Blog (at) Mreza.Info

Pretty common problem this days is around specified FQDN for external connections from Exchange 2007 HUB servers.

For demo purposes let's say our internal FQDN of Exchange 2007 HUB server is DEMO-E2K7SP1.demo.pri and external FQDN is demomail.exchange.si.

Specify FQDN for Send Connector

We need to specify FQDN for each send connector we created for internet delivery. In our case we have send connector named Internet. Let's specify FQDN:

Set-SendConnector -Identity "Internet" -Fqdn demomail.exchange.si

As you can see demomail.exchange.si is specified as FQDN for above mentioned send connector. Please do not forget to also create/use certificate with Subject Name (or Subject Alternative Name) demomail.exchange.si.

Let's see what will be present in mail header at recipient side. As you can see bellow in the first red marked part demomail.exchange.si FQDN was used at HELO/EHLO step when contacting recipient mail server.

As you may also noticed DEMO-E2K7SP1.demo.pri is also visible in mail header. There is nothing wrong with that! It's expected behavior of every mail server in the planet. Full 'travel' path is always included in message header.

How do I hide internal servers from message header?

My recommended solution is with Transport Rules usage. Here is sample transport rule that strip Receive part from message header.

Create new transport rule:

Specify Condition from users Inside the organization, sent to users Outside the organization and Action remove header (Received).

If we look again into message header you will notice that internal server is not visible anymore (Received: from DEMO-E2K7SP1.demo.pri). Removing other parts from message header can also be done with Transport Rules.

I hope this problem with distinguishing between configuration errors and records in message header is just a bit more clear now.

Last Thursday, I was presenting at SloWUG event here in Ljubljana about (new) High Availability options in Exchange Server 2007 SP1.

Agenda

• Mailbox Server High Availability options in Exchange Server 2007 SP1
• Cluster Continuous Replication
• Standby Continuous Replication
• Data Loss?
• Demo!

Presentation with recorded demos is now available for download. Any comments or suggestions are more than welcome. I'm also accepting requests for next presentation.

SloWUG - Exchange Server 2007 SP1 High Availability

What are the prerequisites for specific Exchange 2007 SP1 role when you are installing it on Windows Server 2008? I received this question often in the last couple of months and decided to blog about it.

The easiest way to install all prerequisites on windows Server 2008 is with ServerManagerCmd command line utility.

Exchange Management Tools

ServerManagerCmd -i PowerShell

If you want to manage all internal server roles including CAS role you must also install following IIS components. Note that this also applies if you have stand alone HUB Transport server and you want to manage CAS server from it.

ServerManagerCmd -i Web-Metabase
ServerManagerCmd -i Web-Lgcy-Mgmt-Console

Hub Transport Server

ServerManagerCmd -i PowerShell

Client Access Server

ServerManagerCmd -i PowerShell
ServerManagerCmd -i Web-Server
ServerManagerCmd -i Web-ISAPI-Ext
ServerManagerCmd -i Web-Metabase
ServerManagerCmd -i Web-Lgcy-Mgmt-Console
ServerManagerCmd -i Web-Basic-Auth
ServerManagerCmd -i Web-Digest-Auth
ServerManagerCmd -i Web-Windows-Auth
ServerManagerCmd -i Web-Dyn-Compression
ServerManagerCmd -i RPC-over-HTTP-proxy (optional; required only if you will be using Outlook Anywhere)

Edge Transport Server

ServerManagerCmd -i PowerShell
ServerManagerCmd -i ADLDS (AD LDS - Active Directory Lightweight Directory Services; previously known as ADAM - Active Directory Application Mode)

Mailbox Server

ServerManagerCmd -i PowerShell
ServerManagerCmd -i Web-Server
ServerManagerCmd -i Web-ISAPI-Ext
ServerManagerCmd -i Web-Metabase
ServerManagerCmd -i Web-Lgcy-Mgmt-Console
ServerManagerCmd -i Web-Basic-Auth
ServerManagerCmd -i Web-Windows-Auth
ServerManagerCmd -i Failover-Clustering (if Mailbox Server will be clustered)

Unified Messaging

ServerManagerCmd -i PowerShell
ServerManagerCmd -i Desktop-Experience (audio/video codecs required by UM)

Yesterday, I was presenting at SloWUG event about Exchange Server 2007 Security.

Presentation with all recorded demos is now available for download.

SloWUG - Exchange Server 2007 Security Presentation

Welcome to the third part of Upgrading Exchange Server 2007 to Service Pack 1 (SP1).

In previous parts we looked into necessary procedures for preparing Active Directory and upgrading HUB/CAS roles (or single Exchange Server with HUB, CAS and Mailbox role installed) to Service Pack 1.

In this part we will go trough necessary steps for successful upgrade of Exchange 2007 Single Copy Cluster to Service Pack 1.

Important!

Prior installing SP1 read carefully section with prerequisites (install necessary components and updates on Windows Server, upgrade antivirus software for Exchange Server) from my previous post Upgrading Exchange 2007 to SP1 (Part 1)!

Installing Service Pack 1

Upgrading Single Copy Cluster (SCC) to SP1 is different from upgrading non-clustered Mailbox Role to SP1 in many ways. Notice that in Part 1 and Part 2 we were using both GUI and unattended mode but only option for cluster upgrade is using unattended mode.

Required permissions

What are the minimal permissions you need for successful upgrade? Exchange Server Administrator membership and Local Administrator on servers is required.

Demo infrastructure

For the demo purposes we will use only two-node cluster setup. Active node named E2K7-NODE1, passive node named E2K7-NODE2 and exchange cluster named E2K7-MBX.

 
Setup for demo upgrade to SP1

Upgrade steps for Passive Node (E2K7-NODE2)

• Move all Cluster Groups to active node (E2K7-NODE1).
  
• Set Windows Firewall/Internet Connection Sharing (ICS) service to Manual or Automatic and start it. This service is disabled by default. During upgrade procedure this allows setup to add firewall exceptions for Exchange Server services. You can stop and disable this service after upgrade!
  
  It also works if you leave Windows Firewall/Internet Connection Sharing disabled but no firewall exceptions for Exchange Server services are created during setup. I recommend that you start Windows Firewall/ICS service during setup and than stop/disable it if you are not using Windows Firewall service!
  
• Stop any services that have open handles to performance counters (for example: Performance Logs and Alerts, MOM agents,...) - performance counters are changed during upgrade procedure.
  
• Stop, and then restart the Remote Registry service.
  
• From command prompt run setup.com /m:upgrade from folder with SP1 setup files.
  
   
  
• After successful upgrade reboot Passive Node (E2K7-NODE2).
  
• Log on to server after reboot and open Exchange Management Shell.
  
• Use the Stop-ClusteredMailboxServer cmdlet to stop the clustered mailbox server.
  
  Stop-ClusteredMailboxServer E2K7-MBX -StopReason "SP1 Upgrade."
  
  
  
• Use Move-ClusteredMailboxServer cmdlet to move the clustered mailbox server (CMS) from Active Node (E2K7-NODE1) to Passive Node (E2K7-NODE2). You must run this from Passive Node (E2K7-NODE2).
  
  Move-ClusteredMailboxServer E2K7-MBX -TargetMachine E2K7-NODE2 -MoveComment "SP1 Upgrade."
  
• From command prompt run setup.com /upgradecms from folder with SP1 setup files.
  
  
  Notice that I actually executed this command from Exchange Management Shell ;-)
  

Upgrade steps for Active Node (E2K7-NODE1)

• Set Windows Firewall/Internet Connection Sharing (ICS) service to Manual or Automatic and start it. This service is disabled by default. During upgrade procedure this allows setup to add firewall exceptions for Exchange Server services. You can stop and disable this service after upgrade!
  
• Stop any services that have open handles to performance counters (for example: Performance Logs and Alerts, MOM agents,...) - performance counters are changed during upgrade procedure.
  
• Move Windows Cluster "Cluster Group" to Passive Node
  
  Cluster group "cluster group" /move
  
   
  
• Stop, and then restart the Remote Registry service.
  
• From command prompt run setup.com /m:upgrade from folder with SP1 setup files.
  
• Reboot node after successful upgrade.
  
• You can disable Windows Firewall/Internet Connection Sharing (ICS) now.
  

Congratulations, your Single Copy Cluster is now upgraded to Service Pack 1. During upgrade procedure we changed ownership of Cluster Groups. If you would like to move groups back to previous owner you can use previous mentioned steps or you can use one of new features in Exchange Server 2007 Service Pack 1 called Manage Clustered Mailbox Server wizard for desired actions.

Related:

• Upgrading Exchange 2007 to SP1 (Part 1)
• Upgrading Exchange 2007 to SP1 (Part 2)
• Exchange Server 2007 Service Pack 1
• Microsoft Exchange Server 2007 Service Pack 1 (SP1) Release Notes

This is one "simple" error I come across when installing on Windows Server 2008 RC1.

Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1976). Topology discovery failed, error 0x80040a02 (DSC_E_NO_SUITABLE_CDC). Look up the Lightweight Directory Access Protocol (LDAP) error code specified in the event description. To do this, use Microsoft Knowledge Base article 218185, "Microsoft LDAP Error Codes." Use the information in that article to learn more about the cause and resolution to this error. Use the Ping or PathPing command-line tools to test network connectivity to local domain controllers.

In my case solution was really simple. Between the tests I disabled IPv6 support on network card. I enable it back, re-run setup and everything was fine...

This is second part of upgrading procedure for Exchange Server 2007 SP1. In first part we looked into necessary steps for getting Windows ready, preparing Active Directory and upgrading Client Access Server (CAS) role  to Exchange Server 2007 SP1.

In this part we will look into upgrading HUB Transport Server role to SP1. Procedure is almost identical than in first part (upgrading CAS to SP1) but purpose of this part is looking into Unattended Setup.

Prior installing SP1 read carefully section with prerequisites (install necessary components and updates on Windows Server, upgrade antivirus software for Exchange Server) from my previous post Upgrading Exchange 2007 to SP1 (Part 1)!

Installing Service Pack 1 in Unattended Mode

It's time for Service Pack installation. ;-)

Run following command from location with extracted Exchange Server 2007 SP1 files:

setup /mode:upgrade

Procedure is the same as in graphical mode. First step is is Prerequisite check.

Note that I cheated just a little bit. ;-) I had other roles on this server, not just HUB role. When running setup /mode:upgrade you receive the list of roles that will be upgraded. You can use this steps (and steps for preparing Active Directory) for upgrading single server installation.

If no critical errors were found setup continue with Configuring steps (Preparing Setup, Removing Exchange Files, Preparing Files,...). In Unattended Mode you also have a progress bar just like in graphical mode.

And a final screen after successful Service Pack 1 installation.

Check Event Viewer and Exchange functionality to verify that everything is working as expected.

In following articles we will dive into cluster (Single Copy Cluster - SCC, Cluster Continuous Replication - CCR) upgrading and some new high availability features in SP1.

Related:

• Upgrading Exchange 2007 to SP1 (Part 1)
• Exchange Server 2007 Service Pack 1
• Microsoft Exchange Server 2007 Service Pack 1 (SP1) Release Notes
• Microsoft .NET Framework 2.0 Service Pack 1 (x64)

The purpose of this document is to help you plan, deploy, and manage Microsoft Exchange Server 2007 Unified Messaging servers. The information and procedures in this document focus specifically on the Unified Messaging features of an Exchange 2007 computer that has the Unified Messaging server role installed. This document provides information about Unified Messaging features and the tasks you must perform to plan, deploy, manage, and configure them.

This document is a compilation of the Unified Messaging white papers that are available in the Exchange Server Technical Articles section of the Exchange Server 2007 Library. Each white paper is a compilation of Unified Messaging Help topics. This document is provided as a convenience for customers who want to view the topics in print format. The content in this document applies to the original release (RTM) version of Exchange Server 2007. To read the most up-to-date Unified Messaging topics, including information about Exchange 2007 Service Pack 1, visit the Exchange Server 2007 Library.

Download: Planning, Deploying, and Managing Unified Messaging with Exchange Server 2007

Exchange Server 2007 Design and Architecture at Microsoft

How the Microsoft Information Technology organization designed the corporate Exchange Server 2007 environment

Microsoft Information Technology (Microsoft IT) maintains a complex Microsoft® Exchange Server environment consisting of several geographic locations and multiple Active Directory® forests. There are 16 data centers, four of which host Exchange Mailbox servers, to support more than 515 office locations in 102 countries with 121,000 users, including managers, employees, contractors, business partners, and vendors. Site and server consolidation conducted with Microsoft Exchange Server 2003 and new deployment features available in Microsoft Exchange Server 2007 in combination with proven planning, design, and deployment methodologies enabled Microsoft IT to transition this environment to Exchange Server 2007 in less than eight months. Microsoft IT decommissioned the last Mailbox servers running Exchange Server 2003 in the corporate Active Directory forest shortly after Microsoft released the new Exchange Server release to manufacturing (RTM) version on December 7, 2006.

This technical white paper discusses the Exchange Server 2007 architectures, designs, and technologies that Microsoft IT chose for the corporate environment and the strategies, procedures, successes, and practical experiences that Microsoft IT gained during the planning and design phase. In addition to common planning and design tasks typical for many Exchange Server deployment projects, such as server design, high-availability implementation, and capacity planning, transitioning a complex messaging environment to run on Exchange Server 2007 also entails specific planning considerations regarding directory integration, routing topology, Internet connectivity, client access technologies, and unified messaging (UM).

Download: Technical White Paper | PowerPoint Presentation

Operating a Global Messaging Environment by Using Exchange Server 2007

This white paper is for business decision makers, technical decision makers, and operations managers. It assumes that the reader has a working knowledge of Microsoft Windows Server® 2003, Active Directory, Exchange Server 2007, and Microsoft Operations Manager. Because many of the principles and procedures discussed in this paper are based on standard operations methodologies, a high-level understanding of the MOF, MSF, and ITIL models is also helpful.

Download: Technical White Paper | PowerPoint Presentation

Exchange Server 2007 Deployment Checklists

This technical white paper discusses the deployment checklists that the Exchange Messaging team created based on the Exchange Server 2007 architecture and design specifications for the corporate production environment.

The first two sections briefly reiterate the reasons why the Exchange Messaging team uses checklists, and the sections explain the Microsoft IT server life-cycle management process. These sections also discuss the usefulness of checklists from a decision maker's point of view and highlight the responsibilities of the Exchange Messaging team within the overall Microsoft IT organization.

The third section, "Pre-Installation Deployment Checklists," covers the tasks the Exchange Messaging team performs to prepare servers for later installation of a specific server role. In some cases, a server role requires additional configuration. These tasks are role-specific and are listed in checklist form.

The next sections provide detailed discussions of the various checklists that the Exchange Messaging team created for the individual server roles.

This technical white paper also includes an appendix titled "Deployment Worksheets," which contains a set of worksheet templates that are derived from the Exchange Messaging team checklists. These worksheet templates can serve as a starting point to create custom checklists based on the specific needs of an IT organization.

Download: Technical White Paper

Microsoft announced Windows Essential Business Server (previously code-named "Centro"), a new integrated multiserver solution designed for midsize businesses with sophisticated IT needs which offers integrated security, simple administration with unified management console and just like in Small Business edition integrated multiple products which are normally cheaper than if you buy separate licenses.

In Standard Edition you will get:

• Windows Server 2008 with Active Directory Domain Services
• Microsoft System Center Essentials
• Microsoft Exchange Microsoft Forefront Security for Exchange Server
• Next version of Microsoft Internet Security and Acceleration Server (ISA Server)

In Premium Edition you will also get Microsoft SQL Server 2008 Standard Edition.

If I`m honest I never liked idea of Small Business Server. Why? On one side you have best practices which says that you should not put for example Domain Controller and Exchange Server on one box. On the other side you have product which have everything together. On one or on two servers. So I have the same opinion about Windows Essential Business Server. I sure hope that you will be able to install it to separate servers.

But it also has good side. It cost less than separate products so it`s great for small companies with low budget for IT.

Source: Windows Essential Business Server Overview (A New Server Solution for Midsize Businesses)