mcts training kit 70 - 652 70-622 Configuring Microsoft Exchange Server 2010 phần 1 pps

By using this training kit, you will learn how to do the following: n Install and configure Exchange Server 2010 n Configure Exchange Recipients and Public Folders n Configure Client Acc

Exam 70-622: Configuring Microsoft Exchange Server 2010

1 INSTALLING AND CONFIGURING EXCHANGE SERVERS

2 CONFIGURING EXCHANGE RECIPIENTS AND PUBLIC FOLDERS

2.3 Create and configure resource mailboxes and shared mailboxes 3 2

2.4 Create and configure recipients and distribution groups 4 1

3 CONFIGURING CLIENT ACCESS

4 CONFIGURING MESSAGE TRANSPORT

5 MONITORING AND REPORTING

6 IMPLEMENTING HIGH AVAILABILITY AND RECOVERY

6.1 Create and configure the Database Availability Group (DAG) 13 1

6.4 Configure high availability for non-mailbox servers 13 3

7 CONFIGURING MESSAGE COMPLIANCE AND SECURITY

Exam Objectives The exam objectives listed here are current as of this book’s publication date Exam objectives

are subject to change at any time without prior notice and at Microsoft’s sole discretion Please visit the Microsoft Learning Web site for the most current listing of exam objectives: http://www.microsoft.com/learning/en/us/ Exam.aspx?ID=70-662.

PUBLISHED BY

Microsoft Press

A Division of Microsoft Corporation

One Microsoft Way

Redmond, Washington 98052-6399

Copyright © 2011 by Orin Thomas and Ian McLean

All rights reserved No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher

Library of Congress Control Number: 2010934186

Printed and bound in the United States of America

Microsoft Press books are available through booksellers and distributors worldwide For further infor mation about international editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329 Visit our Web site at www.microsoft.com/mspress Send comments

to tkinput@microsoft.com

Microsoft and the trademarks listed at http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US.aspx are trademarks of the Microsoft group of companies All other marks are property of their respective owners

The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred

This book expresses the author’s views and opinions The information contained in this book is provided without any express, statutory, or implied warranties Neither the authors, Microsoft Corporation, nor its resellers, or distributors will be held liable for any damages caused or alleged to be caused either directly or indirectly by this book

Acquisitions Editors: Ken Jones and Devon Musgrave

Developmental Editors: Laura Sackerman and Devon Musgrave

Project Editor: Carol Vu

Editorial Production: Ashley Schneider, S4Carlisle Publishing Services

Technical Reviewer: Bob Dean; Technical Review services provided by Content Master, a member of CM

Group, Ltd

Cover: Tom Draper Design

Body Part No X17-13468

For my grandmother, Joanie Thomas (1927–2010), who passed away during the writing of this book.

—Orin ThOmas

This book is dedicated to my parents, Robert and Isabella McLean,

on their sixty-fifth wedding anniversary.

—ian mcLean

Contents at a Glance

CHAPTER 2 Exchange Databases and Address Lists 45

CHAPTER 4 Distribution Groups and Public Folders 139

CHAPTER 6 Federated Sharing and Role Based Access Control 217

CHAPTER 9 Monitoring Exchange Server 2010 385

CHAPTER 11 Managing Records and Compliance 541 CHAPTER 12 Message Integrity, Antivirus, and Anti-Spam 613 CHAPTER 13 Exchange High-Availability Solutions 691

Contents

Lab Setup Instructions xxv

Hardware Requirements xxv Using the CD xxvi

How to Install the Practice Tests xxvi How to Use the Practice Tests xxvii How to Uninstall the Practice Tests xxviii Microsoft Certified Professional Program xxviii

Errata and Book Support xxix

We Want to Hear from You xxix

Stay in Touch xxix

Chapter 1 Installing Exchange Server 2010 1 Before You Begin 2

Configure the Environment for Exchange Server 2010 3

Preparing a New Environment for Exchange 2010 3 Preparing for Coexistence and Migration 8 Lesson Summary 10 Lesson Review 11 Configure the Server to Host Exchange Server 2010 13

Preparing a Host for the Installation

Configuring Server Roles and Features for Exchange 15

x Contents

Deploy Exchange Server 2010 Roles 21

Take a Practice Test 43

Chapter 2 Exchange Databases and Address Lists 45

Before You Begin 45Deploying Exchange Databases 47

Address List Configuration 65

Contents

Suggested Practices 90

Take a Practice Test 91

Before You Begin 93

Resources and Shared Mailboxes 118

Creating and Configuring Resource Mailboxes 118

Create and Configure Resource Mailboxes

Take a Practice Test 137

xii Contents

Chapter 4 Distribution Groups and Public Folders 139

Before You Begin 140Managing Recipients and Distribution Groups 141

Setting Up Public Folders 158

Take a Practice Test 176

Before You Begin 177IMAP, POP, and Microsoft ActiveSync 179

Contents

Outlook Anywhere and RPC Clients 193

Take a Practice Test 216

Chapter 6 Federated Sharing and Role Based Access Control 217

Before You Begin 218

Role Based Access Control 220

Configuring Federated Sharing 240

Find Out More about the Microsoft Federation Gateway 269

Take a Practice Test 269

Before You Begin 271Managing Transport Rules 273

Setting Up Message Routing 312

Using Active Directory Sites

Configuring Foreign Connectors for Compliance 336

Investigate the Send and Receive

Take a Practice Test 353

Chapter 8 Configuring Transport Servers 355

Before You Begin 355

Hub Transport Servers 357

Transport Settings and Transport

Edge Transport Servers 368

xvi Contents

Suggested Practices 383Further Configuration of Hub Transport Servers 383Further Configuration of Edge Transport Servers 383Take a Practice Test 383

Chapter 9 Monitoring Exchange Server 2010 385

Before You Begin 385Monitoring Exchange Databases 387Monitoring Exchange Database Information and Statistics 387

Monitoring Mail Flow 411

Suspending, Resuming, and Retrying Queues 422

Monitoring Exchange Connectivity 439

Investigate Protocol Connectivity Cmdlets 467Take a Practice Test 467

Contents

Before You Begin 469

Generating Reports 471

Creating Reports on Number of Users

Using Exchange Server Performance Monitor 486Using the Microsoft Exchange Best Practices

Managing Logging 497

Clauses That Enable You to Format Statistical Reports 540

xviii Contents

Install or Access an Edge

Take a Practice Test 540

Chapter 11 Managing Records and Compliance 541

Before You Begin 541Managing Records 543

Investigate the New-TransportRule EMS cmdlet 610

Create Message Classifications, MailTips,

Take a Practice Test 611

Contents

Chapter 12 Message Integrity, Antivirus,

Before You Begin 614

Ensuring Message Integrity 616

Configuring Permissions on Active

Managing Anti-Spam and Antivirus

Countermeasures 646

Implementing File-Level Antivirus Scanning 671

Take a Practice Test 689

xx Contents

Chapter 13 Exchange High-Availability Solutions 691

Before You Begin 691Managing Database Availability Groups 693

Highly Available Public Folders 705

High Availability for Other Exchange Roles 713

High Availability for Other Exchange Roles 728Take a Practice Test 728

Before You Begin 729

Contents

Backup and Recover Exchange Data 731

Creating an Exchange Server Disaster Recovery Plan 736

Recovering a Mailbox within the Deleted

Recovering Exchange Roles 757

Creating a Disaster Recovery Plan Based on Exchange Roles 757

Clone an Edge Transport Server (Optional) 777

Take a Practice Test 778

Acknowledgments

Writing a book is always a team effort, and we have the advantage of an excellent team

working hard behind the scenes and, unlike the authors, never seeing their names

on the front cover We are grateful to our acquisitions editors—Ken Jones, who arranged

the contract, and Devon Musgrave, who took over from Ken at a critical point—and to

our developmental editors, Laura Sackerman and (again) Devon Musgrave, who guided us

through the initial stages

Possibly the key person in the entire team is the project editor, who holds the whole

team together We had not worked with Carol Vu previously, and it was a pleasure to do so

Carol was understanding and helpful when problems arose, but she also kept a firm hand

on the schedule We were also pleased that Bob Dean was available as our technical reviewer

and was there to point out any slips we made and to question our assumptions

Adherence to standards of layout and literacy is vital to the quality of a book

and to the reader experience We are grateful for the considerable contribution made

by our copy editor, Bruce Owens

Few creatures are as antisocial as an author in midbook, and we are both lucky to have

understanding and supportive wives This book must have been particularly stressful

to Oksana, who had to cope both with moving house and with a young child, and to

Anne, who had problems with her health Nevertheless, neither wavered in their support

So, many thanks Oksana and Anne, you are an essential and valued part of the team

Introduction

This training kit is designed for IT professionals who are responsible for managing the

Exchange Server 2010 messaging system in enterprise environments To make best use

of this training kit, you should have at least one year of experience configuring and managing

Exchange Server 2010 in an organizational environment

By using this training kit, you will learn how to do the following:

n Install and configure Exchange Server 2010

n Configure Exchange Recipients and Public Folders

n Configure Client Access

n Configure Message Transport

n Monitor and troubleshoot Exchange Server 2010

n Implement High Availability and Recovery

n Configure Message Compliance and Security

Lab Setup Instructions

The exercises in this training kit require a minimum of four servers or virtual machines

running Windows Server 2008 R2 Enterprise edition Instructions for configuring all

computers used for the practice labs are provided in the appendix You need access to either

the full or an evaluation version of Exchange Server 2010 to be able to perform the practice

exercises in this book

All computers must be connected to the same network We recommend that you use

an isolated network that is not part of your production network to do the practice exercises

To minimize the time and expense of configuring physical computers, we recommend you

use virtual machines Your virtual machine software must support 64-bit guests

Hardware Requirements

You can complete almost all practice exercises in this book using virtual machines rather

than real hardware The minimum and recommended hardware requirements for Exchange

Server 2010 are listed in Table I-1

xxvi Introduction

TABLE I-1 Exchange Server 2010 Minimum Hardware Requirements

HARDWARE COMPONENT REQUIREMENTS

Processor X64 architecture–based computer with either Intel 64

architecture or AMD processor that supports AMD64 platform

RAM 4 GB (though possible to perform labs on virtual machines

with 2 GB RAM)Disk Space 1.2 GB on the volume where Exchange is installed

Graphics Adapter 800 x 600 pixels or higher

If you intend to implement all virtual machines on the same computer (recommended),

a higher specification will enhance your user experience In particular a computer with 8 GB RAM and 100 GB available disk space can host all the virtual machines specified for all the practice exercises in this book if each virtual machine is configured with 2 GB of RAM No single lab exercise in this book requires more than three computers to be active at any one time

Using the CD

The companion CD included with this training kit contains the following:

n Practice tests You can reinforce your understanding of how to configure and manage Exchange Server 2010 by using electronic practice tests you customize to meet your needs from the pool of Lesson Review questions in this book Or you can practice for the 70-662 certification exam by using tests created from a pool of 200 realistic exam questions, which give you many practice exams to ensure that you are prepared

n An eBook An electronic version of this book is included for when you do not want

to carry the printed book with you The eBook can be viewed as a Portable Document Format (PDF) in Adobe Acrobat or Adobe Reader or in XMS Paper Specification (XPS)

How to Install the Practice Tests

To install the practice test software from the companion CD to your hard disk, do the

following:

1. Insert the companion CD into your CD drive and accept the license agreement A CD menu appears

xxvii Introduction

NOTE IF THE CD MENU DOES NOT APPEAR

If the CD menu or the license agreement does not appear, AutoRun might

be disabled on your computer Refer to the Readme.txt file on the CD-ROM

for alternate installation instructions.

2. Click Practice Tests and follow the instructions on the screen

How to Use the Practice Tests

To start the practice test software, follow these steps:

1. Click Start, click All Programs, and then select Microsoft Press Training Kit Exam Prep

A window appears that shows all the Microsoft Press training kit exam prep suites

installed on your computer

2. Double-click the lesson review or practice test you want to use

NOTE LESSON REVIEWS VERSUS PRACTICE TESTS

Select the (70-662) Microsoft Exchange Server 2010, Configuring lesson review, to use

the questions from the “Lesson Review” sections of this book Select (70-662) Microsoft

Exchange Server 2010, Configuring practice test, to use a pool of 200 questions similar

to those that appear on the 70-662 certification exam.

Lesson Review Options

When you start a lesson review, the Custom Mode dialog box appears so that you can

configure your test You can click OK to accept the defaults, or you can customize the number

of questions you want, how the practice test software works, which exam objectives you want

the questions to relate to, and whether you want your lesson review to be timed If you are

retaking a test, you can select whether you want to see all the questions again or only the

questions you missed or did not answer

After you click OK, your lesson review starts

n To take the test, answer the questions and use the Next and Previous buttons to move

from question to question

n After you answer an individual question, if you want to see which answers are

correct—along with an explanation of each correct answer—click Explanation

n If you prefer to wait until the end of the test to see how you did, answer all the

questions and then click Score Test You will see a summary of the exam objectives

you chose and the percentage of questions you got right overall and per objective

You can print a copy of your test, review your answers, or retake the test

xxviii Introduction

Practice Test Options

When you start a practice test, you choose whether to take the test in Certification Mode, Study Mode, or Custom Mode:

n Certification Mode Closely resembles the experience of taking a certification exam The test has a set number of questions It is timed, and you cannot pause and restart the timer

n Study Mode Creates an untimed test during which you can review the correct answers and the explanations after you answer each question

n Custom Mode Gives you full control over the test options so that you can customize them as you like

In all modes, the user interface when you are taking the test is basically the same but with different options enabled or disabled, depending on the mode The main options are discussed in the previous section, “Lesson Review Options.”

When you review your answer to an individual practice test question, a “References” section is provided that lists where in the training kit you can find the information that relates

to that question and provides links to other sources of information After you click Test Results

to score your entire practice test, you can click the Learning Plan tab to see a list of references for every objective

How to Uninstall the Practice Tests

To uninstall the practice test software for a training kit, use the Program And Features option

in Windows Control Panel

Microsoft Certified Professional Program

The Microsoft certifications provide the best method to prove your command of current Microsoft products and technologies The exams and corresponding certifications are

developed to validate your mastery of critical competencies as you design and develop—or implement and support—solutions with Microsoft products and technologies Computer professionals who become Microsoft certified are recognized as experts and are sought after industry-wide Certification brings a variety of benefits to the individual and to employers and organizations

For a full list of Microsoft certifications, go to http://www.microsoft.com/learning/mcp/

default.asp.

xxix Introduction

Errata and Book Support

We’ve made every effort to ensure the accuracy of this book and its companion content

If you do find an error, please report it on our Microsoft Press site at Oreilly.com:

1. Go to http://microsoftpress.oreilly.com.

2 In the Search box, enter the book’s ISBN or title.

3. Select your book from the search results

4. On your book’s catalog page, under the cover image, you’ll see a list of links

5 Click View/Submit Errata.

You’ll find additional information and services for your book on its catalog page If you need

additional support, please e-mail Microsoft Press Book Support at tkinput@microsoft.com.

Please note that product support for Microsoft software is not offered through

the addresses above

We Want to Hear from You

At Microsoft Press, your satisfaction is our top priority, and your feedback our most valuable

asset Please tell us what you think of this book at:

http://www.microsoft.com/learning/booksurvey

The survey is short, and we read every one of your comments and ideas Thanks in advance

for your input!

Stay in Touch

Let’s keep the conversation going! We’re on Twitter: http://twitter.com/MicrosoftPress

Preparing for the Exam

Microsoft certification exams are a great way to build your resume and let

the world know about your level of expertise Certification exams validate

your on-the-job experience and product knowledge Although there is no

substitute for on-the-job experience, preparation through study and hands-on

practice can help you prepare for the exam We recommend that you augment your

exam preparation plan by using a combination of available study materials and

courses For example, you might use the Training Kit and another study guide for

your “at home” preparation, and take a Microsoft Official Curriculum course for the

classroom experience Choose the combination that you think works best for you.

CHAPTER 1 1

C H A P T E R 1

Installing Exchange Server 2010

It is impossible to understate the importance of getting the deployment of Exchange

Server 2010 right The decisions that you make during deployment are decisions that your organization is going to have to live with for a long time This is because while Exchange Server 2010 is relatively straightforward to deploy, if you make a problematic deployment decision, you may have to spend a significant amount of time implementing work-arounds for that initial misjudgment There is an old saying—measure twice, cut once—which suggests that you should check and recheck your plans before implementing them in the real world This counts doubly for the deployment of Exchange Server 2010

While the Exchange Server 2010 setup routine stops you from installing Exchange if

it detects a blocking issue, the checks that the routine performs are not infallible As an Exchange Server 2010 administrator, you should be cognizant of the settings you should configure to prepare for an Exchange Server deployment, and you should not just rely on the operating system installation routine to perform the check for you In this chapter, you will learn the steps you need to take to configure a network environment and a server host for the deployment of Exchange Server 2010 You will learn what you need to do to prepare

an environment that already has an Exchange deployment, and you will learn how to install Exchange Server 2010

Exam objectives in this chapter:

n Prepare the infrastructure for Exchange

n Install Exchange prerequisites

n Install Exchange Roles

Lessons in this chapter:

n Lesson 1: Configure the Environment for Exchange Server 2010 3

n Lesson 2: Configure the Server to Host Exchange Server 2010 13

n Lesson 3: Deploy Exchange Server 2010 Roles 21

Installing Exchange

Server 2010

Before You Begin

Lesson 1: Configure the Environment for Exchange Server 2010

Preparing a New Environment for Exchange 2010Preparing for Coexistence and Migration

Lesson SummaryLesson Review

Lesson 2: Configure the Server to Host

Exchange Server 2010Hardware and Software Requirements

Preparing a Host for the Installation

of Exchange Server 2010Configuring Server Roles and Features for Exchange

Lesson SummaryLesson Review

Lesson 3: Deploy Exchange Server 2010 Roles

Installing Exchange Server 2010Exchange Server 2010 Editions

Postinstallation TasksFirewall Configuration

Verifying SetupLesson Summary

Lesson ReviewChapter Review

Chapter SummaryCase Scenarios

2 CHAPTER 1 Installing Exchange Server 2010

Before You Begin

In order to complete the exercises in the practice sessions in this chapter, you need to have done the following:

n Have access to an evaluation edition of Windows Server 2008 R2 or later

n Have access to an evaluation edition of Exchange Server 2010

n Install Windows Server 2008 R2 on two separate computers Ensure that the default Administrator account on each of these computers is configured with the password

Pa$$w0rd.

n Have access to the x64 installation file for the 2007 Office System Converter: Microsoft Filter Pack

You can download the 2007 Office System Converter: Microsoft Filter Pack from the

Microsoft download center at http://www.microsoft.com/downloads/en/default.aspx.

Lesson 1: Configure the Environment for Exchange Server 2010 CHAPTER 1 3

Lesson 1: Configure the Environment for Exchange

Server 2010

Active Directory must be suitably prepared before it is possible to introduce Exchange Server

2010 or upgrade an existing Exchange deployment If Active Directory Domain Services is not

suitably prepared, it will not be possible to install Exchange Server 2010 In this lesson, you

will learn what steps you need to take to prepare Active Directory and an existing Exchange

environment for the deployment of Exchange Server 2010

After this lesson, you will be able to:

n Prepare the Active Directory environment for the introduction of Exchange

Server 2010

n Prepare an existing Exchange deployment for Exchange Server 2010

Estimated lesson time: 40 minutes

Preparing a New Environment for Exchange 2010

The first step preparing to deploy Exchange Server 2010 is ensuring that the domain and

forest are set to the appropriate functional level To introduce Exchange Server 2010 to

an Active Directory environment, the forest must be configured at the Windows Server

2003 functional level or higher The functional level that you can configure for a domain

is dependent on the operating system deployed on each domain controller in that domain

A Windows Server 2003 functional level domain requires domain controllers running the

Windows Server 2003 operating system or later A Windows Server 2008 functional level

domain requires domain controllers running the Windows Server 2008 operating system

or later Forest functional levels are dependent on the domain functional level of all the

domains in a forest The Windows Server 2003 forest functional level can be set only if all of

the domains in the forest are configured at the Windows Server 2003 domain functional level

or higher In addition to the Windows Server 2003 forest functional level requirement, it is

necessary for the environment to meet the following conditions:

n The computer that holds the Schema Master role must be running the Windows Server

2003 operating system or later

n The computer that functions as the Global Catalog server at each site must be running

the Windows Server 2003 operating system with Service Pack 1 or later

Although Microsoft Exchange Server 2010 became available after the release of Windows

Server 2008 R2, there are many real-world networks where domains are not set at the

Windows Server 2003 functional level or higher This may be because older Windows 2000

domain controllers are still present on the network It also may be because administrators

never raised the functional level on networks that initially had Windows 2000 or Windows NT

4 CHAPTER 1 Installing Exchange Server 2010

domain controllers when those domain controllers were eventually decommissioned You can view the domain and forest functional level using the Active Directory Domains and Trusts console, as shown in Figure 1-1 You can also raise the domain and forest functional levels using this console You will modify functional levels in the first practice exercise at the end

of this chapter

FIGURE 1-1 View functional level

Once you have ensured that the domain and forest are set to the appropriate level and that the Global Catalog servers and Schema Master meet the minimum requirements, you need to perform three steps prior to introducing the first Exchange Server 2010 server in your environment

n Prepare the Active Directory Schema

n Prepare Active Directory

n Prepare domains that will host Exchange Server 2010

You must complete additional preliminary steps required if your organization has an existing Exchange Server 2003 deployment You will learn about these steps later in this lesson

EXAM TIP

The 70-662 exam objectives do not directly address the Unified Messaging role

Prepare Schema

If your environment does not have an existing Exchange 2003 deployment, the first step that

you need to take to prepare Active Directory is to run the command Setup /PrepareSchema

This can be done separately, or it can be done automatically as part of the installation of

Lesson 1: Configure the Environment for Exchange Server 2010 CHAPTER 1 5

the first Exchange Server 2010 server in the organization As the 70-662 exam concentrates

on the separate predeployment steps, these steps will are given separate treatment in this

chapter Prior to running the Setup /PrepareSchema command, you must ensure that the

following conditions are met:

n You must execute this command from a user account that is a member of both the

Schema Admins group and the Enterprise Admins group

n You must execute this command on a 64-bit computer in the same Active Directory

domain and same Active Directory site as the computer that holds the Schema Master role

n The forest functional level is set to Windows Server 2003 or higher

n The computer hosting the Schema Master role is running the Windows Server 2003

operating system or later operating system, such as Windows Server 2008

n Computers that function as Global Catalog Servers in each site are running the

Windows Server 2003 operating system with Service Pack 1 or later or a later

operating system, such as Windows Server 2008

You can determine which computer in your environment holds the Schema Master role

using the Active Directory Schema snap-in This snap-in becomes available for custom MMCs

when you run the command regsvr32 schmmgmt.dll You can then view the Schema Master

by selecting Operations Master from the File menu, as shown in Figure 1-2 You can also

determine which computer holds the Schema Master role by running the command dsquery

server –hasfsmo schema from an elevated command prompt.

FIGURE 1-2 Locate Schema Master

You should wait for the changes that running this command makes to replicate across your

organization prior to performing the step of preparing Active Directory If your organization’s

domain controllers are running the Windows Server 2003 operating system, you can track

replication across the domain using the Active Directory Replication Monitor tool (replmon

.exe), which is part of the Windows Server 2003 Support Tools If your organization’s domain

controllers are running the Windows Server 2008 operating system or later, you can use the

repadmin.exe tool to monitor, diagnose, and troubleshoot replication issues

6 CHAPTER 1 Installing Exchange Server 2010

To learn more about monitoring Active Directory replication with the repadmin.exe

tool, consult the following link on TechNet: http://technet.microsoft.com/en-us/library/

cc770963(WS.10).aspx.

Quick Check

n Which security group must a user be a member of to successfully run the command setup /PrepareSchema?

Quick Check Answer

n Enterprise Admins and Schema Admins.

Preparing Active Directory

Once the changes introduced by running Setup /PrepareSchema have propagated throughout the organization, you need to run the Setup /PrepareAD command You will need to specify

the name of the Exchange organization that you are creating if no present organization exists Figure 1-3 shows the execution of this command in an Active Directory environment that does not have an existing Exchange organization

FIGURE 1-3 Configuring Active Directory with Exchange Organization information

Running the Setup /PrepareAD /OrganizationName command accomplishes

Lesson 1: Configure the Environment for Exchange Server 2010 CHAPTER 1 7

n Creates the containers and objects under the CN=<Organization Name>,CN=Microsoft

Exchange,CN=Services,CN=Configuration,DC=<root domain>

n Creates the default Accepted Domains entry based on the forest root namespace

n Sets permissions in the configuration partition

n Creates the Microsoft Exchange Security Groups OU in the root domain Creates the

following groups within this OU:

• Exchange Organization Administrators

• Exchange Recipient Administrators

• Exchange Servers

• Exchange View-Only Administrators

• Exchange Public Folder Administrators

• ExchangeLegacyInterop

n Prepares the local domain for the introduction of Exchange This means that it is not

necessary to run the Setup /PrepareDomain command in the specific domain where

you ran the Setup /PrepareAD command.

This command must be run using a user account that is a member of the Enterprise

Admins group Like the Setup /PrepareSchema command, you must run this command on

a computer that is in the same domain and Active Directory site as the computer that holds

the Schema Master role You learned how to determine which computer hosts the Schema

Master role earlier in this lesson You should ensure that the changes introduced by running

this command are able to propagate across your organization before preparing domains for

the introduction of Exchange Server 2010 using the Setup /PrepareDomain command You

learned how to track and verify Active Directory replication earlier in this lesson

Preparing Individual Domains for the Introduction of Exchange

The final step in preparing Active Directory for the introduction of Exchange Server 2010

is to run the Setup /PrepareDomain or Setup /PrepareAllDomains command The Setup

/PrepareAllDomains command performs the same function as the Setup /PrepareDomain

command, except that it prepares all domains in the forest rather than a specific domain

Accounts used to run this command must be configured as follows:

n The account used to run Setup /PrepareAllDomains command must be a member of

the Enterprise Admins group

n If the domain was created prior to the execution of the Setup /PrepareAD command

and you are running Setup /PrepareDomain, the user account that is used to run

this command must be a member of the Domain Admins group in the domain the

command is being run against

n If the domain was created after the execution of the Setup /PrepareAD command,

the account used to run Setup /PrepareDomain must be a member of the Exchange

Organization Administrators group and the Domain Admins group in the domain

that the command is being run against

8 CHAPTER 1 Installing Exchange Server 2010

Running Setup /PrepareDomain performs the following tasks:

n Configures permissions for Exchange Servers, Exchange Organization Administrators, Authenticated Users, Exchange Servers, Exchange Recipient Administrators, and Exchange Mailbox Administrators groups

n Creates a domain global group called Exchange Install Domain Servers

It is not necessary to run this command in the domain where you ran the Setup

/PrepareAD command, as running Setup /PrepareAD also prepares the local domain.

For more information on preparing Active Directory and domains, consult the following

document on TechNet: http://technet.microsoft.com/en-us/library/bb125224.aspx.

Preparing for Coexistence and Migration

As it is not possible to directly upgrade a server running Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010, it is necessary to plan for a period of coexistence between the two different versions of the messaging system This period of coexistence will allow the migration of organizational resources from servers running the previous version of Exchange to Exchange Server 2010 Exchange Server 2010 supports coexistence with Exchange Server 2003, Exchange Server 2007, and mixed Exchange Server 2003 and Exchange Server 2007 environments Exchange Server 2010 does not support coexistence with Exchange 2000 Server organizations To migrate from Exchange 2000 to Exchange Server 2010, you must first migrate to either an Exchange Server 2003 or an Exchange Server 2007 organization

NOTE UPGRADE AND MIGRATION TERMINOLOGY

In the exam objectives, “migration” in this sense means moving from one Exchange version

to another In the exam objectives, the term “upgrade” implies a direct in-place upgrade, which is not possible In the Exchange documentation, the term “migration” is used only

to discuss moving from a foreign messaging system to Exchange or from Exchange to a foreign messaging system In the Exchange documentation, “upgrade” is used when moving data from one server, such as an Exchange Server 2007 mailbox server to an Exchange

Server 2010 mailbox server In the exam, the context is explained, and you should remember that you cannot directly upgrade a server running one version of Exchange to another.

Preparing an Exchange Server 2003 Environment

for Exchange 2010

If your organization has an existing Exchange Server 2003 deployment, you must run

the Setup /PrepareLegacyExchangePermissions command prior to running the Setup

/PrepareSchema command Running this command ensures that the Exchange 2003 Recipient

Lesson 1: Configure the Environment for Exchange Server 2010 CHAPTER 1 9

Update Service will function correctly after you update the Active Directory schema using the

Setup /PrepareSchema command.

There are two ways to run Setup /PrepareLegacyExchangePermissions If you run the

command without any additional options, all domains in the forest are prepared for Exchange

Server 2010 As an alternative, you can run the command in each domain in the forest,

though you need to ensure that you run the command in the domain that holds the server

that holds the schema master role first

The user account that runs the command Setup /PrepareLegacyExchangePermissions with

the target, as all domains in the forest must be a member of the Enterprise Admins group If

the command is being run for a specific domain, the account used to run the command must

be a member of the Domain Admins group and must have been delegated the Exchange Full

Administrator permissions in the existing Exchange Server 2003 infrastructure

To learn more about preparing legacy exchange permissions in an Exchange Server 2003

organization prior to the deployment of Exchange Server 2010, consult the following

document on TechNet: http://technet.microsoft.com/en-us/library/aa997914.aspx.

When preparing for coexistence between Exchange Server 2003 and Exchange

Server 2010, consider the following:

n Exchange Server 2010 can coexist with an Exchange Server 2003 organization only if

that organization is configured to use Native rather than Mixed mode An Exchange

Server 2003 organization in Mixed mode will need to be converted to Native mode

before Exchange Server 2010 can be introduced

n Existing Exchange Server 2003 servers have Service Pack 2 installed prior to beginning

Exchange Server 2010 deployment

n Introduce servers in Internet-facing sites first

n Deploy Exchange Server 2010 roles in the following order: Client Access, Hub

Transport, Mailbox, and Unified Messaging You can also choose to deploy a typical

Exchange Server 2010 installation where you deploy these roles at the same time

If the existing Exchange 2003 organization contains more than one routing group and

you are intending to configure more than one routing group connector between Exchange

2003 routing groups and Exchange 2010, you will need to configure Exchange Server 2003

to suppress link state updates You perform this procedure by using the Registry Editor to

modify the registry on each Exchange Server 2003 server in the organization

To learn more about deploying Exchange Server 2010 in an environment that has an

existing Exchange Server 2003 deployment, consult the following TechNet document:

http://technet.microsoft.com/en-us/library/aa998186.aspx.

10 CHAPTER 1 Installing Exchange Server 2010

To learn more about configuring suppression of Link State updates, consult the following

article on TechNet: http://technet.microsoft.com/en-us/library/aa996728.aspx.

Preparing Exchange 2007 Coexistence

Preparing for coexistence between Exchange Server 2007 and Exchange Server 2010 is simpler than preparing for coexistence with Exchange Server 2003 When preparing for coexistence between Exchange Server 2007 and Exchange Server 2010, consider the following:

n It is not necessary to run Setup /PrepareLegacyExchangePermissions when preparing

to deploy Exchange Server 2010 in an existing Exchange Server 2007 organization

n You do need to upgrade all servers running Exchange Server 2007 to Exchange Server

2007 Service Pack 2 before coexistence with Exchange Server 2010 is possible

n You should deploy the first Exchange Server 2010 servers in Internet-facing Active Directory sites This is because Client Access proxying works from Exchange Server 2010 Client Access servers to Exchange Server 2007 Client Access servers but does not work in the opposite direction

n You should deploy Exchange Server 2010 roles in the following order: Client

Access, Hub Transport, Mailbox, and Unified Messaging You can also choose to deploy a typical Exchange Server 2010 installation where you deploy these roles

at the same time

To learn more about deploying Exchange Server 2010 in an environment that has an

existing Exchange Server 2007 deployment, consult the following TechNet document:

http://technet.microsoft.com/en-us/library/dd638158.aspx.

Know the order in which you must use the Setup /PrepareSchema, Setup /PrepareAD, and

Setup /PrepareDomain commands Know the circumstances under which you must use the Setup /PrepareLegacyExchangePermissions command.

Lesson Summary

n The forest must be at the Windows Server 2003 functional level or later before it

is possible to deploy Exchange Server 2010

n The Schema Master should be running Windows Server 2003 or later

n At least one global catalog server in each site should be running Windows

Server 2003 Service Pack 1 or later