Microsoft Exchange 2000 Server Adminstrator's Companion
Authors: Glenn W. J., English B.
Published year: 1999
In this chapter, you learned how to take information about the needs of your users and the current assessment of your network and use it to design an Exchange organization. The design of an organization happens at three distinct levels: the organizational level, the routing group level, and the server level.
Part 2 of this book has shown you how to collect and use information about your situation in planning your Exchange organization. Chapter 7 begins Part 3, which looks at the deployment of Exchange 2000 Server. In Chapter 7, you will learn how to install Exchange 2000 Server.
So far, you've learned a bit about how Microsoft Exchange 2000 Server works and how to plan your Exchange organization. In this chapter, you'll actually get your hands dirty and install Exchange 2000 Server. You'll do this in four basic stages:
Regardless of whether you're installing Exchange 2000 Server as the first server or as a subsequent server within the Exchange messaging system, you'll find that if you select the right options, Exchange 2000 Server is not difficult to install. If you choose the wrong options, however, you may end up having to reinstall the software. For anyone involved in installing Exchange 2000 Server, this is a critical chapter.[Previous] [ Next ]
Although it's tempting (and easy enough) simply to insert the Exchange Server CD-ROM and run the Setup program, it's best to take care of a few chores first. You should verify that your server is correctly configured, gather some information, and set up special accounts. If you created a good deployment plan, you probably have all the information you need.
REAL WORLD Taking Exchange 2000 Server for a Test Drive
If you are considering upgrading your Exchange organization to Exchange 2000 Server from a previous version, we recommend trying the new version on a nonproduction server first to get a feel for its new features. You may also want to test-drive the software even if you are creating a new system rather than upgrading. Testing Exchange 2000 Server before deployment can help you plan the best ways to implement some of the features offered by the new version as those decisions come up during the "real" installation.
If you do decide to take Exchange 2000 Server for a test drive, we recommend setting up a test network that is physically separate from your actual network. If you do not have the resources for a separate network, you can test Exchange 2000 Server on a server on your existing network.
The following is a checklist of critical questions that you should ask yourself before starting an Exchange Server installation. The answers to some of them may seem a bit obvious, but taking the time to study them before you begin will prevent problems during or after installation:
Before installing Exchange 2000 Server, you must make sure that your machine meets the minimum hardware requirements. Table 7-1 details Microsoft's minimum and recommended configurations for a computer running Exchange 2000 Server. Keep in mind that these requirements indicate the configurations on which Exchange Server will run, not those on which it will run well . Many Exchange servers require multiple processors and more memory to execute the desired services.
Table 7-1. Minimum and recommended hardware configurations
|Processor||200 MHz Pentium||400 MHz Pentium II|
|Memory||128 MB||256 MB|
|Disk space||2 GB for Exchange, 500 MB available on system drive||Space for e-mail and public folders; multiple physical disks configured as a stripe set or stripe set with parity|
To allow you to verify that your hardware and software are compatible with a given Microsoft product, Microsoft publishes hardware and software compatibility lists. Because these lists are published for various Microsoft operating systems and applications and are updated often, Microsoft publishes them on line in searchable form at http://www.microsoft.com/hcl/ .
On this Web page, you can enter the name of any Microsoft product for which you want to view the lists of compatible hardware or software. Of particular interest are the lists for the Microsoft BackOffice suite, of which Exchange 2000 Server is a component. The products on these two lists have successfully passed a series of difficult tests to verify that they take advantage of BackOffice technology and are authorized to display the BackOffice logo on their product materials.
If you plan to add future enhancements, such as a fax service, to the Exchange Server environment, check the BackOffice software compatibility page to help you select a compatible application.
Microsoft provides its service packs on line for free and on CD-ROM for a small charge. A service pack is an update to an operating system or application that encompasses the solutions for multiple problems. In contrast, hot fixes, or patches, are solutions to single, immediate problems with an operating system or application. A service pack will include all hot fixes up to the point that the service pack is released. Service packs and hot fixes assure you quick access to the latest improvements for your operating system or applications.
To get the latest service pack or set of hot fixes from Microsoft, downloading is the way to go. Be aware, however, that although hot fixes are usually small and quick to download, a service pack is typically several megabytes in size and can take a very long time to download, even with a fast Internet connection. Most—but not all—service packs include the contents of past service packs within them. Check to make sure that the service pack you are downloading does include past service packs if you do not already have them installed on your system. This information will be in the Readme file.
Once you have downloaded a service pack, it is important that you test it on another system before implementing it in your production environment. You should test it on the exact same type of hardware that you have running in your environment.
Unfortunately, Microsoft's minimum configuration—a 200-MHz Pentium with 128 MB of RAM—is not sufficient for anything but a very small organization or test server, and even then, performance will depend on what you're doing with the server. For optimal performance, you should run Exchange 2000 Server on a computer that is not also functioning as a Windows 2000 domain controller for your network. All domain controllers experience some capacity loss due to the overhead required to manage security for the domain. The amount of this overhead is determined by the size and activity of the domain.
Although an Exchange server performs better if it is running on a machine that is dedicated to Exchange messaging, it is not uncommon in small networks to have one machine serve as both a domain controller and an Exchange server because it saves the expense of an extra machine. Saving on a machine, however, may result in meager performance for both Windows 2000 Server and Exchange 2000 Server.
If your computer needs to play the roles of both Exchange server and domain controller, you'll want more powerful hardware than that listed in Table 7-1. Also, running Exchange 2000 Server on the domain controller means that administrators of that machine must be administrators on all domain controllers. Furthermore, there is a security risk in that anyone who uses the Web Connector will need the right to log on locally at the server, which is generally not a privilege allowed for users on a domain controller.
The Exchange 2000 Server architecture was developed to participate in a Windows 2000 network. In fact, you can install Exchange 2000 Server only in a domain with a Windows 2000 server configured as a domain controller with a Global Catalog. You must also have DNS resolution running in your domain. If you do not have a DNS server in your domain, you can configure a Windows 2000 server as a DNS server. For more on this subject, see Chapter 4. The network can have one or more Active Directory forests, each with multiple domain trees in it, and each domain tree can consist of one or more domains. Each Exchange server must be a member server or a domain controller. If it is a member server, the Exchange server must be able to access a domain controller in order to function.
Specifying the role of a server involves more than simply configuring it as a domain controller or as a member server. It also includes indicating the services that the server will provide to the network. One of these services is IIS. Hardware capacity is even more critical if your server is also running IIS or other network applications. IIS, which is required to install Exchange 2000 Server, uses considerable memory and processing power, depending on its configuration. For example, if IIS is configured to provide FTP service as well as the SMTP and NNTP services, it uses many more CPU cycles and much more hard disk space than if it did not provide those services. When determining your hardware requirements, you should list the services that the server will host and the hardware requirements of the various applications. Start with the application with the largest hardware requirements, and then increment the RAM, processor speed, and storage capacity for each additional service by about half of its own recommendation. You will then have a fair idea of your server's hardware needs. For more information on planning your server hardware, see Chapter 6.
When you install IIS on a Windows 2000 server (either during setup or afterward), make sure that the NNTP stacks are also installed. NNTP is not included in the default IIS installation, and it is necessary in order to install the messaging components of Exchange 2000 Server.
Increasing the speed of your processor and the amount of storage and memory on your computer are effective ways of making your Exchange server more powerful. You can also optimize your existing hardware to help boost the performance of an Exchange server if you configure the operating system in the following ways:
In addition to making sure that your computer's hardware can handle Exchange 2000 Server, you need to check certain other settings before proceeding with your setup.
Exchange 2000 Server can be installed only under Windows 2000 Server. Make sure that the NetBIOS name given to your Windows 2000 server is the name that you want your Exchange server to have. It is simple enough to change the name of a member server before installing Exchange 2000 Server, but it's nearly impossible to do so afterward. You can change the name beforehand by clicking the Properties button on the Network Identification tab of the System Properties dialog box, accessed by clicking the System icon in Control Panel. This displays the Identification Changes dialog box, as shown in Figure 7-1. For more information on Exchange 2000 Server's integration with Windows 2000 Server, see Chapter 4.
Figure 7-1. Changing the name of your Windows 2000 server.
When you install the first Exchange server in an organization, you also create a new Exchange organization, routing group, and Administrative group. If you are installing Exchange 2000 Server on a single-domain network or if your new Exchange routing group will not cross any domain boundaries, you should have no problems. However, if your new routing group will cross domain boundaries, you need to make sure that appropriate security has been established before you start Setup.
Exchange 2000 Server includes support for many Internet protocols, including Simple Mail Transfer Protocol (SMTP), Network News Transfer Protocol (NNTP), and HTTP. All of these protocols rely on the TCP/IP suite to operate . In fact, SMTP is now the default messaging transport mechanism in Exchange Server, meaning that TCP/IP must be configured on your Windows 2000 server before you install Exchange 2000 Server. To do so, open the TCP/IP properties of the network connection you are using, or use the Ipconfig utility, as shown in Figure 7-2. Note that each server's Ipconfig output reflects the actual IP configuration of that server—and varies widely from machine to machine.
Figure 7-2. Using the Ipconfig /All command to verify TCP/IP configuration.
For more information on configuring Windows 2000 networking, consult your Windows 2000 product documentation. You might also want to check out the Microsoft Windows 2000 Server Administrator's Companion by Charlie Russel and Sharon Crawford (Microsoft Press, 2000).
IIS 5.0 or later is required on the server on which Exchange 2000 Server will be installed. Fortunately, IIS 5.0 is part of Windows 2000 Server. In fact, a default installation of Windows 2000 Server includes IIS 5.0. The SMTP service is also included as part of the default installation. To install Exchange 2000 Server, however, you will also need to make sure that the NNTP service is installed—something that is not done by default. You can include it during Windows 2000 installation or install it separately at any time thereafter.
In addition to taking advantage of the built-in security of Windows 2000 Server, Exchange 2000 Server provides advanced security in the form of an optional component named the Key Management Service (KMS). The KMS works in conjunction with the Active Directory directory services to manage the encryption keys used to encrypt e-mail messages. It integrates with Microsoft Certificate Services to provide services. For more information on configuring and supporting the KMS, see Chapter 21.
Windows 2000 Server provides support for clustering technology, in which two Windows 2000 servers, called nodes, can be grouped to act as a single network unit. Clustering is designed to provide reliability through hardware redundancy. If one server in a cluster fails, another server in that cluster can take over, providing near-continuous access to network resources. To install Exchange 2000 Server in a clustered environment, you must ensure that a cluster has a single network name and IP address as well as a shared disk that is part of an external disk array. You can learn more about using Exchange 2000 Server in a clustered environment in Chapter 20.
Whenever you add components to or remove components from the clustered Exchange server installation, you run the Setup program on the first node as usual. You must then run Setup again on the second node and choose the Upgrade Node option.
Exchange 2000 Server provides support for a connector that allows Exchange Server and Microsoft Mail for AppleTalk Networks to transfer messages and share directory information. To install this optional component, you must ensure that Windows 2000 Services for Macintosh is installed and configured correctly on the computer on which you plan to install Exchange Server.
Your last task before starting Exchange Server Setup is creating some special user accounts. The first account, the Site Services account, is required. The second, a special Exchange Administrator's account, is helpful for distributing Exchange administration responsibilities.
Each of the main components of Exchange 2000 Server acts as a Windows 2000 service. For these components to communicate with one another, with services on other Exchange servers, and with the Windows 2000 Active Directory directory service, all of the services within a routing group must have a common security context. This context takes the form of a special Windows 2000 user account called a service account.
When you install Exchange 2000 Server, you are asked to specify this service account. Although you can specify any existing user account, we highly recommend that you create a special account for this purpose instead of using a normal user account.
You can create this new account via Active Directory Users and Computers, assuming that you have administrative privileges in the domain in which you'll be installing Exchange 2000 Server. In the Active Directory Users and Computers console window, select the Users folder, and choose New User from the Action menu. In the New Object - User dialog box (Figure 7-3), enter an appropriate user name and full name. In the next screen of the wizard (Figure 7-4), specify the password. Because the service account has considerable access to the network, select a complex password that cannot be guessed easily. This step further secures your network. (Be sure to write down the user name and password, because you'll need to know them during the installation.) You also need to select both the User Cannot Change Password and Password Never Expires options so that this account does not encounter authentication problems. When you're done, click Finish to create the new account. Setup will assign other rights required by the new service account.
Figure 7-3. Naming the Site Services account.
Figure 7-4. Creating a password for the Site Services account.
Exchange administration and Windows 2000 administration are handled separately. Just because an account has administrative privileges in Windows 2000 does not necessarily mean that the account will have administrative privileges in Exchange. When you install Exchange 2000 Server, one user account is given permission to administer Exchange: the account that you are logged on with when you start the installation. If you want to enable other Exchange administrators, you must do so manually, using the Exchange System snap-in.
For this reason, make sure that when you start Exchange Server Setup, you are logged on from the account that you want to use for Exchange administration. This account can be the preconfigured Administrator account, your own account, or a special one that you create just for the task. It should be a member of the following Windows 2000 security groups: Domain Admins, Enterprise Admins, and Schema Admins. Later, you can assign administrative privileges to other accounts or groups.
Before creating the accounts, you should perform two tasks to ensure that, if necessary, you can restore the system to the same state in which it started. One of these tasks is to create an emergency repair disk. You use the Windows 2000 Backup utility, available in the System Tools folder on the Programs menu, for creating these disks. In Windows Backup, choose Create An Emergency Repair Disk from the Tools menu, and follow the steps for creating the disk. You will need one formatted 1.44-MB floppy disk.
The second task is to back up your server, for which you can also use Windows Backup. Most administrators select a tape backup system for backing up their servers on an ongoing basis. The best thing to do at this point is to execute a full system backup. Chapter 24 discusses the procedure for backing up an Exchange 2000 server using Windows Backup. Although the procedure for backing up a Windows 2000 server is a bit different from the one described there, you can use that chapter as a tutorial for backing up your system prior to installing Exchange 2000 Server as well.
Microsoft Exchange 2000 Server Adminstrator's Companion
Authors: Glenn W. J., English B.
Published year: 1999