Installing and Upgrading to Exchange Server 2003
Steps in Installation of Exchange Server 2003 l Verify that the Server meets hardware and Software Requirements l Use NetDiag, DCDiag, DNSCmd to verify AD and DNS l l All Servers must be members of same AD l Verify that Service Packs are up to date l Back up AD first l Run ForestPrep once to extend AD include Exchange classes and attributes in AD l Designate Exchange Full Administrator Account l Create a Exchange Administrative Group using ADSI Edit l Run DomainPrep on every Domain in the l Install and configure the appropriate Services : Ÿ Microsoft .Net Framework Ÿ Microsoft ASP.Net Ÿ World Wide Web Publishing Service Ÿ SMTP ( Simple mail Transfer Protocol) Service Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
l Use NetDiag, DCDiag, DNSCmd to verify AD and DNS l l All Servers must be members of same AD l Verify that Service Packs are up to date l Back up AD first l Run ForestPrep once to extend AD include Exchange classes and attributes in AD l Designate Exchange Full Administrator Account l Create a Exchange Administrative Group using ADSI Edit l Run DomainPrep on every Domain in the l Install and configure the appropriate Services : Ÿ Microsoft .Net Framework Ÿ Microsoft ASP.Net Ÿ World Wide Web Publishing Service Ÿ SMTP ( Simple mail Transfer Protocol) Service Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
l All Servers must be members of same AD l Verify that Service Packs are up to date l Back up AD first l Run ForestPrep once to extend AD include Exchange classes and attributes in AD l Designate Exchange Full Administrator Account l Create a Exchange Administrative Group using ADSI Edit l Run DomainPrep on every Domain in the l Install and configure the appropriate Services : Ÿ Microsoft .Net Framework Ÿ Microsoft ASP.Net Ÿ World Wide Web Publishing Service Ÿ SMTP ( Simple mail Transfer Protocol) Service Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
l Back up AD first l Run ForestPrep once to extend AD include Exchange classes and attributes in AD l Designate Exchange Full Administrator Account l Create a Exchange Administrative Group using ADSI Edit l Run DomainPrep on every Domain in the l Install and configure the appropriate Services : Ÿ Microsoft .Net Framework Ÿ Microsoft ASP.Net Ÿ World Wide Web Publishing Service Ÿ SMTP ( Simple mail Transfer Protocol) Service Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
l Designate Exchange Full Administrator Account l Create a Exchange Administrative Group using ADSI Edit l Run DomainPrep on every Domain in the l Install and configure the appropriate Services : Ÿ Microsoft .Net Framework Ÿ Microsoft ASP.Net Ÿ World Wide Web Publishing Service Ÿ SMTP ( Simple mail Transfer Protocol) Service Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
l Run DomainPrep on every Domain in the l Install and configure the appropriate Services : Ÿ Microsoft .Net Framework Ÿ Microsoft ASP.Net Ÿ World Wide Web Publishing Service Ÿ SMTP ( Simple mail Transfer Protocol) Service Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
Ÿ Microsoft .Net Framework Ÿ Microsoft ASP.Net Ÿ World Wide Web Publishing Service Ÿ SMTP ( Simple mail Transfer Protocol) Service Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
Ÿ World Wide Web Publishing Service Ÿ SMTP ( Simple mail Transfer Protocol) Service Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
Ÿ NNTP ( Network News Transfer Protocol) Service
Verify that Active Directory and DNS are installed and configured.
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
Exchange administrative roles
l Exchange Full Administrator l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
l Exchange Administrator l Exchange View Only Administrator
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
Exchange administrative roles
l In Exchange 2000 Server, administrators must be assigned the Exchange Full Administrator administrative role at the organization level to
l install and to remove Exchange 2000,
l to upgrade servers, and
l to perform disaster recovery on servers.
l This requirement is changed in Exchange 2003 to permit administrators who are assigned the Exchange Full Administrator administrative role at the administrative group level to install and to remove Exchange 2003, to upgrade servers, and to perform disaster recovery on servers that are in that administrative group.
l The following considerations apply when you install Exchange 2003 on servers as an administrator who has Exchange Full Administrator permissions:
Exchange administrative roles
l Exchange Full Administrator
l Exchange Administrator
l Exchange View Only Administrator
Note: In order to enable the security settings tab at the Organization and the Administrative Group Levels –
l Start – Run – Regedit – HKEY_CURRENT_USER\Software\Microsoft\Exchange
l Right Click EXAdmin -- new – DWORD Value – type “ShowSecurityPage” and enter
l Double Click “ShowSecurityPage” and change value to 1 enter – close Registry Editor
Important: A domain administrator must manually add the computer account of the server to the Exchange Domain Servers group.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform
l The first installation of Exchange 2003 on a computer that is in an organization.
l The first installation of Exchange 2003 in a Microsoft Active Directory directory service domain.
l An administrator who has Exchange Full Administrator permissions at the organization level must perform:
l The first installation of Exchange 2003 on a computer that is in an administrative group.
l Upgrade Exchange 2000 computers that are configured as bridgeheads for directory replication connectors to Exchange 2003.
l Installations or removal of Exchange 2003 on servers where Site Replication Services (SRS) is installed.
l If you are an administrator who is an Exchange Full Administrator in the administrative group, and you run Exchange 2003 Setup on a server that is not clustered, only the administrative groups that you have permissions to access appear.
l However, on a clustered server, Exchange 2003 Setup displays all administrative groups.
l If you select an administrative group that you do not have permission to access, you receive an "Access Denied" error message.
Exchange Full Administrator l When you assign a user or a group Exchange Full Administrator permissions, the user or the group can fully administer Exchange Server computer information and modify permissions.
l A user who has Exchange Full Administrator permissions has the following rights:
l Organization Rights:
Ÿ Full Control permissions on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Ÿ Read permissions and Change permissions on the Deleted Objects container in the Configuration naming context (
Exchange Full Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
Ÿ Full Control, Deny Send-As, and Deny Receive-As permissions on the Administrator Groups container (this object and its subcontainers).
Ÿ Full Control permissions (except for Change) on the Connections container (this object and its sub-containers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
l Note Administrators who have Exchange Full Administrator permission can install, upgrade, remove, and perform disaster recovery on servers in that Administrative Group only .
Exchange Administrator l When you assign a user or a group Exchange Administrator permissions, the user or the group can fully administer Exchange Server computer information.
l A user who has Exchange Administrator permissions has the following rights:
l Organization Rights:
Ÿ All permissions (except for Change permissions) on the MsExchConfiguration container (this object and its subcontainers).
Ÿ Deny Receive-As permissions and Send-As permissions on the Organization container (this object and its subcontainers).
Exchange Administrator (2) l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object and its subcontainers).
l All permissions (except for Change, Deny Send-As, and Deny Receive-As permissions) on the Administrator Group container (this object and its sub-containers).
Ÿ All permissions (except for Change permissions) on the Connections container (this object and its subcontainers).
Ÿ Read, List object, List contents, and Write properties permissions on the Offline Address Lists container (this object and its subcontainers).
Exchange View Only Administrator
l When you assign a user or a group Exchange View Only Administrator permissions, the user or the group can view Exchange Server configuration information.
l A user who has Exchange View Only Administrator permissions has the following rights:
l Organization Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object and its sub-containers).
Ÿ View Information Store Status permissions on the Organization container (this object and its sub-containers).
Exchange View Only Administrator (2)
l Administrative Group Rights:
Ÿ Read, List object, and List contents permissions on the MsExchConfiguration container (this object only).
Ÿ Read, List object, and List contents permissions on the Organization container (this object only).
Ÿ Read, List object, and List contents permissions on the Administrator Groups container (this object only).
Ÿ Read, List object, List contents, and View Information Store Status permissions on the Administrator Groups container (this object and its sub-containers).
Ÿ Read, List object, and List contents permissions on the MsExchRecipientsPolicy container, the Address Lists container, Addressing, Global Settings, System Policies (this object and its sub-containers).
l Windows Backup, the backup tool can back up and restore the Active Directory on Windows Domain Controllers
l The backups can be performed while the DC is online
l You can restore these backup’s only when the DC is booted in Directory Services restore mode using the F8 key when the server is starting
l You can lose all but one server in the domain and still recover with no loss of data, assuming that the remaining survivor holds the current up to date information
l When you run ForestPrep, designate an account that will have Exchange Full Administrator permissions to the organization object.
l This account will have the authority to install and manage Exchange Server 2003 throughout the forest and assign further administrators permissions after the first server is installed.
l Create your Exchange administrative group structure before you install your first server running Exchange 2003.
l If you do not create an administrative group before the first Exchange server is installed, Setup will automatically create an administrative group named First Administrative Group.
How to Create a First Administrative Group with a Different Name l
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
l Run Exchange Setup with the /forestprep switch.
l Install the Exchange System Manager, and log on as a user with appropriate permissions. Do not install any other components.
In the Exchange System Manager, create a new administrative group with the name you want
l Warning:
l You cannot move computers that run Exchange between administrative groups.
l Therefore, it is important to install each Exchange server in the administrative group specified in your Exchange implementation plan.
l To create administrative groups before you install your first server, use the ADSI Edit utility or Exchange System Manager
l Run DomainPrep to prepare your domains for Exchange. DomainPrep is an Exchange Setup switch that creates the groups and permissions necessary for Exchange servers to read and modify user attributes.
l DomainPrep creates these groups:
1. Exchange Domain Servers.
A domain global group (GG) that contains all servers running Exchange in the domain.
2. Exchange
A domain local group (DLG) that contains the Exchange Domain Servers groups from all the domains in the enterprise.
l Run DomainPrep in the following domains:
l The root domain.
l All domains that will contain Exchange Server 2003 servers.
l All domains that will contain Exchange Server 2003 mailbox-enabled accounts or mail-enabled objects (such as accounts, contacts, or groups), even if no Exchange servers will be installed in these domains.
l You must run the Exchange Server 2003 version of Domain Prep even if you are already running Exchange 2000 in the domain.
Naming Conventions for Stores and Storage Groups
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN
NOTE: It is important that these steps be performed before the first Exchange server is installed into the forest. If you have already run ForestPrep, you don't need to do Step One. If an Exchange server already exists in the organization, this does not apply.
The mailbox store consists of two files, priv1.edb and priv1.stm.
The public folder store consists of two files, pub1.edb and pub1.stm.
By default, when you create a new storage group, a new folder is created that is based on the name of the storage group.
For example, the Sales storage group would be created in the C:\Program Files\Exchsrvr\Sales folder.
You should not enable circular logging on a mailbox store?
Enabling circular logging greatly reduces your ability to recover from a failure.
With circular logging enabled, you can only recover data that exists on your last backup set.
With circular logging disabled, you can recover data up to the point of failure.
How to Move Stores, Mount and Dismount Stores, and Move Transaction Log Files
1. In Exchange System Manager, expand the appropriate storage group, locate the store that you want to move, and display the properties of the store.
2. In the Mailbox Store Properties dialog box, click the Database tab.
3. On the Database tab, click the Browse button for the database file (.edb), the streaming store file (.stm), or both, and then specify the new path to which you want to move them.
Storage Technologies That Exchange Can Use
The recommended storage solution for Exchange Storage area networks are complex, and they require specialized knowledge to design, operate, and maintain. They are also a more expensive solution than external storage arrays and network-attached storage solutions.
However, it is recommended that storage area networks be used to store Exchange data, such as mailbox and public folder stores, because storage area network configurations optimize server performance and reliability and are also highly scalable.
Storage area networks are good storage solutions for large Exchange organizations.
If you implement a storage area network solution in your Exchange organization, you receive the following benefits:
<p class="MsoNormal" style="MARGIN