< Day Day Up > |
Exchange Server 2003 is not a program that should simply be put into the CD-ROM drive and installed without any preparation (see Figure 2.1). Installing Exchange Server 2003 has a lasting effect on the domain. Active Directory is extended and altered significantly, and those changes can be difficult to remove, even if Exchange Server 2003 is later uninstalled. For this reason, Microsoft has made sure that the 70-284 exam tests a candidate's knowledge of the necessary preparations that must be taken before the installation of Exchange Server 2003 begins. These preparations can be broadly divided into five categories:
Figure 2.1. The splash screen that is displayed when you insert the Exchange Server 2003 CD-ROM.Each of these categories must be dealt with before the installation of Exchange Server 2003 begins. It is important to understand these requirements because if any of them are not met, Exchange Server 2003 will not install correctly. Network Environment RequirementsThe installation of Exchange Server 2003 requires a Windows network environment to meet certain specific criteria. Without meeting these criteria, Exchange Server 2003 will either not install or will not function correctly after installation. For the exam, it is important to know exactly what conditions the preexisting Windows network environment must meet before Exchange Server 2003 can be installed successfully. These conditions are as follows:
Hardware RequirementsTo function effectively, Exchange Server 2003 must be installed on a server system that is sufficiently well provisioned with adequate hardware. Microsoft has published minimum and recommended hardware requirements to help you determine whether your current machines are adequate or what specifications new machines must have. In the real world, an administrator would be unlikely to install a new product, such as Exchange Server 2003, on a system with dated hardware, but exam candidates should be able to identify the minimum and recommended specifications, lest they appear on the 70-284 exam.
Tables 2.2 and 2.3 list the minimum and recommended hardware requirements of both Exchange Server 2003 Standard and Enterprise editions.
Server Platform RequirementsAs noted, the server system that Exchange Server 2003 is installed onto must meet several requirements. Recall that if Exchange Server 2003 is being installed on a Windows 2000 Server, that Windows 2000 Server system must be patched with at least Service Pack 3. Other system requirements that you need to be aware of deal with services that must be installed and running at the time that Exchange Server 2003 is installed. These services must be installed, configured, and running regardless of whether Exchange Server 2003 is being installed on Windows 2000 Server or Windows Server 2003. These services can be installed (as shown in Figure 2.2) by going to the Add/Remove Windows Components in the Add/Remove Programs applet of Control Panel. The services that need to be installed and running for Exchange Server 2003 installation to work are
Figure 2.2. Installing requisite IIS components.The only one of these services that is optional is ASP.NET. If ASP.NET is not available, a custom installation must be performed and the Outlook Mobile Access component will not be available. If Exchange Server 2003 is installed on the Windows 2000 Server platform,.NET Framework and ASP.NET are automatically installed if not already present. The .NET Framework is automatically installed on Windows Server 2003, which was originally called Windows .NET Server before its final release. Exchange Server 2003 Deployment ToolsThe Exchange Server 2003 deployment tools are a set of tools and product documentation designed to lead you through the installation process. The tools, shown in Figure 2.3, take the form of a checklist (see Figure 2.4) that you complete as you proceed with the installation process:
Figure 2.3. The Exchange Server 2003 deployment tools provide an intuitive way of installing the messaging system.Figure 2.4. The deployment tools checklist for the first Exchange Server 2003 system installed in an environment without Exchange.The final three items on the checklist are running ForestPrep, running DomainPrep, and then finally installing Exchange Server 2003. These steps are covered in their own sections, later in this chapter.
ForestPrepEach domain in an Active Directory forest shares a common schema. The schema is maintained by a single server in the forest. That server holds the Schema Master role. Generally, the Schema Master is the first domain controller installed in a forest. Do note that the Schema Master role can be transferred, so the first domain controller might not always be the Schema Master. Indeed, the Schema Master need not remain in the original forest root domain.
The ForestPrep utility (see Figure 2.7) extends the schema to include enhancements specific to Exchange Server 2003. These enhancements include specific AD classes and attributes. The ForestPrep utility also creates a container object within AD for the Exchange Server 2003 organization. ForestPrep only needs to be run once, unlike DomainPrep, which must be run in each domain that will use Exchange in the forest. For those considering upgrading from Exchange 2000 Server to Exchange Server 2003, it is important to realize that the schema extensions installed by running the ForestPrep utility for Exchange Server 2003 are different than those installed when you run the ForestPrep utility for Exchange 2000 Server. Figure 2.7. Preparing to run ForestPrep.Hence, even if you have run ForestPrep when you installed Exchange 2000 Server, you need to do this again before you install Exchange Server 2003. Installing Exchange Server 2003 in existing Exchange environments is covered more thoroughly in Chapter 3. The account used to run the Exchange Server 2003 ForestPrep utility must be a member of both the Schema Administrators and the Enterprise Administrators group. If the account is not a member of both of these groups, ForestPrep will not run correctly. While running ForestPrep, you will be instructed to select a group or particular user account that has the right to install and manage Exchange Server 2003 in all domains within the forest (see Figure 2.8). This right is known as the Exchange Full Administrator permission. This particular user or group has the authority to delegate further Exchange Full Administrator permissions after the first Exchange Server 2003 system is installed. Figure 2.8. Delegating the Exchange Full Administrator permission to an account.Running ForestPrep on a domain controller in the forest root domain, as opposed to a member server in the forest root domain, speeds up the ForestPrep process because replication of the changes will propagate more quickly. Microsoft recommends that Exchange roles be delegated only to Global or Universal security groups rather than Domain Local security groups. This is less important in a situation in which there is only a single domain in the forest.
DomainPrepAfter ForestPrep has been run to add the necessary extensions to the AD schema, individual domains must be prepared by using the DomainPrep utility (see Figure 2.9). DomainPrep works within a domain to create the necessary groups and permissions that Exchange Server 2003 servers use to read and modify user attributes. Running DomainPrep does the following:
Figure 2.9. Preparing to run DomainPrep on the domain.DomainPrep must also be run in the root domain, in domains that need to contain mailbox-enabled users or groups (regardless of whether Exchange will actually be installed in these domains), and in any domain that contains users or groups who will be given permission to manage the Exchange Server 2003 organization. The user who runs DomainPrep does not need to have any Exchange permissions. This user merely needs Domain Administrator permissions for the domain in which DomainPrep is being run. Permissions required for specific installation steps are covered more fully in Table 2.4.
Troubleshooting ForestPrep and DomainPrepSeveral problems can occur when you run ForestPrep. The most easily diagnosable is when the user account used to run ForestPrep does not have the correct permissions to modify the schema. Diagnosis is easy because the installation routine informs you with a message that the account you are using does not have the correct permissions (see Figure 2.10). To rectify the problem, ensure that an account that has Enterprise, Schema, and Domain Administrator permissions is used to run ForestPrep. Figure 2.10. The error that occurs when attempting to run ForestPrep without the correct permissions.If ForestPrep is run in a domain other than the one in which the Schema Master resides, it produces an error message instructing the administrator as to which domain the utility should be run in. To rectify this error, run ForestPrep in the domain containing the Schema Master. Another problem that might occur is when ForestPrep cannot contact any domain controller in the root domain of the forest (see Figure 2.11). In this case, you need to go back to DCDiag and NetDiag to attempt to locate the problem. It might be that the server hosting the Schema Master is down or that there is some other problem preventing communication between the server on which you are running ForestPrep and the rest of the domain. Figure 2.11. Installation fails because Schema Master is unable to be contacted.DomainPrep is less stringent in its permissions requirement and is thus less likely to cause errors. If DomainPrep is unable to run, it is because the account used to execute the utility does not have Domain Administrator privileges. The possible remedies are to run DomainPrep using an account that does have these permissions or to add the current account to the Domain Administrators group. DomainPrep can also fail if ForestPrep has not been run in the forest first, as the error message in Figure 2.12 shows. Figure 2.12. The error message that occurs when DomainPrep is run without ForestPrep being run first.If there are connectivity problems, again attempt to resolve them via DCDiag or NetDiag. Regardless of the permissions available, if a domain controller cannot be contacted, DomainPrep will be unable to execute properly. |
< Day Day Up > |