Exchange Server and Active Directory
Exchange Server 2013 is tightly integrated with Active Directory.
Not only does Exchange Server 2013 store information in Active
Directory, but it also uses the Active Directory routing topology to
determine how to route messages within the organization. Routing to and
from the organization is handled using transport servers.
Exchange stores four types of data in Active Directory: schema data
(stored in the Schema partition), configuration data (stored in the
Configuration partition), domain data (stored in the Domain partition),
and application data (stored in application-specific partitions). In
Active Directory, schema rules determine what types of objects are
available and what attributes those objects have. When you install the
first Exchange server in the forest, the Active Directory preparation
process adds many Exchange-specific object classes and attributes to
the Schema partition in Active Directory. This allows Exchange-specific
objects, such as agents and connectors, to be created. It also allows
you to extend existing objects, such as users and groups, with new
attributes, such as attributes that allow user objects to be used for
sending and receiving email. Every domain controller and global catalog
server in the organization has a complete copy of the Schema partition.
During
the installation of the first Exchange server in the forest, Exchange
configuration information is generated and stored in Active Directory.
Exchange configuration information, like other configuration
information, is also stored in the Configuration partition. For Active
Directory, the configuration information describes the structure of the
directory, and the Configuration container includes all of the domains,
trees, and forests, as well as the locations of domain controllers and
global catalogs. For Exchange, the configuration information is used to
describe the structure of the Exchange organization. The Configuration
container includes lists of templates, policies, and other global
organization–level details. Every domain controller and global catalog
server in the organization has a complete copy of the Configuration
partition.
In Active Directory, the Domain partition stores
domain-specific objects, such as users and groups, and the stored
values of attributes associated with those objects. As you create,
modify, or delete objects, Exchange stores the details about those
objects in the Domain partition. During the installation of the first
Exchange server in the forest, Exchange objects are created in the
current domain. Whenever you create new recipients or modify Exchange
details, the related changes are reflected in the Domain partition as
well. Every domain controller has a complete copy of the Domain
partition for the domain for which it is authoritative. Every global
catalog server in the forest maintains information about a subset of
every Domain partition in the forest.
Understanding how Exchange routes messages
Within the organization, the Transport service on Mailbox servers
uses the information about sites stored in Active Directory to
determine how to route messages, and these servers can also route
messages across site links. They do this by querying Active Directory
about its site membership and the site membership of other servers, and
then using the information they discover to route messages
appropriately. Because of this, when you are deploying an Exchange
Server 2013 organization, no additional configuration is required to
establish routing in the Active Directory forest.
For mail delivery within the organization, additional routing configuration is necessary only in these specific scenarios:
-
If you deploy an Exchange Server 2013 organization with multiple
forests, you must install Exchange Server 2013 in each forest and then
connect the forests using appropriate cross-forest trusts. The trust
allows users to see address and availability data across the forests.
-
In an Exchange Server 2013 organization, if you want direct mail
flow between Exchange servers in different forests, you must configure
SMTP send connectors and SMTP receive connectors on the Mailbox servers
that should communicate directly with each other.
You
can use two types of Mail Transport servers: Mailbox servers and legacy
Edge Transport servers. You deploy Mailbox servers within the
organization. The Transport service on Mailbox servers handles mail
delivery and receipt of mail. Two new services are used to deliver mail
items to and receive mail items from other servers:
-
Microsoft Exchange Mailbox Transport Delivery service
. Handles inbound mail items. After receiving mail
items for delivery to a mailbox on the current server, the service
submits the mail items for processing and then delivers them into the
appropriate mailbox database on the server.
-
Microsoft Exchange Mailbox Transport Submission service
. Handles outbound mail items. After receiving mail
items for submission, the service ensures messages are converted from
MAPI to MIME and then passes them along to the Transport service. The
Transport service then routes the mail items for delivery.
With Mailbox servers as your transports, no other special
configuration is needed for message routing to external destinations.
You must configure only the standard mail setup, which includes
identifying DNS servers to use for lookups. With legacy Edge Transport
servers, you can optimize mail routing and delivery by configuring
one-way synchronization from the internal Mailbox servers to the
perimeter network’s Edge Transport servers. Beyond this, no other
special configuration is required for mail routing and delivery.
You deploy legacy Edge Transport servers in the
organization’s perimeter network for added security. Typically a
perimeter network is a secure network set up outside the organization’s
private network. When you have Edge Transport servers, mail items from
outside the organization are received first by the Edge transport
servers, which can perform anti-malware and anti-spam checks before
passing along mail items to internal Mailbox servers for delivery. Mail
items for submission outside the organization are passed from internal
Mailbox servers to Edge Transport servers which then submit the mail
items for delivery outside the organization.
Exchange Online and Office 365
Exchange Online is a cloud-based service from Microsoft that allows
you to implement an online or hybrid implementation of Exchange.
Although Exchange Online can be your only solution for all your
enterprise messaging needs, a hybrid implementation gives you an
integrated online and on-premises solution.
You can get Exchange Online as a standalone service or as part of an
Office 365 plan. Currently, Microsoft offers several Exchange Online
plans, including a basic plan and an advanced plan. The key differences
between the basic and advanced plans are the inclusion of in-place hold
and data loss prevention options that may be needed to meet compliance
and regulatory requirements. Both plans support Active Directory
integration for single sign-on, synchronization with your on-premises
Active Directory infrastructure, and creation of hybrid Exchange
organizations.
Microsoft offers a variety of Office 365 plans. Some of
these plans include access to Office Web Apps, the full desktop
versions of Office, or both, as well as access to Exchange Online.
You’ll likely want to use an Office 365 midsize business or enterprise
plan. These plans include Active Directory integration, which is
required if you want to create a hybrid Exchange organization.
