Lesson 2: Exchange Server 2003 Integration with Active Directory

Previous page
Table of content
Next page

Exchange Server 2003 is tightly integrated with Active Directory, in that Exchange Server 2003 uses Active Directory as the storage mechanism for its data (although Exchange Server 2003 still uses its own databases for storing the content of messages and transaction logs). This is different from Exchange Server 5.5 (and earlier versions), which maintained its own directory and databases independent of the operating system and even maintained its own replication infrastructure. In order to deploy Exchange Server 2003 effectively in an Active Directory environment, you must first understand how Exchange Server 2003 stores data in Active Directory.

start example

After this lesson, you will be able to

  • Understand how Active Directory is partitioned into naming contexts

  • Understand how Exchange Server 2003 uses global catalog servers

  • Understand how Exchange Server 2003 leverages Active Directory groups

Estimated lesson time: 15 minutes

end example

Naming Contexts

Active Directory is partitioned into naming contexts. The three naming contexts are

  • Domain

  • Configuration

  • Schema

These naming contexts provide boundaries for and structure to the Active Directory database and can have their own replication and permissions configuration.

Domain Naming Context

The domain naming context is where all the domain objects for Exchange Server 2003 are stored. These objects include recipient objects like users, groups, and contacts. Exchange Server 2003 extends the attributes Active Directory includes for these types of objects, meaning that, in contrast to Exchange Server 5.5, Exchange Server 2003 mailboxes and Active Directory user accounts are not separate objects. For example, with Exchange Server 2003, you mailbox-enable a user account rather than create a mailbox object in Exchange Server and associate a user account with the mailbox.

Configuration Naming Context

The configuration naming context stores information about the physical structure of the Exchange organization, such as routing groups and connectors. Active Directory replicates this data to all domain controllers in the forest, which marks the security boundary of an Exchange organization.

Schema Naming Context

The schema naming context contains information about all of the object classes and their attributes that can be stored in Active Directory. This data is replicated to all domain controllers in a forest. During the deployment of Exchange Server 2003, the Active Directory schema is extended to include the classes and attributes specific to Exchange Server 2003. A visible example of the schema extensions is in the Exchange-specific options that are available in a user account in the Active Directory Users And Computers console after the installation of Exchange Server 2003.

Global Catalog Integration

Exchange Server 2003 uses two services—DSProxy and DSAccess—to access the global catalog.

DSProxy

While Microsoft Outlook 2000 and 2003 clients can access a global catalog directly, other clients cannot. So Exchange Server 2003 provides a proxy service called DSProxy to function as an intermediary between the client and the global catalog. DSProxy works as a facilitator to allow Outlook clients to access information within Active Directory through the Name Service Provider Interface (NSPI). In addition, the DSProxy service supports older Messaging Application Programming Interface (MAPI) clients by forwarding requests directly from the client to the global catalog server. DSProxy does not examine the request; instead, it blindly forwards the request and then returns the results. The process is transparent to the user.

DSAccess

Exchange Server 2003 shares global catalog functionality with other Active Directory services, so it is important to reduce the impact of Exchange Server 2003 queries. DSAccess implements a directory access cache that stores recently accessed information for a configurable length of time. This reduces the number of queries made to global catalog servers. Increasing the cache and timeout period too much can cause problems with out-of-date data, while a cache that is too small and a short timeout period can cause performance problems, as well.

Active Directory Group Integration

The use of security groups and distribution groups is another feature in which Exchange Server 2003 integrates with Active Directory. Versions of Exchange Server prior to Exchange Server 2000 maintained their own distribution lists, which contained recipients that were members of the Exchange organization (mailboxes, custom recipients, and other distribution lists). These distribution lists existed only within Exchange and were unrelated to the Windows user accounts database. Exchange Server 2003 does not maintain its own distribution lists. Instead, Active Directory security groups and distribution groups are extended to support e-mail addresses. In this way, the group can be used as a mail recipient, with the message being distributed to each member of the group.

Lesson Review

The following questions are intended to reinforce key information presented in this lesson. If you are unable to answer a question, review the lesson materials and then try the question again. You can find answers to the questions in the "Questions and Answers" section at the end of this chapter.

  1. You are an Exchange Server 2003 consultant that has been contacted by Contoso, Ltd., to help analyze their network environment and make recommendations as they prepare to migrate from Windows NT Server 4 and Exchange Server 5.5 to Windows Server 2003 Active Directory and Exchange Server 2003. They are concerned about total cost of ownership (TCO), especially as it concerns having to duplicate user information between Windows and Exchange. What advice can you give them about this concern?

  2. Which Active Directory naming context is responsible for the storage of Exchange Server 2003 recipient objects?

    1. The domain naming context

    2. The schema naming context

    3. The configuration naming context

  3. What is the primary function of the DSAccess service?

    1. To provide access to Active Directory information for Microsoft Outlook and MAPI clients.

    2. To store information about all Active Directory objects and their attributes.

    3. To store information about routing groups and connectors used to access other sites in the Exchange organization.

    4. To implement a directory cache to reduce the number of global catalog queries.

Lesson Summary

  • The domain naming context stores information about Exchange Server 2003 recipient objects.

  • The configuration naming context stores information about Exchange Server 2003 routing groups and connectors.

  • The schema naming context stores information about all Active Directory objects and their attributes.

  • Exchange Server 2003 uses Active Directory security groups and distribution groups rather than maintaining its own distribution lists.



Previous page
Table of content
Next page
MCSA/MCSE Self-Paced Training Kit (Exam 70-284(c) Implementing and Managing Microsoft Exchange Server 2003)
MCSA/MCSE Self-Paced Training Kit (Exam 70-284): Implementing and Managing MicrosoftВ® Exchange Server 2003 (Pro-Certification)
ISBN: 0735618992
EAN: 2147483647
Year: 2003
Pages: 221
Authors: Will Willis, Ian McLean
BUY ON AMAZON
Snort Cookbook
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Mapping Hacks: Tips & Tools for Electronic Cartography
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
What is Lean Six Sigma
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy