1. Completing the Installation of Exchange Server 2007
Postinstallation
tasks should be conducted after the first Exchange 2007 server has been
installed. Some of these postinstallation tasks will validate whether
the installation was successful, whereas other tasks are required to
ensure that the server is secure and operational. The postinstallation
tasks include the following:
Review installation logs
Review event logs
Obtain the latest Exchange critical updates
Verify server roles are installed
Run Microsoft Exchange Best Practice Analyzer
Reviewing Installation Logs
After
the first Exchange 2007 server installation is complete, administrators
should review the installation logs located on the root drive of the
installation path selected. The typical location of the installation
log file is C:\Program Files\Microsoft\Exchange Server\logging\SetupLogs.
The log files contain all the details pertaining to the installation of the Exchange server throughout the process.
Reviewing Event Logs
After
an administrator has verified the installation logs for any anomalies
and determined the implementation is a success, it is beneficial to
review the Windows event logs.
The
Application Event Log can contain both positive and negative Exchange
information about the installation. The Exchange events can consist of
information, warning, and critical errors. The Application Event Log
can be found by launching the Event Viewer included with Windows Server
2003.
Performing Postinstallation Exchange Server Updates
Exchange
Server 2007 is a constantly evolving set of technologies that
occasionally needs patching and updating to keep it ahead of the
constantly evolving threats and exploits on the Internet. Therefore, it
is key to update Exchange Server 2007 with the latest service packs and
security patches available for the system, and to check for new updates
as part of a regular maintenance plan.
Verify Server Roles Installed
Another
recommended postinstallation task is to verify that the appropriate
server roles were installed. This can be conducted by running the get-ExchangeServer command from within the Exchange Management Shell.
Microsoft Exchange Best Practice Analyzer
The
final recommended postinstallation task is to run the Exchange Best
Practice Analyzer tool included with Exchange Server 2007. The
Microsoft Exchange Best Practice Analyzer tool is designed for
administrators to determine the overall health of the Exchange
topology. The tool analyzes Exchange servers and verifies items that do
not adhere to Microsoft best practices against a local repository.
The
Exchange Best Practice Analyzer tool is no longer a separate download.
It can be found by expanding the Toolbox node in the Exchange
Management Console.
2. Performing a Scripted Installation of Exchange Server 2007
In
many enterprise situations, there is a need to automate the
installation of an Exchange server. Exchange Server 2007 has the
capability to automate the installation process with the assistance via
a command prompt and the Exchange Management Shell. The unattended
install file stores all the answers and configuration settings required
for installing Exchange Server 2007 based on an administrator’s input.
The automated process definitely speeds up the installation and is
great in environments where there is a need to install many Exchange
servers seamlessly.
Install Exchange Server 2007 in Unattended Mode via the Command Prompt
To
install the first Exchange 2007 server in Unattended mode, enter the
following parameters and run this procedure from the command prompt.
The predefined installation process consists of the following commands,
as illustrated in Listing 1.
Listing 1. Unattended Mode Setup Parameters
Setup /mode:<setup mode> /roles:<server roles to install>
[/TargetDir:<destination folder>] [SourceDir:<source folder>]
[/DomainController <FQDN of domain controller>] [/AnswerFile <file>]
[/DisableErrorReporting] [/NoSelfSignedCertificates]
[/AdamLdapPort <port>] [/AdamSslPort <port>] [/NewProvisionedServer]
[/RemoveProvisionedServer] [/ForeignForestFQDN]
[/ServerAdmin <user or group>] [/?]
|
The
following bullets explain the parameters and information that can be
inputted for installing Exchange Server 2007 in Unattended mode:
The /mode
parameter must be used to indicate the type of Exchange Server 2007
installation. The modes consist of Install, Upgrade, Uninstall, and
RecoverServer. The default Install mode occurs if a mode is not
indicated in the script.
The /roles
parameter must be used to indicate the type of server role that will be
installed. The server roles that can be used are Client Access, Edge
Transport, Hub Transport, Mailbox, and Unified Messaging as well as the
option to install the Exchange 2007 Management Tools. More than one
role can be selected. They must be separated by a comma.
The /TargetDir parameter represents the destination location for the Exchange Server 2007 installation files.
The /SourceDir
parameter represents the location of the source Exchange Server 2007
installation files. For example, this could be the DVD drive or a
location on a file server.
The /DomainController parameter is used to indicate which domain controller will be used in the forest to read and write information to and from AD.
The /Answerfile parameter is used to indicate the location of the file that contains advanced installation settings for Exchange Server 2007.
The /DisableErrorReporting parameter is used to disable error reporting during the installation of Exchange 2007.
The /NoSelfSignedCertificates
parameter is required if there isn’t a certificate authority present
within the infrastructure and there is a need to create self-signed
certificates for Secure Sockets Layer (SSL) or Transport Layer Security
(TLS) sessions. This option is only available when installing the
Client Access server role or the Unified Messaging server role.
The /AdamLdapPort <port> and /AdamSslPort <port>
parameters are used to indicate the Lightweight Directory Access
Protocol (LDAP) port and the SSL port used when defining connectivity
for an Edge Transport server role.
The /NewProvisionedServer
parameter should be used if there is a need to create a placeholder
object in AD for an Exchange 2007 server. The installation permissions
will be delegated, therefore, so that an administrator can conduct the
installation at a later point of time.
The /RemoveProvisionedServer parameter is similar to the /NewProvisionedServer parameter; however, instead of delegating permissions for installing Exchange, it removes the permissions.
The /ForeignForestFQDN
parameter is used when there is a need to configure Exchange Universal
Security groups in another forest. This is common in an Exchange
Federated Forest environment.
The /ServerAdmin
parameter is used when there is a need to provide an account with the
appropriate Exchange privileges when installing Exchange Server 2007.
3. Installing Other Exchange Server 2007 Server Roles into the Infrastructure
In
the past, there were typically two Exchange server roles: back-end
servers, which hosted mailboxes and public folders, and front-end
servers, which acted as a proxy gateway for clients. In Exchange 2007,
Microsoft has expanded the range of supported server roles. There are
now five major server roles, which are modular and can reside on a
single system or on many. The roles are as follows:
Client Access server role
Edge server role
Hub Transport server role
Unified Messaging server role
Mailbox server role
Installation of the Client Access Server Role
A
Client Access server role is similar to an Exchange 2003 front-end
server. It manages client access to connect to their Exchange mailbox
via services such as Outlook Web Access, Exchange Active Sync, and Post
Office Protocol version 3 (POP3).
It is
necessary to install a Client Access server if users access their
mailbox by using any client other than Microsoft Outlook.
Establishing Perimeter Security with the Edge Server Role
The
Edge Transport server role provides antivirus and antispam message
protection for the Exchange infrastructure. The Edge server role acts
as a message hygiene gateway and typically resides in a perimeter
network or demilitarized zone (DMZ). It is typically the SMTP gateway
for sending and receiving mail to and from the Internet.
Configuring Hub Transport Servers in an Exchange Server 2007 Environment
The
Hub Transport server role is responsible for moving mail between
Exchange Mailbox servers, similar to how bridgehead servers worked in
the past. This role can be configured on a dedicated server or can be
configured on a Mailbox server. A dedicated Hub Transport server is
typical for large organizations that have many Exchange servers within
a site or the company.
Installing a Unified Messaging Server System
The
Unified Messaging server role is new to Exchange. It acts as a gateway
for combining email, voice, and fax data into a single mailbox. All
this data can be accessed via the mailbox or a telephone.
Installing the Mailbox Server Role
The
Mailbox server role is the core role within Exchange Server 2007.
Regardless of the planned architecture, it is required to install at
least a Mailbox server role and Hub Transport server role for Exchange
2007 to function properly. The Mailbox server role hosts mailboxes and
mail enabled objects such as contacts and distribution lists.
