain ID that is common to a domain but used by all resources on the domain makes up a resource’s SID. PDC Emulator, Infrastructure master, and RID server are all components of a domain controller. It is the DC that answers the user’s logon request. 4. B. At the very minimum, a BIND server must provide support for SRV
resource records in DNS. The others are nice to have but not necessary. 5. B, D, E, F, H, I. Exchange 2000 Server, utilizing Internet Information
Service (IIS) 5, uses SMTP port 25, HTTP port 80, POP3 port 110, NNTP port 119, LDAP port 389, and IMAP4 port 143. Ports 20 (and 21) are used for FTP. Port 42 (along with ports 137 and 1512) is used for WINS. Port 137 is used for NetBIOS browsing requests over TCP/IP. Port 443 is used for S-HTTP, and port 1433 is used for Microsoft SQL Server. 6. D, E, F. The three distinct Exchange 2000 subsystems allow you to
separate them onto different servers, providing you with enhanced design granularity. For example, perhaps in a virtual collaboration environment you might want to move the protocol server to the edge of the network, allowing for smooth interoperation between collaborators coming in from the Internet with those on the private network.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
78
Chapter 2
Resource Needs Determination
7. A, C, D. Routing groups are a physical concept. Routing groups are
Exchange servers that are connected together with a well-established connection. Routing groups connect to other routing groups with bridgehead servers. Administrative groups are a logical concept; groups of Exchange computers, regardless of the physical connect, belong to one group of administrators. Policies enforce the way that resources can interact with the Exchange system. 8. C. You know that you can control administration with administrative
groups. Administrative groups are a logical idea, not a physical one, and so you can add all of the three remote site’s administrators to a single administrative group, even though all three sites probably consist of three distinct routing groups. You don’t know if you have a well-connected environment in order to be able to centralize the stores into one local storage group. This would depend on the health of the WAN circuits, both in terms of bandwidth and uptime. 9. A. Items B, C, and D are all fine, well, and good, but you really only
need one additional server to start with in order to get your deployment going. You’ll install Exchange 2000 Server as well as ADC on this server. Then you can either move the legacy server mailboxes to this new server, andwhen you’ve got a server vacated, upgrade it and then move the mailboxes back, or simply leave the mailboxes on the new server. 10. A, B. NNTP and Web clients can utilize additional public folder trees.
Outlook 2000 can also get at the trees as long as a Web page for the tree has been written in order for Outlook to access it.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Analysis of the Telecomm Company’s Network
79
Y
ou should give yourself 10 minutes to review this case study, diagram as needed, and complete the questions for this mini-test.
Background You’ve been hired as a network design consultant for the I-Talk telecommunications corporation in a major metropolitan city. Your job is to manage a project to upgrade the current messaging infrastructure, a combination of Exchange 5, and 5.5 servers and Novell GroupWise to Exchange 2000 Server.
Current System The I-Talk Windows 2000 forest consists of one tree with three domains: italk.com, east.italk.com, and west.italk.com. There is an NT domain in Chicago called citalk (for Central I-Talk). This domain is involved in a two-way trust relationship with the others, but none of the DCs in this domain have been converted to Windows 2000 yet. Each site, Central, East, and West, has one Exchange server. Central’s, in addition to running NT 4, is also running a NetWare 4 server that has GroupWise loaded on it. East is running an Exchange 5.0 server and West has a 5.5 server that has not been upgraded to SP3. The main I-Talk site has a 5.5 bridgehead server that acts as a connector server with the other sites and an information store 5.5 server that contains mailboxes for the main I-Talk site. All of the servers are dual-Pentium 500s with 1.5GB of RAM and 6–9 GB hard drives arranged in a RAID 5 array. Each server has a hardware RAID array controller card. Each Server has a 100Base–T connection to the network. Each server has a 4GB system partition with twice the amount of RAM as a page file, and the rest is formatted for the Exchange partition. The systems are backed up by a commercial backup program that uses Exchange agents to efficiently back up the IS and DS. The WAN circuits from East, West, and Central all run home to I-Talk. There are no WAN circuits interconnecting the other sites. Each WAN circuit is a full T1 Frame Relay running at 1.544Mbps with a Cisco 2600 router with integrated CSU/DSUs at each end. The internetworking department maintains the routers. The NT Admin group maintains the DNS and WINS infrastructures.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Case Study: Analysis of the Telecomm Company’s Network
CASE STUDY
80
Chapter 2
Resource Needs Determination
Problem Statement Without interruption to service, design a suitable upgrade path and implement.
Envisioned System Overview You plan on purchasing a third Exchange server that will be located at the main I-Talk site. You’ll install Exchange 2000 Server and ADC on this box in order to connect to the legacy Exchange sites and use it as a swing server for your upgrade, plus a separate connector server to the GroupWise box.You’ll gradually move mailboxes off of the main server, convert the server to Exchange 2000, move the mailboxes back, then move your new server to the next site, East, and do the same thing. You’ll repeat this until all servers have been converted. You present your plan to the Director of Operations, the man who hired you for the job. Director of Operations “Sounds like a good plan. It is absolutely necessary that we maintain communications between the systems while the conversion is going on. The NT admin team has plans to finish up the Windows 2000 upgrade in Central within a few weeks.”
Security Security is of moderate importance. NT Admin Team Lead “Windows 2000 maintains the security infrastructure anyhow, so all I need from you is how to create and populate the groups as you move along with your upgrade.”
Availability The system must be available 24×7×365.
Maintainability Overview Any good project plan requires a backout methodology so that you can revert in a worst-case scenario. Director of Operations “I like the idea of a swing server. That way, if we get in any trouble, we still have the legacy server to fall back on and
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Analysis of the Telecomm Company’s Network
81
Performance The network backbone runs at gigabit speeds in all locations. You’re recommending that all Exchange servers be updated to a gigabit network interface card (NIC), cabled to the core gigabit switch and set for full-duplex operation. Internetworking Team Lead “I have gigabit ports available on all four core switches for the Exchange servers. It will be no problem to host these servers at the gigabit level.” NT Admin Team Lead “I’m OK with the idea. Outages on the Exchange servers must be done with our regular maintenance window, every other Saturday from 2:00–5:00 AM.”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
can simply restore the user’s mailbox from the previous night’s backup tape. Yes, the user will miss today’s mail, but we at least have a solid reversion plan that we can rely on.”
CASE STUDY
82
Chapter 2
Resource Needs Determination
Questions 1. Is it imperative that the NT domain be converted to Windows 2000
before you can complete the conversion? A. Yes, it is imperative but doesn’t have to be done right away. B. Yes, it is imperative and has to be done right away. C. No, it is not imperative. The domain would never have to be con-
verted and the upgrade could still take place. D. Not enough info in this case study. 2. If you upgrade everything in such a way as to retain the sites the way
they are today, how many routing groups will you be left with? A. 1 B. 2 C. 3 D. 4 3. How many Global Catalog servers are required before the Central site
is converted? A. 1 B. 2 C. 3 D. 4
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Analysis of the Telecomm Company’s Network
83
Exchange 2000 may adversely impact network bandwidth. What are some things you can tell her to ease her concerns? Choose all that apply. A. The network is currently running a gigabit backbone and the legacy
Exchange system isn’t taxing it, so you have no reason to believe the new system will. B. You have greater granularity in the way that you place the subsystems
of Exchange 2000 so as to minimize network bandwidth usage. C. Because AD is the directory service that’s used for Exchange 2000
server, mailbox replication can occur down to the object attribute level, thereby cutting down on bandwidth usage. D. Routing groups can help minimize WAN traffic. 5. Given the following table, rank in order the tasks that you think you’ll
perform in order to accomplish this design. Note that the list certainly is not all-inclusive! Order
Project Install GroupWise connector on Exchange 2000 Server Procure additional Exchange 2000 Server(s) Upgrade remote site servers to Exchange 5.5 SP3 Convert GroupWise users to Outlook and Exchange Get Central NT network converted to 2000 Install Exchange 2000 Server at Central site Use swing server to upgrade servers and users Get rid of NetWare and GroupWise server
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
4. The CIO has a talk with you by the water cooler. She says she’s afraid that
CASE STUDY
84
Chapter 2
Resource Needs Determination
6. What happens to any Distribution Lists (DLs) that had been created
on the old Exchange servers? A. They’re converted to Universal Security Groups and populated
with the users that originally had permissions to them. B. They’re converted to Universal Distribution Groups and popu-
lated with the users that originally had permissions to them. C. They’re converted to Global Distribution Groups and populated
with the users that originally had permissions to them. D. They’re converted to Global Security Groups and populated with
the users that originally had permissions to them. 7. Are there any missing components in your plan? Select all that apply. A. No way to convert GroupWise mailboxes, DLs, public folders, and
address books to Exchange B. No fault tolerance plan C. No backout strategy D. No name-resolution server study
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Analysis of the Telecomm Company’s Network
85
1. C. The NT domain is the one that has the GroupWise server in it. If
I-Talk management didn’t want to convert the server to Exchange, there’d be no compelling reason, at least on your part, to do anything about an NT-to-2000 domain conversion. What if the Central site’s e-mail server was a legacy Exchange server? Would the domain conversion be necessary then? Actually, not really. Because of the ability to host information stores on a different server, it’s theoretically possible that you could host the Central IS on your main Exchange 2000 Server back at I-Talk HQ, move the users to this new server, and simply dismantle the Central server. You’d still not have to have a domain conversion, though users may have an authentication issue they’d have to deal with. 2. D. A routing group is a group of Exchange servers that share a well-
established connection. The two Exchange servers at the Main site would compose a single routing group, as would Central, East, and West, respectively, once they were upgraded. It’s important to remember that a routing group is a physical concept, whereas an administrative group is logical in nature. 3. C. By virtue of the way that Windows 2000 installs, there is always
one GC per forest. There can be more, but there is a sliding scale where your network begins to suffer performance-wise if you add too many GCs to a single domain. Until the NT domain is converted, there are at least three GCs required. 4. A, C. Routing groups still have to talk to other routing groups, so
there will still be a modicum of traffic going out over the wire. Putting different Exchange subsystems onto separate servers doesn’t really help bandwidth as much as it does server processing and isolation of services. The case study doesn’t say that you’re adding any collaboration services (it doesn’t say that you’re not either), so you could tell the CIO that the new system won’t use any more bandwidth than the old. You could also tell her that since AD is handling the directory stuff, replication bandwidth will be cut down a lot.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
Answers to Questions
CASE STUDY ANSWERS
86
Chapter 2
Resource Needs Determination
5. The correct order is:
Project Procure additional Exchange 2000 Server(s) Upgrade remote site servers to Exchange 5.5 SP3 Install GroupWise connector on Exchange 2000 Server Get Central NT network converted to 2000 Install Exchange 2000 Server at Central site Convert GroupWise users to Outlook and Exchange Get rid of NetWare and GroupWise server Use swing server to upgrade servers and users Some of these steps will happen simultaneously with one another. You should procure not one but two Exchange 2000 servers. You want to have an Exchange server ready to go at the Central site once it has been converted to 2000. See to it that the West and East sites are updated to Exchange Server 5.5 SP3. While that’s happening, hopefully the NT team can get the Central site updated to Windows 2000. Once that’s done, you can install the Exchange 2000 Server at the Central site. Next, convert all of the GroupWise users at that site to Exchange and train (a step that will be lengthy). Dismantle the NetWare and GroupWise server. Finally, use the swing server to upgrade the rest of the sites. Note that you could use the swing server simultaneously with your efforts to get Central converted. 6. B. Distribution lists are converted to Universal Distribution Groups
(UDGs), and the users that had permission to use them when they were DLs are added to the UDG that represents the old DL. Public folders are converted to Universal Security Groups (USGs) with the same sort of permissions activity.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Analysis of the Telecomm Company’s Network
87
a mailbox or set of mailboxes before moving them. You’ll move them to the new Exchange 2000 Server. If things go awry for any reason, you can always restore the mailbox back to the original Exchange 5.5 server. You probably don’t care about a name-server study because the network has already been 3/4 of the way converted to DNS, though you might ask a question or two about how WINS is working in the NT domain. What you are definitely missing is some method of moving users’ GroupWise mailboxes, address books, public folders, and distribution lists to the new system. Exchange 2000 doesn’t provide that, so it’s up to you to knock on NetWare’s door for the utility or find a third-party solution. You didn’t plan on a cluster server, though you could have, so you lack some fault tolerance in terms of the information stores. But the server disks on a RAID array so you’ve at least partially got the fault tolerance thing covered. Exchange 2000 Server supports active/ active clustering, by the way. This means that both or all sides of the cluster are actively involved in the server process at the same time, unlike active/inactive where one side is not active and is simply waiting for a failover. Wrapup: An easy, though several month long deployment. You’ll have fun and make some money with this particular assignment! The scariest part? Getting the GroupWise mailboxes moved over to Exchange. You can bet your last dollar that if one of the GroupWise users loses his or her e-mail in the migration process, the whole project will have a black eye.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
7. A, B. You have a backout strategy with your swing server. You’ll back up
Chapter
3
Going About the Business of Designing an Exchange 2000 Server Deployment MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Design an Exchange 2000 Server routing group topology. Design an Exchange 2000 Server administrative model. Considerations include organizational unit (OU) structure, policies, administrative group placement and boundaries, permissions, and multiple stores. Design an Exchange 2000 Server real-time collaboration solution that uses Chat Service, Instant Messaging, or both. Plan public folder usage and implementation. Considerations include company structure, geographical structure, maintenance policies, permissions, replication, and indexing.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
T
he goal of this chapter is to take into consideration those things that go into a solid Exchange 2000 Server messaging solution. We’ve talked in earlier chapters about routing and administrative groups—those things are certainly part and parcel of a well-done design. You’ve got to know how the server farm is going to look, and how it’s going to be managed. But we’ll go further in this chapter and talk about the implementation of real-time collaboration solutions such as Chat and Instant Messaging—neither of which you’re probably using today, but if cleverly deployed you’ll be using tomorrow. We’ll also talk about public folders and their wise implementation. I’ve seen terrible examples of public folder usage and very good examples. We’ll talk about both to see if we can help you change something that can grow out of control into something that can be a viable highly useful commodity for your users.
Designing a Routing Group Topology
Microsoft Exam Objective
Design an Exchange 2000 Server routing group topology.
T
opologically speaking, an Exchange 2000 routing group is the equivalent of a legacy Exchange site. For example, looking at Figure 3.1, in the top half of the figure you see a four-site Exchange deployment. The Cincinnati site server acts as a bridgehead server, relaying messages from, say, the Vancouver server intended for the Denver server. A bridgehead server acts as a message relay agent. In Figure 3.1, the Cincinnati server has the Exchange Site Connector installed in order to facilitate communications between the three servers. Additionally, each site server would have the Exchange Site Connector installed and pointing to the Cincinnati site. In this illustration, we have a system whereby the
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Routing Group Topology
91
Cincinnati server is acting as “Grand Central Station,” as it were, the connecting point where all mail flows to on its way somewhere else. Note that the Cincinnati server could additionally have the Internet Mail Service (IMS) installed, and thus be capable of sending e-mail out onto the Internet. In the second half of Figure 3.1, you see a network where all Exchange servers have been converted to Exchange 2000 Server and each server is acting as a routing group server. In order to accomplish this design you would have to physically configure each server to act as a routing group bridgehead server, but you could, as a simple additional step in the configuration process, set it up so that you had a complete mesh routing configuration as shown. An e-mail message sent from Vancouver to Denver would not have to first go through the Cincinnati site to find its destination. This design is our end-goal—to have Exchange sites set up in such a way that we have bridgehead servers connecting the various routing groups and guaranteeing e-mail delivery through the cheapest and fastest route. But we’ve got some ground to cover before we get to this step, so let’s back up a bit and go through the basics of how we get to our final destination. FIGURE 3.1
The old and the new
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
92
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
A routing group, as we’ve stipulated in earlier chapters, is a group of Exchange servers that are connected by a well-established, permanent, reliable connection. Fast isn’t necessarily a prerequisite, although you and I both know that faster means better service. For example, several Exchange servers grouped together on a LAN could be members of a single routing group. They’re on a stable network, that’s fast, available, and reliable. All servers don’t necessarily have to be Exchange 2000 servers either. As long as we’re in mixed mode you can have Exchange 5.5 SP3 servers participating in the routing group process as well, as shown in Figure 3.2. But there is a caveat associated with this kind of configuration that we need to talk about before we can go through the steps of developing our routing group structure. We’ll cover this caveat in the connectors section that follows. FIGURE 3.2
A heterogeneous routing group setup
In Figure 3.2, we see the same sites as before, but now we’re looking at four distinct routing groups, each of which contain one to many servers—either
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Routing Group Topology
93
Exchange 5.5 or Exchange 2000. The servers at the edge of the network that act as bridgehead servers enable the interconnection between the routing groups. It is possible (perhaps even preferred, from a fault-tolerance standpoint) to have more than one bridgehead server in a routing group. Several methodologies and connectors can be used in designing and deploying routing groups. There are three rules that you must follow when creating routing groups:
All servers in a routing group must be in the same forest.
All servers in the routing group must be able to be connected by an SMTP connector (there is an exception to this we’ll talk about in the connectors section).
All servers in the routing group must be able to communicate with the server designated as the routing group master—one server in each routing group charged with maintaining the link-state table and propagating it to the rest of the servers in the group.
There are many reasons to consider breaking the Exchange organization up into different routing groups. Most importantly will be whether servers are connected together with a well-established connection. Even in a LAN environment, if the network is slow, unreliable and goes down often, you may not want the Exchange servers connected together in a routing group. Routing hops are another important consideration. Servers in routing groups are only one hop away from another—they don’t have to traverse several servers to get a message to a recipient. Additionally, if you have to schedule your message transmissions (perhaps as in the case of expensive or highly-used WAN circuits), you would consider separating the servers into routing groups. The most important consideration, though, the underlying factor that will typically determine where to break the servers into routing groups, is the internetwork connectivity (the WAN circuitry). The key to the whole question of how to set up routing groups is to determine this: Are the connections fast, permanent and reliable?
Because routing groups determine which clients can view public folders, you can use routing groups to control your public folder deployments. While probably not a major determination factor in your routing group design, it’s one to consider.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
94
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Mail-Sending Methodologies In Exchange 2000-land, as with any system, there are only four possible conditions under which a message might be sent to a recipient:
The sender and recipient are on the same server.
The message is destined for a server in the same routing group.
The message is destined for a server in a different routing group.
The message is destined for a server outside the Exchange organization (either another Exchange system elsewhere or a foreign messaging system).
In a single-server e-mail environment, we don’t need any stinking routing groups. When a user composes and sends an e-mail message to another person on the same server, the server simply picks the message up and pops it into the other user’s inbox. End of story. In a setup where we’re sending an e-mail to a recipient on a different server, but one that’s in the same routing group, the message is sent directly from the sender through both servers to the recipient. There is a difference in the protocols used, depending on whether the server is an Exchange 5.5 or an Exchange 2000 server, but we’ll talk more about connectors in a moment. In a scenario where we’re sending an e-mail to a user in a different routing group, things get a bit more complicated. The sender’s server detects that the e-mail is destined for someone in a different routing group. The link-state table is checked, and a cost-efficient route is selected. The message is sent either directly to the routing group that’s supposed to receive the message (if it’s only one hop away), or to a routing group that can forward the message to the recipient’s routing group if more than one hop away. Because you’re always dealing with single hops in routing groups, the link-state information tells you only where the next adjacent routing groups are, not those three or four hops away. If the server sees that you have an e-mail that is destined for a routing group three hops from you, your routing group sends the e-mail out to the next adjacent routing group (according to its link-state table). That routing group can then forward the e-mail to the receiver or to the next routing group in the link, and so on. This process continues until the e-mail finally arrives at the recipient’s routing group and can then be delivered. Looking at Figure 3.2 again, suppose that you were on an Exchange 2000 Server in the Vancouver site and you composed and sent an e-mail to somebody on the Exchange 5.5 server in the Dallas site. Your server would note that the recipient’s inbox is not locally available. It would check its link-state information, see that the recipient was in a different routing group and forward the e-mail to the
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Routing Group Topology
95
bridgehead server. This server would send the e-mail out through a connector to the Dallas site’s bridgehead server, where the process would be reversed; the e-mail would be examined to see what its destination was, and that it was destined for an internal recipient the server knew about. In the case of an e-mail that’s sent to a recipient that’s not in the Exchange organization, the e-mail is forwarded, as needed, through routing groups until the connector to the foreign system is found and the e-mail is delivered. For example, suppose that you’re sending an e-mail from Vancouver to someone on the Internet. The recipient is not found in the Active Directory services, so the e-mail is forwarded to the server running the connection to the Internet.
Supported Routing Group Connectors There are five different protocols that can be used with routing groups and their associated connectors. Note that one of the connectors, the X.400 connector, utilizes X.400, TCP and X.25, depending on the type of circuit it connects. There are reasons why you might choose to use one protocol over the other. The protocols are as follows: Routing Group Connector The default connector that’s used with routing groups, this connector makes use of the SMTP protocol to communicate directly with Exchange 2000 servers. When the Routing group connector is being used to connect an Exchange 2000 and an Exchange 5.5 server, the SMTP protocol is not used. Instead the Remote Procedure Call (RPC) protocol is used by Exchange 5.5 servers to provide this connectivity. A bridgehead server is responsible for handling the transmission of messages between two routing groups. When setting up a routing group connector, you have three bridgehead server choices. If you don’t stipulate a bridgehead server, it is assumed that all servers in the routing group can act as a bridgehead server when it comes to message transmission. If you select only one bridgehead server, all e-mail destined for another routing group flows through that server. This is a good choice for administrators who want to be able to track and control the messaging going out to other routing groups. Finally, you can select multiple bridgehead servers within a routing group. You’ll have a more complex installation to administer, but you gain fault tolerance and scalability by having multiple bridgehead servers in an installation. Routing group connectors give administrators the ability to control the connection schedule (when e-mail can be sent to other routing
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
96
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
groups), the message priority (low, medium and high), and the message size limits. Routing group connectors must be configured in pairs— inbound and outbound. You configure routing group connectors from the Organization Connectors node. Right-click Connectors and select New Routing group connector, as shown in Figure 3.3. FIGURE 3.3
Creating a new routing group connector
SMTP Connector Even though the routing group connector uses SMTP, you would choose to install the SMTP connector instead of the Routing group connector for one of three reasons. Most importantly, if you are connecting to a routing group in a different forest you’ll need to use the SMTP connector. You’ll also use the SMTP connector if you’re connecting to a foreign system that’s SMTP compliant. Lastly, you might want to choose an SMTP connector if you want to have more granular control over things such as the security of the transmission, and whether to hold e-mail till a prescribed delivery time. The SMTP connector supports the Transport Layer Security (TLS) protocol for encryption and authentication over Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) connections.
You can think of the SMTP Connector like you think of the Exchange 5.5 Internet Mail Service (IMS), if you’ve ever worked with it. In fact, when an Exchange 5.5 SP3 server is upgraded to Exchange 2000, the IMS is converted to the SMTP Connector.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Routing Group Topology
97
X.400 Connectors There are two X.400 connectors that you can install. The first is the X.25 X.400 connector, for use over X.25 WAN connections. X.25 is an older packet-switching protocol that provides a connectionless unreliable WAN circuit. We say “connectionless” when we mean that a direct connection from point A to point B is not set up. Instead, the packets are sent out over the network and can take a variety of paths to get to their destination. We say “unreliable” because we can’t guarantee that a packet will get there in one piece. In that case, a Negative Acknowledgement (NACK) may be sent by the receiver to tell the sender that it did not get a certain packet. Secondly, you have the TCP X.400 connector for use in connecting X.400 systems over the Internet. You can leverage X.400 connectors in unusual ways. The X.400 standard is lighter and more compact than something like SMTP, so it’s useful for connecting routing groups that are separated by slow, unreliable WAN links. Realize that both sides of the circuits will need to be configured with the X.400 connector. Some Exchange 5.5 sites that I’m aware of use the X.400 connector instead of the Exchange Site Connector, so you may be surprised, in a consulting environment, that you’ll still have to set up the X.400 connector. Note that the new Routing Group Connector (RGC) will often be used in place of the X.400 connector in slow WAN-link scenarios.
You can only have one bridgehead server in each routing group that uses the X.400 connectors.
Link-State Stuff There are several issues you need to consider involving the way that routing groups talk amongst themselves and with other routing groups. I mentioned earlier the concept of a link-state. Exchange has to have a way of taking a periodic look at a connector to see if the link with the other side is up and available for mail transmission. Thus we’re looking at the state of the link, or, more coolly stated, the link-state. Exchange routing groups use the LinkState Algorithm (LSA), a high-level subset of the routing protocol Open Shortest Path First (OSPF).
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
98
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
But the link-state concept goes beyond just the mere periodic polling of a link to ascertain if the link is UP or DOWN. Suppose that you have several potential connections to another routing group, but one potential connection you could make means that you would go through two or three additional servers while a different connection wouldn’t involve as many hops. In Figure 3.4, we show five Exchange 2000 Servers, presumably members of five separate routing groups. If your mailbox used Server 1 as its information store and you wanted to send an e-mail to Server 5, what paths could the e-mail take to get where it needed to go? Obviously the path 1, 3, 4, 5 with three hops is shorter than the 1, 3, 2, 4, 5 path with four, isn’t it? And the 1, 2, 5 or 1, 4, 5 paths with only 2 hops are the shortest of all. So we might say that the “cost” to move to server 5 using the 1, 2, 5 or 1, 4, 5 paths is 2, whereas the cost using the 1, 3, 4, 5 path is 3 and the 1, 3, 2, 4, 5 path cost is 4. But there may be a problem with the linkage between 1 and 2, so we’re forced to take the 1, 3, 4, 5 path. You can assign costs to different paths to routing groups, thus providing an alternate path to a routing group, but prohibit the system from using it unless the less-costly circuit is down for some reason. FIGURE 3.4
A variety of paths to the servers
Each routing group has a Routing Group Master, a server that’s responsible for receiving and maintaining the link-state information. In the link-state table, the group master keeps a table that shows the links and their associated costs. The link-state table is replicated by the Routing Group Master to all servers in the routing group. Before the link is officially listed as being unavailable, the server that wants to send the transmission tries the link three times, once per minute. If it finds that it cannot send the transmission, it tags the link as DOWN, and the Routing Group Master is notified. The Routing Group Master immediately notifies all other
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Routing Group Topology
99
servers in the routing group that the link is unavailable. Within the routing group, the Routing Group Master uses TCP port 3044 to do this notification. The bridgehead server in the routing group, the server that’s responsible for maintaining the link, calculates another link to the routing group the original link was supposed to go to. The link DOWN message is sent to the next bridgehead server in the path to the receiving routing group, using SMTP port 25. The bridgehead server in this next routing group, in turn, notifies its Routing Group Master and all the other servers in the routing group that the link is DOWN. For every routing group along the way, this activity transpires: “Hey! Link so-andso is down! Don’t use it till we tell you differently!” Meanwhile, back at the ranch, the original bridgehead server checks the link every 60 seconds until the link comes back up, at which time the process is reversed. Sound complicated? Sound like an event log filler? It is! But it’s a clever way of making sure that messages aren’t sent out to a bad link anyway (something that earlier versions of Exchange would do), and that you have some fault tolerance built into your system. Do you need all of this brouhaha in small sites? Nah! Will you need to investigate these kinds of things in a larger site? Absolutely. Q: Is e-mail a mission-critical app? A: Why do you think Microsoft put so much time and energy into something like this if it weren’t? Some critical concepts to keep in mind from this section:
Routing group masters use port 3044 between servers in a routing group.
Routing group masters use port 25 between routing groups.
A bridgehead server can also be a routing group master.
Remember that the originating server tries the link, finds that it’s down, tags it DOWN, then notifies the routing group master, whereupon all panic breaks loose.
Name-Server Potpourri You should understand that the connectors find other bridgehead servers by first using DNS name resolution. There’s just a tiny bit of cocktail-party trivia you need to be aware of here. When a bridgehead server goes looking for another bridgehead server, it first checks DNS for a Mail Exchanger (MX) record in the DNS database. Why MX? Because an MX record has been used to denote e-mail servers for many years, so it’s a natural idea that e-mail software would easily be able to spot other e-mail servers by virtue of an MX record in DNS. However, Exchange 2000 doesn’t update DNS with MX
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
100
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
records. That’s up to you as a DNS administrator. But DNS is automatically updated with an Authoritative (A) record each time a Windows 2000 Server comes up. And since Exchange 2000 Server runs on Windows 2000 Server— Boom!—you’ve got an A record automatically entered into the DNS database, (and, hopefully, propagated to all other DNS servers in the system.) Hence, a bridgehead server running a connector and looking for another bridgehead server will look first for an MX record, probably not find it, then look for an A record, which it probably will find. Last question: What happens if there is neither an MX nor an A record in the DNS database for the bridgehead server? Answer: Interestingly, the system resorts to using what the Windows 2000 books call “NetBIOS name resolution.” Read that as WINS! If an MX or an A record does not exist for the bridgehead server that needs to be contacted, the bridgehead server doing the contacting resorts to a WINS name resolution request to find the computer. And you thought that WINS wasn’t needed in Windows 2000 anymore!
Design Scenario: Routing Group Design Tactics You’re a network design consultant who has been brought in to convert a legacy Exchange organization to Exchange 2000 Server. The network is large, spread out over several geographic areas, with a minimum of two Exchange 5.5. servers in each location. The network itself is completely cut over to Windows 2000 Server, though the network is running in mixed mode. Some WAN links are robust; others are in desperate need of upgrade. You’re told by the internetworking group that management hesitates to upgrade the slow WAN links because of the higher-than-average costs the provider charges for those areas. Another issue that is brought to your attention is administration. Admins in the remote sites are freely able to administer their servers, but they are not allowed to administer other servers. It is the design intent of the server managers to keep the administration policies the way they currently are. However, the server managers have been reading about Exchange 2000 routing groups and are very excited about the possibilities that this new feature brings to the table. They’re concerned about remote admins trying to tinker with the routing group configurations for their site.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Administrative Model
101
You tell the server managers that it is possible to make an administration group that has permission to modify the routing groups and that the remote admins do not have to be a part of that administrative group, even though they can be members of administrative groups that control their own Exchange servers. Thus you can keep the routing group configuration permissions centralized, yet allow the remote admins to continue to administer their servers. This segues nicely into our next section: Designing an Administrative Model.
Designing an Administrative Model
Microsoft Exam Objective
Design an Exchange 2000 Server administrative model. Considerations include organizational unit (OU) structure, policies, administrative group placement and boundaries, permissions, and multiple stores.
Organizational Unit (OU) Structure Because Exchange 2000 uses Windows 2000 Active Directory (AD), it is vital that you understand the entities that are used in building an AD structure. There are four basic building blocks used in Windows 2000 Active Directory: Forest A grouping of trees and domains not connected by a contiguous namespace. Tree A hierarchy of domains that share a contiguous namespace. Domain A grouping of computers that share directory database, trust relationships, and security policies. Organizational unit (OU) The smallest AD unit that can be given administrative privileges; OUs are used to logically segment groups of AD objects into meaningful containers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
102
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
It turns out that OUs are exceedingly useful because they provide administrators a method of grouping AD objects, printers, folders, users, groups, computers, and other things into a collection that represents the way that the company is logically organized. OUs are confined to a single domain; you cannot bunch AD objects together from several domains into one OU. Suppose, for example, that you have a domain called Widgets.com. You might have various business entities that you’d love to separate out into manageable chunks. For example, perhaps you’d like to bring distinction to Marketing, Sales, IT, Accounting, Manufacturing, and so on. The way that the business tends to naturally separate itself makes a good model for the creation of OUs. The reason that OUs are important in the Exchange 2000 context is that an OU is the lowest administrative unit in the AD hierarchy. You can apply distinct administrative permissions to a single OU. For example, you could give an administrator permission to only be able to modify e-mail information of those users in a specific OU. OUs can take on a geographic, business, or administrative scope. In other words, you could choose to create your OUs so they fall along geographic segmentations. Alternatively, as we mentioned previously, you could opt to create OUs that follow along business lines, or you could separate a domain out into logical administrative areas. While we’re on the AD subject line, we need to take a little bit of time to talk about a term not commonly used in AD. A site is a physical connotation. A site is a grouping of IP subnets that are connected together by a high-speed link. Note that the defining unit for a site is the IP subnet, not an OU, domain, tree, or forest. Sites are physical groupings of objects and are used to optimize AD replication traffic.
Policies Though you may well have worked with policies in other computing applications, policies are a concept that is new to Exchange. With policies, you’re granting administrators the ability to apply configuration settings to a group of objects that are commonly linked together (such as through an
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Administrative Model
103
OU, recipient group, or some other methodology). There are two different kinds of policies that can be put into place: Recipient Policies These policies are used to generate specific e-mail addresses for given groups. You can create a new recipient policy by navigating in the ESM to the Recipients container, Recipient Policies node. Right-click on the Recipient Policies node and select New Recipient Policy, as shown in Figure 3.5. You simply set a filter that finds the users, groups, folders or computers you want to apply the new e-mail address to, create the e-mail addresses you want for this policy, and that’s it. FIGURE 3.5
Creating a new recipient policy
Server Policies There are three kinds of server policies you can set: Server With a server policy, you can maintain subject logging and display, messaging tracking, and the grooming of old log files as shown in Figure 3.6. Public Store With these policies, you’re setting up various configurations that pertain to a specific public store. Remember that you can have multiple stores and hence different public store policies. Figure 3.7 shows the Database (Policy) tab of the Public Store policy properties sheet. Mailbox Store These policies regulate the configuration of the private store(s). Figure 3.8 shows the Limits (Policy) tab of a mailbox store. You’d use these policies to regulate incoming and outgoing e-mail sizes, warning message intervals, deleted items settings, and so forth.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
104
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
FIGURE 3.6
The Server Policy properties sheet
FIGURE 3.7
The Database (Policy) tab of the Public Store policy properties sheet
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Administrative Model
FIGURE 3.8
105
The Limits (Policy) tab of the Mailbox Store policy properties sheet
Administrative Group Placement and Boundaries Administrative groups allow you to bring your Exchange servers together under a common administrative umbrella, suited to the way you think the administrative model needs to be laid out. There are three potential administrative models you can use when designing your Exchange 2000 system: Centralized Model In this model, a central group of administrators has responsibility for the entire Exchange organization. Decentralized Model If you had administrators responsible for various servers throughout the organization, you might want to set up a decentralized model. You’d create administrative groups that are allowed to administer specific Exchange servers. The big question mark here is whether you’d allow them to administer routing groups as well. Mixed Model Here you’d take a basic centralized administration approach and then dole out certain administrative functions such as responsibility for policies, public folders, or routing groups, to different administrative groups.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
106
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Intuitively, the model that you’ll use has something to do with the size of the organization you have. Larger enterprises are going to require a much healthier examination of exactly how the administrative functions are going to break out. Mid-sized organizations might very well lend themselves to a decentralized model, while smaller entities will probably use a centralized model. That being said, let me put in a political comment here. I’m not a fan of the decentralized model, in any size enterprise. I find that the decentralized model has a tendency to create entropic degradation of systems, meaning that you pick one way to do a thing, I pick another; you choose to upgrade your servers to a newer version of the application software that’s in use enterprise-wide, I choose to wait. Eventually the enterprise is in such a state of flux that no one central administrative team can get a handle on what’s going on. There are no standards; there are cowboy administrators going off doing their own thing—it’s not a pretty sight. I’ve seen it over and over again. Enterprises, regardless of the size, need to maintain some semblance of standards and uniformity, the likes of which typically require a central administration team. What I’m saying here is that a solid Exchange 2000 design means paying careful attention the way that the administrative model is applied. You have your chance here to “take back” an environment that is suffering from big-bang momentum—to rein back in the control of the enterprise. As a consultant, you may have your hands tied; you might have to simply upgrade the model that’s currently in place. As an enterprise admin, you owe it to yourself to take a look at today’s administrative model and see how it differs from the administrative model you and your managers have in mind, then make the new administrative model happen. You can leverage the administrative model in pretty much any way you see fit.
Exchange 5.5/Exchange 2000 Integration There are three steps you’ll go through when you’re setting up an Exchange 2000 Server in an environment with earlier versions of Exchange already in it. First you’ll upgrade your primary Exchange 5.5 servers to SP3. Secondly, you’ll have to install the Active Directory Connector (ADC), software that comes with the
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Administrative Model
107
Exchange 2000 Server CD. Finally when you install Exchange 2000 Server, you’ll opt to create a brand new organization or join an existing Exchange 5.5 site. For the purposes of the screen shots I took for this book, I joined an existing Exchange 5.5 site. You could alternatively simply create a new Exchange 2000 organization, then use routing groups to connect the Exchange 5.5 sites to your new installation. In an environment where you’re managing some legacy Exchange 5.5 SP3 servers along with your Exchange 2000 boxes, the sites are going to show up in both the Exchange 5.5 Administrator console and in the Exchange 2000 Exchange System Manager (ESM) MMC, as shown in Figures 3.9 and 3.10. Exchange 5.5 SP3 sites show up as Administrative Groups in the ESM (Figure 3.10). Exchange 2000 installations show up as sites in the Exchange 5.5 Administrator Console (Figure 3.9). FIGURE 3.9
An Exchange 2000 installation shows up in the Exchange 5.5 Administrator Console.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
108
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
FIGURE 3.10
An Exchange 5.5 installation shows up as an Administrative Group in the Exchange 2000 Exchange System Manager (ESM) MMC.
Permissions Exchange 2000 uses the standard Windows 2000 security that’s currently in place on the network. When you install Exchange 2000, you’re prompted for a service that will be used, similar to the way things happen in an Exchange 5.5 site. After that, you can go in and apply specific permissions to various objects in the Exchange 2000 system. The permissions that you apply to these objects are called extended permissions. You can apply additional permissions to the following objects: Information Store While in the ESM, navigate to the server whose Mailbox Store you want to modify. Right-click the Mailbox Store node, select Properties, and then navigate to the Security tab to modify the permissions associated with that object.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Administrative Model
109
Public Folders You can modify the permissions for each public folder. When in the ESM, navigate to the Folders node. Find the folder you want to modify, right-click the folder, select Properties, and navigate to the Security tab to add or modify permissions. Alternatively, to modify the Public Folder store permissions, you can navigate to the server whose public folders you want to modify, highlight the Folders node, right-click, and select Properties. Click the Security tab and modify the permissions as needed. Note that, like Exchange 5.5, Exchange 2000 child objects inherit the permissions of their parents. This means that if you adjust the permissions at the root object level of, say, an administrative group, all nodes beneath that group inherit the permissions.
Multiple Stores In an Exchange 2000 system you’re allowed to have up to four storage groups per server, with as many as five databases per storage group. (This is true only with an Exchange 2000 Enterprise Server system—only one storage group and five databases with Exchange 2000 Standard.) Thus, on any one server you can have as many as 20 separate databases. The word store in your mind should equate with the word database.
In typical Exchange 2000 usage, the term “information store” or just “store” means the collection of all storage groups and databases, presumably because there is only one instance of the Information Store service. It's hard to find this in writing, but MEC presenters followed this definition.
In the world of legacy Exchange server systems, you could only have one database per server, so the advent of Exchange 2000 Server has extended your options by quite a bit. Suppose that you have a store dedicated to your executive team and another dedicated to the sales group. Both stores are a part of the same storage group. Further suppose that somebody composes and sends an e-mail out to addresses that are found in both stores. How does Exchange handle this scenario? The key to the whole thing is a transaction log. Exchange will send a single copy of the e-mail to all recipients found in a single store. It will also copy an instance of the e-mail to the second store and send the e-mail out to recipients found on this store. Thus, while we’re still dealing with a single instance system (that is, one copy of the e-mail is sent to all recipients in a store), we need multiple stores in order to handle multiple instances.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
110
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
The transaction log solves this problem for us. When an Exchange 2000 user composes and sends an e-mail, the e-mail is copied first to server memory, then to the transaction log, and subsequently to each store that contains recipients it was addressed to. The transaction log is pretty useful because the message waits in the log until Exchange becomes idle for a time, at which point the data in the transaction log is posted to the respective stores. This makes the system much faster and more fault tolerant. It also provides a way to completely back up an Exchange system, right up to the precise moment of backup. In a multiple storage group environment, Exchange copies an instance of the e-mail to the transaction log for each storage group and to each store in each storage group that has recipients to which the e-mail is destined. You set up new storage groups by navigating through the ESM to the server you wish to modify. Highlight the server, right-click New Storage Group, key in a name for the storage group, the server directory it’s going to live in, and any remarks you’d like to associate with the group. After creating the group, you can highlight the group and select New Public Store or New Mailbox Store to create a new store. There are some details to pay attention to when planning multiple stores. Each transaction log can fill 5 MB of space, then a new transaction log is created and populated until it too takes up 5 MB and so on, so logging can become quite disk-intensive. By enabling circular logging, you authorize Exchange to overwrite the transaction log, thus cutting down on the amount of disk space taken up by the logs. But in doing so, you disable a very important capability: that of being able to perform either incremental or differential backups of the logs. An incremental backup of the transaction logs backs up changed log data back to the last full backup and deletes the transaction logs. A differential backup backs the changed log data back to the last full backup but does not delete the transaction logs. If you want to be able to perform incremental backups on the transaction logs, you do not want to enable circular logging. So, what do you do about the disk space issues? Microsoft recommends that you put your transaction logs, for fault-tolerance reasons, on a separate drive from your stores. This would mean that you would want to dedicate a separate drive strictly to transaction logs. Additionally, the transaction logs for each storage group should be put on a separate drive, especially if you’re planning a cluster deployment or load-balancing paradigm or both. The design of your Exchange 2000 servers should include plans for a RAID array system in which you’re purchasing hardware RAID array controller cards,
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Administrative Model
111
plenty of disk space, and a strategy to move stores and transaction logs to various drives on the array. Improved performance provides another good reason to put the transaction logs for each storage group on separate drives. You should have a 1:1 ratio of transaction log drives to storage group drives. By setting them up on a hardware RAID-based architecture, you can create maximum fault tolerance while allowing for different disk configurations based upon your storage group/transaction log design.
Design Scenario: Planning an Exchange 2000 Server Purchase Alexander is planning an Exchange 2000 Server deployment in his network. He currently has a legacy Exchange Server deployment consisting of one organization and two sites, though the user base is small (only about 1000 users). He intends to create a single new organization, move the legacy mailboxes to the new system, then dismantle the old system once all mailboxes have been moved. Both sites are well-connected. Alexander also plans on setting up some dedicated stores for various entities in the organization, since some areas have unique e-mail needs that are not pertinent to the rest of the organization. For example, the company has a hundred or so customer service representatives who have very e-mail–centric needs that do not correspond to the rest of the company. So he intends to set up a separate customer-service store. He has plans for other separated stores and storage groups as well. Alexander would like to confine the e-mail activity to a single server. When planning for this new server, he purchases the following components from a tier 1 computer maker:
4 Pentium 800Mhz processors with 133Mhz front-side bus
Motherboard with two embedded ultra SCSI adapters
2 hardware RAID array controller cards
10 10,000 RPM 18 GB SCSI drives
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
112
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Alexander’s intent is to make a RAID 50 setup on this computer—that is, a mirrored RAID5 installation across two separate hardware RAID controllers. If one of the controllers fails, operation can continue until he has a chance to obtain a maintenance window to fix the problem. He will use the array controller’s software to prepare the drives in the following manner:
A 4GB drive for the OS partition
A 2GB drive for the Exchange 2000 Server software installation
4GB drives for each storage group
4GB drives for each transaction log
Designing a Real-Time Collaboration Solution
Microsoft Exam Objective
Design an Exchange 2000 Server real-time collaboration solution that uses Chat Service, Instant Messaging, or both.
T
he concept of Instant Messaging (IM) and Chat may be foreign to messaging system administrators. In earlier messaging environments, the system, while very fast, still involved one user composing an e-mail clicking the send button, and then allowing the server(s) to deliver the message, whereupon the receiver would review it at his leisure. This system did not involve any real-time activity.
Server-Side Components Before we start with a discussion of IM and Chat, we need to talk very briefly about the server-side componentry that makes this sort of thing happen. While it’s not critically necessary for a designer to thoroughly understand all the underpinnings of a complex system such as Exchange 2000, understanding and being able to appropriately place servers and services nevertheless comes about by knowing what those services are.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Real-Time Collaboration Solution
113
Exchange Interprocess Communication (EXIPC) The EXIPC layer acts as a queuing layer between IIS 5 and Exchange 2000. Because the protocols used by Exchange have been moved from the Information store—where they were housed in previous versions of Exchange—to IIS, there needs to be some sort of intermediary function, a glue, if you will, that binds the two together. This glue is the EXIPC layer. Some folks pronounce the acronym “epoxy,” partly due to the way you’d stumble over the complex acronym when pronouncing it, but also to illustrate its glue-like characteristics. EXIPC uses shared memory and queuing to facilitate this IIS/Exchange intercommunication. The Rendezvous Protocol (RVP) Developed by Microsoft in keeping with in-development Internet Engineering Task Force (IETF) instant messaging standards, the protocol is an effort to provide a way of maintaining each user’s presence—whether the user is online or not. The IETF standards provide for interoperation with other instant messaging systems, though the Exchange 2000 IM system does not interoperate at this time. Server Architecture In order for the Exchange 2000 servers to maintain the IM and Chat capabilities, several different layers are put into place: The Firewall Topology Module (FTM) Of the layers, this is the most interesting. If you think about IM or Chat in a design context, it becomes apparent to you that these services might have to cross a firewall, no? The FTM keeps track of whether a messaging server is inside or outside the firewall, if a proxy is needed, and if IP addressing is needed to get there. The FTM can act as a gateway server, as a reference server (redirecting a connection request to one that can handle the connection), or as a refusal mechanism for a client due to an infrastructure that cannot fulfill the request. The Locator Responsible for notifying the home server of the subscriber (a person online and participating in an IM session) that a message has passed through a bridgehead server. The Node Database This is an instance spawned by the Exchange Storage Engine (ESE) to handle subscription information. Note that the information is handled for the server the node database is on, even though there may be subscribers who are on different servers capable of interacting with the IM system. Their server would also have a Node Database instance that had registered them as a subscriber.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
114
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
These three components function together in what is called the Server Application Layer. This layer interfaces through EXIPC with IIS. Clients use the RVP protocol to talk to the IM system utilizing this methodology.
Instant Messaging Exchange 2000 provides a new methodology where users can pull up an address book that lists those users that are currently online and then request a real-time connection with another individual or group of individuals. There are three different scenarios that this real-time capability provides: Instant Messaging In IM you’re dealing with one-to-one or one-tomany virtual conversations. The key here is that one person, a subscriber, initiates a private conversation with one or more subscribers and that all subscribers involved in the IM event must be currently online. Chat A chat service, while still instant in nature, differs from an IM session because a many-to-many relationship exists. All subscribers involved in the chat must be online. Conferencing Conferencing differs from the other two real-time collaboration options because in a conference only those who are invited are allowed to join the collaboration. Again, all parties joining in the chat must be online. Not just any subscriber who wants to can participate in IM. Only those who have installed the IM client (one that’s a part of the Microsoft Network [MSN] messaging service and included with the Exchange 2000 CD), can participate. The IM client software is separate from a user’s standard e-mail client and must be separately installed. So as a design issue, you must decide whom you’re going to allow to use IM, then decide how you’re going to get the client deployed to these users. On top of that, admins have the ability to enable or disable each user’s capability of using IM, thus negating the possibility that a user will manage to install the IM software and utilize it in spite of the admin’s wishes. A subscriber participating in IM but who has not logged on has two settings she displays to others: Idle or Offline. An Idle subscriber is one who is logged on to IM, who has not touched the keyboard in awhile and is available. A user who is IMcapable but who has not logged on to IM is Offline. A subscriber actively using her computer and logged on to IM can show seven different states: Online (and ready for an IM session), Invisible, Busy, Be Right Back, Away from Computer, On the Phone, and Out to Lunch. The Invisible setting takes the user out of the IM available list so that others cannot see her in the IM active list.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Real-Time Collaboration Solution
115
IM does not provide the complete list of online subscribers to everyone on the IM system. To do so would violate the nature of privacy that is enveloped in the IM concept. Instead, a subscriber must set up different contacts that he or she would like to include as potential IM partners. Clients do this by sending a message to the IM server stipulating that a certain user should be included in the contact list for the client. On the server side, you have a bigger battle to fight. Because Exchange must maintain a list of subscribers who are currently online, there must be some method of ascertaining who these people are and managing their whereabouts. In a single-server scenario, this isn’t so difficult. You can run the Instant Messaging (RVP) wizard from the Protocols section of the server on which you wish to run IM. (You’ll run this setup from the ESM.) You can run a “test” installation to see how IM is going to work prior to implementing a full-bodied deployment. But the plot massively thickens after you’ve run a pilot. For one thing, you have the choice of choosing to run IM through only company boundaries or over the entire Internet. In either case, you set up Instant Messaging domains, which consist of IM home servers and IM routers. An IM home server is created in the same place you created your pilot server. Get into the ESM, navigate to the server you wish to establish as a home server, go to the Protocols node, then move to the Instant Messaging Rendezvous Protocol (RVP). Right-click and select New Instant Messaging Virtual Server to launch the Instant Messaging Virtual Server wizard. You can host more than one IM virtual server per server, and each virtual server can manage up to 10,000 simultaneously active clients. Wizard will prompt you for the IIS virtual server for each virtual server that you intend to host. If you’ve not already created an IIS virtual server, you might want to do so before running the wizard. The IM virtual server wizard will ask you for the display name that the IM virtual server you’re creating will use, the server’s DNS domain name, and the IIS virtual server name.
It’s not recommended that you use the IIS default Web site for your first virtual server. It’s best to create Web sites for all virtual servers and routers prior to running the wizard. Note that if you’re hosting a router and a virtual server on the same server, prepend the domain’s name with an IM (such as IM.mycompany.com) when running the wizard.
There are DNS entries that need to be created before the IM virtual server wizard is run. The DNS entries consist of the string im prepended to the
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
116
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
domain name. For example, suppose that you had a domain mycompany.com and you ran the wizard to create an IM virtual server on this domain. By prepending an IM to the domain name, there would be an im.mycompany.com DNS entry created for this new virtual server. Router DNS entries are visible to others, virtual server DNS entries are not. Creating an IM router is the same as creating a server, except that you uncheck a checkbox that asks you if you’re going to host users with this virtual server. Again, there needs to be an IIS virtual server created for the router, but you get a break because Microsoft recommends that you have one router for every two virtual home servers, so you don’t have to be worried about a 1:1 router/home server ratio. Microsoft also recommends that the router DNS entry match the e-mail domain name. In other words, if you have an e-mail domain name such as mycompany.e-mail.com, you’d also create an DNS resource record for the router that matches this domain name. You’ll need to think about creating a DNS SRV resource record for the router as well. The SRV record resolves the virtual server to the router, thus providing a one-stop shopping location from which users can resolve online IM clients. If you do not provide a SRV record for each router you created, users would have to know the explicit address to the router in addition to the virtual server’s address. By implementing some specific DNS records, you can make the IM clients’ lives easier. When working with IM installations that involve Internet traffic coming onto the private network for IM sessions, you have to design for some security precautions. You have three methodologies you can put in place:
FIGURE 3.11
Put the IM routers on the Demilitarized Zone (DMZ)—that section of the network that is ahead of a firewall that protects the private network—and possibly behind a firewall that protects the IM routers from some kinds of Internet hacking. See Figure 3.11 for an example of what this might look like.
IM routers on the DMZ
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Real-Time Collaboration Solution
117
Reverse proxy the IM routers so that Internet users coming in are directed only to IM virtual servers.
Implement packet filtering to restrict incoming packets to port 80 traffic.
Chat The capability of setting up chat sessions has been around since the Exchange 5.5 days and, of course, is all the rage on the Internet. As a designer of an Exchange 2000 system, you’ll first need to ascertain whether there is a need for Chat. When would an enterprise require Chat services? I can think of two instances, you can undoubtedly think of more:
Remembering that Windows 2000 is designed as much for ISPs as for those maintaining an internal corporate network, the Exchange 2000 Chat functionality will be very useful for ISPs wanting (needing) to host chat communities on their servers. Each chat community (chat room) can host as many as 20,000 concurrent users. (I don’t know about you, but I’ve been to a chat room or two and if there are 15 concurrent users, it’s a zoo. I can’t imagine 20,000.)
Administrators who are central admins for large enterprise deployments might find the “auditorium” feel of a one-to-many chat relationship convenient for hosting discussions on current network scenarios and obtaining Q&A feedback. Other entities in an organization may enjoy this same kind of ability.
Chat uses two different protocols: Internet Relay Chat (IRC) and a Microsoft modification of IRC called Internet Relay Chat Extended (IRCX). When you set up Chat, you set up channels. By default Exchange 2000 Server Chat can host two channels per IP address: one on port 6667 and one on port 7000. Other ports can be set up; these are only the defaults. A chat community cannot live on multiple servers, but a server can host multiple chat communities. You can have two kinds of channels: those that are dynamically started by a chat client, and registered channels—those that are permanent and are started when a chat client comes online. Channels can operate in four visibility modes:
A public chat channel is visible to all chat clients.
Private chat channels are only seen by members who are allowed to use the channel. Non-members can only see the name of the channel; nothing more about it.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
118
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Hidden channels hide themselves from the channel list, but can be viewed if a client enters the specific name of the channel.
A secret channel prohibits the channel from showing in the client lists and allows only members to access it.
There are three user/administrator roles that can be granted in a Chat setup. A user is one who is allowed to use the service. A sysop (sounds like the old BBS days, eh?) is allowed to moderate chat channels and be “on call” to provide assistance as needed. An administrator can view and visit any channel and override sysops. Administrators can provide additional security to the channels, set different visibility options by requiring a password for entry into a channel, limit the channel to a small number of subscribers, or create user classes (denoted by a group of explicit IP addresses, or by a logon, or time of day.) Administrators can also create bans and provide for three levels of authentication: anonymous, basic (requires a clear-text password), and Windows security (uses the MS-CHAP challenge/response security paradigm).
IM supports both MS-CHAP authentication, which is an encrypted challenge/ response handshake, and an HTTP digest, which is an Internet standard that utilizes an encrypted username/password combination. The difference between the two is that the digest information is passed over the Internet, whereas the MS-CHAP data is local to the network.
Data Conferencing There are two basic differences between the basic Exchange 2000 Server offerings of IM and Chat and the add-on component of Data Conferencing. In Data Conferencing sessions, the meetings are scheduled and conducted. They’re also hosted on the Exchange Server, not at the client workstation. Conferees can use video, audio, virtual whiteboards, and file transfers, and chat amongst one another in a Data Conferencing session. Anyone who has used NetMeeting before has a grasp of what Data Conferencing can do for a group of people. A key difference between NetMeeting and Data Conferencing is that NetMeeting sessions are hosted on the client, not at the server. Data Conferencing provides additional security characteristics (allowing for both external and internal clients to participate—provided the Data Conferencing server is on the DMZ) that NetMeeting does not. Note, too, that Data Conferencing utilizes Outlook for its scheduling; NetMeeting does not.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Real-Time Collaboration Solution
119
Native Exchange 2000 Enterprise Server includes a Conference Management Service (CMS). (Sorry, kids, none of this stuff comes with the bottom-tier Exchange 2000 Server product.) The CMS handles the scheduling of mail-enabled accounts (the Data Conferencing clients) and the conference calendar mailboxes (Outlook-based storage utilized for the conference). Here’s the bad news. In order to facilitate the really cool Data Conferencing stuff, the virtual whiteboards, T.120 Multipoint Control Unit (MCU), and audio/video conferencing, you have to purchase separately and install the Exchange Conferencing Server product.
The International Telecommunications Union (ITU) T.120 standard provides clear directives for protocols and services that support real-time multi-recipient conferencing and collaboration. T.120 may have found its most popular niche in over-the-Internet gaming such as Doom on the Net. T.120 provides for a server running MCU (data conferencing) services. The CMS can manage conferencing sessions that cross more than one MCU.
Collaboration Tools Notes Designers should note that several key decision-points come into place when thinking about setting up IM, Chat, or Data Conferencing services:
Bandwidth
Placement of servers and services (should a server live on the DMZ for Internet host connectivity?)
Multiplicity of services for increased functionality
Security of services
Need for services (Don’t nail up a service that’s not going to be used or will be abused.)
Unique setup requirements for video-conferencing: Clients must be multicast-capable and be equipped with the requisite multimedia gear. Windows 2000 Professional provides the requisite Microsoft networking software needed for video-conferencing. Servers must possess the ability to support and use the Multicast Address Dynamic Host Allocation Protocol (MADCAP), a method whereby Windows 2000 DHCP can issue multicast
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
120
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
addresses to clients, and IP multicasting. Windows 2000 servers are bundled with this capability.
Design Scenario: Creating a Collaboration Environment You’re the designer of a brand-new Exchange 2000 System. You want to introduce some collaboration capabilities into the new environment. Upon surveying the corporate needs for online collaboration, you find that there doesn’t seem to be a desire among managers for any kind of sophisticated video or audio conferencing capabilities. Instead, it appears that you can provide everything they’re looking for with some IM and Chat installations. All users are utilizing Windows 2000 Professional. You start by installing Exchange 2000 Enterprise Server, which gives you the ability to install Instant Messaging and Chat services. You then prepare an Instant Messaging client package using a third-party package installation product that creates .MSI files. You use the Software Installation and Maintenance feature of Windows 2000 to create a published application that pushes the IM client to designated users you put into a security group within the Group Policy Object. You also set up some channels that are designed around the needs that various managers have specified to you—various public as well as private channels. You then train the people in your training department how to train your users to use the system.
Planning Public Folder Usage and Implementation
Microsoft Exam Objective
Plan public folder usage and implementation. Considerations include company structure, geographical structure, maintenance policies, permissions, replication, and indexing.
P
ublic folders have been with Exchange server since its first release. Microsoft software engineers have provided several new innovations to public
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Public Folder Usage and Implementation
121
folders that will allow the design of more full-bodied and granular public folder implementations. Following are some new features of public folders you should consider as you plan your design:
A default public folder tree is created when you install Exchange server. You can create other public folder trees on an E2K Server. The primary public folder tree supports Outlook as well as SMTP, NNTP, IMAP4, and HTTP. Other public folder trees created on the server can only be viewed by Web and NNTP clients. Outlook clients cannot view these alternate public folders unless they’re viewed as a Web page. Outlook 2000 software capable of reviewing HTTP documents can view these folders.
Public folders are mailbox-enabled AD objects that you can send e-mail to. You can set it up so that public folders appear in the Global Address List (GAL).
As in Exchange 5.5, public folders are accessible from the Web. OWA’s enhanced features allow greater visibility and management of public folders.
Public folders now maintain built-in indexing, making searches on the public folders faster. Outlook clients utilize this indexing when performing a find operation in the public folder.
A separate MMC console is available strictly for managing public folders.
Exchange public folders provide the concept of a referral. A referral enables administrators to route queries for information to specific public folders.
Public folders that have been created in addition to the default public folder store can either be replicated to other servers, or, for the sake of privacy and security, you can choose to not replicate them.
You can apply permissions to the public folders using the new Exchange File System (EFS).
There are specific new permissions that can be applied to public folders, and we’ll talk more about them in the next chapter when we talk about security.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
122
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Design Scenario: A Web-based Public Folder You want to provide a way that users coming in from the Web can access a specific public folder that contains customer support documentation. In your Exchange 2000 Server deployment, you create a new public folder tree called “Cust Support.” Within this new tree, you create several read-only subfolders and populate these subfolders with technical support documentation that can be pulled up by browsers. Next, you see to it that the firewall allows HTTP requests to pass through to this single Exchange server and only this server. When you publish the customer support information, you publish the server’s address followed by the folder that needs to be accessed to hit this new public folder, such as http://corpserver/custsupport.
Summary
We began this chapter by talking about routing groups. A routing group is a grouping of Exchange 5.5 SP3 and Exchange 2000 Servers that are well-connected. A routing group can talk to another routing group by using a bridgehead server. All requests destined for those recipients not in the current routing group are forwarded to a Routing Group Master, which then checks the link-state table to identify the location of the next routing group in the chain that can get the message forwarded. This info is in turn forwarded to the bridgehead server and routed to the adjacent routing group master. The link-state algorithm (LSA), a cousin of the OSPF protocol, is utilized to compute the next routing group master in the chain. There are three routing group connectors that can be used to connect routing groups together: the Routing Group Connector, the SMTP Connector and the X.400 Connector. In Exchange 2000 to Exchange 2000 connections, the Routing Group Connector is used. The SMTP Connector is used to talk to legacy Exchange 5.5 SP3 sites. The X.400 Connector is used to talk to non-Exchange sites. When routing group servers talk to one another within a routing group, they use TCP port 3044. When they talk across a network circuit to another routing group, they use TCP port 25.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
123
We talked about the value of Organizational Units as the lowest level in the AD hierarchy. You can apply permissions to an Exchange OU. You can also set recipient or server policies. Server policies and permissions can be set at the mailbox store or public store level. An Exchange 5.5 site will show up in the Exchange 2000 ESM as an OU. The Exchange 2000 server will show up in the Exchange 5.5 system as another site. You can have multiple stores within a single server, up to four storage groups with five stores per storage group (for a total of 90 total stores.)The store’s transaction log is highly important. All transaction data is sent to server memory first; then to the transaction log; then it’s put into the database when the server has a free moment. Because of this, it’s not wise to turn on circular logging because the log files are overwritten in successive incremental backups; those backups where the data is backed up to the last good full backup and the transaction logs are erased cannot happen. Instant Messaging (IM) and Chat services are installed out of box with Exchange 2000 Enterprise Server. An IM client needs to install some client software that was developed for the Microsoft Network. The IM client then sets up various contacts that point to others the client wants to set up instant messaging with. You must enable a mailbox-enabled client to use IM within Active Directory Users & Computers. IM is a one-on-one transaction, where chat is typically a one-to-many or many-to-many transaction. You can create various chat channels and set up various visibility modes. You can also provide three different types of roles that a chat user might utilize. Data-conferencing provides the ability to share virtual whiteboards, chat, and transfer files. You’ll have to install Exchange Conferencing Server and associated multimedia gear to enable T.120 conferencing client interaction. NetMeeting has several differences from Exchange Conferencing Server, the most important of which is that NetMeeting is a client-hosted session, whereas with Data Conferencing the server hosts the session. The Conferencing Session Manager (CSM) handles the conferencing session. The Exchange 2000 system installs a standard public folder tree, but you can add other public folder trees to the server. These new trees can be replicated, just like the original tree, but they don’t have to be. New public folder trees are only visible with NNTP or Web clients. You can apply permissions to public folder trees and they can be viewed in the GAL, and mail can be sent to them.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
124
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Key Terms bridgehead server Conference Management Service (CMS) Demilitarized Zone (DMZ) Exchange File System (EFS) Exchange Interprocess Communication (EXIPC) Exchange System Manager (ESM) Firewall Topology Module (FTM) Global Address List (GAL) Instant Messaging (IM) Instant Messaging (IM) Home Server Instant Messaging (IM) Router Internet Mail Service (IMS) Link State Algorithm (LSA) Multicast Address Client Access Protocol (MADCAP) Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) Mail Exchanger (MX) Record Multipoint Control Unit (MCU) Node Database Open Shortest Path First (OSPF) organizational unit (OU) Rendezvous Protocol (RVP) referral routing group Routing Group Master routing group connector Simple Mail Transport Protocol (SMTP) Simple Mail Transport Protocol (SMTP) Connector SRV Resource Record sysop T.120 transaction log X.25 X.400 Transport Control Protocol (TCP) Connector
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
125
Review Questions 1. You’d like to set up a data conferencing environment where you work.
You install Exchange 2000 Server, but you are provided with no collaboration tools! What could be missing? Select all that apply. A. Run Setup.exe –C switch B. Need Exchange 2000 Enterprise Server C. Need to install the TAPI and T.120 Windows 2000 services D. Need Exchange Conferencing Server E. Need to install the Windows 2000 Conference Management Service 2. When you have two Exchange routing groups separated from one
another, what sort of server allows the two to communicate with one another? A. Routing Group Master B. Bridgehead Server C. Exchange Store Engine D. Active Directory Connector 3. What three routing connectors can you use when connecting two routing
groups together? A. X.400 connector B. SMTP connector C. HTTP connector D. Routing Group connector E. T.120 connector
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
126
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
4. What are some rules that apply to servers within a routing group?
Choose all that apply. A. All servers must be running Exchange 2000 Server. B. All servers must be part of the same forest. C. All servers must be members of the same domain. D. All servers must be linked by permanent SMTP connections. E. All servers must be able to communicate with the routing group master. 5. By default what ports does Chat use? Select all that apply. A. 25 B. 1000 C. 6667 D. 7000 E. 14384 6. Which routing group connector would you use to connect vintage
Exchange systems? A. SMTP Connector B. X.400 Connector C. HTTP Connector D. Routing Group Connector 7. When using the X.400 Connector, over which two protocols can this
connector be used? A. PPP B. Frame Relay C. X.25 D. ISDN E. TCP
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
127
8. Within a routing group, what TCP port does Exchange use to
communicate with other servers? A. 25 B. 80 C. 3044 D. 6667 9. The Exchange Interprocess Communication (EXIPC) layer connects
which two software components? A. Hardware Abstraction Layer (HAL) B. Internet Information Service (IIS) C. Information Store (IS) D. Exchange Store Engine (ESE) 10. Fred wants to set up a Chat service for users on his network. Fred
wants to appoint a person who’ll administer chat sessions. This person will be able to monitor and control community chat sessions. What function does this person play? A. Administrator B. Sysop C. Conference admin D. Agent
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
128
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Answers to Review Questions 1. B, D. You can’t get collaboration services with just Exchange 2000
Server. You need, at a minimum, Exchange 2000 Enterprise Server. If you intend to provide video and audio conferencing capabilities, you also need Exchange Conferencing Server. 2. B. Bridgehead servers are responsible for maintaining the connectors
that talk to other routing groups (or, more accurately, to another bridgehead server.) 3. A, B, D. The three connectors you can use to connect two routing
groups are the Routing Group connector, SMTP connector and X.400 connector, respectively. Typically you’ll use the Routing Group connector. 4. B, D, E. In order for servers in a routing group to interoperate, they
must all be in the same forest, must all be able to be linked by SMTP connections (possibly dismissing any across-the-Internet connections), and must be able to all communicate with the routing group master. 5. C, D. Chat uses two ports, 6667 and 7000. You can have two Chat
services using the same IP address. but they must use different ports. You can assign other ports in addition to the two default ports. 6. A. The SMTP Connector must be used to connect legacy Exchange
with Exchange 2000 routing groups. 7. C, E. You can use the X.400 Connector across X.25 and TCP circuits.
You’d use this connector to connect to non-Exchange systems or to Exchange systems across the Internet. 8. C. When communicating in between servers within a routing group,
TCP port 3044 is used. When communicating between bridgehead servers (routing group to routing group) port 25 is used.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
129
9. A, B, C. EXIPC (Epoxy) connects IIS and the Exchange IS. The rea-
son EXIPC is required has to do with the fact that IIS now hosts the protocols needed by the IS. In earlier Exchange deployments, the IS contained the protocols. 10. B. Sysops can monitor and control community chat sessions. They
cannot use nicknames that use the words service or system, but they can use other nicknames.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
130
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Case Study: Building a Routing Group Exchange Infrastructure
Y
ou should give yourself 10 minutes to review this case study, diagram as needed, and complete the questions for this mini-test.
Background In examining your rather large Exchange deployment, you’re wondering what to do with legacy Exchange server systems that you want to integrate into a new Exchange 2000 Server rollout. As a case in point, you’re wondering what to do with two or three of your larger sites that are geographically separated, but connected by good quality WAN circuits.
Current System The current system consists of four large sites: Denver, Atlanta, San Francisco, and Chicago. Each of these sites has a minimum of three Exchange servers, most of which are Exchange 5.5. There is one server that’s running Exchange 4.0 and one that’s on Exchange 5.0. Additionally, you have 10 sites that are running one Exchange server apiece. The entire network has been converted to Windows 2000 and native mode AD.
Problem Statement What is the best way to get your Exchange 2000 deployment going without too much interruption of mailbox service to users?
Envisioned System Overview You plan is to deploy an Exchange 2000 Server in each of the larger sites. This E2K server will act as a bridgehead server and routing group master with the other E2K servers in the enterprise. You’ll connect these servers together with the Routing Group connector. You’ll connect to the 10 smaller sites with the SMTP connector. You’ll use the swing server methodology to move mailboxes temporarily over to the new E2K servers until such
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Building a Routing Group Exchange Infrastructure
131
CIO “I like the plan. There’s money in the budget, but you’ll have to be careful that the users you migrate aren’t impacted while they’re working.”
Security Since security is handled through Windows 2000, you’ll take a look at the security infrastructure, but you’re not overly concerned about it at this juncture.
Availability The system must be available 24×7×365, and users must not experience a mailbox outage while they’re working on the system.
Maintainability It’s important that you train junior Exchange admins to understand what’s going on as you go through the Routing Group setup. CIO “It’s vital that you make sure the juniors are aware of how you’re setting up the new system.”
Performance The network’s infrastructure can handle any additional loads that you place on it. Internetworking Team Lead “Most servers plug into the network on a core switch blade at 100Base-T speeds. All servers should be set for fullduplex 100Base-T operation. Introducing bridgehead servers shouldn’t impact the network.”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
time as all users are moved, then you’ll upgrade the legacy servers to Exchange 2000. You present the plan to your manager, the CIO.
CASE STUDY
132
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Questions 1. As you currently understand it, will the envisioned system work? A. Yes it will, but there are better ways. B. Yes, it will work fine, and this is the way to do it. C. No, it will not work. D. Not enough information in this case study. 2. Can the legacy Exchange servers participate in a routing group? A. Only the Exchange 5.5 servers can participate. B. All of the legacy Exchange servers can participate. C. None of the Exchange servers can participate. D. Not enough information in this case study. 3. How many routing groups will there be? A. 1 B. 4 C. 10 D. 14 4. Will the Internet Mail Service continue to be used after all of the servers
are converted? A. Yes B. No C. Not sure D. Not enough information in case study.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Building a Routing Group Exchange Infrastructure
133
perform in order to accomplish this design. Note that the list certainly is not all-inclusive! Order
Project Install Exchange 2000 Server in each large site Procure additional Exchange 2000 Server(s) Establish bridgehead and routing group master servers Move mailboxes Upgrade older version Exchange servers Use swing servers to upgrade servers and users
6. How will you handle the remote single-server sites—how will you pro-
vide no mailbox outages to users while you upgrade the servers? Choose all that apply. A. Re-deploy the larger site E2K servers temporarily as swing servers. B. Move mailboxes to larger sites. C. Perform an upgrade in place. D. No need to cut the remote site servers over.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
5. Given the following table, rank in order the tasks that you think you’ll
CASE STUDY ANSWERS
134
Chapter 3
Going About the Business of Designing an Exchange 2000 Server Deployment
Answers to Questions 1. B. The method outlined certainly isn’t the only one that you could use,
but it’s an effective one, and probably the way I’d go with a large enterprise. 2. A. The Exchange 2000 Servers can communicate with the legacy
Exchange servers via the SMTP connector. But they cannot communicate with Exchange 4.0 or 5.0 servers. 3. B. Routing groups are Exchange 2000 Server sites connected together
by a routing group connector of some kind. Non-Exchange-2000 Servers cannot function in the capacity of routing group masters and therefore only connect to the E2K routing group masters for e-mail transfer. An E2K server in a remote site could be considered a oneserver routing group. 4. B. IIS 5 takes the place of providing the Internet protocols that Exchange
uses to connect to the Internet. Once all servers are converted, there is no longer any need for the IMS because IIS handles the Internet traffic, including SMTP and all other supported Exchange protocols. 5. The correct order is:
Project Upgrade older version Exchange servers Procure additional Exchange 2000 Server(s) Install Exchange 2000 Server in each large site Establish bridgehead and routing group master servers Use swing servers to upgrade servers and users Move mailboxes Getting all sites talking to one another via the bridgehead servers and routing group masters might prove, uh, interesting. But you can leave the site working the way it is until you’ve got the new servers working. Then it’s just swing-server cutover time.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Building a Routing Group Exchange Infrastructure
135
that you have a high-speed reliable connection, so you could feasibly move a remote site’s mailboxes to a larger site temporarily until you vacate the server and can cut it over. But it might be just as easy to upgrade in place during a maintenance window. Wrap-up: You’re looking at several months’ worth of work, but nothing here is rocket science. One thing that would be very useful to do would be to create a mock setup in a test lab that somewhat simulates the way the production network looks, then get things going, figuring out any rough spots you might have to go through, and finally deploying when you’re comfortable with the steps you need to take. As always, you should develop a project plan and follow it, especially with a huge network such as this.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
6. B, C. Both B and C are viable alternatives. You’re told in the case study
Chapter
4
Designing an Exchange Server Security Plan MICROSOFT EXAM OBJECTIVE COVERED IN THIS CHAPTER: Design an Exchange 2000 Server security plan.
Secure the Exchange 2000 Server infrastructure against external attacks.
Secure the Exchange 2000 Server infrastructure against internal attacks.
Design an authentication and encryption strategy. Considerations include user authentication and encryption requirements, such as S/MIME, KMS, IPSec, NTLM, Digest authentication, and SSL.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
E
ven though most of the security utilized in Exchange is built into the Windows 2000 Server operating system, there are nonetheless some unique security features and requirements that Exchange possesses independently. They are unique because E2K is designed to play on the Internet as well as on the corporate LAN. They are required because you must protect your Exchange environment. We start this chapter with a discussion of protecting the Exchange deployment from external attacks from hackers. We then talk about how to protect it internally from cowboys. Finally, we examine authentication and encryption strategies.
Securing Against External Attacks
U
sers not on the private network may be given the capability to connect to your Exchange environment in a variety of ways:
Microsoft Exam Objective
Design an Exchange 2000 Server security plan.
Secure the Exchange 2000 Server infrastructure against external attacks.
Through the Internet It’s natural that there will be e-mail users on the Internet who want to send e-mail to your private network users. Exchange 2000 Server supports many different Internet protocols, and hence many ways in which external users can get information beyond ordinary e-mail to internal users. For example, if data conferencing services are installed,
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against External Attacks
139
it’s possible to use the WebDAV standards to allow Internet users to set up virtual conferencing sessions with internal users utilizing Office 2000 software and the Exchange 2000 system. Clearly, we’re well beyond the days when the only thing we had to worry about was an outsider relaying on SMTP port 25, or the chances of receiving a virulent virus (although both of these situations are still very possible). Also, there will be issues for admins grappling with trying to provide Exchange services to their users who are using their own ISP. For example, admins might have to deal with opening POP, OWA, IMAP, and SMTP ports while concentrating on the security concerns entailed therein. Over a Virtual Private Network (VPN) Circuit Windows 2000 provides strong Virtual Private Network (VPN) capabilities. You can set up a VPN circuit with another company as a temporary link while a project’s going on. You can establish a VPN for telecommuters with high-speed Internet links; or you can choose VPN connectivity to link your own sites together. You have two choices of VPN tunneling protocols: the older Point to Point Tunneling Protocol (PPTP), or the newer Layer Two Tunneling Protocol (L2TP). You can also provide strong encryption capabilities by utilizing either Microsoft Point to Point Encryption (MPPE) with PPTP, or Internet Protocol Security (IPSec) with L2TP. Finally, you have a broad variety of authentication protocols at your disposal for either system. It doesn’t take a rocket scientist to see that security is a major consideration when you’re connecting to a partner corporation while you’re trying to get a big project nailed up, even though you’ve got a VPN going. You have no idea what sorts of scurrilous individuals might be in that parent corporation. Sounds paranoid, but those people are out there. (Heck, you probably don’t even have a feel for the kinds of scurrilous people you’ve got in your own company.) Telecommuting into a RAS Server Setup You can provide users with the ability to dial into the network and connect to the Exchange 2000 System, either through Microsoft Outlook or through Outlook Web Access (OWA). OWA has been greatly enhanced from its earlier Exchange implementations. So there are three different methods through which a user can connect to the Exchange system. Thus you could potentially open the already wideopen door to your system by even more. How do you begin looking at ways to protect such a system from intruders? You start with your firewall, and a listing of required ports on the firewall. These are ports that you must open
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
140
Chapter 4
Designing an Exchange Server Security Plan
to allow traffic into the internal network in order to facilitate the kinds of services you’d like to implement A firewall acts as a port stopper, if you will. Firewalls monitor the TCP and UDP ports through which a person might try to connect. The firewall can be set to allow all connections through a given port, to allow only certain connections through, or to allow no connections at all on a particular port. When you set up a port to disallow connections on a given port, you’re said to be filtering that port. Table 4.1 lists TCP/IP protocols that Windows 2000 and Exchange 2000 have the capability of using and the ports that these protocols are on. Ports that are used by Exchange 2000 Server are marked with an asterisk. TABLE 4.1
Internet Ports Used by Windows 2000 and Exchange 2000 Server Port
TCP/UDP
Protocol or Service
20
TCP
FTP data
21
TCP
FTP
*25
TCP
SMTP
42
TCP
WINS replication
47
TCP
Generic Route Encapsulation (GRE) header for PPTP
53
UDP
DNS name resolution and lookup
53
TCP
DNS name resolution and lookup
67
UDP
DHCP Client, BOOTP
68
UDP
DHCP Server
69
TCP
Remote installations via Trivial File Transfer Protocol (TFTP, commonly used for configuring network devices such as switches and routers across a network)
*80
TCP
HTTP
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against External Attacks
TABLE 4.1
141
Internet Ports Used by Windows 2000 and Exchange 2000 Server (continued) Port
TCP/UDP
Protocol or Service
88
TCP/UDP
Kerberos 5 (default security protocol used by Windows 2000)
*102
TCP
Mail Transfer Agent (MTA) using X.400 over TCP/IP
*110
TCP
POP3
*119
TCP
NNTP
*135
TCP
Used for three purposes: client/server communication; legacy Exchange administration; and Remote Procedure Call (RPC)
137
UDP
NetBIOS Name Service; handles logon sequence, Windows NT 4.0 trusts, Windows NT 4.0 secure channel, pass-through authentication, browsing, and printing
137
TCP
WINS registration
138
UDP
NetBIOS Datagram Service; handles logon sequence, Windows NT 4.0 trusts, Windows NT 4.0 directory replication, Windows NT 4.0 secure channel, pass-through authentication, netlogon, browsing, and printing
139
TCP
NetBIOS Session Service; handles NetBIOS Translation (NBT), Server Message Blocks (SMBs), file sharing, printing, logon sequences, Windows NT 4.0 trusts, Windows NT 4.0 directory replication, Windows NT 4.0 secure channel, pass-through authentication, Windows NT 4.0 administration tools (Server Manager, User Manager, Event Viewer, Registry Editor, Performance Monitor, DNS Admin), Common Internet File System (CIFS)
*143
TCP
IMAP4
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
142
Chapter 4
Designing an Exchange Server Security Plan
TABLE 4.1
Internet Ports Used by Windows 2000 and Exchange 2000 Server (continued) Port
TCP/UDP
Protocol or Service
*389
TCP/UDP
LDAP
*443
TCP
HTTP Secure Sockets Layer (SSL)
445
TCP
Common Internet File System (CIFS)
464
TCP/UDP
Kerberos 5 Password
*465
TCP
SMTP (SSL)
500
TCP/UDP
Internet Security Association Key Management Protocol (ISAKMP)/Oakley header and traffic (used with IPSec)
522
TCP
User Location Database
543
TCP
Kerberos Login (klogin)
544
TCP
Kerberos Shell (kshell)
*563
TCP
NNTP (SSL)
*636
TCP
LDAP (SSL)
750
UDP
Kerberos authentication
751
UDP
Kerberos authentication
752
TCP
Kerberos authentication
753
UDP
Kerberos user registration server
754
TCP
Kerberos slave propagation
888
TCP
Logon and environment passing
*993
TCP
IMAP4 (SSL)
*995
TCP
POP3 (SSL)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against External Attacks
TABLE 4.1
143
Internet Ports Used by Windows 2000 and Exchange 2000 Server (continued) Port
TCP/UDP
Protocol or Service
1026
TCP
Outlook 2000 NSPI GC Referral Port
1109
TCP
Post Office Protocol (POP) with Kerberos
*1503
TCP
T.120 (Exchange 2000 Conferencing Server)
1645
UDP
Remote Authentication Dial-In User Service (RADIUS) authentication (Port 1812 can be used also)
1646
UDP
Remote Authentication Dial-In User Service (RADIUS) accounting (Port 1813 can be used also)
*1720
TCP
H.323 (videoconferencing) call setup (Exchange 2000 conferencing server)
1723
TCP
Point-to-Point Tunneling Protocol (PPTP) control channel (used along with port 47; GRE header channel)
*1731
TCP
Audio call control (Exchange 2000 conferencing server)
1812
UDP
Remote Authentication Dial-In User Service (RADIUS) authentication (port 1645 can be used also)
1813
UDP
Remote Authentication Dial-In User Service (RADIUS) accounting (port 1646 can be used also)
2053
TCP
Kerberos
2105
TCP
Kerberos encrypted remote login (rlogin), Microsoft Message Queue Server
3268
Global catalog
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
144
Chapter 4
Designing an Exchange Server Security Plan
TABLE 4.1
Internet Ports Used by Windows 2000 and Exchange 2000 Server (continued) Port
TCP/UDP
3269
Protocol or Service Global catalog
3389
TCP
Windows 2000 Terminal Server
6665
TCP
Microsoft Chat server to server
6667
TCP
Microsoft Chat client to server
*Dynamic
TCP
H.323 Call Control
*Dynamic
UDP
H.323 Call (RTP over UDP)
Dynamic
TCP
RPC session ports
* Explicitly used by Exchange 2000 Server.
Users Connecting over the Internet Looking at the information in Table 4.1, you can make some key, early-entry design decisions about firewall configuration. For example, if you don’t ever intend to nail up a data-conferencing implementation, then you don’t need to open up the H.323 port (1720), or ports 1503, 1731, and 2980. (H.323 is a standard that provides for the way that audio- and video-conferencing goes on over a network.) Internetworking experts typically set up a firewall with only the basic ports enabled, including FTP (23), SMTP (20, 21), and HTTP (80)— and even then they may elect to restrict some of those (such as FTP). Providing a Secure Sockets Layer (SSL) connection between Internet users and your Exchange system means two things for a design scenario: supplying plenty of processing power for servers that will be handling the SSL encryption/decryption servers; and keeping the SSL server on the front end of the network (probably on the DMZ). Picture it this way: A user working on the Internet from her home wants to receive her e-mail from the Exchange system at work. To arrange this, you might decide to use IMAP4 (SSL) for her to connect and download her e-mail. Recall that IMAP4 allows users to preview the e-mail headers (so they know which ones need immediate downloading), and several other benefits (including
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against External Attacks
145
public folders). But as an admin you want to make sure that the data coming to and from the client is encrypted, so you require IMAP4 SSL. E2K gives you the ability to separate different processing servers, calling them front and back servers. Put the SSL server in the front, where the client authentication needs to occur, and put the mailboxes in the back. This provides you with one other, less obvious, capability as well: You can move the mailboxes anywhere you want to in the back, as long as users are being validated in the front. Note that all of the supported Exchange 2000 protocols have an SSL counterpart. In other words, if you conventionally utilize the HTTP protocol to connect to a Web server, you can opt instead to use HTTP-S, the SSL equivalent of HTTP. There are SSL equivalents for the other Internet protocols, as well, that E2K uses. Not going to use or allow SSL at all for your Internet clients’ connectivity? Close up the SSL ports on the firewall, effectively getting rid of 11 of 19 ports. Perhaps a safer decision would be to require all incoming connections to be encrypted through SSL, thus guaranteeing that those with connections that are not secure will be unable to get into the system.
There’s an even more important point to make in our discussion of SSL and security. If you don’t have a firewall—you’re connecting your network to the big bad Internet with only a mere router in between—you’re simply asking for trouble. It’s like speeding past a cop in your bright red Mustang Cobra—it’s got “Hit me” written all over it. So, first order of business: Obtain a firewall, preferably a fast hardware firewall such as a Cisco PIX. (Checkpoint and Raptor fans, forgive me. I’m not a detractor of software firewalls, just a proponent of wire-based hardware firewalls.)
There are a couple of key points to keep in mind in your design as you think about Internet users connecting to your network. The first is that you can always enforce strong authentication on the network side. Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) and its newer cousin, MS-CHAP version 2, both provide a requirement for very strong authentication. Your logon name is what you say it is, and your password is what you say it is. It’s very difficult to spoof this kind of thing. Couple this robust authentication with solid encryption such as an SSL connection, and you’re controlling security from the outside in the way it should be controlled. Problem is that these sophisticated technologies can be difficult to
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
146
Chapter 4
Designing an Exchange Server Security Plan
implement, and you’ll be tempted to downgrade the security. Testing well before you enable a system is in order. The second key design point is that you want to provide a powerful server on the DMZ for the purposes of validating these users. Then you want to set up a VPN between the front-end server on the DMZ and the mailbox server(s) on the back end to facilitate mail transfer. The back-end server would be responsible for name-resolution and Global Connection services.
Users Connecting via a VPN VPNs provide inherent security because, alongside the tunneling protocol that you select for your VPN, you are also advised to utilize an encryption protocol and an authentication method. IPSec requires certificates, as is true with most Windows 2000 security, thus guaranteeing the identity of a user who connects via a VPN. Again, to provide optimum security, you’ll probably put your VPN server on the DMZ and then provide a second VPN server on the private network. This second VPN acts as a secure pipe between the intranet and the DMZ. When setting up VPNs, be aware of the importance of trusting those who are connecting to you. To illustrate this point, imagine you’ve set up a VPN with a business partner corporation. No small amount of work is involved in such an endeavor—you have to procure a high-speed circuit of some type, and then establish the VPN server(s) that will allow for seamless, secure interconnection between you and your partner. Trouble is, what guarantee do you have that usernames and passwords won’t get passed around in order to facilitate easy connectivity to your company? Surely you can imagine the scenario where Bob the primary engineer is going on vacation for two weeks and so he “lends” his logon credentials to Sue and Carol and Ted and Alice so they can help you do your stuff while Bob’s gone. Recognize that clients authenticating through a VPN using L2TP and IPSec will obtain a certificate, which means you’ll have to put up at least one Certificate Authority (CA) server for use by IPSec. This is a good thing to have because the Exchange 2000 Key Management Service (KMS) utilizes certificates that are generated by the CA server. You can utilize encrypted and signed e-mail (e-mail documents that were chosen to be encrypted by the KMS server) sent from inside users to the outside world and from Internet users to people on the private network.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against External Attacks
147
Telecommuting Users Perhaps the biggest danger to your network from outsiders coming in, apart from the threats of viruses and relay-spoofing issues will be users who telecommute. (See the upcoming Design Scenario sidebar for more on the relay problem.) It’s no big deal to obtain some software capable of mounting a dictionary-type attack (where all combinations are tried) or guessing passwords. There are some things you can to do in the Windows 2000 telecommuting arena to negate such problems. First, you can install a Remote Authentication Dial-In User Service (RADIUS) server to handle the authentication of your telecommuting users forestwide. RADIUS helps you to maintain centralized management of the Routing and Remote Access Service (RRAS) log files and the accounting of dial-in users connecting to the system. RADIUS allows you to apply robust authentication requirements for dial-in users and to centrally manage Remote Access Policies. You can also set up a VPN server that runs L2TP and IPSec even for telecommuting users who aren’t entering your network through DSL or cablemodem connections. This arrangement lets you set up very strong encryption, authentication, and tunneling paradigms. This combination of safeguards, while not guaranteeing zero hackability, will certainly cut the odds markedly down. A hacker will have to obtain a certificate, not to mention provide valid authentication credentials and somehow break into a secure tunnel. It’s important to note that people coming in from the Internet wanting to share documents with people on the private network should consider using Secure MIME (S/MIME) as the means of sending files to one another. This secure method of course adds overhead to the whole process, but it brings enhanced security into the picture. It’s also desirable to note here that an Exchange 2000 server not only has a Priv1.EDB file, similar to legacy Exchange databases, but also creates a Priv1.STM file expressly for the purposes of more efficiently handling Internet streaming media. Typically the Priv1.EDB and .STM files are created in the First Storage Group. You can view these file locations by navigating down through the Exchange System Manager to the server’s First Storage Group, right-clicking and selecting Properties, and then navigating to the Database tab. In terms of security, it’s important to safeguard these files from public scrutiny. Though STORE.EXE locks these files during operation, nevertheless users should not be able to access them directly.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
148
Chapter 4
Designing an Exchange Server Security Plan
Design Scenario: A Bogus Company Starts Using Your E-mail Server as a Relay One day you’re called by some users who’ve discovered they can no longer send or receive e-mail from a favorite Internet site. You’re running Microsoft Proxy Server and a third-party program that prevents users from surfing out to disallowed sites, but you have always allowed the sending of e-mail to these sites. Upon checking into the problem a little bit, you find that your company is on this site’s “blacklist,” meaning that you’ve committed some grave online indiscretion and they won’t permit you to send or receive e-mail from them anymore. You do some further checking and find that your Exchange Server 5.5 Internet Mail Service (IMS) is configured to allow relaying of Internet mail. In checking the logs, you see that an individual or business entity has been using the SMTP port on the Exchange server to relay thousands of e-mails to people all over—including the company that your users are trying to access. Not only have these spammers managed to get you blacklisted from various sites, but they’ve been utilizing your server’s CPU cycles, memory, and disk space to perform their e-mail blasts! A search of the Microsoft TechNet Knowledge Base produces article Q199656, “How to Stop Spam Mail Messages from Using IMS Relay Agent.” You apply the recommended fixes. You then test the fixes and see that you have indeed repaired the problem. You notify the companies that have blacklisted you and ask them to test and to remove you from the blacklist. But you’re worried about how you’ll prevent this in the future when you migrate to Exchange 2000 Server. To avoid this problem, you simply set up a second virtual server for your SMTP traffic to and from the Internet. Under the Relay Restrictions tab of the SMTP Virtual Server properties sheet, select either “Only the list below” or “All except the list below” and then key in the computers that are allowed to use SMTP to relay their mail. This will stop any future pirating of your SMTP service by outsiders.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against Internal Attacks
149
Securing Against Internal Attacks
As a general rule, internal users, especially cowboys, will be inclined to try and go pretty much anyplace they’re not restricted from. That is, if the network administrator is neglectful of monitoring the permissions given to mailboxes, distribution lists (called Active Directory distribution groups in Exchange 2000), and public folders, there is a potential for unauthorized access.
Microsoft Exam Objective
Design an Exchange 2000 Server security plan.
Secure the Exchange 2000 Server infrastructure against internal attacks.
Since you may not be familiar with earlier versions of Exchange, let’s start with an examination of what the older Exchange items translate to in Exchange 2000 Server. Table 4.2 shows the object translation from legacy Exchange systems to Exchange 2000 Server. TABLE 4.2
Translation of Legacy Exchange Objects to Exchange 2000 Server Objects Legacy Exchange Objects
Exchange 2000 Server Objects
Mailbox
Mailbox-enabled account
Custom Recipient
Mail-enabled account
Distribution List
Distribution Group
Public Folder
Security Group
If you’re not used to it, the E2K object terminology is somewhat funny. A mailbox-enabled account is a user account that has an associated e-mail address and can both send and receive e-mail. A mail-enabled account is a user account that has an e-mail address but cannot receive e-mail.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
150
Chapter 4
Designing an Exchange Server Security Plan
When you create a new user in the Windows 2000 system where Exchange 2000 is installed, you are asked if you’d like to create an Exchange mailbox for that user. It’s very similar to the legacy Exchange/NT 4.0 environment. In legacy Exchange settings, you’d use the Exchange Administrator console to create a custom recipient. But in E2K, to create a custom recipient’s equivalent, you first create a new user account and elect not to create a mailbox. Then, after the user account has been created, you highlight it, select All Tasks Exchange Tasks, and run through the Exchange Task Wizard. While in the wizard, you can choose to create a mailbox, establish an email address, or (if you have Instant Messaging enabled) enable Instant Messaging on this user account. See Figure 4.1. FIGURE 4.1
Setting up a mail-enabled user in the Exchange Task Wizard
Next you’re presented with the option to key in an external address, as shown in Figure 4.2. Click the Modify button, and you’re given the choice of several types of e-mail addresses (Figure 4.3). In this case you’re interested in the SMTP address (which was called “Internet” in previous Exchange systems). You can also opt to change the default IMS service’s settings for this client, as shown in Figures 4.4 and 4.5.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against Internal Attacks
FIGURE 4.2
Selecting a user to create an external SMTP address
FIGURE 4.3
Choosing to create an SMTP address
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
151
152
Chapter 4
Designing an Exchange Server Security Plan
FIGURE 4.4
Keying in the e-mail address
FIGURE 4.5
If desired, you can change the IMS default settings.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against Internal Attacks
153
Exchange Server distribution lists are turned into distribution groups. At Exchange 2000 Server deployment time, should you want to create new distribution groups, it’s a very simple process. Go into Active Directory Users & Groups, right-click the Users folder, and select New Group. When the New Object - Group properties sheet comes up, you’ll be asked to key in a Windows 2000 group name, a pre–Windows 2000 group name (for Windows NT 4.0 compatibility), the scope for the group, and whether it’s a security or a distribution group. A group can be created in one of these three scopes, as shown in Figure 4.6:
FIGURE 4.6
Domain Local: This group is assigned permissions only within the same domain.
Global: This is a tricky one to remember. Group membership can only comprise members in the same domain, but a global group can be granted permissions in any other domain.
Universal: You can assign members from any domain to a group with universal scope, and you can grant permissions to this group to any domain.
The New Object - Group properties sheet offers three scopes for the group.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
154
Chapter 4
Designing an Exchange Server Security Plan
You must also understand the difference between a distribution group and a security group:
Distribution Group: This group is created strictly to facilitate the distribution of e-mail to a large group of users at once.
Security Group: By utilizing this group you can both assign permissions to shared resources and send e-mail. When you upgrade a legacy Exchange Server installation, public folders are converted to security groups. You can create additional security groups. Universal security groups cannot be created with the domain in mixed mode.
Setting Exchange Permissions When considering internal security, it’s important to keep in mind that, like vintage Exchange, permissions are inherited from the parent object by the child object. You can manage Exchange permissions with substantial granularity—right down to the item level.
But if you’re in set-it-and-forget-it mode and you’re not thinking about childobject permissions inheritance, you could very well inadvertently give permissions to a user or group that shouldn’t have them. You can circumvent this capability for any parent object, however. Right-click it, select Properties, and navigate to the Security tab. Select Advanced, and you’ll see a check box titled “Allow inheritable permissions from parent to propagate to this object.” (See Figure 4.7.) Uncheck this option, and you’ve fixed a potential security hole.
The following sections explain some of the various security permissions of interest to you in the E2K world.
Access Control Lists In the Windows 2000 system of managing access, each object contains specific security information called the security descriptor. Part of the security descriptor is a list of users or groups allowed to access the object; it’s called the Access Control List (ACL). Now consider this next fact carefully: If an object doesn’t have an ACL, everyone is allowed full access. If you’ve ever created a share in Windows NT Server without bothering to set the permissions, you were probably horrified to find later that the Everyone group had Full Control to the share! The same assumption is at work here in E2K with an object that has no ACL—except that the assumption is more implicit. In
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against Internal Attacks
155
other words, if you create an object without allowing specific access to certain users or groups, it is assumed that all objects have full access to this object. Conversely, if you were to key in a user or a group that was allowed access to the object, you’d be creating an Access Control Entry (ACE). Now you’ve reversed the tables. If an object has associated ACEs, no users or groups except the ones with ACEs are allowed access to the object. There is an implicit denial of all access to those who do not possess an ACE to the object. If the ACL exists but contains no ACEs, no one at all has permissions to the object. You can view an object’s ACL and ACEs by simply bringing up the object’s properties sheet and navigating to the Permissions tab. Some Microsoft literature refers to the ACL as a Discretionary Access Control List (DACL), with emphasis on the word discretionary. We like this term because it implies to you, the administrator, that you’re in control of your own enterprise—you have the discretion to assign user and group permissions as you see fit. The implication is, of course, that you’re the one who’ll be responsible for any holes that you leave in the system.
Coincidentally, or maybe not, the ACL terminology comes from Cisco routers. If you’re familiar with routing and switching technology, the concept of an ACL should be no big trick for you to master. FIGURE 4.7
You can turn off the parent-to-child permissions propagation check box to circumvent a possible security hole.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
156
Chapter 4
Designing an Exchange Server Security Plan
Delegation Second in Exchange permissions management is the concept of delegation— the ability of an administrator to delegate permissions to some other user or group. With Exchange 2000 Server you have enormous delegation capabilities. On the one hand, delegation can be very useful because you can give the permissions needed to an administrator in a remote site, so that person can administer a given set of objects. On the other hand, delegation has a way of getting seriously out of hand in a hurry and must be tightly and regularly monitored and maintained.
Active Directory Connector (ADC) Connection Agreements When you’re cohabiting your E2K system with legacy Exchange 5.5 SP3 systems, you must install the Active Directory Connector (ADC)—the one that comes with Exchange 2000, not the one that comes with Windows 2000. As soon as you install the ADC, whether you’re aware of it or not, a Connection Agreement (CA) is made between the Exchange 2000 system and the legacy Exchange system that you entered when installing the E2K software.
Computerdom has finally come to the point of double meanings for acronyms! We have before us just such a case: An Exchange 2000 CA (Connection Agreement) is different from a Windows 2000 CA (Certificate Authority), but both use the same acronym. Be careful when reading the Microsoft literature!
You can create other CAs to talk to other Exchange computers, and even create CAs that are interorganizational—that is, CAs that traverse multiple Exchange organizations. You may recall from earlier Exchange work that an Organization is the top layer of an Exchange hierarchy, followed by Exchange Sites. So to be able to set up interorganizational CAs is quite an advantage. To create a new CA, simply open the ADC on the computer where it was installed, right-click Active Directory Connector and select All Tasks New Connection Agreement. The ADC uses LDAP to communicate with the Active Directory database. We need to point out some items to think about within the context of this discussion about security. First, note that the recipients container from which you want to take the Exchange 5.5 information, plus the service account information, are required from the legacy Exchange side just as they are on the E2K side. You can assign Recipient CAs or Public Folder CAs. It is to your benefit to carefully design the CA security context beforehand and carefully monitor the permissions after deployment.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Securing Against Internal Attacks
157
Secondly, you can utilize a variety of authentication methods when replicating between the CAs:
MS-CHAP
MS-CHAP (SSL)
Basic (cleartext) using SSL
In CAs where you’re crossing WAN links or VPNs to talk to another Exchange server, it’s wise to select the strongest level of security possible (MSCHAP SSL) to ensure that the content is not tampered with. Note that you can opt to create a new service account that is responsible for the CA—not a bad idea, though by now your service account list is probably getting large. Third, and finally, you have a choice of direction in which you’re going to allow initial CA replication to occur: either from the legacy Exchange box to the E2K side of the house, or vice-versa. Remember that when Exchange 2000 joins a legacy Exchange site, the E2K installation appears as a new site in the legacy Exchange Administrator console; and the legacy Exchange site appears as an administration group in the Exchange System Manager (ESM).
Design Scenario: Existential Windows—Deployments on Two Different Planes A very key concept to learn before going forward into the brave new Windows 2000 world is that you need to begin to think about Windows 2000, and its associated enterprise applications including E2K, on two different levels: physical and administrative. This line of reasoning is built into all the new Microsoft enterprise software that we’ve worked with so far, and adopting this mentality will serve you well now and as you go forward with future designs. First, know the physical components of your rollout. Exchange 2000, as you’ve discovered, has a physical component in terms of routing groups, routing group master, and bridgehead servers. It’s highly important to understand the topology of your enterprise in order to design solid physical E2K layouts. In addition to the physical limits of the network, be aware of the administrative nuances that may affect its design. Physical and administrative characteristics may overlap in many places, but then again, they might not. For example, you may decide that, based on WAN characteristics, you want to break two sites into routing groups of two or three Exchange servers apiece. Prior to the division, all the servers are managed by one team. After the division, you might need to assemble two administrative teams to handle the servers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
158
Chapter 4
Designing an Exchange Server Security Plan
When designing any Windows 2000-based enterprise software rollout, it’s best to consider first the physical design characteristics and then the administrative disposition. When considering administrative models, keep in mind the various permissions that objects and people will have as they move across a system.
Designing an Authentication and Encryption Strategy
With what we’ve discussed so far in this chapter, and incorporating some additional significant elements, we can begin to go to work constructing an authentication and encryption strategy that best fits an existing system design and will grow efficiently along with any future enhancements.
Microsoft Exam Objective
Design an Exchange 2000 Server security plan.
Design an authentication and encryption strategy. Considerations include user authentication and encryption requirements, such as S/MIME, KMS, IPSec, NTLM, Digest authentication, and SSL.
Kerberos 5 We start with a discussion of the default security protocol used by Windows 2000 and hence Exchange 2000: Kerberos version 5 (Kerberos 5). Kerberos 5 can only be used by Windows 2000 clients connecting to the network. Windows 3.x, 9x, and NT 4.0 clients connect to Windows 2000 networks using good old NT LanMan (NTLM) authentication. So what are some of the differences between Kerberos and NTLM? Let’s use Table 4.3 to illustrate the comparison. In Table 4.3, the item “Trust management is automatic and much easier” represents the friendliest aspect of Kerberos 5, and yet the most risky in terms of security. In large Windows 2000 networks with many domains,
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Authentication and Encryption Strategy
159
domain trusts are by default two-way and transitive. They’re automatically nailed up, and domains are accessible from other domains. Compare this with NT 4.0 networks in which trusts had to be explicitly nailed up and maintained by administrators. Yes, in Windows 2000 you still have to apply specific permissions to groups, but members of the Enterprise Admins group, by virtue of Kerberos 5’s characteristics, would have immediate advantage of the entire network—something a designer may not want to have happen. TABLE 4.3
Differences Between Kerberos 5 and NTLM Security Characteristics
NTLM
Checks logons to stand-alone Windows 2000 computers
X
Checks logons to the domain by non–Windows 2000 computers
X
Checks logons to the domain by domain member Windows 2000 computers Application servers must connect to a domain controller to authenticate a user
X
X
Application servers can authenticate a client by the credentials presented to them No checking of server credentials; validity of server identity is assumed
X
X
Checking of server credentials; validity of object identity is never assumed Windows services capable of impersonating clients when accessing resources on their behalf—used in front-end server implementations Windows services capable of impersonating client when accessing resources on their behalf—used in back-end server implementation (Delegated Authentication)*
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Kerberos 5
X
X
X
X
160
Chapter 4
Designing an Exchange Server Security Plan
TABLE 4.3
Differences Between Kerberos 5 and NTLM (continued) Security Characteristics
NTLM
Trust management is manual and complicated
X
Kerberos 5
Trust management is automatic and much easier
X
Capable of interoperating with other OS environments that use Kerberos 5 (Kerberos 5 is based upon nonproprietary standards)
X
Capable of forwarding logon credentials to other servers
X
* Note: In client/server environments, both NTLM and Kerberos 5 have the capability of impersonating the client in order to access resources that are required. However, when you have back-end servers that need accessing, Kerberos 5 utilizes a proxy mechanism that allows impersonation of clients on back-end servers—a very subtle yet important distinction. This function is called Delegated Authentication and is not a feature of NTLM.
In the Kerberos environment you’re dealing with public key technology, a highly sophisticated and trustworthy mechanism that provides a high degree of certainty that you are who you say you are when requesting network services. This mechanism is native to Windows 2000 servers. Here’s how it works: 1. Windows 2000 user logs on with a password or smart card. 2. Client computer is authenticated by a Key Distribution Center (KDC),
a component of Active Directory running on any Windows 2000 domain controller (DC). 3. KDC gives the client computer a ticket called a Ticket Granting Ticket
(TGT). 4. Client computer uses the TGT to access a Ticket Granting Service
(TGS), a part of Kerberos 5’s authentication service running on DCs. 5. The TGS presents a service ticket to the client computer. 6. Client computer can use the service ticket over and over to access net-
work services. Because Kerberos 5 uses key pairs to validate the client computer, the client computer is known good and validated.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Authentication and Encryption Strategy
161
How does this work in the Exchange 2000 environment? Kerberos 5 is used in two different ways with E2K. First of all, the client computer can obtain a service ticket from the KDC and then log on to the Exchange store with no further authentication required. Once a service ticket is obtained by the client, the client can use it to access the Exchange store from then on, without further need for authentication. This makes for faster access to the user’s mailbox. Because of a Kerberos 5 logon by a client computer, should additional authentication be needed from another Exchange server, it can be gained by virtue of the already authenticated client, without need for further authentication. For example, say a client computer authenticates through one server but needs to access services through another. Since Kerberos 5 authentication has already taken place, the client’s server can obtain a ticket on another server on behalf of the client computer, as shown in Figure 4.8. FIGURE 4.8
A server obtaining access to a second server on behalf of a Kerberos 5 client
The second aspect of Kerberos 5 client validation is that the Exchange service uses Kerberos 5 to access the DC’s service logon through the local system account. The local system account is changed every seven days, making for a much more secure system.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
162
Chapter 4
Designing an Exchange Server Security Plan
Now the delegation picture becomes even more important than before. Any Kerberos 5 account or computer can be set for delegation. When a computer’s account is set for delegation, we say that it is trusted for delegation. If an account is trusted for delegation, any computer can send along the credentials of the account. Likewise, a trusted computer can send along its credentials to other computers. A good example of this happens when you have Internet Information Service (IIS) version 5 on one Windows 2000 computer, and Exchange 2000 Server on another. The client computer utilizing Outlook Web Access (OWA) uses an Internet protocol to access the store and has to first go through IIS. IIS then uses delegation to forward the credentials to the Exchange 2000 store so the client can access the mailbox.
Time synchronization is highly important with Kerberos. For this reason, it is important to keep the servers’ time synchronized. You can use the Windows 2000 time service, Simple Network Time Protocol (SNTP), to accomplish this goal.
Certificate Services Suppose you want to allow Outlook users to be able to send e-mail using encryption and digital signatures. Perhaps you’ve experimented with this feature some in legacy Exchange environments with Outlook clients. It’s actually very cool and works pretty well. First you install the Certificate Authority service on a Windows 2000 domain controller. Next you install the Exchange 2000 Key Management Service (KMS). Then you enable clients to obtain certificates for use with digital signatures and encryption in their Outlook client software. Some client modification is needed for each client that’s going to be using the signature and encryption methodology, so you have to plan to have somebody visit each PC participating in the process. The administrator setting up the Windows 2000 CA service can opt to specify two different accounts in order to activate the service (mimicking the missile-silo twin-key authentication systems). The administrator can also set various encryption algorithms and hash functions. When a user is enabled to utilize certificate services for digital signatures and encryption of e-mail using S/MIME client software such as Outlook, two keys are generated for
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Authentication and Encryption Strategy
163
the client, one for the signature and one for the encryption. The various types of Outlook client store these keys differently:
Pre–Outlook 98 clients: The private key is stored in a file with an .EPF extension. The file itself is encrypted.
Outlook 98: The private key is kept in an Internet Explorer–protected store for these clients.
Outlook 2000: The private key is kept in the user’s Registry (though in protected storage).
New to Exchange 2000 KMS is the ability to utilize more than one CA service in the enterprise. Additionally, the administrative capabilities of the KMS have been extensively modified, including the added ability to enroll groups of users or selected users in the KMS process. Moving security-enabled mailboxes is now much easier than in previous versions of Exchange. It is possible to export the KMS user from one KMS server to another.
Outlook Web Access (OWA) clients cannot make use of encrypted or digitally signed e-mail.
There are two different protocols that make use of Windows 2000 CA services working in tandem with Exchange 2000: S/MIME and IPSec.
S/MIME The Secure Multipurpose Internet Mail Extensions (S/MIME) format is a secure version of MIME that utilizes the Rivest-Shamir-Adelman (RSA) algorithm developed by RSA Data Security, Inc., Redwood City, CA. (See www.rsa.com for more information about RSA.) S/MIME brings high security to e-mail users. Outlook is completely S/MIME-compatible and has been since Outlook 97. E-mail users will use S/MIME when utilizing certificates via the Exchange KMS service. The S/MIME is not enabled by default with KMS. You have to edit the Encryption Configuration properties’ Algorithm tab to alter the Microsoft Exchange 4.0/5.0 encryption type, the S/MIME encryption type, and the default message format (change from Exchange 4.0/5.0 to S/MIME). Note, however, that you’d only update these tabs in a deployment that consists completely of Exchange 2000.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
164
Chapter 4
Designing an Exchange Server Security Plan
IPSec Defining Internet Protocol Security (IPSec) could take several articles, or even an entire book, by itself. Let’s look at some basic facts about it in order to consider how to implement IPSec in an Exchange 2000 security design. First, note that the Exchange KMS operates at the Application layer (Layer 7) of the OSI model, whereas IPSec operates at Layer 3 (the Network layer). Because of this, IPSec can be deployed in many different situations, such as on VPNs and LANs, as well as on routers. In addition, because IPSec operates at the Network layer and not the Application layer, there will be no compromising of content-filtering or virus-scanning capabilities, as there might be with the KMS and Outlook clients’ sending of digitally signed and/ or encrypted e-mail documents. IPSec operating at the IP layer of the OSI model provides security for protocols that are layers above it (such as TCP, UDP, and other protocols). IPSec is typically used with VPNs but can be used without benefit of VPN. IPSec most often uses key encryption (Kerberos 5) but can also work with certificates. The sophistication of the Diffie-Hellman algorithm (see www.rsa.com for more information) allows for different keys to be generated for each block of data that goes out, hence adding phenomenal strength to the security paradigm. The problem is that non–Windows 2000 clients cannot use IPSec via Kerberos 5. Instead, the administrator should run the IP Security configuration wizard and set IPSec so that it uses certificates instead of Kerberos.
Digest Authentication The Hypertext Transfer Protocol (HTTP) Digest provides a method of authentication that is similar to NTLM but utilized across the Internet. In Exchange 2000, Digest information is used only for Instant Messaging (IM) clients running a non-Windows OS. In order to use Digest information, you must enable Active Directory to provide cleartext password information to the IM security mechanism. To do this, open Active Directory Users and Computers. Highlight the domain to be configured, right-click, and select Properties. Navigate to the Group Policy tab and click Edit to bring up the Group Policy properties sheet. Navigate through Windows Settings Security Settings Account Policies Password Policy,
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Authentication and Encryption Strategy
165
as shown in Figure 4.9. In the Details pane of the Password Policy node, you’ll see several password policies, one of which is titled “Store password using reversible encryption for all users in the domain.” Double-click this policy to get the window shown in Figure 4.10, and enable the policy. Next, run the command secedit /refreshpolicy MACHINE_POLICY to copy the policy to all other DCs. FIGURE 4.9
FIGURE 4.10
Navigating to the Group Policy password properties
Enabling reverse password encryption for the purposes of using Digest authentication
Secure Sockets Layer (SSL) Generally, you’ll want to use SSL connections when you need to connect to a server that is outside of the organization, or if some of your e-mail users are
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
166
Chapter 4
Designing an Exchange Server Security Plan
coming in over the Internet. There are five cases in which you might want to employ SSL in your Exchange 2000 system:
Exchange ADC
HTTP
IMAP4
NNTP
POP3
When connecting to servers in another Exchange organization, consider using SSL in your Connection Agreement to this organization. Outlook clients won’t use SSL. They’ll use S/MIME or digital signatures and encryption to communicate with Exchange. OWA clients will, however, use SSL.
Design Scenario: Using KMS to Allow Outlook Clients to Use Digital Signatures and Encryption You’re the administrator of a brand-new Exchange 2000 deployment. At the time of E2K installation, you did not have certificate services running. Your boss, the operations manager, has asked you to set up secure e-mail for certain users, especially the people in the legal and executive departments. You begin by installing a Windows 2000 Certificate Authority (CA) on a domain controller. You use Control Panel’s Add/Remove Programs applet to accomplish this task. When presented with the option to create a new CA or use an old one, you opt to create a new one and you key in the business name and pertinent addressing information. You have read that Microsoft recommends changing the certificate life from two years to five as you configure this new CA. Next, you rerun Add/Remove Programs and change the Exchange 2000 installation to include the installation of the KMS software. No server reboots are required for either installation. Rather than copying the password to diskette, you choose to jot down the 15-character KMS password that the system gives you, because you consider the diskette option to be much less secure. Without the password, no work within the KMS can be done.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing an Authentication and Encryption Strategy
167
Once the CA and KMS services are installed, you go into the Exchange System Manager (ESM), navigate down through the administrative group’s properties to the Advanced Security object. This object is newly created with the installation of KMS. You right-click the Encryption Configuration node’s Properties sheet to ensure that you’ve got the right algorithms selected; then click OK. Next you start the Key Manager Service. Once the Key Manager service is started, you can edit its properties by right-clicking it and selecting Properties. At this point, you have to enter the password of the account that is in use as the logon to the ESM. In other words, if you logged on to the Windows 2000 Server with the Administrator account and password, the Key Manager is now requiring this password from you. You note in the “Total administrators entered” and “Total administrators required” boxes that there is currently only one administrator required to log on to the Key Manager. You navigate to the Administrators tab of the Key Manager to add user accounts to the list of personnel authorized to modify the KMS properties. You’re startled to find that in each tab within the Key Manager, every time you click Apply you’re prompted for the administrator password again. This service is highly secure! Upon navigating to the Passwords tab of the Key Manager Properties sheet, you find that you can change to two the number of passwords required to edit properties, thus providing “missile-silo” security to the system. You click the Enrollment tab (again having to key in the administrator password) and check the “Sent token in an e-mail” check box, to enable Exchange’s ability to send a token to users requesting a security token from KSM. You also note that there is an option to generate certificates for Outlook 97 or older e-mail clients. Apparently, with post–Outlook 97 clients, an X.509 v3 certificate is generated; but with Outlook 97 and older clients, an X.509 v1 certificate is required. You check this box because you have some legacy Outlook clients that will require the older certificate. Clicking the Apply button, you’re again prompted for your administrator password to facilitate the changes. Then you click OK.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
168
Chapter 4
Designing an Exchange Server Security Plan
Next, you right-click the Key Manager again and select All Tasks Enroll Users. Exchange first prompts you for your administrator password and then asks if you’d like to view the list of names from the Global Address List (GAL) or from the servers, administrators, and users that the system knows about. You select the GAL. You highlight the users in your organization whom you’d like to have the capabilities of digital signatures and encryption, and select Enroll. Now it’s up to the Outlook user to generate her security. She opens up her Outlook 2000 client and notices that there is an e-mail from the system providing a temporary ID to get into the system and generate a permanent ID. She highlights the temporary ID, hits Ctrl+C to copy it, and closes the e-mail. She clicks Tools Options and opens the Security tab. She clicks the Get a Digital ID button and, instead of obtaining an S/MIME certificate from an external authority, she clicks the radio button allowing her to set up security on the local Exchange server. Finally, she keys in a name for her digital ID and hits Ctrl+V to paste in the temporary key she was given earlier. Prompted to enter a six-character password, she does so and is told that the Exchange system will notify her when she has successfully obtained her digital ID. Once the user is equipped with her new digital ID, she can opt to send regular e-mail that has no associated encryption or digital signing, or she can choose specific security options to apply to the e-mail.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
169
Summary
In this chapter we’ve talked about Exchange 2000 security tactics and strategies. We began with how to protect the messaging infrastructure from external attacks. The majority of this effort lies in the wise configuration of your company’s firewalls. We provided a table that shows the protocols and their ports used by Windows 2000 and Exchange 2000, so that you have a feel for which ports can and cannot be safely disabled. For example, if you’re supporting OWA clients that are RASing into your network and utilizing a browser to pull up their e-mail, you may choose to disable the Internet protocol SSL ports for HTTP, IMAP4, NNTP, and so forth, but to leave the standard ports open on the firewall. This chapter also discussed internal security. There are two ways you can shoot yourself in the foot: By not paying attention to the key security areas of permissions and delegation, you can gravely endanger your system. Because permissions are inherited by default from a parent object to a child, you may inadvertently set some permissions at the parent level that you didn’t intend to be propagated to the child. It’s easy to disable this default inheritance feature, but you must do it on a per-object basis. Delegation means that you can allow others to manipulate the Exchange objects. This, of course, opens the door for a so-called poor-man’s inheritance. In this, an administrator, by virtue of having rights delegated to him, simply grants his rights to another administrator. It’s very important to pay close attention to delegation in an Exchange 2000 system. Throughout the chapter, we talked a lot about authentication and encryption. You have many choices to make in setting up strategies for providing authentication and encryption to your e-mail users. The strongest form of authentication or encryption is, of course, always the preferred option, but this may not be possible if you are supporting non–Windows 2000 Professional clients. Outlook clients can utilize S/MIME for their e-mail; they can also make use of digital signatures and e-mail encryption. To provide signature and encryption services for e-mail clients, you must enable a Certificate Authority (CA) server and install the Exchange 2000 Key Management Service (KMS). Outlook Web Access users, those utilizing a browser, can utilize SSL over any of the supported Exchange protocols. You can also enable SSL on the Exchange ADC when talking to servers in another organization. IPSec was discussed, as well, and its usefulness in terms of inter-LAN and -VPN connections. We discussed Kerberos version 5, in detail, explaining how it integrates into the Exchange 2000 system.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
170
Chapter 4
Designing an Exchange Server Security Plan
Key Terms Access Control Entry (ACE) Access Control List (ACL) Certificate Authority (CA) Connection Agreement (CA) delegation Diffie-Hellman Discretionary Access Control List (DACL) filtering Global Address List (GAL) H.323 Hypertext Transfer Protocol (HTTP) Digest Key Distribution Center (KDC) Key Management Service (KMS) key pairs Layer Two Tunneling Protocol (L2TP) mailbox-enabled mail-enabled Outlook Web Access (OWA) Point to Point Tunneling Protocol (PPTP) relaying Remote Authentication Dial-In User Service (RADIUS) Secure MIME (S/MIME) Secure Sockets Layer (SSL) service ticket Ticket Granting Service (TGS) Ticket Granting Ticket (TGT) Virtual Private Network (VPN) X.509 v1 X.509 v3
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
171
Review Questions 1. You have several Outlook 97 users who need to obtain a digital ID
from the Exchange server but cannot. What could be the problem? Select all that apply. A. KMS service is not started. B. Users are not enrolled. C. X.509 v1 certificates are not enabled. D. Outlook 97 is incapable of using S/MIME format. 2. Which two Windows 2000 security services can be used with IPSec? A. MS-CHAP B. Kerberos 5 C. Public key encryption D. Certificate services 3. What advanced security features can be utilized by an Outlook Web
Access (OWA) client? Select all that apply. A. S/MIME B. Digital signatures C. IPSec D. E-mail encryption E. SSL 4. Why would an e-mail user want to utilize S/MIME-enabled e-mail? A. To encrypt e-mail being sent across the Internet B. To send a digital signature along with the e-mail C. To provide attachment support for office automation software D. To provide support for multimedia files
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
172
Chapter 4
Designing an Exchange Server Security Plan
5. You’ve enabled Outlook Web Access (OWA) so that your dial-in users
can read their e-mail without the overhead of using Outlook. Users are complaining that they are unable to access their mailboxes. What could be the problem? A. You’ve not yet installed a CA. B. You’ve not enabled Kerberos to validate Routing and Remote
Access (RRAS) users. C. You have HTTP port 80 blocked at the firewall. D. You have not enabled the users for dial-in capability. 6. At what level of the ISO layer does the Exchange 2000 Key Manage-
ment Service (KMS) run? A. Physical - 1 B. Data Link - 2 C. Network - 3 D. Transport - 4 E. Session - 5 F. Presentation - 6 G. Application - 7 7. In Windows 2000 Server, two authentication packages operate side-
by-side for authenticating both Windows 2000 and legacy Windows users. What are they? A. IPSec B. Kerberos version 5 C. NTLM D. X.509 v3
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
173
8. You have several users who have procured high-speed Internet con-
nections at their home. These users want to access the network and get their e-mail over these connections. What do you need to provide to facilitate this arrangement? A. RRAS server B. Web server C. RADIUS server D. VPN server 9. You have a second legacy Exchange organization in your Chicago
office, and you need to connect to it from your home office in Tulsa. You’ve already set up a communications link with another legacy Exchange organization in your Memphis office. What’s the first thing you need to get Chicago hooked up? A. A second Connection Agreement (CA) B. A set of routing group definitions C. A second administration group D. Enabling of NTLM on the Exchange server 10. Exchange clients that can use Kerberos 5 negotiate first with a
Windows 2000 DC server. What is the name of the service with which the Kerberos client connects? A. Ticket Granting Service (TGS) B. Key Distribution Center (KDC) C. Key Management Service (KMS) D. Certificate Authority (CA) E. Public Key Infrastructure (PKI)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
174
Chapter 4
Designing an Exchange Server Security Plan
Answers to Review Questions 1. A, B, C. You’ll want to check both items A and B. But the most likely
culprit is C, that you’ve not enabled the ability of the KMS to issue either X.509 v1 or X.509 v3 certificates. Outlook 97 and earlier clients require X.509 v1 certificates to set up a digital ID. 2. B, D. By default, IPSec works with Kerberos 5, but it can also work
with certificate services. To work with certificates, the administrator must add the IPSec certificate to the Policy Settings object of the Certificate Authority management program. 3. A, C, E. Because an executable must run on the client to enable digital
IDs, browsers cannot use digital signatures or e-mail encryption. It has nothing to do with the certificates—browsers display certificate information to you all the time, and you probably recognize it. The real issue is that in order to enable a digital ID from KMS, you must locally run an executable provided by the KMS, and this is not currently possible with browser clients. 4. A. The MIME specification provides a way to send e-mail messages
across the Internet. The S/MIME (Secure MIME) specification enables encryption of the messages as they go across the Internet. 5. C. A CA isn’t necessary for simple RRAS and OWA access. Kerberos
is a default protocol, so you don’t have to worry about enabling it for clients. Though it’s possible that you have overlooked one or two users for dial-in capability, it’s not likely that you overlooked them all. The most likely scenario here is that port 80 of the firewall somehow got inadvertently blocked for incoming traffic. 6. G. The KMS runs at the Application layer, whereas IPSec runs at Layer
3 (Network). Some design considerations may come into play when considering whether to have a service at such a high layer in the model, or to provide more security by introducing security at a lower layer.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
175
7. B, C. Kerberos 5 only works with Windows 2000 computers. For leg-
acy clients authenticating to the Windows 2000 network, NT LanMan (NTLM) is needed. The two authentication packages operate in tandem. 8. D. You need a Virtual Private Network (VPN) server to accomplish
this task. With VPN nailed up, users can opt to use a browser and OWA to connect to their mailbox, or they can bring up Outlook and connect that way. You have two choices of authentication and security combinations when working with VPNs: PPTP with MPPE, or L2TP with IPSec. Of the two, the L2TP/IPSec solution is far more secure. 9. A. You’ve already set up the Exchange ADC—we know that because
you’re talking to a legacy organization in Memphis. Now we need a second Connection Agreement (CA) in order to begin the dialog with Chicago. Without the CA, the E2K server can’t talk to Chicago at all. 10. B. Kerberos clients first contact a Windows 2000 DC and obtain a
Ticket Granting Ticket (TGT) from the KDC’s TGS. The clients then present this service ticket to the Exchange store for entry into their mailbox. At subsequent logons, the client already has the service ticket and no longer needs to visit the Kerberos server for renewed logon credentials.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
176
Chapter 4
Designing an Exchange Server Security Plan
Case Study: Analysis of a Securities Company’s Messaging System Security Infrastructure
G
ive yourself 10 minutes to review this case study, diagram as needed, and complete the questions for the mini-test.
Background You’re employed as the chief network design engineer for a large securities business. The business thrives on its ability to send e-mail out to customers and receive Internet e-mail coming back in, and it’s important for salespersons to be able to send e-mail into the business either through dial-up or VPN connections.
Current System The network consists of three different geographic sites, connected together with high-speed, good-quality WAN circuits. All DCs are running Windows 2000 Server in native mode. In Site A, the headquarters site and your home base, you’ve installed Exchange 2000 Server and migrated the Site A users’ mailboxes to the new server. In Sites B and C, you’re still using Exchange Server 5.5, but your administrators have plans to fly out and get the other two sites converted within a few months. Your salespeople can choose to simply dial into the network using the modem in their laptops or, because some salespeople have high-speed connections to their ISP, you’ve also set up a Windows 2000 VPN server that is working quite well. All gear is relatively new; you have no RAM, CPU, or disk issues. All your telephony circuits are of high quality. You have RRAS servers set up in each site, but only one VPN server at Site A. You have a DS-3 (44Mbps) connection to the Internet.
Problem Statement You’re now looking at the overall security system to make sure it has no holes. As is to be expected, this securities company is obsessive to the point of paranoia about having top-drawer network security. Your boss, the Chief Technology Officer (CTO), has some thoughts.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Analysis of a Securities Company’s Messaging System Security Infrastructure 177
Each of the Exchange servers in Sites A and B have been updated to Exchange 5.5 SP3, so you don’t have to worry about updating them to an Exchange 2000–compatible version of legacy Exchange. Each server is in a different site, but in the same organization. The new Exchange 2000 Server deployment was installed in a new organization. You’ve set up a Connection Agreement, one for each server and site. The network consists of about 500 users per site, most of whom are Windows 9x and NT 4.0 Workstation users, although you also have about 30 Windows 2000 Professional computers on the network. Of the telecommuting users, all but two are running Windows 9x, ME, or NT 4.0. The other two users have Windows 2000 Professional. Both Sites A and B have administrators currently managing the Exchange site server. CTO “It is crucial that you examine the network’s security from all angles to make sure that we don’t have any intrusions. A security hole that lured a hacker inside could be potentially devastating to the organization.” Windows 2000 Network Manager “I understand how Windows 2000 security works, but I’m not sure how it bundles in with Exchange 2000. You’ll have to help me understand.”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Overview The VPN server utilizes the Layer Two Tunneling Protocol (L2TP) and IPSec for the encryption protocol. This combo requires a server that can handle the CPU horsepower needed to encrypt/decrypt, and your server is performing adequately. You only have a few of these high-speed users (so far) so the potential aggregate bandwidth consumption were they to all connect at once isn’t so high that the network would auger in. The RAS servers are Windows 2000 RRAS servers. In either case, VPN or RRAS, you’ve got network authentication set for Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2).
CASE STUDY
178
Chapter 4
Designing an Exchange Server Security Plan
Maintainability You want to maintain very strong security, but not so strong that it’s confusing for those who have to administer it. CTO “We need to make sure that the Windows 2000 administrators understand how the security works so that they can maintain it. The setup can’t be rocket science so it’s impossible to maintain.”
Performance The backbone is built on fiber-optic cable and runs at high speed. The servers are all good quality. You don’t think you’ll have any issues with performance or bandwidth.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Analysis of a Securities Company’s Messaging System Security Infrastructure 179
1. What protocol, regardless of whether users connect via the network or
remotely, will Windows 2000 Professional clients use to authenticate to the network? A. IPSec B. MS-CHAP v1 C. MS-CHAP v2 D. Kerberos version 5 E. NTLM 2. How could you enhance security for your non–Windows 2000 VPN
clients? Select the best option. A. Install CA. B. Provide non–Windows 2000 Kerberos software. C. Set up the VPN on a hardware device. D. Set up Outlook 2000 for S/MIME. 3. What would be the single point of failure (SPOF) in a CA server scenario? A. User tries to authenticate in a different domain. B. You only have one CA server. C. Kerberos does not go across WAN circuits. D. Windows 2000 users require certificates to validate. 4. What security precautions might be needed after the Site A and B
Exchange servers are converted to Exchange 2000? Select all that apply. A. None B. Editing of Connection Agreements C. Management of delegation D. Adding of administrators to KMS system
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Questions
CASE STUDY
180
Chapter 4
Designing an Exchange Server Security Plan
5. Using the elements shown just below, construct a diagram that illus-
trates the authentication, encryption, and security protocols that will be utilized when connecting to the Exchange 2000 system. Connect the operating systems to the appropriate server types, using the appropriate encryption and authentication methods.
6. In thinking about the security paradigm at work today in this net-
work, what do you think is the biggest security risk? A. VPN B. RRAS servers C. Local users D. Remote Exchange administrators
Case Study: Analysis of a Securities Company’s Messaging System Security Infrastructure 181
1. D. Windows 2000 users connecting to Windows 2000 servers use Ker-
beros 5 to authenticate. All other users use NT LanMan (NTLM), the same authentication methodology used by clients authenticating with NT 4.0 servers. 2. A. Probably the easiest method is to simply set up a Certificate
Authority (CA) and enable IPSec to use it for user certificates. In a scenario where you’re authenticating the users through a strong authentication protocol such as MS-CHAP v2, and you’re validating that the VPN server being connected to is indeed the valid one, you’ve created a strong, maintainable security scenario. 3. B. With only one CA server on the network, its failure would mean
users couldn’t obtain a certificate. This could be an issue with certificate-enabled IPSec. 4. B, C. There is no Certificate Authority server yet, so you can’t possibly
have Key Management Service (KMS) running in the Exchange environment. Or can you? Is it possible that the Site A and B computers were running Exchange Server 5.5, KMS, and providing their own CA services? In that case you’d have to also investigate the CA issue and definitely check out the administrative rights to the Windows 2000 CA system. In this case, however, we don’t know if the KMS is enabled, so we’ll assume it’s not (at least for test purposes). Thus you’re left with editing the Connection Agreements to make sure that their ACLs contain the correct members with the correct permissions. Also you need to check to see if delegation is enabled; if it is, are its ACL and ACEs correct?
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
Answers to Questions
CASE STUDY ANSWERS
182
Chapter 4
Designing an Exchange Server Security Plan
5. This variety of clients presents interesting twists in your security
monitoring efforts. A Windows 9x user connecting locally to a Windows 2000 DC would connect with NTLM and wouldn’t require any other credentials. On the other hand, a Windows 2000 user coming across the Internet to a VPN—one you wouldn’t think would have many issues—needs to go through a couple of different authentication processes, Kerberos and MS-CHAP v2. In addition, this client has to successfully tunnel its data across the Internet—all this to connect to the Exchange store.
6. D. The greatest challenge will be to make sure the remote Exchange
administrators have the appropriate permissions to administer the Exchange system, but not so many permissions that they can control systems they shouldn’t be allowed into. Wrap-up: Security is often overlooked, yet it’s one of the most important considerations in your network design. Delegation is something to keep in mind especially, plus the potential for one object to inherit the permissions of another, even at the item level. With increased server granularity comes increased potential for security holes unless you are careful to monitor all potential hotspots. MS-CHAP v2 isn’t actually
Case Study: Analysis of a Securities Company’s Messaging System Security Infrastructure 183
Is this network safe? It’s safe, and quite unhackable. We don’t know, though, what the company’s Web setup is like. That may be a whole different can of worms!
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
required for the VPN and adds excess complexity that doesn’t need to be there. Personalities enter into play, as well, because your decisions about remote Exchange server administration will, at least in part, revolve around your trust level for them. Sounds harsh, but sometimes administrators get bored and like to play with systems. Always keep this in mind as a security consideration.
Chapter
5
Strategizing Coexistence and Connectivity MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Plan for coexistence of Exchange 2000 Server with other messaging systems.
Plan for coexistence with foreign mail systems, such as Notes, cc:Mail, GroupWise, MS Mail, PROFS, TAO, and SNADS
Plan for coexistence with Exchange Server 5.5
Design interorganizational connectivity and synchronization. Considerations include existing Active Directory environment, existing DNS configuration, Active Directory Connector (ADC) configuration, security permissions, and administrative permissions and delegation.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
T
his chapter’s goal is to talk about connectivity, both with foreign mail systems and with interorganizational structures. Appropriate to a discussion of the marriage of Exchange 2000 to another system, this chapter borrows from the “something old, something new” poem in two different ways. First, we’ll be talking about how to integrate older systems into the Exchange 2000 organization. Secondly, we’ll consider connectivity and synchronization issues. Doing so, we’ll be covering some ground we’ve gone over before—for two reasons—because these concepts are of key importance in general to the Exchange system and because they have specific importance to this particular objective. For example, the Active Directory Connector is a tool we’ve talked about in previous chapters, but it is specifically mentioned with regard to this test objective in this chapter.
Planning for Coexistence with Other Mail Systems
The first section of this chapter starts out by considering connectivity to foreign e-mail systems. In the following section, we’ll consider coexistence with Exchange 5.5 systems.
Microsoft Exam Objective
Plan for coexistence of Exchange 2000 Server with other messaging systems.
Plan for coexistence with foreign mail systems such as Notes, cc:Mail, GroupWise, MS Mail, PROFS, TAO, and SNADS.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning for Coexistence with Other Mail Systems
187
We’ll start with some ideas about the design issues involved when considering the integration of foreign messaging systems. Having worked before with connections to foreign systems, I can tell you that it can be done and with few problems. But for those systems for which Microsoft provides no connectivity, and there are some in the list below, it will be up to you as a designer to figure out if there are third party or programmatic alternatives that you can apply to get the connectivity going.
Coexistence with Foreign Mail Systems There are a variety of foreign messaging systems for which Exchange 2000 server provides some connectivity. Others have no Exchange 2000 provision, but there may nonetheless be some method of either cohabiting the system or migrating from it. In all design scenarios, one must consider whether to maintain foreign system connectivity permanently, maintain it during migration, or simply not maintain connectivity at all and drop users from the old mailbox and put them in the new system.
Notes If you haven’t been in the computer industry very long, you may not remember where Lotus Corporation got its start. At one time Lotus 123 was considered the premier spreadsheet program in the world. Microsoft wrote the Disk Operating System (DOS) upon which Lotus 123 (and, of course WordPerfect 5.1) ran. (Never at the same time, though.) Someone wrote a third-party memory swapper that would allow you to load more than one DOS program at a time into memory and switch between the two, but the switch was pretty painful, not like the windowed environment we have today. I, for one, would never think of going back to a command line environment like that. But I digress. Once Microsoft released its spreadsheet product, Excel, Lotus corporation attempted to compete for a bit with the software giant, but eventually Lotus 123 died. Lotus found other ground on which to be competitive when in the spreadsheet’s place was born a phenomenal new messaging environment called Notes. Notes had the “groupware” feel to it that Microsoft’s e-mail program—MS Mail for PC Networks—did not have at the time. With Notes, you had the capability of scheduling meetings using a calendar and e-mail and still other functions. Lotus kept on refining and engineering and one day released a product called Domino server. Domino was intended to not only act as the back-end
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
188
Chapter 5
Strategizing Coexistence and Connectivity
messaging server for Notes users but also as a development and presentation environment that application developers could use to write custom applications that then became available to users through buttons on the Domino screen. Today’s Domino is still very much alive and has moved into the Web arena. There developers can use it to write Web applications that integrate with the Domino environment, work with the messaging infrastructure, and provide the client (of which there are now several Notes choices) with a onestop shopping messaging/application environment. Domino is one very cool product and has been for years. Here’s the problem with Domino: Since it’s a combination messaging/ collaboration/application environment, it can be complex to administer on a day-to-day basis. It’s extremely powerful and very diverse, so much so that it too has become an enterprise application worthy of a great deal of an administrator’s time and study. All righty then. So now you’ve got a building or two that’s running Notes/Domino, and the mandate has come down that you must set up an Exchange 2000 environment in another building. The two groups of users (Domino and Exchange) must be able to talk with one another on a regular, continual basis. How do you do this? Fortunately for you, Microsoft has provided a mechanism that you can utilize to connect to Lotus Notes/Domino servers. The Exchange Connector for Lotus Notes, a Windows 2000 service that runs on a single Exchange server, allows you to connect to a Notes messaging system. Not only will the connector provide users with a method of exchanging messages between the two systems, it also provides the following functionality:
The synchronization of the Exchange directory information with the Notes Name and Address book or the newer Release 5 (R5) Domino Directory.
Support for Rich Text Format (RTF) message exchange between the two systems.
The ability to exchange word processing and spreadsheet documents, video and audio files, and graphics between the two systems, including the preservation of the file name, its icon, and the ability to launch it.
Complete interaction of the calendars and schedule information such that meetings can be scheduled between users of each system.
Object Linking and Embedding (OLE) support.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning for Coexistence with Other Mail Systems
189
Support for a Notes doclink, a hot link in a Notes document that leads the reader to a different spot in the document or to another document, folder, or database entirely.
Support for the conversion of attachments and doclinks as they move into the opposing systems.
To install the connector after an Exchange 2000 deployment, simply run the Exchange 2000 setup program to add the connector. Or, upon first installation, simply select it from the list of installed items. Next, prepare the Lotus Notes and Exchange environments for the connection, and then configure the connector. Finally, synchronize the directory information between the two and perform any client modifications that may be necessary. Complete instructions are found in the Exchange help screens. Suppose that instead of setting up a connection between the two servers, you want to migrate the Notes users to your new Exchange environment. You can run the Exchange Migration Wizard found in the Exchange Server program group to do so. The Migration Wizard will migrate the Notes and Domino messages in all folders as well as move all Notes or Domino calendar entries to the Exchange server. The Notes connector would not be required if you were performing a migration instead of a connection. You can also run the Microsoft Application Converter for Lotus Notes, a separate program found in the Migrate\ASN\Setup\ directory of the Exchange Server CD. This program converts and synchronizes Notes application information between Notes and Exchange. You can use this program either in a cohabitation scenario or when performing an upgrade.
cc:Mail Originally invented by the DaVinci company and now owned by Lotus, cc:Mail is another fine messaging product that has been in the industry for a long time and has a large following. Exchange 2000 server comes with a connector for cc:Mail postoffices. The connector installs as a Windows 2000 service and allows Exchange users to send e-mail and attachments to the cc:Mail postoffice (PO) and vice-versa. Installation of the connector also installs the cc:Mail Connector Queue, a place where messages destined for a cc:Mail PO go before being sent to the PO. Messages coming in from the cc:Mail PO are also sent to the queue before being brought into Exchange. There is no exchanging of calendar information, although Exchange directory information is copied to the cc:Mail PO, and cc:Mail PO directory information is copied to Active Directory.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
190
Chapter 5
Strategizing Coexistence and Connectivity
The cc:Mail program has two programs that are used to facilitate this process: import.exe and export.exe. When e-mail needs to be sent from the cc:Mail PO, it uses the export command to send the message to the connector and hence to the Exchange server. When a message comes in from Exchange, the import command is used to bring it into the cc:Mail PO. The cc:Mail connector is installed the same way as the Lotus Notes connector—by running setup and selecting the connector from the list of items to be installed.
GroupWise So far we’ve seen that Microsoft has covered the bases in terms of providing connectivity for foreign messaging systems. Novell Corporation’s GroupWise is another well-known, well-established messaging system with which you may need to connect. Sure enough, Microsoft supplies a connector for GroupWise systems and you simply install it, as you did the others, at installation time. (Alternately, you can run Setup from the Exchange CD after installation and select the GroupWise connector option.) The connector is installed as a service on the Windows 2000 server and is managed, like the others, through the Exchange System Manager. You start by creating ahead of time (after installation of the GroupWise connector and before preparing the GroupWise server) a recipients policy for your Exchange server to be able to create proxy addresses on behalf of GroupWise recipients. Then, as with the Lotus Notes/Domino solution, you create the environment in which the connector’s going to operate on both servers. The environment preparation’s a tad trickier with the GroupWise solution, because you’re required to download a Gateway Netware Loadable Module (NLM) from Novell’s Web site (support.novell.com). You’re looking for the GroupWise 4.1 API Gateway NLM when you get ready to download. The instructions you need for both NetWare 3.x and 4.x are available on the Web site. Next, you download and install the GroupWise Patch 2 for API NLM/OS2 (GW41API2.EXE). This patch allows GroupWise to be able to expand messages that have been sent from Exchange. You then activate the distribution lists, and start the gateway. You complete the operation by creating an External Foreign Domain within GroupWise to be used with Exchange and configure its link. Finally you Create an NT Gateway Group in NetWare. While the connector is installed on a single GroupWise PO, e-mail sent to it can be downloaded to other GroupWise POs accordingly.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning for Coexistence with Other Mail Systems
191
Optionally, you can choose to migrate the accounts to Exchange Server instead. You start by creating an account in GroupWise that will be used for the migration. All users on the GroupWise server who are going to have their mailboxes migrated must grant proxy access to this migration account. You then install the GroupWise client on the Windows 2000 server and log on to the GroupWise mail system. Then you run the Migration Wizard. Note that there are some differences in the way that you prepare for migration depending on whether you’re dealing with GroupWise 4 or 5. Because the migration only operates on one server at a time, you may have to repeat this operation for as many servers as you desire to migrate from. Note that the size of the mailboxes will add time to your migration, so it’s important that each mailbox owner cut down as much as possible prior to conversion.
Microsoft Mail for PC Networks Good old Microsoft Mail for PC Network (MS Mail). I’m sure there are still plenty of installations out there that are running this reliable old program. Like cc:Mail and GroupWise, each MS Mail PO was separate from one another. You had to set up a process called Directory Synchronization or, as the support people at Microsoft called it, “dir-sync.” There are lots of admins who remember fooling around with dir-sync so that it could talk to outlying postoffices. The operation’s the same as it ever was: Install the connector for MS Mail for PC Networks either at installation time or afterward, then configure. In order for the connector to work, you must install the MS Mail gateway and MS Mail Connector MTA on each PO that’s going to talk to the Exchange system. Interestingly, there once were MS Mail Connector MTAs for X.25 and Asynchronous (Plain Old Telephone Service [POTS]) systems, so you may find that you have some pretty cool RRAS connectivity with these old MS Mail systems. Finally, you configure the MS Mail PO that you’re working with to tell it that it has a connector it needs to talk to. There will be some additional MS Mail 3 client configuration involved in order to be able to receive and accept embedded objects sent from Exchange clients. MS Mail clients only work with earlier versions of OLE, but can be configured to view the embedded objects. Note that you can configure the MS Mail connector to contain both versions of OLE objects, thus effectively doubling the size of the items being stored.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
192
Chapter 5
Strategizing Coexistence and Connectivity
A final design-time note: You have a choice of how you set up the connector with your MS Mail PO. You can set it up so that the connector services the entire Exchange organization, or so that there is one connector per administrative group. You’d use the one connector per administrative group method if you required more than one connector and more granular administrative efforts. Optionally, you can simply migrate the users from MS Mail to Exchange by using the Migration Wizard. It’s important to note that with MS Mail users had the option of keeping their mail (in the form of an MMF [Microsoft Mail file]) either locally or on the server. Determining where users’ MMFs are stored will be key in ascertaining how effective the Migration Wizard will be. Users with local MMFs can simply install Outlook 2000 to connect to the Exchange server, then import their MMFs. The only thing that’s not migrated when using the Migration Wizard is the users’ Personal Address List (PAL).
Because you may choose to run the MS Mail connector and perform partial migrations from a PO to the Exchange organization, you need to be careful to stop the connector when you’re ready to run a migration.
As a designer, you should be aware that a very common use for MS Mail was to provide connectivity with Macintosh computers via MS Mail for AppleTalk Networks (MacMail). There is a source extraction utility included on the Exchange 2000 CD in the Migrate\MacMail folder, but it is not supported by Microsoft. You can use this Source Extractor utility to migrate the MacMail users to Exchange.
PROFS If you’ve ever worked with a mainframe computer, you may have been lucky enough to work with a company that had installed and supported one of two IBM mainframe e-mail programs, Professional Office System (PROFS) or OfficeVision (OV). I’ve had the privilege of working with OfficeVision, and I can tell you that it’s not nearly as difficult to work with as it may sound given the mainframe term associated with it. It was actually a pretty cool product. You couldn’t send attachments or anything like that, nor could you send e-mail out over the Internet, but you could communicate with others inside the company and that, after all, is essentially the purpose of corporate e-mail. (I know, I know, it’s not really that way anymore, but the core component of corporate e-mail is still about people in the company communicating with one another.)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning for Coexistence with Other Mail Systems
193
Optionally, you could consider running an MS-Mail or vintage Exchange system with an MS-Mail or third party PROFS gateway.
The word mainframe is bandied about rather loosely these days. When you say mainframe to someone who’s familiar with mainframes they think you’re talking about an IBM or Fujitsu (or other) mainframe that runs the Multiple Virtual Storage (MVS) operating system. Mainframes house big databases such as Natural and IBM’s DB2, programming systems such as COBOL and Fortran, security programs such as TopSecret, operating system interface programs such as Time Share Option (TSO), and even client transaction processing (TP) programs such as Customer Information Control System (CICS). A mainframe is not a Digital Equipment Corporation (DEC) Virtual Address eXtension (VAX), an IBM AS/400, or other mini-computer. These mini-computer systems are large, surely, but they do not qualify as mainframes. That being said, note that IBM PROFS does run on AS/400s. But then again, there’s a Domino product that will run on an AS/400.
Mainframers have a pet term they use when they talk about the mainframe. If you want to be savvy when talking to mainframers, you’ll call the mainframe the host.
Here’s the bad news. To convert IBM PROFS, NetSYS (formerly Verimation) MEMO, or Digital’s ALL-IN-1 users to Exchange 2000, somebody in your organization will have to use a Source Extractor program. You’ll find the Source Extractor programs for these systems on the Exchange CD in the Migrate\Host directory. To run the Source Extractor files, a programmer will have to study up on the commands needed to communicate with the system plus any syntax associated with the commands. Your goal is to extract the user information from the system, then import it into the Exchange system. There aren’t any howto documents on the CD, but there is ample information on Microsoft’s Web site that can walk a team through the paces during the extraction.
TAO When researching this particular e-mail program, I had to do a bit of Web digging, but was very surprised by what I found with what appears to be a high-quality very diverse messaging system.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
194
Chapter 5
Strategizing Coexistence and Connectivity
Fischer International (www.fisc.com) is the developer of the TAO e-mail system. TAO actually comes in two pieces: a database part that lives on an MVS mainframe—an S/390 or an AS/400 system—and a server component called Global Connection Server (GCS) that runs on NT Server. (The Web site says that there’s a TAO database for VAX Virtual Memory [VM] systems. VAX VM is no longer supported by Fischer International per their customer support people.) There are a variety of client front-ends that clients can use depending on the platform they’re running on:
Windows 3x, 9x, and NT
OS/400, the operating system used on IBM AS/400 computers
CICS
Virtual Telecommunications Access Method (VTAM), an SNA communications component used on IBM mainframes
TSO
Integrated Database Management System (IDMS), a database system written for International Computers Limited (ICL) computer systems
Information Management System (IMS), a database written by IBM and utilized by mainframe and mini-computers
Code Management System (CMS), a source-code management system written by Digital Equipment Corporation (DEC)
The cool thing about TAO is that it is allegedly able to talk to a variety of multinational clients regardless of their language across a myriad of computer types. It supports all sorts of e-mail content. There are two methods you can utilize when you need to integrate an Exchange 2000 system with TAO:
Set up TAO user accounts in the Exchange system to be mail-enabled (not mailbox-enabled) with the e-mail address pointing to the TAO user’s mailbox. This way, when e-mail comes in for a user account, it is forwarded to the TAO system. In other words, suppose that Jenny’s a TAO user. You’d set up a Windows 2000 account for Jenny and mail-enable it. Then modify her account’s e-mail address to point to the TAO system.
Set up the GCS so that all incoming e-mail points to the new Exchange server. Note that the TAO database will have to continue to live out on the host even though it’s no longer going to be used. There is a methodology within GCS for outputting the contents of a
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning for Coexistence with Other Mail Systems
195
user’s mailbox to an ASCII file that can then be imported into an Exchange user’s mailbox. Now the bad news. If you need to migrate users off of your TAO system and into Exchange 2000 server, you’ll have to resort to a third-party product to do so. Check www.compusven.com for a company that specializes in a product that will handle this for you. In a design context, you’ll have to plan on added time and expense—not to mention any problem areas you’ll run into while running the migration tool—but if your mandate is to unify on Exchange 2000 messaging, you’ll have to go down this road.
SNA Distribution Services (SNADS) The Simple Network Architecture (SNA) protocol was at one time the main protocol in use by IBM mainframes. In order to communicate effectively with legacy SNA host systems, a PC-based system must have a way of utilizing the SNA protocol. Moreover, in order for e-mail systems to be able to communicate with host-based systems that are utilizing SNA, there must be some sort of SNA connectivity provided. Host-based e-mail systems working over the SNA protocol use an IBM standard called SNADS to accomplish e-mail delivery. Microsoft, as early as the MS Mail days, provided a SNADS connector (called a “gateway” in MS Mail terminology) that would allow for connectivity to SNADS-based e-mail systems (such as PROFS and OfficeVision).
Connectivity with a SNADS-based host system via an e-mail connector requires a Microsoft SNA server deployment in addition to the connector.
First of all, if you’re in an environment where the host is still using only SNA, (and I’m sure those environments are still out there), it may be beneficial, (functioning as the good design steward that you are), to encourage your mainframe caretakers to consider upgrading to IBM’s TCP/IP for the mainframe. This will help you avoid the hassle of setting up additional servers for the purpose of connectivity, the additional load your network will experience by having a second protocol on it, and the expense you’ll have to go through to accomplish your goals. That’s assuming that you have a legacy SNADS system with which you’re going to connect to an Exchange 2000 Server system. Here’s the problem: Exchange 2000 Server doesn’t have a SNADS connector. MS Mail has it, Exchange 5.5 has it, but E2K doesn’t. If you have a legacy
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
196
Chapter 5
Strategizing Coexistence and Connectivity
PC-based e-mail system that’s currently talking to a SNADS environment, or you want to set up a messaging system that can talk to SNADS (and hence OV or PROFS), you cannot use Exchange 2000 Server to do it. But take heart. In legacy installations, all you need to do is investigate what the current system is that’s working in conjunction with SNADS, then if needed update it to a version or product for which there is an Exchange 2000 Server connector. For example, suppose that you have a cc:Mail server that’s using SNADS to communicate with OV. You have an Exchange 2000 connector for cc:Mail, so your design dictates that you figure out the details involved in getting E2K and cc:Mail talking to one another through the cc:Mail connector. Alternatively, you may opt to go with the “out with the old, in with the semi-new” methodology and nail up a new Exchange 5.5 SP3 installation that uses the SNADS connector to talk to OV and routing group techniques to talk to E2K. In new installations you can set up an Exchange 5.5 SP3 installation and the SNADS connector, then set up Exchange 2000 Server to talk to the Exchange 5.5 installation. The Exchange 5.5 server would be simply acting as a connector server, nothing more, and would communicate through the routing group technology with its E2K big brother.
X.400 The X.400 connector is used to connect to foreign e-mail systems (for which Exchange does not provide a connector) or to connect to Exchange systems over a slow Wide Area Network (WAN) link. Chances are good that your installation may involve one or more X.400 connectors. I’ve worked in companies before where the WAN link between two sites was so slow (56Kb/s) that only an X.400 connector would work between the site servers. It’s no big deal, but it is different if you have not worked with X.400 before. You’ll use the X.400 connector to connect two routing groups together or to connect a routing group with a foreign messaging system. You’ll only want to use the X.400 connector to connect two routing groups when the bandwidth between them is very limited.
Miscellaneous Messaging Systems Then there’s the category of “other” or miscellaneous messaging systems, of which there are quite a few. Collabra Share, for example, is another messaging system that doesn’t have quite the audience that a GroupWise or a Notes system would have. (By the way, you can use the Migration Wizard to migrate Collabra Share.)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning for Coexistence with Other Mail Systems
197
For all other messaging systems for which there is no Exchange 5.5 or Exchange 2000 connector, use either the X.400 or the SMTP connector to integrate with the system. Consult the systems administrator’s guides or notes to figure out if there’s a way to output users’ mailboxes to comma-delimited files that the Exchange system could potentially import. In other words, for nonsupported systems, either try using a connector a programmatic method.
Planning for Coexistence with Exchange 5.5 Systems Exchange 2000 Server will happily communicate with legacy Exchange 5.5. SP3 systems through the Active Directory Connector (ADC), spoken of in more detail in the next section of this chapter.
Microsoft Exam Objective
Plan for coexistence of Exchange 2000 Server with other messaging systems.
Plan for coexistence with Exchange Server 5.5
Just as with foreign systems, there are three design scenarios to consider when faced with the prospects of maintaining a legacy Exchange system: Maintain connectivity with the legacy Exchange system permanently. You may have to do this because you’re running a connector on the Exchange system that’s not supported by Exchange 2000 Server (such as the SNADS connector, for example). Maintain connectivity with the legacy Exchange system for a temporary season. You would opt for this when you’re planning on migrating legacy Exchange mailboxes to the new system and you only need temporary connectivity to facilitate the move. Out with the old, in with the new. Some administrators may opt to simply abandon the old system and bring up the new, never bothering to maintain connectivity while transferring data from one to the other. This isn’t a completely out of reason design model because there may be some systems where the battle is so difficult to win that it makes sense to simply cut your losses and get the installation done. This decision is driven (or should be driven) very much by the user community, not by the administrator.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
198
Chapter 5
Strategizing Coexistence and Connectivity
Design Scenario: The Network Manager with the Unique Messaging Problem Penny is a network manager that works for a large corporation in which the enterprise is divided almost 50/50 between Windows NT/2000 Server and Novell NetWare 4 and 5 servers. Operationally speaking, there have been many different Chief Technology Officers (CTO) who have moved through the company and have proffered their version of what PC networking should be and what NOS it should utilize. This is how the network wound up having a confusing hodgepodge of NOSs. Furthermore, the choice of NOS depends a bit on the geographical site that one is in; some sites are strictly NetWare, others NT/2000, others a mixture of both. The site has both Exchange Server 5.5 and Novell GroupWise 4 messaging systems. There is a plan to upgrade all NT servers to Windows 2000 and convert the Windows network to Windows 2000 native mode. After that, Penny is to introduce an Exchange messaging infrastructure upgrade to Exchange 2000. Some clients log on with the IntraNetWare client for Microsoft networks, others log on to NT and utilize the Gateway Service for NetWare (GSNW) to use files and printers that are kept on the NetWare servers. Messaging clients that use the GroupWise servers run the GroupWise client. Exchange users are all using Outlook 2000. Penny’s struggling with whether to design a migration from GroupWise to Exchange 2000 server and eventually force all users to use Exchange for their e-mail system, or to simply set up the GroupWise connectors in order to facilitate a link between the two systems. Penny talks to the current CTO, Marilyn Stout, about the situation. Marilyn, who prefers to remain application- and not NOS-centric in her enterprise decisions makes it clear to Penny that the best design is one in which the clients are:
Not bothered with service interruptions.
Not likely to be confused with the introduction of a new messaging client.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Interorganizational Connectivity and Synchronization
199
And in which the servers are:
Not going to operationally suffer due to translational overhead.
Not overcomplicated due to complex interconnectivity paradigms.
Marilyn also tells Penny that she is very interested in bringing to clients virtual collaboration tools through the messaging infrastructure. After thinking about the issues brought forward by Marilyn and talking to various admin teams, Penny decides that the best design, especially in a new Windows 2000 rollout, is one in which Exchange 2000 Server strictly handles all mailboxes. Her design recommends that the Exchange 2000 rollout include temporary connectors to the GroupWise servers, that NetWare users will continue to log on to the 2000 network using the IntraNetWare client, but will eventually use Outlook to connect to Exchange for their e-mail. Once all the users are moved to Exchange, the GroupWise servers will be dismantled.
Designing Interorganizational Connectivity and Synchronization
N
ext we talk about interorganizational connectivity and synchronization. We need to touch on topics that we’ve covered in some detail earlier and others that we have not considered yet.
Microsoft Exam Objective
Design interorganizational connectivity and synchronization. Considerations include existing Active Directory environment, existing DNS configuration, Active Directory Connector (ADC) configuration, security permissions, and administrative permissions and delegation.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
200
Chapter 5
Strategizing Coexistence and Connectivity
When Microsoft says the phrase “interorganizational,” do you suppose they mean interorganizational as in “between Exchange organizations” or as in “between Windows 2000 forests, trees, domains, and OUs,” or both? The assumption would be that they’re talking about the connectivity between Exchange organizations, but you must also be cognizant of the connectivity between domains in a forest as well.
The Current Active Directory Environment If you’re not the primary designer of either the forest or the security architectures, it is important that you interface with those who were responsible for the design in order to clearly understand how it was designed. There are several different methods that a designer might use in setting up a new Windows 2000 forest. For example, suppose you have a network that consists of three or four NT domains connected by two-way trust relationships. You might decide to incorporate the four networks into one large Windows 2000 domain, then segregate the various business entities into organizational units (OUs). This is a simple design and surely more easily manageable than a bunch of trust relationships. In terms of Active Directory, because you’ve now got one large domain, you don’t have to worry about partial directory replication between Global Catalog (GC) servers in different domains. All GCs contain identical copies of the AD database. On the other hand, poorly connected domains may not get their copy as often as you’d like, and users may see some outdated information. Optionally, you might consider keeping the domains and only utilizing OUs within a domain when there is a logical business need to do so. For example, suppose that you have a domain where there are some distinct entities within them: Marketing, Sales, et al. You can see that there is a business case for separating the two into OUs even within the confines of a domain. In Active Directory terms, you must now have at least one GC within each domain (the default installation, by the way) and each domain will only show certain replicas from other domains in the directory. Installing Exchange 2000 updates the AD schema and adds to the list of items that are replicated to other GCs, but still you must understand that directory replication between domains consists of only partial replicas not the entire directory for a domain. Table 5.1 shows the schema updates that you can expect with an Exchange 2000 upgrade and whether an item is replicated to other domain GCs or not.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Interorganizational Connectivity and Synchronization
TABLE 5.1
201
The Active Directory Schema before and after E2K Installation
Active Directory Schema Attribute
Matching LDAP Attribute
Replica in GC before E2K installation?
Replica in GC After E2K installation?
No
No
Alias Name City Country
Co
No
No
Custom Attributes
ExtensionAttributexx
No
No
Department
Department
No
No
Display Name
Cn
No
Yes
Fax
FacsimileTelephone Number
No
No
First Name
GivenName
No
Yes
Home Telephone
HomeTelephone
No
No
Initials
Initials
No
No
Last Name
Surname
No
No
Mailing Address
Street
No
Yes
Manager
Manager
Yes
Yes
Office
PhysicalDelivery OfficeName
No
Yes
SMTP Address
Mail
No
Yes
State
St
No
Yes
Telephone
TelephoneNumber
No
Yes
Zip Code
Postalcode
No
No
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
202
Chapter 5
Strategizing Coexistence and Connectivity
You can use The Active Directory Schema Interface (ADSI) Edit tool that comes with the Windows 2000 Server tools (on the Support\Tools directory of the W2K CD) to edit, add, or delete entries from the Active Directory. Careless editing of AD might be a good way to kill your installation and force you to have to reinstall, so go carefully.
The Existing Domain Name System (DNS) Configuration Because Exchange 2000 uses Windows 2000 which, in turn, is completely integrated with DNS, you must understand the DNS implementation in your network. That being said, you don’t need to spend weeks drilling down on exactly how it’s working. The fact that you’ve already got a well-established Windows 2000 rollout implies that the DNS thing is being handled. Further, servers that are internal to the network don’t really need to have a Mail Exchange (MX) record in the DNS database. The only Exchange server that’s going to require an MX pointer will be the one that’s hosting the Internet Mail Service (IMS). You’ll doubtlessly have a DNS server on your ISP’s side of the network that has an MX and an A record pointing to your authoritative DNS server. You’ll also probably have a DNS computer on your side that contains an MX and an A record pointing to the Exchange box itself. In a new installation, where you’re setting up a brand new Exchange server, you’ll have to make sure that the new server’s information is in DNS prior to doing much more than a fundamental test of the hardware.
The Active Directory Connector (ADC) Configuration As we’ve talked about in earlier chapters, if you need to communicate with legacy Exchange 5.5 SP3 sites, you’ll need to install the Active Directory Connector (ADC) that ships with Exchange 2000 server. This ADC contains enhancements over the Windows 2000 ADC that Exchange requires. Once you’ve installed the ADC on one server, you have a Connection Agreement (CA) that is automatically generated for the first Exchange 5.5 server you intend to connect to. But if there are other sites and servers or even other organizations, you’ll have to set up more CAs to be able to initiate a dialog between them and the Exchange 2000 server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Interorganizational Connectivity and Synchronization
203
You need the ADC because it is the way that legacy directories talk to AD. Since Exchange 2000 server is based upon AD, you have to have a method of populating the legacy Exchange 5.5. directories into AD. Connection Agreements can be one-way from either the Exchange 5.5 directory to AD or from AD to Exchange 5.5, or they can be two-way. The first installation of the ADC will generally create a two-way CA, as shown in Figure 5.1. New CAs are easily created by simply opening the Active Directory Connector MMC from Start Programs Administrative Tools, right-clicking the ADC icon and selecting New Recipient Connection Agreement or New Public Folders Connection Agreement. FIGURE 5.1
The ADC General tab
When setting up a CA, you can select from one of three authentication methods: basic, Windows Challenge/Response (MS-CHAP), or Windows Challenge/Response using SSL. Obviously, stronger authentication is always preferable, but the service account that the Exchange 2000 server is using will be utilized in the MS-CHAP and MS-CHAP SSL negotiations and needs to be valid on the Exchange 5.5 server side. Fortunately you can configure the CA
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
204
Chapter 5
Strategizing Coexistence and Connectivity
with a different account name, even from a different domain (as long as a trust relationship exists), so it doesn’t need to be too complicated. See Figure 5.2. FIGURE 5.2
The ADC Connections
You can also choose to set the replication on a schedule. The default for a CA is to be allowed to run from 6 A.M. to midnight, with midnight to 6 A.M. not allowed, as shown in Figure 5.3. Note that you can force an entire directory replication at next replication time by checking the check box at the bottom.
Note that the default replication time is Always, perhaps not such a good choice for networks that are heavily loaded.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Interorganizational Connectivity and Synchronization
FIGURE 5.3
205
The ADC Schedule tab
The From Exchange tab allows you to configure the various Recipients containers that you have in your organization for replication from legacy Exchange systems to AD, as shown in Figure 5.4. FIGURE 5.4
The ADC From Exchange tab
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
206
Chapter 5
Strategizing Coexistence and Connectivity
Ditto for the From Windows tab, shown in Figure 5.5. FIGURE 5.5
The ADC From Windows tab
And finally, in the Details tab you can key in an administrative note (or notes) about this particular CA. You initiate a replication by simply highlighting the CA of choice, rightclicking it, and selecting Replicate Now. The ADC CAs turn out to be helpful on either the coexistence of other messaging infrastructures or during the migration to E2K. There are four helpful ways you can utilize them:
By allowing you to replicate directory information from a legacy Exchange server to AD
By allowing you to replicate directory information from AD to a legacy Exchange server
By allowing you to centralize your directory management through one MMC console
By allowing you to maintain a happy coexistence between legacy Exchange 5.5 boxes and your Exchange 2000 site. As noted above, you may have to do this kind of thing to support foreign e-mail systems for which there is no suitable X.400 or SMTP connector capability.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Interorganizational Connectivity and Synchronization
207
Security Permissions Security Permissions in the Exchange 2000 system are assigned at the parent object and can then be modified in child objects. For example, you may navigate through the Exchange System Manager (ESM) to the Administrative Groups node, select an administrative group, select a server, right-click it, and select Properties to bring up its properties sheet. Then click the Security tab, and you can see the permissions for the parent object, an Exchange server, as shown in Figure 5.6. FIGURE 5.6
An Exchange server’s Security properties.
By checking the Allow Inheritable Permissions from Parent to Propagate to the Object check box, you’re enabling a child object’s inheritance from a parent object, which may or may not be a good idea. This is a design decision on your part. Clicking the Advance tab of the Security properties sheet, the first screen of which is shown in Figure 5.7, allows you to obtain more granular control over the individual groups, computers, or users granted access to the object. It also allows you to enable auditing, as well as set auditing features, and to take ownership of an object.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
208
Chapter 5
Strategizing Coexistence and Connectivity
FIGURE 5.7
The Advanced option of the Security properties sheet for an Exchange Server object
In the case shown above, the permissions set at the server object level would propagate down to the Mailbox store level. But you may want to adjust the Mailbox store permissions so that they’re different from the parent object. It’s very important to pay attention to the security details, especially with regard to who gets what permissions on which objects. You’ll detail the security design at design time but modify the security at installation time. There is a workaround for this kind of control, and we’ll talk about it in the next section on administrative permissions.
Administrative Permissions and Delegation Administrative permissions are handled by administrative groups. You can create multiple administrative groups, add servers to these groups, and then add mailbox and public folder stores to the servers. Administrative group permissions can then be set in such a way that specific groups of people are able to administer specific administrative groups. You can gain fine granular control of the administration of your Exchange deployment using this technique. Delegation is the sticky point with administrative groups. Suppose that you create an administrative group for a site, call it Site A for grins, and you
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Interorganizational Connectivity and Synchronization
209
give the Site A admins group permission to administer this administrative group. Delegation implies that Site A admins can do two things:
Add other administrators to the administrative group, something you may not want to happen.
Add other members to the Site A admins group, which automatically gives the new addition permission to administer the administrative group.
To delegate control to a specific group or user, run the Exchange Administrative Delegation Wizard by right-clicking your new administrative group and selecting Delegate Control, as shown in Figure 5.8. The wizard allows you to add a user or group and then select the administrative control (called an Exchange Role) they’ll have over this administrative group: Exchange Administrator Can fully administer the Exchange system including the addition, deletion, and renaming of objects. This admin cannot set permissions. Exchange Full Administrator Can fully administer the Exchange system including the addition, deletion, or renaming of objects and setting their permissions. Exchange View Only Administrator Can only view Exchange information. FIGURE 5.8
The Exchange Administration Delegation Wizard
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
210
Chapter 5
Strategizing Coexistence and Connectivity
The total security design thus requires the designer to consider which groups are going to administer the various administrative groups, what roles they will play, and what permissions they’ll have. A security design also includes consideration of the level of granularity to apply to auditing, and whether to enable the inheritance from parent to child objects. Lastly, if the ADC is involved, it’s important to consider the account and its permissions that will be required for replication between Exchange and Windows.
Design Scenario: Adding a Group to an Administrative Group Juan is the administrator of an Exchange 2000 system. He has set up some administrative groups for a few geographic sites in the company. Juan would now like to begin delegating authority for these administrative groups to the remote admins at each site. The Windows 2000 deployment consists of three domains within the same contiguous namespace. The forest is set to native mode. Juan uses the Active Directory Users and Computer’s MMC to create Exchange admin groups in each domain. He then populates the new groups with the usernames that will be allowed to administer the administrative group for that site. Finally, he runs the Exchange Administration Delegation Wizard for each administrative group and adds the new sitespecific Exchange group that he just created and removes the Domain Admins group from each.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
211
Summary
This chapter has considered two different things: Allowing Exchange 2000 server to communicate with other e-mail systems, and working with the ADC, permissions, and Administrative Groups. Exchange 2000 Server provides several connectors that you can utilize when working with certain foreign e-mail systems such as cc:Mail, Lotus Notes/Domino, MS Mail, and GroupWise. Exchange 2000 also provides a Migration Wizard that can be used to migrate user mailboxes, schedule information, public folders, address books, and applications from these various systems into Exchange. The Migration Wizard can be used with Collabra Share as well. For those systems for which there is no specific connector, it may be possible to use the X.400 or SMTP connectors to establish some sort of connectivity. Exchange 2000 Server also supplies some source extractors that you may be able to use to extract mailbox information from one system in order to move it into Exchange. There are source extractors for MS Mail for AppleTalk Networks, IBM PROFS, NetSys (formerly Verimation) MEMO, and Digital ALL-IN-1. It’s possible that you may have to maintain a legacy MS Mail or Exchange 5.5 (or earlier) site that has a gateway or connector on it for communication with a foreign system, just to keep the tie intact. Design considerations include whether to migrate or maintain status quo connectivity or, optionally, to simply bag the old the system and come up with the new. Mailbox owners should drive these decisions for you. We also talked about the Exchange Active Directory Connector (ADC) and what is involved with setting up new connections to other legacy Exchange servers. You can control whether the conversation is one-way or two-way and you have control over the authentication and account that is used. We covered the permissions for Exchange objects and talked about the Exchange Administration Group Wizard, which helps you add users or groups to Administrative Groups.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
212
Chapter 5
Strategizing Coexistence and Connectivity
Key Terms Active Directory Connector (ADC) cc:Mail (DaVinci cc:Mail) Connection Agreement (CA) connector Domino (Lotus Domino) gateway Lotus Notes Mail Transfer Agent (MTA) Microsoft Mail for AppleTalk Networks (MacMail) Microsoft Mail for PC Networks (MS Mail) Multiple Virtual Storage (MVS) NetWare Loadable Module (NLM) Notes (Lotus Notes) OfficeVision (OV) Plain Old Telephone Service (POTS) postoffice (PO) Professional Office System (PROFS) Routing and Remote Access (RRAS) schema source extractor Systems Network Architecture (SNA) Systems Network Architecture Directory Services (SNADS) TAO Virtual Address eXtension (VAX) Virtual Memory (VM)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
213
Review Questions 1. You have a legacy Exchange 5.5 SP3 server that you need to connect
to in order to migrate mailboxes to your new Exchange 2000 server. What facility will you use to accomplish this? A. Exchange 2000 Server X.400 connector B. Exchange 2000 Server SMTP connector C. Exchange 2000 Server site connector D. Exchange 2000 Server Active Directory Connector 2. You have a mainframe computer running IBM OfficeVision (OV).
The mainframe is using SNA. How can you set up connectivity between the OV system and Exchange 2000? A. This is not possible. B. Maintain an MS Mail or Exchange 5.5 system utilizing the SNADS
gateway or connector. C. Use the Exchange 2000 X.400 connector. D. Use the Source Extractor for PROFS. 3. You have three Novell GroupWise 4 servers, each with one postoffice
(PO) with which your Exchange 2000 deployment needs to connect. How many GroupWise connectors should you install? A. 0 B. 1 C. 2 D. 3
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
214
Chapter 5
Strategizing Coexistence and Connectivity
4. You’ve created a new administrative group and are now editing its
permission possibilities. You wish to grant administrative permissions to another group. What should you do? A. Open up the Security properties for the administrative group and
add the users or groups you desire. B. In Active Directory Users and Groups, modify the group permissions
for the group you wish to grant access. C. Run the Exchange Administration Delegation Wizard. D. Modify the permissions for the organization. 5. You’ve got about 150 Macintosh users in your company that are utiliz-
ing Microsoft Mail for AppleTalk Networks (MacMail). You want to allow these Mac users to be able to use the new Exchange 2000 system. What do you do? A. Install the Exchange 2000 MS Mail connector. B. Run the Migration Wizard to move the Mac user’s mailboxes to E2K. C. Use the MacMail Source Extractor to extract their mailboxes then
read them into the E2K system. D. Nothing you can do but maintain the legacy system 6. You have a legacy Exchange 5.5 SP3 server in a remote site to which
you’ve connected using a Connection Agreement (CA). Users are now complaining of slow speeds between the two locations. What can you do to help the problem? Select all that apply. A. Modify the CA’s properties for periodic replication. B. Modify the CA’s properties for nighttime replication. C. Adjust the bandwidth settings used by the CA. D. Set the CA for one-way replication.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
215
7. Cindy is a member of the Domain Admins group for the domain
VeryBigCompany.com. You don’t want Cindy to be able to administer the Exchange 2000 servers, but she should be able to administer the domain. What should you do? A. Remove the Domain Admins group from the Administrative
Group for each Exchange 2000 server. B. Create a group called “Denied Admins,” add Cindy’s account to
this group and then change the server’s permissions to add this group to the denied list. C. Run the Exchange Administration Delegation Wizard to specifically
remove Cindy from the list of authorized administrators. D. Use Active Directory Users and Computers to modify Cindy’s
account to remove her from the Exchange Administrators group. 8. You have a Lotus Domino installation that you’ve been told to convert
to Exchange 2000. The company’s software developers have produced several snap-in programs that users utilize in Domino. How can you get these applications moved into Exchange 2000? A. This is not possible. B. Use the Exchange Migration Wizard. C. Obtain the Domino Apps Converter kit (DACK) from Lotus. D. Install the Exchange 2000 Lotus Notes connector. 9. You have three MS Mail postoffices (POs) in three different geographic
sites. You want to connect them to your new Exchange 2000 server. What things will you need to accomplish this? A. Exchange 2000 MS Mail connector B. MS Mail gateway C. MS Mail dir-sync D. MS Mail MTA gateway E. MS Mail MTA connector F. Configure the MS Mail servers
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
216
Chapter 5
Strategizing Coexistence and Connectivity
10. You have two Exchange 2000 routing groups that you want to con-
nect together with a connector. The WAN connection between the two routing groups is a full T1 frame relay connection. What connector do you use? A. Exchange 2000 SMTP connector B. Exchange 2000 site connector C. Exchange 2000 routing group connector D. Exchange 2000 X.400 connector
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
217
Answers to Review Questions 1. D. You’ll install the Active Directory Connector (ADC), point it to the
organization site in question, migrate the mailboxes, then dismantle the old server. 2. B. You’ll probably have to set up an MS Mail or Exchange 5.5 server
to provide a SNADS connector. (In MS Mail terminology, a connector is called a gateway.) You’ll also have to maintain a Microsoft SNA Server for SNA connectivity to the host. 3. D. You’ll need one GroupWise connector per GroupWise PO. Since
you have three servers each of which is hosting one PO, you need three connectors. 4. C. Exchange 2000 Server comes with an Exchange Administration
Delegation Wizard utility that allows you to apply administrative permissions to new administrative groups or modify existing ones. 5. C. Exchange 2000 comes with a Microsoft Mail for AppleTalk Net-
works Source Extractor that allows you to grab the information from the MacMail mailboxes then load them into the new Exchange server. Mac users can then use either Outlook for Macintosh or a browser and Outlook Web Access (OWA). 6. A, B. There is no bandwidth adjustment in a CA’s property settings
and setting the CA for one-way replication won’t solve your problem and may possible get you into trouble. You’d either set the CA so that it doesn’t replicate always (the default for CAs) or set it so that replication occurs at night. 7. B. Probably the best option is to specifically add Cindy’s account to
the security for each server, then specifically deny her each of the possible permissions: Full Control, Read, Write, Execute, Delete, and Read permissions. Note that if inheritance is turned off, you may have to apply this technique to child objects as well.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
218
Chapter 5
Strategizing Coexistence and Connectivity
8. B. Installing the Notes connector will allow Notes and Domino servers
to talk to Exchange, but it won’t convert the Domino apps. For that you’ll need to run the Exchange Migration Wizard, included on the E2K CD. 9. A, E, F. You need to install the MS Mail connector at the Exchange 2000
server, configure the MS Mail servers to be able to talk to the E2K server, then start the Windows 2000 MS Mail MTA connector service. You can talk to more than one MS Mail using a single MS Mail connector. 10. C. The WAN connection is robust enough not to have to be concerned
about bandwidth issues. If it were, you’d use the X.400 connector, but since it’s not, you can go forward with the default E2K routing group connector.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Three-Ring Messaging Circus
219
Y
ou should give yourself 10 minutes to review this case study, diagram as needed, and complete the questions for this mini-test.
Background You are the network manager for a large gas and electric utility in the Midwest. The organization has an IBM 3290 mainframe computer running IBM OfficeVision. There is also a network of about 250 Macintosh computers using MS Mail for AppleTalk Networks and an older Exchange Server deployment. The utility has business offices in many cities expressly for the purpose of taking electric bill payments, working with delinquent customers, turn-ons and shut-offs of service, and other service-oriented items. Oftentimes, because most of the billing transactions that are utilized are host-based, there are only 3279 dumb terminals installed at these locations. Some locations are more up to date with PCs and 3270 terminal emulation software running on them. The mainframe is SNA-based.
Current System The central network consists of three Exchange servers, (two of which are on Exchange 4, one on Exchange 5.5), and an AppleTalk server running MS Mail for AppleTalk Networks. In five of the larger remote sites there are additional Exchange servers, each of which is running Exchange 4. None of the messaging systems are connected with one another.
Problem Statement Your job is to design a system upgrade for the messaging infrastructure. Specifically your charge is to come up with a design that will allow OfficeVision to be removed from the mainframe and all users to utilize server-based e-mail. You report to the Network Manager. Network Manager “You’ll need to work hand-in-hand with the host configuration people in order to facilitate any mainframe changes. I need
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Case Study: The Three-Ring Messaging Circus
CASE STUDY
220
Chapter 5
Strategizing Coexistence and Connectivity
a design document and a project plan that stakeholders can review before we can go ahead with any recommendations you make.” Mainframe Manager “We run SNA on the host. We’ve not yet installed 3270E.” Macintosh Network Administrator “You’ll need to guarantee me that my clients can continue to access their e-mail once we’re converted to the new system. My clients are happy with what they currently have.”
Maintainability Part of the reason you see for moving to a centralized messaging environment is to get rid of the mish-mash of messaging systems you’re currently maintaining. Mainframe Manager “Some users aren’t targeted to get a PC until next year. We have good luck with the 3270 emulation client software that we run on the PCs, so I’m not against migrating host users to a PC.” Macintosh Network Administrator “I know very little about NT, let alone Windows-based messaging.”
Performance Three of the five sites only have a 128Kbps connection, even though the sites each have a hundred or more users. This is because host SNA connectivity is run through a different connection entirely. The other two sites have a 512Kbps connection.
Security Because the company is a publicly held utility, there are many regulatory concerns. Because of this, the company’s managers are very concerned about making sure that security is always maintained.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Three-Ring Messaging Circus
221
1. What will be your chief concern relative to this project? A. Mainframe using SNA only B. AppleTalk Server C. Remote-side bandwidth D. Security 2. How will you connect the MS Mail for AppleTalk Networks to the
Exchange 2000 server? A. Use the Exchange 2000 MS Mail connector. B. Use the Exchange 2000 SMTP connector. C. Set up an MS Mail server and connect to the AppleTalk server with
a gateway. D. It cannot be done. 3. What connector do you suppose is being used between the remote
offices and the central Exchange site? A. X.400 B. Exchange site connector C. SMTP connector D. Exchange routing group connector 4. What security precautions will you need to take to assure that all
converted users are allowed to use the Exchange system? A. Create a user account for each in Windows 2000. B. Create a user account for each in Exchange 2000. C. Set up a Certificate Authority server. D. Set up the Key Management Server (KMS).
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Questions
CASE STUDY
222
Chapter 5
Strategizing Coexistence and Connectivity
5. Using the resources and connections in the figure below, construct
the intermediate system that you’ll need to set up in order to facilitate the migration.
Connections: Exchange 2000
Mainframe
SNA Server
SNA Source Extractor ADC CA
Exchange 5.5
AppleTalk Network
6. Looking at the table below, pick tasks as needed from the right column
and place them in the left column so that you come up with a completed RRAS/RADIUS installation. Task Categories
Tasks
Mainframe
Create Exchange administrative groups
AppleTalk Server
Create Windows 2000 user accounts
Remote Exchange Sites
Install X.400 connector(s)
Central Exchange Site
Install routing group connector(s) Set up routing groups Install ADC & Configure CA Get PCs installed for those clients still on dumb terminals Upgrade to Exchange 2000 Run Delegation Wizard Upgrade to Exchange 5.5 SP3 Run Source Extractor
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Three-Ring Messaging Circus
223
1. A. You have a big problem because the host is only using SNA for its
protocol. There is no Exchange 2000 connector for SNA-based hosts. 2. D. While answer C is theoretically possible, good luck finding the MS
Mail diskettes! Even better luck finding the gateway diskettes! Answer D is accurate because you’re asked how you’re going to connect to the AppleTalk network, which cannot be done. But what you can do is run the Source Extractor that comes with the Exchange 2000 CD, then populate the Exchange 2000 Server GAL from the extracted file. You’ll also have to train the Mac users how to use Outlook for Mac or OWA. 3. A. The X.400 connector is used for sites with very slow connections.
The Exchange site connector is new to Exchange 5 and the remote offices are still running Exchange 4. The SMTP connector is new to Exchange 2000 as is the Exchange routing group connector. 4. A. Each user will have to have a Windows 2000 account in order to
be able to use the Exchange 2000 system, including the Mac users. No further authentication is necessary since the Exchange system uses NTLM for non–Windows 2000 and Kerberos v5 for Windows 2000 users. The question did not ask about protecting inter-site connectivity, which is a different security item you’d need to examine thoroughly.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
Answers to Questions
CASE STUDY ANSWERS
224
Chapter 5
Strategizing Coexistence and Connectivity
5. You’ll need to connect to the Exchange 5.5 server with the ADC and
a CA. You’ll use the Source Extractor for PROFS to grab the mailbox data from OfficeVision to populate into Exchange. You’ll use the Source Extractor for MS Mail for AppleTalk Networks to do the same thing for the AppleTalk server.
Exchange 5.5
ADC CA
Exchange 2000
Source Extractor
Mainframe
Source Extractor
AppleTalk Network
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Three-Ring Messaging Circus
225
Task Categories Mainframe Run Source Extractor AppleTalk Server Run Source Extractor Remote Exchange Sites Set up routing groups Install X.400 connector(s) Install routing group connector(s) Upgrade to Exchange 2000 Central Exchange Site Create Windows 2000 user accounts Install ADC & Configure CA Get PCs installed for those clients still on dumb terminals Upgrade to Exchange 2000 Run Delegation Wizard Wrap-up: Start by figuring out what Windows 2000 accounts need to be created for all users who don’t yet have an account, and get someone going on that task. Next, run the Source Extractors for the two disparate systems. You’ll need programming help at least for the OfficeVision side, possibly the AppleTalk side as well. Get the Exchange servers upgraded to Exchange 2000 and validate whether they need a Routing Group or X.400 connector, depending on the bandwidth. Run the Delegation Wizard to add administration groups to the various remote site servers. Train the new users how to use the Exchange system. Get those users who are still on 3279 dumb terminals updated to PCs, get some terminal emulation software going for them, and get them on Outlook for their e-mail. Total project time: at least a year, provided you have the help you need.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
6. See chart below.
Chapter
6
Designing Your Exchange 2000 Servers MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Designate and design servers. Server configurations include front-end, back-end, connector, client computer access, Chat Service, Instant Messaging, free/busy, virtual vs. physical, mailbox, public folder, and multiple protocol. Design server hardware and disk configurations to achieve fault tolerance and increased performance and to provide for a backup strategy based on server role.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
T
his chapter is about the server farm—more accurately, the Exchange server farm. Do you think “farm” is a funny name for a bunch of servers collectively operating one enterprise application? Not so, if you think about it! The role of a farm is to wind up with a harvest. With a group of Exchange servers working harmoniously together, the harvest is a network full of happy e-mail users. Stretching the metaphor a bit further, just as farmers make sure that their farm implements are well prepared for the summer season and fall harvest, so must you prepare the servers you’re going to use in your deployment. Server farms are only a part of the enterprise, but they’re a very significant part. Fortunately, for most admins, they’re also the part of the enterprise that’s best understood.
Designating Server Configurations
N
ew to Exchange 2000 Server is the capability to separate certain server processes onto different servers. This distribution isn’t quite as diverse as it may sound at first. You can’t choose to segment a lot of different server processes to run on a host of different servers. But you can segment a bit.
Microsoft Exam Objective
Designate and design servers. Server configurations include front-end, back-end, connector, client computer access, Chat Service, Instant Messaging, free/busy, virtual vs. physical, mailbox, public folder, and multiple protocol.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designating Server Configurations
229
For example, one of the newer features of Exchange 2000 Server is its capability to leverage processing by providing a front-end server or servers for a client to connect to. E2K takes the client’s request to connect and transports it to a mailbox on a back-end server that’s actually hosting this mailbox. Another configuration option gives you the ability to provide multiple virtual protocol instances, mailbox instances, and public folder instances; in addition, you can host Chat and Instant Messaging. All of these functions may require more than one server in a robust design. So coverage of this objective centers on E2K’s server-centric character, and the attention you should pay to the design of the server farm.
Front End/Back-End Servers Because Exchange 2000 Server now uses Internet Information Server (IIS) 5 for its protocols, you can, if you choose, set up a separate Exchange server to host the Exchange protocols IMAP4, Outlook Web Access or OWA (HTTP), and POP3. This server is called the front-end server. There are several reasons you might decide to install a front-end server: To provide a POP3 or IMAP4 access point for Internet users. When POP3 and IMAP4 users come in from the Internet looking for their e-mail, they can contact a front-end box, which then finds their mailbox on a backend server and retrieves the e-mail for them, regardless of which server it’s stored on. Clients don’t have to know which specific server keeps their mailbox. The front-end intercepts the e-mail request and passes the request to the appropriate back-end server. To provide a single URL for Internet users utilizing OWA. Just as with POP3 and IMAP4, the Internet user wanting to map a URL to the network’s OWA server doesn’t have to know which computer name to connect to. Rather, you provide a single namespace to which all Internet users connect for fetching their e-mail via OWA, regardless of the number of OWA backend servers. On the DMZ as a secure connectivity point for back-end servers. Since the front-end server doesn’t have any user accounts on it, by putting a front-end server on the Demilitarized Zone (DMZ) you can provide a secure Internet logon point for users. This server is behind a firewall configured to allow incoming traffic from the Internet to access only the front-end server. As a Secure Sockets Layer (SSL) encryption/decryption server. Because SSL requires so much in the way of encryption and decryption processing, it’s
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
230
Chapter 6
Designing Your Exchange 2000 Servers
highly beneficial to provide a front-end server for this purpose. The front-end server can decrypt incoming SSL requests and encrypt outgoing requests without disrupting the back-end servers. As a go-between for IMAP4 clients. This last concept is a little different from the others. Part of the IMAP4 standard calls for the server to refer a client to another server if the resource isn’t found on the first server. Problem is, most IMAP4 clients aren’t compatible with this referral mechanism, even though the standard allows for it. This hinders IMAP4 clients when they can’t find a mailbox on the chosen resource. With a front-end server out there, however, IMAP4 clients don’t have to worry about the referring. All public folder resources are available to them, so they can find the one they’re looking for. Now that we know why the front-end/back-end server arrangement is useful, we need to know how it works. Because the process for HTTP (OWA) users is different than for POP3/IMAP4 clients, it’s worth our while to delve into what happens with an HTTP user. If you’re configuring the front-end server for Internet users to access OWA through a universal namespace, you must configure an SMTP virtual server on the front-end server for each SMTP domain in the back-end. The first SMTP domain created is called Exchange. Other SMTP domains can be created and named as you like. For each SMTP domain you create and designate for the use of Internet OWA surfers, you must also create a virtual server; then you point the virtual servers to their respective domains. There’s a one-to-one correlation: virtual server to SMTP domain. This is how you set up a front-end server so that Internet users can access different SMTP domains. But we’re not done. You also have to do the same thing for public folders. The first public folder created in an Exchange server installation is called Public. You can create other public folders and make them available on the back-end servers. To create a front-end server, simply navigate in Exchange Server Manager to the server object, right-click, and select Properties. Check the This Is a Front-End Server check box. You should delete the Mailbox and Public stores from this server before you put it into production use. Consider the following design methodologies as you contemplate front-end/back-end designs:
When you have lots of users accessing an e-mail system through OWA, consider designating one front-end server for every four back-end servers. Be careful to create identical virtual directories on each server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designating Server Configurations
231
If you anticipate voluminous quantities of users utilizing OWA, IMAP4, or POP3 services from the back-end servers, consider setting up several front-end servers in a network load-balancing environment.
You may want to design a different front-end/back-end solution for each kind of environment. For example, suppose you want to host an IMAP4/ POP3 environment along with your regular messaging installation. It might be wise to consider a separate front-end/back-end system for these users.
By putting a front-end server or servers on a corporate DMZ, you provide security for the back-end servers. The front-end server answers user requests and sends them to the back-end servers.
Connector Servers In large enterprises with heterogeneous installations, it’s worth your time to consider installing a server or servers that specifically handle all the various connectors. Installation of this server is the same as for other installations, although it doesn’t host either a Mailbox or Public store. You’ll treat this server as you would a front-end server, in that you install a virtual server that points to an SMTP domain or on the main mailbox server. This sort of enterprise setup is illustrated in Figure 6.1. (Note that this server could just as easily function not only as a connector server, but also as a front-end server in a large environment.) FIGURE 6.1
An enterprise using an Exchange connector server
Connector Server
Mailbox Store Server
Public Folder Server
Copyright ©2001 SYBEX , Inc., Alameda, CA
GroupWise Server
www.sybex.com
Mailbox Store Server
232
Chapter 6
Designing Your Exchange 2000 Servers
Following are the advantages of installing a connector server:
The processing power and extra memory needed to handle the work of the connectors is offloaded to the dedicated server
The server can be easily rebooted, transparently to users
The server can be briefly taken down during working hours for repairs or modifications. Note that the key word here is briefly. Under normal circumstances you’d still want to take a maintenance outage on this server, just like any other, but you could easily bring it down long enough to pop in some more RAM or change a failed fault-tolerant disk.
Documentation of the messaging server farm is easier because you know exactly where all the connectors live.
Service packs or patches that apply specifically to connectors can easily be applied
One of the biggest advantages to you and the administrators is a system designed so that the functions are distinctly known and documented, regardless of the size of the system. If you know there is only one connector server, this makes system planning and administration much easier.
Planning for Client Computer Access Clients can access the Exchange system in a variety of ways. We’ve already talked a little bit about the various client methodologies (POP3, IMAP4, HTTP, and front-end/back-end server deployments) that you have at your disposal. But there are other considerations for the administrator, specifically relative to security and client access. These things will affect users no matter how they connect (front-end/back-end or to a regular E2K server) and no matter what client they’re using. In terms of client access, we need to think about the following categories.
Remote Client Access Clients who are employees of the enterprise and are telecommuting into the network can choose to either run the Outlook client from their remote computer, or use a browser and connect to OWA. Each method has its advantages.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designating Server Configurations
233
If the client uses Outlook to connect, e-mail download takes longer. However, the client can utilize the complete functionality afforded by Outlook (or a similar product), including calendars, notes, journals, task management, and so forth. Devotees of Outlook (of which I am one) may be willing to live with the slow phone-line download of e-mail into a mailbox. On the other hand, clients can also connect to the network and use a browser to access the e-mail server. Such clients get their calendar, public folder, and e-mail, but they get none of the other features of the Outlook (or other) client. So if you’re planning for clients that dial in to the network and then connect with a browser, consider setting up a certificate authority (CA) hierarchy and requiring users to use SSL connections when working with their e-mail. This significantly improves the security on their connections.
Note that the SSL browser requirement holds not only for clients dialing in, but for Internet clients accessing an Exchange server that you have out on your DMZ.
Partner Networks When you have a partner network that needs to connect with your enterprise to perform business functions, you’ll need to consider two methodologies: VPN and dial-in. When the partner network connects through a Virtual Private Network (VPN), you’ll want to ensure that you’ve first got in place a well-developed CA hierarchy for the distribution of certificates. Alternatively, your partner network could be responsible for certificate distribution. In this case, it’ll be necessary for you to establish a one-to-one relation with those who’ll be using the certificates to traverse your network for anything, including e-mail. (A many-to-one relationship would mean essentially that the certificate validates anyone who wants to use your network; this lessens the security that you have.) In the other partner network methodology, users in a partner network are simply going to dial in to your network or will access an Exchange server on the DMZ. For this arrangement, you should insist that the client uses either SSL for browser-based mail or digital signatures for Outlook mail. Digitally signing e-mail will require a CA. Of course, each person in a partner relationship who needs a mailbox on your server will have to have a user account created for them and will have to authenticate into Exchange using this account. Consider putting partner accounts into a separate OU in order to more closely manage them.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
234
Chapter 6
Designing Your Exchange 2000 Servers
Non-Microsoft Client Access Suppose you have Unix or Macintosh clients that need to access e-mail on an Exchange server. You can easily accomplish this through OWA, but keep in mind that each non-Microsoft client will have to have a user account and be mailbox-enabled so they can utilize the e-mail system. Services for Unix will allow Unix clients to log on to the Windows network in order to access their mail. Using OWA, however, does not require that a user be preauthenticated before bringing up a browser and connecting to the e-mail server. When attempting a connection to the server, the user will be prompted for credentials and be authenticated at that time. Consider putting non-Microsoft clients into a separate OU so that they can be managed more closely.
Web Access You may have a need to host a public folder, newsgroup, or other feature of Exchange 2000 Server on a DMZ. In such a case, your Exchange server will be on the DMZ. Be sure to carefully examine the firewall rules that pertain to e-mail servers, so that you’re sure users coming in to the server from the Internet have no more access than what they need to utilize the service you’re offering. Additionally, an Exchange server on a DMZ would be a good idea in a situation where you have telecommuters from all over the U.S. (or worldwide, for that matter) who need to access e-mail from the Internet. In an extranet setting such as this, you’ll again have an Exchange server on the DMZ, but the authentication you’ll use will be much stricter than what is required on a server hosting a single public folder. Consider requiring that these e-mail users use SSL connections into your e-mail server. Of course, a CA will then be necessary on your end for validation purposes.
Other Components One last component that surfaces rarely is the aspect of a programmatic source needing to send an e-mail. Exchange 2000 Server will support this, but you’ll have to work with the applications specialists and developers who need this setup to ascertain their exact needs and how best to supply them. For example, suppose you have a Unix system that needs to send periodic e-mail documents out to a specified group of recipients when a process has completed correctly. The Unix admins set up a SENDMAIL program that forwards the e-mail out to your e-mail
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designating Server Configurations
235
server using SMTP, and a designated distribution list and message. Your E2K box receives the e-mail, enumerates the recipients in the list, and forwards the message.
Working with Chat Service and Instant Messaging This section discusses the design aspects that come into play when you’re considering the deployment of chat services, Instant Messaging (IM), and data conferencing. When we talk about using one, all, or a mixture of these components, we say that we’re working with Exchange 2000 Collaboration.
Chat Services First of all, consider the possible impact to the network of introducing a new chat service. Bandwidth, of course, is a key factor. Will the infrastructure be able to handle the additional load of a chat stream? Not that it’s comparable to the load that a video stream might put on a network, but several users chatting will occupy their share of bandwidth nevertheless. In addition, you need to be concerned about the specific uses for the chat service. In a business setting, it may make sense to create some virtual chat arenas specifically for certain business needs, rather than opening up the chat floodgates for all users. Conversely, in a setting where you’re operating as an ISP, you’ll want to fully leverage the chat capability—this is the area that seems to occupy much of the average surfer’s time. Chat services via Exchange 2000 Server are predominantly intended for use by a service provider.
Instant Messaging When planning for Instant Messaging, the primary design consideration is the fact that each user of the service will need to have the client software loaded on his or her computer. This could be a daunting task in a network of 10,000 users. So the design question really boils down to deciding who actually needs IM. Or it may be that you are providing IM capability to everybody simply as an addition to the new system. Note that a Remote Installation Services (RIS) build that includes the IM client is one potential solution for deploying IM to all users. Alternatively, Microsoft Systems Management Server could be used to send an IM client package to designated users. When dealing strictly with Windows 2000 Professional users who are already deployed and operational, you could also consider an IM client package delivered through a group policy object (GPO). Any of these
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
236
Chapter 6
Designing Your Exchange 2000 Servers
tools allow you to get the IM client installed on a large number of computers without forcing a PC technician to visit each computer. There happens to be a bigger issue, however: You’ll need to provide training for each user who will use IM. Using the IM client is not as easy as just opening up the Global Access List (GAL), selecting a user, and setting up an IM session. Users have to select the people whom they want to be allowed to contact them. Then there’s the whole business of teaching people how to set their IM to send various status messages during the course of a day (call the user’s presence). The user might want to put up the OUT TO LUNCH presence and then come back and turn the status off after lunch. Finally, users need to realize that IM messages are not kept in the mailbox store. Once the messages are off the screen, they’re gone for good. Users cannot rely on permanence of messages they see within an IM client. In very real terms, much of the entire Exchange deployment centers around training issues—making sure that users understand how to utilize such a vast system. Outlook’s a part of it, certainly, but Exchange offers many other new features. If you’re going to utilize them, you must be concerned with training users to use them. Remember that IM is going to require special DNS entries and the creation of a virtual IM router, plus some configuration of any firewalls—in addition to user training. IM configuration can be complex for the small amount of gain realized.
Data Conferencing In the design context, installation of data conferencing will be a consideration when you’re planning to deploy enterprise-class video- and audioconferencing solutions that utilize the T.120 standard. This means more than simply purchasing the Exchange 2000 Conferencing Server component—an add-on that enables Exchange 2000 Server for H.323 video- and audioconferencing. It also means that you’ll have to shell out budgetary dollars for camera equipment, either at each desktop or in one or more videoconferencing rooms, plus the necessary audio gear that accompanies such an installation—speakers, microphones, and associated cabling. You might also be considering separate WAN links among geographic sites specifically for the purpose of providing videoconferencing, and even setting up Quality of Service (QoS) circuits for these installations. Windows 2000 Server supports QoS, but you’ll also need to have an infrastructure backbone that is able to support QoS—either QoS Ethernet or ATM.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designating Server Configurations
237
Table 6.1 shows a decision tree that you can use when making your Exchange 2000 Collaboration design decisions. TABLE 6.1 E2K Collaboration Product
An Exchange 2000 Collaboration Decision Tree
When to Deploy
Uses for This Product
Meetings That Will Use This Product
Instant Messaging
You want to provide IM capabilities to end-users.
Brief, one-on-one Informal, closed. ad hoc messaging sessions (Jenny & Bob are in a meeting, need to briefly query an engineer, Steve, at his desk).
Chat Server
You need a place where users can converse in an open forum.
You can structure chats for either ad hoc or structured meetings.
Data Conferencing
Formal conferWhen you ences in dedirequire formal video- and audio- cated rooms. conferencing, preferably with virtual whiteboarding and application sharing as well.
Required Client
Special Facilities Needed
MSN IM client Nothing or third-party other than IM client that a PC. is supported by E2K.
Team meetings. Open forum; anyone can contribute.
Restricted only to chat standards.
Nothing other than a PC.
Executive presentations. Business presentations. Large group gatherings.
E2K Conferencing Server.
Cameras, WAN links, audio gear, dedicated PCs.
Understanding Free/Busy Times Along with MS Mail and a calendar program called Schedule+ came the concept of free times/busy times. The idea is this: One server has a bunch of users on it, each of whom is probably keeping a calendar—not to mention any
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
238
Chapter 6
Designing Your Exchange 2000 Servers
public folders that may be set up as calendar folders (for things such as reserving conference rooms, checking out cars, etc.). Suppose your users need to be able to see these calendars, and my users need to be able to see yours. Oh, and we both need to see the calendars on Jenny’s server. The trading and regular updating of calendar information is what brought about the concept of free and busy times. In the E2K Server environment, free and busy times are accomplished automatically. When connecting with a legacy MS Mail deployment, the exchange of free and busy times is accomplished with a connector that manages the transfer of the data. In either case, because this data is not kept in Active Directory but is kept in the mailbox stores, replication is necessary between the servers to make sure all servers show updated calendars. In normal circumstances, this replication happens automatically. You have the ability to set up additional free/busy sessions that replicate separately from the normal replication policy between servers. Use the Exscfg.exe program to accomplish this. You can find both the Exscfg.exe and the Exssrv.exe files (explained in the upcoming paragraph) on the Support\Exchsync\I386 directory of the Exchange 2000 CD. Double-clicking the Exscfg.exe program brings up a GUI that helps you configure additional public folder or free/busy replications, as shown in Figure 6.2. Select a radio button to indicate whether you’re creating a public folder replication session or a replication you’ll use for free and busy times. Then you see the configuration screen shown in Figure 6.3. FIGURE 6.2
Creating an additional free/busy replication schedule using Exscfg.exe
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designating Server Configurations
FIGURE 6.3
239
The free/busy replication session configuration screen Exscfg.exe
When working with a partner network, you can set up intersite organization replication. You start by first building a publishing server on your end. Then the other side builds a subscribing server. Next you establish a replication agent by setting up Exchange 2000 Server and Outlook on the partner computer. You also copy the files Exscfg.exe and Exssrv.exe to the subscriber server. Next, you create a configuration file that is saved on either the publisher or subscriber server. This file contains session information. You create the configuration file by running the Exscfg.exe program and adding a new session. Notice in both Figures 6.2 and 6.3 that you can add new public folder or free/busy time replication sessions. Finally, you run the Exssrv.exe program and work through the Wizard.
Virtual vs. Physical Servers You can set up more than one Exchange server on a physical computer. You do this by setting up virtual servers. A virtual server is simply another instance of an Exchange server, designed to be used for a purpose different from the first instance of Exchange on the server. Typically, virtual servers utilize the SMTP protocol, because this protocol is the heart of E2K. Virtual servers are used for creating varieties of authentication methods. In addition, you may want to set up a separate virtual server to host one group of users apart from another.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
240
Chapter 6
Designing Your Exchange 2000 Servers
To create virtual servers, you navigate down in the ESM to the physical server you want to manage, then to the protocol to which you’d like to add the virtual server. You right-click the protocol and select New Protocol Virtual Server (where Protocol is the protocol node in which you’re creating the new virtual server). Let’s look at a specific example. You might want to set up a virtual server that houses nothing but public folders containing information pertinent to the day-today operation of the company, such as the cafeteria’s daily menu, the company’s closing stock price, HR news, and so forth. You would then grant everyone within the company—even users who have no e-mail—permissions to view such information. You’d use an HTTP virtual server instance for this purpose. Virtual servers shine when you want to apply specific authentication paradigms to specific user groups. You might create an SMTP virtual server that applies strictly to people sending Internet e-mail to the company, for example. In a case like this you might choose Anonymous authentication (as opposed to Basic or Integrated Windows), also opting to apply a unique certificate to this SMTP virtual server. In addition, you have the ability to limit the message size and the number of connections, and work with other pertinent details. You can also supply filters that will keep out messages from unwanted sources. Finally, note that you can set up a masquerade domain that is different from the normal internal network SMTP domain. (A masquerade SMTP domain is set up for specific kinds of users, say Internet users, who don’t need to participate in the entire Exchange organization but do need a place to which they can send e-mail.) Note that SMTP domains differ from DNS domains and Windows 2000 domains. SMTP domains are use to organize messages for delivery to specific parties. By using a masquerade domain, you could effectively regulate e-mail going to various e-commerce e-mail sites within your company.
Mailbox Servers Exchange 2000 Enterprise Server offers you a marvelous design opportunity when it comes to separating out mailbox servers. There are a variety of reasons why you may opt to create new mailbox or public folder stores on the same physical server. Among them are the following:
Separating executive, legal, or confidential mailboxes onto different stores
Separating mailboxes of Internet users from the mailboxes of private network users
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designating Server Configurations
241
Creating a separate mailbox store that contains only mailboxes pertaining to e-commerce, Web development, sales activity, customer support, and other “nonuser” mailboxes
Reduces the time required to restore a store or storage group.
To create a new mailbox store on a given server, simply highlight the storage group node, right-click, and select New Mailbox Store. Give the mailbox store a name and set its configuration options. Several things are of interest when configuring a new mailbox store. By default, your new store can support S/MIME digital signatures, and you can opt to turn this feature off if desired. You can also choose the drive, folder, and filename that the new store will use, different from the defaults that are supplied. You can apply mailbox size limits and set policies for the store. In a configuration where you’re planning a customer service mailbox store, some items might be of more interest to you than if you were configuring instead a mailbox store to be used for corporate executives; for example, you might not want to support S/MIME, and you might want to set a limited mailbox size. You can monitor the logons, delegate administrative permissions, and fully index the customized mailbox store just as you would any other.
The main purpose for multiple stores within a storage group (remember that each storage group can have up to five stores) is to minimize the size of each store. This permits more users to access a single physical server. Keep in mind that there is only one transaction log per storage group, even though there might be multiple stores per storage group.
Design Scenario: Setting Up Exchange 2000 in a Legacy MS Mail Environment Ramona is the network administrator for a corporation that has only a single office but several hundred users. Until recently, her management has been content with the MS Mail deployment at the company. With the advent of e-commerce, however, things need to be kicked up a notch in terms of the company’s Web and e-mail presence. Ramona has been tasked with recommending a suitable upgrade to a new mail system that will play in the Internet sandbox, and she’ll need to make the upgrade happen.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
242
Chapter 6
Designing Your Exchange 2000 Servers
Ramona has checked out several vendors to see what might be the best option. Since she has no NetWare servers, GroupWise was ruled out. She considers the Notes/Domino option too daunting for a smaller network such as hers, and cc:Mail doesn’t have the horsepower she’s looking for in exchange for the software’s administrative load. Because she has converted her Windows NT 4.0 network to Windows 2000 Server and has already flipped the native mode switch, she is choosing Exchange 2000 Server as the best replacement for the business needs given to her. She starts by installing E2K, including the built-in support for MS Mail, on one computer. She then sets up three different mailbox stores: one for standard users, one for Internet e-mail, and one for company executives. Next she begins a plan for migrating users, one small group at a time, off their old MS Mail server and onto the new Exchange system. She will upgrade the users’ client to Outlook 2000 and train people as she goes. Training includes how to use Outlook calendaring instead of Schedule+. Her assistant administrators help her get this task accomplished. Ramona also retrains the handful of people currently RASing, having them use their browser to point to the Exchange server for their e-mail. Next, she sets up an Exchange front-end server on the DMZ to give Internet users a place from which to send e-mail, and she points the front-end server back to the Internet mailbox store she has on the back-end main Exchange server. She works in conjunction with the Web developers to make sure that Web pages consistently show correct e-mail addresses and are working correctly. Finally, Ramona installs a good quality add-in virus scanner for her Exchange system, so that any e-mail coming into or leaving the corporation is scanned for viruses. She makes sure that the virus scanner’s signature file is updated on a weekly basis.
Designing Server Hardware and Disk Configurations
O
ur coverage of this exam objective includes discussion of the e-mail servers themselves, and how you might want to size them before installing Exchange 2000 Server. When considering Exchange servers, you must be
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Server Hardware and Disk Configurations
243
concerned not only about properly sizing the hardware, but also about fault-tolerance features that you can apply to the servers to provide a more secure messaging environment.
Microsoft Exam Objective
Design server hardware and disk configurations to achieve fault tolerance and increased performance, and to provide for a backup strategy based on server role.
Fault-Tolerance Considerations Before discussing fault-tolerance considerations, we start with the minimum requirements for an Exchange 2000 Server installation. You must put E2K on, at a minimum, a system comprising the following:
A 300Mhz computer
128MB of RAM
At least 2GB of storage space on the drive where E2K will be installed
500MB of free space available on the drive where Windows 2000 is installed
A paging file the size of physical RAM, plus 50MB
A VGA or better video card
A CD-ROM drive
These are the bare-bones minimums. You should definitely consider bumping the speed of the processor up a notch, as well as the RAM up a notch. A better configuration would be an 800Mhz or better processor and 256MB of RAM. E2K will run fine on a multiple-processor Windows 2000 installation. Keep in mind that you need Windows 2000 DataCenter Server to run anything beyond eight processors. Microsoft developers are experts at writing Symmetric Multiprocessing (SMP) code in enterprise apps such as Exchange server, and choosing an SMP box will be to your benefit especially in a single-server deployment. More important is the fault-tolerance consideration when designing the new server. You want a hardware Redundant Array of Inexpensive Disks (RAID) controller card or cards, and high-speed (10,000 rpm) Small Computer System Interface (SCSI) hard drives to go with the controllers. The RAID
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
244
Chapter 6
Designing Your Exchange 2000 Servers
card will not only help offset the Input Output (I/O) demands on the CPU, but will also enhance the disk I/O that you experience on the computer. Providing good-quality, high-speed SCSI disks on a hardware RAID controller configured for a RAID-5 array is an optimal configuration. Keep in mind that with RAID-5 you gain more by buying more drives due to the n-1 rule. In other words, you can set up a RAID-5 array with as few as three hard drives, but due to the n-1 rule you only gain two drives’ worth of space out of the array, the rest being taken up by the parity stripe. If you instead buy additional drives, say six, you then get five drives’ worth of space out of the array. In a RAID-5 array, it’s advantageous to add disks. By setting up a RAID-5 array, if any one of the disks goes bad you can replace it without any harm to the system. If more than one drive goes bad…well, that’s a different story. Study the manual that comes with the server you buy, and make sure you understand how to replace a bad disk in a fault-tolerant drive array. The instructions vary by vendor. You might also consider buying a larger server containing two drive cages and populating both drive cages with high-speed SCSI drives. For this arrangement you can set up a RAID-50 configuration where you’re configuring a mirrored RAID-5 array. You have a RAID-5 array running in drive cage A, and it’s being mirrored to drive cage B. You can either use the system motherboard’s built-in SCSI adapter or, preferably, a hardware RAID-array controller card. In any case, the motherboard is a single point of failure (SPOF), as is the RAID array card. Note that there are other RAID environments such as RAID-1+0, RAID-10, and enhanced RAID that may more adequately fit your needs. An hour or two spent reviewing the latest RAID techniques may be highly beneficial in your planning. If you’re eliminating SPOFs in designing fault tolerance, consider putting Exchange 2000 Server on a server cluster, where two or more servers are sharing storage. Each server in the cluster is called a node—Advanced Server supports two-node clusters, and DataCenter Server supports four-node. Since the data is running in a shared storage environment, you still have a SPOF in the RAID array cabinet itself, but you have eliminated the potential that a single motherboard failure will bring down the system. Load balancing—known as Network Load Balancing (NLB) in Windows 2000 parlance—is a different method of clustering. Okay, it’s quasiclustering. In an NLB scenario, you’re essentially spreading the load across multiple servers so that if one goes down, another can pick up the load. Use NLB in Web server or database configurations it is unacceptable for users to suffer downtime. Exchange can work with NLB.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Server Hardware and Disk Configurations
245
A highly fault tolerant, wonderfully scalable solution is to put Exchange servers on an NLB configuration as a front-end to support a large number of users, and then have the back-end on a shared storage cluster. The optimal E2K configuration is thus: OS on RAID-1 (mirror), each storage group’s logs on a separate RAID-1 drive pair with nothing else on them, and each storage group’s stores on one or a collection of RAID-5 volumes.
When configuring E2K’s disks, configure one partition for the system OS, one for the Exchange server and database (store) files, and another for the transaction logs. If possible, put the transaction logs and the databases on separate disks, thus preventing harm to the logs should the database drive go down. Use double-drive cages to accomplish such a scenario.
Increasing Performance There are several methods for increasing the performance of your E2K server. The first is a physical arrangement. If a new installation of Exchange 2000 Server is giving you performance fits, it’s a very good possibility that it’s suffering from a lack of physical memory. It’s been my experience that servers have a way of getting forgotten and neglected after deployment time. As they gain load and usage, their physical RAM slowly gets chewed up and they begin eating into the pagefile—which, as we all know, is incredibly slow. Make it a habit to check Task Manager regularly on all of your servers, to ascertain if they’re RAM starved. Most admins underestimate the significance of RAM starvation. You can also leverage E2K’s excellent capability to offload server components, by designing the system with various servers set up for particular functions. For example, you may want to designate a single server as the connector server for a site. You might organize a front-end/back-end scenario to provide a high-capacity interface for users to connect to, while allowing the database servers to do what they do best: fetch data.
Remember that the network infrastructure is playing a role in the Exchange system’s performance. It doesn’t matter a whit that your servers are highquality performers if the infrastructure can’t get the data from point A to point B in rapid time.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
246
Chapter 6
Designing Your Exchange 2000 Servers
Designing a Backup Strategy for Your E2K Servers Because Exchange 2000 is integrated with Windows 2000 Server, you have additional details to pay attention to when considering backups. You’ll be backing up three categories of data: Exchange Data This category includes data files for the Information Stores (IS), Key Management Service (KMS), and the Site Replication Service (SRS). Exchange data contains individual mailboxes, public folders, and other data. Note that the SRS is maintained by Windows 2000, not by E2K. Exchange Configuration Data The Exchange configuration data contains information pertinent to administrative group, server, security, and virtual server settings. Note that some of this data resides inside Active Directory (AD) and the Windows 2000 Registry, not in Exchange itself. The KMS database, too, is considered to be a part of configuration data. Windows 2000 System State The System State includes the Windows 2000 Registry, the IIS metabase (a database containing system configuration information), and Common Object Model (COM+) registrations. If you opt to use third-party software to back up your enterprise servers, you’ll need to check with the manufacturer to see if the product you’re using is compatible with Exchange 2000 and to find out about updates that you need to apply. Oftentimes you have to purchase a separate module for your backup software that will allow it to specifically back up Exchange. Since Exchange 2000 can have up to six databases per storage group, with as many as 15 storage groups per installation, an earlier Exchange module won’t work in a multiple database environment. And earlier backup versions probably won’t work even with a single database because they’re “trained” to backup the IS and Directory Services (DS)—although the DS is now integrated into AD with Windows 2000. It’s key to make sure that the enterprise backup software you’re using will back up the Windows 2000 configuration data (along with AD), as well. Consult your product’s system documentation or contact the manufacturer for more information. And don’t be stopped by the fact that your expensive backup software won’t back up Exchange 2000. Until your vendor has an update for E2K, you can use good-old NTBACKUP.EXE to get the job done. NTBACKUP will work to back up the Exchange databases, the SRS information, and the System State, all in one fell swoop.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Server Hardware and Disk Configurations
247
Using NTBACKUP.EXE To launch the Windows 2000 backup program (NTBACKUP.EXE), click Start Programs Accessories System Tools Backup. Many changes have been made to this always-reliable program. In the Welcome tab, you can choose to run a Backup, Restore, or Emergency Repair Disk (ERD) Wizard, as shown in Figure 6.4. Use the Backup Wizard to schedule regular backup jobs after you’ve configured your initial backup selections. FIGURE 6.4
The Welcome tab of the Windows 2000 Backup program
By clicking the Backup tab, you’re presented with a folder tree and details pane. Drill down in the tree and select various items to back up, as shown in Figure 6.5. Notice in the figure that I’ve selected the First Storage Group, which will pick up any E2K ISs, the SRS, and the System State component (shown in the details pane on the right). The backup location is by default the A drive. You’d probably want to point your backups to an internal tape backup drive instead. Once the backup job is configured, you can click Job Save Selections to save your configuration file for later use by the Backup Wizard. Note also that you can immediately click the Start Backup job to run an ad hoc backup job.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
248
Chapter 6
Designing Your Exchange 2000 Servers
FIGURE 6.5
The Backup tab of the Windows 2000 Backup program
The Restore tab of the Backup program (Figure 6.6) allows you to restore files you’ve saved to tape. You can opt to restore files to the original location, to an alternate location, or to a folder. FIGURE 6.6
The Restore tab of the Windows 2000 Backup program
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Server Hardware and Disk Configurations
249
In the Schedule Jobs tab, you can schedule regular backups of the system, as shown in Figure 6.7. In this figure I’ve enabled the Backup program’s toolbar and the status bar so you can see what they look like. Through the menus, you can create reports of backup/restore jobs you have run. FIGURE 6.7
The Schedule Jobs tab of the Windows 2000 Backup program
The NTBACKUP program, though not nearly as robust as commercially available backup software, is quite acceptable for the purposes of obtaining backups and doing restorations of the Exchange system and associated peripheral Windows 2000 configurations. You’ll have to resort to third-party backup software for single-mailbox restorations from the Exchange IS. You can also perform real-time backups of the Exchange databases. It’s important to make sure that the Exchange services are running when you perform real-time backups.
Backing Up Transaction Logs A transaction log is a real-time record of activity—additions, deletions, modifications—that is entered into an Exchange database. The Exchange system records transactions first into system memory, then into the transaction log, and then finally into the .EDB or .STM files relative, of course, to the type of database being written to. This makes the system operate faster because it doesn’t have to wait on getting a CPU cycle to write the information to the database. Now think about a situation where a person accidentally bumps into a server and disconnects the power (yikes!). Where is some of the Exchange data? What
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
250
Chapter 6
Designing Your Exchange 2000 Servers
isn’t written (committed) to the database is still in system memory or, more likely, the transaction log, isn’t it? You might’ve heard database administrators talking about “rolling back” to the last transaction; they’re talking about returning to the last good transaction in a transaction log. After an accidental crash, we can’t bring back what’s in system memory, but we can roll back to the last transaction in the log. Thus we have some fault tolerance in such situations. What this means to you as a designer is that you must ensure that transaction logs are backed up in addition to the Exchange databases. You’ll find these transaction logs in the MDBDATA directory of your Exchange deployment. An important characteristic of the transaction logs is that they’re 5MB apiece and can grow at a marked pace in large installations. This can create problems for you if you don’t design a large-capacity environment for your Exchange rollout. In earlier deployments of Exchange you might not have been aware of these 5MB bites and thus could run out of disk space. Microsoft provided a workaround called “Enable circular logging.” In effect, what this did was allow for one transaction log that would be overwritten once it filled up. What’s the problem with this setup? If the system goes down for some reason, you can’t roll back and get your transactions back! You can only roll back to the last transactions that are in the log. Moral of the story: Don’t enable circular logging. Plan adequate disk space for logs, instead.
In larger enterprises where you’re performing a full backup on the weekends (because backing up entire systems can take more time than you have in a single night) and incrementals during the week, these transaction logs become highly critical. It is absolutely imperative that you validate a successful run of your incremental backups each night. Otherwise, you won’t have the option of rolling back to yesterday’s data in the event of a system crash. Make sure that whatever backup method you use will accurately perform incremental backups on a reliable basis each and every night of the week.
Design Scenario: Backing Up a Single Store Alberto is an e-mail administrator for a large corporate enterprise. He has converted his system from Exchange Server 5.5 to E2K and has designed his rollout so as to provide stores for varying needs. In fact, one store he has created, called E-Commerce, serves simply as a repository for incoming Internet e-mail directed to various e-commerce e-mail addresses on the company’s Web sites.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
251
Management has directed the owners of these e-mail addresses to be sure the mail is answered each day, to guarantee that no e-mail that has gone unanswered in a single day. For legal reasons, management would also like this store emptied out each night and not backed up. For this reason, Alberto takes steps to avoid backup of the E-Commerce store. When running the Windows 2000 Backup program, he simply deselects this store so that it is prevented from being backed up.
Summary
I
n this chapter we talked about an admin’s favorite thing: servers. The Exchange server farm is a highly important consideration for the designer. It is possible to set up an Exchange deployment in such a way that you provide a front-end Exchange presence for users. Front-end servers do not contain a store; instead, they communicate with the back-end store servers. For this reason, the front-end servers must have a pointer to back-end server SMTP domains, public folders, or other protocol servers such as newsgroup servers. This seems like many servers to deploy, but E2K supports the concept of virtual servers. You can create multiple virtual servers on a single physical server. The virtual servers’ primary role is centered around the idea of separating traffic into logically segmented groupings. For example, you might want to create a virtual server for newsgroup operations—a separate NNTP server. You can also create many separate mailbox or public folder stores as well. Since Exchange 2000 has the capacity for handling thousands of simultaneous users, the databases can grow large and unwieldy. By separating mailboxes and public folders out into separate instances, you create multiple databases. This helps you to downsize the size of individual databases while maintaining system capacity. Keep in mind that the transaction logs are per storage group, not per database. All database transactions are kept in a single log per storage group. You may be interested in supplying individual servers for functions that you’re planning to implement, such as chat service and Instant Messaging. You might also consider, especially in larger deployments, the installation of a server to act strictly as a connector server—one that hosts no stores of its own. Server design includes planning plenty of disk space for the transaction logs, and extra horsepower in terms of CPU and RAM. With enterprise servers, as a
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
252
Chapter 6
Designing Your Exchange 2000 Servers
general rule it’s better to overengineer than to underestimate the needs of the system. You can use RAID-5 arrays, hardware RAID-array controller cards, servers with multiple drive cages, and RAID-50 techniques to bring fault tolerance to the table. You can also opt to put Exchange on a server cluster node, on an NLB system, or even both. One clever design is to put your Exchange front-end servers on an NLB system that in turn talks to a server cluster node on the back end. Backing up the Exchange databases involves more than just the EDB and STM files. You also have to ensure that you’ve backed up the critical Windows 2000 information in the SRS and System State, as well as the transaction logs. You can reinstall an Exchange system from CD, but you must have the databases and other pertinent data on tape to bring a system back to its original state. If you’re performing incremental backups during the week, it is absolutely paramount that the transaction logs have been accurately backed up each day, so that you’re assured you can perform a complete restoration.
Key Terms Secure Sockets Layer (SSL) back-end server Demilitarized Zone (DMZ) extranet free times/busy times front-end server Global Access List (GAL) group policy object (GPO) Network Load Balancing (NLB) Outlook Web Access (OWA) protocol servers Redundant Array of Inexpensive Disks (RAID) Remote Installation Services (RIS) server cluster single point of failure (SPOF) Site Replication Service (SRS) System State Virtual Private Network (VPN)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
253
Review Questions 1. Becky has experienced a disaster in which her Exchange 2000 Server
has crashed and she must rebuild from scratch. Becky has rebuilt the server’s OS and has reinstalled Exchange 2000 Server. Now she has to restore the databases and associated configuration information from tape. Today is Friday morning. Full backups are performed each Friday night starting at 10:00 P.M. and usually continuing through till 5:00 or 6:00 P.M. the next day. After that, incremental backups occur starting at 10:00 P.M. each night. How many tapes will Becky need to completely restore her Exchange installation? A. 1 B. 2 C. 3 D. 4 E. 5 F. 6 G. 7 2. You have a large group of salespeople who need to regularly send
status and order e-mail documents into the parent company. Up to now these people have used their laptops to dial into the HQ RAS servers. You’re thinking you can convince management that these users could dial into a 1-800 number for your ISP, then connect to an extranet to send e-mail, thus saving the company lots of money. At a minimum, what do you need to facilitate this system? Choose all that apply. A. A front-end server B. A back-end server C. A Web server D. A virtual HTTP server
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
254
Chapter 6
Designing Your Exchange 2000 Servers
3. You have a large, busy enterprise that comprises a heterogeneous
messaging environment of Exchange 2000 and GroupWise servers. What is one alternative that you could choose to curb some of your main Exchange server’s load? A. Set up a second virtual SMTP server. B. Set up a connector server. C. Segment your mailbox stores into those used by Exchange users
and those used by GroupWise. D. Set up a separate protocol server. 4. What are some methods you can utilize to secure e-mail transactions
coming in from partner networks or the Internet? A. Require authentication B. Require SSL C. Require certificates D. Require S/MIME 5. Suppose you want to set up several chat channels, but you want to have
some of the channels hosted on your server in your Miami office and others on an E2K server in your Boston office. What should you do? A. Do nothing—chat is installed by default. B. Assign the specific channels to each server. C. Create the channels on the Miami server, and set up a virtual chat
server on the Boston server. D. You cannot have more than one chat server in an enterprise. 6. Jolie is trying to access IM to communicate with a friend in another
building. She cannot find this other person in her list. Why not? Choose all that apply. A. The friend has not added Jolie to her list of IM participants. B. Jolie has not yet logged on to IM. C. IM is not running on the Exchange server. D. Jolie’s friend doesn’t have the IM client installed.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
255
7. Why would you set up an additional mailbox store on a server, rather
than simply providing another server and setting up another Exchange installation? A. Multiple physical servers compound the complexity of the installation. B. Exchange 2000 Server has a limitation on the physical servers it
can support. C. Adding mailbox stores brings scalability and performance to existing
physical servers. D. Single-server installations provide much more robust security options. 8. Amy works for a large software manufacturer. Because of this, many
different newsgroups have been developed for various software offerings that she must manage. What E2K feature could Amy use to provide some logical segmentation of the newsgroups? A. Separate mailbox stores B. Separate public folder stores C. Separate newsgroup stores D. Separate NNTP virtual servers 9. You have E2K servers in two separate sites, and a legacy MS Mail server
in a third site. How can you maintain the free and busy schedules between the three sites? A. Install the MS Mail free/busy connector. B. Install the Exchange free/busy site connector. C. Install the MS Mail MTA gateway. D. Install the MS Mail connector. 10. What information must you back up in order to make sure you’ve got
a complete backup of the Exchange 2000 system? Choose all that apply. A. Exchange data such as the IS, KMS, and SRS B. Exchange configuration data such as AD and KMS database C. Windows 2000 System State D. Exchange system files
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
256
Chapter 6
Designing Your Exchange 2000 Servers
Answers to Review Questions 1. G. Becky will need the full backup tape from Friday night, plus all six
of the incremental tapes in order to restore the system back to the day before it crashed. 2. A, B. A front-end server on the DMZ will allow your salespeople to
connect using Outlook Web Access (OWA). You’ll have the front-end server connected to a back-end server, the location of the information store. No Web server is required because E2K supplies the Web store and interfaces with IIS 5. You might choose to utilize a virtual HTTP server to segment your Web traffic from your internal users, but this question asks for elementary design characteristics. 3. B. In large environments, you can help offload your main servers by
setting up a connector server that’s strictly responsible for managing the connectors and does not participate in mailbox storage. 4. B, C, D. You can require that Web users utilize SSL when connecting
to the Exchange system. You can also require that e-mail coming from partner links be digitally signed using S/MIME. Authentication is not necessary if you’re simply sending e-mail to a user on the Exchange system, but it is mandatory if you’re using the system. Certificates are required for S/MIME transactions. 5. B. Chat is easy to set up. Just create the channels you’d like to have on
your Miami server and then do the same for the Boston server. 6. A, B. Instant Messaging users who are online and are advertising their
presence can elect to advertise only to certain individuals. It’s possible that Jolie’s friend has not yet added Jolie to her list. It’s also possible that Jolie has not correctly logged on to IM. 7. C. Exchange 2000 Server is highly scalable. Databases can grow to be
very large, however, so if there were a way to provide multiple databases, one could scale the database size while still allowing for large installations. By providing multiple mailbox stores, you can logically segment your stores as well as minimize the size of the databases involved.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
257
8. D. Each newsgroup could be a virtual NNTP server unto itself, allow-
ing for more granular control over each server. 9. D. Installing the MS Mail connector handles the replication of free/busy
information with the MS Mail post office. Note that you’ll need to do some configuration on both the MS Mail P.O. and the E2K server to get things going. Free/busy information is automatically replicated between Exchange servers in the same organization. 10. A, B, C. You need to back up Exchange data such as the databases and
transaction logs. You also need to back up the Exchange configuration data, such as that in the Windows 2000 Registry and Active Directory. You also need to back up the Windows 2000 System State. You don’t need the system files because these can be restored from CD.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
258
Chapter 6
Designing Your Exchange 2000 Servers
Case Study: Setting Up a Front-End Server on the DMZ
Y
ou should give yourself 10 minutes to review this case study, diagram as needed, and complete the questions for this mini-test.
Background You are the messaging architect for a large automobile company. Although your company isn’t heavily involved in e-commerce, it does receive vast quantities of e-mail regarding your products. The company also maintains several partner relationships, which collectively generate substantial e-mail volume.
Current System Your company maintains a huge DMZ. As shown in the following diagram, you’ve got a hardware firewall in front of the DMZ, connecting via a T3 (44 megabits per second) with your ISP. Behind the front firewall are the Web and DNS servers. In back of the DMZ is another hardware firewall connecting the private network to the DMZ. Both the private and DMZ networks run Windows 2000 Server. The network is running in native mode. You’ve installed Exchange 2000 and have it running in the enterprise.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Setting Up a Front-End Server on the DMZ
259
You envision setting up an Exchange front-end server on the DMZ. This server will have a pointer to the primary SMTP domain for Internet e-mail directed to specific users on the private network; a pointer to a second SMTP domain for e-mail that is directed toward specific, e-commerce e-mail addresses; and a third SMTP domain for partner accounts. This front-end server will talk to a single back-end server. Partner entities will be required to use S/MIME when sending e-mail to this new server. Internet e-mailers will have no security stipulations. You’ll install virus-scanning software on this front-end server, so all incoming e-mail is scanned before being delivered.
Problem Statement Is there a way to leverage Exchange 2000 to support the large amount of email that you receive from those not on the private network? You’re thinking about putting an Exchange server out on the DMZ but are concerned about security issues. Security Architect “We can set up the firewall rules so that e-mail coming in goes only to the server you want. You can then use your server to talk to an internal server.” Web Manager “Databases are not allowed on the DMZ, period.”
Maintainability It’s important that you maintain centralized control over the installation. You’d prefer that a single server handle all database operations. The internal Exchange servers were deliberately overengineered to allow for corporate growth.
Performance You have two performance concerns: the speed of the server as it scans incoming mail, and the speed of the connectivity with the back-end server. Network Manager “Network bandwidth can handle whatever connectivity you need.”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Envisioned System
CASE STUDY
260
Chapter 6
Designing Your Exchange 2000 Servers
Security Security, especially with partner relationships, is paramount. You believe that using secure signed e-mail will be sufficient for your partner accounts. Viruses are your biggest concern with incoming Internet e-mail directed at e-commerce mailboxes. Of course, you’re also concerned about the possibility of someone relaying off of the computer.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Setting Up a Front-End Server on the DMZ
261
1. What will be your chief concern relative to this project? A. Firewall configuration B. Front-end server configuration C. Back-end server configuration D. DNS configuration 2. How will you facilitate the connection of partners to your e-mail
system? Select all that apply. A. Set up a user account for each partner that needs to use the system. B. Require Integrated Windows authentication for the SMTP domain
to be used by the partner accounts. C. Require Basic authentication for the SMTP domain to be used by
the partner accounts. D. Set up an Enterprise CA to issue certificates. E. Set up a Standalone CA to issue certificates. F. Set up a Subordinate CA to issue certificates. G. Set up an Issuing CA to issue certificates. H. Require the partner to set up a CA that supports a one-to-one
relationship. 3. What relaying would you set up on the front-end server? A. Grant relaying only by private network users. B. Grant relaying for private network and partner users. C. Grant all. D. Grant none.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Questions
CASE STUDY
262
Chapter 6
Designing Your Exchange 2000 Servers
4. One partner network uses a different e-mail system from everybody
else, with a different client. What will you recommend so that these users are still able to access your system? A. Use a browser to access OWA. B. Use their e-mail client to sent SMTP e-mail to specific internal
addresses. C. Use a browser to access OWA via SSL. D. Set up a Terminal Services session for each user in this partner
network needing access. 5. Using the resources and connections included in the diagram just below,
construct the connections between a partner user and your Exchange server, and between a normal Internet user and your Exchange server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Setting Up a Front-End Server on the DMZ
263
1. A. Proper enumerating and setup of the firewall rules will make it so
that users cannot go past the front-end server and find a way into the internal network—any administrator’s worst nightmare. It’s important to make sure you’ve carefully configured both the front-end and back-end servers, but handling the security for an Exchange server sitting on the DMZ is heads above any other task. 2. A, B, G. First you’ll set up user accounts for each person in each part-
ner location that needs to utilize your e-mail system. Security dictates that each separate user be forced to log on to your server, rather than your having to set up a generic logon for each partner. You’ll also require Integrated Windows authentication for this SMTP domain, further enhancing security. Finally, you’ll set up a subordinate CA to issue certificates to partner entities. Enterprise CAs issue certificates to subordinates who, in turn, issue certificates to issuing CAs. Subordinate and issuing CAs can be on the same server. Optionally, you could require that your partners set up a CA and insist that they instill a one-to-one relationship (in which a certificate is issued per user), rather than a many-to-one certificate (in which all users connecting use one certificate; not good security). But leaving your security up to partners isn’t the best thing to choose. 3. A. Because partner accounts have user accounts created in your AD
database, technically they are private network users and you can enable relaying for only your private network people. Granting all is a security breach. Granting none would restrict relaying to all accounts. Granting all is the default, so you have to be sure you check this configuration item on DMZ servers. Note that you can grant relaying to users by single IP address, by a grouping of computers, or by domain.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
Answers to Questions
CASE STUDY ANSWERS
264
Chapter 6
Designing Your Exchange 2000 Servers
4. C. As long as the partner’s needs don’t extend beyond calendar, public
folder, and e-mail functions (which the case study seems to indicate), you could allow users in this partner network to connect to you via Secure Sockets Layer (SSL) connection in OWA. The authentication would be the same, as would the certification, and security would be as enhanced. 5.
This is a very straightforward solution. The partner who’s emailing into your site will use SMTP, as will the Internet user. What? The Internet user won’t use HTTP? No, not unless he or she accesses e-mail through a browser. The Internet client will use SMTP, just like the partner client. Wrap-up: The server design is the part of your design that you’ll probably have the most fun with. Because you have so much granularity in the protocol choices you can make with E2K, the protocol feature set you implement in your server design will play an important role. And, since E2K needs new updated equipment, far be it from you to try to use older gear when you can requisition new stuff to run the new code, eh? In most rollouts, you’ll likely stick with a very generic implementation—a few servers in a farm running standard SMTP with MAPI clients. But you should keep in mind that for those difficult computing scenarios, you’ll encounter other protocol solutions, front-end/back-end server choices and, of course, the need for robust hardware to run things on.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Chapter
Planning for Traffic Flow
7
MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Plan traffic flow. Considerations include ADC computer and bridgeheads, routing group boundaries, bandwidth, directory replication, public folder replication, existing network connection, and Site Replication Service (SRS).
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
I
n this chapter we’re specifically concerned with the flow of traffic across the Exchange messaging infrastructure. We’ll talk about various considerations including the Active Directory computer itself, interaction with routing groups, network bandwidth, and replication, among other things.
Planning Traffic Flow
Exchange 2000 Server is so vastly extensible, so capable of hosting dozens of servers and potentially millions of users, that it is important to understand the design ramifications of traffic flow. Planning the installation and maintenance of the servers involves understanding how messages are going to flow between them.
Microsoft Exam Objective
Plan traffic flow. Considerations include ADC computer and bridgeheads, routing group boundaries, bandwidth, directory replication, public folder replication, existing network connection, and Site Replication Service (SRS).
Before continuing into the details of this chapter, we must first cover a basic overview of Exchange system flow so that you understand how messages flow on one computer. We can then expand this information so that we understand the messaging enterprise as a whole.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
267
With the exception of MAPI clients, Exchange 2000 does not handle any protocol work. Protocol interaction is handled by Internet Information Services (IIS) 5, which comes as a part of Windows 2000 Server. Because of this, the following IIS protocols are usable by Exchange 2000 servers: SMTP, NNTP, IMAP4, POP3, HTTP. The default protocol that e-mail clients such as Outlook 97, 98, and 2000 will use is MAPI. The initial public folder installation will work with the usual MAPI clients, but additional public folder trees will require either HTTP or NNTP clients for access (Outlook 2000 clients can access additional public folders provided a Web page has been prepared for them in these additional folders). Other clients can utilize POP3, IMAP4, or HTTP as required. The Exchange Interprocess Communication (EXIPC) protocol handles the communication between IIS and Exchange very rapidly, so there is no sluggishness in communication. You should be aware that when Exchange 2000 is installed on a Windows 2000 system, some Windows 2000 processes are modified to enhance Exchange and Windows 2000 interaction, specifically for SMTP: Routing Engine This Exchange 2000 component provides next-hop routing information to the Windows 2000 Advanced Queuing Engine. Advanced Queuing Engine This is an IIS service that manages queues for message delivery. Message Categorizer Another Windows 2000 component (one that’s normally off in a standard Windows 2000 environment) is turned on and utilized by Exchange for managing event sinks and advanced address resolution. Extensible Storage Engine Additionally, you should also be aware of the Extensible Storage Engine (ESE). This component is used by Active Directory to manage objects in the directory. There’s a funny relationship between AD and E2K regarding the ESE. Each uses its own instance of the ESE. AD uses its instance to manage objects that intrinsically belong to AD, whereas E2K uses another instance of ESE to manage the objects that it is responsible for. Because of the capability of handling multiple protocols and disparate clients, the Exchange 2000 store, managed by STORE.EXE, actually has two databases in it, one that handles native e-mail that is not in MAPI format (the .STM file) and one that displays e-mail in Outlook Rich Text Format (RTF)—the .EDB file. The .STM extension stands for “streaming”—meaning that the data incurs no conversion, it merely streams in and out. If an e-mail is sent to an Outlook client by,
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
268
Chapter 7
Planning for Traffic Flow
say, an HTTP client, the e-mail message is stored in the .STM file until such time as the Outlook client reads it, whereupon it is brought into the EDB file and provided to the user in RTF format. This methodology allows Exchange to operate faster. Outlook clients are MAPI clients. Table 7.1 shows the files that are used for a standard Exchange server’s message flow plus their folder locations. TABLE 7.1
The Files Involved in Message Flow and Their Respective Folders Process
File and Folder
IIS
\%Systemroot%\System32\ Inetsrv\Inetinfo.exe
IIS driver
\%Systemroot%\System32\ Inetsrv\Drviis.dll
Exchange SMTP Manager
\Exchsrvr\Bin\Exsmtp.dll
Exchange Store Manager
\Exchsrvr\Bin\Store.exe
Exchange Interprocess Communication
\%Systemroot%\ System32\Epoxy.dll
Exchange Mail Transfer Agent
\Exchsrvr\Bin\Emsmta.exe
NTFS Management
\%Systemroot%\System32\ Inetsrv\Ntfsdrv.dll
Exchange Installable File System
\%Systemroot%\ System32\Exifs.sys
Advanced Queue Manager
\%Systemroot%\System32\ Inetsrv\Aqueue.dll
Message Categorizer (note that this is an upgrade to Windows 2000’s basic categorization agent CAT.DLL)
\Exchsrvr\Bin\phatcat.dll
When an SMTP message comes into the Exchange system (there are other kinds of messages apart from SMTP), it is first received by IIS’s SMTP host.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
269
The SMTP host streams the message to NTFS. The message is received by the Advanced Queuing Engine, which places it in a message pre-categorizer. The Message Categorizer, responsible for expanding the groups that the message is destined for, ascertaining mailbox size limits, and so forth, processes the message. The message is then given back to the Advanced Queuing Engine, this time in a destination queue if the message is destined for another server. If the message needs to be sent elsewhere, the Routing Engine calculates the next hop for the message, and it is passed back to SMTP. If the message is local, the Message Categorizer simply places the message in the local queue where it’s picked up by the Information Store. When an Outlook (MAPI) client composes and sends a message, the message is first sent to the Advanced Queuing Engine, regardless of the recipient. The Advanced Queuing Engine places the message in a pre-categorizer. The Message Categorizer picks up the message, expands any groups that are recipients, and checks for mailbox size limitations. The Messaging Categorizer then places the message in the appropriate destination queue(s) for delivery. Any messages that must be sent to a different server have a hop calculated for them by the Routing Engine. SMTP sends the message to the next hop. In cases where an X.400 message has been sent, the Exchange MTA simply places the message in the SMTP MTS-Out Store folder. The store picks the message up and treats it just like all other messages. So, the basic things you need to remember about message flow are as follows:
IIS handles the majority of the message interaction, including categorization and queuing.
Categorization means that any groups the message has as recipients are expanded so that the message can be sent to all members of the group. Additionally the message size limitations are checked.
Routing is handled by the Exchange Routing Engine—route hops are calculated in order to get the message to its final destination.
ADC Computers and Bridgehead Servers In our traffic flow planning, two very important E2K server activities are going to impact our design decisions: ADC computers and bridgehead servers. We begin our discussion with infrastructure ramifications as pertains to ADC computers, then finish up with bridgehead servers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
270
Chapter 7
Planning for Traffic Flow
ADC Computers When talking to some Exchange 2000 people, you’ll be surprised to find that they’ve taken the Windows 2000 mixed/native mode concepts and applied them to Exchange 2000 Server. Where in Windows 2000 you’d say that the domain is in native mode when all domain controllers have been converted to Windows 2000 and you’ve flipped the native mode switch, in Exchange 2000 you can say that the E2K domain is in native mode when all Exchange servers are running Exchange 2000. In Windows 2000 mixed mode the DCs are a combination of Windows 2000 and Windows NT 4. In an Exchange mixed mode environment, the Exchange servers are a combination of Exchange 5.5 or earlier and Exchange 2000. An Exchange mixed mode environment could conceivably consist of dozens of Exchange 5.5 or earlier servers, all in their own sites. Some sites might have two or more Exchange 5.5 or earlier servers in them, while others might only have one. When you run the Exchange Active Directory Connector (ADC) each unique Exchange site that you connect to will show up as a singular Administration Group in Active Directory. This is because Exchange 2000 does not utilize the site concept but instead requires that you create Administration Groups and, beneath them, Routing Groups. So, in a deployment where you have 20 Exchange 5.5 servers in 20 separate sites, each will show up as a separate Administration Group in AD.
The organization concept is the same in both legacy Exchange and Exchange 2000 deployments.
When considering the design of an installation in a multi-site environment such as the one above, what do you think might be the most important thing to think about? Certainly the speed of the connection between the server that’s going to host the ADC and the various site servers is of largest concern. Consider for a moment Figure 7.1 where there is such an environment but some sites have much slower WAN links than others do.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
FIGURE 7.1
271
A multi-site Exchange organization with poor WAN connections
You can see in this figure box that our 56K connection from the home Miami site to Chicago isn’t going to work very well, especially if we’re already trying to send regular legacy Exchange Remote Procedure Call (RPC) traffic across it. What to do, what to do? Certainly upgrading the speed of the circuit is called for. But provisioning a higher-speed circuit from your carrier can be a time-consuming process. In the case of Figure 7.1 we notice that there are T1 connections between two separate sites: Denver to Detroit and San Diego to Chicago. Perhaps the logical next step to take would be to install another Exchange 2000 Server in San Diego, then install the ADC on it as well. Or, alternatively, we could immediately upgrade the Chicago server to E2K and avoid the ADC connectivity that’s required in its legacy state. Because the Active Directory is available to all throughout the entire forest, we don’t have concerns about where we place ADC computers. Logical design alternatives include considering overall connectivity between sites and associated bandwidth. Where bandwidth is minimal, alternatives must be considered. It should be noted that good Windows 2000 infrastructure design precludes the notion of upgrading any weak WAN links prior to W2K rollout.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
272
Chapter 7
Planning for Traffic Flow
Bridgehead Servers In a single domain with a few Exchange servers spread across only one campus, you don’t have to be concerned about bridgehead servers or routing groups. Recall that a bridgehead server functions as an edge server in a routing group. This bridgehead server communicates with other bridgehead servers in other routing groups. Servers within routing groups communicate with each other via port 691 (prior to E2K RC1 the port was port 3044); bridgehead servers communicate via SMTP port 25. You can assign various costs to connections between bridgehead servers. If there are multiple connections to a given server, the lowest cost that’s assigned over given connections takes precedence. Figure 7.2 shows such a network layout. FIGURE 7.2
Routes between various routing group servers (RGC—bridgehead servers) with costs assigned
Looking at Figure 7.2, suppose that you’re in Denver and you want to compose a message to someone in San Diego. In examining the costs associated with sending the message to Detroit then Miami then San Diego, you
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
273
can see that we have costs of 10, 30, and 10, respectively. If we go straight to Miami then San Diego, even though we incur an initial higher cost of 20 on the Denver-Miami link, the overall cost of the trip is less than the alternative. The link-state calculation built into Exchange 2000 servers allows for the calculation of the least-cost route to a given destination. We talk in terms of source and target bridgehead servers. What would happen if the Denver–Miami–San Diego link were down? Suppose, for example, that the source bridgehead server in Denver tried to contact the target bridgehead server in Miami and was unable to. An event called a GLITCH-RETRY state occurs. The Denver bridgehead server would wait 60 seconds then retry the connection once more. Still down? A second GLITCHRETRY state would happen and be followed by another wait of 60 seconds. On the third try, if the target bridgehead server is still down, the link is set to DOWN on the source bridgehead server. The source bridgehead server notifies the Routing Group Master (RGM) server in the routing group (which may or may not be the same server as the bridgehead server). The Routing Group Master contacts all other bridgehead servers in the network to alert them of the DOWN status. The source bridgehead server sends the e-mail message through the alternate Denver–Detroit–Chicago–San Diego route. Higher cost? Certainly. Does the e-mail go through regardless of rain, snow, sleet, or hail? Yes. The source bridgehead server continues to try to contact the original target bridgehead server via port 25 every 60 seconds until contact can again be gained. At this time the DOWN status is set to UP. In a scenario where all of the links are down, the source bridgehead server goes through the same scenario as we just discussed for the original least-cost link, then tags the link as DOWN. It tries the next least-cost link, goes through the same ritual, and tags this link as DOWN as well. Once all links are tagged as DOWN, the cost of connecting the target bridgehead server is INFINITE. At this point the source bridgehead server continues to attempt to connect through routing on all links every 60 seconds. If, after 48 hours, the links are still down, a Non-Deliverable Report (NDR) is sent to the person who initially composed the e-mail message. Here are the key design points to think about when considering bridgehead servers: Redundancy Think about the need for redundant paths between bridgehead servers so that e-mail can continue to flow. This may amount to the decision to nail up WAN links between sites that previously had no connection with one another.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
274
Chapter 7
Planning for Traffic Flow
Mixed-mode routing groups Remember that you’ll have to have at least one bridgehead server at each site running vintage Exchange software in order to facilitate the bridgehead transaction. Visual Map out your network site structure. Understand what the connections are. Where there is no connection, consider putting one there. Where there are low-speed connections, consider upgrading them. Plan out the costs between the routes. For example, in considering Figure 7.2 again, how could you beef up this site diagram? Probably the first consideration you’d want to make would be to complete the links between Austin–Denver and Austin–San Diego. Next, you’d probably want to consider upgrading the Miami–Chicago and Miami– Detroit speeds. Link speed isn’t necessarily all about Exchange. Other data might be going over the wire as well. If not, then you need to figure out the normal amount of traffic that flows over these circuits, specifically what kind of message traffic is considered typical. Don’t forget that the Exchange servers are going to use these circuits as well.
You can view the status of the links through the Exchange System Manager. Navigate to Tools Monitoring and Status Status.
Routing Group Boundaries In earlier Exchange deployments, you had to consider the speed of the network connections between sites. Once you had set up a site connector between two sites, you couldn’t simply dismantle it and move it as needed. In sites with very low-speed, unreliable connections with one another, you’d opt to install the X.400 connector instead of the Exchange Server site connector. All of this connectivity was permanent. But with the advent of Exchange 2000 routing groups, you can easily reengineer your routing group design—moving routing groups and reassigning server membership as needed. Because Exchange 2000 servers usually talk to each other between routing groups using SMTP port 25, you may have some speed concerns, but you can use the X.400 or SMTP connector in these circumstances. Note that the X.400 connector isn’t a desirable option, but it may be of use to you when you have no other choice. We’ll talk about times when you can use X.400 in this section.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
275
As liberal as the new design parameters are, there are some rules that you must follow when setting up routing groups. We start with rules for Exchange servers belonging to the same routing group:
All Exchange servers that you want to belong to the same routing group must be in the same Active Directory forest. Note the key operating word—forest, implying that there can be vast geographic distances. While certainly possible, typically members of the same routing group will be in the same physical location.
There must be well-connected SMTP connectivity between the servers. X.400 isn’t allowed. The phrase well-connected means permanent, reliable, and preferably, high-speed.
All of the servers in the routing group must be able to contact the RGM.
What about scenarios where you might decide to design multiple routing groups? Are there rules (or, at the very least, reasons that you can use to justify your actions) that must be followed? There are and they are as follows:
When the previously mentioned routing group rules cannot be met.
Most important, if the network infrastructure is unreliable, where those gray unreliable areas exist you will want to split into two routing groups.
In situations where you have very low-speed connections and can do nothing to upgrade them, routing groups connected together by the X.400 connector is required.
If the message path is no longer single-hop, you’ll require more than one routing group.
When you need to queue messages or send them according to a schedule, multiple routing groups may be required.
When you have variations in the public folders that you’re going to offer to clients. You can prohibit the referral of a public folder across a routing group, thus allowing you to set up a public folder strategy that pertains to different communicative needs.
More about Public Folders In a legacy Exchange 5.5 network, a person trying to access a public folder would normally go to the copy of the folder that had been replicated to his site. In Exchange 2000 the same is basically true—clients access public folders that are in the same routing group. However, because of the routing aspect of
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
276
Chapter 7
Planning for Traffic Flow
Exchange 2000, if the public folder is unavailable in the local routing groups, clients can potentially cross routing groups to a routing group that has the public folder. The cost calculation mechanism is used to determine the next available public folder. You may not want users surfing across routing groups to access a public folder. When configuring the Routing Group Connector (RGC) from one routing group to another, select the Do Not Allow Public Folder Referrals check box found on the General tab of the RGC properties sheet.
Bandwidth Concerns Microsoft’s subliminal wake-up call is this: Think enterprise. When thinking about routing groups and Exchange server connectivity, we’re interested not only in the server farm but also in the underlying infrastructure. We must consider the enterprise. There are two categories that we must consider: Network infrastructure Each private network’s infrastructure needs to be examined and, if there are weaknesses found, improved. The network’s backbone—that connection between the Intermediate Data Facility (IDF) and the Main Data Facility (MDF)—needs to be examined to make sure its speed is adequate. Additionally, servers that need to connect directly to the backbone but do not should have this problem rectified. Wide Area Network (WAN) connectivity We’ve talked about this in the previous sections, but we need to reiterate how important the subject of WAN bandwidth is. Suppose, for example, that you had an Exchange 5.5 server in a site in Europe that had to communicate with your main headquarters office in the U.S. There might be some sort of frame relay connectivity between the two site servers—expensive transoceanic connections. Because of their expense, you might find that the connection between the U.S. and Europe might be relatively slow, potentially with a low Committed Information Rate (CIR). Now you want to come along and upgrade this site to Exchange 2000, connecting to the U.S. E2K routing group with the routing group connector. Can’t make it happen, can you? Not without sacrificing Exchange’s performance across this wire, not to mention the performance of other information trying to go across. In such WAN cases, it’s worth your while to think about setting up a Virtual Private Network (VPN) between your European and U.S. sites. In other words, leverage your ISP’s network backbone through secure connectivity to facilitate the speedy transfer of e-mail between routing groups.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
277
It’s worth a designer’s time to at least crunch through the dollar figures involved in setting up a VPN connection before throwing up one’s hands and nailing up the X.400 connector across the slow link. There is some tuning that you can perform to help with poor WAN connectivity. Exchange provides a function designed to reduce some of the workload on Global Catalog (GC) servers called the Directory Access cache (DSAccess). Directory lookups, with the exception of address book lookups by MAPI clients and some SMTP inbound/outbound routing, are cached in each local E2K server’s Registry. The default configuration of this Registry entry is to allow 4MB of directory entries to be cached for a period of 10 minutes. You can tune the Registry of E2K servers to optimize the DS cache for WAN traffic. You have three settings you can work with: the amount of time that the entries in the cache are allowed to live, the number of entries allowed in the cache, and the size of the cache. The default for the number of cache entries allowed is zero, which means infinite. Keep in mind that the code needed to run DSAccess takes up approximately 2.5MB of RAM and each cached entry will use approximately 3.6KB. The main Registry key is found at HKEY_Local_Machine\System\Current Control Set\Services\MSExchangeDSAccess. At this Registry location you’ll find the following keys:
Value name: CachingEnabled
Value type: REG_DWORD
Value data: 0x1 (Enabled), 0x2 (Disabled), Default is enabled
By adjusting the amount of time that entries are held in the cache you help out the GC server and hence improve WAN speeds, but you need to be cognizant that if you extend the time too long, you run the risk of the entries being old and not correct. Here is the value that you need to adjust, noting that these values are found in the Instance0 section beneath the previously listed Registry location:
Cache Time to Live (TTL)
Value name: CacheTTL
Value type: REG_DWORD
Value data: 0x600 (in seconds)
You could also choose to adjust the amount of entries allowed in the cache. Keeping in mind that for each additional entry you’re chewing up some system RAM, but the number of entries in the cache are limited to the
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
278
Chapter 7
Planning for Traffic Flow
amount of RAM dedicated to the cache. So unlimited doesn’t necessarily mean unlimited; it means until the amount of dedicated RAM is used up. This value is also found in the Instance0 section of the previously listed Registry key:
Amount of entries in cache
Value name: MaxEntries
Value type: REG_DWORD
Value data: 0x0 (0 means unlimited)
You may not want to do anything about the amount of entries in the cache and instead increase the amount of system memory that the cache can utilize. In such a case the following value is the one that you’ll adjust:
Amount of memory used by cache
Value name: MaxMemory
Value type: REG_DWORD
Value data: 0x0 (default is 4096, amount is in kilobytes)
In tight WAN bandwidth situations, it may make sense to adjust the amount of time that the cache is kept to, say, 30 minutes, and to seriously jack up the amount of RAM that the cache is allowed to occupy. This, of course, implies that you have adequate system RAM in the GC you are adjusting.
Directory Replication Directory replication, the notion of keeping all user and group directory information up to date, has long been a challenge in MS Mail and legacy versions of Exchange. But all of that has changed with Exchange 2000. Exchange 2000, as we’ve discovered in earlier chapters, updates the Active Directory schema with attributes that are pertinent and needed by Exchange. The schema information is then replicated, according to the schedule set up in Active Directory Sites and Services Site Name NTDS Site Settings Schedule. The entire schema is replicated to other GC servers within the domain. But when the schema is replicated to DCs that are not in the local domain, only part of each object’s attributes are replicated. You’ll probably find this difficult to believe, but this is called a partial replica. There is enough Exchange information in each partial replica so that users in another domain can, as promised by AD, locate resources in other domains.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
279
There are two interesting things a designer needs to think about when considering directory replication: sites and site links. A Windows 2000 site is a grouping of computers, regardless of the domain or domains involved, that are connected together by a common subnet. A site link is a site-to-site connection over a slow WAN link. Administrators must configure site links; they are not created automatically. Within a site, directory replication happens automatically and very frequently and follows the basic rules, that is, full replication to DCs within the domain, partial replication to the DCs in an adjoining domain. With site links, the administrator must set up directory replication schedules. When you’re forced to set up a mixed environment where you’re working with Exchange 5.5 servers using the ADC, you have a directory replication schedule that you can manage as well. Remember that the default for ADC replication is between midnight and 6:00 A.M. every day of the week. With ADC connection agreements, you’ll also have a choice of one-way from the Exchange 5.5 server to AD, one-way from AD to the Exchange 5.5 server, or two-way. The default is two-way.
Public Folder Replication Probably the most radically changed component from legacy Exchange software to Exchange 2000 focuses on the creation and replication of public folders. Administrators now have the capability of creating multiple public folder trees. Additional folder trees, also called top-level hierarchies, are kept in a single public-folder store per server and are available to nonMAPI clients such as IMAP4, NNTP, or HTTP clients. With additional public folders such as these, clients using Outlook 2000 must attach to them in a Web page format. Office applications can also utilize these public folders in a Web page format. Administrators have the ability to share out additional public folders so that files are accessible over the network. These additional trees can be created on any Exchange 2000 server in the enterprise. When considering folder replication, first you must understand that the default public folder tree that’s created at Exchange 2000 Server installation time is replicated to every other Exchange 2000 server in the enterprise. As we talk about E2K cooperating with vintage Exchange systems, we’ve mentioned before and will mention again that the Exchange 2000 Active Directory Connector (ADC) must be installed and various connection agreements (CAs) must be created. The agreements can be one-way going toward vintage
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
280
Chapter 7
Planning for Traffic Flow
Exchange, one-way toward E2K, or two-way. The whole purpose of a CA is to provide an up-to-date GAL for one or the other or both systems. One public folder consideration that we should make here and now is to note that if a public folder two-way connection agreement is created for legacy Exchange servers, the E2K public folder will be replicated there as well. You create extra public folders by navigating through the ESM to Organization Administrative Groups Administrative Group Name Folders. Right-click Folders and select New Public Folder Tree. Give the tree a meaningful name and note that the Folder tree’s Use field is automatically set to General Purpose, meaning that MAPI clients cannot use the folder. Next, highlight the Storage Group you want to create the store to host this new folder in and select New Public Store. When configuring the new public store in the General tab’s Associated Public Folder Tree text box, point to the tree you just created, as shown in Figure 7.3. Notice that you can toggle whether you support S/MIME clients. FIGURE 7.3
The General tab of the new public store configuration sheet
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
281
When you click the Database tab, you’re given the suggested database names for this new public store, its maintenance interval, and mounting information. Note that you can opt to be able to overwrite this store from a restore—this option is not selected by default, so you will need to select it. See Figure 7.4. FIGURE 7.4
The Database tab of the new public store configuration sheet
The Replication tab reveals the replication interval for this particular public folder store. You can customize the scheduled times when this store will replicate to its partners and the time lag between replication intervals, as shown in Figure 7.5.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
282
Chapter 7
Planning for Traffic Flow
FIGURE 7.5
The Replication tab of the new public store configuration sheet
The Limits tab allows you to configure the size limits you’ll impose on the store. The Full-Text Indexing tab is configured through the Storage Group properties and isn’t available for you to configure here, even though its tab shows up. The Details tab allows you to key in a descriptive note about this folder. The Policies tab allows you to apply a policy to this public folder store. After configuring the new store, you’re asked if you want to mount it. Selecting OK causes the new folder to appear in the Public Folders object of the Public Folder Store node. Users can access the public folder by using a browser and connecting to it through OWA, as shown in Figure 7.6, where you see a new public folder called Business that was created using the process discussed.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
FIGURE 7.6
283
Accessing a new public folder through OWA
Note that the Exchange Installable File System (EIFS) creates an M drive on the E2K server. Once you create a new public folder and associate it with a public folder store, this new folder shows up in the M drive as well, and it can be shared out by the administrator and permissions can be applied as needed. Now that you’ve got a new public folder created, in the ESM navigate through Organization Administrative Groups Administrative Group Servers Storage Group Name Public Folder Store Public Folders in order to adjust your new folder’s properties. Highlight your new folder, right-click, and select Properties. Click the Replication tab, shown in Figure 7.7 and add the new store, storage group, and server that you’d like to replicate the folder to.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
284
Chapter 7
Planning for Traffic Flow
FIGURE 7.7
The Replication tab of the new public store’s properties sheet
You can also set the folder’s size limits, its Exchange alias and display name, add comments, adjust permissions, and modify its messaging addresses. Each public folder created has a unique e-mail address that allows users to send e-mail directly to the folder. When replicating new folders to various sites it’s important to understand the Exchange 2000 routing costs associated with a remote user trying to open a public folder. If you’ve replicated the folder to three separate Exchange servers, for example, including the one that the remote user connects to, the user will first attempt to open the local folder. If the folder is unavailable, the Exchange 2000 routing mechanism will direct her to the next least-cost route to the folder. If this folder is unavailable as well, she’s redirected to the next least-cost route to the folder. This happens until all routes to the folder are exhausted. Note that the listing of the new folder’s name in the GAL is handled by a different Exchange process than that which actually replicates the folder. Thus one may not see the folder’s name in the GAL but will see it in the Exchange hierarchy.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Planning Traffic Flow
285
Existing Network Connections When considering the Exchange server farm’s existing network connections, we’re concerned about each server’s allocated bandwidth (and commensurate potential for bottlenecks), their connection with one another, their connection with clients, and their connection with the Internet. Servers, especially multiple-CPU servers, are capable of putting out a lot of data onto the wire. Because of this, there is a potential for a server to bottleneck at the Network Interface Card (NIC) or at its connection to the backbone. For example, a server that’s equipped with dual 850MHz processors and trying its best to handle Exchange is going to bottleneck if it’s equipped with a 10Mbps NIC and a 10Mbps connection to the backbone. Exchange servers running in large enterprises need and deserve good quality high-speed connections to the backbone. In shops equipped with a fiber-optic backbone, consider running a fiber run to the server and equipping it with a fiber NIC. Run at 1000Mbps (gigabit) full duplex. Network cards, regardless of their speed, should be set for their maximum speed and full duplex, as should the port on the switch that the server connects to. If you’ve got a server that has an old NIC in it that cannot be set for full duplex, replace the NIC.
My experience has been that when a NIC or a switch port is set to “autodetect,” more often than not the settings default to the lowest common denominator. In a 10/100 NIC that means 10Mbps with half duplex. Personally, I never trust the autodetect feature of NICs or switches. I always purposely set them to the speed and duplex settings that I want.
Exchange servers that need to connect with one another need to have good name-resolution capabilities and correct IP addresses to connect to. In today’s complicated Virtual Local Area Network (VLAN) environment, it’s important to pay attention to routing and VLAN schemes to make sure that servers can connect with one another. Poor WAN links need to be rectified, or you’ll need to consider using the X.400 connector between servers. Internet connectivity is relative to the connection speed that you have with your ISP. Make sure you understand your company’s Web presence, the intentions for modifications to the Web presence, and the amount of bandwidth that’s used by the Web servers relative to what’s available. Note that Internet connectivity will be balanced by how you intend to utilize Exchange’s Internet capabilities.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
286
Chapter 7
Planning for Traffic Flow
Site Replication Service The Site Replication Service (SRS) is a tool that is automatically installed in Exchange 5.5 sites and is utilized by Exchange 2000 to facilitate the replication of directories to Exchange 5.5 servers. It is necessary to replicate information between the servers, because users need to be able to access information from any server and to assure the concurrency of the data. SRS uses the Lightweight Directory Access Protocol (LDAP) to communicate with both Active Directory and legacy Exchange 5.5 servers. To Exchange 5.5, the SRS looks like another Exchange 5.5 computer with which it can communicate. In smaller sites with a few Exchange 5.5 servers, perhaps only one installation of the SRS is necessary. SRS works in harmony with the Active Directory Connector’s connection agreements and schedules that are set up for each. In larger sites you may find that you need to add a second instance of the SRS to support the massive quantities of data that must be replicated. You can add a second instance of the SRS on a different Exchange 2000 server in the organization. When a second instance of the SRS is installed, the two servers will load balance with one another. You’ll find the SRS in the ESM at the Tools Site Replication Services node. There is nothing to configure. You can toggle between the SRS and directory replication views within the SRS node. The ADC must be installed for SRS to work.
Please note that even though you can delete the SRS, don’t! If you delete the SRS, all Exchange 5.5 folders that had been replicated to Exchange 2000 servers will be removed.
Design Scenario: Considering the E2K Design Minutiae Kimmie is an operations manager for a large governmental organization. She is responsible for a team of network administrators who are going to upgrade the messaging environment from seven Exchange 5.5 servers in as many different geographic sites to Exchange 2000. The network has already been upgraded to Windows 2000 and is running in mixed mode. Each site has about 200 users in it, some with a little fewer, some with a little more. All sites have different TCP/IP subnets but are all in the same domain. Kimmie’s team has the network separated out into seven OUs.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
287
Two of the sites are connected by 56K WAN links. The rest are connected with 512K frame-relay links. In three of the sites, the network infrastructure is running at 10Base-T (10Mbps) speeds, though there are no hubs— only switches. Because each site has a unique mission in its operation, Kimmie sees that a diversification of public folders would be very useful. Kimmie’s budget is somewhat limited, and she finds that she cannot upgrade the two poor WAN connections this year. Maybe next year, but not during this years’ budget cycle. Thus these two Exchange servers will be upgraded to Exchange 2000. They’ll be made into bridgehead servers and will continue to run the X.400 connector to communicate with other servers in the organization. Kimmie’s administrators check the NIC speeds on the three servers in sites with poor infrastructure speeds, and they find that two of the NICs are set for 10Mbps but only half duplex. The administrators set the NICs to full duplex and make sure the switch ports are 10Mbps and full duplex as well. Because each geographic site is in a different subnet but all are in the same domain, Kimmie does not need to set up any other routing groups apart from the two servers that need to use the X.400 connector.
Summary
T
his chapter was about message flow. We began our discussion with the topic of setting up your Active Directory Connector (ADC) computer and also about what bridgehead servers are and what they’re used for. The ADC computer will run a connector that maintains Connection Agreements (CAs) with legacy Exchange servers. You can maintain a one-way agreement from the vintage Exchange server to E2K or vice versa, or you can set up a two-way connection. You can control the replication schedule, which, by default, is kind of funky—from midnight to 6:00 A.M. Use various CAs to replicate public folder and mailbox store information between AD and legacy Exchange servers. We talked about four important features of Windows 2000 and Exchange 2000 that make the two systems interact harmoniously. The Exchange 2000 Routing Engine manages the routing of messages between servers. The Windows 2000 Advanced Queuing engine places messages in the queue. The
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
288
Chapter 7
Planning for Traffic Flow
Windows 2000 Message Categorizer isn’t adequate for Exchange 2000, so it’s replaced by E2K’s variation of it—phatcat.dll. The Message Categorizer determines message limits and other mailbox limitations. Finally the Extensible Storage Engine is responsible for managing the replication of objects between Active Directory objects. Bridgehead servers are used to communicate with other bridgehead servers between routing groups. Port 25 is used to send SMTP messages between bridgehead servers. You can apply a routing cost to each route between servers so that you create optimal message routes. Bridgehead servers don’t have to be the Routing Group Master (RGM) but they do run the Routing Group Connector (RGC). Low bandwidth or unreliable connections between servers may mean that you have to use the X.400 connector instead. We also talked about bandwidth—both in the infrastructure and over the WAN. The Exchange servers need reliable fast infrastructure speeds to work in an optimal state. It’s worth the designer’s effort to make sure that the infrastructure is up to speed, so to speak. More important are the WAN connections, which you may or may not be able to do anything about. Even in poor WAN circuitry situations, you can modify the Registry of E2K servers so that the Directory Access cache (DSAccess) is higher than the default—thus providing more lookup entries in memory cache and saving AD lookups. We talked about directory replication, its schedules, and when partial versus complete replicas are sent to other global catalog servers. We mentioned that directory replication is more a part of a Windows 2000 site, which is a grouping of computers that are in a common subnet and site connectors. A site connector is similar to a trust relationship, connecting sites together. A site link is a site connector that operates over very low bandwidth or unreliable links. Public folder replication is another replication topic that we must be aware of. The default public folder tree that’s created is automatically replicated to other Exchange 2000 servers. Other public folder trees can be created by administrators for segregating public folders into different operational categories. These new folders cannot be read by MAPI clients, only HTTP, IMAP4, NNTP, or POP3 clients. But this isn’t a huge limitation. Outlook 2000 clients can read the documents in an alternative public folder such as this by reading them through the Outlook Web interface. You can also use Office tools to read documents in these folders and access them from OWA. More important, the M drive, created by Exchange Installable File System (EXIFS) creates a sharable directory for you so that users can access public folder documents across the network. Replication of these additional public folders is handled on a server by server replication basis. Because one mechanism of Exchange
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
289
handles GAL updates while another handles the actual replication of the folder, the user may see the folder contents before he sees the folder’s name in the GAL. We talked about network connections and how important they are in the Exchange environment—specifically NIC cards that are set for an absolute speed and duplex and that the switch ports are also set that way. A 10/100Base-T NIC, for example, running on a 100Base-T network should be set specifically for 100Mbps and at full duplex. Finally we talked about the Site Replication Service (SRS) and its function in Exchange. This service is installed with Exchange but doesn’t kick in until the Active Directory Connector (ADC) is installed and connection agreements are set up. You can set up a second instance of the SRS on a second Exchange server, and once this is done, load balancing characteristics between the two servers is performed. Use a second instance of the SRS for large enterprises with many Exchange 5.5 servers in the environment.
Key Terms Advanced Queuing Engine Directory Access Cache (DSAccess) Exchange Interprocess Connector (EXIPC) protocol Exchange Installable File System (EXIFS) Extensible Storage Engine (ESE) GLITCH-RETRY state Message Categorizer Network Interface Card (NIC) Non-Deliverable Report (NDR) partial replica Routing Engine Routing Group Master (RGM) Site Replication Service (SRS) top-level hierarchies Virtual Local Area Network (VLAN) well-connected
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
290
Chapter 7
Planning for Traffic Flow
Review Questions 1. What Windows/Exchange 2000 component is responsible for expanding
groups and checks limits and restrictions in Active Directory? A. Routing Engine B. Advanced Queuing Engine C. Message Categorizer D. Extensible Storage Engine 2. What Windows/Exchange 2000 component creates a directory structure
on the Exchange server that contains mailbox and public folder shares? A. Extensible Storage Engine B. Exchange Installable File System C. Routing Engine D. Advanced Queuing Engine 3. Mary has an Exchange 2000 deployment that consists of three routing
groups connected together by redundant paths. If the first least-cost path to a server fails, how long will the bridgehead server wait, in total, before trying a different path? A. 1 minute B. 2 minutes C. 3 minutes D. 4 minutes
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
291
4. Joanne has a huge messaging infrastructure spread out over very many
geographically separate sites. Most sites still have vintage Exchange servers in them. Joanne has created numerous Connection Agreements (CAs) and is working feverishly to upgrade the servers. Joanne notices that there is a lot of sluggishness on the server hosting the Active Directory Connector (ADC). What can Joanne do to help the system speed things up until she can get the rest of the sites converted? A. Add a second ADC server. B. Add a second SRS instance. C. Split the organization into more than one subnetted site. D. Modify the Active Directory replication settings so that they
occur faster. 5. What are the determining factors that delineate routing group boundaries? A. IP Subnets B. Geographic sites separated by WAN links C. Windows 2000 forests D. Trust relationships 6. What two Exchange 2000 services work in conjunction with one
another to provide vintage Exchange server connectivity? A. Routing Engine B. Site Replication Service C. Internet Mail Service D. Active Directory Connector
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
292
Chapter 7
Planning for Traffic Flow
7. What are the necessary server components of a routing group that
allow for the interaction between other routing groups? A. Exchange 2000 Routing Group Master (RGM) B. Exchange 2000 Routing Group Connector (RGC) C. Exchange 2000 bridgehead server D. Exchange 2000 X.400 Connector E. Windows 2000 directory replication F.
Windows 2000 authentication
8. If several alternative routes are tried to a given bridgehead server and
it cannot be reached, how is the target’s time to reach marked? A. GLITCH-RETRY B. OFFLINE C. INFINITE D. UNVERIFIABLE 9. If you want to set up complete replication between legacy Exchange 5.5
servers and a new Exchange 2000 server, how many connection agreements (CAs) do you need? A. 1 B. 2 C. 3 D. 4 E. Unknown
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
293
10. When an e-mail user tries to access a public folder, he first tries to
access it locally. If he cannot access the folder locally, he goes to the next least-cost route to a server where the folder is at. Suppose that the administrator does not want users accessing public folders on other servers. What methodology can the administrator use to limit this functionality? A. Select the Do Not Allow Public Folder Referrals check box. B. Set high costs on all public folder replications. C. Set the permissions on the public folders so that remote users cannot
access them. D. Do not share out the public folders on other servers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
294
Chapter 7
Planning for Traffic Flow
Answers to Review Questions 1. C. The Message Categorizer is a plug-in to the Advanced Queuing
Engine and is responsible for expanding groups that are recipients in an e-mail and for checking message limits and restrictions. 2. B. The Exchange Installable File System (EXIFS) creates a directory
structure on the Exchange server. Administrators will see this directory structure as the M drive of the Exchange server. Beneath this drive under a folder named after the domain name, you’ll find two initial folders, MBX and Public Folders. The MBX folder contains all users’ mailboxes, the names of which are invisible to users. The Public Folders directory contains the public folders. New public folder trees that are created are added as another folder underneath the root domain name folder. By default, none of the folders are shared out, but they can be shared by administrators at any time— and commensurate permissions applied. 3. B. Upon the first failure the bridgehead server waits 60 seconds then
retries. Upon the second failure it waits another 60 seconds and retries. At the third failure the alternate route is tried immediately. 4. B. The best answer is to add a second SRS instance on a second
Exchange box. SRS has the ability to load balance between the two instances, thus offloading the server’s work of managing the CAs. 5. B. This is one of those questions where any of the answers could
potentially be correct. But the most likely boundary definitions set by administrators will likely be along existing Exchange 5.5 boundaries that were set up according to existing WAN links and geographically separate sites. It should be noted that the robustness of the new Exchange 2000 system running in conjunction with Windows 2000 doesn’t necessarily have to have as its dividing line’s sites separated by WAN links—just that this is the most likely dividing line. Trust relationships, especially Windows 2000 shortcut and external trusts, will very definitely figure into an Exchange 2000 deployment’s site boundaries.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
295
6. B, D. The Site Replication Service works in harmony with the Active
Directory Connector to facilitate Exchange 5.5 interconnectivity with Exchange 2000. Note that the Exchange 2000 ADC that is installed isn’t the same ADC that comes with Windows 2000. 7. A, B, C. The minimum requirements to get a routing group going
involve the installation of the RGM, RGC, and a bridgehead server. All of these components can live on one Exchange 2000 server in a geographic site. 8. C. When a target bridgehead cannot be reached by any route, the time
it takes to get to the target is marked as INFINITE. 9. E. We know that we need two CAs for the Exchange 5.5 server (one
for the recipients container and one for the public folder), but the question is misleading because we don’t know how many public folders have been created on the E2K server or how many recipient objects have been created. Thus the answer is unknown. 10. A. When a user tries to grab a public folder from another server it’s
called a “referral.” By checking the Do Not Allow Public Folder Referrals check box in the properties box of a Routing Group Connector, you can keep users from accessing far-away public folders.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
296
Chapter 7
Planning for Traffic Flow
Case Study: Creating Disparate Public Folder Installations
Y
ou should give yourself 10 minutes to review this case study, diagram as needed, and complete the questions for this mini test.
Background You are the messaging administrator for a company that manages livestock, buys the livestock from ranchers, and gets them to market. Your Exchange 2000 deployment across three different geographic sites is nearly complete. In each of your sites—Denver, Omaha, and St. Louis—you have a bridgehead and routing group master server connecting the site to other sites and another server providing e-mail and public folder services to users in the site. Each of the sites belongs to the same organization. Now you’d like to set up unique public folder deployments in such a way that users in one site see certain public folders while users in another see different folders. For example, users in St. Louis are predominantly interested in hogs and need to see information pertinent to the southeast quadrant of America relative to hogs and hog futures. The users in Omaha are more interested in cattle and need to also keep track of wheat futures, while the users in Denver must be apprised of both cattle and hog information for the western part of the country. The headquarters is in Omaha.
Current System Each site has two Exchange servers in it, one that acts as a bridgehead, routing group master, and routing group connector server and another one that acts as the mailbox and public folder store server for the site. WAN circuits are full T1 frame relay circuits between each site, connected in a triangle. The server NICs are running at 100Mbps full duplex and their switch ports are set for the same. The network’s backbone is 100Base-T. Each site has around 500 users, give or take. A handful of users in each site need to dial into the network to remotely access their e-mail. You’ve got an RRAS server set up in each site and users are successfully able to access their e-mail. All e-mail servers are running
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Creating Disparate Public Folder Installations
297
Envisioned System You envision setting up three new public folder trees: Cattle, Hogs, and Wheat. Information populated in these public folders will be put there by marketing specialists in the Omaha office. You will set up replication from the Omaha site to Denver and St. Louis in such a way that users see only the appropriate public folders.
Problem Statement Laptop users who RAS into the network must be able to see all public folders.
Maintainability You want to keep the maintenance and updating of the public folders centralized in the Omaha office. It’s not desirable that users other than the marketing specialists in Omaha be allowed to populate information into the public folders.
Performance You are not overly concerned about performance. WAN speeds are robust and your internetworking expert tells you that recent sniffs on the network reveal that all links are running at around 20 percent usage in most cases.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Exchange 2000; there are no vintage Exchange servers in any of the sites. You are the central messaging administrator; there are no other administrators managing the e-mail servers.
CASE STUDY
298
Chapter 7
Planning for Traffic Flow
Questions 1. How will you keep St. Louis users from seeing the Cattle futures
public folder? A. Do not replicate the Cattle folder to St. Louis. B. Select the Do Not Allow Public Folder Referrals check box. C. Set replication time to none for this folder. D. Set the folder permissions to keep St. Louis users out. 2. After setting up the folders and advertising their existence to users, the
help desk gets many calls saying that Outlook users can’t access the folders. What could be the problem? A. Permissions for the folders are not correct. B. Folders have not been shared out on the M drive. C. MAPI clients cannot use public folder trees other than the default
folder installed with E2K. D. The folder is not showing up in GAL, though it’s in the hierarchy. 3. How could you set up the public folders so that RAS users can access
all of them when they dial in? A. All folders will be available from the Omaha server. B. Share the folders out on the M drive, giving share permissions to
the RAS users. C. Replicate the folders to a special folder that RAS users can access. D. No workaround is available. 4. How will users in Denver be able to see the Wheat and Hogs folders? A. Share out the folders from the Omaha server. B. Adjust the permissions on the Omaha folders so Denver users can
access them. C. Share out the M drive so that Denver users can access them. D. Set up replication of the folders to the Denver server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Creating Disparate Public Folder Installations
299
items in the left column. Then, looking at the possible requirements in the right column, place a given requirement (found in the right column) under the document item that it most closely fits (found in the left column) for each requirement that you think should go into the folder design document. Proposed Design Document
Possible Requirements
Omaha
Apply message size limits to folder
Denver
Modify replication schedule
St. Louis
Share out folder trees Apply permissions to RAS users Train users how to access folders via Outlook Manage folder permissions Associate public folder tree with new public folder store Set up replication of folder to remote server Create Cattle, Hogs, and Wheat public folder trees on server Create new public store on server
6. Does the envisioned system meet the stated requirements? A. None of the requirements are met. B. Only one of the requirements is met. C. Most of the requirements are met. D. All of the requirements are met.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
5. Looking at the table below, first examine the proposed folder design
CASE STUDY ANSWERS
300
Chapter 7
Planning for Traffic Flow
Answers to Questions 1. A, B. You can exclude St. Louis from seeing this folder simply by not
including their server in the list of sites to replicate to. Making sure the Do Not Allow Public Folder Referrals check box is selected will keep St. Louis users from trying to access the folder from another server. It would be wise to investigate the folder security settings as well. 2. C. The clue, of course, is the Outlook client’s part of the dialog. MAPI cli-
ents cannot access any public folders that are created apart from the default public folders. The help desk will have to teach the Outlook users how to access the folders via the Web component of Outlook rather than through conventional Outlook means. 3. B. The easiest methodology is to simply share out the M drive’s folders
such that RAS users have access to them. When a RAS user dials in, it’s a simple thing to map to the share and access the information with the browser (or with Office tools). You’ll have to train the RAS users how to do this, of course, but it’s definitely the easiest workaround to the business limitation. Note that the shares disappear after reboot and will have to be recreated after each boot time. This would definitely impact your design considerations. 4. D. Simply set up replication of the Wheat and Hogs folders to the
Denver server. On the Denver server, set up the appropriate permissions so that those who need to see the folders are allowed to. Remember that no one is allowed to modify the folders in the remote sites, so it’s important to visit folder permissions.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Creating Disparate Public Folder Installations
301
Proposed Design Document Omaha Create Cattle, Hogs, and Wheat public folder trees on server Create new public store on server Associate public folder tree with new public folder store Set up replication of folder to remote server Modify replication schedule Apply message size limits to folder Share out folder trees Apply permissions to RAS users Manage folder permissions Denver Manage folder permissions Train users how to access folders via Outlook St. Louis Manage folder permissions Train users how to access folders via Outlook The trick here is to realize that an item may be able to be used multiple times, or it may only be used once. For example, in the above list you can see that “Manage folder permissions” was used in all three sites but “Create Cattle, Hogs, and Wheat public folder trees on server” was only used once.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
5. See table.
CASE STUDY ANSWERS
302
Chapter 7
Planning for Traffic Flow
6. D. The administrator and marketing specialists have centralized
control over the folders. Replication allows the folders to be copied out to the remote servers. The RAS users will be able to access these new public folder trees via regular shares so their needs are met. You can control access to the folders by setting the permissions, and you can regulate the replication of folders to specific servers. Wrap-up: Understanding messaging information flow is an important context of designing a messaging infrastructure. I chose this public folder tree case study to allow readers to think about the possibilities that the new Exchange server brings to the enterprise and to roll in message flow concepts.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Chapter
8
Strategizing E-Mail Access Policies MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Design a strategy for mail access. Messaging clients include MAPI, IMAP4, POP3, and HTTP mail.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
H
aving looked at the flow of mail through the servers, we now take a look at the types of clients that can access the Exchange 2000 system. It’s important not only to understand the clients that can utilize the system but also to understand why you’d use one client over another.
Dealing with Different Messaging Clients
W
ith an Exchange 2000 design and deployment strategy comes the question, “Which clients will this system be configured to support?” Should the system be restricted to Outlook clients only, or should non-MAPI clients be allowed to access the system as well? Moreover, what kind of material can the various clients access? That is the question this chapter addresses—client access.
Messaging Application Programming Interface (MAPI) Messaging Application Programming Interface (MAPI) clients are the standard client choice for the accessing of an Exchange 2000 system. MAPI, an e-mail programming interface (which was perhaps not invented by Microsoft but certainly boisterously carried by them), has gone through several upgrades and has been adopted by numerous third-party vendors. When reviewing Exchange server client options, it is always wise to find out if a third-party vendor’s software supports MAPI.
Microsoft Exam Objective
Design a strategy for mail access. Messaging clients include MAPI, IMAP4, POP3, and HTTP mail.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Dealing with Different Messaging Clients
305
The most basic Exchange 2000 client that will access the system is the Microsoft Outlook client, in any of its versions. In earlier versions of Exchange server, the Exchange CD included a client called the Exchange client. Users utilized the Exchange client prior to the implementation and steady updating of the Outlook client. If you are designing an Exchange 2000 rollout in a vintage Exchange server environment where you have users utilizing the legacy Exchange client software, it may be beneficial to consider upgrading them to Outlook. This move will probably require the updating of the users’ calendars from the older Schedule+ to native Outlook calendars. Coming from a sensible design approach, it’s beneficial to standardize your client deployment to one client software. That’s not as easy as it sounds, simply because there are disparate computing environments out there in the world, but the installation of Outlook will certainly go a long way in making this so. For example, all Windows and Macintosh clients can use some version of Outlook to access the Exchange system.
See www.microsoft.com/outlook/mac.htm for more information on Outlook for the Macintosh.
There may be other MAPI-enabled clients that are available. Table 8.1 lists some of the alternative clients that are able to utilize MAPI connections with Exchange. TABLE 8.1
Alternative MAPI-Enabled Clients MAPI-Enabled Client
URL
Eudora e-mail
www.eudora.com
Netscape Communicator
www.netscape.com
Wingra Missive
www.wingra.com
Sun dtmail
www.sun.com
University of Washington Computing and Communications Group Pine
www.washington.edu/pine
Microsoft Internet Explorer (IE)
www.microsoft.com/ie
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
306
Chapter 8
Strategizing E-Mail Access Policies
TABLE 8.1
Alternative MAPI-Enabled Clients (continued) MAPI-Enabled Client
URL
Hewlett Packard OpenMail
www.hp.com
Microsoft Outlook Express
www.microsoft.com
Novell GroupWise
www.novell.com
Lotus cc:Mail
www.lotus.com/home.nsf/welcome/ ccmail
Lotus Notes
www.lotus.com/home.nsf/welcome/ lotusnotes
Additionally, the MAPI standard can be extended to applications that are not e-mail clients, such as Microsoft Office, Sun’s StarOffice, and ThinkFree’s cyber-office effort (www.thinkfree.com). With a MAPI-enabled office automation client such as Microsoft Word, you can compose a document and send it out as an e-mail to somebody on the network all from one application interface.
For a really fun and different e-mail approach, visit the BottleMail site at www.kids.recruit.co.jp/bmail-e/index.html.
Good MAPI clients should also support Object Linking and Embedding (OLE) or similar functionality so that office automation or other kinds of documents can be easily included in e-mail documents to be sent to other people. The Outlook and Outlook Express clients, for example, allow the dragging and dropping of a document right into the e-mail that’s being composed. As a designer, you’ll want to consider compatibility issues between various clients and the Exchange system. It’s worth your while to set up a lab environment where you can test different kinds of e-mail documents going through an Exchange 2000 server destined for a different kind of e-mail client to see if there are interoperability issues. Also check for latency in document conversion or translation between clients and plan accordingly. Some server-side scripting might even be required for custom applications that are MAPI-enabled.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Dealing with Different Messaging Clients
307
Internet Message Application Protocol Version 4 (IMAP4) The Internet Message Application Protocol version 4 (IMAP4) is a Stanford University invention, the first version of which dates back to 1986. IMAP is similar to POP3 but includes some features that POP3 client software doesn’t have. For example, using IMAP4 you can look for keywords in your server email and then choose to download only those messages that match the search. IMAP provides for the support of Multi-Purpose Internet Mail Extensions (MIME) content and various client status states, such as offline, online, and disconnected. It is also able to support multiple concurrent users accessing a shared mailbox without regard for the type of file format the mail server supports. It is worth our while to discuss the meaning of the terms offline, online, and disconnected. When an IMAP e-mail user connects to an IMAP server, the mail stored on the server is downloaded to the e-mail client software. The user is offline as he reads his e-mail. At this point, the IMAP server no longer has any e-mail for the user to read (that is, of course, until it receives more e-mail destined for the user, which the user would then have to download). Think of online state as an interactive mode where the server receives some e-mail, you download a message and read it, then download another, and so on. Additionally, e-mail messages can be marked as deleted, read, or with other flags. A user who is not currently connected to the IMAP server is in a disconnected state. Because a server holds on to e-mail while it awaits an IMAP client to log on to it and then downloads to the client the e-mail it has for that client, we’re prone to saying that we’re working with a store-and-forward methodology. POP3 utilizes this concept as well. IMAP provides much more functionality than a POP3 implementation. For example, the following features of an IMAP server are very pertinent reasons that a user would want to be an IMAP client:
IMAP clients have the ability to connect to and manage different accounts on different servers, including the ability to add, rename, or delete folders within the various accounts.
IMAP clients can access non-e-mail messages such as Usenet news.
The IMAP protocol has features built into it to provide for performance enhancements over slow-speed links.
An IMAP client can transfer only part of the e-mail message to the local computer, thus providing enhanced functionality over slow links.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
308
Chapter 8
Strategizing E-Mail Access Policies
IMAP clients can choose to download messages or store them on the server(s).
IMAP software, even server software, is frequently free to download. Oftentimes, the source code is also available for modification.
Microsoft Hotmail and other online free e-mail providers are IMAP server hosts. Microsoft Outlook Express is an IMAP e-mail client.
The reason a person would be interested in IMAP would most likely be the fact that the e-mail can be centrally obtained from any computer at any location. For example, suppose that you have your e-mail sent to an IMAP server on the Internet. You can read that e-mail from a browser at the local library, from your wireless-based palmtop while in the car, from your PC at home, or from the workstation at the office. IMAP provides one-stop shopping for e-mail access.
See www.imap.org for more information on IMAP.
Messaging infrastructure designers will probably want to consider IMAP’s power and Exchange’s capability of interacting with IMAP clients when setting up Internet-based e-mail services. For example, suppose that your company is getting into the ISP business. You could utilize many different virtual IMAP protocol instances to provide a place for IMAP clients to retrieve and store their e-mail. You could also supply an IMAP instance and populate it with messages that you’d like your customers to be able to download and read at their leisure. Another consideration would be when you want to support nonMicrosoft e-mail clients that are IMAP compliant. For example, HP’s Unix program, Common Desktop Environment, is IMAP compliant—providing a way for these kinds of clients to interact with the Exchange system. There are literally thousands of IMAP clients available for users. The very generic-ness of IMAP is the source of its appeal. Another use for IMAP clients is in an environment where you simply don’t need to provide the horsepower of Outlook 2000. Suppose, for example, that you have clients who utilize a Windows CE–based cash-register system in a retail store environment. There’s no reason that clients couldn’t use
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Dealing with Different Messaging Clients
309
Outlook Express or Pocket Outlook to access e-mail messages on an Exchange server. In a situation like this, daily specials, communications with managers, and other sorts of e-mail content could be easily put into place.
IMAP uses the SMTP protocol to send messages.
Exchange 2000 IMAP4 virtual servers can be configured to allow MultiPurpose Internet Mail Extensions encoding as plain text or HTML and whether to allow Rich Text Format (RTF). Plain text, HTML, or RTF are used for the message body, MIME (or UUENCODE) for the attachments. You can choose the type of authentication you’ll use for the server, and whether to utilize certificates. You can control which IP addresses are allowed to access the server.
Post Office Protocol Version 3 (POP3) The Post Office Protocol has had two version iterations: version 2 and version 3. In today’s computing environment you’ll predominantly come in contact with version 3, if at all. POP3 is a bit different than IMAP because it’s older and less functional. IMAP brought enhanced features to the concepts behind POP3. In a POP3 environment, e-mail is stored on the POP3 server until it is downloaded by a POP3 client. There is no provision for tagging different e-mail as read, deleted, or whatever. You cannot download the partial contents of an e-mail message, thus saving bandwidth. You cannot access multiple POP3 servers within the some POP3 clients. Why then, would someone use POP3? The proclivity of free POP3 client software, coupled with immediate Internet access to free POP3 e-mail servers on the Web is enticing to users. For example, go out to www.yahoo.com and do a search on the word POP3. You’ll be surprised at the number of companies that list themselves as offering free POP3 services to Internet surfers. POP3 clients are embedded in a number of common e-mail client software programs:
Microsoft Outlook and Outlook Express
Novell GroupWise
Eudora e-mail
Internet Explorer
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
310
Chapter 8
Strategizing E-Mail Access Policies
Netscape Communicator
Pegasus mail
What would be some uses a designer might consider for POP3? Probably the most standout reason that you’d consider supporting POP3 would be the case where your company is considering becoming an ISP or is already an ISP and you’re looking for ways to offer free e-mail repositories for Web surfers. You can make money in situations like this because you advertise on your POP3 site. When a Web-browsing client surfs in to get his or her e-mail via POP3 client software, you have several different advertisements posted on your POP3 page. It’s highly possible that you have a POP3 implementation that is old and outdated and you’re looking for a suitable replacement. Exchange 2000 provides the capability of spawning multiple virtual POP3 protocol instances, and you can elaborately design the replacement of your old POP3 servers. Also, people using computer systems other than a Windows system might want to use a simple e-mail client to send and receive e-mail. For example, you might want to set up a POP3 installation for your Unix X-Windows users to allow them to connect to the POP3 e-mail server and send and receive e-mail. There are more sophisticated clients for Unix, but maybe POP3 is all that your standard Unix users need in the course of a day. Lastly, POP3 has the ability to be referenced in a Web page. Because of this capability, it may be possible for developers in your organization to somehow utilize a POP3 mailbox through a URL for varying purposes. Whether there would ever be a need for this is another thing, but know that POP3 has this ability. Exchange 2000 POP3 virtual servers can be configured to allow MIME or Unix-to-Unix Encoding (UUENCODE) support. You can choose the type of authentication you’ll use for the server, and whether to utilize certificates. You can also control which IP addresses are allowed to access the server.
Hypertext Transfer Protocol (HTTP) While the exam objective states “Design a strategy for mail access. Messaging clients include HTTP mail…” what we’re really targeting here is the fact that the E2K servers can provide one or several HTTP protocol server instances for Web users to interact with to exchange e-mail. The advent of the Internet and its associated protocols have really caused people to think about new and unique ways of utilizing applications via a Web browser interface rather than the GUI of yesterday. What a marked change in
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Dealing with Different Messaging Clients
311
user interaction a Web interface brings! With the introduction of Web-based Distributed Authoring and Versioning (WebDAV), the Web interface and Exchange 2000 brings the capability of remote online collaboration to the forefront of business. Exchange 2000 Server supports the ability to connect to the e-mail server through a Web browser. The feature is called Outlook Web Access (OWA) and is automatically enabled just by installing Exchange 2000. The interaction between a Web browser such as IE 5 and Exchange is a little bit convoluted. The browser makes a request to Internet Information Services (IIS) 5. The IIS server communicates with the Exchange server via an Internet Services Application Programming Interface (ISAPI) application that does the communicating with the Exchange information store. Information sent back to the browser is sent through the IIS server and consists of both Hypertext Markup Language (HTML) and eXtensible Markup Language (XML) instructions. Browsers can open up files stored in the public folders either by using the File Open command for regular Office-type documents or as a Web folder for HTML documents. WebDAV clients (such as IE 5) can also open documents the same way. In Figure 8.1 you can see that the IE 5 browser has opened a document on the Exchange IFS’s M drive called Test.doc. By clicking View Toolbars Standard you can open a text-editing toolbar and edit away at this document. Figure 8.2 shows the newly edited document. With such capabilities you could set up public folder areas that both Internet and local users could access and collaborate on. WebDAV takes the intercollaboration scheme a bit further in that it allows for several users to work on a document simultaneously, and it maintains the concurrency of the document as various users edit and update it. FIGURE 8.1
Retrieving a Word file using IE 5
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
312
Chapter 8
Strategizing E-Mail Access Policies
FIGURE 8.2
Editing a Word file using IE 5’s text editing capabilities and Standard toolbar
With collaboration services in place so that users can use a camera and microphone to talk to one another, you’d have a low-cost collaboration environment that would be easy to set up and easy to use. Designers should consider several things when determining the extent that HTTP will be allowed into the Exchange environment:
Are there RAS users who can make use of OWA over telephone lines? Telecommuters utilizing OWA will greatly improve their e-mail RAS experience instead of having to use the full-blown Outlook client.
Will there need to be additional firewall tuning to allow Internet users to be able to access the Exchange system? If you’re not currently allowing HTTP traffic into your network, then you’ll have to add a rule that makes it so.
Is there a need to provide virtual collaboration via Exchange public folders and a Web browser? There are two components that need to be answered in this question. First, are you going to provide virtual collaboration? Second, do you intend to have Web clients? Answering these basic questions steers you to the components and clients you need to use in your deployment.
If SSL is required with Internet users, how will connectivity to the Exchange server be made? In other words, are you currently using certificates in your environment or some other security paradigm? Is the firewall tuned to allow HTTP-SSL packets inside?
Should all users utilize a browser instead of the Outlook client? Probably the most fundamental yet hardest to answer question. The chief
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Dealing with Different Messaging Clients
313
reason not to consider OWA and a browser is the fact that you don’t have things like tasks, journaling, and other peripheral features of Outlook. If all you need is basic calendaring, e-mail, and public folders functionality, you should consider OWA and a browser.
What permissions should be applied to your public folder design? You can regulate public folder access by strictly regulating the permissions associated with them. If you have browser-based users who shouldn’t be accessing a set of public folders, you’ll need to restrict the permissions. Remember that E2K’s OWA allows browser-based clients to read public folder items.
Network News Transport Protocol (NNTP) The NNTP protocol isn’t mentioned in this exam objective, but you should be aware that you not only can provide different NNTP virtual server objects and hence different newsgroup instances, but your Outlook and Outlook Express clients can easily access these different newsgroups. A design scenario would thus include the creation and updating of various corporate newsgroups. You could envision a scenario where, for example, you have a newsgroup that keeps users up to date on new hardware technologies that your company is introducing.
Design Scenario: Planning for Disparate Client Access Melody is the administrator for a large hospital chain. The hospitals’ 3,000 users have a variety of computing platforms that are capable of retrieving e-mail. There has been no uniform messaging application that would meet everyone’s needs in terms of client connectivity. Melody is installing an Exchange 2000 server in each of the seven hospitals throughout the campus. Users in the business section of the hospitals— those who use normal personal computers with office automation software on them—will utilize the Outlook 2000 client. Melody has targeted a handful of computers on the network that will need a small upgrade in order to have Office 2000 Small Business installed. The other PCs in the business sections are fine.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
314
Chapter 8
Strategizing E-Mail Access Policies
Some of the users in the Marketing and Sales offices use Macintosh computers. Melody will install the Outlook client for Macintosh on these computers—though she was torn at first as to whether to let them utilize Outlook or a browser. The Outlook client will bring some features to these users that they feel they’d be able to leverage. Elsewhere many users utilize Unix X-Windows. Melody will set these users up with browser access to OWA so they, too, can use e-mail.
Summary
W
ithin the confines of this short chapter, we talked about client access and why you’d pick one client over another. We described the various clients and gave some design scenarios that you’d use a client for. We started with the big daddy of the clients, the MAPI client. MAPI is utilized, or at least capable of being utilized, by most e-mail clients today including Microsoft Outlook and Outlook Express, GroupWise, Notes, cc:Mail, and others. Your enterprise may utilize one of many third-party MAPI clients that are not in the ring of the few most popular. We also talked about the IMAP4 client. IMAP is a fascinating store-andforward protocol that has largely taken the place of POP3 because of its enhanced capabilities. IMAP4 users can, for example, put message flags on their e-mail messages so that they can delineate which messages have been read and which have been deleted. IMAP users can download only certain messages, or in some cases, just parts of a message. There are hundreds of third-party IMAP clients out in the world. The most common reason you’d use IMAP virtual protocol servers would be for support of Internet or legacy clients. The POP3 protocol is an older protocol but one that’s still in use around the world. It’s basically an e-mail retrieval protocol. When a POP3 client connects to the POP3 server, all of the e-mail is downloaded to the client and deleted from the server. There are no message flags that can be put on a POP3 client. As with MAPI, there are lots of third-party POP3 clients in the world that an administrator may find he has to provide legacy support for. ISPs wanting to use Exchange 2000 server will find its POP3 virtual protocol server capabilities a boon to setting up different POP3 postoffice implementations.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
315
We mentioned the capability of allowing Exchange users to access their mailboxes through a Web browser. Second to the MAPI client, this feature will be the most popular in the rollout of a new Exchange 2000 system. OWA was a highly popular alternative for RAS users wanting to get their e-mail from home or on the road, and the updating of Exchange 5.5 SP1 OWA and now the E2K version to include calendars and public folders will greatly increase its usage. Finally we mentioned that even though the exam objective doesn’t talk about it, you should not forget that you can create multiple instances of the NNTP protocol on your Exchange server(s). You’d most likely use this as a method of setting up different newsgroup access areas for users—whether you’re creating the newsgroups or simply downloading them and providing them to users.
Key Terms Disconnected state eXtensible Markup Language (XML) Hypertext Markup Language (HTTP) Internet Message Access Protocol version 4 (IMAP4) MAPI-enabled Messaging Application Programming Interface (MAPI) Multi-Purpose Internet Mail Extensions (MIME) Network News Transfer Protocol (NNTP) Object Linking and Embedding (OLE) offline state online state Outlook Web Access (OWA) Post Office Protocol version 3 (POP3) Unix-to-Unix Encoding (UUENCODE) Web-based Distributed Authoring and Versioning (WebDAV)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
316
Chapter 8
Strategizing E-Mail Access Policies
Review Questions 1. Up to now, your small company has been using Hotmail for its e-mail.
You’ve recently installed an Exchange 2000 server. What is the likely protocol the clients will use when accessing this server? A. MAPI B. IMAP4 C. POP3 D. HTTP 2. What protocol(s) do a store-and-forward messaging application
support for the access of e-mail? A. MAPI B. IMAP4 C. POP3 D. HTTP 3. You have a set of Routing and Remote Access (RRAS) clients that will
be dialing into your network to access e-mail. These RRAS users are company employees. Additionally, you’d like to provide support for non-employee clients to be able to access e-mail over the Internet. How many new instances of the HTTP protocol will you create to set up these connections? A. 0 B. 1 C. 2 D. 3
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
317
4. What are some features of POP3? A. Store-and-forward service B. Lots of available clients C. Commonly utilized in many Internet server installations D. Allows users to flag messages 5. What are some features of IMAP4? A. Allows for online editing of e-mail messages B. Allows users to flag messages C. An abundance of third-party clients for IMAP D. Allows for calendars to be maintained on the IMAP server 6. What is the transport protocol that is used by both IMAP4 and POP3
clients to deliver outbound e-mail? A. RPC B. UDP C. IRC D. SMTP 7. What are some of the reasons you might opt for users to utilize HTTP
instead of MAPI in your new Exchange 2000 system? A. Sharing of journals B. Deployment and desktop visits per user per year C. Document collaboration D. Virtual conferencing E. Reduction of costs by reducing deployment complexity F. Sharing of online tasks G. Sharing of calendars
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
318
Chapter 8
Strategizing E-Mail Access Policies
8. Suppose that even though you have three geographically separated
offices, you’re going to only install one Exchange 2000 server at the headquarters office and require remote users to access the server over the wire for their e-mail. What would be the most likely client you’d pick for this design? A. MAPI B. IMAP4 C. POP3 D. HTTP 9. You work for an ISP. When might you choose IMAP4 and POP3
instances as design choices for your Exchange 2000 rollout? A. You want legacy support of an older system. B. You don’t want to have MAPI clients. C. You’re an ISP. D. You have support for a variety of third-party clients. 10. You need to maintain the variety of newsgroups that had been set up
in your legacy environment and that you now need to move to the Exchange 2000 system. Which client will you use to support these new newsgroups? A. MAPI B. IMAP4 C. POP3 D. HTTP E. NNTP
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
319
Answers to Review Questions 1. A. Hotmail has nothing to do with Exchange 2000 Server. Your clients
will most likely use Outlook to access their e-mail. Your second choice would be HTTP where your clients access their e-mail via a browser. You can set up your client’s Hotmail mailboxes to forward the mail to a their new client until outsiders have had a chance to switch over to the new e-mail addresses. 2. B, C. When you access a store-and-forward messaging application
account, you’re doing so with a POP3 or IMAP4 client, even though you’ve connected to the system with a browser. You could potentially view answer A as correct because if Outlook were set to deliver mail to a PST, then it could conceivably be thought of as a store-and-forward system. However, this is too much of a stretch to make answer A a viable answer. 3. B. Because Your RRAS users will dial in and use the initial OWA
capabilities that are installed with Exchange server, you’ll only have to install one more instance of the HTTP protocol for use by outsiders accessing the system via the Internet. 4. A, B, C. POP3 enjoys wide use in the Internet world because it’s an
inexpensive and quick way to provide free or low-cost e-mail services to Internet users. It’s a store-and-forward system. Once you contact a POP3 server, all of your e-mail is downloaded to you. Clients have few bells and whistles that can be used with POP3 and do not have the ability to flag particular messages. 5. A, B, C. There are an abundance of third-party IMAP clients, and
clients can flag their e-mail messages: read, deleted, etc. You can edit your IMAP messages while you’re connected to the server, called Online mode, or you can choose to download your messages and read them later, though you’re still online and able to be notified of other incoming messages. This is called Offline mode. You can also disconnect entirely and read your messages when not connected, this is called, surprisingly enough, Disconnected mode. Calendars cannot be maintained on an IMAP server unless they are provided by some functionality other than the IMAP protocol.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
320
Chapter 8
Strategizing E-Mail Access Policies
6. D. Both the POP3 and IMAP4 protocols utilize SMTP to receive and
deliver e-mail. 7. B, E. Using a browser such as IE 5 brings with it the capability of
online editing of documents in public folders and virtual collaboration using a camera and microphone. Tasks and journals are a feature of Outlook, not of OWA. Some of the other answers given here are supported by OWA but aren’t reasons to favor it over a MAPI client such as Outlook. 8. D. MAPI, IMAP4, and POP3 use SMTP as their transport protocol,
which is light and fast, but users must download their e-mail to their local system to read the e-mail. On the other hand, HTTP allows the client to access the mail server with a browser. Mail can stay on the server and doesn’t have to be downloaded. Clients can still access their calendars and public folders. In a case such as the one in this question, HTTP accessing OWA might be the protocol to choose. If the wire isn’t a very reliable one or is low-speed, perhaps IMAP might be a good choice. 9. A, C. You’d probably install one or more IMAP4 and POP3 protocol
instances when you needed to provide support for a legacy IMAP4 or POP3 system or when you’re setting yourself up as an ISP. Just because you don’t want MAPI clients is not a reason to pick IMAP4 or POP3. Instead you’d probably opt for HTTP in a case such as that. Just because there are a preponderance of third-party IMAP4 and POP3 clients doesn’t justify implementing them as the client of choice on your new system. You’ll lose a lot of functionality with a choice such as that. 10. A. Network News Transfer Protocol (NNTP) is the protocol used for the
support of Usenet news groups that are set up in your public folders. But MAPI clients, such as Outlook 2000 and Outlook Express, can function as newsgroup readers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Planning for Disparate Client Access
321
Y
ou are the chief systems architect for a large telecommunications firm, and you are currently involved in the design of a new Exchange 2000 rollout— a conversion from an older GroupWise installation. The company has decided to completely forgo any new GroupWise installations and convert all users to a client supported by Exchange.
Background You are now trying to figure out which client makes the most sense for the corporation; a decision that you’re finding isn’t as easy as it might first appear. For one thing, the company has a strong intranet presence that you need to consider. Why couldn’t the developers responsible for managing the intranet simply include an e-mail button that would allow users to access the OWA component of Exchange? This would avoid the need to change out users’ e-mail platform from GroupWise to Outlook. Since users are already comfortable with the browser format for the intranet, there would only be a minimal amount of training required for them to be able to access their e-mail. On the other hand, there are pockets of users who need to regularly get into various newsgroups that have been created to educate and update them on what’s going on with technical apparatus that is sold by the company. Also, the company’s management would very much like to leverage Exchange’s collaboration capabilities, especially when it comes to users in various parts of the organization being able to access and collaborate on a single working document. For example, your company has to report to a governmental control body called the Public Utilities Commission (PUC) and, therefore, has to produce many operational documents on a frequent basis. These documents often require the input of various entities throughout the company. Virtual collaboration would decrease the amount of time that it takes to complete such a document and get it sent to the PUC. Additionally, calendaring is a vitally important thing. Many meetings a day are scheduled in conference rooms all over the company. The managers would like to see you create conference room calendars so that users can book the conference rooms and you don’t have to maintain dedicated resources for this purpose.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Case Study: Planning for Disparate Client Access
CASE STUDY
322
Chapter 8
Strategizing E-Mail Access Policies
Current System The company has many small remote sites that connect to servers over fairly robust WAN links (256K or higher). There are three large geographic campuses, each of which has its own small server farm. There are two GroupWise servers at each site. You host the GroupWise client for your internal employees. The company has 6500 users in the three main campuses, 5500 of whom have a PC at their desk and are running some variation of Office. Management estimates that of these 6500, about 1000 have a need for collaboration tools of some kind, and of those 1000, about half will need to access some kind of conferencing. There are about 600 users who log on from remote sites.
Envisioned System You envision an Exchange system where you continue to maintain two Exchange servers at the two outer campus offices and five at the headquarters office: two on the company’s DMZ and three for back-end server work. You’d like to extend your e-mail hosting to your RAS users as well as to an extranet situation where users can access their e-mail from anywhere in the world over the Internet. You’ll set up several different NNTP instances to handle different newsgroup scenarios. You’ll install Outlook on 6500 client computers, and you’ll install Exchange 2000 Conferencing Server and set up cameras and sound equipment for those users needing conferencing capabilities. You’ll arrange for training for Outlook users, users who need to collaborate with one another, for RAS users, and for conferencing users.
Problem Statement You must provide uniformity and consistency throughout the organization. CIO “We have a group of users who have been utilizing the GroupWise system for many years now. As much as is possible, it’s imperative that we provide a unified environment.”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Planning for Disparate Client Access
323
There are two messaging administrators who are quite functional in the administration of GroupWise. It’s important that these administrators completely understand the new system and are able to maintain the old as users migrate to the new.
Performance The network’s backbone isn’t of serious consequence. It runs at 1000Mbps (gigabit Ethernet) and the servers all plug directly into the core switch in the MDF. Your largest performance concern is for the 600 users who will be accessing their e-mail across the wire.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Maintainability
CASE STUDY
324
Chapter 8
Strategizing E-Mail Access Policies
Questions 1. In re-reading the case scenario, it may become apparent to you that
you dropped the design ball. Where did this happen? A. Lack of support for Internet users B. Installation of Outlook client C. Too many newsgroup instances D. No support for backing up users’ old GroupWise mailboxes 2. What benefits would Outlook users get out of the E2K system that
they would not get from being HTTP clients? A. Journaling B. Tasks C. Document collaboration D. Sticky notes E. Virtual conferencing 3. What design characteristics will you have to be concerned about when
deploying the front-end/back-end servers? A. Security of connection between front-end and back-end servers B. Unblocking of HTTP-SSL port 443 on firewall C. Careful design and creation of new HTTP and NNTP instances D. Planning for IMAP4 support 4. How will users in remote offices access their e-mail? A. MAPI B. IMAP4 C. POP3 D. HTTP E. NNTP F. HTTP-S
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Planning for Disparate Client Access
325
A. A remote user in an outer office (with no server) who needs to
connect to the e-mail system. B. A RAS user who needs to connect to the e-mail system. C. A campus user who needs to connect to the e-mail system. D. Internet users who need to connect to the e-mail system.
Utilizing one, many, or all of the connections provided, establish connectivity for all users utilizing good design characteristics.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
5. You have a network that has the following needs:
CASE STUDY ANSWERS
326
Chapter 8
Strategizing E-Mail Access Policies
Answers to Questions 1. B. In the background paragraphs, we’re clearly told that perhaps an
intranet deployment is the best bet. And yet you decide to install the Outlook client instead. You’re faced with a quagmire. You want to use Outlook because of the company’s desire to utilize Exchange’s collaboration capabilities, and yet you want to leverage the intranet, too. Perhaps some more work needs to be done with the developers to see how you can use HTTP and OWA for e-mail, but somehow integrate collaboration into the intranet’s Web pages. 2. A, B, E. HTTP clients that utilize calendars read public folders and
get their e-mail. For the most part, deploying the Outlook client provides the features listed in the question plus a smart GUI front-end. Document collaboration isn’t as easy in Outlook as it is with IE 5 because of IE 5’s robust collaboration features. Virtual conferencing is attained either through NetMeeting (for Outlook users) or through IE 5 for HTTP users. 3. A, C. You’re not going to support anyone who’s a company employee
trying to come into your e-mail system over the Internet, including IMAP4 clients. Security is highly important with extranet servers on the DMZ. You’ll want to provide strong authentication. The connection between the front-end and back-end servers needs to be carefully designed and implemented. You’ll also want to pay attention to the HTTP and NNTP instances that you create. In the case of HTTP, you probably won’t need any other instances than the initial OWA support provides. You may need more than one NNTP instance. 4. D, F. The best bet for users crossing the wire is to utilize HTTP for
their e-mail. However, to really secure things, consider your outside clients utilizing HTTP-S when accessing the Exchange system.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Planning for Disparate Client Access
327
CASE STUDY ANSWERS
5.
The campus user will be connecting to a local campus server, probably through the Outlook (MAPI) client. The remote user in an outer office with no server will benefit from an HTTP connection, as will the Internet users and the RAS user. You don’t have to worry about configuring a special client software component, because all the clients will use will be a browser to connect to the e-mail server. To facilitate all of these HTTP connections, installing a front-end/back-end server setup will greatly assist you. Note that the front-end/back-end protocol is SMTP, not HTTP.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
328
Chapter 8
Strategizing E-Mail Access Policies
Wrap-up: A variety of needs can spawn more complex client design issues than you might at first realize. When deciding about clients, you should carefully consider the load the client will place on the PC (which in today’s computing environment isn’t nearly as intense as it used to be—provided the company has kept its computers current), the protocol load over the infrastructure, how users will connect via RAS, the Internet and intranet, and newsgroups. Support for legacy POP3 or IMAP4 server implementations or providing new e-mail servers for POP3 or IMAP4 clients also become a consideration for businesses heavily invested in e-business.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Chapter
9
Designing for Fault Tolerance and Data Recovery MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Design a backup solution. Considerations include planning backup scope, defining the backup schedule, media storage and rotation, and backup type. Design a recovery solution. Considerations include recovering the entire messaging system, individual databases and servers, reassociating user mailboxes with accounts, and designing mailbox stores to support recovery. Design fault tolerance solutions.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
S
o you’ve got this fancy new Exchange system put into place and everything is running quite smoothly. Users are able to send e-mail out, receive e-mail coming in from Internet users, share calendars, collaborate on documents, and read public folders. Your deployment has gone forward without a hitch—thanks to plenty of up-front planning. Now let me ask you a question: If this system fails for any reason, will you be able to restore it to its pristine condition? One very important design component is the overall methodology for disaster recovery and fault tolerance. That’s what this chapter is about. We’ll cover the exam objectives that provide for setting up your Exchange system so it is fully recoverable, at any stage of the deployment. This includes designing for backup, designing for recovery, and designing for fault tolerance.
Designing a Backup Solution
A
part from a solid security implementation, the second most important part of any system deployment is the two-pronged protection of disaster recovery and fault tolerance. Planning for disaster recovery requires answers to this question: How can I make sure that, in the event of a catastrophic occurrence, I’ll be able to restore this system to its prior smooth-running state—contingency planning, in other words? Planning for the issue of fault tolerances requires answers to this question: How can I safeguard my system so that an occasional bump-and-grind in the road doesn’t take down the entire system?
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Backup Solution
331
Your design goal for a disaster recovery plan and fault-tolerance provisions is to wind up with a system that’s as bulletproof as possible—one that, should a disaster occur, can be restored to today’s state of business. Your legal beagles aren’t going to be happy if you can only restore to yesterday’s e-mail when they’ve already rocketed off 50 replies to various incoming messages and it’s only 10 o’clock in the morning! Our coverage of this objective starts by examining the backup and recovery strategies of your system. Then we’ll move into a discussion of creating solutions for fault tolerance.
Microsoft Exam Objective
Design a backup solution. Considerations include planning backup scope, defining the backup schedule, media storage and rotation, and backup type.
Planning Backup Scope Like a hand in an opera glove, Exchange 2000 interoperates with Windows 2000. This makes your backup job a little more difficult because you have to take into consideration the parts of the system with which Windows 2000 is involved—so you can back them up, as well. If you can’t restore what Windows 2000 was doing at failure time, you’ll be unable to adequately restore your Exchange system. As a result of this meshed-gear functionality, you need to clearly define the scope of your backup. As with everything else in Exchange 2000, you have a choice of what to back up. Because E2K supports storage groups, each one of which can house up to six separate stores (messaging databases) you can bring some selectivity to your backup design. For example, suppose you have one store that’s utilized by Internet e-mailers who post product-support e-mail documents to an HTTP store; and you have another store dedicated to the salespeople who RAS into your network and utilize Outlook Web Access (OWA). Which store takes more precedence, in terms of being backed up? Obviously, customer questions are important. But when you’re considering a backup methodology, the store utilized by these customers may not be as important as the salespeople’s store. To save backup time each night, you might opt to back up the customer support store only once a week, while keeping the salespeople’s store backup scheduled for every night.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
332
Chapter 9
Designing for Fault Tolerance and Data Recovery
Even though you may opt to back up certain stores less frequently than others, you’ll still have to back up the transaction logs for a given storage group. That’s because the logs contain all log information for every store in the storage group.
Your backup scope will include provisions for the following components:
The current Windows 2000 System State
The Windows 2000 Registry entries that are pertinent to Exchange 2000 Server
The .EDB and .STM files
The transaction logs (E000000n.log—where n is a sequential number)
The Key Management Service (KMS) database and associated files found in the KMSData directory
You may want to choose a formal backup software program such as Veritas Netbackup or Backup Exec (www.veritas.com), Computer Associates ArcServe (www.ca.com), or others. For more information on these third-party backup products, consult your vendors. In the absence of one of these programs, you can use the Windows 2000 backup program NTBACKUP.EXE to back up the necessary files to disk or tape.
Preparing for NTBACKUP.EXE Backup For each Exchange server that’s going to be backed up, you’ll need to make sure that a critical .DLL file—Esebcli2.dll—is present in the Exchsrvr\Bin directory of the server doing the backups. (The Exchange server binaries could instead be installed at Program Files\Exchsrvr\Bin.) This .DLL file is used by Exchange 2000 Server to provide backup capability for the stores. In installations where you’ve chosen to install the E2K files but not the Exchange System Manager (ESM), this .DLL will be present but will not be referenced in the Registry. To fix this problem, you can install the ESM from
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Backup Solution
333
the Exchange 2000 CD; or go into the Registry editor, navigate to HKEY_Local_Machine\System\CurrentControlSet\Control\ BackupRestore\DLLPaths, and add this line: esebcli2 = c:\exchsrvr\bin\esebcli2.dll
Backing Up Next, simply launch the Windows 2000 backup program and open the Backup tab (Figure 9.1). Select the storage group(s) that you want to back up, check the System State check box, and then proceed with the backup to disk or tape. If you’ve got Exchange 5.5 servers in your site that are connected to E2K through the Active Directory Connector (ADC), you’ll also want to select the Site Replication Service (SRS) check box. Figures 9.1 and 9.2 show the NTBACKUP Backup and Restore tabs. FIGURE 9.1
The Backup tab of the NTBACKUP.EXE program, specifically choosing the storage group, SRS, and System State
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
334
Chapter 9
Designing for Fault Tolerance and Data Recovery
FIGURE 9.2
The Restore tab of the NTBACKUP.EXE program. Note that you can select an alternate location to which you’ll restore the files.
You do not have to dismount any of the stores to back them up, and you must keep the Information Store service running!
Restoring Restorations work in the reverse of the above steps. However, there are some peculiarities that you need to be aware of with restorations. When Exchange storage groups are backed up, E2K creates a special hidden temporary-storage group to accommodate the backups. There is a limit of four storage groups, so if you have four storage groups going on your E2K server, you’ll be restricted to only one restoration of a storage group at a time. If, during restoration of a storage group from tape or disk, the process encounters errors in the transaction logs, you’ll be prompted with an error message. Restoring the transaction logs is called replaying, and E2K goes about this process in a unique way. At restoration time, as the transaction logs on tape are restored, they’re put into the directory from which they’ve been backed up, possibly overwriting any current log files. You can opt instead, through
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Backup Solution
335
the Restore tab in the NTBACKUP.EXE program, to put the restored transaction logs into a temporary directory. With this instruction in place, the Exchange 2000 backup process will first apply the restored transaction logs, and then the ones that are currently in existence, bringing the system up to a current-time state. Because of the ability to take a single message store offline and restore from tape or disk, you can curb the downtime that users experience during a restoration process.
When working with backups, the person logged on to the computer must be a member of either the Domain Admins or the Backup Operators group.
Defining the Backup Schedule How often should you back up your Exchange databases: once a month, once a week, once a day? When you do run your backups, should you perform a normal or an incremental backup? These are some of the questions a careful designer will ask. Because Exchange—the “not-mission-critical” application—is so highly visible and used so widely, it is recommended that you back up the Exchange databases every day. If you have the time (in other words, if the backup doesn’t take all night to complete), you will probably want to consider a full (normal) backup. Alternatively, you can choose an incremental. Both of these backup selections are discussed in a later section. In planning your backup schedule, set up a test backup of the Exchange servers. Time how long it takes to complete the backups. Then make a determination as to which of the following backup styles you want to use:
Normal-Normal-Normal (NNN), in which you perform a full backup each night
Normal-Incremental-Incremental (NII), in which you perform a full backup once a week and incremental backups for the rest of the week
Note that the name of the NII routine suggests only two incremental backups, but the implication of the definition is that you’d perform one normal and six incrementals in any given week’s backups. The length of time taken for a normal backup might be as much as a couple of days, so you’d have to downscale the number of incrementals you perform accordingly.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
336
Chapter 9
Designing for Fault Tolerance and Data Recovery
E-Mail: To Back Up or Not to Back Up In terms of defining your backup needs, there’s a larger question, however: Should you be backing up the Exchange databases at all? Because of media-fueled fears about e-mail privacy issues, many companies and government agencies have a policy that stipulates that e-mail is never backed up. But all admins know that this is a very dangerous (not to mention foolish) policy—the minute a vice president’s e-mail becomes unavailable, you’ll get screamed at to get it restored right away. Sure, you’ll be able to whip out a copy of the CEO’s authorization to stop e-mail backups, but if this vice president lost some essential e-mail that scuttles a huge sale or might serve as evidence in a lawsuit, it’s likely you’ll be resuming backups of the Exchange system the very next day. (Provided, that is, the company is still in existence.) Not being allowed to back up the Exchange system is a situation you may run into. Should it happen, you’ll want to have very clear documentation and authoritative leadership that tells you to ignore these backups.
If you use NTBACKUP.EXE to run your Exchange backup jobs, you can use the Windows 2000 Scheduled Tasks applet to schedule recurring backups.
Planning Media Storage and Rotation If you don’t already have an offsite-storage methodology in place, one of your jobs as designer should be to develop one. You can get pretty sophisticated with this plan, but the basic rule of thumb is that the last three weeks’ tapes go offsite, and the fourth week’s tapes become the tapes that are used in this week’s backups. You can opt to keep tapes offsite longer than this— maybe 52 weeks’ worth of tapes, or maybe just a month’s worth. That’s up to you. But the design you come up with must provide a guaranty that the tapes are not in the same building with the enterprise and that once you get them back, you can restore the system. For a reasonable fee, you can hire a company that specializes in offsite storage to maintain your tapes. Usually when you retain such a company’s assistance, they’ll ask you for the names of people authorized to request a
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Backup Solution
337
tape. Typically, there’s a fee schedule for the response time that you require when you request a tape. For example, they might charge $75 to supply a tape to you within two hours, $50 within four hours, $25 within eight hours, and nothing if you can wait overnight. You could also consider an Internet-based backup paradigm in which you don’t maintain a tape farm—instead, you back the files up to a server on the Internet and pay a company for this service. Your concern about such a system will probably revolve around this question: What if their server is down when you need to perform a backup or restore? It’s wise to determine whether the company you’re retaining for this service maintains cluster servers (two server running the same application—if one fails, clustering software sees to it that the other server takes over the processing) for faulttolerance purposes. A very common backup rotation model is called the Grandfather, Father, Son (GFS) model. Let’s consider a week’s worth of data. You back up the Exchange system for an entire week. To keep it simple, let’s say that you have the ability to perform a normal (full) backup each night. You’ve read the logs and examined the tapes, and you know that the data on the tapes is restorable data. You send the tapes offsite—perhaps to a tape retention service such as Arcus, or maybe to a different campus in your company. This is the Grandfather set. You run a second week’s backup and send these tapes offsite as well. This is the Father set. Yet a third week’s backups becomes the Son set. As the Son set goes offsite, the Grandfather set comes out of offsite storage and becomes the fourth week’s backup set. Other backup rotation models are in use, but GFS is the most common.
Choosing a Backup Type The nature of this topic is centered on how large your deployment happens to be. In larger installations with multiple servers needing backup (particularly when there is only one backup server to which all the files are directed for backup), you may not have enough time to accomplish full backups across the server farm. In other words, if a backup operation on a given server takes, say, two hours to back the files up across the network, and you have ten of these servers to back up, there’s not enough time to get the entire backup done before users come into work the next day! In larger installations, you have a very narrow timeline in which to accomplish your backups and many servers you have to back up. This size-and-timing problem is solved with incremental backups. In an incremental backup scenario, you perform a full backup of all servers over
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
338
Chapter 9
Designing for Fault Tolerance and Data Recovery
the weekend. For example, you might start your full backup Friday night at 10:00 P.M. and the entire thing doesn’t wind up until 2:00 P.M. on Sunday afternoon! Now that you have a full backup, for the rest of the week you perform incremental backups. With an incremental backup, files marked with Archive status (the A attribute bit is set) are backed up. Thus, any files that have changed from one day to the next are picked up in an incremental backup scheme, their archive bits are cleared and, if they don’t change by the time the next backup rolls around, they are not backed up. The key is in the Archive bit. In such a paradigm as the NII backup you can completely restore your operation to its state when the last backup occurred. Also, the Exchange log files are cleared from the system, freeing up disk resources.
In differential backups, the Archive bit is not cleared.
If the system you’re restoring hasn’t suffered a catastrophe (in other words, it’s still operational and good transaction logs exist on the system), it will be possible for you to completely restore to today’s current business using the NII paradigm. You would simply redirect the restoration to a temp directory. Exchange will then replay the transactions in the order they occurred and you’ll be back in business. The NTBACKUP program offers a couple of other choices: A Copy backup copies all files that have been selected to an alternative place. The Archive bit is not cleared. If needed, you can use a Copy operation in between normal and incremental jobs because Copy does not alter the file status. A Daily backup backs up all files selected for the given day the daily backup is performed. It does not clear the Archive bit. As an Exchange designer, you’ll probably want to go through a testing routine where you determine exactly how much time is taken up by the backups, then make a determination about whether to go with an NNN or an NII operation. You should also be concerned about the placement of your backup devices. In a larger environment, should you consider a single backup server that talks to a large tape-storage silo, or should you opt for many backup servers? Geographic concerns, money, software compatibility, centralized/decentralized operations, and other matters will drive this decision. As a general rule of thumb, backup operations should be centralized as much as possible.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Recovery Strategy
339
Design Scenario: Backing Up the Exchange 2000 and Windows 2000 Servers Randy is the senior administrator of a midsize company. Several months ago he converted the network to Windows 2000 and is running in native mode. He has just gone through an Exchange 2000 Server design and deployment. Because he works in a smaller network, he is forced to run a couple of application on each server—he does not have the luxury of dedicating servers to single operations. Therefore, the server on which Exchange 2000 is installed is also running DNS. The E2K/DNS server has a 4mm DAT tape drive in it. Randy uses the NTBACKUP.EXE program to set up a nightly backup of the entire system, including System State, the Exchange databases, and all data on the drives. Randy uses the GFS tape rotation method and keeps the offsite tapes in his apartment in a fireproof safe that he owns. The tape backup has time to finish completely each night, so Randy does not use a set of incrementals during the week. He is careful to study the tape backup logs scrupulously each morning to make sure the backups ran successfully. Randy goes to a local NT/2000 user’s group meeting one night and they happen to talk about backups. After hearing about new companies offering backups to the Internet, he thinks about this option for his Exchange server. Randy also learns about an inexpensive tape-retention service in his city. He talks to his manager the next day and gets approval to have the service retain the backup tapes at their site.
Designing a Recovery Strategy
You work for a company in a building with a little stream flowing by on the east side. Let’s just for a horrific minute imagine that the worst happens. After a torrential downpour one evening, the area of the building housing your network servers is flooded. Your server room is on the first floor, and the water manages not only to seep into the room but also to rise about a foot and a half—just high enough to get up above the raised floor and enter
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
340
Chapter 9
Designing for Fault Tolerance and Data Recovery
the servers. High enough to blow the main disconnect in the room. It’s time for Disaster Recovery (DR).
Microsoft Exam Objective
Design a recovery solution. Considerations include recovering the entire messaging system, individual databases and servers, reassociating user mailboxes with accounts, and designing mailbox stores to support recovery.
Here is the ultimate DR question: If the entire building or campus explodes (or implodes), craters in, burns to the ground, floods over, falls into a volcanic pit or otherwise goes seriously away, how quickly can you restore the computing systems to what they once were? If you get that 3:00 A.M. call from your managers telling you that the server room is no more, will you be able to get the servers going again, or will you roll over in bed and polish up your resume in the morning? A good answer to the DR question means finding a method of restoring a computing system to its pristine state after a complete disaster removes the other system or systems. Think it can’t be done? It surely can. “Mainframer” types have practiced DR methodologies for years. It is only since the PC years that we’ve relaxed our thinking about the criticality of systems. Now is the time to think about DR where you work. Sound expensive? Oh, absolutely. But before you let that deter you, ask your management this: How expensive will it be for your company to go out of business because they can no longer meet contractual obligations or ship product to customers? The ramifications of absent DR provisions are enormous, and are absolutely worth serious investigation. Although this section is about DR for Exchange servers, not DR as a whole, remember that a designer should always be sure that the DR question is covered.
Recovering the Entire Messaging System So let’s start by taking that 3:00 A.M. call. It’s your CIO calling to tell you that the headquarters building has suffered a natural-gas explosion and there isn’t enough of the building left to make into an ashtray. Thankfully, there was nobody in the building at the time—old Joe the night watchman was out in his truck getting his lunch can when the place went up, and he’s safe. Every kind of fire truck and police car imaginable are out there in the parking lot;
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Recovery Strategy
341
there’s enough yellow tape strung around to pave Dorothy’s yellow brick road. Your CIO wants to talk about DR and how to get the servers back. What do you say? Do you know what things you need to completely restore, from the ground up, a complete messaging system? Let’s ignore the infrastructure for this example—obviously, somebody has to plan for the complete renewal of the infrastructure. For now we’re going to assume that the CEO and CIO and the folks in charge are investigating renting a facility that they can walk into and get things running—it’s prewired, in other words. So what do you need to bring to the table to get the messaging infrastructure going again?
You’ll need a new physical server to match each and every one of the servers on which the old system ran.
You’ll need a set of complete tape backups in order to restore the replacement servers.
You’ll need the system CDs. (Hopefully they weren’t in the building when it blew up…but of course they were, weren’t they?)
You’ll need a connection to your ISP to restore Internet e-mail.
You’ll need routers and WAN connectivity to any remote sites that were once connected to you.
You’ll need a couple of days to a couple of weeks uninterrupted time to work on restoring the systems. (Right, like that’s going to happen.)
You might be working through a couple of DR scenarios in your head at this point. Should you purchase several servers that act as hot standbys? We are serious—these servers sit in a box in a room somewhere waiting to be utilized in an emergency. Seems like a waste of server hardware, doesn’t it? But, in the true sense of Disaster Recovery, we’re always talking about the concept of computing redundancy. Maybe a better idea would be to create a set of clustered servers that are physically separate from one another—perhaps attached with a WAN connection. You’d have one cluster in your HQ office and another in a remote office. The two clusters might communicate over a dedicated WAN circuit or over a high-speed shared WAN circuit. Under this plan, if something disastrous happened to one of the servers, the other could take over. The only thing to note here is that you couldn’t be utilizing a shared space cluster—that is, both servers couldn’t be talking to the same RAID-array disk space. If they were and if that array blew up along with the building, all
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
342
Chapter 9
Designing for Fault Tolerance and Data Recovery
users would be out. The cluster you need for circumstances such as this is one where the data is mirrored real-time between the two servers. This is known as an active/active cluster (the kind supported by Windows 2000), perhaps backed up by Network Load Balancing (NLB) nodes. Figure 9.3 shows what this schematic might look like. FIGURE 9.3
A cluster between two geographic sites, each of which talks to an NLB node Site A
Site B
T1 Frame Relay Circuit
NLB Server
NLB Server
NLB Server
NLB Server
NLB Server
NLB Server
E2K
E2K
Disaster Recovery for an entire system centers around the idea that you not only need reliable backups from which you can restore, you also need immediate access to replacement hardware. But with Exchange 2000 Server, there’s a bit more to it than that. Recall that the E2K directory lives in Active Directory and so is still available, provided there are Windows 2000 computers in other sites that are part of the domain. The only things you need to restore from tape are all the .EDB and .STM databases, the SRS (if you’re using Active Directory Connector, ADC) and the System State. Once you’ve got the system set up and you’re ready to install E2K, you select the Disaster Recovery option in the Setup program and the E2K directory will be rebuilt from the existing AD database. Finally, you restore the Exchange mailbox data. Following is the order in which you must perform a DR restoration of Exchange servers utilizing backup tapes: 1. Reinstall Windows 2000. 2. Restore the system drive. 3. Restore the Windows 2000 System State.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Recovery Strategy
343
4. Run Exchange 2000 Server Setup in Disaster Recovery mode. 5. Restore Exchange data.
Recovering Individual Databases Recovering individual databases is a very simple operation. Start by notifying users of the store that’s going to be affected that they’ll be down for a few minutes. Next, dismount the store to be restored. Run the NTBACKUP.EXE program and perform a restoration of the database that you want to restore. Here are the steps:
Verify that the Exchange services are started. (Note to all you Exchange 4 and 5 admins: This is the opposite of what you’re accustomed to in previous versions of Exchange.)
On the Restore tab left-hand panel, select the media containing the backup files from which you’re going to perform the restoration.
At the bottom of the Restore tab, select Alternate Location in the Restore Files To drop-down list, and specify a directory to temporarily store the log files. Keep in mind that if you don’t go through this step, the log and database files will be written to their original location, overwriting any existing data you have out there.
Begin restoration by clicking the Start Restore button. If you’re restoring from a full backup set, select Last Restore Set when prompted. If you’re restoring from incrementals, don’t select this Last Restore Set option until you’ve restored from the last incremental tape. When you select Last Restore Set, replay of the transaction logs begins.
Click OK when prompted to begin restoring the database.
Recovering Individual Servers The process for restoring an individual server is basically the same as working through the Disaster Recovery scenario described earlier. Following are the steps for recovering an individual server:
Begin by reinstalling Windows 2000 as you did the first time you built this server. Make this box a member server, and give it the same name and IP address as the original E2K server’s.
Configure DNS on this computer.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
344
Chapter 9
Designing for Fault Tolerance and Data Recovery
Join the domain. Right-click My Computer and then click the Identification tab to join the domain. Once you’ve joined the domain, you’ll be prompted to restart the computer—do so.
Run the Disaster Recovery option of Exchange 2000 Server Setup. Remember that the E2K Server’s object must still be in Active Directory.
Restore the storage groups from tape.
Reassociating User Mailboxes with Accounts What happens if the user account is deleted but the user’s mailbox is not? Since each user account has a unique security identifier (SID), you can’t simply re-create the user account and expect it to automatically work with E2K. To accomplish reassociation of user mailboxes and accounts, you’ll need to go through a special set of instructions. Microsoft provides a timer that keeps a deleted mailbox for 30 days by default. This setting is configurable by editing the properties of the mailbox store you’re interested in adjusting. You can set it to a value from 0 days to 24,855 days of mailbox retention. A user’s mailbox is retained by the system for a set period of time (30 days is the default). You re-create the user account, then use the ESM and navigate to the mailbox store. Find the mailbox that needs to be reconnected, highlight it, and select All Tasks Reconnect.
The Exchange 2000 CD includes a tool called the Mailbox Reconnect Tool. It allows you to perform restorations in bulk, should someone accidentally delete an entire OU of users. (But that never happens, does it?)
Designing Mailbox Stores to Support Recovery You can configure each mailbox store with individual deletion limits. Go into the ESM, navigate to the mailbox store you wish to modify, right-click, and select Properties to bring up the store’s default properties. Move to the Limits tab, shown in Figure 9.4. Here you can set two deletion limits. We’ve already talked about the second one, the amount of time to retain a user’s mailbox after the user account is deleted.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing a Recovery Strategy
FIGURE 9.4
345
Configuring mailbox store deletion limits
You also have the option of setting the length of time to keep deleted e-mail before it is purged from the system. The default is 0 days, but it may be worth your time to consider bumping this up to, say, 30 days. This allows a cushion when a user deletes his or her e-mail; the e-mail doesn’t automatically get flushed and can be retrieved through Outlook. Note the check box that lets you postpone permanent deletion until a backup is performed. Public folder stores, too, have a deletion limits option. You can set the amount of time to keep deleted items in a public folder, the default being 0 days. The check box that postpones removal of the deleted items until after the store has been backed up is also available for public folders. Interestingly, you can also set up public folder stores so that the folders in the store are deleted after a certain period (this setting has no default).
Design Scenario: Running a Mock Disaster Recovery Test Whitney is a highly conscientious senior administrator for a large network that consists of several smaller networks in geographically separate buildings. She maintains Windows 2000 in the network and has installed Exchange 2000 Server throughout. The network runs in native mode.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
346
Chapter 9
Designing for Fault Tolerance and Data Recovery
Whitney is very concerned about Disaster Recovery (DR) of her systems. The computing environment used in the company is essentially the backbone of its business operation—it’s imperative that the company has adequate capability to recover from a disastrous event. Whitney decides to emulate a technique that mainframers have used for years: a mock DR test. She starts by writing out a project plan that describes the items she would need in order to restore a site from scratch, along with the steps required to get the restoration done. She confers with the other network administrators to get their input before running the plan by management. Next, she sets up a test server lab and plans a day when she can run through a mock DR recovery inside the lab. She hopes that by running an actual test in the lab, she’ll be able to simulate what might be encountered in a real-life situation. Once she has completed the test run and fine-tuned the details, Whitney puts the plan into production—including training all administrators on the correct responses and behaviors in a DR situation. Once a year after that, she runs all administrators through the mock test to make sure everyone understands the steps involved.
Designing Fault Tolerance Solutions
F
ault tolerance—providing redundant elements to carry the operation in the event of component failure—is yet another critical consideration for the designer of an Exchange 2000 system. Thankfully, fault tolerance features for networks have come a long, long way in the past few years. We can separate them into three camps: power and temperature controls, RAID technology, and clustering and load balancing.
Microsoft Exam Objective
Design fault tolerance solutions.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Fault Tolerance Solutions
347
Power and Temperature Conditioning Features Because servers and networking gear operate 24/7/365, it is imperative that they be put in an environment where the power to them doesn’t fluctuate and where the temperature stays in an acceptable “comfort” range (comfortable to the computers, not to you!). Purchase power-conditioning equipment for your server rooms if you don’t already have it in place. Computers require very precise voltages and do not function well when voltage fluctuates. Consider air conditioners for the server room, too. Typically, the server room has an elevated floor, and the air conditioner blows cold air under the floor and out through perforated floor tiles. With this setup, you can precisely control the placement of air in the room. Larger air conditioners will give you a room temperature read-out so you can routinely check the temperature of the room. You should also consider room-size uninterruptible power supply (UPS) equipment. Instead of tying each of your servers to an individual UPS, you can purchase gear that provides backup power to an entire room during an outage. These setups can get pretty elaborate. I’ve seen implementations where the server room UPS is connected to a roomful of car batteries. Should the outage threaten to be protracted and go longer than the life of the batteries, a standby diesel generator kicks in and can keep the room up as long as someone keeps adding fuel to the tank.
Redundant Array of Inexpensive Drives (RAID) The Redundant Array of Inexpensive Drives (RAID) technology has been a boon to administrators for many years. RAID has saved many an administrator’s neck when a hard drive failed. The concept is this: By putting several disks into a computer, then managing them with either software or hardware RAID, if one drive fails you don’t lose your data. Two basic kinds of RAID contribute to fault tolerance: Mirroring (RAID-1), and Striping with Parity (RAID-5). There is also a RAID-0, Striping without Parity, but it provides only disk I/O speed, not fault tolerance. Windows NT 4 and Windows 2000 provide support for software RAID. In other words, the OS handles the RAID. Do not go there. It’s to your advantage to pay the $1,500 or so for a hardware RAID-array controller card, put it in your server, and trust the hardware card to handle the RAID system. Why is this better? Primarily because the RAID card has a CPU on board that allows it to offload disk I/O from the server’s CPU, thus seriously
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
348
Chapter 9
Designing for Fault Tolerance and Data Recovery
enhancing speed. Secondly, most RAID cards will accept an added RAM Single Inline Memory Module (SIMM) or Dual Inline Memory Module (DIMM) so that data not yet written to disk can be retained in the card’s memory, not the server’s. Thirdly, most RAID cards allow you to add a battery backup module (highly recommended) that will retain the contents of the cached data should the server be arbitrarily rebooted for some reason. If you don’t have this battery backup module and the server goes through a reboot, you can lose many megabytes of data that have not yet been written to disk!
You can buy stand-alone RAID-array cabinets of varying size, complexity, and cost. This helps you set up your servers so that they can talk to one centralized storage device. Single Point of Failure (SPOF)? Yes—but then again, these are RAID cabinets; so if one drive fails, you can recover the system. EMC is a company that’s long been in the business of supplying high-end RAID and faulttolerance storage. You can visit their web site at www.emc.com.
Clustering and Network Load Balancing (NLB) and Clustering Clustering is the concept of providing two computers that do a duplicate job. If one computer fails, the other takes over. This is called a failover. In the beginning days of PC server clustering, one of the computers acted as the active computer and the other was inactive—this was called active/inactive or active/passive clustering. If the first computer died, a failover occurred and the second computer kicked in. Users didn’t see much of a blip on the radar screen, although typically they noticed some activity. After you fixed the first computer, you performed a failback to get things back to standard operation. With Windows 2000, you perform active/active clustering. Each server is called a cluster node and is actively involved in the clustering process. With both servers are synchronized, should a failure occur on one, users will be completely up-to-date on their activities and won’t have to wait through a failover. Exchange 2000 Server is designed to work in a clustered environment and, in fact, is working that way at Microsoft. With clustering you can choose to provide a single storage source, such as a RAID-array cabinet that all clustered nodes talk to, or you can arrange for each clustered node to have its own storage source. The latter arrangement
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Fault Tolerance Solutions
349
is recommended. If you use the former option of a single storage source, you could potentially introduce a SPOF into the system—the very thing you’re trying to get rid of when working toward fault tolerance. There are some Tier 1 companies that manufacture good-quality RAID arrays that are completely redundant. Figure 9.5 shows a cluster setup in a shared storage and in a nonshared storage environment.
In certain clustering deployments, some special hardware and software may be required.
FIGURE 9.5
Clustering in shared storage and nonshared storage Shared Storage
Server 1
Server 2 RAID Array
Nonshared Storage
Server 1
Server 2
In Network Load Balancing (NLB), two or more computers share the computing activities of a system. Web servers are oftentimes set up as NLB servers. Web developers update Web pages, then populate them to a single server. Content replication software such as Site Server picks up the code and replicates to all servers in the site. NLB makes sure all databases and other server activities are reconciled. Fault tolerance is introduced because all servers are behaving in the same way and users don’t have to hit just one server to perform some Web activity. It turns out that the most secure method of introducing mission-critical enterprise software such as Exchange 2000 Server is to set up a cluster in which the cluster nodes consist of NLB servers, shown in Figure 9.6.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
350
Chapter 9
Designing for Fault Tolerance and Data Recovery
FIGURE 9.6
Clustering in an NLB environment NLB A
NLB B
Server 1a
Server 3a
Server 2a
Server 2a
Server 2b Server 2b
Several good white papers have been written about clustering and NLB; these documents are available on the Microsoft Web site.
Virtual Local Area Networks (VLANs) Virtual local area networks (VLANs), though not technically part of the fault-tolerance paradigm, fit into the scheme here because implementing them gives you the ability to streamline bandwidth and downsize collision domains. Many networks today comprise extensive switching setups. Switches allow an administrator to separate data traffic into VLANs, thus reducing the number of collision domains. (Routers are the cutoff line for broadcast domains; for collision domains, the cutoff is switches. What we mean by “cutoff line” is that a broadcast in a given network typically stops at the router and isn’t propagated to other networks. Because Ethernet allows for collisions, switches allow you to reduce the number of collision domains because switches will not propagate any collisions to other sections of the network.) A router must exist in a scenario where there are multiple VLANs, but if the VLANs are properly set up, you can segment the traffic so that servers function much better and faster. One standard VLAN design is to apportion a VLAN specifically for servers and allow no users to belong to that VLAN. This arrangement provides for much quicker interoperation of servers because traffic destined for one server does not have to traverse the network; it merely has to cross the switch fabric.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Designing Fault Tolerance Solutions
351
Design Scenario: Designing a Fault-Tolerant Exchange 2000 Server Deployment Network architect Ahmed works for a midsized corporation that manufactures heavy equipment. The network he uses has been converted to Windows 2000 and is running in native mode. Users have worked with Exchange 4 and 5 servers for years now and are accustomed to using the Outlook client with the Exchange system. The corporation has 5000 users spread over two campuses connected by a tunnel—Buildings A and B. Ahmed is now designing an Exchange 2000 upgrade. He plans to purchase new servers for the deployment and wants to design a heavily fault-tolerant solution so that the E2K system can be relied upon for, if possible, years of uninterrupted service. “Dial-tone” capability is what Ahmed calls it—alluding to the fact that when you pick a phone you’re surprised if you don’t hear a dial tone. That’s the kind of fault tolerance he’s striving for. He envisions a clustered-server scenario on servers obtained from a tier 1 vendor. He orders the following configurations on the servers:
Server cases that have two disk cages, each capable of holding up to six SCSI drives Twelve 9GB, 10,000 RPM SCSI drives per server Four 1GHz (gigahertz) microprocessors per server 1GB of RAM per server Two hardware RAID-array controller adapters per server, one attached to each of the drive cages A telephony card in each server, allowing the administrator to phone the server for remote troubleshooting capabilities Redundant power supplies Redundant cooling fans
When the servers come in, Ahmed’s design calls for a RAID 50 installation, 6GB for the Windows 2000 system partition, 20GB for the log partition, and the rest dedicated to the store databases, to be partitioned one partition per storage group.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
352
Chapter 9
Designing for Fault Tolerance and Data Recovery
Despite the level of fault tolerance provided by this server arrangement, Ahmed plans to cluster two servers per Exchange server installation. There will be an Exchange installation in Building A and in Building B. The two clustered servers will talk to one another on a dedicated VLAN and will contain a second network card connected directly to the network backbone. Ahmed prepares an installation “burn document” so that the administrators know how to burn the servers. He also instructs them to install the server-monitoring software that comes with the servers, so that the RAID cards and other server hardware can be watched on a real-time basis.
Summary
This chapter is about how to back up and recover, how to provide fault tolerance for, and how to design a disaster recovery methodology for your Exchange system. The backup scope not only includes the Exchange .EDB and .STM databases, but also the .LOG transaction log files and possibly the Key Management Server (KMS) database files as well. Additionally, because Exchange works hand-in-glove with Windows 2000, it’s important to ensure that the Active Directory database is backed up, and that the machine that houses Exchange has the System State and critical files backed up. You need to come up with a regular schedule for all the backup operations and for rotating the media with some common media-rotation scheme. You’ll need to decide whether to perform a normal backup every day or a normal over the weekend and then incrementals the rest of the week. Either way will work—but keep in mind that if you are forced to use incremental backups as a part of your backup paradigm, you’ll have to have the last good full backup along with all the incrementals since that point, in order to restore the system to its state prior to the crash. Disaster Recovery (DR) planning goes beyond thinking about simply restoring a system from tape. You also must know how you would, in the event of a catastrophic event, restore the system to its condition prior to the event. This may mean maintaining redundant hardware, taking a look at clustering as an alternative, real-time mirroring across WAN circuits, or a mixture of all these things.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
353
If you want to restore a store using the transaction logs, you should redirect the restoration to a temporary directory so that Exchange can replay the transaction logs in the correct order to return the store to its current state. If you restore to the store’s native directory, you take the chance of overwriting log information. The concept of fault tolerance includes the notions of Redundant Array of Inexpensive Drives (RAID), power and temperature conditioning (including UPSs), and clustering and network load balancing (NLB). Clustering and network load balancing, though cousins in the same family of paradigms, are two different fault tolerance models that you can consider.
Key Terms active/active active/inactive active/passive cluster node Dual Inline Memory Module (DIMM) failback failover fault tolerance Grandfather, Father, Son (GFS) Network Load Balancing (NLB) Normal-Incremental-Incremental (NII) Normal-Normal-Normal (NNN) Redundant Array of Inexpensive Drives (RAID) replaying security identifier (SID) Single Inline Memory Module (SIMM) uninterruptible power supply (UPS)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
354
Chapter 9
Designing for Fault Tolerance and Data Recovery
Review Questions 1. Jennifer is trying to restore a single mailbox store from tape but is
being prompted that she cannot do so because the store is still active. What should she do? A. Stop the Exchange Information Store service B. Stop the Exchange MTA Stacks service C. Stop the Exchange System Attendant service D. Dismount the store in question 2. Jodi is trying to redirect a restoration of a mailbox store from tape but
is being prompted that there are no available space for the restoration. What should she do? A. Free up some space on one of the server’s hard drives. B. Dismount one of the storage groups. C. Dismount one of the stores. D. Stop the Exchange Information Store service. 3. Henry is the backup administrator for his company. He is responsible
for backing up all Windows NT and Windows 2000 servers in the enterprise, including application servers such as the Exchange servers. An incremental backup on the entire enterprise takes just under 10 hours each night. What backup combination should Henry use? Choose two options. A. Daily B. Normal C. Incremental D. Differential
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
355
4. What are the critical components that must be backed up in an
Exchange 2000 system? Choose all that apply. A. Exchange databases B. Exchange binary directory C. Exchange Key Management Service directory D. Windows 2000 System State E. Site Replication Service F. WINNT directory 5. Elaine’s Exchange server has crashed. She has reinstalled Win-
dows 2000, made sure that DNS shows the correct entries for the server, and has joined the domain. What is her next step? A. Restore the Exchange storage groups from tape. B. Restore the Exchange stores from tape. C. Install Exchange using Disaster Recovery mode. D. Install Exchange using the /R switch. 6. Craig, an Exchange administrator, gets a call that a user’s account was
accidentally deleted. The user needs to get to his mail right away. What should Craig do? Select all that apply. A. Re-create the user’s account in Active Directory. B. From backup tape, restore the store that the user utilizes. C. Find the user’s mailbox in the ESM and reconnect. D. Have the user restore his e-mail from Outlook. 7. Rose is a backup administrator for a corporation. Currently, backup
tapes are kept in a rack in the server room, but Rose is wondering if this is a safe storage method. Where should Rose be storing previous days’ backup tapes? Pick the best option. A. In a bank strongbox B. At her home C. At another of the company’s locations D. In a data safe
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
356
Chapter 9
Designing for Fault Tolerance and Data Recovery
8. Which of the following items are considered Disaster Recovery
options rather than fault tolerance solutions? A. RAID arrays B. Clustering C. UPS D. Tape backups 9. Your vice president has deleted some e-mail items from his deleted
items folder and now needs to get them back. Your Exchange 2000 Server implementation is set at system defaults. How can you help the vice president? A. You can’t. B. Show him how to restore his deleted e-mail using Outlook. C. Restore the mailbox store from tape. D. Restore the storage group from tape. 10. Pick two choices for disk fault tolerance. A. RAID-0 B. RAID-1 C. RAID-2 D. RAID-3 E. RAID-4 F. RAID-5
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
357
Answers to Review Questions 1. D. Stores cannot be restored from tape until they have been dis-
mounted. It is not necessary to dismount the entire storage group unless you have all allotted storage groups in use. 2. A. The redirect restoration operation doesn’t have space on the hard
drive it is trying to copy to. Either free up space or direct the restoration process to a different server or disk. 3. B, C. Henry should perform one normal backup operation, scheduled
at a time when few users are working on the network (over the weekend, for example). The rest of the backups should be incrementals. 4. A, C, D, E. The rule of thumb is that you don’t need to back up any-
thing for which you have the system CDs. But you do need to back up key Registry information (the System State) and the Exchange data (such as the .EDB and .STM databases), the SRS (if you’re running in a vintage Exchange environment), and the Key Management Service (KMS) database if KMS is in use. 5. C. The next step is to reinstall Exchange server and select Disaster
Recovery as the installation option, and then to restore the storage groups from tape. 6. A, C. This is a two-part restoration process. First Craig will re-create the
user’s account in AD. Then he’ll highlight the mailbox in the Exchange System Manager, right-click, and select All Tasks Reconnect. 7. C. A data safe might at first appear to be a reliable place to store
backup tapes, but data safes can often handle only 150° heat for up to two hours. Fires burning much hotter than that may last longer than two hours—in that event, a data safe isn’t a reliable choice. Storing in a bank strongbox isn’t a bad idea, but the boxes are usually made of steel and are, unfortunately, conductive, which means that the data on the tapes may not be very secure. And keeping data tapes at home is never a good idea, no matter how securely Rose’s home is kept. The best option for her might be to simply keep the company’s tapes at another nearby location. That way, the tapes would be much more accessible than if they were kept in a strong box. The very best answer, however, is for the company to pay a service to retain the tapes.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
358
Chapter 9
Designing for Fault Tolerance and Data Recovery
8. D. Tape backups are a Disaster Recovery (DR) option. They don’t
contribute to the initial safety of a system but rather provide a method of retrieving data in the event of a crash. 9. A. The Exchange system default is to retain deleted items in mail-
boxes for 0 days. You cannot help this vice president other than to tell him you’re very sorry about the loss and you’ll turn on deleted items retention so that this doesn’t happen again. 10. B, F. RAID-1 is mirroring and provides fault tolerance in the case of
a disk failure, as does RAID-5, which provides for striping with parity across three or more hard drives.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Deciding Which Backup Strategy to Adopt
359
Y
our Windows 2000 deployment is done and your Exchange 2000 Server implementation is nearly complete. You’re putting the final touches on your design by taking the backup of the Exchange system into consideration.
Background In trying to figure out what backup methodology to utilize, consider the following factors:
What the backup scope will be
Whether to use third-party backup software
What the backup rotation schedule will be
What the restoration process will involve
Where the backup media will be stored
What sort of backup operation you’ll use
Current System Your Exchange system has two Exchange servers connected together in a cluster. The servers are identical in every respect. You have two mailbox stores, one for the executive group and one for the rest of the organization. You have a single public folder store. Projections from past e-mail use indicate that the stores will grow to about 4GB for the organization’s store, 500MB for the executives and about 100MB for the public folders. You have a single 70GB Digital Linear Tape (DLT) tape drive with which you’ll back the systems up. This drive is connected to a different Windows 2000 computer than what the Exchange servers are connected to. The network backbone runs at 100Mbps.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Case Study: Deciding Which Backup Strategy to Adopt
CASE STUDY
360
Chapter 9
Designing for Fault Tolerance and Data Recovery
Envisioned Methodology You’ve researched various third-party tape-backup software and are altogether convinced that you need a third-party solution to back up the Exchange system. You envision utilizing NTBACKUP.EXE to back up the two servers. You’ll perform a nightly normal backup starting at 10:00 P.M. and running through the night. At roughly 6GB of data to be backed up over a 100Mb wire to a fast 70GB DLT drive, you can expect the data to be completely backed up in no more than two hours’ time. You’ll use the Grandfather-Father-Son rotation scheme and store a minimum of two sets offsite at all times. You’ll utilize a service for the offline storage of your tapes.
Problem Statement Your boss, the operations manager, isn’t convinced that NTBACKUP.EXE will efficiently handle the backups. Operations Manager “Isn’t the NTBACKUP program just a weak nambypamby utility that’s only to be utilized until you can replace it with some better software?”
Maintainability You need to guarantee that the data on the tapes is accurate and restorable. Operations Manager “We have to be absolutely sure that the data on the tape is actually there and can be used for restorations.”
Performance Users must able to compose and receive e-mail while the system is being backed up.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Deciding Which Backup Strategy to Adopt
361
1. What component is missing from the system described in Envisioned
Methodology? A. No testing of the third-party backup software B. No allowance for periodic restoration tests C. Envisioned methodology isn’t needed because of clustering D. No testing of various backup-software vendors’ offerings 2. Will the DLT tapes fill up as they come back in from offsite storage
and get reused in a new “up” operation? A. Not necessarily B. Yes, they will C. No, they will not D. Not enough information is available in case study 3. Will NTBACKUP.EXE work as your backup software choice? Select
all that apply. A. Yes, but it lacks key features. B. Yes, but it requires extra steps. C. It will be only marginally acceptable. D. No, it will not work. 4. Since you’re clustering servers, will it be necessary to back up both
servers? A. Backups are not necessary for either server. B. Backups are not necessary for one server. C. Both servers need to be backed up. D. Not enough information is available in Case Study. 5. What are some monitoring functions that administrators will need to
do daily under the backup paradigm described in this Case Study? A. Regularly review backup logs. B. Change tapes. C. Make sure Scheduled Tasks jobs are successfully running. D. Perform restoration tests.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Questions
CASE STUDY ANSWERS
362
Chapter 9
Designing for Fault Tolerance and Data Recovery
Answers to Questions 1. B. The operations manager has made it clear that you should be
ready to prove that the data you say is on tape is actually there and, furthermore, that you can actually restore the data from the tapes. Until you can prove those two things, your tape backup system isn’t reliable. You should plan for regular testing of restorations to make sure that things will go as expected. 2. A. With most backup software, you get to select whether you want to
overwrite the data on the tape each time you start a new backup, or to retain the backup that’s currently on tape and simply advance to the place where the previous backup ended before laying down a new backup. If you choose not to allow an overwrite of the data on the tape, at some point the tape will fill up. But the Envisioned Methodology section does not say whether your design includes an overwrite or not. 3. A, B. NTBACKUP.EXE will work just fine but lacks some key fea-
tures, such as capability to bar-code tapes and maintain virtual tape libraries. Also, an extra step is required if you use NTBACKUP, in that you have to use Scheduled Tasks to run your backup jobs on a schedule. Other than that, the program is an admirable (and inexpensive) substitute for third-party software. 4. C. Because you can’t be sure of the state either server is in at backup
time, your best bet is to back up both servers. 5. A, B, C. Admins will want to review the backup logs to make sure the
data made it to tape, and to eradicate situations where data was skipped or some other error occurred. They will also need to see that the tapes are changed and verify that the Scheduled Tasks jobs are running as planned. These are daily occurrences. Perhaps quarterly or at some other regular interval, it might be well to perform a restoration of the data to a test server to make sure restorations are successful. Wrap-up: Admins often don’t pay enough attention to backup implementations. But backups may very likely be the lifeblood of a company. Should a disaster occur and tape backups were not available, some companies would be out of business. Exchange designers need to take the backup of the Exchange system very seriously.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Chapter
10
Implementing Groups in Your Exchange 2000 Server Messaging Solution MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Deploy routing groups and foreign connectors. Deploy administrative groups.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
W
e’ve already covered this topic a bit in earlier chapters. We delve a bit more into the detail of deploying routing and administrative groups and foreign connectors in this chapter.
Deploying Routing Groups
W
e begin with the all-important concept of routing groups—groupings of Exchange servers that have some commonality with one another, typically that they’re in the same geographic site. Think of routing groups as topologically similar to legacy Exchange sites—but with a lot more possibilities.
Microsoft Exam Objective:
Deploy routing groups and foreign connectors.
Suppose that you have a fairly large vintage Exchange deployment, say, 12 or 13 servers. These servers are spread out in many different separate geographic locations. You might have one in Denver, another in Pennsylvania, and another in Texas. You even have a couple Exchange servers in Europe. All of the servers home run to a couple servers at a central site headquarters, perhaps the Denver office. The WAN connections between the remote Exchange servers and home are, for the most part, pretty reliable and fast, though there are a couple of problem spots, predominantly in the U.S.-to-Europe connections. Figure 10.1 shows such a hypothetical deployment.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Deploying Routing Groups
FIGURE 10.1
365
Hypothetical Exchange deployment Washington Europe1
Nevada
512K 56K
512K Montana
Europe2
56K
512K
256K
512K
Canada
Chicago T1
256K
Denver1 T1
128K
California
512K
Pennsylvania
100MB
Texas
Florida Denver2
Tennessee
The time to connect servers together in a single routing group occurs when they can communicate with one another by a permanent well-connected (i.e., high-speed) circuit. Perhaps some administrators would not describe an ordinary frame relay WAN circuit as permanent or well connected, but in an Exchange design, these circuits can be considered in your routing group design, even over comparatively slow links. You determine which servers communicate with one another inside a routing group based upon three criteria:
If network connectivity is unreliable either due to a saturated net or to physical network problems, you may want to consider breaking the servers out into separate routing groups. The servers that are on the same VLAN or are connected over a reliable circuit with one another could be in one routing group while other servers, equally well connected with one another but not reliably connected with your original group, might compose another routing group.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
366
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
You might opt for routing groups if you want to control specific message paths in the organization. For example, note that public folders are determined by routing group. Maybe you want to separate different parts of the messaging structure simply for separating public folder access. You might also opt for a routing group in environments where servers are all separated from one another by one hop, but in which you wish to control the amount of hops between Exchange servers.
If you have a need to schedule messaging between two locations, you may want to consider routing groups.
You should also be aware that there is an interrelationship between administration and routing groups. An administrative group is created specifically for separating administrative duties among the Exchange servers out to various administrators. But it’s important to note that within the administrative group, you configure certain servers within a routing group to send mail directly to other serves or, alternately, to forward mail to a bridgehead server. So Administration and routing groups are intertwined. If you look at Figure 10.1 again, you can see that there are two servers that are connected by very slow connections, Europe1 and Europe2. If there is any other kind of traffic at all going over the wires leading to these servers, you have a messaging problem. Clearly then, there may be a design issue where you may want to consider breaking the European servers out into a single routing group, separate from the other servers. However, there is an additional problem with such a design. You wouldn’t have a connection between Europe1 and Europe2. So, if you were to decide to have one routing group with the two European servers in it, you would need to establish a reliable permanent connection between the two. For example, if one server is located in the UK and the other in Spain, the connection might involve an ISDN, X.25, DSL, or frame relay connection. Conceivably then, you’re looking at a minimum of two routing groups, provided there are no other circumstances that might cause you to consider separating this network into even more routing groups. Note that a good design technique involves setting up your other routing groups on the first Exchange 2000 Server installation, then finishing up the connection as the other servers come online. Therefore, it’s to your benefit to have your routing groups laid out prior to implementation. Exchange 2000 servers within a routing group talk to one another using SMTP, but vintage Exchange servers in a routing group can communicate using RPC instead. In each routing group there is at least one server that has a routing group connector (RGC) installed. A server that has the RGC
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Deploying Routing Groups
367
installed is called a bridgehead server. The bridgehead server uses SMTP to talk to other bridgehead servers. It utilizes a link-state algorithm to figure out where to send a message. The bridgehead server also finds out about and alerts other servers to other bridgehead servers that are down. With the concept of routing groups, bridgehead servers, and a meshed circuitry, you can set up highly available and fault-tolerant routing environments between routing groups. Add a second bridgehead server and you’ve introduced a load-balancing methodology as well. In situations where you have very poor connections you can opt to install the X.400 or SMTP connector, instead of the RGC, for bridgehead servers to communicate to each other. The preferred connector is the SMTP connector. Use the X.400 connector when you’re connecting over X.25 or RAS circuits or when connecting to legacy Exchange servers running this connector instead of using RPCs. You can also use the SMTP connector in order to communicate with legacy Exchange servers that are running the Internet Mail Service (IMS). It’s important to understand that when a bridgehead server hosting an RGC needs to send an e-mail to another bridgehead server, it checks DNS first and looks specifically for an MX record for that server. If it can’t find an MX record, a situation that is quite possible, it then checks for an A record instead. This means that it’s a good idea to have an A record in DNS for all Exchange servers in the enterprise. If an A record cannot be found for the target server, WINS is next used to try to find the host. The designer should note that it’s important to have an A record in DNS for every Exchange server in the enterprise in order to avoid lengthy name resolution processes. In a large routing group design, you may want to designate a server independent of the bridgehead server to act as the Routing Group Master (RGM). The RGM receives link state information from the bridgehead server and propagates this information to all other servers in the routing group. Looking again at Figure 10.1, what would be the best option for deploying routing groups in this current network? Suppose, for example, that instead of one server in Denver you had two, naming them something original like Denver1 and Denver2. First you would upgrade the two Denver servers to Exchange 2000 Server. You could also create the routing groups that you’re planning on using. Designate Denver1 as the bridgehead server (meaning that you’ll install an RGC on it) and also as the RGM. Procure and configure a connection between Europe1 and Europe2. You’ll have two routing groups in this network, all U.S. and Canadian servers in the first routing group and all European servers in the second routing group. Next, begin to upgrade each of the outer servers (or alternatively add a second Exchange 2000 server in each site). You would not install an RGC on these
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
368
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
servers because they are in the same routing group as the Denver servers and will communicate with Denver via intra-routing group SMTP. Keep in mind that until you’ve updated all the legacy servers you’ll have the ADC running with connection agreements pointing to each vintage Exchange server. Finally, when you get to the point where you configure the European servers, you’ll assign a cost to the circuits so that there is a redundant, though higher cost, path in the event that one of the European connections fails. You should also investigate ways of meshing the U.S. and Canadian circuits in the same way. Though the servers within the European routing group will use SMTP to talk to one another, they will use the X.400 connector to communicate with the Denver1 bridgehead.
Design Scenario: Deploying Routing Groups Amanda is a design consultant who has been retained to assist with the deployment of a new Exchange 2000 system in a mid-sized engineering company. Because of the nature of the firm, there are many Exchange servers spread out over many parts of the U.S., South America, and Canada. All servers home run to the Detroit office over WAN links of varying speeds and reliability. Most sites only have one Exchange 5.5 server, but some have two and Detroit has three. After a cursory overview of the system and interviewing the current administrators of the system, Amanda decides that the most logical break for routing groups is along physical lines. The administrators inform Amanda that there is a difference in the kind of information that engineers will require in South America versus the U.S. or Canada. Because of this, she thinks that it makes sense to break out the routing groups into one for South America, one for the U.S., and one for Canada. She tells the administrators that even if they want to spread out administrative control over the servers differently than the way the routing groups are set up, the logical segmentation between countries seems to make business sense. There are a couple of WAN links that will need improving a bit, but overall the design seems to fit the logical layout of the company’s operations.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Deploying Foreign Connectors
369
Deploying Foreign Connectors
Deploying connectors to foreign e-mail systems in a native Exchange 2000 Server environment won’t be so difficult. Remember that Exchange 2000 only has connectors for Lotus Notes, Microsoft Mail, cc:Mail, and GroupWise. If you have a foreign messaging system other than these four, you’ll need to consult the vendor of that system for an Exchange 2000 connector to see if there’s a third-party solution available for you or to see if the X.400 or, better yet, the SMTP connector will work.
Microsoft Exam Objective:
Deploy routing groups and foreign connectors.
Alternatively, you may find that you need to keep one or two vintage Exchange 5.5 servers around to maintain connectors for foreign systems that are not available in Exchange 2000. PROFS or SNADS connectivity would be a good example of this need.
Connector Servers When you set up a server that hosts nothing but the connectors for an Exchange organization, you have set a connector server. Connector servers are commonplace in Exchange environments and help offload central mailbox and public folder servers from dealing with connectivity with other systems. Consider connector servers in high-traffic environments that have many servers and need connectivity to other messaging systems or in environments with many foreign messaging systems.
Legacy Exchange Server Connectors In a network where you have legacy Exchange servers that are running a connector that you can upgrade, there is a certain deployment path to upgrade the connector. First, assign a low cost to the existing Exchange 5.5 connector—10, for example. Next, you set up a separate Exchange 2000 Server that is going to be connected to the foreign system and install the connector on it,
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
370
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
giving it a high cost, say, 100. This way, Exchange will keep the legacy Exchange connector as the path for e-mail going to the foreign system. Now that you have both connectors running, set the cost of the two to the same number—in other words, set the cost of the E2K connector to 10 as well. Run this environment for a while, making sure that e-mail is flowing steadily through the new connector. Once you’re satisfied that the new connector is working, you can dismantle the older connector, either by uninstalling it or by taking the old server entirely offline and redeploying it. Figure 10.2 shows this methodology. FIGURE 10.2
Upgrading an Exchange 5.5 foreign system connector to an Exchange 2000 connector
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Deploying Foreign Connectors
371
Directory Replication Servers Something special happens when you upgrade an Exchange 5.5 server that is running a Directory Replication connector. The Site Replication Service (SRS) is installed on it—the assumption being that this server will continue to participate in directory replication duties. Be aware of this phenomenon at design time and be ready to configure it at installation time.
Design Scenario: Deploying E2K Servers to Host Connectors to Foreign Systems Alphonso is the messaging administrator for a large company that has several disparate messaging systems, among them: GroupWise, OfficeVision, and cc:Mail. It took some doing to introduce Exchange Server into the organization—Alphonso’s hope is that eventually all users will be on one unified messaging platform. Until that day, he must make sure that there is connectivity between the systems. Alphonso is upgrading his Exchange 5.5 system to Exchange 2000. There is no problem with the GroupWise and cc:Mail systems— Exchange 2000 has a connector for them. All Alphonso has to do is make sure that these systems are either upgraded very near the beginning of the cutover so that connectivity can be maintained or that some alternative allows the old system to function while Alphonso installs the new. Alphonso decides to set up new servers to handle the GroupWise and cc:Mail connectors. He goes through the cost-assignment trick (see the “Legacy Exchange Servers Connectors” section in this chapter) where you adjust the costs of the two connectors in such a way that you slowly phase the new one in and the old one out. Because OfficeVision is communicating with the Exchange 5.5 PROFS connector, Alphonso will have to maintain this connectivity until he comes up with a suitable workaround—either migrating all OV users to Exchange or finding a third-party connector.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
372
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
Deploying Administrative Groups
Where routing groups define the physical topology of an Exchange messaging system, administrative groups define the administration topology. You populate administrative groups with objects that have one purpose: permissions management.
Microsoft Exam Objective:
Deploy administrative groups.
An administrative group can contain any one of the following items: Policies Administrative groups don’t have to contain policies at all, but they can contain as many as you like. Routing groups Remember that the reason you create routing groups is to delineate the physical topology; you’ll use administrative groups to delineate who’ll manage these routing groups. Public folder trees You can create multiple public folder trees and then assign them to administrative groups for management. Monitors From legacy Exchange server deployments, monitors were used to keep status information about servers and links. Servers You assign a server to a given administrative group for management purposes. Conferencing services Use administrative groups to apply permissions to different conferencing services. Chat networks Adding different chat networks to different administrative groups allows you to apply a thick granularity to your management spectrum. When considering administrative groups, you should have distinct goals in mind. First, you might want to split the objects out into administrative groups for granting permissions to specific entities and for easier navigation. For
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Deploying Administrative Groups
373
example, an administrative group called East, which is populated with your eastern servers and their objects, is easily discernible from West. You might also choose to put your vintage Exchange sites into a distinct administrative group. Also, by creating administrative groups, you provide yourself with a way to easily move objects between groups. Note that administrative groups might be more of a “big company” kind of thing. That is, in smaller companies, you may not need to implement any administrative groups and the extra configuration and maintenance duties associated with setting them up. Keep in mind that Exchange 2000 will always create one initial administrative group called “site_name administrative group.” In larger companies’ Exchange deployments, it’s very typical to grant administrative control of an Exchange server in a remote geographic site to the administrator in that site. In a decentralized methodology such as that, it’s not uncommon for a centralized administrative body to set standards and policies but for the actual hands-on administration to happen at the local level. In a case like this, you can certainly design several administrative groups and apply permissions relative to the geographic deployment. Note that in such a case, the routing group topology might very closely follow the administrative group layout or might be completely different—relative, of course, to available bandwidth and the type of administrative control that it is desirable for a remote admin to have. You might also consider that in some environments, even though the remote admins have the actual physical control of the servers, the central administrative group sets the policies. Administrative groups in Exchange 2000 Server lend themselves nicely to this paradigm. You simply create an administrative group that contains the policy or policies for the entire organization and apply permissions to the central body that’s establishing policy, while granting other administrative permissions to the remote admins. On the other hand, you may have a larger company that you might think would be a logical fit for many administrative groups. But, with ample bandwidth connections and home-runs back to the headquarters site, it may very well be plausible that a larger institution might simply opt for one administrative group. So, in the designer’s world, it’s important to get a feel for the level of centralization/decentralization in any given environment, the wishes of the administrators relative to the management of the servers, and the buy-in of management before setting up administrative groups. Administrative groups will not have as clearly delineated boundaries as routing groups will.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
374
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
Design Scenario: Designing Routing Groups in a Large Network Maxim is the messaging administrator team lead for a large company that specializes in the manufacturing of network gear. There are several campuses in this company, spread all over the world. Maxim is the head of a centralized group of administrators that are responsible for obtaining the servers, configuring them, and sending them out to the remote administrators to deploy onto the network. Over the years, the remote administrators have tended to differentiate from one another in some of their business practices relative to the way they administer the servers. For example, some admins choose different mailbox size limits for their servers. As a result, some servers’ disks fill up faster than others and require more intervention. As Maxim creates his Exchange 2000 design, he sets up the routing groups so that they run along more physical boundaries than managerial. But as he goes about the business of setting up administrative groups, he sets up various permissions groups that essentially follow the old administrative layout, except he reserves one administrative group for policies. In this group, he gives his own team permissions to this administrative group in addition to permissions to the remote servers’ administrative groups. This way he can set up mailbox store policies where he can centrally control the mailbox size limitations for the entire enterprise.
Summary
In this chapter we’ve talked about design issues relative to deployment of routing groups, foreign connectors, and administrative groups. When considering routing groups, it’s important to realize that a routing group is designed more around a physical topology, not respective of the network wiring but of the permanence and reliability of the circuits. For example, it would not be a big deal to have servers in various remote geographic sites connected together in one routing group, as long as the connections are permanent,
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
375
reliable, and, preferably, high speed. Keep in mind that a bridgehead server is the server on which the Routing Group Connector has been installed. The Routing Group Master is the server that keeps track of link state information and may or may not be the same server as the bridgehead server. You’ll use SMTP to communicate between servers in a routing group and over the wire from bridgehead server to bridgehead server. If you have a poor, unreliable connection you’ll need to use the X.400 connector, and if you’re communicating with a vintage Exchange server running IMS, you’ll use the SMTP connector. Foreign connector design can be impacted from two different angles. First of all, if you’re maintaining connectors on legacy Exchange servers to systems that Exchange 2000 does not supply connectors for, you’ll have to consider either finding a third-party solution, keeping the old Exchange servers around, or possibly using the X.400 connector. You may also want to consider a complete move from the old system to the new Exchange system, in which case you do not need a connector. Keep in mind that you can create connector servers in the enterprise that do nothing but maintain connectors—they do not participate in maintaining mailboxes, public stores, conferencing operations, or chat networks. We also talked about administrative groups. Where routing groups basically follow some sort of physical boundary, administrative groups tend to revolve around the way that you’d like to set up permissions across the enterprise. There is a default administrative group named after the site, but you can add more. You can keep policies, servers, chat networks, conferencing services, monitors, and public folder trees in these administrative groups. From a centralized/decentralized perspective, it may be a good idea to set up one administrative group that is responsible for managing enterprise policies while utilizing others for the actual management of the servers.
Key Terms bridgehead server connector server routing groups SMTP connector X.400 connector
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
376
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
Review Questions 1. What sort of topology are you working with when you set up an
administrative group? A. Security B. Physical C. Geographical D. Foreign connector support 2. What sort of topology are you working with when you set up a routing
group? A. Security B. Physical C. Geographical D. Foreign connector support 3. What are some objects that can be placed in administrative groups? A. Servers B. Mailbox users C. Public store trees D. Routing groups E. Policies F. Monitors 4. Why would you use multiple administrative groups? Select all that apply. A. To establish a way that you can easily move objects between
administrative groups B. To create containers for keeping like objects C. To allow designers to group objects for assigning of permissions D. Mandatory for assigning permissions to routing groups E. To allow for a mapping container for vintage Exchange sites
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
377
5. When should you make a decision to create multiple routing groups?
Select all that apply. A. When separate sites are connected by unreliable links B. When there is a need to differentiate administrative personnel C. When you have legacy Exchange sites mixed with Exchange 2000
servers D. When you’re going across WAN links to get to another server 6. What foreign connectors are not supported in Exchange 2000? Select
all that apply. A. PROFS B. cc:Mail C. GroupWise D. MS Mail E. Pegasus Mail 7. Hernando is experiencing heavy periods of slowness with his
Exchange 2000 Server. The server has a few thousand mailboxes on it, plus it runs a chat network and has connectors to the cc:Mail and Notes networks. What could Hernando do to help solve the problem? Select all that apply. A. Dismantle the chat network. B. Host the chat network on another server. C. Create a connector server. D. Install the X.400 connector.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
378
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
8. If Exchange 2000 Server doesn’t have a supported connector for a foreign
messaging system that you need to connect to, what might be some alternatives you can look at to gain connectivity? Select all that apply. A. Install the X.400 connector. B. Convert users on the foreign messaging system. C. Install the SMTP connector. D. See if there’s a third-party connector program available. E. See if the company that manufactures the foreign messaging system
provides connectivity. 9. What can be set by mailbox policy within a policy-based administrative
group? Select all that apply. A. Mailbox limits B. Default address and phone numbers C. Mailbox alias D. Database maintenance interval E. When to run full-text indexing 10. What are the two chief server types called in any routing group? A. SMTP connector B. Routing Group Connector C. Bridgehead server D. Routing Group Master
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
379
Answers to Review Questions 1. A. An administrative group is designed for the purpose of managing
permissions for a given set of objects. 2. B. Routing groups are used in the physical topology where you have
well-connected, reliable, permanent connections between servers, regardless of whether they’re in the same building, on the same campus, or across WAN links. 3. A, C, D, E, F. Routing groups can contain servers, public store trees,
routing groups, policies, and monitors along with conferencing services and chat networks. They cannot contain mailbox users because they are a part of Active Directory. 4. A, C, E. In general, you’ll use administrative groups to provide a
method for you to easily move objects between administrative groups. You’ll also use them for assigning permissions to objects, and you’ll use them as a way of containing your legacy Exchange servers. They’re not the mandatory method for assigning permissions to routing groups, and you don’t create them for keeping like objects. 5. A. Routing groups are created when the connections between
Exchange 2000 servers are slow or unreliable. 6. A, E. PROFS and Pegasus Mail have no supplied Exchange 2000
connectors. MS Mail, GroupWise, and cc:Mail do. 7. B, C. The two best options would be to find a different place for the
chat network to live and establish a separate connector server. Both of these actions would help offload Hernando’s mailbox server. He should also check the CPU and RAM, as well as run System Monitor to see if the system is performing adequately.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
380
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
8. A, C, D, E. Because the X.400 standard is widely used, it’s very pos-
sible that the foreign messaging system allows for X.400 connectivity, which would allow for the installation of the X.400 connector and the possibility that the company that manufactures the foreign messaging system provides connectivity. You could also check to see if there’s a third-party connector that’s available. While it may be tempting to simply convert the users, that may be a formidable task that you need to undertake over time. The SMTP connector is potentially another very viable option. 9. A, D, E. Among the things that can be enforced by a mailbox store
policy are the mailbox limits for the organization, how often you’ll perform routine database maintenance, and full-text indexing. 10. C, D. The two server types that intertwine with one another in a
routing group are the bridgehead server and Routing Group Master. The bridgehead server is responsible for talking to other bridgehead servers in the network. The Routing Group Master is used for maintaining link state information. The two can be on one computer.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: RGC, AGC, and Foreign Messaging System Connector Management 381
I
n this case study we try to emulate the elements of designing an Exchange 2000 system that will require routing groups, administrative groups, and foreign messaging system connectors.
Background You’re a consultant who has been hired to design an Exchange 2000 rollout for a large firm that has multiple offices in cities all over the world. The majority of the offices are linked either through VPN installations or through WAN connections. You’re now planning the routing and administrative group rollouts as well as which foreign messaging system connectors you’ll need. The headquarters for this company is in New York City.
Current System The Exchange system will have servers in several locations throughout the world. Some of the Exchange servers are vintage Exchange 5.5 servers that will be eventually upgraded. Table 10.1 shows the locations where you have placed Exchange 2000 servers, the quantity of servers in each location, and the speed of connectivity with the rest of the network. TABLE 10.1
Exchange 2000 Server Locations, Quantities, and Speed Exchange 2000 Locations
Quantity of Servers at Location
Connectivity Type & Speed
South Africa
3
512K frame relay
Y
London
2
T1 frame relay
Y
Moscow
2
56K X.25
Y
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Admin on Site?
CASE STUDY
Case Study: Routing Group, Administrative Group, and Foreign Messaging System Connector Management
CASE STUDY
382
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
TABLE 10.1
Exchange 2000 Server Locations, Quantities, and Speed (continued) Exchange 2000 Locations
Quantity of Servers at Location
Connectivity Type & Speed
Admin on Site?
Brisbane
1
T1 frame relay
Y
Toronto
1
T1 frame relay
Y
Los Angeles
3
T1 frame relay
Y
New York
3
T1 frame relay
Y
Table 10.2 lists the places where you have Exchange 5.5 servers, the quantity at each location, and their connectivity speeds with the rest of the network. TABLE 10.2
Exchange 5.5 Server Locations, Quantities, and Speed
Exchange 5.5 Location
Quantity of Servers at Location
Connectivity Type & Speed
Admin on Site?
New York
2
T1 frame relay
Y
Los Angeles
1
T1 frame relay
Y
Omaha
1
256K frame relay
N
Chicago
3
762K frame relay
Y
Sao Paulo
2
VPN
Y
San Juan
1
VPN
N
Taiwan
1
56K X.25
N
Tokyo
2
T1 frame relay
Y
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: RGC, AGC, and Foreign Messaging System Connector Management 383
TABLE 10.3
Foreign Messaging System Locations and Connectivity Foreign Connector Location
Type of Foreign System
Connectivity Type & Speed
Admin on Site?
Salt Lake City
GroupWise
762K frame relay
Y
Milwaukee
Lotus Notes
T1 frame relay
Y
You have no unreliable connections to any of the sites, though two of the sites have very slow connections. All sites using VPNs are using hardware VPNs for their connectivity. All WAN connections are either frame relay or X.25. Each site that has more than one server has a dedicated administrator on site. For those sites that only have one server, there may or may not be a dedicated administrator. The company has a trained group of traveling administrators who are able to travel to different servers for maintenance. For those sites that have no administrator, there is a power user on site who can at least reboot the computer if need be.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
You also have some foreign messaging systems within the company that you need to eventually convert to Exchange 2000. For now you’ll have to supply connectors. Table 10.3 lists the cities that have foreign messaging systems, the kind of system in each city, and its connectivity with the rest of the network.
CASE STUDY
384
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
Questions 1. What special connectors, in addition to the standard Exchange 2000
connectors, will be required in this system? Select all that apply. A. cc:Mail B. GroupWise C. SMTP D. Notes E. X.400 2. How many routing groups will you have? A. 1 B. 2 C. 3 D. 4 E. 5 F. 6 G. 7 3. How many administrative groups will you need? A. 10 B. 11 C. 12 D. 13 4. What is the biggest single issue that you have with this deployment plan? A. Slow speeds at some remote sites B. Migration of Notes server in Milwaukee C. GroupWise server in Salt Lake D. Lack of admins in some remote sites
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: RGC, AGC, and Foreign Messaging System Connector Management 385
column and place them in the left column so that you come up with a completed design for this installation. Categories
Tasks
Administrative groups
South Africa
Routing groups
London
Foreign connectors
Moscow Brisbane Toronto Los Angeles New York Omaha Chicago Sao Paulo San Juan Taiwan Tokyo Salt Lake City Milwaukee
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
5. Looking at the table below, pick servers as needed from the right
CASE STUDY ANSWERS
386
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
Answers to Questions 1. B, D, E. You’ll need the GroupWise connector for the Salt Lake office.
The Notes connector is required for the Milwaukee office. The slow connections will require the X.400 connector. Note that any Exchange 5.5. servers that are running IMS can connect using the SMTP connector instead of the X.400 connector. 2. C. You’ll need three routing groups: one for the higher-speed sites,
and one for each of the low-speed sites. If the low-speed sites were fully meshed (i.e., connected together in some way), you’d only need one routing group for them. 3. C. You’ll need an administrative group for each of the sites that have
a local administrator, and you’ll need an administrative group for the sites that lack a local administrator. In the last administrative group you can also add in New York, because the central admin team will doubtless be handling the remote sites. You can also add to this administrative group policies that will apply to the entire messaging enterprise. 4. B. This question is more subjective than others. The slow remote speeds
are a problem, but they’re a problem you can live with (that is, your users can live with). Notes servers can become big entities, especially if Domino is involved and some specialization programming has gone on. You’ll have to investigate converting any applications that may have been written—it’s not as simple as just nailing up the connector and forgetting it. If you truly want a homogeneous E2K site, this is your big problem area. The GroupWise box isn’t nearly as problematic to convert, though you need to realize that both sites will need a secondary server for the conversion. You probably won’t be able to simply install E2K on these servers. Lack of remote admins isn’t typically a big deal, unless you’ve got a language problem or users who have unusual access to the server and tend to try to cowboy around with it.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: Routing Group, Administrative Group, and Foreign Messaging System Connector 387
CASE STUDY ANSWERS
5. See chart below.
Task Categories Administrative groups South Africa Moscow London Brisbane Toronto Los Angeles New York Chicago Sao Paulo Tokyo Salt Lake City Milwaukee Routing groups New York Taiwan Moscow Foreign connectors Salt Lake City Milwaukee
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
388
Chapter 10
Implementing Groups in Your Exchange 2000 Server Messaging Solution
In the list you can see the disparity with which we’ve applied administrative groups relative to site locations. You may be a bit surprised by some of the geographic separation you see, but upon drawing out a given enterprise, you may find in your own E2K design that puzzle pieces don’t always fit where you think they should. Wrap Up: Probably the most important design consideration in this chapter centers around the need to differentiate between the physicality concept that entails routing groups and the administrative concept that is at the heart and soul of administrative groups. This is certainly a nebulous idea, especially for those new to enterprise concepts, and yet it’s an important one. You’re not limited in the way that you can separate your administrative capabilities by the physical makeup of the network. Careful design of Administrative and Routing groups is an important step. Additionally, don’t underestimate the needs of users who are involved in foreign messaging sites. Converting foreign messaging system users to a new Exchange system can be a long, difficult task that requires lots of planning.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Chapter
11
Planning Deployments of Various Messaging Clients MICROSOFT EXAM OBJECTIVE COVERED IN THIS CHAPTER: Plan deployments of messaging clients, such as MAPI, IMAP4, POP3, and HTTP mail. Considerations include policies, profiles and server scaling.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
I
n this chapter we’ll talk about planning the deployment of clients. We’ll cover the actual choosing of clients—determining which will work best for you in the various climates in which your messaging environment may operate.
Messaging Clients
W
ithout a messaging client, you’d probably agree that it’s difficult to get any e-mail! But in this day of disparate systems, clients come in all types, so it’s important for us to understand what clients can interoperate with the Exchange 2000 system.
Microsoft Exam Objective
Plan deployments of messaging clients such as MAPI, IMAP4, POP3, and HTTP mail. Considerations include policies, profiles, and server scaling.
Messaging Application Programming Interface (MAPI) In the majority of organizations, the most common client will be the Messaging Application Programming Interface (MAPI) client. The old Exchange client, as well as all varieties of the Outlook client, are MAPIbased and will play in the sandbox nicely with Exchange 2000. Other foreign messaging system clients, such as the GroupWise client, are also loosely MAPI-based and may or may not work okay, though they would represent an odd choice for communication with a native Exchange 2000 system. You’d only encounter such clients in a situation where you’re
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Messaging Clients
391
maintaining a foreign messaging system—either permanently, or until you get a chance to cut the users over to E2K.
Note that the GroupWise client 4.1 and higher is MAPI-compliant. See http://support.novell.com/cgi-bin/search/searchtid.cgi?/ 628692.htm for more info.
The first design decision you’ll make is which MAPI client to deploy. In shops where you’ve already got Outlook 97 or 98 running, you may decide that you don’t need to do anything. That’s basically true, but it’s still worth your while to investigate whether you should upgrade your clients to Outlook 2000. The interface, though primarily looking the same, is easier to use, and Microsoft designers have tried to make the product act more responsively and be more in line with the way users think. So, while you’re in the middle of an E2K rollout, consider upgrading the clients to Outlook 2000. Note that if you install the latest and greatest, all of the security patches are already applied, and users may be shocked to find they’re no longer getting certain attachments. When it comes to the question of deploying MAPI clients, you’re left with a very elemental question: How do I get this software to the desktop? Perhaps the client is already there, in the form of an older version (Outlook 97 versus Outlook 2000, for example). Or perhaps you need to change out a foreign system’s messaging client for Outlook. But in any case, you’ve still got to figure out how the software is going to get to the desktop. Your first inclination may be to simply visit each computer and install by hand. That’s probably fine in a shop with 100 nodes or so. But suppose that you have many thousands of clients to deploy. Now you’re faced with a much larger logistical problem. You have some workarounds at your disposal: Windows 2000 Software Installation and Maintenance If all of your clients are running Windows 2000, you could opt to install Outlook using Windows 2000’s software installation feature. You’d prepare the Outlook 2000 package using the Office 2000 Installation Wizard, then send it out to the Group Policy Objects that needed to receive the software. Software that can utilize the Windows Installer will work with this technique. You have two choices of installation when using the Windows 2000 software installation method: You can opt to have the package show up on the user’s Start menu, whereby when clicked it installs itself and then runs. Or you can have it placed in the user’s Control Panel Add/Remove Programs applet where it can be added at the user’s leisure. For more
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
392
Chapter 11
Planning Deployments of Various Messaging Clients
information on this technique, visit the Microsoft Windows 2000 Web site at www.microsoft.com/windows2000 and perform a query on the string “Software Installation and Maintenance.” Systems Management Server Microsoft Systems Management Server (SMS) is an ideal choice for pushing out Outlook updates to clients. Office 2000, the parent to Outlook 2000, includes a package definition file (PDF or SMS file) that can be used with SMS 1.2 or 2.0 to send Outlook 2000 to clients. (Because of the obvious conflict with Adobe and their PDF file format, Microsoft changed the package definition file extension from PDF to SMS in SMS 2.0.) For SMS 1.2 look for the files Outl2000.pdf and Outlspec.ini. For SMS 2.0 use Outl2000.sms. The concept behind a PDF or SMS file is that you’ve got all of the predefined configuration settings you need to be able to send a package to a group of users. You can modify the files if you need a bit more customization, but generally these files make you good to go for sending out installation packages to users. (The next big trick is teaching users how to correctly receive and install the packages, but that’s another book and another time.)
Novell ZENWorks does some of the same things SMS does. You can get more info on it at www.novell.com/products/zenworks.
You can also use SMS to send out patches and updates to your messaging clients, something you cannot do with Windows 2000 Software Installation and Maintenance unless you somehow create an MSI-based package to use with SI&M.
Because Outlook 2000 is part of the Office 2000 suite, if you decide to go forward with the Outlook 2000 client as your MAPI client, you’ll be looking at some upgrade bucks if you’re not already on Office 2000. There are many good reasons for going forward with an Office 2000 rollout beyond the messaging client, however. You’re not married to Outlook as your only MAPI client. For example, you might want to opt for a different MAPI client if you have budgetary problems. There are other third-party clients that will happily play ball with Exchange Server. Eudora, for example, is a MAPI client that could connect
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Messaging Clients
393
to the Exchange servers. You could use an SMS package to send the Eudora client to target workstations. You might also be able to kick off the installation program through a call from a logon script. Or you might try the old visit-each-workstation method.
Remember that all incoming Internet e-mail destined for MAPI clients is kept in the STM file in SMTP format and isn’t converted to MAPI format until an Outlook client requests it.
Design Scenario: Deploying the Outlook 2000 Messaging Client Luther is an SMS administrator in a midsized organization of about 2,000 computers that is currently undergoing an upgrade from Exchange 5.5 to Exchange 2000. He has a solid SMS 2.0 installation and is accustomed to regularly using it to deploy packages to users. Luther is interested in the granddaddy of packages—the Office 2000 package—and is heartened when Elsie, the messaging administrator, approaches him to ask if he’d upgrade all users to Outlook 2000. Luther tells Elsie that Outlook 2000 is part of the Office 2000 suite and asks if it would be all right if he deployed Office 2000 instead. She says this is fine with her. Currently, all users are utilizing Outlook and Office 97. Luther prepares a package on a reference computer that matches the look and feel of the client computers. He performs an Office upgrade that removes the old Office software. Once the package is prepared as a stand-alone executable, he sends it out to target groups a little at a time so that he doesn’t overload the SMS system or the network. The entire deployment, from the time he begins packaging to final deployment, takes about 10 weeks to complete.
IMAP4 Deploying an IMAP4 client (Outlook 2000, for example) means that the server is going to act in a little different capacity than it might in native Exchange SMTP mode. For starters, you’ll be using the default IMAP4
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
394
Chapter 11
Planning Deployments of Various Messaging Clients
instance and possibly new instances that you create as well. Your goal for using IMAP4 will be more intranet/Internet-focused than for a standard MAPI client, because you’ll be drawing from a different information store than a MAPI client would. If you deploy Outlook 2000 to your IMAP4 clients, you’ll need to set them up with an Internet-only connection, not the standard Exchange server connection (corporate/workgroup mode). You’ll point the client to the IMAP4 instance on the Exchange server. You would want to deploy IMAP4 clients when you have roving users who log on to computers all over the place but who need to regularly connect to their e-mail. The e-mail stays up on the server and provides several key advantages over POP3:
Users can perform a keyword search on their e-mail.
Users can access more than one e-mail folder.
Users can set read and unread flags on messages.
Users can choose to download only certain messages and keep others on the server.
Users can choose to download only a certain part of a message, keeping the rest on the server (something Outlook MAPI clients cannot do).
Message headers can be read instead of the entire message (saving on bandwidth).
Users can access public folders.
Outlook 2000 is not the only IMAP4 client out in the world. There are many to choose from, some of them free or available at very low cost. You might opt to deploy IMAP4 in an environment simply for the cost savings and robust functionality that it introduces to users. In the sense that Outlook 2000 is groupware and provides multiple features in one package, note that you might lose some of these features if you opted to not utilize Outlook and go with a different client.
POP3 You might have a question in your mind as to why you’d want to deploy POP3 clients. Maintaining a POP3 instance for Web users sounds reasonable, you might reason, but why use POP3 clients?
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Messaging Clients
395
Design Scenario: The Factory Worker Solution Neda is a messaging administrator for a large manufacturing concern. There are several different factory buildings that house great quantities of specialized machinery developed specifically for routinely cranking out the products that Neda’s company sells. Plant managers, operations specialists, assembly line supervisors, and others must receive periodic e-mail documents plus be able to check a special public folder tree for daily manufacturing numbers. The recipients of these e-mail documents are roving users, and the computers they utilize are positioned as walk-up terminals in various places throughout the factory buildings. Because of this, Neda thinks it makes sense to set up a front-end server that receives the user’s request to connect to a mailbox, then maps that person to a back-end server where the mailbox is actually stored. The walk-up computers are not robust and cannot be used to host Outlook 2000. This design means that Neda doesn’t have to physically map the user to a specific Exchange server, and she has the ability to move mailboxes easily from one server to another. Since users tend to transfer around a lot, this will greatly assist her in her work and is a pleasant benefit to the design. Neda decides to use IMAP4 for these clients, and proceeds to set up the front- and back-end servers. She also procures an inexpensive shareware IMAP4 client that will meet the needs of the factory users and then proceeds with her rollout. She sets up an IMAP4 protocol instance for each factory building so that the e-mail and statistics sent to a user aren’t likely to be confused with what is intended for a different factory building. Neda notes that the shortcoming of the IMAP4 methodology is that the user cannot send e-mail back to a sender without using SMTP, but the client she procures does support SMTP and is therefore able to reply to e-mail.
A POP3 postoffice is merely a repository for e-mail until the POP3 client connects and downloads the mail to the local machine. POP3 is intended for resource-poor computing environments where the connection is slow or the client computer isn’t robust enough to handle a full-blown MAPI client. In today’s technological climate, it would be akin to using your modem to dial a Bulletin Board System (BBS) instead of using the Internet. You’re simply dealing with old technology with the BBS, as you are when using a POP3 client.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
396
Chapter 11
Planning Deployments of Various Messaging Clients
Typically, a POP3 client must download all of the e-mail, then log off before reading it. Note that Exchange Server allows POP3 clients to download only a part of the e-mail. This is not typical in other POP3 implementations. Outlook or Outlook Express will act as POP3 clients. Because Outlook Express comes with Internet Explorer, in a pure POP3 environment your work may already be done for you if users are already running IE—provided, that is, that the IE installation you perform includes Outlook Express. Your users can launch Outlook Express and connect to the server to download their e-mail. If you have to install Outlook, you have the methods we spoke of above: visiting each PC and installing by hand, using a systems management software component of some kind to download the code automatically, or setting up some sort of logon script installation process. The size of the network will have a lot of power in determining your choice of method to accomplish your goal. In larger enterprises, it won’t make sense to visit hundreds or thousands of computers. You’ll have to come up with a better workaround than that. Setting up and maintaining a fully functional systems management paradigm requires good project management skills, lots of training, and the ability to consistently monitor the system. Logon scripts can be hit-or-miss as to whether they get the job done for you or not.
Note that without SMTP, POP3 clients cannot send e-mail; they can only receive it.
But a more important question is this: Should the clients you’re considering for POP3 service be able to use a more robust e-mail methodology? Groupware, for example, can bring colossal increments in productivity to workgroups. Maybe those clients for whom you’re thinking about using Outlook Express and POP3 could actually benefit from a full-blown MAPI client instead.
HTTP Deploying HTTP clients means that you’ll have to somehow get a Web browser to them. With Internet Explorer, you can use the Internet Explorer Administration Kit (IEAK) to create a customized browser that has all the settings and features you want to give to users, and then use a systems management tool to deliver the browser.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Messaging Clients
397
Design Scenario: Leveraging and Deploying POP3 Dominique is an administrator for a large governmental institution. She has a variety of users who are required to work on all sorts of computing equipment—everything from dumb mainframe terminals to much older computer gear. There are lots of 486s still being used and even some 386 computers. Dominique is rolling out Exchange 2000 into the enterprise. She has to be able to provide a method for users who are on older equipment to still be able to receive e-mail, even though the computer they’re working with doesn’t have the horsepower to run today’s more modern office automation or e-mail software. It would be impossible to install Windows 98, Internet Explorer 5, and Outlook 2000 on a 486 with 16MB of RAM. Dominique decides that a good way of getting some form of e-mail client on these older computers would be to use the POP3 methodology with a nice, light little POP3 client—preferably of the freeware or shareware variety. She looks on the Internet, finds a suitable lightweight POP3 client, and installs it on the computers that need it. Users on these computing systems are able to receive e-mail and can even reply and send e-mail out using this thirdparty client’s SMTP capabilities. These POP3 clients cannot access public folders.
This is all way harder than it sounds. Packaging IE, especially when you’re going to be sending the package to NT or 2000 clients, can be tricky because the IE installation requires a reboot of the computer. And the installation package also requires administrative rights to the local box to get the software installed. There is a sample script on the Microsoft Web site that shows you how to write an Installer script (Installer is the package generation utility included with SMS) to develop a package that will do this. It does all kinds of fancy things with Registry entries and setting up autologon accounts—so read the script carefully. You’ll also have to be careful to watch for the various IE updates that come out, and be prepared to send those out to users as well. A robust systems management deployment is your best bet to help you get these kinds of packages going. IEAK is tricky, too, especially in an NT or 2000 lockdown environment. Often, applying changes to a browser that has been customized through the IEAK means that you’ll have to rerun the IEAK to incorporate the new
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
398
Chapter 11
Planning Deployments of Various Messaging Clients
changes, and then reship the browser to users. It may not be as easy as simply sending a service patch or security update to the computers that require it. Keep in mind that, just as with IMAP4 and POP3 clients, you’ll have to come up with a way to configure the clients so that they can access the e-mail server. In the case of IE, all you’ll really have to do is put the URL for the e-mail server’s location into the Favorites list for the clients. Then, when users need to hit the e-mail server, they simply pull it from Favorites and they’re off to the races. Users must also be trained in how to access OWA. You’ll most likely utilize HTTP clients in telecommuting scenarios where you have users RASing or coming in through a VPN to access their e-mail. In such a case as this, you should leave it up to the user to install his or her own preferred browser and simply supply a sheet that instructs users how to log on to Outlook Web Access (OWA) once they’ve accessed the system via RAS. Keep in mind that if you create multiple public folder trees for whatever purpose, they cannot be accessed by MAPI clients and must be accessed by either HTTP, IMAP4, or NNTP users.
Design Scenario: Deploying HTTP Clients Frederick is a messaging administrator for a large food company. There are several warehouses spread out all over the city. Many people in each warehouse need to access the e-mail system. Frederick does not want to put e-mail servers out in each site, nor does he want to go to the trouble of installing Outlook on each computer in each site. The computers all came preburned with Windows 98 and IE 4. Frederick simply sets up e-mail accounts for all users that will be accessing the mail system. He then prepares a training tutorial document that shows them how to access their e-mail and sends it out via company mail to the holders of the various e-mail boxes. Some users don’t quite understand how they’re supposed to access their e-mail, so in a handful of cases he either has to drive to the site and help them out or recruit a power user from the warehouse to instruct people in how it works. After a couple of weeks of this kind of activity, everyone now seems to be able to access their e-mail via OWA, and all HTTP users are satisfied.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Policies and Profiles
399
Policies and Profiles
In deploying specific kinds of clients, you may want to consider separating out the various protocol implementations into different storage groups and then applying administrative policies accordingly. For example, you may have a situation where a given administrator handles all the HTTP load (such as a Webmaster who’s handling the administration of all incoming Internet e-mail to a dedicated mailbox store). In a case such as this, you might want to consider a separate storage and administration group with its own policies. Exchange 2000 provides the kind of granularity you need to be able to specifically fine-tune for instances such as this. Outlook 2000, and earlier versions of Outlook as well, utilize the concept of a profile. A user working on a computer and using Outlook to access the Exchange server must have a profile created for him on the computer. You cannot go to another computer, log on, and bring up e-mail without first creating a profile for yourself on that computer. This process is further compounded by the fact that the user may not have sufficient rights to create the profile for himself. To accurately deploy profiles to all new Outlook users, it may be well worth your while to investigate some programmatic method of automatically creating the profile on the user’s computer at logon time. You may also be able to create an Outlook package to download through systems management software, which will create the profile as it installs Outlook. Profiles will affect you in a different way if you have applications that need to use the Exchange SENDMAIL command—a command-line utility that’s designed for scripts and programs to be able to programmatically send e-mail. Suppose, for example, that you have a Visual Basic client/server application that a programmer has written. The programmer desires that the server portion of the application e-mails administrators and development staff when certain processes have a problem. The programmer can use SENDMAIL to do so, but note that the machine that will be using this command must have a profile set up so that it can access the Exchange server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
400
Chapter 11
Planning Deployments of Various Messaging Clients
Design Scenario: Deploying Outlook Clients Susan is the administrator for a new dot-com company. There are about 200 computers that will eventually have a person sitting at them, though the company is just now in the throes of staffing up. She is starting to bring up Exchange 2000, having finally worked her way through the Windows 2000 installation and getting all of the bugs worked out of server OS deployment. Susan knows that she wants to deploy Outlook 2000 to all desktops for e-mail. She has no systems management software in place at this time, so she’s resigned to visit each desktop to install the software. Susan’s trying to figure out how to create a profile on the computer when she installs Outlook 2000. In other words, how do you create a profile for somebody who hasn’t been hired yet? You don’t know their name, don’t have a user account in the database, and hence nothing with which to tie the profile to the server. In a situation such as this, there is nothing that Susan can do to solve the profile problem. She can install the Outlook 2000 on the computers, but until she has a person using a computer, she cannot create a profile on that computer for that person. She’ll have to wait until people are hired so she can create the account in AD then go create the profile on their desktop. Alternatively, she could consider NEWPROF.EXE or PROFGEN.EXE, tools that come with E2K, or she could use the commercial tools that will perform the same functions.
Server Scaling
S
ervers that are going to be running multiple instances of varying e-mail protocols might need to be upgraded to support the additional load that these new protocol instances will place on them. It’s to the designer’s benefit to try to estimate the kind of load that will hit a given server, and then either upgrade the current server or replace it as needed. With Exchange, everything is intensely used: disk, memory, and CPU, mostly in that order. So, if anything, it’s beneficial to overengineer the computer rather than underengineer it.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Server Scaling
401
There are some tools that you can use to manage your Exchange 2000 servers. The quickest, handiest tool is Task Manager. Simply right-click the open taskbar and select Task Manager from the popup. The Performance tab will reveal how much physical RAM the system has and how much it’s actually using. Anything over physical RAM is being paged to disk—a very slow process that will dramatically impact the performance of the server. Exchange 2000 also comes with some System Monitor (the equivalent of the NT Performance Monitor) counters that are added to System Monitor at Exchange installation time. Between System Monitor and Task Manager, you should be able to get a good feel for how well the server is running. You may have to utilize a network sniff when the server appears to be running okay but your users are still having performance problems with it.
Design Scenario: The Straw That Broke the Server’s Back Andre is a messaging administrator for a large company that has two enterprise-class servers in the messaging farm. Both of these servers are multiple-processor computers with a gig-and-a-half of RAM apiece, plus RAID-5 disk arrays to handle the databases. Still, even with the advanced hardware, these servers are at the point where any more load would begin to unduly labor them. Management wants to install some third-party list server software on one of the two servers so that marketing can send out “blast e-mails” to all of the company’s current customers and to visitors who’ve hit their Web site. Andre doesn’t feel that either server will be able to handle the additional load that a list server will put on them. Both servers are running at about 80 percent of their physical RAM most of the time. CPU usage hovers around 20 percent and spikes to 80 percent from time to time. The disks aren’t terribly full, so there’s some room there. Andre recommends that the company purchase a third server whose function would strictly be to provide list server services.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
402
Chapter 11
Planning Deployments of Various Messaging Clients
Summary
In this chapter we’ve talked about deploying various clients to the user base that’s going to be utilizing Exchange. There are different methods at your disposal for deploying clients, among them:
Visiting each PC one at a time to load the correct client software
Deploying via systems management software such as SMS or ZEN packages
Deploying the use of Windows 2000 Software Installation and Maintenance packages (which would require that all machines in the client base you’re installing to are Windows 2000–based)
Utilizing logon scripts to download the client software
IMAP4 and POP3 clients do not necessarily have to be Outlook or Outlook Express–based, though these two software programs will indeed support both IMAP4 and POP3. You could use some third-party client to accommodate your needs. With a MAPI client, you’ll generally pick something that’s robust and supports groupware. Probably the best client to use with Exchange 2000 will be Outlook 2000. Internet clients will generally use a browser to access OWA via HTTP. You can separate the various protocol instances into different storage groups so that you have very fine granularity that you can apply to the administration of the stores and their policies. Outlook users require a profile to be created on their computer before they can access the Exchange server for their e-mail.
Key Terms SENDMAIL Systems Management Server (SMS) ZENWorks
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
403
Review Questions 1. When people access an e-mail database, download their messages,
empty the database of their messages, then log off to read them, what protocols might they be using? Select all that apply. A. POP3 B. IMAP4 C. HTTP D. MAPI 2. Which of these client software programs can be used to access a POP3
mailbox? Select all that apply. A. Eudora B. Outlook Express C. Outlook 2000 D. Internet Explorer 3. You have a large client base of several hundred users that need to have
a GroupWise client removed and Outlook 2000 installed. What would be the best methodology to use to accomplish this? A. Logon scripts using VB Script logic B. Personal visit to each computer C. E-mail each user with a script that handles the client removal and
installation components D. Systems management software 4. What protocol does Hotmail use to allow Internet e-mail visitors to
download their e-mail? A. MAPI B. IMAP4 C. HTTP D. POP3
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
404
Chapter 11
Planning Deployments of Various Messaging Clients
5. You’d like to apply limitations to a certain store so that users utilizing
the IMAP4 protocol are allowed to use the store but no other stores in the organization. What technique can you use to accomplish this? A. Put new store in a separate administration group B. Create a new storage group C. Create a policy specifically for this store D. Modify permissions for this store 6. Suppose that you have an E2K deployment that requires access to both
an IMAP4 and POP3 store. What messaging client(s) protocols could you use to accomplish simultaneous access to both? A. IMAP4 B. POP3 C. MAPI D. HTTP 7. An Internet (HTTP) user composes an e-mail and sends it to an Out-
look 2000 user within your corporate network. What protocols will the user need to use to be able to read the e-mail? Select all that apply. A. HTTP B. IMAP4 C. POP3 D. MAPI 8. The server that you’re currently using for Exchange 5.5 will be required
to host IMAP4 and HTTP clients. As the server’s memory is almost full and barely handling the traffic now, you’re not sure the server will be able to handle the load. What are your options? Select all that apply. A. Upgrade the server’s RAM B. Add disks to the server C. Add a second CPU D. Move some of the operations to a second Exchange server
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
405
9. Select the protocols that an Outlook client can use to access
Exchange stores. A. POP3 B. LDAP C. IMAP4 D. HTTP E. H.323 F. MAPI G. FTP 10. Suppose that you have many mainframe users that are being converted
from old dumb terminal environments to a diskless workstation that boots from a BootP session on the NT network. You want to be able to provide these users with an e-mail client. Which client might be the best choice for such a situation? A. POP3 B. IMAP4 C. HTTP D. MAPI
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
406
Chapter 11
Planning Deployments of Various Messaging Clients
Answers to Review Questions 1. A, B. POP3 and IMAP4 clients access a message store to retrieve
their e-mail messages, which are then downloaded to the client. They are no longer in the message store itself. There are variations to this methodology, such as Exchange 2000’s capability of keeping some messages on the server while the user reads others. 2. A, B, C. Internet Explorer uses HTTP to access a mailbox and can
access POP3- or IMAP4-based postoffices. 3. D. The best approach in a situation like this is to use some form of
systems management software, probably either SMS or ZEN. You’d have to prepare a package to accomplish this mission. Your package would first remove the old client, probably reboot the computer, and then install the new client. Tough package to create? Yes. Best approach? Yes. 4. C. Hotmail allows Internet users to utilize the HTTP protocol to
access their e-mail. The look and feel is sort of like a POP3 or IMAP4 postoffice, but truly uses HTTP. 5. B. You should probably consider setting up a separate storage group
for this store. Once the storage group is created, you can apply policies, administrative groups, and permissions to it. 6. A. Only the IMAP4 client can access both POP3 and IMAP4 stores
simultaneously. 7. A, B, C, D. Recall that as e-mail comes into an Exchange store, it’s
first kept in the STM file, regardless of its content. When a MAPI client requests the file, it’s converted and sent to the client. Thus, an Outlook 2000 user could easily read Internet e-mail composed and sent via HTTP. But an Outlook 2000 client can use any of the above protocols to obtain the message and read it.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
407
8. A, D. The server’s memory is the problem. It’s RAM-starved. You’ll
either have to add RAM to the server or offload some of its processes to a different machine. If you opt to upgrade the server’s RAM, it’s not a bad idea to make sure its disk and CPU needs are met as well. 9. A, C, F. Outlook can utilize POP3, IMAP4, and MAPI to read e-mail.
LDAP is the standard used in Active Directory. H.323 is a standard for audio- and video-conferencing. FTP is used for uploading or downloading files over the Internet. 10. C. Generally, there is some sort of browser-based interface associ-
ated with these new diskless workstation machines. The machine boots to the network, contacts a BootP NT or 2000 box, gets its IP configuration information, and it’s away to the races. The clients on these computers can map to a network share for the saving of files or documents. In a browser-based environment, the HTTP protocol would probably be the best fit for a group of user such as this.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
408
Chapter 11
Planning Deployments of Various Messaging Clients
Case Study: The Urban School Need
In this case study you’re faced with the possibility of having to deploy a client other than the standard MAPI client.
Current System You work for a large city school district. Most of your Exchange users are MAPI Outlook clients. Your school district has recently entered into a relationship with an independent entity called The Urban School (TUS) that provides education to urban kids that need an extra leg up when it comes to getting a solid education. For example, TUS has a 1:10 teacher-to-student ratio, much smaller than the average school district’s classroom size. The school does a lot of IT education, hoping to provide a way that less-privileged kids can gain a technical education that will help them find good-paying productive jobs with which they can support a family. TUS is teaching these students about e-mail and have requested that you create an e-mail address for each of the students and provide a way that the students can access the e-mail server. The school district has provided a point of presence (POP) for TUS to connect to the school network, but it will not supply computer equipment to TUS. The TUS school relies on donations from corporations for their computer equipment, quite successfully so. As a result, they have Pentium 90s and other older equipment with small hard drives and very little RAM. Your job is to provide some method for these students to be able to interface with the Exchange server and utilize e-mail functionality.
Student Requirements If possible, the students would like some groupware functionality. Additionally, it’s a policy of the school district to separate schools out in any e-mail capacity so that students aren’t tempted to spend class time chatting with students in other schools. TUS Principal “I know our equipment is older, but if it’s possible could you provide calendaring capabilities and maybe even access to public folders?” Superintendent of Schools “Anything we can do to help these kids with today’s technology would be a big plus. They should be able to access our intranet.”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Urban School Need
409
1. What messaging client protocol would be the best fit, given the
constraints, requests, and requirements? A. POP3 B. IMAP4 C. MAPI D. HTTP E. NTTP 2. How will you meet the requirement to separate the students from
other schools in the school district? A. Create a separate administration group B. Create a separate storage group C. Create a new HTTP instance D. Set up a system policy E. Can’t be done 3. By choosing the option that you chose above, what will you avoid
having to do to each computer? A. Install the client B. Set up a profile C. Set up user names D. Apply workstation policies 4. Should you add an Exchange server at the TUS site? A. Yes B. No need C. Depends on health of other Exchange servers D. Not enough information in this case
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Questions
CASE STUDY
410
Chapter 11
Planning Deployments of Various Messaging Clients
5. Looking at the following table, from the right-hand column pick client
software examples and place them in the left-hand column to match the protocols they’ll support. Protocols
Client Software
POP3
Outlook
IMAP4
Outlook Express
MAPI
Exchange client
HTTP
Internet Explorer GroupWise client Eudora
6. How will you deploy this software? A. SMS B. ZEN C. Logon scripts D. Manually E. No deployment necessary
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Urban School Need
411
1. D. Though the machines are old, they’re not that old, so you could
potentially get away with installing an old Outlook or Exchange client. (There might be one installed already, who knows?) But if you’re starting from a raw Windows 95 installation with no client to work from, your best bet is to supply a browser on these computers and allow users to access their e-mail via OWA. They’ll have calendaring and public folders capabilities, along with the ability to hit the intranet. 2. C. The easiest way to segment user populations is to set up a separate
storage group. However, this does not prevent other usernames from being published in the GAL. Create a new HTTP instance for this specific group of users. 3. B. Outlook and Exchange clients require that a profile be created on
each computer for each user that will access e-mail from that computer. Because of this, HTTP connectivity with a browser is an excellent client choice, especially in an environment where you have many different people using the same machine at different times. 4. C. The decision to scale an Exchange server depends on its current
health: its RAM, disk, and CPU activity. You can use System Monitor to get a more thorough view of the health of the server as well as periodically checking Task Manager to see how it’s behaving. It won’t take you very long to figure out if the server needs help from an upgrade or a second computer.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
Answers to Questions
CASE STUDY ANSWERS
412
Chapter 11
Planning Deployments of Various Messaging Clients
5. See chart below.
Protocols POP3 Outlook Outlook Express Exchange client Groupwise client Eudora IMAP4 Outlook Outlook Express Exchange client Groupwise client Eudora MAPI Outlook Outlook Express Exchange client Groupwise client Eudora HTTP Internet Explorer 6. D. You’ll probably wind up having to personally visit each machine
to make sure IE is installed and working correctly. After that, all you have is a training issue to make sure students understand how to correctly access OWA.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Urban School Need
413
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
Wrap-up: Deploying clients is simple. Time-consuming, yes. But usually very straightforward. The only place the newbies to Exchange Server typically get in trouble, from a client perspective, is in understanding that you need to set up profiles for users on each machine when you’re dealing with the Outlook or Exchange clients. You should not rush headlong into a deployment of SMS just so you can get client deployments done! Systems management software requires as much (usually more) project management and planning than even an Exchange server rollout does.
Chapter
12
Implementing Exchange 2000 Server in a Cluster MICROSOFT EXAM OBJECTIVE COVERED IN THIS CHAPTER: Deploy an Exchange 2000 Server messaging solution in a cluster.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
O
nce a manager was overheard to say that e-mail wasn’t mission-critical. Perhaps you’ve had someone tell you that. It’s an outrageous statement, and one that just isn’t true. Today’s e-economy requires e-mail to function! In some cases, if the e-mail isn’t running, the business isn’t making money. That’s the purpose for this chapter in which we concern ourselves with the high availability of Exchange 2000. We should first point out that there is a difference between high availability and scalability. High availability means that the servers are available the vast majority of the time with extremely little downtime. Scalability means that computers or additional resources can be added to the cluster server farm to enhance the processing capabilities of the cluster.
Introduction to High Availability
W
indows 2000 Advanced Server supports two different variations of high availability mechanisms: Clustering and Network Load Balancing (NLB). It is the only version that supports clustering and NLB. With clustering, you have two or more servers physically connected together by cabling and logically connected together with clustering software. When you have a group of computers working in a cluster, each server is called a node. The cluster is seen by users as one system with one name and typically one IP address. Administrators manage the cluster as one system through cluster management software. Network Load Balancing is used when you want to distribute client connections for application processing across multiple servers, as in the case of a Web server farm. Each server in the NLB farm has a weight and handling priority given to it through what are called port rules. Thus you can streamline
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction to High Availability
417
the operation so that weaker servers don’t have as much load as stronger ones, although all servers in the cluster are participating in client interaction. It is important that you understand when you should install an NLB solution and when you should utilize clustering. In some cases, one technique has advantages over the other in terms of which method will be supported by the software that’s going to be made highly available.
Network Load Balancing (NLB) You attain several wonderful features with NLB. For example, you don’t have to come in at 3:00 A.M. to do repairs in order to be assured that no one is on the server during the outage. In an NLB setting, you simply take the ailing server offline and repair it. The NLB software performs a function called convergence and continues providing services to clients while the one machine is offline and being repaired. Convergence requires that all decisions be deigned to a default host, the server that has the highest priority in the NLB cluster. Additionally, you gain the ability to load balance the servers. Another advantage is that you can easily add servers to the farm. And you can set up scripts and utilize shell commands to stop, start, and control the actions of the NLB cluster. Figure 12.1 shows a typical NLB scenario. FIGURE 12.1
A typical NLB setup
As a general rule of thumb, use NLB when you have an application that is heavily used by clients, that requires high availability, and does not require the sharing of databases. Databases do not play well in the NLB sandbox because of their replication and synchronization needs. In an NLB Web
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
418
Chapter 12
Implementing Exchange 2000 Server in a Cluster
server farm that required writing to a database, you’d likely have a back-end database server that the Web applications had to talk to in order to transact business. When a Web client surfed in to do some business, the client would wind up on any one of several NLB server choices, but the database transaction would be handled on a single back-end server. Note that it would certainly be possible to cluster the back-end database server in order to provide high availability. Figure 12.2 shows this scenario. FIGURE 12.2
An NLB implementation with a database server node as a back-end
Because of the problems associated with a database in an NLB cluster, Exchange 2000 isn’t well-suited for an NLB deployment. Instead, Exchange 2000 works better with server clustering. Keep in mind that the basic principles guiding the decision on when to augment NLB centers on how many users need access to an application and that application’s ability to reside on many servers at once without the need for synchronization of data. Having said all that, please note that a front-end/back-end scenario provides a bit different slant on the picture. In a FE/BE installation, you could easily NLB the front-end Exchange servers and allow them to talk to a clustered back-end. This way you provide high availability to the front-end and fault-tolerance to the back-end. Expensive? Oh yeah. Complicated? Sure. Worth it? Depends on how intense your e-mail needs are.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction to High Availability
419
Server Clustering Clustered servers obey some of the same concepts as NLB, i.e. the notions of high availability and being able to upgrade or maintain servers in the cluster without users knowing about it. But there is a distinct separation in functionality from that point forward. For starters, in a server cluster, one server (known as Node a) is maintaining the application, service, database, or code that is to be made highly available. If for some reason this server fails, a failover operation happens and a second server (Node b) in the cluster picks up the activity. Depending on the type of activity that was currently in place, there may or may not be salvageable data. For example, if the server was in the middle of a database, that data will not be salvaged as the failover happens. Once Node a that failed is fixed and put back online, a failback occurs. You’d don’t have to waste Node a (by making it a passive server) in a cluster to just wait for a failover though. You can have all servers in the cluster doing real work, but still available through the clustering software for the failover. This is called Active/Active Clustering and is new to Exchange 2000. Windows NT 4.0 clustering, available from the NT Enterprise edition, performed Active/Inactive (sometimes called Active/Passive) clustering.
A Windows NT 4 Service Pack 4 server can failover to a Windows 2000 Advanced Server which is nice, but E2K doesn’t run on NT 4.
When one node in the cluster is acting as the primary data repository and the other is simply awaiting the day when there is a failover, we say that the cluster is in a shared-nothing environment. In other words, the database and associated applications aren’t being shared across the cluster servers, they’re being used on only one server. The second node in the cluster is simply available should the first node failover. Again, it should be noted that the second node doesn’t have to be a wasted resource. You could well use it for some other activity but have it ready to act in the same capacity as the first was before failover. This, of course, implies that both nodes are adequately sized to handle both their own operation and the operation of their partner should that partner failover. In a shared-nothing environment, you should probably plan on putting the databases on a RAID array tower or other highly available device that is capable of having multiple computers access it. EMC is only one corporation (Compaq, Dell, HP, IBM and others can be included as well) that has been involved in this type of storage for years. They allow for multiple servers to
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
420
Chapter 12
Implementing Exchange 2000 Server in a Cluster
access different partitions on the storage device at a time. You can buy smaller, less expensive devices for the same purpose. Keep in mind that a standalone storage device scenario like this provides a Single Point of Failure (SPOF) for your highly available system. (Curing a SPOF such as this might require dual disk controllers, redundant power supplies, multiple cooling fans, etc.) The alternative to this would be to set up an automatic replication scenario of some kind where you backed up the Exchange databases and then restored them to the other node in the cluster. Or, you could purchase highly available servers from a vendor. (The Compaq CL1850 is an example.) This would require replaying of transaction logs before the database would be on an equivalent par with your normal Exchange server and may be too timeintensive to be of any value to you. Figure 12.3 shows this shared-nothing, separate storage idea. FIGURE 12.3
A shared-nothing server cluster with a detached storage environment
You can bring redundancy into a separate storage cluster by supplying two data sources that are simultaneously updated, such as a mirrored RAID-5 (RAID 50) set or something of that nature.
You can have two server nodes in a Windows 2000 Advanced Server cluster or four server nodes in Windows 2000 DataCenter Server cluster. You can have up to thirty-two servers in a Windows 2000 NLB cluster.
It’s important to take into consideration any specialized hardware that you may have on one cluster node that you expect to be available should the cluster failover. You can’t, for example, have a modem in one cluster node and expect a communications program to continue working after failover if there is no modem in the other server node! Sounds like common sense, but if you don’t think about these kinds of issues, you’ll be disappointed at failover time. You should also understand the ramifications of what happens if a server fails over
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Introduction to High Availability
421
while it’s in the middle of some database transaction. It’s quite possible that some data might be lost as a result of the failover. You’d still have the data left in the transaction logs and not yet committed to the database and, of course, the data already in the database will be okay, but any data that’s in transition from the transaction logs to the database might be lost. You should be aware that there is a technology called fibre channel. This technology is similar to SCSI, in fact uses SCSI commands, but does so over a fibre channel bus rather than over the SCSI bus. The fibre channel portion of the computer system is used for the interaction of the two computers in a cluster group. In Windows 2000 Advanced Server implementations you can use either SCSI-to-SCSI connections or a fibre channel connection. In Windows 2000 DataCenter Server you must use fibre channel across four node cluster groups. Any data in RAID array controller card memory might be lost as well. You can purchase battery backup modules for RAID array cards, but if the server’s down for the long count, you’ve likely lost the data in the card’s memory. That could potentially be a lot of data. In some cases the cards have 16–32MB of RAM or more on them!
Design Scenario: Determining When to Use NLB, Clustering, or the New AppCenter Alejandro is the network manager for a large corporation that heavily utilizes messaging technologies. He is currently designing a new Exchange 2000 rollout. He has determined that since messaging plays such an important role in the corporation’s mission, he must make sure that the system is reliably available at all times. He decides to implement a cluster server at every site that’s going to host an Exchange 2000 server. He starts with good quality servers that are on the Microsoft Windows 2000 Hardware Compatibility List (HCL). He equips the servers with sufficient RAM, ample CPU processing power, and RAID array controller cards. Because it is important that the servers talk to each other in order to ascertain the health of the nodes in the cluster, Alejandro specifies that each server have two NICs installed in it, one that plugs into a switch that has a VLAN dedicated to the cluster and the other that plugs into the regular network’s VLAN. He recommends that Windows 2000 Advanced Server be installed on all servers in the cluster and that the clustering service be enabled.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
422
Chapter 12
Implementing Exchange 2000 Server in a Cluster
In Microsoft’s new .NET strategy, there is a clustering component that’s conspicuously missing—that of applications clustering. NLB is great for Web pages; clustering is good for applications that can’t be load-balanced, but what about those applications that can? Microsoft’s AppCenter product is designed to introduce the features of clustering coupled with the loadbalancing characteristics so that applications can be put on many servers at a time for both fault-tolerance and performance purposes. Here’s how to think of AppCenter. You use NLB to scale Web servers. You use clustering to bring fault-tolerance to databases. You’ll use AppCenter to scale business logic.
Deploying Exchange 2000 Server in a Cluster
N
ow that we’ve got the explanatory stuff under our belts, we can discuss how Exchange works within the Windows 2000 clustering paradigm. Because Exchange 2000 server uses databases, we should begin by pointing out that you’ll need to use the Windows 2000 Cluster service, not NLB when creating highly available solutions. This, in turn, means that E2K uses a shared-nothing architecture. The server that Exchange 2000 is installed on will host the databases that are required for the deployment. It is also likely to be the place where the transaction logs are written to unless, of course, you opt for the RAID cabinet model alluded to above. The point is that in either case, databases living on the server’s hard drives or databases living on a standalone disk device; only one server will be talking to a given set of databases. At failover time, the second node picks up the load and begins working with the databases. Because of Exchange 2000’s unique functionality, it cannot simply utilize Windows 2000’s native cluster services. The E2K development team had to design in some extra stuff so that Exchange could work with clusters and vice-versa. Hence a special DLL called exres.dll was devised to provide communications between Exchange 2000 and the Windows 2000 cluster service. Because of this, it’s important to understand that Exchange 2000 provides management resources that it uses in clustering, but it also partners with Windows 2000 clustering modules to fully realize a complete E2K clustering picture. This means that the Exchange server will be utilizing the server’s disks, IP address, and its computer name.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Deploying Exchange 2000 Server in a Cluster
423
Beginning the Cluster Setup In an efficient Exchange 2000 design, you begin by arriving at a decision that you will indeed host Exchange 2000 on a cluster. This means that you then appropriate extra computing gear for the task. You’ll need another computer and additional SCSI or fibre channel equipment. Next, you install Windows 2000 Advanced or DataCenter Server and include the Microsoft Cluster Service as a part of the installed OS software. The account that you use to create the cluster must have administrative rights on all nodes and must be a valid account in the domain. Also this account must be a member of the Exchange administrators group. Note that you’ll install the Cluster Service on both nodes in the cluster at this time. Microsoft has made it so easy to install Cluster Service in Windows 2000 that you’ll only have 11 mouse clicks in the first node and 4 in the second as you set it up. Then you begin your Exchange 2000 Setup. Because you’re running on a cluster, you’re prompted with the message “Setup shall install the clusteraware version of Microsoft Exchange.” As setup progresses, the Exchange code is installed on the node but no shares are created as in a typical E2K installation. Also note that Exchange-specific cluster resource types are created at installation time. Once setup is complete the node must be rebooted. After reboot you go into the cluster administrator and select the cluster group. You create the IP address, the Network Name resource and the Disk resource. You also create the System Attendant resource. The System Attendant resource must come last because it is reliant on the Network Name and Disk resources to be created first. After you’ve created these resources, Exchange takes over and handles the rest of the resource creation. Once it is finished, the installation is now known as an Exchange Virtual Server (EVS). Once you’ve got the EVS created, you manage its cluster properties through cluster manager, just like you would any other cluster group. You can set the failover and failback policies for the EVS. Clients utilizing E2K on a cluster will connect to the EVS so as to facilitate single IP address and single network name capabilities in the cluster.
Keep in mind that should you decide to put the transaction logs files on one drive in the shared storage and the databases on another, both drives must be members of the EVS in order to facilitate failover/failback of both the logs and databases.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
424
Chapter 12
Implementing Exchange 2000 Server in a Cluster
The two key DLL files that are used by Exchange when interfacing with Windows 2000 Cluster Service are the previously mentioned exres.dll and excluadm.dll. Exres.dll is the DLL that the Cluster Server service uses to communicate with Exchange components. It does this by first communicating with its own internal resource monitor, which in turn uses exres.dll to communicate with Exchange. Exres.dll is Exchange-specific. Excluadm.dll is the user interface (UI) that is utilized when configuring Exchange in a clustered environment. Figure 12.4 shows what this relationship looks like between the W2K Cluster Server service and Exchange 2000. FIGURE 12.4
The linkage between W2K Cluster Service and Exchange 2000
Thinking of the EVS in a Windows 2000 Sense When you think of the EVS, think of it as a collection of Exchange-specific resources that have Windows 2000 attributes associated with them. For example, these E2K resources might be tied to different owners or have certain dependencies tied to them. They might have retry properties associated with them, and so forth. This concept—that Exchange 2000 uses the same theme as Windows 2000 to accomplish its mission—is an important one. Nevertheless, even though they’re Windows 2000–like in makeup, they’re very Exchange 2000–specific in the way that they act. You can easily guess the resources that make up a typical EVS. You’ll have the System Attendant, Information Store, Protocols, Routing, Messaging
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Deploying Exchange 2000 Server in a Cluster
425
Tracking Agent, and Microsoft Search capabilities. Within the Protocols, you have the same basic choices as in non-clustered Exchange: SMTP, HTTP, IMAP4, POP3. The only real differences here are that you’re working in a shared-storage environment and that the Cluster Service interfaces with specialized Exchange DLLs. Also, your configuration of the Exchange cluster system will be accomplished through a special administrative interface. Windows 2000 Cluster Service has a couple of built-in procedures that are used to keep track of whether the system is alive or not: IsAlive and LooksAlive. In Exchange 2000, a periodic heartbeat check is made using the IsAlive procedure. The IsAlive procedure says, “This resource is definitely available for use,” whereas the LooksAlive procedure says, “Hmmm, the resource appears to be available for use.” Both procedures are programmatic tools used by Windows 2000 Cluster Service for each resource, i.e. Information Store, each protocol, and so on. Figure 12.5 shows this interrelationship. FIGURE 12.5
The interrelationship between the various Exchange components
The System Attendant is the initial building block that helps you to get everything else going. The first thing you create when you set up Exchange server on a cluster is the System Attendant. A glance back at Figure 12.4 shows that its presence is required for all EVS functionality. The IsAlive procedure checks to make sure the System Attendant is alive. To delete an entire Exchange system on a cluster, delete the System Attendant. There is only one Message Transfer Agent (MTA) service in any Exchange cluster implementation. The MTA is used by all EVSs in the cluster. If you
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
426
Chapter 12
Implementing Exchange 2000 Server in a Cluster
delete an EVS, Exchange handles moving the EVS to a different EVS. The IsAlive procedure checks to make sure that the MTA is operational. The IsAlive call is key to making sure the various virtual protocol servers are running. It does this by making periodic calls to that virtual protocol server and receiving its answer banner. It’s important to note that if you’ve got the “do not restart” option set on a virtual protocol and you fail it over for routine maintenance or for troubleshooting, when you fail back, the protocol will not start up. This is definitely a gotcha to watch for. IsAlive provides a call to the Routing resource to make sure it is running. The IsAlive procedure behaves a bit differently with the Microsoft Search content indexing mechanism of Exchange 2000. This content-indexing module keeps all content currently indexed. IsAlive checks the pointer to the data structure for the database that MSSearch is currently indexing. If the pointer is correct, IsAlive assumes everything is cool and continues on. There’s a huge problem with MSSearch. Once you have an information store in place and MSSearch is indexing its content you cannot delete it unless you also delete the information store and re-create it as well. This implies that you take good care of MSSearch.
Putting the Pieces Together All right, now we have the basic information we need to understand how the Cluster Service methodology works. You’ve obtained two servers and installed Windows 2000 Advanced Server plus the Cluster Service on them. You have either SCSI-to-SCSI or fibre channel connectivity between the two servers for the IsAlive heartbeat monitoring to function. You install Exchange Server on each node in the cluster. In Node A, you create a storage group and some virtual protocol servers to make an EVS. You assign a unique IP address and network name to this EVS. On Node B, you do the same thing but this time the information store and virtual protocol servers are for a different group of people. In other words, the people who utilize Node A’s information store services are functioning in essentially a different e-mail system than the users on Node B. Now suppose Node B fails for whatever reason. The Cluster Service will first try a series of retries to see if it can get the services going again. If not, Store.exe will transfer to Node A, re-mount the storage group, and create the virtual protocol servers needed to handle it. Figures 12.6 and 12.7 show this methodology.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Deploying Exchange 2000 Server in a Cluster
FIGURE 12.6
Before failover
Shared Storage
FIGURE 12.7
After failover
There is a problem with this methodology that may not be intuitively obvious. Because of the physical limitation of four storage groups per
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
427
428
Chapter 12
Implementing Exchange 2000 Server in a Cluster
standalone server, you cannot exceed that number for any given node in the cluster, including any failed-over storage groups. If, in Figures 12.6 and 12.7 for example, Node A already had its maximum amount of storage groups, the failover from Node B could not take place. Caution therefore is in order for the designer of a large clustered environment. Note that there is very little overhead involved with putting Exchange 2000 in a cluster server environment versus allowing it to operate in a standalone capacity. You have the periodic tiny overhead of the IsAlive calls. Also, communications between EVS instances are handled by SMTP. You should also note that there will be some inevitable time delay between the time a node fails over and the time when the living node picks up its operation. There are four reasons for this interruption in service to the user:
The IsAlive procedure has to verify for sure that the node failed.
The living node has to replay the transaction logs to “catch up” to the present state of operations.
Ownership of the storage group on the shared medium has to be transferred and the storage group must be started on the living node.
Ownership of the virtual protocol servers have to be transferred to the living node and started.
Design Scenario: Planning an Exchange Cluster Server Deployment Amaris is the network architect for an ice-cream company. She is designing a new Exchange 2000 server deployment and is seriously considering a cluster server deployment. Last time the network administrators had a messaging system outage, it took days to get the system back up and running and management was not happy. There was one administrator who, in fact, lost his job over the whole affair. This time around Amaris wants to make sure that nothing like that can happen again—at least without extraordinarily unorthodox circumstances. The extra costs involved in a cluster server deployment are not so untoward as to be completely out of reason.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
429
Amaris starts by designing two servers of the same manufacturer and model. She purchases fibre channel gear for the servers, fibre channel cards and cables, and a fibre channel hub to link the two computers together. She also purchases a central shared storage device that will utilize a mirror of RAID-5 drives. She purchases two server licenses for Windows 2000 Advanced Server and two Exchange 2000 Enterprise Server licenses. The ice-cream company is dissected into two basic entities: manufacturing and business. Amaris has decided to separate the two entities into two storage groups, one of which will live on Node A of the cluster and the other on Node B. This way she realizes not only the gain of separating the information stores into two distinct database entities for performance gains, but she has over-engineered the computers in such a way that each node in the cluster can handle the other’s load should there be a failover. When the gear comes in Amaris asks the network team to bring up the environment but not put any users on it just yet. She then sets up some bogus e-mail accounts and has some testers test the system while she deliberately fails the computer over by performing a forced failover on one of the nodes, as though a power outage had happened to it. She performs the test several times to get a good feel for the amount of time it will take for the opposing node to pick up the additional load. When all is done and she’s satisfied that she has good baselines on how the failovers will work and the expected time to failover, she has the network team fully deploy.
Summary
This chapter is about making Exchange 2000 highly available by using Windows 2000 Cluster Service capabilities. We started by explaining that there are three different methods of introducing high-availability scenarios in today’s Windows computing environment: Network Load Balancing (NLB), Server Clustering and AppCenter (mentioned in the design scenario sidebar— it doesn’t do much for E2K). NLB is a load-balancing feature that allows for static content to be spread across up to 32 servers in order to cut down on the load any one server might be under. NLB is great for Web pages. One server in an NLB arrangement is considered the Default Host.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
430
Chapter 12
Implementing Exchange 2000 Server in a Cluster
Clustering involves either two servers in a Windows 2000 Advanced Server or four servers in a Windows 2000 DataCenter Server environment. With Windows 2000 clustering, you have an active/active environment where both servers can participate in other processes. Windows 2000 Cluster Server uses a shared-nothing principle, meaning that the primary server (called a node in the cluster) housing the application contains the only copy of data. Thus, when the server fails over, the other node in the cluster is able to take over its operation. Hence Windows 2000 Cluster Server works well for database scenarios. But if the server fails, it’s possible that the disk where the database resides has failed as well. Thus it’s important to consider a shared-storage model with Cluster Server so that if a node fails over, the opposing node can connect to the database and continue operations. This shared-nothing, shared-storage model is precisely the model that you’ll use in Exchange 2000 Server. You install the W2K Cluster Server software first, then install Exchange 2000 Server. The setup program detects that you’re installing to a Cluster and provides you with the option to install Exchange 2000 clustering. This introduces several changes. First of all it copies two clustering DLLs to the BIN directory of the Exchange servers: exres.dll and excluadm.dll. The installation process doesn’t share out the Exchange directories like it would in a normal standalone environment. Also, you’re given a special Cluster Server interface with which to configure the Exchange Virtual Server (EVS). You start by creating the IP address(es) and Network Name(s) for the different EVSs you have on the nodes. There is also a shared disk that is a resource used by the storage group or the information store. You then create the System Attendant. Exchange then creates the rest of the needed resources. You can have EVSs on either node as long as you don’t violate the storage group rules of a maximum of four per server. This means that if you have eight storage groups on each node, you cannot have a full failover should one node fail because you’ll have more than the maximum amount of storage groups on any one server. The Windows 2000 Cluster Server IsAlive call keeps track of the various components in any EVS. When a failover occurs, the IP address and network name of the node is assumed, the storage group is mounted by the opposing node, the virtual protocols are created, and the transaction logs replayed before operation can begin again. This activity could conceivably introduce some delay before users are actually able to connect back to the messaging system.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Key Terms
Key Terms convergence default host Exchange Virtual Server (EVS) failback failover fibre channel IsAlive LooksAlive MSSearch Network Load Balancing (NLB) node shared storage shared-nothing
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
431
432
Chapter 12
Implementing Exchange 2000 Server in a Cluster
Review Questions 1. What are the components of an EVS? A. Information Store B. Message Transfer Agent C. Virtual Protocol Servers D. Routing Engine E. Internet Mail Service F. Conferencing Server G. Storage Group 2. What are the components that are monitored by the IsAlive component
in an EVS? A. POP3 B. NNTP C. SMTP D. IMAP4 E. MSSearch 3. Suzanne is running a two-node Exchange 2000 cluster implementation.
Each node has two EVSs on them. When the first node fails one day, users cannot access it. What could be the problem? A. Suzanne did not assign a separate IP address and network name to
each EVS. B. The node is using storage that’s on the computer. C. Suzanne has violated the maximum amount of storage groups
allowed per server. D. There is no heartbeat connectivity between the two cluster servers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
433
4. Widgets Incorporated’s programming team has written a Visual Basic
application that’s going to be extensively used across the enterprise. It’s anticipated that one server will not be enough to handle the load that use of this application will create. On top of that, it’s important that the application always be available. The application uses a SQL Server back-end for data storage and requires that e-mail be sent out through the E2K system on a nightly basis. Which high-availability option would make the best sense in this scenario? A. Windows 2000 Cluster Server B. Network Load Balancing (NLB) C. AppCenter Server D. None of the above 5. What Exchange component interfaces with Exchange Routing in
an EVS? A. Message Transfer Agent (MTA) B. IsAlive C. System Attendant D. Information Store 6. How many MTAs are there per cluster? A. One B. Two C. Up to four D. Up to fifteen 7. Which sentence below best describes the characteristics of a failover in
an E2K cluster? A. Store.exe mounts the storage group. B. Store.exe mounts the storage group and picks up the IP address
and Network Name of the failed node. C. Store.exe mounts the storage group, picks up the IP address
and network name of the failed node’s EVSs, and creates virtual protocols. D. Store.exe mounts the storage group and creates a new IP address
and network name and creates virtual protocols
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
434
Chapter 12
Implementing Exchange 2000 Server in a Cluster
8. Which clustering component keeps track of node health? A. LooksAlive B. Exres.dll C. Excluadm.dll D. IsAlive 9. How does IsAlive know if the Content Indexing component is not
working? A. Unable to make a call to the service B. Cannot read the index database C. Uses a pointer to access the index database’s data structure D. Tries a test index read and cannot 10. Sherman has implemented an Exchange 2000 shared storage clustering
environment. He keeps the databases on one disk and the transaction logs on another. When he tests the failover, it doesn’t work. What could be wrong? A. The receiving node isn’t connected to the shared storage device. B. The shared-storage device has failed. C. The transaction logs were not included as part of the EVS. D. The shared-storage device isn’t RAID-5.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
435
Answers to Review Questions 1. A, B, C, D. Each EVS is made up of a storage group consisting of the
MTA, Information Store, Virtual Protocol Servers, and Routing. The creation of an EVS includes the introduction of an IP address and network name as well. Note too that there is a shared disk that is a resource used by the storage group or the information store. 2. A, C, D, E. IsAlive monitors the POP3, SMTP, IMAP4 (and HTTP)
links with IIS and the MSSearch (content indexing) component of the Information Store. 3. A. The most probable answer is that Suzanne did not assign a sepa-
rate IP address and network name to each EVS. While the other anwers are possible, the best place to begin hunting is with answer A. 4. B, C. Because of the database, the best choice might be W2K Cluster
Server, but you’re limited to only two servers in Advanced Server or four in DataCenter Server, which may not be enough. AppCenter is designed to allow applications to be load-balanced across numerous servers. 5. C. The System Attendant interfaces with Routing, MTA, and the
Information Store. 6. A. There is only one MTA per cluster. It is created in the first EVS
created in the cluster but will automatically be transferred to another EVS should the first one be deleted. 7. C. Users are connecting to a known network name, so it’s vital that
in a failover scenario the node that’s picking up the failover assume the IP address and network name of the failed node. Also Store.exe creates a virtual protocol server that then mounts the storage group to provide services.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
436
Chapter 12
Implementing Exchange 2000 Server in a Cluster
8. D. IsAlive is a Windows 2000 clustering component that is respon-
sible for “pinging” the various E2K components to make sure they’re still alive. 9. C. IsAlive tries a pointer to the datastructure that is allegedly currently
being written to by the indexing service. If it isn’t found, IsAlive knows there’s something wrong with MSSearch. 10. A, B, C. It’s possible that the shared-storage device could have
failed as well. This could happen in an environment where the node and the shared storage device are not connected to a UPS as a backup power supply. It’s more likely that Sherman didn’t include the transaction log in his EVS description. If more than one disk houses the Exchange data required in an EVS, you have to be sure to include all of them. Or it’s your turn to get into the Wayback machine and go back to a simpler time!
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Dual Campus Cluster Server
437
In this case study you’ll be asked how to work with a cluster server environment that spans geographical locations.
Problem Statement You are the messaging administrator for a large public college based on the east coast. You have campuses in several different cities in the United States, Canada, and Mexico. There are about 3000 users who utilize the messaging system. You’re currently running Exchange 5.5 throughout, but you’re planning an Exchange 2000 deployment. Because of the nature of the business you’re in, there are people who need to use the system almost all hours of the day and night, making it very difficult to pull any maintenance. Outages are a real nightmare because you’re unable to get word to people in such highly diversified areas that there’s a problem with the system. You’ve gotten a lot of black eyes because of this. You want to create a highly available system that will failover in the event there’s a problem with a computer.
Current System The current system consists of an Exchange 5.5 SP3 server at each of your 17 sites. All of the servers are heavily loaded and basically run at maximum load most of the day. Users complain the most in the mornings when everyone is simultaneously firing up their e-mail. Backups are successful, and you’ve done emergency restoration testing to prove that you can restore information stores if need be. You have junior administrators in most of the sites. WAN connectivity between sites all run at 512K with 512 CIR. All sites home-run to your central site. A recent sniff of the network by your telecommunications provider shows that you’re heavily underutilizing the WAN circuits. All Exchange sites are members of your central Exchange organization. The Chief Operating Officer (COO) would like to see you implement a highavailability option in the new system, if possible. COO “What high-availability options are available with Exchange 2000? How can we give the e-mail system more high availability?”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Case Study: The Dual Campus Cluster Server
CASE STUDY
438
Chapter 12
Implementing Exchange 2000 Server in a Cluster
Proposed System After thorough study you make a controversial three-part recommendation to the COO: Procure WAN circuits between outer sites in such a way as to create a redundant path to central for any site in the network. By assuring that all outlying networks are fully meshed with home, you’re creating redundant paths that can be followed should any one path become unavailable. Create the new Exchange 2000 system on a cluster server environment that’s centrally located. You’ll put the new Exchange 2000 software on good quality, well-engineered computers that participate in a two-node cluster. The servers will run Windows 2000 Advanced Server. They’ll have multiple processors, redundant power supplies, RAID array controller cards in which you’ll mirror the operating system, shared-storage that is highly available and fault-tolerant, and a high-speed dedicated backbone circuit to the user network. You’ll use fibre channel for connectivity to the shared storage device. Dismantle the old Exchange 5.5 servers. Users will utilize their e-mail from central, regardless of their physical location. You’ll co-locate the cluster servers at the central headquarters and require users to access their e-mail from these servers instead of their local Exchange servers.
Reactions COO “I like the plan. I especially like the idea of the servers being centralized. My only concern is the fact that users will have to come across the wire to access their e-mail.” You present the plan to the junior admins in several different outlying sites. Junior Admins “We like the idea of not having this administrative hassle hanging over our heads, but at the same time we enjoy having the ability to be able to add user mailboxes at will. This will create additional workload on your end—you realize that don’t you?” You consult with your telecommunications provider to see what their thoughts are about the proposed scenario.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Dual Campus Cluster Server
439
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Telecommunications Representative “What you propose isn’t all that uncommon. We have quite a few customers with several sites that must cross the wire to access server services. Your single point of failure is in the single WAN circuit running from your D-mark to us. After that the data rides a fault-tolerant cloud, and will, guaranteed, make it there.”
CASE STUDY
440
Chapter 12
Implementing Exchange 2000 Server in a Cluster
Questions 1. What else could you do to optimize the servers? A. Split the Exchange Virtual Servers (EVS) out among the two nodes. B. Put the transaction logs on one disk, the databases on another. C. Implement Network Load Balancing. D. Split the virtual protocol servers among the two nodes. 2. Is this plan viable? A. Yes, but there are problems B. Yes, completely C. No, the plan will not work D. Maybe 3. What is one of the issues your junior admins face? A. Losing the administration of their Exchange server B. HTTP interface failing over C. Responsive notification if cluster fails over D. E-forms that they may have in place 4. What sorts of things should you test before putting the new system
into production? A. Client mailbox access times B. Failover speeds C. Disruption of WAN circuit and subsequent client use of redundant
circuit D. Access via OWA
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Dual Campus Cluster Server
441
lation tasks that are required. Put them in the correct order in the lefthand Order column. Order
Tasks Install servers Move users Test failover Create server VLAN Test WAN circuit “failure” Install Cluster service Provision additional WAN circuits Install Exchange 2000 Test client connectivity Procure Servers Install Windows 2000
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
5. Looking at the right-hand column in the table below, select the instal-
CASE STUDY ANSWERS
442
Chapter 12
Implementing Exchange 2000 Server in a Cluster
Answers to Questions 1. A. The healthiest thing you could do for this system is to split the EVSs
among the two nodes. This way you’re not asking one server to handle more load than the other. Because you have an inordinately large number of outlying sites, you’ll have to combine some sites into a single EVS so you don’t exceed storage group maximums. 2. A. The biggest issue you face here is the localization of the Exchange
servers. From an administrative perspective, this is a very good thing, even though it adds additional load to the people who must maintain the mailbox accounts. On the other hand, without stress testing, you can’t be sure what kind of reduction in connection time, if any, that users will see. It may be that they may not suffer any connection time increases, because of the healthy servers and Exchange 2000 Server’s capabilities to deal with enormous amounts of clients. 3. B. Because users are using HTTP to access OWA, the admins will need
to be concerned that the HTTP interface fails over with the IS and listens on the appropriate network name and IP address. 4. A, B, C. The most critical test methods you’ll need to go through are
items A, B, and C. You should definitely test the time it takes for remote clients to access test mailboxes on the new system to make sure the circuits are able to handle the increased load. You should also deliberately failover the new system to measure the failover times. Additionally, you should purposely disrupt one of the WAN circuits and test the “back-door” redundant circuit to see how it performs.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Dual Campus Cluster Server
443
Order Procure Server Provision additional WAN circuits Create server VLAN Install servers Install Windows 2000 Install Cluster service Install Exchange 2000 Test client connectivity Test failover Test WAN circuit “failure” Move users Wrap-up Using skillful project management techniques, taking the user’s needs into consideration, communicating your plans, taking your time during implementation—these are all positive things you can do to increase your chances of success as you move through a complex plan such as this. Exchange 2000 Server clustering is being used today—by none other than Microsoft. So you know it can be done, but you’ve got to design carefully and implement with deftness.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
5. See chart below:
Chapter
13
Diagnosing and Resolving Coexistence and Migration Problems MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Diagnose and resolve coexistence problems.
Resolve e-mail delivery problems.
Resolve problems with foreign connections.
Resolve address synchronization problems.
Resolve problems with address and name resolution.
Design an upgrade or migration strategy. Considerations include primary vs. non-primary connections, and use of the appropriate version of ADC.
Design ADC connection agreements.
Plan a migration that uses ADMT.
Design connection agreements to support containers synchronization.
Decide direction of synchronization.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
T
his chapter revolves around the issues you might face as you deploy Exchange 2000 in an environment of disparate messaging systems. There are four different categories of issues that you need to think about as you plan your deployment. Because this MCSE exam is about designing an Exchange 2000 deployment, we certainly cannot predict every little problem that you might run into in the real world, but we can make some global calls that you can watch out for as your deployment progresses.
Resolving E-Mail Delivery Problems
I
t doesn’t happen very often, but when a user gets a Non-Delivery Report (NDR) there is virtually nothing the user can do. The cause of an NDR is generally a system problem that must be handled by system administrators. There are two different kinds of NDRs: those that are generated when the user sends and e-mail to another person and receives an NDR back and those e-mail documents that never go out the door for whatever reason.
Microsoft Exam Objective:
Diagnose and resolve coexistence problems.
Resolve e-mail delivery problems.
Let’s describe some examples of areas where an NDR is generated and requires the expertise of an administrator to solve:
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving E-Mail Delivery Problems
447
Improperly Formatted SMTP Address Outlook users have the ability to create customized entries in either their Outlook Address Book (OAB) or their Personal Address Book (PAB). In a shop where users have been migrated from earlier versions of Outlook or the Exchange client, lots of users will likely have a PAB. As users are migrated to newer versions of Outlook, they might also pick up an OAB as well. In any case, if the user has set up a custom Internet e-mail address entry in his PAB or OAB and the SMTP address for the recipient is keyed in wrong, the sender will receive an NDR. Generally the problem with these NDRs is that the user cannot decipher the NDR string to figure out what the problem is. You, on the other hand, being the ace administrator that you are, will trot up to the computer, take one look at the NDR, and know instantly that the SMTP address is improperly formatted. It’s wise to keep in mind in situations like this that Internet e-mail addresses are so cheap and easy these days, and people switch ISPs so often, it’s very possible that the SMTP address is correctly formatted, but the recipient no longer uses the mailbox. Improperly Formatted Foreign Addresses Note that with OAB and PAB problems, we’re not limited to Internet e-mail addresses. If you’re the host of disparate messaging systems within your enterprise, you may have NDRs that happen as a result of addresses that are improperly formatted for the system the sender is trying to send an e-mail to. For example, suppose that you’re sending an e-mail out to a cc:Mail system. If the incorrect entries are keyed in by the user formatting the cc:Mail address, an NDR will be generated when the user tries to send the e-mail out. The same applies for X.400, Lotus Notes, GroupWise, and other foreign messaging systems. The administrator can prevent some of these issues by adjusting the connectors with the correct default entries, thus eliminating some of these kinds of hassles. Nevertheless, users keying in unique PAB or OAB addresses will create the potential for generating NDRs. Receiving Server Problems If the receiving sender’s services are not started, if the disk that the database resides on is full, or if the server is down for some reason, users will receive an NDR. The NDR could potentially take a very long time, given the work that the bridgehead and Routing Group Master servers must go through to determine that a link is down. One of the biggest problems Exchange 5.5 administrators run into in situations such as these is finding the Internet Mail Service (IMS) stopped for some reason.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
448
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
Fortunately, because IIS handles the SMTP message flow, you don’t have an IMS service anymore, but you do have the interconnectivity of IIS, EXIPC, and Exchange server. The trick to troubleshooting difficulties like this is to start small, check all services, and make sure you have outward connectivity with other systems. WAN Linkages Perhaps one of the best ways that you can assure yourself that linkages won’t be a problem is to provide redundant paths to all routing groups. In one company several servers were hooked to headquarters with poorly managed WAN links. The WAN links would continually fail, go above CIR, or just inadvertently drop out for no reason at all. Users were constantly complaining about the inadequacy of the e-mail system—even though the e-mail servers were running fine. Incorrectly Configured Servers A server that is not correctly configured will appear as though it is running correctly, even though it is not. You’ll notice e-mail delivery failure problems early on in the deployment if your server configurations are not correct. Watch out for cowboy administrators that make changes without consulting anybody. An admin that makes a change needs to alert others that the change was made so that Sunday morning, when he’s not available, the admin who’s called out can figure out what has changed. The designer is well advised to start a change management program that admins must keep up so that all admins involved with the system are up-to-date on changes that are made. This is especially important in larger enterprises. Name Resolution Problems Windows 2000 didn’t really change anything in terms of needing to resolve computer names to IP addresses. Yes, you move to DNS instead of WINS, but in most shops WINS will be around for quite some time into the future. Your name resolution problems have not gone away, they’ve likely increased due to the introduction of DNS into the mix. It’s surprising how quickly a name resolution problem can create havoc on a network—and how easy it is to not think about it as being the problem. In situations where the enterprise is cratering in because of a problem, admins can begin to get panicky and try almost anything—when the problem may very well stem from a stopped service on a server or a name resolution issue. In a situation where several users cannot access a system and are getting NDRs, see if you have name-based connectivity with the host. Can you ping the host by name and by IP?
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Problems with Foreign Connections
449
Design Scenario: The Case of the Broken Enterprise DNS Server Bertrand is a systems administrator in a midsized corporation. He is responsible for the messaging system as well as other enterprise servers. One day, while working with a technical support person on a different problem, Bertrand is told that an Internet e-mail he sent earlier that morning to tech support has not been delivered. Bertrand does a quick check on his system to see if it’s his problem by sending an Internet e-mail to his Hotmail account. Nothing happens. Upon checking the SMTP queues, Bertrand finds them very full and not emptying out. Upon further checking, he realizes that name-server resolution is not working correctly. “Has the company’s registered domain name expired and we’ve not renewed it?” he wonders to himself in a panicked moment. Upon checking the Windows 2000 DNS server at the edge of the enterprise, the one that communicates with the company’s ISP, he sees valid MX, SOA, and A record entries for his DNS computer. He calls the ISP—their DNS boxes are fine, up and running, and no changes have been made. Finally Bertrand checks the services and lo, he finds the DNS service stopped! Bertrand starts the service, checks the SMTP queues, and is pleased to find them draining. He then begins figuring out who to kill for stopping the DNS service in the first place.
Resolving Problems with Foreign Connections
T
here are generally two scenarios in which problems with foreign connectors will arise: when you have incorrectly configured a connector or a foreign messaging server or when one of the two servers in the connection is not
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
450
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
working. A third problem is one in which you are experiencing name resolution problems of some kind.
Microsoft Exam Objective:
Diagnose and resolve coexistence problems.
Resolve problems with foreign connections.
The time at which you begin to experience problems speaks volumes about the way to find a solution. In most cases you’ll find that you experience problems with a foreign connector trying to talk to the foreign system as soon as you get everything configured and operational. Typically these kinds of problems arise due to a miskeyed configuration or a configuration that has erroneous information in it. Sometimes a bogus configuration can manifest itself as a system that behaves unusually but not altogether incorrectly. For example, suppose that you’re configuring an X.400 connector and you accidentally set the schedule in a way that you think will allow communication any time of the day or night, but in reality you’ve completely locked the schedule down so that no communication is allowed. This might be an immensely difficult thing to spot—it might only dawn on you as you pore through scads of Internet documents—but it stops the system nonetheless. Another showstopper that’s often overlooked is the access account that’s required by the system. If the credentials aren’t correct, the opposing system isn’t going to let the connector in and it’s all over. Alternatively you may find that one of the servers is actually offline or in some way unreachable. Either problem is possible—you’ll have to do your research to figure out which it might be. For example, suppose that you have a front-end/back-end E2K deployment. You’ve been messing around with your software-based firewall. You’re pretty sure that you’ve got all of the firewall rules created correctly and that the correct machine groups belong to each rule. But suddenly you start getting strange errors on the back-end computer and e-mail stops. You suspect that the changes to the firewall are to blame, but when you visit the rules, they look okay. Well then, perhaps there is nothing to your firewall suspicions—perhaps there really is a problem with one of the servers. You check all of them—nothing wrong. You go back to
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Problems with Foreign Connections
451
the firewall, determined to put things back the way they were before the change when it dawns on you—one of the rules you’ve implemented contains a group that has as its members the back-end servers and this rule happens to be one that disallows the computers from communicating with any machines on the DMZ! A simple little logical fubar and the system has been down for several hours now. Here are some rules that you can use in your troubleshooting scenarios: Rule 1 Always ask yourself this question: What was the last change that was made that might affect this system? Rule 2 When making changes, no matter how small, before going forward, consider the backout you’ll go through if, for some reason, the change doesn’t work. It’s surprising how even the tiniest changes to a system that was working correctly before can bring the system down. It’s also surprising how systems have many interacting dependencies that fail when one is changed. Lastly, it’s important to always consider name resolution characteristics of systems. Can you ping the device in question by IP address? Can you ping the device by either WINS or DNS name? If you’re not using TCP/IP as the transport methodology (i.e., Remote Procedure Call [RPC] or other methodology) is there a way that you can validate the connection between the systems? Perhaps there are some utilities that you can use to validate that the system is working correctly. Is the device unplugged from the network? Has there been a change to a device’s connectivity—say putting it on a VLAN or moving it from one hub to another? In some cases, perhaps a WAN circuit has failed or even a WAN connectivity device such as a router or Channel Service Unit/Data Service Unit (CSU/DSU). The people that provide the WAN connectivity will be able to use tools to find out if the circuit is okay. Rule 3 The last, but perhaps the most important rule to use in troubleshooting connectivity between systems. Start small, work large. Start inward and work your way outward. Oftentimes you’ll find that a problem exists with something as simple as a server service or a typo in a configuration. It’s important to consider the small stuff before expanding out to the bigger thinking.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
452
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
Design Scenario: Getting the SMTP Boxes to Talk to Each Other Sandra is a network consultant that has been hired to upgrade a network from Banyan Vines to Windows 2000. Banyan’s e-mail system, which some call “Banyan Blue Mail,” is the current e-mail system that’s in use by the enterprise. The SMTP component for one of the Vines’ servers allows users to send e-mail out over the Internet. One of Sandra’s charges is to install Exchange 2000 and migrate users from Blue Mail to Exchange. After the Windows 2000 server installations are performed, Sandra next installs Exchange 2000 on the servers she has designated for the system. There is really no good connector for Blue Mail to Exchange, but Sandra does find some third-party software that allows her to extract mailboxes from the Vines system and create mailboxes in the E2K system. Sandra has several hundred mailboxes that she has to convert like this and anticipates that the activity will take several weeks. But Sandra is left with a problem. She has Internet e-mail configured and working correctly on the E2K side, but she can’t figure out a way for incoming e-mail to a Vines user that has had her mailbox transferred to the E2K system to follow her to the new system. In other words, if an Internet user composed an e-mail document to
[email protected], the document would merely die on the vine and never get to the internal user’s new mailbox. While working with the Vines administrators, the answer eventually becomes apparent. By keying a special line into the old Vines user’s profile, any incoming Internet e-mail can be forwarded to her new SMTP address. Thus when an Internet user composes the e-mail address above, it is now routed back out to the Internet to the user’s new SMTP address. Once all users have been migrated to the new system, their old Vines SMTP address is added as an SMTP alias and the Vines system is dismantled. You’ll have to create custom recipients in the Exchange system for visibility of not-yetconverted VINES users.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Address Synchronization Problems
453
Resolving Address Synchronization Problems
T
here is a process in MS-Mail called directory synchronization— dirsync for short. In Exchange the process is called directory replication. The concept is this: Suppose that you have an Exchange server in two different countries. Both are in the same organization but are in different sites. The administrator of the Exchange server in country 1 routinely adds, changes, and deletes users from the Exchange directory as does the administrator in country 2. Intuitively you would assume that there’s a delay while the changed information gets assimilated into the local database and then the changes are replicated to the remote database, and vice-versa. This is the dirsync process. It exists so that users in each area can pull up the Global Address List (GAL) and read a name off of a list that may very well belong to the opposing server.
Microsoft Exam Objective:
Diagnose and resolve coexistence problems.
Resolve address synchronization problems.
The dirsync process got its roots in Microsoft Mail for PC Networks and was modified to work with Exchange. It is possible to have MS Mail postoffices going through a dirsync process with Exchange servers. In order to accomplish this, you must understand that there is always a directory requestor and a directory server. The requestor server requests an update to the GAL, the directory server prepares the list of most recent changes and passes it back to the requestor server to be posted into the opposing server’s directory. You can have MS Mail to MS Mail systems, MS Mail to Exchange, Exchange to MS Mail, or Exchange to Exchange participating in this dirsync process. See Figure 13.1 for a picture of what a standard dirsync scenario might look like in either the direction of an Exchange box
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
454
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
providing dirsync services to MS Mail computers or an MS Mail directory server providing services to both Exchange and MS Mail requestors. FIGURE 13.1
A typical dirsync scenario Exchange Dirsync Server
MS Mail Requestor Server
MS Mail Requestor Server
MS Mail Dirsync Server
Exchange Requestor Server
MS Mail Requestor Server
Exchange dirsync server servicing requestor servers
MS Mail Requestor Server
MS Mail dirsync server servicing requestor servers of different types
MS Mail Requestor Server
There are many settings that have to be made on each computer in order to accommodate dirsync scenarios. You can imagine that getting dirsync going is a matter of trial and error (making sure the timing is correct for all servers in a deployment) as well as judicious monitoring. For all that, the dirsync process works marvelously well. The same directory synchronization process works somewhat the same with other foreign connectors. For example, when setting up the cc:Mail
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Address Synchronization Problems
455
connector, you have a Dirsync Schedule tab that you can configure to set up the times when directory synchronization between disparate systems can take place. You can select never, always, selected times, every 15 minutes, or every hour. So, to recap, we have a concept that entails one server requesting a directory update from another to maintain lists that accurately reflect the current state of the directory—the list of mailbox owners, distribution lists, groups, and so forth. Now we complicate this paradigm with the introduction of Exchange 2000 Server. E2K, as you’ve found out, uses an extension of the AD schema to keep mailbox information. This information is propagated to all Global Catalog servers in the environment. How then, does E2K talk to vintage Exchange computers to exchange GAL information? Furthermore, what about any legacy MS Mail servers sitting out there that are currently communicating with the vintage Exchange servers? You can see that this could get very complicated. The answer to the connectivity question is, of course, the Active Directory Connector (ADC). Just as the dirsync connector in Exchange is used to talk to MS Mail or Exchange computers to exchange updates to the GAL, so the ADC is used to connect vintage Exchange systems to E2K. The most common difficulty you’ll run into with this kind of address synchronization centers on the fact that the ADC can be configured in one of three ways: the vintage Exchange server has a one-way pipe to the ADC, the ADC has a one-way pipe to the vintage Exchange server, or both elements talk to one another. In a case where you’re not seeing regular updates to the GAL, suspect that a one-way connection is set up and one side of the system isn’t receiving any updates. Check the connection agreement for the server connection that you’re having a problem with. You can also run into problems with the following:
Invalid schedules
Improper or expired connection accounts
Permissions that have changed on a connection account
Nonoperational WAN connections
Server down
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
456
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
Active Directory Tools and Issues Several of the test objectives deal with communication between your W2K’s Active Directory and legacy systems.
Microsoft Exam Objective:
Design an upgrade or migration strategy. Considerations include primary vs. non-primary connections, and use of the appropriate version of ADC.
Design ADC connection agreements
Design connection agreements to support containers synchronization
Decide direction of synchronization.
In this book, we have talked extensively about the Exchange 2000 Active Directory Connector (ADC) and the potential for setting up Connection Agreements (CAs) between your legacy Exchange servers (or other foreign messaging systems) and E2K. You do this so you can link up the two systems while your migration takes place. We’ve also noted that there is a difference in the versions of ADC, the one that initially ships with Windows 2000 Server and the one that comes with Exchange 2000—you’ll use the one that comes with E2K. We need to make one more subtle distinction—the difference between a primary CA and a non-primary CA. In the Connection Agreement world, you can set up one of two CAs. A primary CA allows for the replication of existing directory objects to a new target, as well as the creation and replication of new directory objects in the target. A non-primary CA only allows for the replication of existing directory objects. When you set up a single CA between, say, a legacy Exchange 5.5 Server and your E2K computer, the CA is, by default, a primary CA. Go carefully here! Do not set up two CAs that point to the same Exchange 5.5 computer—you’ll create duplicate objects. You might want to opt for non-primary connection agreements when setting up a CA with a foreign messaging host. There are two checkboxes that you leave checked or uncheck, as the case may be. They are “This is a primary connection agreement for the connected Exchange organization” and “This is a primary connection agreement for the connected Windows domain.” Uncheck the latter if you’re connecting to a different Exchange organization in the same domain as your primary CA.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Address Synchronization Problems
457
Note that a CA can be set up on a given object container and that care must be taken in planning which containers will process in the synchronization process.
Active Directory Migration Tool The Active Directory Migration Tool (ADMT) is used to consolidate several Windows NT 4 account domains into a single Windows 2000 forest. In planning your Exchange 2000 design, you could well run into some difficulty if you encounter a host of legacy Windows NT 4 domains that have not been yet converted.
Microsoft Exam Objective:
Design an upgrade or migration strategy. Considerations include primary vs. non-primary connections, and use of the appropriate version of ADC.
Plan a migration that uses ADMT
Suppose, for example, that you’ve been hired as a design consultant for a large enterprise. You’ve been tasked with designing the new Exchange 2000 server deployment and preparing a project plan for carrying it out. You’ve been told that the majority of the network is on Windows 2000 and that the W2K deployment is getting close to completion; yet, there are several Windows NT 4 account domains that have not yet been converted. The W2K designers are fairly sure that the legacy domains are small enough and connected by robust enough WAN circuits to predicate coming up with a single domain and then sectionalizing the various entities using Organizational Units (OUs) instead of creating new W2K domains. Using the ADMT, you can prepare a strategy that takes these old NT 4 domains and creates a new single W2K domain out of them.
See www.microsoft.com/TechNet/win2000/win2ksrv/cookchp9.asp for more information on ADMT.
While not singularly affecting your E2K rollout in the sense that you have to somehow incorporate the ADMT into your E2K work, you should realize that the ADMT will be useful as a precursor to your actual E2K efforts by
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
458
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
helping you consolidate existing NT 4 account domains. Note that without a W2K account, a user cannot store e-mail on the E2K server. Thus, migration from Windows NT 4 to W2K and consolidation play a role in your design.
Design Scenario: The Convoluted Dirsync Quagmire Reynaldo is a brand new messaging administrator for a large pharmaceutical concern. He isn’t new to messaging systems, but he is new to the company’s messaging layout. The company has more messaging implementations than Disney has Dalmatians. There is a cc:Mail implementation that exists out in one of the company’s East coast offices, two or three MS Mail servers in the Calgary office, and a host of vintage Exchange computers. The central headquarters, located in Farmington, has an Exchange 5.5 SP3 server for the local user community and a connector server that provides the connectivity with the other computers. The network has been completely upgraded to Windows 2000 and Reynaldo’s primary duty is to now convert to Exchange 2000. He realizes that this will take quite a bit of time to accomplish in a multinational corporation, so he must make sure that legacy systems continue to interoperate in the interim. Reynaldo starts by validating elements of the connections between the different systems: what the service accounts are, the schedules that are kept, and other configuration data. He draws a map of all of the various connections so that he has a good visual to refer to when needed. Next he validates that the current connections are working correctly and that users are able to see the entire corporation’s mailbox list from their location. So now he has a detailed map of the current environment and is assured that things are working properly. Reynaldo next installs the first Exchange 2000 Server at headquarters and with it the ADC. He then mailbox-enables all the user accounts that are in AD. He next sets up a two-way connection between the ADC and the vintage Exchange connector server, adjusting the schedules and making sure that all configuration details are correct. He then waits to see if the transfer of GAL information takes place and, sure enough, it does. The E2K GAL is fully populated. He can then go about the business of dismantling or upgrading older servers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Problems with Address and Name Resolution
459
Resolving Problems with Address and Name Resolution
T
his has been alluded to a bit in previous sections of this chapter. Name-resolution issues are one of the most elusive problems to figure out, yet they are the easiest to solve. Because Windows 2000 integrates both DNS and WINS, you may find that name resolution issues are focused on one technology over another—DNS versus WINS. Slow response times to name resolution requests imply that there is something wrong with one or the other of the name resolution server solutions. For example, suppose you send out a name resolution request and find that the response is slow to return. You also note that the returned name is a fully qualified domain name (FQDN) rather than a NetBIOS name. Because DNS uses FQDN and WINS uses NetBIOS, you can tell for sure that the DNS server responded to the request. But an h-node Windows 98-based DHCP client shouldn’t be using DNS because it’s way down in the name resolution order. Recall that h-node is a name-resolution method that can be passed to clients via DHCP. H-node happens to be the most common method, and by using h-node, the client should have tried to resolve through WINS, then broadcast, then LMHOSTS, and finally DNS. Which is why getting the response back was so slow.
The biggest problem with client name resolution is trying to connect Outlook to Exchange Server. This is almost always a DNS, not a WINS, issue.
Microsoft Exam Objective:
Diagnose and resolve coexistence problems.
Resolve problems with address and name resolution.
The situation is complicated when you have a mixed environment of Windows 9x and ME computers with Windows 2000. In environments that were predominantly NT-based, most workstations are probably set to use WINS
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
460
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
and not DNS. DHCP provides for the ability to pass a name-resolution order through client configuration parameters. It’s a safe bet that h-mode is the most predominant search order used on workstations throughout the world—so there are definite name resolution order scenarios that an E2K designer must be worried about.
See Microsoft support document Q119493 for more information on name resolution order and the client configuration modes that can be passed by DHCP.
Without benefit of DHCP client configuration parameters, Windows 2000 computers are going to use DNS first and other name resolution methods second. Both Windows 9x and 2000 computers will also attempt to broadcast to find a host if there is no suitable name-resolution computer to answer the request. You’ll find that name resolution problems manifest themselves either through very slow, stodgy responses or through no response from a system at all. Your troubleshooting efforts will revolve around first trying to resolve the host name and, when no response is brought back, figuring out why the name-resolution request did not happen. The name resolution server could be down or hung. The service could be stopped. The name that you’re trying to resolve could have accidentally been deleted from the list. With WINS you can get into trouble if you have a bunch of statically keyed-in entries for Windows hosts. The general rule of thumb is to only key into WINS static entries for nonNetBIOS-based hosts (such as Unix). If servers aren’t resolving themselves in WINS, you need to drill in and figure out why instead of solving the problem with a quick-fix static entry. It’s a good idea to have a thorough understanding of the WINS server infrastructure and the push/pull partner setup in your organization. It’s also a good idea to get rid of excess WINS boxes.
With WINS, less is definitely more. In the largest of organizations, you should limit your server implementation to just three or four WINS servers. Smaller organizations should only have a maximum of two. A multiplicity of WINS servers provides undue complexity and the capability to provide for bogus name resolution operations or no name resolution at all.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Problems with Address and Name Resolution
461
You should map out the current DNS and WINS layouts in your organization, understand the interrelationships of the name resolution servers, understand the broadcast order that your DHCP clients are using, and then figure out where you can scale back the complexity of the system. You should also review the DNS tables from time to time to make sure the entries in them are correct and that they’re replicating data to their partners. Additionally, you should periodically review the WINS tables to make sure they’re concurrent, that tombstoning is happening on a regular basis, and that the static entries are kept to a minimum. You can also get into trouble with SMTP or other foreign address resolution methods. Perhaps one of the more common scenarios is when you want one form of SMTP address, say
[email protected] but the Exchange system is set for a default of lastname.firstname. You must examine the Exchange defaults and adjust to your liking. You’ll also run into address resolution failures when outside users are trying to send e-mail to an old SMTP address that has not been duplicated in the new system. This is quite common. For example, in your old system you might have used
[email protected] but you now use Firstname
[email protected]. Your CEO has dozens of business cards out in the world that list his address in the first format. Addresses are now failing because he has no SMTP alias that points to his old address. You’ll have to work out a fix for this. Some companies have three and four different SMTP aliases for every user in their company due to the changes they’ve made in their systems! It’s a legacy problem that you don’t have much control over.
To use a logon name as a user’s SMTP alias is a security breach. Think about it. To offer to the Internet a user’s logon name in the form of his SMTP address, you’ve provided half of what a hacker needs to get into your system. Consider a different SMTP alias than the logon name format that’s used in the enterprise. If users log on with Firstname.Lastname, consider an alias of FirstInitialLastName or something similar instead.
Foreign address resolution failures stem from either the foreign system being down or unavailable or a lack of understanding in the way that the addresses are formulated on the foreign system and how they’re brought into the Exchange system. For example, the foreign system may be sending you
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
462
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
an address of C = U.S., P = Mycompany.com, O = Sales, S = last_name, G = first_name, but you’ve got your Exchange connector set for C = U.S., P = Sales.Mycompany.com, O =
, S = last_name, G = first_name.
Design Scenario: For Lack of an A Record Felisa is the system administrator for a small non-profit organization. The organization maintains a high-speed connection to the Internet through a good-quality ISP. The ISP maintains a DNS host, and Felisa maintains a DNS server in the organization as well. Felisa is setting up a new Exchange 2000 server and intends to perform a raw cutover from her original foreign messaging system to the new Exchange system. That is, users will be using one messaging system on Friday evening, and when they come in on Monday morning, they’ll be transferred to the new system. Felisa has the E2K server set up and has done some basic testing on it. When users come in Monday morning, everything seems to work pretty well except that they cannot receive or send any Internet e-mail. Felisa looks at the configuration settings for the server—everything looks just fine. Users can resolve the host name because she has keyed an A and MX record into her DNS server. Frustrated and at wit’s end, she calls her ISP’s technical support desk. They cannot resolve the name of the new host. Felisa’s at once embarrassed and relieved to realize that she never called her ISP to ask them to add an A and an MX record for the new computer to their DNS tables.
Summary
T
his chapter has been about the thing you don’t want to have to do much of in your new Exchange 2000 environment—diagnosing and resolving problems. We started first by discussing e-mail delivery problems. The problem manifests itself to the user as a Non-Delivery Report (NDR). The user is dead in the water. Often these problems occur due to an improperly formatted SMTP or foreign e-mail address. It’s also possible that the WAN linkage is
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
463
down, the receiving server is down or having a problem, or there is a name resolution problem. Next we discussed problems with foreign connections. In most cases, you’ll wind up having problems early on if you’ve incorrectly configured the connections. After configuration and proof that the system is working correctly, you’ll have problems when either server is excessively busy, down, or unavailable. This kind of problem likely won’t manifest itself right away. Queues will begin to fill up, and you’ll eventually have a user calling you wondering why she hasn’t received a reply she was expecting from a user on a foreign system. Address synchronization problems happen when the dirsync process falls down for whatever reason. Typically the schedule that the dirsync servers maintain can interfere with smooth synchronization operations. The service account can also be a problem if it is changed or its permissions removed. Time zone difficulties might interfere. Dirsync can’t happen if the network or WAN linkages are unavailable when the process launches. Servers down or unavailable will interfere with the dirsync process. Users won’t really notice this problem manifesting itself other than the fact that a user doesn’t show up in their GAL. Name resolution problems are quite common, are difficult to initially diagnose, and are usually easy to resolve. There are several name resolution methods available—it is incumbent on the designer to understand the name resolution paradigm at work in his or her environment. Address resolution problems can occur when the sending server has formatted an address differently than the receiving server is expecting it. Also, the lack of an alias for an old SMTP address can generate NDRs for users trying to send e-mail into your system.
Key Terms Active Directory Connector (ADC) Active Directory Migration Tool (ADMT) directory synchronization (dirsync) h-node Non-Delivery Report (NDR)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
464
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
Review Questions 1. Your help desk is getting reports that no one can send e-mail to your
Baltimore office’s Exchange 2000 server. The NDR reports that the “host is unknown or not available.” In what order would you begin troubleshooting this problem? A. WINS B. Internet e-mail service C. DNS D. WAN circuit 2. You have been getting calls from a handful of users that need to send
e-mail to a host on the Internet. The users are reporting that their e-mail is coming back as undeliverable. What should you do? A. Check your Internet e-mail service. B. Tell them that it’s the receiving server with the problem. C. Check the firewall. D. Check the WAN circuit. 3. You have a user that has come to you with an NDR that says “no
known host by this name” when she attempts to send and e-mail to an Internet recipient. What could be the problem? A. The Internet e-mail service is down. B. There isn’t an MX DNS record for this host. C. The user has incorrectly formatted this address in her OAB. D. The E2K system can’t resolve the name in the GAL. 4. What DNS records are required by Exchange 2000 servers for in-bound
SMTP from non-Exchange sources? Select all that apply. A. SRV B. MX C. A D. SOA
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
465
5. Nathan has a smaller network that consists of four Windows NT 4
account domains operating in a complete trust environment. Each domain has around 200-250 accounts in it. One of the domains contains an Exchange 5.5 server that services all users in every domain. Nathan’s plans are for upgrading first to Windows 2000, then to Exchange 2000. Nathan is interested in somehow consolidating the smaller NT 4 domains into a single Windows 2000 domain. What tool or tools will likely be the first that Nathan uses as he moves forward with his migration? A. DCPROMO B. ADC C. ADMT D. MIGRAT 6. One day you get an e-mail from a large ISP informing you that you’ve
been blacklisted for spamming. But your company isn’t into e-mail marketing. You have a system with vintage Exchange servers and an Exchange 2000 server. What could be the problem? A. You’re being relayed by a spammer. B. There is a problem with address formatting. C. There are name resolution issues on your ISP’s DNS server. D. They’re wrong. This couldn’t be you. 7. You have two Exchange 5.5 servers in different sites within the orga-
nization and an Exchange 2000 server. You’re not getting updates to the E2K GAL like you should. What could be the problem? A. ADC is set for one-way transferal. B. Vintage Exchange servers can only share dirsync information with
themselves. C. Vintage Exchange servers cannot share GAL information with
Exchange 2000 servers. D. IIS 5’s SMTP configuration isn’t correct.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
466
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
8. You have an Exchange 2000 server installation that spans many geo-
graphic regions. There are bridgehead servers that handle the connectivity between routing groups. There is only one WAN connection between any routing group and the rest of the Exchange organization. Your help desk is getting numerous calls saying that users are receiving NDRs from a routing group in one of your remote locations. What could be the problem? A. The WAN circuit is down. B. A bridgehead server is down. C. The routing group master server is down. D. SMTP addresses are incorrectly formatted. 9. You have an Exchange 5.5 SP3 server in Tokyo and an Exchange 2000
server in Denver. Users in Denver are getting e-mail documents that are date-stamped a day earlier than today. What could be the problem? A. There are time zone issues with the ADC. B. A server is down. C. The incorrect time is on Tokyo server. D. The incorrect time is on Denver server. 10. You’re in the server room, and it’s 3:00 A.M. You’ve changed the name
of an Exchange 2000 server in your enterprise. Now you’re testing the change to make sure e-mail can still flow, but it isn’t working! What could be the problem? Select all that apply. A. DNS B. WINS C. Service account D. Services stopped
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
467
Answers to Review Questions 1. C, A, B, D. Because Exchange 2000 works with DNS and not WINS,
you would first want to validate that you can reach this host through a DNS name resolution. Then see if WINS works. Make sure the service is started, and finally check the WAN circuit. 2. B. If other users are not reporting the same issue—i.e., getting NDRs
back when attempting to send Internet e-mail—then it is likely the problem of the receiving server on the Internet. To satisfy your customer, you could go through the cursory checks to make sure your stuff is working okay, but the problem is likely with the server on the other side. 3. C. The user has created a custom entry in her OAB that points to this
recipient and has incorrectly formatted the SMTP address. Your hand is tipped when you’re sent to check a single user. If the Internet e-mail service were down, you’d have a whole raft of users complaining. 4. B, C. The Exchange 2000 system can get along with only one pri-
mary Exchange server having an MX record in the DNS database. But an A record is required for all Exchange servers in the system. It’s wise to provide an MX record for each as well. 5. C. DCPromo will be useful to Nathan if he has a Windows 2000
server installation that is not currently being used as a domain controller (DC). But it will likely not be the first tool that he utilizes because he will probably upgrade his existing PDCs and BDCs to Windows 2000 DCs. The Active Directory Connector (ADC) will come into play later, as he goes forward with his Exchange 2000 upgrade and needs to connect to his legacy Exchange 5.5 box. There is no such utility as MIGRAT. But the first tool he’s likely to consider will be the ADMT because it will allow him to accomplish his NT 4 domain consolidation goal.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
468
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
6. A. If port 25 has relaying enabled (turned off by default on
Exchange 2000 servers and configurable with Exchange 5.5 SP3 servers), a spammer could easily hijack your Exchange computer to send tons of “blast e-mail” to users on the Internet. 7. A. The Active Directory Connector connection agreement is likely
set for only one-way updates. 8. A, B, C. The problem likely does not rest with incorrectly format-
ted SMTP addresses because you have so many calls to the help desk. Suspect that the services or the servers are not operational or that the WAN circuit is down. 9. C, D. Time zone issues sometimes crop up in dirsync operations.
Incorrect time on either server would also exhibit this symptom. 10. D. You just did the ultimate Homer Simpson maneuver. Doh! You
cannot change the Exchange server’s name or you’ll irrevocably break things. Time to get out the CDs and reinstall. You’ll be lucky to be home tomorrow morning at 3 A.M.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Case of the Disparate Messaging System
469
I
n this case study you’re faced with the possibility of having to deploy a client other than the standard MAPI client.
Problem Statement You work for a large governmental agency as a network architect. You’ve been charged with making some sense of the messaging system that’s in place throughout the 20 or so large departments that make up the agency. Problem is, there really has been no centralized standard-setting organization in place until you were hired as part of a team to begin making some sense of the network. As a result of this, you’re finding that administrators in the various departments have done what seems right to them. Two or three administrators have gone with Novell NetWare and set up GroupWise servers. Two other administrators have been experimenting with Lotus Notes over NT. The rest of the administrators have stuck with NT and Exchange, but even there you’ve got various versions of Exchange set up, not to mention varying levels of service packs that have been applied to these Exchange servers. The result of this is that users are not very often successful in sending e-mail to users in another department. There is no such thing as standardization, and when a user in one department wants to send e-mail to a user in another department, if the person in the remote department doesn’t show up in the server’s address list, it is expected that the person wanting to send the e-mail notify his or her administrator to have an SMTP alias keyed into the system. A handful of the Exchange servers have a connector that links them with other departmental servers, but there is truly no complete mesh to this system. It’s a complete mess! The first thing the new CIO tells you is that she wants you to bring all of the departments into standardization on one messaging system, and she prefers that this system be Exchange 2000. CIO “I can’t stress to you how de-unifying it is to have 18 or 20 different e-mail systems. It’s like each department is in its own little world and doesn’t need to talk to anyone else!”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Case Study: The Case of the Disparate Messaging System
CASE STUDY
470
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
There is a steering committee that has been formed out of technical persons from several departments. Their charge is to guide what amounts to a completely new centralized IT standards body to making good decisions affecting the enterprise. Steering Committee “It’s important that you blend departmental autonomy with a technical solution that meets everyone’s needs.” There are approximately 5000 users that you have to consider.
Project Design Requirements You first start by visiting each of the departments and mapping out exactly what each has in place for a messaging infrastructure. You come up with the following list: Communications
GroupWise 4, 1 server
Budget
GroupWise 5, 1 server
Programming
Exchange 5.5 SP3, 2 servers
Internet
Exchange 5, 1 server
Legal
Lotus Notes 4, 1 server
Marketing
Lotus Notes 5, 1 server
Executives
Exchange 5.5, 1 server
Motor Shop
Exchange 4, 1 server
Security
Exchange 4, 1 server
Medical
Exchange 5, 1 server
Public Relations
Exchange 5, 1 server
Human Relations
Exchange 5, 1 server
Aircraft Services
Exchange 5, 1 server
Records
Exchange 4, 1 server
Payroll
Exchange 5.5 SP3, 1 server
Food Service
none
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Case of the Disparate Messaging System
Exchange 4, 1 server
Recruitment
Exchange 4, 1 server
Storage Systems
none
Accounting
Exchange 4, 1 server
Because there have been numerous problems with different departments electronically communicating with one another over the years, you’re specifically charged with reducing the complexity by several orders of magnitude. Thankfully, all Exchange servers are sites that are members of the same organization. NetWare networks are using TCP/IP, not IPX. CIO “I don’t care what kind of system you come up with. The one you design will have to be better than what’s currently out there. I’d like to see a much more centralized approach to the messaging infrastructure than we have right now.” Steering Committee “Centralization’s fine as long as you understand the unique needs of each department.”
Current Environment You’re somewhat lucky in that most of the enterprise has been upgraded to Windows 2000 server. The only holdouts are the Novell NetWare shops. The infrastructure has had some attention paid to it by contractors and is remarkably robust. All departments are connected together with high-speed, fiber-optic lines, each of which has a backup circuit.
Envisioned System You envision a system in which you have a single Exchange 2000 server that is clustered and serving the entire enterprise. This system will live at the Programming headquarters office, which is where most of IT is stationed. You’ll allow administrators to maintain autonomous control of the rest of their file, print, and application servers that are not enterprise-oriented, but you’ve decided to take back the messaging environment and move it into a centralized enterprise mode.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Training
471
CASE STUDY
472
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
You’ll provision the computers in the cluster as high-quality boxes with multiple CPUs and lots of RAM. The servers will connect to the core switch in your building at 100Base-T speeds and talk to each other through SCSIto-SCSI connectivity. Once the servers are up and operational, you’ll begin migrating users to the new server one at a time until all users are on a single unified messaging platform. You’ll install the ADC to maintain connectivity with the Exchange 5.5 servers, and provide an Exchange 2000 GroupWise and Notes connector to communicate to the foreign systems. Once all users are cut over, you’ll format the old servers and let the admins do anything they want with them. CIO “This is a very solid, aggressive, and well-thought-out plan. I’ll need a project plan complete with timelines, milestones, backout procedures, projected hours, risk assessment, and key stakeholders. Once we’ve gotten approval for the money, you can go forward with the plan.” As you might expect, not all entities are as thrilled with the plan as your CIO is. Some, while outwardly applauding the idea of centralization and enterprise methodologies, really don’t want to see the e-mail system go this direction. Steering Committee “We need to stress that you’ll want to make sure that the individual departments’ e-mail needs are satisfied at all times as you move through this project plan. At any point in the project where things might go wrong, we expect you to back out.”
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Case of the Disparate Messaging System
473
1. After bringing up the new servers and getting the connectors going,
you start by migrating the GroupWise users over to the new servers using the Exchange 2000 Server migration tool made for migrating GroupWise users. About half way through one of the servers’ list of users, you run into a problem and cannot connect. What could be the problem? A. Name resolution B. Network connectivity C. NLM on GroupWise server is stopped D. Exchange server service stopped E. Database corruption or migration problem 2. Which users should you migrate first? Select all that apply. A. Exchange 5.5 B. Exchange 5.5 SP3 C. Exchange 5 D. Exchange 4 E. GroupWise 4 and 5 F. Notes 4 and 5 3. Users that have been migrated to the new E2K system can’t see anyone
in the GAL from Marketing or Legal (the Notes systems). What could be the problem? Select all that apply. A. A connector is incorrectly configured. B. The directory synchronization schedule is wrong. C. There is a name resolution issue. D. There is a service account problem. E. SMTP addressing is incorrectly formatted.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Questions
CASE STUDY
474
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
4. Users in the NetWare networks recently are receiving back NDRs that
say something about “server not found” when trying to send e-mail to users on the new system. What could be the problem? A. Name resolution issues B. Connector not working C. Improperly formatted address D. Server in cluster has failed over 5. Looking at the table below, from the right column select project tasks
and put them in the order in which they should be carried out. Task Order
Project Tasks Dismantle GroupWise servers Migrate Notes users Migrate Exchange 4 users Dismantle Notes servers Migrate Exchange 5 users Install new E2K servers Migrate GroupWise users Create ADC connection agreement Submit project plan and get approval for funding Install ADC Set up GroupWise connector Migrate Exchange 5.5 and 5.5 SP3 users Set up Notes connector Dismantle vintage Exchange servers Validate design through proof-of-concept project
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Case of the Disparate Messaging System
475
with this project? A. Connectivity with GroupWise servers B. Connectivity with Notes servers C. Users wanting to hold onto “tried and true” systems D. ADC E. Migration of Exchange users
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
6. What is the number one problem resolution experience you’ll have
CASE STUDY ANSWERS
476
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
Answers to Questions 1. E. We’re told that the network is connected together by high-speed,
redundant fiber-optic circuits so it can’t be network connectivity. Name resolution isn’t an issue with NetWare servers (unless they’re using TCP/IP). It’s possible that the NLM on the NetWare box is stopped, but not very likely. It’s also possible that the Exchange server service arbitrarily stopped, but that too isn’t very likely. Since we’re dealing with a third-party migration tool, it’s likely that the migration process has hosed up somewhere and has either corrupted the database or has stopped at a record that it doesn’t understand. 2. C, D. You need the connector with Exchange 5.5 SP3 to maintain
connectivity with the Exchange sites. It’s wise to move the earlier Exchange users to the new system while the ADC is in place. You’ll avoid potential address synchronization issues (not to mention the configuration hassle associated with them) by doing so. Once all of the earlier versions of Exchange are migrated, finish up by picking up the rest of the Exchange users. Then you can start in on your foreign messaging customers. Alternatively, you could migrate the foreign system users first, then concentrate on the Exchange folks. Either way would work fine. 3. A, B, C, D. Any of the options listed could be the problem, except
incorrectly formatted SMTP addressing. Early on into the deployment, an incorrect configuration should be suspected. Later on, if the GAL was updating fine and it just suddenly stopped, you should investigate account or permissions problems. Name resolution could be an issue as well. SMTP isn’t being used in the Notes system. 4. A. This is most likely a name resolution issue. It’s possible that
the connector is incorrectly configured but the “recently” part of the problem seems to indicate that it once was working. Ditto for the improperly formatted address. If the server in the cluster failed over, users might notice a delay, but they shouldn’t be getting an NDR back.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Case of the Disparate Messaging System
477
ital expenditures, thus worrying the bean counters in the corporation. On top of that you have people who want to stick with the tried and true legacy implementation. You’ve got naysayers and every other kind of detractor to your proposed system. With all these stumbling blocks, you have to have your ducks solidly in a row! Start by implementing a proofof-concept project. Why? So you can drag everybody into the room and say, “See here! This really does work!” Beyond that you’ll also have to have funding and project management documents. You know what you want to accomplish, but no one else, especially nontechnical folks, do. You must communicate. Then, and only then, after you’ve gone through all the political stuff, should you begin deploying your project. There’s a hidden axiom here that few IT people master. “Write about it first; implement it second.” Often we IT folks get these two turned around. See the following chart: Task Order
Project Tasks
1
Validate design through proof-of-concept project
2
Submit project plan and get approval for funding
3
Install new E2K servers
4
Install ADC
5
Create ADC connection agreement
6
Set up GroupWise connector
7
Set up Notes connector
8
Migrate Exchange 4 users
9
Migrate Exchange 5 users
10
Migrate Exchange 5.5 and 5.5 SP3 users
11
Migrate GroupWise users
12
Migrate Notes users
13
Dismantle Notes servers
14
Dismantle GroupWise servers
15
Dismantle vintage Exchange servers
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
5. Exchange 2000 design projects are typically going to involve large cap-
CASE STUDY ANSWERS
478
Chapter 13
Diagnosing and Resolving Coexistence and Migration Problems
6. C. The biggest hurdle you’ll run into with this project, without a
doubt, will center on the users’ unwillingness to part with what they know and are accustomed to using. This will involve lots of communication, education and persuasion to make the migration happen without angering a lot of people. Wrap-up: Projects like this are lots of fun. This project was made to sound easier than it actually is. You would expect to spend probably a year or two getting this project underway and seeing it to completion. Plan on running into tons of red tape along the way and add to that the assorted and sundry technical difficulties that you’ll encounter as you move along. Remember to start troubleshooting at a small level then work to the big stuff. Don’t forget to think about name-resolution as a chief gremlin when troubleshooting systems!
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Chapter
14
Diagnosing and Resolving Miscellaneous Implementation Problems MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER: Diagnose and resolve other deployment problems.
Resolve failed deployments that require a rollback to Exchange Server 5.5.
Use ADClean to resolve duplicate account problems.
Resolve permissions problems.
Resolve problems with sending and receiving e-mail.
Resolve security problems.
Resolve DNS name resolution problems.
Resolve problems involving resource limitations.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
W
e made it to the final chapter! In this book we’ve covered a ton of design information. Likely, if you’re accustomed to designing and administering earlier versions of Exchange, you’ll find some of the information to be intuitive. Yet other pieces of information you’ve garnered are probably new to you. This chapter finishes up the troubleshooting aspects of a new E2K rollout. We start off by studying what it takes to resolve miscellaneous deployment problems, things such as using the ADClean utility to resolve duplicate accounts and checking into permissions, security, and name resolution problems, among others.
Retroing Back to Exchange Server 5.5
Every good project planner knows that a solid project plan requires a step in it called “backout.” What we mean by that is that if everything augers in and you can’t get anything working, you resort to the backout section of the project plan and restore things back to the way they were. Depending on the project, a backout could be tricky—even impossible. Some projects could conceivably have no backout capability—you go forward with the project once it’s started and simply troubleshoot if there are problems. In the case of Exchange 2000, we can definitely write a backout into our project plan.
Microsoft Exam Objective:
Diagnose and resolve other deployment problems.
Resolve failed deployments that require a rollback to Exchange Server 5.5.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Retroing Back to Exchange Server 5.5
481
For the purpose of this chapter’s section, let’s suppose that an attempted E2K deployment in a vintage Exchange 5.5 environment has gone sour and you need to roll back. The first two things you must ascertain are these: Where are you at in the deployment? Is the Active Directory Connector installed and configured? If not, then you have no connectivity with your vintage Exchange system yet—you’re in the early stages of deploying E2K. At this juncture you can safely back out. You have not yet traded directory information. All you need to do is disable any clients you may have mailbox-enabled, then point their e-mail software back to the vintage Exchange server. While this may be a lengthy task, you don’t have any directory information to worry about. Which way is directory synchronization going? If ADC is installed and configured, is directory replication configured one way toward the vintage Exchange server, one way toward the E2K server, or both ways? This will make a difference in the way that you perform your backout. If you’ve got directory synchronization pointed one way toward the vintage Exchange box, you’re sending directory information for mailbox owners and groups that are on the E2K server to the vintage Exchange system. Your operational status at this point is likely one of “proof of concept,” and you have not yet put the system in full gear. To back out, remove Exchange capability from all mailbox owners and groups, then dismantle the connection agreement on the ADC. If you want to troubleshoot and keep going forward in your deployment, you can keep the ADC installed and shoot for a new connection agreement when ready. If you’ve got directory synchronization going one way toward the E2K server, you’re either in production or very close to it. Chances are you’ve got at least a few mailbox-enabled clients in your Windows 2000 network, plus some security and administrative groups. Backout at this point means that you’ll need to disable the E2K capability from all mailboxenabled clients and groups, point them back to the vintage Exchange server, and then dismantle the connection agreement and possibly the ADC. Chances are if you’re considering backout at this stage, it’s because the connection agreement isn’t working as you wanted it to and you’re thinking about starting over. If you’ve got a two-way connection agreement set up, you are either in posture where you’re getting ready to go to a full-tilt deployment or
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
482
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
you’re already in the throes of it and you have to back out for whatever reason. This is the most complicated situation. You’ve already shared directory information with the legacy Exchange system, which doubtlessly has shared this information with any other Exchange servers in the organization. You probably also have mailbox-enabled clients in the Windows 2000 network and groups, but you’ve not yet completed migration of any legacy Exchange users. Backout success will depend on how many legacy clients are still out there. If you’re two-thirds of the way done, why do you need to back out? Server issues? Bandwidth? Lack of disk space? Perhaps there’s an underlying reason that you think is forcing you to go to backout when in fact you could potentially solve the problem and forge ahead. Your tack is the same—disable the already mailbox-enabled clients and groups, and point the clients back to the vintage Exchange servers. Re-create any distribution lists and groups as needed. Dismantle the connection agreements. Dismantle the ADC. Allow time for the legacy Exchange directory synchronization process to filter out the entries that came from the new system. OK then, what about backout to a foreign e-mail system? Well, the same basic questions apply. The first question to ask is this: Where are you at in the deployment? If you’re too far into it, perhaps you’re better off clearing up any problems that are making you think you need to back out. Next you figure out a way to move your already-migrated users back to their old mail system. Finally you dismantle any connectors or methodologies you’ve established for the connectivity between the two systems. There’s another consideration to think about here. Suppose that you’re attempting to perform a foreign messaging system migration and you’re halfway through it when you realize, for whatever reason, you need to back out. But even though you really don’t want to back out, you definitely do want to get your users off of the old system. Why not think about an interim system of, say, Exchange 5.5 for a time while you replan your E2K deployment? Move your users to the vintage Exchange system, enable them to send and receive e-mail, then spend some time on troubleshooting the reasons why you had to back out and how to move forward. After a backout, you need to sit down with the stakeholders of the project and try to figure out what went wrong. Unless you’re completely scrubbing the project, do not dismantle servers just yet! Acting irrationally in a new
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Retroing Back to Exchange Server 5.5
483
technology scenario is the kiss of death for any project. Oftentimes you’ll find after talking with technical support people or by simply letting the problem sit a day while you mull it over that you’ll solve it and can move forward. But if you’ve dismantled the servers and you’re in full-on “I’m never going there again!” mode, you won’t be able to realize your goal of moving users to an AD-based messaging system. After the backout is the time to rationally, calmly try to figure out what the problems are, how to rectify them, and then manage the problems the same way you would any project plan—seek advice from subject matter experts, make sure the parts are all compatible with one another, and then move forward in a logical manner using systematic methodologies.
Design Scenario: The Amateur E2K Deployment Sparky is one of those guys who has to have the latest and greatest of every Microsoft release. He’s running more beta software on his little 100-node network than any other beta tester anywhere. His users have suffered for this before, but Sparky is a big believer in Microsoft and the company’s technological offerings. Sparky’s currently running Exchange 5.5 server but desperately wants to upgrade his users to Exchange 2000. He’s got Windows 2000 server running as a domain controller—the only domain controller in his small network— and it seems to be going fine. He had some pain getting users converted at first, but now things are fine. If only he’d taken the time to study DNS before implementing it! Oh well. Sparky finds a Dell X1 Pentium 266 workstation with 96MB of RAM that he thinks will work fine as an E2K server and installs Windows 2000 on it. Next he installs E2K and begins to migrate his users’ mailboxes over. He knew from his previous foray into conversions such as this that you don’t start something like this on a workday morning, so he instructed his users to get out of their e-mail Thursday at 2:00 P.M. This way, he figured, he’d have time to really figure out the product before folks came into work on Friday morning. By then it would be all operational and working wonderfully. His boss would see what a techno-genius he really was!
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
484
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
Things didn’t go nearly as smoothly for Sparky as he’d hoped. He had a really hard time figuring out how to get mail from the user’s old mailbox to their new one. He had to resort to copying their e-mail off to a .PST file, then importing it back in after they’d been set up as an E2K client. Additionally, the “server” he chose to use wasn’t performing optimally—mail seemed to be really slow. Sparky had big plans for the box that the vintage Exchange software was running on, so once he was done with the user copying processes, he formatted the server’s hard drives and began prepping it as his new server. But Sparky was diligent and worked through the night getting all 100 users onto the new system. Then he left a voicemail for his boss, telling him how hard he’d worked and that he was going home for some sleep and would be back in at noon or so. When Sparky came back into work at 2:00 P.M., his boss was so furious that she was ready to fire him on the spot. “How is it possible that you could just convert us all without any testing whatsoever? And what about user acceptance? I was just at a seminar where they were talking about this. Why is mail so slow? Sparky, if you like your job here, and I presume you do, you will immediately dismantle this system and put us back to the old e-mail system. Your system is completely hindering everyone’s ability to get their work done!” Question: What was Sparky’s backout plan?
Using the ADClean Tool
H
ere’s a quirky little thing. When you have a couple of connection agreements on a single ADC both set to monitor the same container and both connection agreements are set as primary, it’s possible to obtain duplicate entries in Active Directory. This happens when the first connection agreement queries the source container and finds a new entry, then finds out from a global catalog server that this new entry does not yet have a match in the Active Directory. The second connection agreement does exactly the same thing, almost at the same time—querying the source container, finding a new entry, and then querying a global catalog server to see if a match exists in
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Using the ADClean Tool
485
Active Directory. Since it’s possible that the two connection agreements query different global catalog servers and that the contents of one global catalog over another might be out of sync until replication time, it’s very possible for duplicate entries to be put into the Active Directory. Figure 14.1 shows this anomaly. The first entry posted has the original name of the object found. The second, duplicate, entry has a –1 appended to it to show that it’s a duplicate. Just for illustration purposes, in the figure box the new object is named, strangely enough, new.object.
Microsoft Exam Objective:
FIGURE 14.1
Diagnose and resolve other deployment problems.
Use ADClean to resolve duplicate account problems.
The duplicate object posting anomaly and the purpose for the ADClean tool
What can you do about duplicates that show up like this? You use the Active Directory Account Cleanup Wizard! You’ll find this tool in the Exchange folder in your Start Programs menu. When you run this utility a little wizard similar to the one shown in Figure 14.2 pops up. Navigating through this quick wizard, either you select all of the containers to search for duplicates or you specify explicit containers to search in order to find the duplicates. Once found, the program will merge the two into one, thus getting rid of the duplication problem. Figure 14.3 shows the container selection window.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
486
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
FIGURE 14.2
The opening screen of the Active Directory Account Cleanup Wizard
FIGURE 14.3
Selecting all containers or specifying individual ones for duplicate object location
Optionally you can run the ADClean.exe program, found in your Exchange server’s %systemroot%\Program Files\Exchsrvr\Bin directory. There are several command line switches available with ADClean.exe. Running ADClean.exe without any command line switches merely launches the Active Directory Account Cleanup Wizard. The command line switches are shown in Table 14.1.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Using the ADClean Tool
TABLE 14.1
487
Command Line Switches Used with the Active Directory Account Cleanup Wizard Command Line Switch
Action
/?
Displays the help screen.
/S
Searches for duplicate accounts and puts their listing into a comma-delimited .CSV file for later use. You supply the merge file’s name (referred to as “MergeFileName” later in this section).
/X
When used with the /S switch you extend the search for duplicate objects to include any connection agreements created in the ADC as well as other mail connectors you may have installed.
/C
When used with /S, specifies the containers that you want to search for. Using this switch creates a Merge.CSV file that can be used for later operations.
/M
Carries out the merge operations listed in the MergeFileName.CSV file.
/O
Used with the /M switch, this switch merges duplicate accounts found in a MergeFileName.CSV file that you specify.
/L
Changes the location of an Active Directory account.
You might be asking yourself what the difference is between the /M and the /O switch, since it appears that they both do the same thing. The /M switch only works on the MergeFileName.CSV file found in the same directory as the location of ADClean.EXE. But suppose you had a different MergeFileName.CSV file located elsewhere from a different operation? You would use the /O switch, coupled with /M and specify the exact path to the new MergeFileName.CSV file as part of the command. Suppose, for example, that you have a MergeFileName.CSV file on your server’s E drive in a folder called NewMerges. The command line for this operation would appear thus: ADClean /M /O E:\NewMerges\MergeFileName.CSV. You cannot use any
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
488
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
other file name apart from MergeFileName.CSV. But you could run various merges on different containers, separating the files into different folders for later merge operations. As a design issue, you’ll likely put several steps into your project plan throughout the project implementation to run merges as needed. You’ll want to run a merge of duplicate objects from time to time as you migrate new objects into the AD database. You’ll also want to perform a merge as you bring up new connectors for foreign e-mail systems.
Design Scenario: ADClean-ing Your Way through a Deployment Marge is a systems consultant for a large, systems-integration consulting firm. She has been retained to design and deploy a move from a highly disparate messaging environment to a single Exchange 2000 system. Marge understands that several connectors need to be put into place to affect the directory synchronization and object creation of foreign system messaging users. She also knows that she’ll need various connection agreements in ADC to communicate with vintage Exchange deployments. Marge communicates to the messaging administrators helping her with the deployment that they’ll occasionally run into object creation, and she specifies the reason why. She teaches the administrators how to query for duplicates using the Active Directory Account Cleanup Wizard, then how to merge them using either the wizard or the ADClean.EXE file with the various available switches.
Resolving Permissions Problems
T
here are a variety of permissions problems that you could conceivably encounter in your Exchange 2000 deployment. Some of the different areas where you may run into problems include administration, users, delegation, and foreign connectors.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Permissions Problems
Microsoft Exam Objective:
489
Diagnose and resolve other deployment problems.
Resolve permissions problems.
Administrative Issues It’s possible that you’ll run into permissions problems when administrators try to access resources to which they’ve not been given access rights. The most likely scenario in which this will happen will be when you set up an Administrative group and forget to include an administrator who should have initially been added. The problem with this kind of issue arises when you’re forced to track down group memberships. For example, Paul, an administrator in your Cleveland office, needs permission to administer a container for which you’ve set up a specific administrative group. Paul is not specifically a member of Administrators or Enterprise Administrators. You add Enterprise Administrators to the Administrative group that you create, but this, of course, doesn’t allow Paul to administer the resources he needs access to. In order to fix this problem, you may have to revisit the administrative permissions you have set up for a given container. Add the user to an existing group or create a group that you will make him a member of, then add the group to the list of resources allowed to administer this collection.
User Issues Users will run into permissions issues when they have somehow not logged on to the domain or when they have insufficient permissions to access a resource that they’re being pointed to in an e-mail document. Users may run into a URL, network resource pointer, or attachment that the reader does not have access to. The user clicks the link and generates a permissions failure, which, of course, he cannot decipher. Check the resource’s permissions and modify accordingly. A third user permissions problem that comes up—one that doesn’t have anything to do with permissions actually—has to do with virus scanners working alongside Exchange server that block incoming executables. Users see an e-mail document that says something like this: “Jenny! You’ve got to
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
490
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
run this program. It is SO funny! Tish.” But when Jenny tries to launch the EXE, she can’t because the virus scanning software has politely removed it to a quarantine directory! This is not a permissions problem, nor is it something you should solve for the user. It’s a training issue. Users who need this functionality need to know that if they’re going to need to get an EXE in e-mail, the sender needs to zip it or somehow archive it so that it’s not viewed as an EXE by the virus-scanning software. Otherwise, it’s a great boon to administrators because it keeps the servers’ CPUs from thrashing because they have to copy so many EXEs all over the enterprise.
Delegation Issues This is a problem that will be very hard to track down if you don’t sit down and plot out your permissions ahead of time and maintain strict control after deployment. Recall from earlier discussions that it’s possible to delegate administrative control to another person. You can turn this capability off— it’s a function of Active Directory policies—but you may not (or cannot) do so at the time of deployment. Thus an administrator who has adequate permissions, in a time when she needs help from somebody else, simply delegates those permissions to her helper. The delegatee could then turn around and do his own delegating and so on. The next thing you know, when you check group memberships you find many people on the list of qualified administrators—perhaps some people you don’t even know! Obviously the workaround to this problem is to shut off the ability to delegate when setting up your initial permissions to the system. In a situation where you’re not comfortable with such an approach, maybe you could come up with some kind of a document that new administrators sign—one that forces them to say that they will not delegate permissions to another person. All of this sounds harsh but the question begs: If your system is hacked and it is later discovered that it was hacked by an insider who somehow magically obtained permissions to resources he shouldn’t have had permission to, who will be to blame?
Foreign Connector Permissions A foreign connector service account may not be the only thing you require for access to a computer running a different OS and messaging system. It’s very possible that the service account requires very specific permissions to
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Permissions Problems
491
resources on the messaging computer. Depending on whether there’s a subject matter expert available on the foreign system, this kind of problem might be extremely difficult to track down. For example, suppose that you’re busy trying to export users off of a Unix-based system into E2K, but the connector fails time and time again. The logs seem to imply that there’s an issue with some sort of permissions, but you can’t figure out what file is controlling the permissions access to the folder in question.
Design Scenario: Permission to Board, Sir? Georgia is a brand new messaging administrator for a large cruise-ship company. All of the ships currently use Unix-based, touch-screen systems. The Unix servers are situated in the base of the ship and there’s an administrator on each ship responsible for the administration of the sea-going network. Georgia has been charged with the responsibility of converting the Unix system to an Exchange 2000 system that uses wireless connectivity with the ships so that e-mail documents can be exchanged at all times and all locations. Georgia has been told that she cannot convert the ship-based systems but must figure out a way to set up connectivity with them, and she must be able to maintain this connectivity at all times. Georgia faces one very unique challenge—the challenge of having 35 different administrators, one for each ship in the fleet, administering the messaging infrastructure the way he or she sees fit. Georgia also faces a permissions problem—how to set up a connector that is adequately able to connect to each server, authenticate, obtain permissions to the resources it may need, and then be able to migrate mail back and forth between ship and stateside. A daunting task! Georgia is finding that the wireless component is the least challenging aspect of the entire project.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
492
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
Resolving Problems with Sending and Receiving E-Mail
T
here are different computing parts to consider when resolving issues that center around sending and receiving e-mail. Let’s take them one at a time.
Microsoft Exam Objective:
Diagnose and resolve other deployment problems.
Resolve problems with sending and receiving e-mail.
Server Issues Server services that were stopped and then not started again or that just arbitrarily stopped could hinder the flow of mail. It’s always wise to check the services to make sure they’re started if you suspect an enterprise-wide outage. Name resolution issues will also hinder server operation and, hence, e-mail delivery. For example, suppose that somebody inadvertently alters a DNS database resource record. Because the e-mail server cannot be contacted due to an inability to resolve its name, e-mail is no longer available to users. Note that this scenario doesn’t necessarily cause an enterprisewide outage. Users utilizing a secondary DNS server that has not yet received an incremental update from its primary DNS server will show the original correct entry for the e-mail server and users will be able to still contact it. Network Issues Administrators arbitrarily changing an e-mail server’s IP address or other IP configuration information will also affect the flow of e-mail, as will changes to VLANs and infrastructure gear—changes that are not communicated to systems administrators. Your ISP could lose a circuit for a brief period, thus disrupting Internet e-mail into and out of your enterprise. WAN circuits between e-mail servers could fail, thus creating an e-mail outage for some clients.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Problems with Sending and Receiving E-Mail
493
User Issues Users could incorrectly format an Internet e-mail address, thus receiving an NDR. Users could be checking the wrong folder list for a username. For example, a user might be looking for Mary Smith, not in the GAL, but in a folder called Sales. Mary doesn’t work for Sales so she doesn’t show up there. Connector Issues Foreign connectors typically rely on some sort of connection account and oftentimes rights to certain folders on the foreign system. If these conditions are not right, e-mail might stop flowing. For example, a foreign messaging system administrator might arbitrarily change the password on the service account, thus stopping the flow of e-mail across the connector. Active Directory Connector’s connection agreements must be correctly configured to allow for regular updates to the directories of all systems. Schedules must be correct.
Design Scenario: Managing E-mail Sending Issues Freda is an Exchange messaging administrator for a large company with several different messaging systems. One day she gets a call from a user who is getting NDRs when trying to send e-mail documents to a user of a foreign messaging system that is being connected to with the E2K X.400 connector. When Freda begins to investigate the issue, she finds that the Exchange system is incorrectly formatting all outgoing e-mail documents to the foreign messaging users. The reason this difficulty has not cropped up before now is due to the fact that there isn’t much need for a dialog between the two. In fact, the user who complained did so only because she had read about the person she was trying to contact in the company’s newsletter and decided to send an information-gathering e-mail to this person. Freda finds and fixes the formatting problem, and the system is sending e-mail correctly—as it should have done from the start.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
494
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
Resolving Security Problems
Security issues are like a tavern door—they can swing both ways. You’ll likely run into security problems where someone doesn’t have enough security to be able to perform some function. But you’ll also run into issues where someone has too much leniency with systems. Probably the trickiest design scenario you’ll run into will revolve around making sure that admins have the capability of administering the users and groups for which they really should have control, but not for other users and groups. You manage this control through various administrative groups and through permissions for various objects.
Microsoft Exam Objective:
Diagnose and resolve other deployment problems.
Resolve security problems.
Internet connectivity problems can stem from a variety of issues—most of which are not in any way related to E2K. For example, you may run into an issue where a proxy server has been configured to allow certain computers through. You have a client who calls in with a problem that she cannot send e-mail out to the Internet. You check every conceivable thing you can check—all looks correct! Only then do you realize that she’s one of the first clients on the new 10.0.0.0 network that the internetworking folks are implementing and that the proxy has no provision for 10.0.0.0 addresses! This little problem cost you about four days’ worth of work and trouble. IIS issues can crop up as well. Use of the special IIS “Iusr” account might be arbitrarily taken away, thus disallowing users from utilizing HTMLbased mail. At the Exchange 2000 level, it is important to visit, at deployment time, each server object to ascertain the permissions that have been granted to the object—to make sure the permissions are in compliance with what you think they should be. Then, after deployment, it’s important to revisit the permissions from time to time to make sure they’re still in compliance.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Security Problems
495
Design Scenario: The Case of the Stolen Identity John Watson is a security administrator for a mid-sized biotechnology corporation. The company has a primary DNS server sitting out on the DMZ— designed to answer name resolution requests from Internet users. The e-mail servers for the company sit inside the private network, and the firewall allows port 25 (SMTP) traffic to be pointed to this internal server. During the mid-morning one day, one of the scientists emerges from the lab and corners the e-mail administrator to ask him where a very important e-mail is that he’s been expecting. The scientist says he has talked to the sender who sent the e-mail the previous evening—shouldn’t it be here by now? The e-mail administrator checks the system—the queues are nearly empty—there is no e-mail waiting for the scientist. Acting on a hunch, the security administrator sends an e-mail to the scientist from his Internet e-mail account. He sends the e-mail out with a delivery receipt flag requested and receives the flag back almost immediately. But the e-mail never arrives at the scientist’s desktop. Upon checking the DNS server, it is discovered that some scurrilous one has keyed in a bogus MX record with a very high priority number pointing to a server on the Internet! The e-mail coming in is being immediately re-routed to this other Internet server. The DNS server has been hacked and, because the zone files are primary, thus making them read/write, someone was able to key in a bogus record that intercepted quite a bit of highly sensitive e-mail. Unfortunately, after checking out the IP address of the bogus DNS entry, it was found that it too was being spoofed off of another DNS server, and so tracing the e-mail destination back to the hacker would be very difficult if not impossible. The company now has to think about how it can recoup from such a potentially devastating hack.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
496
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
Resolving DNS Name Resolution Problems
Not all Exchange 2000 servers require MX resource records in a DNS database. Only the primary Exchange server for the enterprise would require an MX record. Other Exchange servers require only an A (host) record. When experiencing what you believe to be DNS problems, you might be tempted to add an MX record for each Exchange computer in the enterprise. This is not necessary.
Microsoft Exam Objective:
Diagnose and resolve other deployment problems.
Resolve DNS name resolution problems.
When checking out what you think are DNS issues, first check the secondary DNS servers to see if a zone transfer has taken place. You can immediately tell by simply reviewing the secondary server’s SOA record to see if its serial number matches the primary’s. If a change has recently been made to the DNS zone files, it’s very possible that an incremental zone transfer has not yet occurred, and that is why you’re experiencing the problem. A second DNS problem that is more difficult to spot is when you introduce a new messaging server—one that’s going to be your primary messaging box—to the environment and you do not check with your ISP to make sure that their DNS entries are updated to reflect the IP address and name of the new computer. This problem will manifest itself either as Internet users complaining of not being able to send e-mail to you or if an older legacy server continues to receive and disperse e-mail. The latter symptom might make diagnosing the problem very difficult, because you might not even be aware there is a problem in the first place. Similar to WINS, with DNS less is more. If you’ve got a complicated setup where you have numerous DNS servers handling partial zones in the enterprise, you have a recipe for disaster. The first, most basic element of name server design is to keep systems as elemental as possible. Thus you should not complicate your environment with many DNS servers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Problems Involving Resource Limitations
497
Design Scenario: For Want of a Dash Reggie is an Exchange administrator for a large hospital chain. The hospital’s name server system has long been on BIND 4.9.2 servers, but since Windows 2000 and Exchange 2000 have been introduced, there are two Windows 2000 servers that have been acting as secondary servers to the primary BIND boxes. Reggie names his first Exchange 2000 server HOSP_E2K_1 with underscores instead of dashes. He asks the DNS administrator to add this host name to the primary DNS computer, giving it an MX and A record, which the administrator does. Soon after Reggie begins to migrate users he gets complaints that the e-mail system is acting very erratically. Reggie thoroughly checks the server over and over again and finds nothing out of order—nothing that could possibly make a difference. While searching the Web for any information he can find on the subject, he happens to stumble onto a document that talks about how for some reason DNS doesn’t do very well with underscores in host names. Reggie begins to wonder if this is the issue. Reggie moves the users that are currently on the system back to their old system for an interim period. He then changes the name of the computer to HOSP-E2K-1 and reinstalls Exchange 2000. He asks the DNS administrator to change resource records for the computer. Finally, he moves the users back and tests it. Everything works perfectly well now. Users report no more erratic e-mail difficulties.
Resolving Problems Involving Resource Limitations
Of all the issues you face in your Exchange 2000 deployment—where to put all this e-mail will be the biggest hurdle you’ll have to overcome. It’s a huge problem for messaging administrators, in spite of the fact that some man-
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
498
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
agers and executives don’t think e-mail is important or mission-critical. Try asking one of them to delete some of the stuff in their server-based folders!
Microsoft Exam Objective:
Diagnose and resolve other deployment problems.
Resolve problems involving resource limitations.
You’ll run into several issues. The first is the disk-space issue. Disk space is chewed up by people keeping e-mail on the server. It’s amazing how quickly a person’s mailbox can take up literally gigabytes of space on a server. It’s not unusual at all to find users who have 500MB or more of e-mail in a single mailbox. You can see how if you’re not monitoring disk usage and taking steps to restrict usage, users can really get ahead of you in the amount of resources they’ll utilize. You have several remedies at your disposal for such a problem. First of all, you should set mailbox quotas for all users of the system—regardless of their stature in the company. There are other methods for keeping important e-mail, and server-based mail may not be the best solution. But more importantly, you need to create, and users need to agree to, an enterprise e-mail usage policy that not only talks about what kind of e-mail is appropriate to use in the system, but also what the storage limits are and how administrators will enforce the limits. While disk space is cheap these days, you can’t keep throwing a new disk at the problem just because a handful of resource hogs on the network need to have huge mailboxes. There are better ways to manage their resources than that. Even more importantly, with Exchange 2000 you have the ability to move information stores to different servers while still maintaining the congruity of the Exchange system as a whole. This is a fabulous feature, because now you can spin off various segments of your messaging base to different database servers and add resources as necessary. The only problem with this scenario is that it’s expensive to continue throwing disk arrays at users. Another reason you might want to steer away from server-based mail is that the users create personal storage (PST) files when they use Outlook to create a private storage folder that’s either local to their computer or on a
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Resolving Problems Involving Resource Limitations
499
shared network where they can access it through various computers on the network—either locally connected or connected through RAS. PST files can grow very large. As long as they’re not on the Exchange servers and they’re kept locally, why should you care? Well, you care when the folks using these PST files are maintaining very important e-mail documents that they cannot afford to lose, which could well be the case on a completely unprotected PC. The fault-tolerance factor for locally based PSTs is quite low—almost nonexistent. The only saving capability you have might be the capability of pointing your backup software out to their computer and backing up these PSTs from time to time. The problem is, if the user runs off and leaves his e-mail open—simply locking the machine for the night—the backup software will skip right over the open file and not back it up! So you’re still not guaranteed that you can restore this user’s PST should he lose it and need a restoration. But if you move PSTs to a shared drive on a server, you’re back to the same problem you had before—too many huge PSTs on a shared server disk will still auger things in. What to do, what do to? Maybe one of the best workarounds for the PST issue is to provide a disk array that’s specifically devoted to user PSTs and a Hierarchical Storage Management (HSM) system. On the disk array you load Windows 2000 Server and set quotas for a specific amount per user folder, say, 100MB. When a user’s PST becomes full and she calls you, you archive it to the HSM system, then set up a new PST. Because HSM is a “near-storage” paradigm— meaning that when the resource is requested, it’s temporarily copied back in from alternative media (such as tape)—you can keep old resources archived to tape and new resources online. Mainframe systems have used this type of paradigm for years—with much success. Most major backup software vendors have software that will do this. Today’s HSM software can work in harmony with a Storage Area Network (SAN) environment in which you set up whole farms of disk storage and use software to manage the near and far storage on these farms. Because of their expense, both solutions may require buy-in from management before you implement. Finally, it’s going to be important to pay attention, at installation time, to where you store the information stores relative to the place where you store the transaction logs. As a general rule of thumb, the transaction logs should be stored on a different disk volume than where the information stores are kept. Which means that you may be paying due diligence to the amount of space taken up by the information stores, but not thinking a
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
500
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
thing about the transaction logs. If circular logging is not turned on (and it should not be) the transaction logs can really take up a lot of disk space in a hurry. Pay very close attention to this!
Design Scenario: Sinking in a Sea of Resource Needs Bertrand is a messaging administrator for a large telecommunications corporation. His Exchange 2000 system deployment has been wildly successful and users are utilizing the servers more than ever. And that is creating huge problems. For starters, Bertrand doesn’t have a policy that details how much data users are allowed to store in the information store. Some technically astute users are very good about moving everything to a PST on their local disk, while others choose to simply keep everything in their mailbox. Some mailboxes are 1.5GB! Moreover, the training department has done a good job of telling users in their Outlook 2000 class how to utilize PST files for off-the-server e-mail storage. Lots of users have used this technique and are happily storing their e-mail offline. But management is concerned that if some of these users’ PSTs go away, so will some very valuable company correspondence with it. And they’re not happy about that prospect. Should the PSTs be allowed to live on a local user’s PC or should they be server-based? And if they’re server-based, where on the server are they going to live? Bertrand starts by setting up separate disk arrays for certain groups of users. He then makes separate information stores in the E2K system that point to these new disk arrays and moves the user mailboxes to these new information stores. The problem of the PSTs is much more sticky. Bertrand solves this problem by moving all local PSTs to a fault-tolerant disk array. He then sets up an HSM system that allows for far-storage of older PSTs.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Summary
501
Summary
In this chapter we finished up the dialog we started in Chapter 13 about how to begin troubleshooting when things go wrong. We started out by looking at how to back out a failed E2K deployment in a vintage Exchange 5.5 site. The length to which you’ll have to go to will depend on two things: how far into the deployment you are and what directions you have the connection agreement(s) set for. A two-way agreement means that you’re sharing directory information from the E2K GAL to the vintage Exchange systems. A backout in this scenario means you’ll have to move any existing E2K users or groups back to the old system, wait for the directories to replicate with one another so the GAL clears out, and then dismantling the E2K servers. A one-way transfer toward the E2K box only means that you’ll have to move any E2K users or groups back to the old system. A one-way transfer toward the vintage Exchange system means that you transfer back any users and groups on the E2K box to the vintage system, wait for the GAL to clear the entries that pointed to the new system, then dismantle. All project plans should include a backout plan of some kind. Next we talked about using the ADClean tool. An anomaly can happen when you have two connection agreements pointed at the same legacy collection. The E2K GAL will wind up showing double entries due to the replication lag time between global catalogs. You can fix the dupes by double-clicking the Active Directory Account Cleanup Wizard executable (ADClean.EXE) without any command line switches or by passing in command line switches with ADClean.EXE to run in a customized mode. Then we talked about resolving permissions problems. Permissions can be assigned through the permissions properties for a given messaging object, through Administrative groups, or through certain properties of the W2K adjunct support software, such as IIS. There are administrative, user, foreign connector, and delegation issues that you have to worry about when examining these permissions. We also discussed what to do about problems with sending or receiving e-mail. You can have server, network, user, or connector problems that you might have to check into. The problem can be as easy to spot as an incorrectly formatted address to something as subtle as a firewall rule that has changed and no longer allows a specific type of traffic.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
502
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
Then we talked about resource limitations. Being able to create new information store databases elsewhere—other than the local server disks—will be of great benefit to you when planning database resources. Remember, too, that the transaction logs should live on a different disk volume than the databases, and you may have to plan for these resources as well—they can grow phenomenally. Finally, we talked about users’ PST files and where to store them. If they’re kept on a server, they can get very large and become a resource problem. If they’re moved to the users’ local hard drive, they’re typically no longer privy to backup—something that might be very problematic. You can solve this problem with Storage Area Network (SAN) technology and Hierarchical Storage Management (HSM) software that takes older, not recently used files and moves them to far-storage such as tape media.
Key Terms Hierarchical Storage Management (HSM) Personal Storage (PST) file Storage Area Network (SAN)
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
503
Review Questions 1. You have a vintage Exchange 5.5 deployment and you’re now trying
to set up Exchange 2000 Server on a new computer. You’ve installed the Exchange ADC and have configured several connection agreements (CAs). For some reason, duplicate entries are showing up for some people in the E2K GAL. Why is this? A. The CA is two-way. B. Two CAs are pointed at one container. C. There is a one-way CA. D. The schedule for multiple CAs isn’t correct. 2. People who are trying to send Internet e-mail to your company are
getting NDRs. A quick check of the Exchange servers reveals that all services are running just fine. Internal users are able to send e-mail out. What could be the problem? Select all that apply. A. Internet Mail Service is stopped. B. Firewall rules have been changed. C. ISP erased the mail server’s MX record. D. Your WINS admin accidentally deleted the e-mail server’s name. 3. Juan is an administrator of an E2K server in El Paso. He wants to
manage some mailboxes that are in an information store for the Los Angeles E2K server but can’t. Why not? A. Juan is not a member of Enterprise Admins. B. Juan is not a member of the administration group responsible for
Los Angeles. C. Juan is not a member of Los Angeles Domain Admins. D. Juan does not have an ACE in the ACL for Los Angeles.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
504
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
4. You receive a call from one of your Exchange administrators. She says
that the Exchange Server service has stopped and the log files say something like “Insufficient space for transaction logs.” What could be the problem? A. The disk on which the transaction log files are being written is out
of space. B. The Information Store is out of disk space. C. PRIV.EDB is out of disk space. D. PUB.EDB is out of disk space. 5. You have many VPN telecommuters who are complaining that they
cannot receive their e-mail from the private network’s e-mail servers. What could be the problem? Select all that apply. A. SMTP virtual back-end services have stopped. B. A back-end server is down. C. The firewall is blocking port 25. D. The users are not correctly authenticated. 6. What is the command line to start the Active Directory Duplicate
Account Cleanup Wizard? A. ADDACW.EXE B. CLEANAD.EXE C. DUPCLN.EXE D. ADCLEAN.EXE
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Review Questions
505
7. You have miserably failed in your Exchange 2000 deployment. The
computer you decided to install E2K on isn’t on the Microsoft Hardware Compatibility List (HCL). The Windows 2000 server you’re testing on isn’t configured correctly and is constantly acting up. You need to back out of your Exchange deployment and move back to the old system—Exchange Server 5.5. Unfortunately, you opted to upgrade your existing Exchange Server 5.5 installation to E2K. How do you perform a backout of this deployment? A. A backout is not possible. You cannot go back. B. Remove E2K and restore the old system from tape. C. Remove E2K using Add/Remove Programs back to Exchange 5.5. D. You should attempt to fix the problem instead of de-installing
the software. 8. When using NSLOOKUP to test the reverse lookup of your
Exchange 2000 Server’s IP address, you do not get a reply. What could be the problem? A. NSLOOKUP isn’t pointed to the authoritative DNS server. B. Reverse lookups are pointing to WINS, which is currently down. C. NSLOOKUP cannot perform name lookups on MX records. D. The DNS server does not have an in-addr.arpa table for reverse
lookups. 9. You have an extraordinarily large Exchange 5.5 information store
(PRIV.EDB) that is just about ready to exhaust all available disk space for the volume it’s on. You want to upgrade to Exchange 2000. How can you continue to use this enormous database? A. Upgrade to E2K, and then move the database to a different volume. B. Upgrade to E2K, and then create new information stores. C. Upgrade to E2K, and then move transaction logs to a different
volume. D. Upgrade to E2K, and leave everything as is. The upgrade com-
presses the database.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
506
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
10. You want to keep an administrator from administering the executive’s
folder in the Big.Company Administrative group. There should be only one or two administrators able to administer the executive’s folder. How do you accomplish this? A. Create a separate administrative group for the executive’s folder. B. Adjust the ACL for the executive’s folder. C. Remove the administrator whom you wish to prohibit access to
the executive’s folder from the Enterprise Admins list. D. Remove the administrator whom you wish to prohibit access to
the executive’s folder from the Exchange Admins list.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
507
Answers to Review Questions 1. B. You have two connection agreements (CAs) pointed at a single
Exchange 5.5 Server container. There is an anomaly where one CA could pick up a vintage account and populate it into a domain controller (DC) that’s different than another CA using the same account and putting it into a different DC. Thus you generate duplicate accounts. 2. B, C. Internet users can’t hit your e-mail server because they can’t
find it. It’s due to the fact that either your internetworking ace has somehow stopped port 25 on the firewall, the ISP has “misplaced” your MX record’s entry, or something similar (perhaps the ISP’s DNS server went down and had to be cycled). 3. B. The most likely cause of this (non-problem) is that Juan isn’t a mem-
ber of the administration group that’s responsible for Los Angeles. That is probably as it should be, because we’re told in the problem that he’s the administrator of the El Paso server. In this case the software isn’t generating a permissions problem, it’s keeping Juan from administering someone else’s mailboxes. 4. A. Each transaction log takes up a little more than 5MB of disk space.
With circular logging turned off (the recommended setting), it won’t take very many months for a disk to fill up with tran-log files. The cure for this is a full or incremental tape-backup scheme where you back up the log files and then delete them off the disk. 5. A, B, D. This could potentially be a difficult problem to troubleshoot,
especially if you have numerous SMTP virtual servers on different computers in a front-end/back-end setup and you’re allowing VPN telecommuters to get their e-mail from home. Check the SMTP virtual servers to make sure they haven’t been stopped for whatever reason. If you can trace all of the users to one server, then you know you’ve got a problem specifically with that server. The firewall blocking port 25 wouldn’t be of importance to you because IIS is handling the user’s request for e-mail from the back-end server. A user not being correctly authenticated would certainly prohibit him from getting his e-mail, but it doesn’t sound like this could be the problem in this particular question, although it’s still worth checking.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
508
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
6. D. When ADCLEAN.EXE is launched by double-clicking it, the program
brings up the Active Directory Duplicate Account Cleanup Wizard for your use. If you call the command from the Start Run dialog box and supply additional command line switches you have the capability of performing specific AD cleanup operations. 7. B. You’ll need to remove Exchange 2000 Server, reboot the server,
and then restore the old installation from tape. 8. A, D. When you fire up NSLOOKUP you need to point it to the DNS
server that’s authoritative for the lookup you’re trying to accomplish. Also, if the in-addr.arpa tables aren’t yet built for your DNS box (something that’s not very likely since they’re automatically built with DCPROMO), you won’t be able to get a reverse hit. While WINS is able to help out on the reverse lookups, the functionality is predicated on the existence of a WINS-R record in DNS. NSLOOKUP can perform reverse lookups on any host in the zone files. 9. A, B. You could install Exchange 2000, then move the database to a
different volume. Alternatively, tπhe most likely scenario is to simply create some new information stores on a different volume somewhere, then move mailboxes over to the new information stores, thus downsizing the database that’s of concern. You could have moved the database to a different volume when it was Exchange 5.5, so this option isn’t really relevant. The transaction logs are definitely something to look at, but, again, you could address this problem while in Exchange 5.5—this isn’t an Exchange 2000 thing. Upgrading to E2K doesn’t compress the database. 10. A, B. Removing the administrator from the Enterprise Admins list
won’t accomplish anything. Removing him from the Exchange Admins list might stop the administrator, unless he was a member of another group that had permissions to the folder. Creating a separate administrative group for the executive’s folder and adjusting the ACL for the executive’s folder make the most sense, though creating the separate administrative group is more work.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Amateur E2K Deployment
509
In this case study you’re a junior admin who gets involved in a case of ready, fire, aim.
Background You’re the network administrator for a smallish network of about 250 nodes. You’ve recently been to a Microsoft seminar where the experts there have demonstrated the new Exchange 2000 product, and you’re very excited about what you saw. You can’t wait to deploy.
Current System The current system consists of seven Windows 2000 computers. Two of the computers are smaller and are strictly running as DCs. Four of the other five computers are member servers and are running file, print, and applications services. The fifth computer is a Pentium III 500 with 256MB of RAM running Exchange 5.5 SP3. The network is in native mode. The 250 users are running a mixture of Windows 9x, Me, NT Workstation, and 2000 Professional. All users are using Office 2000 Professional and Outlook 2000.
Deployment Methodology You’ll perform an in-place upgrade of the Exchange software starting at 5:00 P.M. Friday evening. The whole thing should be over in an hour, and you’ll be home by dinnertime.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
Case Study: The Amateur E2K Deployment
CASE STUDY
510
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
Questions 1. What is the top-most business problem in this case study? A. No formal training on Exchange 2000 B. No project plan C. No management buy-in D. No testing 2. Will a simple upgrade in place work? A. Yes, it will work fine. B. Yes, it will work, but some additional configurations will need to
take place. C. No, it will not work. D. Not enough information is available to make that determination. 3. Suppose that you run into a problem with the upgrade and it fails half-
way through. Since you have no good backout procedure, what will your backout procedure have to consist of? Select all that apply. A. Restore Exchange 5.5 IS and DS from tape. B. Reinstall Exchange 5.5. C. Remove E2K through Add/Remove Programs applet in Control Panel. D. Reinstall E2K. 4. What benefits might you gain from going forward with an E2K
upgrade in a network such as this? Select all that apply. A. It gets rid of an extra protocol on the network. B. It provides high availability and fault tolerance. C. It allows for much easier integration with future Exchange servers. D. Outlook 2000 clients gain enhanced functionality.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Amateur E2K Deployment
511
and put them in order of the way that they should be carried out. Task Order Project Tasks Obtain product training Set up test environment Prepare project plan Back up old Exchange 5.5 IS and DS Obtain management sign-off on project plan Run a test deployment Remove Exchange 5.5 SP3 Document old Exchange server configuration settings Mailbox-enable all users Document Exchange 5.5 groups Communicate to all concerned parties the upgrade information (date, time, etc.) Install Exchange 2000 Test new installation at client computers Validate groups 6. Suppose that in the testing of the new installation on client computers
you find that you cannot connect to the e-mail server. What should you check first? A. IIS services started B. SMTP virtual server started C. DNS entries for server D. Exchange services
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY
5. Looking at the table below, from the right column select project tasks
CASE STUDY ANSWERS
512
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
Answers to Questions 1. B. Everything should get fleshed out in a solid project plan. For
example, in a project plan you would be inclined to submit to peers for input and managers for approval. A manager approving the project plan would tacitly imply that he bought into your idea. If you did not bring up the idea of formal training in the software to be deployed, the manager would undoubtedly ask the question—unless, of course, you snowballed him into thinking it was a piece of cake to install (that never happens!). A good project plan would also include a testing phase and a backout plan. 2. B. This will work, but each user will need to be manually mailbox-
enabled. 3. A, B, C. Though not in the order listed, you will need to remove
Exchange 2000, reinstall Exchange 5.5, and then restore the database from tape. You’ll also want to run ISINTEG when you’re finished with the backout. You won’t be able to reinstall E2K because the database is now in an inconsistent state and won’t be usable. You’ll be in worse trouble than you started with! 4. A, B. By going to Exchange 2000, you move off of Remote Procedure
Call (RPC) and begin to use TCP/IP as the communications protocol. Because the directory is integrated into Active Directory, you provide some modicum of high availability and fault tolerance, though you really need to make sure the information store(s) are protected as well. The case study doesn’t say how fault tolerant the computer is, so information is sketchy here. From a directory standpoint, integration with new Exchange 2000 servers is seamless. Integration from an information store and virtual protocol server standpoint will require some design and planning.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Case Study: The Amateur E2K Deployment
513
now, surely you can think of others. The point of the Microsoft design tests is to get you thinking not as a technician as much as a system designer. System design goes beyond the technical into the pragmatic. How will I accomplish this rollout? How many servers do I need? Who are the people that will help me? Where will this equipment live? These are just some of the questions designers ask. It’s highly recommended, if you haven’t already, to take a good project management class. Understanding solid project management techniques can help you in your quest. See the following chart. Task Order Obtain product training Prepare project plan Obtain management sign-off on project plan Set up test environment Run a test deployment Document old Exchange server configuration settings Document Exchange 5.5 groups Communicate to all concerned parties the upgrade information (date, time, etc.) Back up old Exchange 5.5 IS and DS Remove Exchange 5.5 SP3 Install Exchange 2000 Mailbox-enable all users Validate groups Test new installation at client computers 6. D. Start by checking to make sure the Exchange services are started.
Because you’re upgrading an older computer, the DNS entries should be okay, but check there as well. Finally, take a look at IIS to make sure it’s running.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
CASE STUDY ANSWERS
5. A, B. This might be a good starting list for an E2K deployment, but by
CASE STUDY ANSWERS
514
Chapter 14
Diagnosing and Resolving Miscellaneous Implementation Problems
Wrap-up: Even in smaller shops—think enterprise! That means that just because Microsoft makes it easy to deploy and manage enterprise application software, you shouldn’t assume that a trained chimp can do so and forge ahead with an installation you know nothing about. This constitutes a disaster waiting to happen. Junior admins are more prone to this kind of thing than senior admins (though seniors have had their share of this kind of thing as well). Get some training. Understand the product you’re deploying. Develop a project plan. Establish what-if procedures in your backout plan. Back up servers you’re upgrading. Test before deploying. Test the client component after deploying. Communicate, communicate, communicate.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
516
Glossary
Access Control Entry (ACE) A single Security Identifier (SID) that points to a username, computer, or group entry in the Security Properties sheet of an object, which grants specific permissions to that SID. Access Control List (ACL) A list of ACE’s (see Access Control Entry) in Windows 2000 that is associated with a particular object and that controls individual and group access to that object. Administrators can add entries on a per-properties basis. There are two kinds of ACLs: Discretionary Access Control List (DACL) for permissions purposes and the System Access Control List (SACL) for auditing purposes. Both kinds of ACLs contain an owner SID (user or group) and a primary SID (for POSIX compliance.) For more information see Security Identifier (SID). access token An object containing the security identifier (SID) of a running process. A process started by another process inherits the starting process’s access token. The access token is checked against each object’s access control list (ACL) to determine whether or not appropriate permissions are granted to perform any requested service. account lockout policy A Windows 2000 policy used to specify how many invalid logon attempts should be tolerated before a user account is locked out. Account lockout policies are set through account policies. account policies Windows 2000 policies used to determine password and logon requirements. Account policies are set through the Microsoft Management Console (MMC) Local Computer Policy snap-in. ACE
See Access Control Entry.
ACL
See Access Control List.
Active Directory A directory service available with the Windows 2000 Server platform. Active Directory stores information about network resources in a central database and makes this information available to users that have a single user account (called a domain user account or Active Directory user account) on the network. Active Directory Connector (ADC) A connector supplied with Exchange 2000 Server for the purpose of replicating directory information between Exchange 5.5 systems and Active Directory services for the purposes of interoperating between Exchange 5.5 and Exchange 2000 systems. There’s an ADC that comes with Windows 2000, but in Exchange 2000 installations you should plan on using the ADC that comes with Exchange 2000.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
517
Active Directory user account A user account that is stored in the Windows 2000 Server Active Directory’s central database. An Active Directory user account provides a user with permissioned access to all network resources. Also called a domain user account. Active/Active Cluster A cluster in which all cluster nodes are actively involved with client traffic. Failovers in an active/active cluster are much quicker than in Active/Passive clusters. In active/active clusters, each active node in the cluster is busy doing something (such as managing storage groups one node isn’t simply waiting for the other to failover. Active/Passive (Active/Inactive) Cluster A cluster in which only one node is actively involved with client traffic. Failovers in an active/passive cluster occur much more slowly than in Active/Active clusters. adapter Any hardware device that allows communications to occur through physically dissimilar systems. This term usually refers to peripheral cards that are permanently mounted inside computers and provide an interface from the computer’s bus to another medium such as a hard disk or a network. ADC
See Active Directory Connector.
Address pool The range of IP addresses that the DHCP server can actually assign. Addressing component A portion of the Internet Connection Sharing or Network Address Translation services that assigns IP addresses to clients; takes the place of a DHCP server. Administrative Group(s) A logical Exchange 2000 consideration, Administrative groups are created to group together servers under one administrative context. Compare with routing groups. Administrator account A Windows 2000 special account that has the ultimate set of security permissions and can assign any permission to any user or group. Administrators group A Windows 2000 built-in group that consists of administrative accounts. Advanced Queuing Engine An Exchange 2000 component that queues messages for each destination and manages those queues.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
518
Glossary
AH
See Authentication header.
AIA
See Authority information access point.
alert A system-monitoring feature that is generated when a specific counter exceeds or falls below a specified value. Through the Performance Logs and Alerts utility, administrators can configure alerts so that a message is sent, a program is run, or a more detailed log file is generated. Anonymous Logon group A Windows 2000 special group that includes users who access the computer through anonymous logons. Anonymous logons occur when users gain access through special accounts, such as the IUSR_computername and TsInternetUser user accounts. application layer The seventh (top) layer of the Open Systems Interconnection (OSI) model that interfaces with application programs by providing high-level network services based on lower-level network layers. Application log A log that tracks those events that are related to applications running on the computer. The Application log can be viewed in the Event Viewer utility. area A contiguous group of network resources that contains one or more physical subnets. area border router
A special OSPF router that connects adjacent areas.
area router An OSPF router that is restricted to routing traffic between machines inside a single area. audit policy A Windows 2000 policy that tracks the success or failure of specified security events. Audit policies are set through Local Computer Policy. Authenticated Users group A Windows 2000 special group that includes users who access the Windows 2000 operating system through a valid username and password. authentication The process required to log on to a computer locally. Authentication requires a valid username and a password that exists in the local accounts database. An access token will be created if the information presented matches the account in the database. Authentication header (AH) each packet.
Used to digitally sign the entire contents of
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
519
Authority information access point (AIA) A list of locations where users can get the CA’s certificate and authentication information. Auto-static update mode RIP update mode in which the RIP router only broadcasts the contents of its routing table when a peer router asks for it (see also periodic update mode). backbone Connects all OSPF areas allowing any router in the AS (area) to connect to any other AS; this can be accomplished with tunnels. back-end server A message store server that resides in the internal network and communicates with a front-end server on the DMZ. Berkeley Internet Name Domain (or Daemon) (BIND) The original DNS implementation used to resolve host names to IP addresses, which thus replaced the need for static hosts tables.
See Border Gateway Protocol.
BGP BIND
See Berkeley Internet Name Domain.
binding The process of linking together software components, such as network protocols and network adapters. Border Gateway Protocol (BGP) An Internet routing protocol that allows groups of routers in autonomous systems to share routing information. border routing
The passing of packets from one internetwork to another.
bridgehead server An Exchange 2000 server that acts as the primary response server for a routing group connected to other routing groups in an Exchange organization. CA
See Certificate authority.
CA
See Connection Agreement.
cc:Mail, Lotus cc:Mail A messaging system originally invented by DaVinci Corporation and now owned by Lotus. CDP
See CRL distribution point.
certificate The code exchanged to allow for encrypted information interchange. Each party has its own certificate identifying (uniquely) the party sending or receiving information.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
520
Glossary
Certificate Authority (CA) A trusted third-party organization or business that issues digital certificates which are used to create digital signatures and public/private key pairs for the purposes of data encryption and decryption. A CA can be used in conjunction with Exchange 2000 Server’s Key Management Service to provide a method whereby e-mail is digitally encrypted before being sent to a recipient. Certificate hierarchy A stack of CAs. Each CA has a parent in the hierarchy that has issued the child its CA certificate. Eventually, this works up to a root CA, which has no parent. Certificate Revocation List (CRL) A list of certificates that have been revoked for some reason, such as expiration. Each CA builds and maintains its own CRL. Certificate Server (CS) A Windows 2000 Server that is responsible for issuing digital certificates and public key pairs for the purposes of data encryption and decryption. A CS server can be used in conjunction with Exchange 2000 Server’s Key Management Service to provide a method whereby e-mail is digitally encrypted before sending to a recipient. Certificate store Certificate storage that holds foreign CA certificates; this allows the clients to trust any certificate in the store without requiring a common root. Certificate Trust List (CTL) A certificate list that lets PKI administrators tell PKI clients to trust certificates issues by a particular set of CAs. The CTL information is stored in Active Directory. Challenge Handshake Authentication Protocol (CHAP) Remote access authentication protocol that uses encrypted challenge and response messages instead of sending passwords and user names in plain text. CHAP
See Challenge Handshake Authentication Protocol.
CIPHER A command-line utility that can be used to encrypt files on NTFS volumes. cipher text Encrypted data. Encryption is the process of translating data into code that is not easily accessible. Once data has been encrypted, a user must have a password or key to decrypt the data. Unencrypted data is known as plain text.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
CIR
See Committed Information Rate.
Cluster Node CMS
521
One computer in a cluster server implementation.
See Conference Management Service.
Committed Information Rate (CIR) In a Frame Relay service, the specified amount of guaranteed bandwidth. When data flow rises above the CIR, all packets above are considered to be discard-eligible. Computer Management A consolidated tool for performing common Windows 2000 management tasks. The interface is organized into three main areas of management: System Tools, Storage, and Services and Applications. computer name A NetBIOS name used to uniquely identify a computer on the network. A computer name can be from 1 to 15 characters in length. Conference Management Service (CMS) The Exchange 2000 service that manages meetings and the conferencing topology. Connection Agreement (CA) Used by the Exchange Active Directory Connector (ADC), a Connection Agreement is an Exchange 2000 program that provides for replication between Exchange 5.5 servers and Active Directory Services. You can specify whether to have a one-way or two-way CA, which objects are to be replicated, and what schedule will be used in the replication. connectionless service A type of connection service that does not establish a session (path) before transmission. This type of communication is fast, but it is not very reliable. connection-oriented service A type of connection service in which a connection (a path) is established and acknowledgments are sent. This type of communication is reliable but has a high overhead. connection-specific DNS suffix The DNS suffix is added to resolver requests on a particular connection. Allows the proper lookup of an unqualified name. connector An Exchange communications component that allows information to flow between two systems.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
522
Glossary
convergence In Windows 2000 Network Load Balancing (NLB), when an ailing server is taken offline, the NLB software performs a function called convergence in order to continue providing service to clients. Convergence requires that all decisions be deigned to a default host, the server that has the highest priority in the NLB cluster. convergence time The time it takes a change from any RIP router to propagate to all other routers in the internetwork. counter A performance-measuring tool used to track specific information regarding a system resource, called a performance object. All Windows 2000 system resources are tracked as performance objects, such as Cache, Memory, Paging File, Process, and Processor. Each performance object has an associated set of counters. Counters are set through the System Monitor utility. CRC
See Cyclic Redundancy Check.
CRL
See Certificate revocation list.
CRL distribution point client or server access. CS
List of locations where CRLs are published for
See Certificate Server. See Certificate Trust List.
CTL
Cyclic Redundancy Check (CRC) Helps the network determine whether or not a packet has been damaged in transmission. DACL
See Access Control List.
data encryption
See encryption.
data-link layer In the Open Systems Interconnection (OSI) model, the layer that provides the digital interconnection of network devices and the software that directly operates these devices, such as network adapters. database verification Allows you to adjust the interval at which the consistency and integrity of a WINS or DHCP database is verified. DC
See Domain Controller.
default gateway A TCP/IP configuration option that specifies the gateway (router’s address) that will be used if the destination address is outside of the local network.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
523
default host A server with the highest priority in a Network Load Balancing (NLB) installation. Default response rule IP filtering rule that governs what the IP filtering stack does when no other more explicit filter rule applies. default route The route packets take when there is no explicit route; if a router encounters a packet bound for some remote network whose route cannot be resolved in the routing table, it takes the default route. delegated domain The name of the domain for which you want to delegate authority to another DNS server. delegation 1) In Kerberos v5, when a client submits a valid service ticket, the ticket can be used by a server in accessing another server’s services; 2) In Exchange administration, delegation occurs when administrative permissions are given to another administrative group. At the Windows 2000 level, the Delegation Wizard can be used for directory level delegation. The Exchange System Manager can be used for Exchange object delegation; 3) In e-mail clients, when a client can delegate permission to manage the mailbox to another representative. Demand-dial interface A network interface that routes packets over a connection that’s established only when there is traffic to pass over it. These interfaces are usually built with dial-up connections. Demand-dial routing Allows the use of an impermanent connection, like an analog modem or ISDN, to imitate a dedicated Internet connection. Demilitarized Zone (DMZ) A network that a company maintains between the company’s private network and the Internet. Typically, DMZ networks contain Web servers and computers that help support the Web environment (such as proxy servers or firewalls). Also called a screened subnet. device driver Software that allows a specific piece of hardware to communicate with the Windows 2000 operating system. DHCP
See Dynamic Host Configuration Protocol.
DHCP authorization The process of enabling a DHCP server to lease addresses by registering the server in Active Directory.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
524
Glossary
DHCP discover message Message broadcast by a DHCP client that’s looking for a nearby DHCP server; the discover message contains the hardware MAC address and NetBIOS name of the client, which the server can use to direct the request. DHCP integration Feature that allows you to pass out addresses to DHCP clients while still maintaining the integrity of your DNS services. DHCP lease request Request sent by a DHCP client for assignment of an IP address (and related parameters) from a DHCP server. DHCP relay agent To enable DHCP on a multisegment network, you can use a DHCP relay agent or proxy to forward requests. DHCP server A server configured to provide DHCP clients with all of their IP configuration information automatically. DHCPACK An acknowledgment message sent by the DHCP server to the client after the server marks the selected IP address as leased. DHCPNACK A negative acknowledgment sent by the DHCP server to the client. This generally occurs when the client is attempting to renew a lease for its old IP address after it has been reassigned. dialing rules Rules that allow you to tell Dial-Up Networking what country and region you’re in so that it knows to add the appropriate longdistance codes, area codes, and calling card numbers when it’s dialing. Dialup group A Windows 2000 special group that includes users who log on to the network from a dial-up connection. Dial-Up Networking (DUN) A service that allows remote users to dial into the network or the Internet (such as through a telephone or an ISDN connection). Diffie-Hellman Whitfield Diffie and Martin Hellman developed the original public-key cryptography algorithm in 1976. The algorithm was subsequently picked up by RSA (Rivest/Shamir/Adelson, the names of the three that founded the company) Security Corporation and has been utilized by major software vendors ever since. On September 20, 2000 the cryptography algorithm entered the public domain.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
DIMMs
525
See Dual In-Line Memory Modules (DIMMs).
Directory Access Cache (DSAcess) An Exchange 2000 capability that allows for the caching of frequently requested directory lookups, the purpose of which is to offload global catalog servers from repetitive and intensive operations. directory replication The process of copying a directory structure from an export computer to an import computer(s). Any time changes are made to the export computer, the import computer(s) is automatically updated with the changes. Directory Store The database in a legacy Exchange server system that contains the directory structure. Directory Synchronization (dirsync) The act of updating a list of mailbox users with a different messaging server’s list. The first server provides any changes it has to its user list to a second server that, in turn, provides its updates to the first. Dirsync can take place across numerous different messaging platforms. In Exchange lingo, this process is called directory replication instead of directory synchronization. dirsync
See Directory Synchronization.
Discretionary Access Control List (DACL) Disk Management and volumes.
See Access Control List.
A Windows 2000 graphical tool for managing disks
dismount In Exchange Server, the act of stopping a particular information store. D-Mark (Also “Demarc”) The point at which a carrier or telecommunications provider delivers service to a customer. Also called a demarcation point. DNS
See Domain Name Service.
DNS server A server that uses DNS to resolve domain or host names to IP addresses.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
526
Glossary
domain 1) When working with DNS, the domain is the organization that owns the network address, coupled with its organizational delimiter (.com, .org, etc.); 2) When working with Windows NT or Windows 2000, a domain is a logical grouping of servers that share a unique domain name and a common directory and security structure as well as a replication boundary; 3) When working with Exchange 2000 Instant Messaging (IM), a domain is collection of IM accounts that are known by an IM router. Domain Controller (DC) A Windows 2000 Server responsible for managing user logon, authentication, and commensurate access to resources. Windows 2000 DCs contain a replica of their own domain-naming context in addition to a replica of the configuration and schema data. The Active Directory is stored on domain controllers. domain name The textual identifier of a specific Internet host. Domain names are in the form of server organization type (www.microsoft.com) and are resolved to Internet addresses by DNS servers. domain name server An Internet host dedicated to the function of translating fully qualified domain names into IP addresses. Domain Name Service (DNS) A hierarchical naming system originally used for Internet site naming, but now utilized in Windows 2000 deployments as well. The DNS system starts with top level domain such as .com, .org and so forth, and is followed by one or more second-level business or organization domains, and then possibly by third level subdomains. DNS is used to match friendly names to IP addresses or vice versa. domain-tree(s)
See tree.
Domino, Lotus Domino A messaging system invented by Lotus that allows for the integration of applications, messaging, and the Web. DS
See Directory Store.
DSAccess
See Directory Access Cache (DSCache).
Dual In-Line Memory Modules (DIMMs) Small circuit boards that carry memory integrated circuits. In contrast to single-in-line memory modules (SIMM), DIMMs have signal and power pins on both sides of the board.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
DUN
527
See Dial-Up Networking.
Dynamic DNS Allows Windows 2000 clients to update host information in the DNS database files automatically. Dynamic Host Configuration Protocol (DHCP) A method of automatically assigning IP addresses to client computers on a network. Dynamic routing Can discover its surroundings by finding and communicating with other nearby routers. EAP
See Extensible Authentication Protocol.
EAP type EFS
Authentication scheme supported in EAP.
1) See Encrypting File System; 2) See Exchange File System.
Encapsulating Security Payload (ESP) Used to encrypt the entire payload of an IPSec packet, rendering it undecipherable by anyone other than the intended recipient. It provides confidentiality only. encapsulation A process where the client takes a packet with some kind of “forbidden” content, wraps it inside an IP datagram, and sends it to the server. Encrypting File System (EFS) The Windows 2000 technology used to store encrypted files on NTFS partitions. Encrypted files add an extra layer of security to the file system. encryption The process of translating data into code that is not easily accessible to increase security. Once data has been encrypted, a user must have a password or key to decrypt the data. End-to-end mode When you use IPSec to encrypt or authenticate connections between two machines, network traffic is protected before it leaves the originating machine, and it remains secured until the receiving machine gets it and decrypts it. ESE ESM ESP
See Extensible Storage Engine. See Exchange System Manager. See Encapsulating Security Payload.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
528
Glossary
Ethernet The most popular data link layer standard for local area networking. Ethernet implements the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) method of arbitrating multiple computer access to the same network. This standard supports the use of Ethernet over any type of media, including wireless broadcast. Standard Ethernet operates as 10Mbps. Fast Ethernet operates at 100Mbps. Event Viewer A Windows 2000 utility that tracks information about the computer’s hardware and software, as well as security events. This information is stored in three log files: the Application log, the Security log, and the System log. Everyone group A Windows 2000 special group that includes anyone who could possibly access the computer. The Everyone group includes all of the users (including Guests) who have been defined on the computer. Exchange File System
See Installable File System.
Exchange Installable File System
See Installable File System.
Exchange Interprocess Communication Layer (EXIPC) In Exchange 2000, a queuing layer that allows Internet Information Services (IIS) and information store processes such as inetinfo.exe and store.exe to exchange data with one another quickly and efficiently. Some people pronounce this term as “Epoxy.” Exchange System Manager (ESM) managing Exchange 2000 servers.
The administrative interface used for
Exchange Virtual Server (EVS) An Exchange 2000 server installation that is created on a cluster server. exclusion Any IP addresses within the scope range that you never want the DHCP server to automatically assign. EXIFS
See Exchange Installable File System.
EXIPC
See Exchange Interprocess (EXIPC).
Exit module Contains the rules that specify where and how a newly issued certificate is published.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
529
Extensible Authentication Protocol A protocol that allows third parties to write modules that implement new authentication methods and retrofit them to fielded servers. eXtensible Markup Language (XML) A Internet programming language designed to facilitate the easy interchange of Web documents. Extensible Storage Engine (ESE) The software module in Exchange 2000 that allows for the management of a storage group transaction log and associated stores. There is one ESE instance per storage group. extinction In reference to WINS, the Extinction interval (four days by default) controls how long a released WINS record will remain marked as “released” before it’s marked as “extinct.” The extinction timeout, set to six days by default, controls how long an extinct record may remain in the database before it’s removed. extranet An intranet that is accessible by outsiders. Typically, it includes some kind of authentication to verify that the person trying to access the network is actually who they say they are. failback Once a node is fixed after a failover, a failback operation can occur to make the failed node the active node in the cluster again. failover In a cluster server environment, when a node fails and the backup node takes its place, a failover is said to have occurred. Conversely, when the node is fixed and back on line, a failback occurs. Failure Audit event An Event Viewer event that indicates the occurrence of an event that has been audited for failure, such a failed logon when someone presents an invalid username and/or password. fault tolerance The ability of a device or system to continue operating even if a crucial part or component fails. fibre channel (also fibrechannel, fiber channel and fiberchannel) A serial data transfer method developed by a consortium of mass storage manufacturers and standardized by American National Standards Institute (ANSI). File Transfer Protocol (FTP) A simple Internet protocol that transfers complete files from an FTP server to a client running the FTP client. FTP provides a simple, no-overhead method of transferring files between computers but cannot perform browsing functions. Users must know the URL of the FTP server to which they wish to attach.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
530
Glossary
Filter action Dictates which action should be taken when a security filter match occurs. Filter list Groups of individual filters that allow you to easily build rules that enforce complicated behavior, then distribute those rules throughout your network as necessary. filtering
Blocking incoming or outgoing data on a specific port of a firewall.
Firewall Topology Module (FTM) The Exchange 2000 Instant Messaging component that maintains information about each Instant Messaging server, regardless of whether it is inside or outside the network firewall. It also maintains information about accepted methods for getting through the firewall. forest A group of Windows 2000 domains and domain-trees that don’t share a contiguous namespace. The forest root domain is at the top of the hierarchy. Forward lookup zone A name-to-address database that helps computers translate DNS names into IP addresses and provides information about available resources. frame A data structure that network hardware devices use to transmit data between computers. Frames consist of the addresses of the sending and receiving computers, size information, and a checksum. Frames are envelopes around packets of data that allow the packets to be addressed to specific computers on a shared media network. Frame relay A packet-switching protocol designed to connect LANs together into a WAN. Provides reliable connectionless delivery of information in the form of packets sent from source to target. frame type An option that specifies how data is packaged for transmission over the network. This option must be configured to run the NWLink IPX/ SPX/NetBIOS Compatible Transport protocol on a Windows 2000 computer. By default, the frame type is set to Auto Detect, which will attempt to automatically choose a compatible frame type for the network. free times/busy times The free and busy times that appear on the calendars of all mailboxes in the E2K system.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
531
front-end server An Exchange 2000 server configured to act as a entry point for mailbox owners. The mailbox owner is then directed to his or her mailbox on a back-end server. The front-end/back-end paradigm is excellent for administrators of large Exchange 2000 sites because it allows for the capability of moving stores to different servers without having to first move them in Exchange. Front-end servers handle Internet protocols. FTM
See Firewall Topology Module.
FTP
See File Transfer Protocol.
GAL
See Global Address List.
gateway A Microsoft Mail for PC Networks component, this term is basically the same thing as an Exchange connector. An MS Mail gateway is a communications component that allows MS Mail to communicate with foreign e-mail systems. GC
See Global Catalog.
GLITCH-RETRY In Exchange 2000 bridgehead servers, an SMTP command that alerts the bridgehead of an error receiving data on the other end of the communications connection. Global Address List (GAL) The GAL comprises all of an organization’s conferencing resources, contacts, groups, public folders and users—this list contains all of the Exchange organization’s recipients. The Exchange 2000 GAL is stored on a Global Catalog (GC) server. Global Catalog (GC) A Windows 2000 domain controller that contains the following information: a partial, read-only replica of every domain directory partition in the forest; a full replica (that can be written to) of its own domain directory partition and the schema and configuration directory partitions; a replica of every object in Active Directory. (But you should remember that each object includes a limited number of its attributes: those attributes in the global catalog that are most frequently used in search operations—such as a user’s first and last names—and those attributes that are required to locate a full replica of the object.) Grandfather-Father-Son (GFS) A media rotation scheme for tape backup operations.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
532
Glossary
Group Policy Object (GPO) A collection of settings for a given Windows 2000 group. GPOs are generated with a Group Policy snap-in in Windows 2000. The GPO is the group policy container and contains a group policy template which controls the settings on computers where the policy has been successfully applied. groups Security entities to which users can be assigned membership for the purpose of applying the broad set of group permissions to the user. By managing permissions for groups and assigning users to groups, rather than assigning permissions to users, administrators can more easily manage security. Guest account A Windows 2000 user account created to provide a mechanism to allow users to access the computer even if they do not have a unique username and password. This account normally has very limited privileges on the computer. This account is disabled by default. Guests group A Windows 2000 built-in group that has limited access to the computer. This group can access only specific areas. Most administrators do not allow Guest account access because it poses a potential security risk. H.323 An International Telecommunications Union (ITU) standard that describes how audio and video data can be transmitted across a network. Hierarchical Storage Management (HSM) An archival system in which data that has passed a certain date deadline is archived to an alternative medium such as tape. It’s kept available so that if a user requests the data it can be retrieved albeit more slowly than if it were retrieved from disk. All the top backup software manufacturers offer some sort of HSM software. HSM has been available in mainframe systems for years. H-Node A name-resolution method typically given out to PCs on a network supporting NetBIOS by a DHCP server. An h-node client will first try to resolve a name through WINS, then through a broadcast, next through the local LMHosts file (which may contain a pointer to other LMHosts files), and finally through DNS. host record Associates a host’s name to its IP addresses. Also known as an address or A record. host route Provides a route to a single system; normally used when you want to direct traffic to remote networks through a particular machine.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
HTML
See Hypertext Markup Language.
HTTP
See Hypertext Transfer Protocol.
HTTP digest
533
See Hypertext Transfer Protocol Digest.
Hypertext Markup Language (HTML) A textual data format that identifies sections of a document such as headers, lists, hypertext links, and so on. HTML is the data format used on the World Wide Web for the publication of Web pages. Hypertext Transfer Protocol (HTTP) A protocol used on the Internet to provide Internet browsers with a way to access Web pages and Web servers with a way to provide the document to the requestor. The word hypertext in the definition connotes the ability to retrieve various multimedia files such as audio or video images within the Web page. Hypertext Transfer Protocol (HTTP) Digest Similar to the NTLM method of authentication in the Windows 2000 system, the HTTP Digest method authenticates a user via a Windows password and a series of challenges and responses across HTTP. Currently only utilized with nonExchange-2000 Instant Messaging clients. See RFC2671 for more detail. Iasparse A utility (included in the Windows 2000 Resource Kit) that will digest an RRAS log, in IAS or database formats, and then produce a readable summary.
See Internet Control Messaging Protocol.
ICMP ICS
See Internet Connection Sharing.
IDF
See Intermediate Data Facility. See Institute of Electrical and Electronic Engineers.
IEEE
See Internet Group Management Protocol.
IGMP IIS
See Internet Information Services.
IM
See Instant Messaging.
IMAP4 IMS
See Internet Message Access Protocol version 4.
See Internet Mail Service.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
534
Glossary
Inbound port mapping work should be routed.
Controls where requests from outside your net-
Information event An Event Viewer event that informs you that a specific action has occurred, such as when a system shuts down or starts. Information Store The combination of the directory and mailbox databases, the public and private folders, and log files of a legacy Exchange server system. inherited permissions Parent folder permissions that are applied to (or inherited by) files and subfolders of the parent folder. In Windows 2000 Professional, the default is for parent folder permissions to be applied to any files or subfolders in that folder. initial user account The account that uses the name of the registered user and is created only if the computer is installed as a member of a workgroup (not into the Active Directory). By default, the initial user is a member of the Administrators group. Installable File System (IFS) A component of the Microsoft Web Storage System that provides for the integration of Exchange 2000 and the Windows file system. The IFS creates the M: drive on an Exchange 2000 server and allows for Microsoft Win32 API access as well as file access through a conventional share. Users with appropriate permissions can then access data in the Web storage system. Instant Messaging (IM) The ability of one Exchange 2000 user to communicate with another in an immediate interactive environment. Instant Messaging home server An IM server hosts the names of IM users, though the list it contains may not be the complete list. See Instant Messaging router for more details. Instant Messaging router The primary contact point in the Exchange organization for all IM users. A person using IM and trying to connect to another IM user would first pass through the IM router, then be forwarded to the IM home server for the target user. Institute of Electrical and Electronic Engineers (IEEE) A professional organization that defines standards related to networks, communications, and other areas.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
535
Integrated Services Digital Network (ISDN) An international standard designed to send voice, data, and video data over conventional digital or analog phone lines. There are two flavors of ISDN: Basic Rate ISDN (BRI), which provides for one data (d) channel and two bearer (b) channels and Primary Rate Interface (PRI), which provides for up to 64 b channels. Interactive group A Windows 2000 special group that includes all the users who use the computer’s resources locally. interactive logon A logon when the user logs on from the computer where the user account is stored on the computer’s local database. Also called a local logon. interactive user A user who physically logs on to the computer where the user account resides (rather than over the network). Intermediate Data Facility (IDF) A cabling/patch panel/switch/hub closet that is apart from the central closet. internal network number An identification for NetWare file servers. An internal network number is also used if the network is running File and Print Services for NetWare or is using IPX routing. This option must be configured to run the NWLink IPX/SPX/NetBIOS Compatible Transport protocol on a Windows 2000 computer. Normally, the internal network number should be left at its default setting. internal routing Term that refers to the process of moving packets around on your own internetwork. Internet Connection Sharing (ICS) A Windows 2000 feature that allows a small network to be connected to the Internet through a single connection. The computer that dials into the Internet provides network address translation, addressing, and name resolution services for all of the computers on the network. Through Internet connection sharing, the other computers on the network can access Internet resources and use Internet applications, such as Internet Explorer and Outlook Express. Internet Control Messaging Protocol (ICMP) Protocol designed to pass control and status information between TCP/IP devices. Internet Explorer A World Wide Web browser produced by Microsoft and included with Windows 9x, Windows NT 4, and now Windows 2000.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
536
Glossary
Internet Group Management Protocol (IGMP) A TCP/IP standard (RFC 1112) that details the routing of multicast traffic over the Internet. Internet Information Services (IIS) Software that serves Internet higherlevel protocols like HTTP and FTP to clients using Web browsers. The IIS software that is installed on a Windows 2000 Server computer is a fully functional Web server and is designed to support heavy Internet usage. Internet Mail Service (IMS) The Exchange Server 5.5 service responsible for handling SMTP and other Internet e-mail. Called Internet Mail Connector (IMC) in versions earlier than Exchange 5.x. Internet Message Access Protocol version 4 (IMAP4) Like Post Office Protocol version 3 (POP3), IMAP4 allows remote users to access messaging servers and download messages. Modifications to IMAP4 that make it more powerful than POP3 include the ability to search for key words while the messages stay on the server and access to public folders. Internet Protocol (IP) The network layer protocol upon which the Internet is based. IP provides a simple connectionless packet exchange. Other protocols such as TCP use IP to perform their connection-oriented (or guaranteed delivery) services. Internet Service Provider (ISP) A company that provides dial-up connections to the Internet. Internet Services Manager A Windows 2000 utility used to configure the protocols that are used by Internet Information Services (IIS) and Personal Web Services (PWS). internetwork A logical collection of several physically connected networks made up of multiple network segments that are connected with some device, such as a router. Each network segment is assigned a network address. Network layer protocols build routing tables that are used to route packets through the network in the most efficient manner. The Internet is the best-known internetwork. InterNIC
The agency that is responsible for assigning IP addresses.
intranet
A privately owned network based on the TCP/IP protocol suite.
IP
See Internet Protocol.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
537
IP address A four-byte number that uniquely identifies a computer on an IP internetwork. InterNIC assigns the first bytes of Internet IP addresses and administers them in hierarchies. Huge organizations like the government or top-level ISPs have class A addresses, large organizations and most ISPs have class B addresses, and small companies have class C addresses. In a class A address, InterNIC assigns the first byte, and the owning organization assigns the remaining three bytes. In a class B address, InterNIC or the higher-level ISP assigns the first two bytes, and the organization assigns the remaining two bytes. In a class C address, InterNIC or the higher-level ISP assigns the first three bytes, and the organization assigns the remaining byte. Organizations not attached to the Internet are free to assign IP addresses as they please. IP datagram The structure that enables a client and server to transfer other types of network traffic. (The data is wrapped inside an IP datagram.) IP Security Extensions (IPSec) A process that makes it possible to transfer sensitive information to other hosts across the Internet without fear of compromise. IPSec provides authentication and encryption for transmitted data. ipconfig
A command used to display the computer’s IP configuration.
ipconfig tool Command-line tool provided by Windows 2000 used to configure, and to see the configuration of, TCP/IP interfaces on your local machine. IPSec
See IP Security Extensions.
IPSec client The computer that attempts to establish a connection to another machine. See also IPSec server. IPSec Policy Agent A service running on a Windows 2000 machine that connects to an Active Directory server and fetches the IPSec policy and then passes it to the IPSec code. IPSec server
The target of an IPSec client’s attempts.
IPSec tunnel
See tunnel mode.
IS
See Information Store.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
538
Glossary
IsAlive A Windows 2000 Cluster Service mechanism that checks to see if a node in a cluster is functional. If the service is non-functional then that directly affects the resource group and a failover occurs to the secondary node. See LooksAlive.
See Integrated Services Digital Network.
ISDN ISP
See Internet Service Provider.
KDC
See Key Distribution Center.
Kerberos
A standard mechanism for authenticating a user or system.
Key Distribution Center (KDC) A Windows 2000 Domain Controller (DC) server that functions as a Ticket Granting Service (TGS) for Kerberos v5 authentication. Key Management Service (KMS) The Exchange 2000 Server service responsible for managing the public and private key pairs used in the digital encryption of e-mail documents. key pair A public-key encryption term, a key pair is the combination of the public and private key in a cryptographic session. KMS
See Key Management Service.
L2TP
See Layer 2 Tunneling Protocol.
layer Part of the OSI model, for which there are defined roles during data communication. Layer 2 Tunneling Protocol (L2TP) An extension of the PPP protocol, enabling the implementation of VPNs, either through ISPs or private networks. The protocol is a combination of the best of Microsoft’s PPTP and Cisco’s Layer 2 Forwarding. LDAP
See Lightweight Directory Access Protocol.
lease The offer of service provided by a DHCP server to a client upon successful negotiation. Lightweight Directory Access Protocol (LDAP) A hierarchically based directory access method utilizing a subset of the X.500 standards and allowing for the retrieval of information such as a username or an e-mail address.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
539
Link-state Algorithm (LSA) An algorithm developed to determine the status of other routers on a network. Used in Exchange 2000 to determine the status of bridgehead servers in the organization. LLC sublayer
See Logical Link Control sublayer.
LMHOSTS file A file that consists of NETBios computer name–to–IP address mappings. Used in name resolution if the broadcast doesn’t generate a useful answer. Local Area Network (LAN) A group of computers connected together by a common topology. LANs are isolated to a single building or very closely connected group of buildings. Local Computer Policy A Microsoft Management Console (MMC) snapin used to implement account policies. Local group A group that is stored on the local computer’s accounts database. These are the groups that administrators can add users to and manage directly on a Windows 2000 Professional computer. Local Group Policy A Microsoft Management Console (MMC) snap-in used to implement local group policies, which include computer configuration policies and user configuration policies. local logon A logon when the user logs on from the computer where the user account is stored on the computer’s local database. Also called an interactive logon. local policies Policies that allow administrators to control what a user can do after logging on. Local policies include audit policies, security option policies, and user rights policies. These policies are set through Local Computer Policy. local security Security that governs a local or interactive user’s ability to access locally stored files. Local security can be set through NTFS permissions. local user account A user account stored locally in the user accounts database of a computer that is running Windows 2000 Professional. local user profile A profile created the first time a user logs on, stored in the Documents and Settings folder. The default user profile folder’s name matches the user’s logon name. This folder contains a file called NTUSER.DAT and subfolders with directory links to the user’s Desktop items.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
540
Glossary
Local Users and Groups A utility that is used to create and manage local user and group accounts on Windows 2000 Professional computers and Windows 2000 member servers. locale settings Settings for regional items, including numbers, currency, time, date, and input locales. Logical Link Control (LLC) sublayer A sublayer in the data link layer of the Open Systems Interconnection (OSI) model. The LLC sublayer defines flow control. logical port A port that connects a device directly to the network. Logical ports are used with printers by installing a network card in the printer. Logical ports are also used to offer VPN services to remote callers. LooksAlive A Windows 2000 Cluster Service mechanism that checks to see if a node in a cluster appears as though it is functional. If non-functional then a resource group is affected and a failover to a secondary node occurs. See IsAlive. LSA
See Link-State Algorithm.
MAC (media access control) address The physical address that identifies a computer. Ethernet and Token Ring cards have the MAC address assigned through a chip on the network adapter card. Machine certificates of people. MacMail MADCAP
Digital certificates issued to machines instead
See Microsoft Mail for AppleTalk Networks. See Multicast Address Client Access Protocol.
Mail Exchanger (MX) e-mail servers.
A DNS record used to point inbound mail to
Mailbox-enabled An Active Directory object that is associated with a mailbox and able to send or receive e-mail. Provides for storage space in the E2K system. Mail-enabled An Active Directory object that is associated with an e-mail address but which does not have a mailbox (does not have storage space in the E2K system) and thus cannot send or receive e-mail but can be
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
541
sent e-mail. Legacy Exchange custom recipients are changed to Mailenabled contact at Exchange 2000 upgrade time. Think of this as a custom recipient combined with an NT account. The presumption is that the objects’s mailbox resides elsewhere than Exchange 2000. Main Data Facility (MDF) The central closet or room in which the core of the network runs. Servers, core switches, routers, and other centralized gear are typically located in the MDF. All IDF cable runs home to the MDF. MAPI
See Message Application Programming Interface (MAPI).
MAPI-enabled
A client that’s able to utilize the MAPI protocol.
MCU
See Multipoint Control Unit.
MDF
See Main Data Facility.
member server A Windows 2000 server that has been installed as a nondomain controller. This allows the server to operate as a file, print, and application server without the overhead of account administration. Message Categorizer An Exchange 2000 software component that handles several functions: expands group lists; resolves names in the directory service; marks recipients it cannot find in the directory service as “unknown”; applies sender limits; and separates (bifurcates) messages in the event that message properties are different for different recipients. Message Transfer Agent (MTA) The Exchange 5.5 component that’s responsible for routing messages. Depending on where the message is destined for, the MTA may route the message to another MTA, to an information store, to an Exchange connector, or to some kind of third-party gateway. In E2K, the MTA is only responsible for handling X.400 mail; the routing service runs a routing engine which uses advanced queuing mechanisms to route nonX.400 e-mail. Messaging Application Programming Interface (MAPI) A messaging applications programming standard and architecture for e-mail applications. metric Cost information used to calculate the most efficient route for packets to take.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
542
Glossary
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) The MS-CHAP version 1 and 2 protocols are a take-off of the original Challenge Handshake Authentication Protocol (CHAP) as outlined in RFC 1994. The idea is that you connect to a remote access server, and you’re sent a challenge string. In answering the challenge string, you key in your username and password. The password is used to create a one-way hash using the Message Digest 5 (MD5) encryption scheme. In CHAP, the password is plain text. In MS-CHAP, the password is encrypted using MD4. In MS-CHAP v2, the entire mechanism is much stronger and allows for twoway authentication. Microsoft Mail for AppleTalk Networks (MacMail) A Microsoft messaging system implementation that allows AppleTalk servers and Macintosh clients to use e-mail. Microsoft Mail for PC Networks (MS Mail) A Microsoft messaging system implementation that allows Windows-based servers (also OS/2-based servers if the multiple-instance version is used) and DOS and Windows clients to use e-mail. Microsoft Management Console (MMC) A program that can act as a single point of administration in Windows 2000 networks. The MMC supports snap-ins from other applications or services such that the administrator can customize his administrative environment. Microsoft Point-to-Point Encryption (MPPE) A protocol that uses 40-, 56-, or 128-bit encryption keys using the Rivest-Shamir-Adleman (RSA) RC4 stream cipher; useful for all PPP connections except L2TP. It can be used only with EAP-TLS or MS-CHAP v2. MIME
See Multipurpose Internet Mail Extensions.
Mirrored A mirrored filter rule creates two separate rules with opposite effects. For example, an inbound filter rule allowing traffic from any address to TCP port 80 will, when mirrored, create a rule allowing traffic to any address on TCP port 80. MMC
See Microsoft Management Console.
modem Modulator/demodulator. A device used to create an analog signal suitable for transmission over telephone lines from a digital data stream. Modern modems also include a command set for negotiating connections and data rates with remote modems and for setting their default behavior.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
MS Mail MS-CHAP
543
See Microsoft Mail for PC Networks. See Microsoft CHAP.
MS-CHAP, MS-CHAP v2 See Microsoft Challenge Handshake Authentication Protocol. MSSearch The Windows 2000 Content Indexing component that allows a search on an archived piece of data. MTA
See Message Transfer Agent.
multicast Transmitting data to a select group of computers. Used primarily in video or audio streaming. Multicast Address Dynamic Client Allocation Protocol (MADCAP) protocol that issues leases for multicast addresses only. Multihoming connection.
A
Adding multiple IP addresses on a single physical network
Multiple Virtual Storage (MVS) An older operating system that was utilized on IBM mainframes. Today’s mainframes run a newer version of the operating system called OS/390. Multipoint Control Unit (MCU) A device used to manage multiple participants in an H.323 videoconferencing conference. multiprotocol routing Allows a Windows 2000 computer to accept packets from other computers on its local network, sort out the correct destination for each, and route them accordingly. Multipurpose Internet Mail Extensions (MIME) A widely used protocol that allows e-mail to include various types of information such as text, graphics, audio, and video. MIME is used to send these types of information over the Internet. A sending application must assign the MIME type to a document. The receiving application must review a list of standard MIME types to determine how the document should be opened. MVS NACK
See Multiple Virtual Storage. See Negative ACKnowledgement.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
544
Glossary
Name renewal Request sent by the client to notify the primary WINS server that it wants to continue using its registered name so that the server will reset the time-to-live (TTL). Name resolution component The component that acts as a DNS server for other machines on the local network; this works as a “proxy” for DNS. Name server A server that can give an authoritative answer to queries about its domain. NAT
See Network Address Translation.
native mode Active Directory mode in which you can use remote access policies to apply and enforce consistent policies to all users in a site, domain, or organizational unit. It allows the use of universal groups and the nesting of global groups.
See non-broadcast multiple access.
NBMA NDIS
See Network Driver Interface Specification.
NDR
See Non-Deliverable Report (NDR), sometimes Non-Delivery Report.
Negative ACKnowledgement (NACK) A packet transmitted from a receiver to a sender stating that an expected packet did not arrive. NetBEUI
See NetBIOS Extended User Interface.
NetBIOS
See Network Basic Input/Output System.
NetBIOS Extended User Interface (NetBEUI) A simple network layer transport protocol developed to support NetBIOS installations. NetBEUI is not routable, and so it is not appropriate for larger networks. NetWare A popular network operating system developed by Novell in the early 1980s. NetWare is a cooperative, multitasking, highly optimized, dedicated-server network operating system that has client support for most major operating systems. Recent versions of NetWare include graphical client tools for management from client stations. At one time, NetWare accounted for more than 70 percent of the network operating system market. NetWare Loadable Module (NLM) Software modules that are loaded and run on Novell NetWare operating systems.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
545
network adapter The hardware used to connect computers (or other devices) to the network. Network adapters function at the physical layer and the network layer of the Open System Interconnection (OSI) model. Network Address Translation (NAT) A service that allows multiple LAN clients to share a single public IP address and Internet connection by translating and modifying packets to reflect the correct addressing information. Network Basic Input/Output System (NetBIOS) A client/server IPC service developed by IBM in the early 1980s. NetBIOS presents a relatively primitive mechanism for communication in client/server applications, but its widespread acceptance and availability across most operating systems makes it a logical choice for simple network applications. Many of the network IPC mechanisms in Windows 2000 are implemented over NetBIOS. Network group A Windows 2000 special group that includes the users who access a computer’s resources over a network connection. Network Interface Card (NIC) An adapter that is installed in a computer in order to provide a physical connection to a network. network layer The layer of the Open System Interconnection (OSI) model that creates a communication path between two computers via routed packets. Transport protocols implement both the network layer and the transport layer of the OSI stack. For example, IP is a network layer service. Network Load Balancing (NLB) Service that allows you to combine two or more Windows 2000 Advanced Servers for fault-tolerance or performance improvement purposes. network naming Three services (DNS, DHCP, and WINS) that provide network name and address information to applications that request it. Network News Transport Protocol (NNTP) Designed and described in RFC 977, the protocol used for composing and distributing USENET news and discussion over the Internet. To utilize NNTP requires NNTP servers and clients. NNTP supports the concept of a newsgroup, a grouping of messages posted by people wanting to dialog about a particular topic and a newsfeed, which is the delivery of newsgroup articles fed from one server to another. newsfeed The delivery of newsgroup articles via the NNTP protocol from one server to another. Servers can either push the newsgroup articles to another server, or a server can pull newsgroups articles from another server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
546
Glossary
newsgroup by clients.
See Network Interface Card.
NIC NII
A discussion forum stored on an NNTP server and accessed
See Normal-Incremental-Incremental.
NLB
See Netware Load Balancing (NLB).
NLM
See Netware Loadable Module.
NNN
See Normal-Normal-Normal.
NNTP node
See Network News Transport Protocol (NNTP). A server that is a member of a Windows 2000 cluster.
node database An Instant Messaging (IM) term, this is the database that contains presence information for various IM participants. Non-broadcast multiple access A single router that can talk to multiple peers without using a broadcast. Non-Deliverable Report (also non-delivery report) (NDR) When a message is unable to be delivered to a recipient, the Exchange server delivers an e-mail message to the sender stipulating so. This message is referred to as an NDR. Normal-Incremental-Incremental (NII) A backup methodology that provides for one normal backup with the rest of the week’s succeeding backups being incremental. Normal-Normal-Normal (NNN) A backup methodology that provides for normal backups each night of the week. Notes, Lotus Notes Messaging system introduced by Lotus Corporation. In a Notes/Domino rollout, the Notes piece acts as the client to a Domino server. nslookup A tool that allows one to query a DNS server to see what information it holds for a host record. NWLINK IPX/SPX/NetBIOS Compatible Transport mentation of the Novell IPX/SPX protocol stack.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Microsoft’s imple-
Glossary
547
Object Linking and Embedding (OLE) A distributed object system and protocol invented by Microsoft. This system allows for the interchange of document objects. OfficeVision (OV)
An IBM mainframe-based messaging system.
offline The state of working with a groupware program while being disconnected from the e-mail server.
See Object Linking and Embedding.
OLE
online The state of working with a groupware program while being connected to the e-mail server. Open Shortest Path First (OSPF) A protocol designed for use on large or very large networks; it’s more efficient than most routing protocols but harder to set up and administer. The routes are calculated so that the shortest path (e.g., the one with the lowest cost) is used first. Open Systems Interconnection (OSI) model A reference model for network component interoperability developed by the International Standards Organization (ISO) to promote cross-vendor compatibility of hardware and software network systems. The OSI model splits the process of networking into seven distinct services, or layers. Each layer uses the services of the layer below to provide its service to the layer above. Organizational Unit (OU) Used in Active Directory, a container that denotes the organization to which individuals or groups belong. Used to ease administration of Active Directory objects and as a unit to which group policy can be deployed. The lowest level of Windows 2000 hierarchical notation. OSI model OSPF OU
See Open Systems Interconnection model.
See Open Shortest Path First.
See Organizational Unit.
Outlook Web Access (OWA) The method by which one access calendars, e-mail, and public folders using a browser to connect to the Exchange 2000 system. OV OWA
See OfficeVision. See Outlook Web Access.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
548
Glossary
Owner-version mapping table It keeps track of which WINS server owns (or holds) a particular registration, along with the highest version ID received from that server. packet Small chunks of data that are constructed, modified, and disassembled by network protocols at various levels of the OSI model. Each packet consists of three parts: a header, data, and a trailer. PAP
See Password Authentication Protocol.
Partial Replica A database that contains only a subset of the records found in a full copy of the original database. Used in Active Directory work. Passthrough action A security filter action, this “Permit” action tells the IPSec filter to take no action. It neither accepts nor rejects the connection based on security rules, meaning that it adds zero security. It allows traffic to pass without modification. Password Authentication Protocol The simplest and least secure authentication protocol; it transmits all authentication information in clear text, which makes it vulnerable to snooping. password policies Windows 2000 policies used to enforce security requirements on the computer. Password policies are set on a per-computer basis, and they cannot be configured for specific users. Password policies are set through account policies. patch panel The connecting device that acts as the termination point for the network cabling that runs through the walls and for the connector cables coming from servers or other equipment. Patch panels are purchased from vendors and typically are installed in some kind of rack system. The cabling coming through the walls from various points in the building is terminated at the back side of the patch panel. Jumper cables (or patch cords, as they’re called) come from computing gear and plug into the front of the patch panel. It is vital that the terminations at the patch panel be done by a reputable professional who has test gear that can validate the reliability of the termination. Payload
The data to be transmitted to the remote computer.
peer filters Filters that give you control over which neighboring routers your router will listen to; use the RRAS snap-in to configure peer filters and route filters.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
549
Performance Logs and Alerts A Windows 2000 utility used to log performance-related data and generate alerts based on performancerelated data. Periodic update mode RIP update mode in which routing table updates are automatically sent to all other RIP routers on the internetwork. See also auto-static update mode. permissions Security constructs used to regulate access to resources by username or group affiliation. Permissions can be assigned by administrators to allow any level of access, such as read-only, read/write, or delete, by controlling the ability of users to initiate object services. Security is implemented by checking the user’s security identifier (SID) against each object’s access control list (ACL). Personal Storage File (PST) Typically a locally kept file that contains user mailbox data that is no longer stored in the information store. physical layer The first (bottom) layer of the Open Systems Interconnection (OSI) model, which represents the cables, connectors, and connection ports of a network. The physical layer contains the passive physical components required to create a network. ping A command used to send an Internet Control Message Protocol (ICMP) echo request and echo reply to verify that a remote computer is available. Plain Old Telephone Service (POTS) PO
An ordinary telephone line.
See Post Office.
Pointer record (PTR)
In DNS, associates an IP address to a host name.
Point-to-Point Protocol (PPP) Enables computers to establish a TCP/IP connection over a dial-up modem connection, direct serial cable connection, an infrared connection, or any other type of serial connection. Point-to-Point Tunneling Protocol (PPTP) Protocol invented by Microsoft and several other partners in a collective effort known as the PPTP Forum. PPTP is designed to facilitate the setting up of a virtual private connection with a client coming over the Internet to a private network. The data is tunneled inside TCP/IP packets.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
550
Glossary
Poison-reverse processing An option that, when enabled, specifies that routes learned from a network are rebroadcast to the network with a metric of 16, a special value that tells other routers that the route is unreachable. This also prevents routing loops while still keeping the routing tables up to date. policies General controls that enhance the security of an operating environment. In Windows 2000, policies affect restrictions on password use and rights assignments, and determine which events will be recorded in the Security log. Policy module The module that contains information about how the CA handles an incoming request. Post Office Protocol version 3 (POP3) Standardized and documented in RFC 1081, POP3 is a messaging protocol that allows remote users to access a messaging server and retrieve e-mail. POP3 does not allow clients to send e-mail. POP3 has fewer features than its newer cousin, IMAP4. postoffice (PO) A term used in some messaging systems when talking about the collection of mailboxes, mail information, and directory. A PO in MS Mail terms would comprise the Information Store (IS) and Directory Structure (DS). POTS PPP PPTP
See Plain Old Telephone Service (POTS). See Point-to-Point Protocol. See Point-to-Point Tunneling Protocol.
presentation layer The layer of the Open Systems Interconnection (OSI) model that converts and translates (if necessary) information between the session layer and application layer. Primary DNS server A primary DNS server is the “owner” of the zone files defined in its database. The primary DNS server has authority to make changes to the zone files it owns. Primary DNS suffix Automatically appended upon DNS requests if the Append Primary And Connection Specific DNS Suffixes radio button is selected on the DNS tab of the Advanced TCP/IP Settings dialog box. Private addresses These addresses cannot receive traffic from, or send traffic to, the Internet. In every other respect, though, they’re just ordinary IP addresses. The idea behind private addresses is that you can use them to
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
551
configure a network that’s not connected to the Internet. If you wish to connect these machines to the Internet, you can use NAT to translate between public and private addresses. private key A key that must be held only by its owner and should never be publicly disclosed; also called a secret key. Professional Office System (PROFS) saging system. PROFS
An IBM mainframe-based mes-
See Professional Office System (PROFS).
protocol An established rule of communication adhered to by the parties operating under it. Protocols provide a context in which to interpret communicated information. Computer protocols are rules used by communicating devices and software services to format data in a way that all participants understand. Protocol Server In Exchange 2000, a server responsible for supporting a given mailbox owner’s protocol, such as POP3, SMTP, or NNTP. Protocol stack A group of protocols that implements an entire communication process. TCP/IP is an example of a protocol stack. PST
See Personal Storage File.
PTR
See Pointer record.
public key
See public-key encryption.
public key encryption A standard that utilizes a set of key pairs to digitally encrypt data going out over the Internet. You encrypt something with your private key. The receiving party then can read decrypt the document and read it using the public key that is part of the key set. Public Key Infrastructure (PKI) A system that uses certificates and certificate authorities, that can vouch for the authenticity of a client accessing an Internet or network resource. Pull partner
Pulls data from another server.
pull replication trigger A request for new data that works by sending a record number and asking for any records that are newer. push partner
Pushes data to another server.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
552
Glossary
Push replication trigger Signals the receiving server to request the changed data. push/pull partnership A partnership in which one server pulls while the other pushes. Often used when you want to pair up servers in even groups across a high-speed LAN connection. RADIUS RAID
See Remote Authentication for Dial-In User Service.
See Redundant Array of Inexpensive Disks (RAID).
RAS
See Remote Access Service.
RDN
See Relative Distinguished Name.
Recovery agent Users that have recovery authority. These users can recover encrypted files when the original key material is unavailable. See also recovery key. recovery key A key that allows encrypted data to be unencrypted without the original key. Redundant Array of Inexpensive Disks (RAID) A fault tolerance methodology in which several hard drives are installed into a computer in such a way that if one fails, the drive or drives can continue operation until repairs are made. There are several standards for RAID with RAID-0, RAID-1 and RAID-5 being the most popular. RAID-1 is a mirroring technique where two drives have the same data written to them. If one drive fails, the other one will continue to operate until the administrator can fix the problem. In a RAID-5 array, there is a stripe—called the parity stripe—written to the disk set that contains enough information such that if any one disk fails, the rest of the set can continue operation until repairs are made. Note that if two or more disks fail, the RAID-5 array may discontinue working. There are some hardware RAID-5 cards that can suffer a loss of two drives without failure. RAID-0 performs striping, but does not include the parity stripe. RAID can be implemented through software or hardware methodologies, though hardware is greatly preferred in enterprise scenarios. referral Referral is the process where, initially, an IMAP client issues a logon command to an IMAP server that is not the IMAP client's home server. The IMAP server passes the client's logon request to another IMAP server so that it can authenticate the client. IMAP referrals happen behind the scenes and are transparent to the user.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
553
Registry A database of settings required and maintained by Windows 2000 and its components. The Registry contains all of the configuration information used by the computer. It is stored as a hierarchical structure and is made up of keys, subkeys, and value entries. Relative Distinguished Name (RDN) The name of an object within its current level in the directory. For a user DC=COM/DC=MyCompany/ CN=Users /CN=jim.smith, jim.smith would be the user’s RDN. relay, relaying To utilize an Exchange server for propagating unauthorized commercial e-mail. Oftentimes, a scurrilous organization will find a port on an Exchange server that is not being blocked for relaying and use it to send out large batches of e-mail. Exchange 2000 blocks users and computers from relaying except those that are able to authenticate. Remote Access policies Like group policies, remote access policies allow the administrator to control whether users can get access or not. Unlike group policies, remote access policies are available only in native Windows 2000 domains. Remote Access profiles Allows an administrator to determine who can actually use dial-up capabilities. Remote access profiles work on individual accounts, whereas remote access policies work on groups of users. Remote Access Service (RAS) A service that allows network connections to be established over a modem connection, an Integrated Services Digital Network (ISDN) connection, or a null-modem cable. The computer initiating the connection is called the RAS client; the answering computer is called the RAS server. Remote Authentication Dial In User Service (RADIUS) An authentication protocol based on remote access clients passing credentials to a RADIUS client, which then queries a RADIUS server to authenticate the user. An advantage to RADIUS is that it is supported across a wide variety of platforms. Windows 2000 servers can act as both RADIUS clients and RADIUS servers. In addition to providing authentication services, RADIUS provides accounting services, allowing for the centralization of record keeping about users accessing the network through remote access methods. Remote Installation Services (RIS) A new Windows 2000 feature that allows administrators to set up automatic installation of Windows 2000 Professional and have standard installations happen automatically over the network.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
554
Glossary
Rendezvous Protocol (RVP) Communications taking place between an Instant Messaging (IM) client and server utilize the Rendezvous Protocol (RVP). replay In Exchange Server, replaying is the act of applying restored transactions logs to the Information Store. replication partners
Two servers that replicate data back and forth.
reservation An IP to MAC mapping that allows a DHCP server to always give the same IP address to a DHCP client. reverse lookup zone A database that helps computers translate IP addresses into DNS names. Resolver DNS client computer that makes requests to a server; these requests ask the server to resolve a client DNS name into the corresponding IP address, or vice versa. resource records Contains information about some resource on the network. There are several types of resource records. RFC
See Request For Comments.
RIP
See Routing Information Protocol.
RIS
See Remote Installation Services (RIS).
Root Certificate Authority The top-level CA, which signs its own certificate, asserting that it is root. route filters Filters that allow you to pick and choose which networks you want to admit knowing and for which you want to accept announcements. Routing and Remote Access Service (RRAS) Windows 2000 component that provides multiprotocol routing and dial-up access. Routing and Remote Access Services (RRAS) The Windows 2000 service that facilitates various remote access services (such as demand-dial and RAS) and routing services (such as RIP, OSPF, and others). Routing Engine An Exchange 2000 software component that allows for the calculation of the most efficient routing of an e-mail message.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
555
Routing Group Master (RGM) The Exchange 2000 server within a Routing Group that is responsible for alerting other servers in the Routing Group of connectivity status with other Routing Groups in the Exchange organization. The RGM is responsible for regularly checking the status of links with other Routing Groups and conveying that information to Exchange servers in the Routing Group. routing group A physical consideration in Exchange 2000, a routing group is a grouping of Exchange servers that shares the topology and characteristics of the underlying network. Routing groups are created to band together Exchange servers that share a well-established connection. Compare with earlier version Exchange sites. Compare with Administrative Groups. Routing Information Protocol (RIP) A small, lightweight protocol that allows for routing between small-to medium-sized networks. Limited to routes no more than 15 routers away. Windows 2000 supports two versions of RIP, version 1 and version 2. routing table Table of information maintained by an IP router. Each entry in the table contains a destination network ID, gateway address, and metric. RRAS RVP
See Routing and Remote Access Service. See Rendezvous Protocol.
S/MIME SA
See Secure Multipurpose Internet Mail Extensions.
See Security Association.
SAN
See Storage Area Network.
SAP
See Service Access Points.
schema The definitions of both the class objects and attribute objects that serve to describe the properties of each given class. The Exchange 2000 schema is stored in the Active Directory. Screened Subnet
See Demilitarized Zone (DMZ).
Secondary DNS server Pulls DNS information from the specified master server. Secondary DNS servers receive a read-only copy of zone files. The secondary DNS server can resolve queries from this read-only copy, but cannot make changes or updates.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
556
Glossary
Secure Multipurpose Internet Mail Extensions (S/MIME) A secure version of MIME that allows for encryption of documents being sent over the Internet that contains text, graphics, audio, and video. Secure Sockets Layer (SSL) A methodology invented by Netscape Communications for transmitting key-encrypted documents over the Internet. security The measures taken to secure a system against accidental or intentional loss, usually in the form of accountability procedures and use restriction, for example through NTFS permissions and share permissions. Security Association (SA) Provides all the information needed for two computers to communicate securely. It contains a policy agreement that controls which algorithms and key lengths the two machines will use, plus the actual security keys used to securely exchange information. Security identifier (SID) A unique code that identifies a specific user or group to the Windows 2000 security system. SIDs contain a complete set of permissions for that user or group. Security log A log that tracks events that are related to Windows 2000 auditing. The Security log can be viewed through the Event Viewer utility. Security method A pre-specified encryption algorithm with a negotiated key length and key lifetime. Security option policies Policies used to configure security for the computer. Security option policies apply to computers rather than to users or groups. These policies are set through Local Computer Policy. SENDMAIL An early message transfer software program originally written for BSD Unix and later implemented into Exchange Server. SENDMAIL commands are used as a method of sending command-line e-mail messages—such as when an automated process needs to send e-mail to someone about a process or activity. SENDMAIL implements SMTP as a daemon on Unix machines. server cluster A group of two or more servers brought together for the purpose of facilitating redundant and fault-tolerant operations of a given application or service. Service Access Points (SAP) Provided by the LLC sublayer so that other computers can transfer information through this sublayer to the upper OSI layers.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
557
service record (SRV) Links the location of a service such as a domain controller with information about how to contact the service. It provides seven items of information: service name, a transport protocol, the domain name for which the service is offered, the priority, the weight, port number on which the service is offered, and the DNS name of the server which offers the service. Service Ticket When a Windows 2000 client authenticates with a Windows 2000 server using Kerberos v5, this ticket is granted to an authenticated user for accessing a specific network service, such as Exchange. session layer The layer of the Open Systems Interconnection (OSI) model dedicated to maintaining a bi-directional communication connection between two computers. The session layer uses the services of the transport layer to provide this service. shared-nothing A cluster server paradigm in which a single node singularly communicates with a disk array. At failover time, the node that received the failover sets up a link with the storage media that the original node was communicating with. shared storage A cluster server paradigm in which a common disk array is shared among two or more nodes in the cluster. SID
See Security Identifier (SID).
signing One of the two fundamental operations associated with publickey cryptography (the other is encryption). Signing proves the origin and authenticity of some piece of data. SIMM
See Single In-Line Memory Module.
Simple Mail Transport Protocol (SMTP) A TCP/IP protocol used to transport e-mail over the Internet. Also the default protocol in Exchange 2000. Single In-Line Memory Module (SIMM) A small circuit board with RAM-integrated circuits on one or both sides and a single row of pins along one long edge. Single Point of Failure (SPOF) The place at which a device, system, program, or other computing entity has only one point of support and thus will completely shut down on failure.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
558
Glossary
Site Replication Service (SRS) An Exchange 2000 component that is utilized for interconnectivity of the global catalog and Exchange 5.5 directories. The SRS is automatically installed with Exchange 2000 installation and is put into play when the ADC is first run and a connection agreement is utilized. Small Office/Home Office (SOHO) A very small network. The standard SOHO has a little hub or switch, a few computers, a shared printer and maybe some other peripheral devices such as a scanner or CD writer. Dentist’s offices, hairdresser salons, home offices—there are many uses for a SOHO. SME
See Subject Matter Expert.
SMS
See Systems Management Server. See Simple Mail Transfer Protocol.
SMTP SNA
See Systems Network Architecture.
SNADS
See Systems Network Architecture Directory Services.
snap-in An administrative tool developed by Microsoft or a third-party vendor that can be added to the Microsoft Management Console (MMC) in Windows 2000. Source Extractor A program that allows administrators to obtain mail and calendar information from foreign messaging systems in a format that’s ready to import into Exchange Server. The Source Extractor is a component of the Exchange Migration Wizard. Special group A group used by the system, in which membership is automatic if certain criteria are met. Administrators cannot manage special groups. Special Ports tab Lists the port mappings you have in effect; you can add, edit, and remove them using buttons at the bottom of the tab. Split-horizon processing A processing and loop detection option that disallows a RIP router from rebroadcasting to that network. SPOF
See Single Point of Failure.
SRS
See Site Replication Service.
SRV
See service record.
SSL
See Secure Sockets Layer.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
559
Storage Area Network (SAN) A high-speed subnetwork of storage devices. When you set up a SAN, you supply many storage devices (devices equipped only for the storage of data, not its processing) that are simultaneously available to a large set of users and computers on the network. When new storage devices are added to the SAN, they too are made available for the same set of users and computers. You can control the space that’s given to any group of users or computers through SAN software. subdomain
Branches of a network.
Subject Matter Expert (SME) One who possesses a large body of knowledge about a given subject. subnet mask A number mathematically applied to IP addresses to determine which IP addresses are a part of the same subnetwork as the computer applying the subnet mask. Success Audit event An Event Viewer entry that indicates the occurrence of an event that has been audited for success, such as a successful logon. Superscope Allows you to group two or more scopes together even though they’re actually separate. switch fabric The logically created grouping of paths, routes and connected entities that makes up the switching context of a hardware switch. When several switches are connected together; you can also think about the switch fabric in enterprise terms instead of confining to one local switch. sysop
The primary contact and operator of a chat session.
System log A log that tracks events that relate to the Windows 2000 operating system. The System log can be viewed through the Event Viewer utility. System Monitor A Windows 2000 utility used to monitor real-time system activity or view data from a log file. system policies Policies used to control what a user can do and the user’s environment. System policies can be applied to all users or all computers, or to a specific user, group, or computer. System policies work by overwriting current settings in the Registry with the system policy settings. System policies are created through the System Policy Editor; they only apply to Windows NT, Windows 95, and Windows 98 machines.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
560
Glossary
system state A backup term, the system state is the collection of computer-specific data that can be backed up and restored. The system state data includes the computer’s registry, the Common Object Model+ (COM+) class registration database, and the system boot files. Depending on the nature of the computer, the system state can also include the Certificate Authority (CA) database, and if the computer is a domain controller, it will also include the Active Directory database and the SYSVOL directory. Systems Management Server (SMS) An enterprise software product available from Microsoft that allows for asset management, remote tools, software packaging, and network monitoring. Systems Network Architecture (SNA) IBM network protocols designed for mainframe computers. Systems Network Architecture Directory Services (SNADS) The SNA component that manages the location of resources and records. T.120 A standard that contains a series of communication andapplication protocols and services that provide support for real-time, multipoint data communications. TAO
Fischer International’s (www.fisc.com) messaging system.
TCP/IP
See Transmission Control Protocol/Internet Protocol.
TCP/IP port A logical port, used when a printer is attached to the network by installing a network card in the printer. Configuring a TCP/IP port requires the IP address of the network printer to connect to. TGS
See Ticket Granting Service.
TGT
See Ticket Granting Ticket.
Ticket Granting Service (TGS) service tickets.
A Kerberos v5 server service that grants
Ticket Granting Ticket (TGT) A ticket granted to a Kerberos v5 client for purpose of requesting a service ticket from a Kerberos Ticket Granting Service (TGS). TLH
See Top Level Hierarchy.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
561
Top Level Hierarchy (TLH) The main public folder tree in a storage group. There can be multiple TLH’s on an Exchange server because there can be multiple storage groups. tracert A tool used to map out the path that the packets are taking as they flow to a remote system. transaction log The log file that maintains recent Exchange 2000 Server database transactions. Transmission Control Protocol (TCP) A transport layer protocol that implements guaranteed packet delivery using the IP protocol. Transmission Control Protocol/Internet Protocol (TCP/IP) A suite of Internet protocols upon which the global Internet is based. TCP/IP is a general term that can refer either to the TCP and IP protocols used together or to the complete set of Internet protocols. TCP/IP is the default protocol for Windows 2000. transport layer The Open Systems Interconnection (OSI) model layer responsible for the guaranteed serial delivery of packets between two computers over an internetwork. TCP is the transport layer protocol in TCP/IP. Transport mode Another name for the end-to-end mode, in which IPSec is used to encrypt before data is sent and decrypted at the other end, while the data is protected during transport (obviously). transport protocol A service that delivers discreet packets of information between any two computers in a network. Higher-level, connection-oriented services are built on transport protocols. tree 1) A hierarchical definition in which you start with a root node and navigate downward to one or more child nodes. A child node can have child nodes beneath it, but contains only one parent node. The root node contains no parent node; 2) A Windows 2000 domain and the child domains beneath it that all share a contiguous name space. There can be multiple trees in a Windows 2000 forest. tunnel A private, virtual circuit between a client and a server using the Internet as a transportation medium. tunnel endpoint
The systems at the end of a two-way IPSec tunnel.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
562
Glossary
Tunnel mode The use of IPSec to secure traffic that’s being passed over someone else’s wire. UDP
See User Datagram Protocol.
Unicast routing
One machine sends directly to one destination address.
Unicast scope DHCP scope used to assign unicast (point-to-point) addresses. Compare with MADCAP. Uninterruptible Power Supply (UPS) An alternative power supply, powered by batteries or other alternative medium, that is guaranteed to provide power to a computer in the event of interruptions in its connected electrical power. Universal Distribution Group (UDG) An Exchange 5.5 Distribution List (DL) is brought forward into Active Directory due to an upgrade to Exchange 2000. Appears as a mail-enabled group object of type distribution with a scope of Universal. Universal Security Group (USG) A group given Universal security access. USG’s have the potential to be given permissions to each domain in the forest. Thus, they’re a good choice for applying permissions to Exchange 2000 Public Folders. Unix to Unix Encoding (UUENCODE) encoding binary data to ASCII.
A Unix program used for
Uplink port A port on a switch or hub, typically in the back of the device, very often a separately purchased add-on card, that connects the device to the backbone of the network. Uplink ports typically run an order of magnitude faster than the user ports on the device, e.g. user ports run at 10Mbps while the uplink port runs at 100Mbps. UPN
See User Principal Name.
UPS
See Uninterruptible Power Supply (UPS).
User Datagram Protocol A connectionless Internet transport protocol included in the TCP/IP protocol standard.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
563
User Principal Name (UPN) In Active Directory, a user logon name coupled with the “@” sign and the domain that the user is associated with in the forest. [email protected] is an example of a UPN. Because a UPN is tied to the domain or subdomain that a user might be in, you can understand that domain names might get very long. The administrator can create aliases for subdomains so that users don’t have to key in long strings for their UPNs in order to quickly log on. user profile A profile that stores a user’s Desktop configuration. A user profile can contain a user’s Desktop arrangement, program items, personal program groups, network and printer connections, screen colors, mouse settings, and other personal preferences. Administrators can create mandatory profiles, which cannot be changed by the users, and roaming profiles, which users can access from any computer they log on to. user rights policies Policies that control the rights that users and groups have to accomplish network tasks. User rights policies are set through Local Computer Policy. Users group A Windows 2000 built-in group that includes end users who should have very limited system access. After a clean installation of Windows 2000 Professional, the default settings for this group prohibit users from compromising the operating system or program files. By default, all users who have been created on the computer, except Guest, are members of the Users group. USG
See Universal Security Group.
UUENCODE VAX
See Unix to Unix Encoding (UUENCODE).
See Virtual Address eXtension (VAX).
Version ID An internal record used to identify which server in a replication partnership has the more recent version of a registration. VINES (also known as Banyan VINES) In the last half of the 20th century, a popular network operating system (NOS) that boasted the first directory-type structure. Virtual Address eXtension (VAX) A mini-computer system introduced by Digital Electronics Corporation (DEC). The VAX computer ran the Virtual Memory System (VMS) operating system.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
564
Glossary
Virtual Local Area Network (VLAN) A group of computers that behave as though they were connected together on the same LAN, even though they may be separated into different subnets. VLANs are created using software and managed through software interfaces, though routers can work with VLANs. Virtual Machine (VM) A system that appears to be operating completely at the behest of one user, but in reality is servicing many at a time. Virtual Memory (VM) The ability of a system to use some of the disk storage for system memory. Windows computers are capable of utilizing virtual memory, as were earlier systems such as the VAX VM system. Virtual Private Network (VPN) A secure method of connecting a user and a private network or a network and a network over the Internet. The protocol used to accomplish this tunnels data in TCP/IP over the Internet to the private network. The client is then authenticated and logged on. Windows 2000 supports two VPN tunneling protocols: Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP), as well as two encryption protocols for use with VPN technology: Microsoft Point-to-Point Encryption (MPPE) is used with PPTP, and IPSec is used with L2TP. Virtual Server In Exchange 2000, an instance of a server that appears to a group of users as a single logical server. You can have more than one virtual server on an Exchange 2000 server. Typically virtual servers have their own names and IP addresses. VLAN VM VPN WAN
See Virtual Local Area Network.
See Virtual Machine (VM). See Virtual Private Network (VPN). See Wide Area Network.
Warning event An Event Viewer event that indicates that you should be concerned with the event. The event may not be critical in nature, but it is significant and may be indicative of future errors. Web-based Distributed Authoring and Versioning (WebDAV) An IETF standard (RFC 2518), WebDAV allows clients to copy, delete, move, and perform other functions on documents over the Internet. Clients can also obtain a document’s properties over the Internet using WebDAV.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
Glossary
565
Exchange 2000 uses this extension of HTTP 1.1 in order to provide file manipulation and to support application collaboration. WebDAV See Web-based Distributed Authoring and Versioning (WebDAV). well-established connection, well-connected Used when speaking of routing groups, a well-established connection is a connection between two servers that is high-speed and available 24/7/365. Wide Area Network (WAN) A group of Local Area Networks (LANs) that is connected together by specialized telephony or wireless circuits. WANs are typically connected together by frame relay, X.25, ISDN, microwave, or satellite connections provided by a company specializing in WAN circuits. Windows Internet Name Service (WINS) A network service for Microsoft networks that provides Windows computers with Internet numbers for specified NetBIOS computer names, facilitating browsing and intercommunication over TCP/IP networks. WINS
See Windows Internet Name Service.
WINS name registration A request sent by the client to the designated WINS server to register its name and IP address. WINS name release of its name.
A request sent by the client to relinquish ownership
WINS server The server that runs WINS and is used to resolve NetBIOS names to IP addresses. X.25 A packet-switching protocol, similar to but older than frame relay, designed for connectionless delivery of information from a source to a destination. Used to connect LANs together in a WAN. X.400 An International Organization for Standardization (ISO) and International Telecommunication Union (ITU) standard for the addressing and transporting of e-mail messages. X.400 conforms to the application layer of the OSI model (layer 7) and supports several types of transport mechanisms including Ethernet, X.25, TCP/IP and dial-up lines. X.509 v1, X.509 v3 A widely used digital certificate definition used in the granting of certificates in Web applications that use Secure Sockets Layer (SSL).
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com
566
Glossary
XML
See eXtensible Markup Language.
ZENWorks (ZEN) A systems management product from Novell Corporation. See also Systems Management Server (SMS). Zone transfer Copies information from a primary DNS server to a secondary DNS server. Zones
Subtree of the DNS database that is considered a single unit.
Copyright ©2001 SYBEX , Inc., Alameda, CA
www.sybex.com