Welcome to part two of our review of the Implementing and Supporting Microsoft Exchange Server 5.5 examination. Last month we gave a general overview of the exam and where it fits against the other possible electives that you might choose, as well as an in-depth look at section one: Planning. This month we will be concentrating on the next two sections: Installation and Configuration and Managing Resources.

The Installation and Configuration Section

What to Revise:
MsMail & Exchange Server DirSync, Migrating to Exchange Server 5.5, Permissions for Top Level Folders, Locations of Top Level Folders, Remote Connectivity through a Firewall, Internet Newsgroups, Creating Aliases, Address Space Restrictions, Public Folder Affinity, Client Access

Watch For:

1. MsMail and Exchange Server Directory Synchronisation

In this process there are three events – T1, T2 and T3. T1 is when DirSync requestors send updated information to the DirSync server. T2 is when the DirSync server builds the new directory databases and sends it to the DirSync requestors. T3 is when the DirSync requestors rebuilds its directory based on the information received from the DirSync server. Because you cannot refine the T2 period to take place at anything less than one hour intervals, you may sometimes need to manually force T2 to take place more quickly. To do this, simply pause and then resume the Microsoft Exchange Directory Synchronisation service from Control Panel, Services.

2.Migrating to Exchange Server 5.5

If you are using Source Extractors to migrate data from a previous mail system to Exchange using the two-stage process, then you will be provided with three types of migration file: A packing list file, which simply identifies each file within the set and what type it is. Primary migration files, which contain directory, personal address book, mail message, public folder and schedule data. Secondary migration files, which contain message bodies and attachments. Of these three it is strongly recommended that you should only ever edit primary migration files. This allows you to edit attributes of objects (such as a mailbox user’s fax number, for example).

3.Permissions for Creating Top Level Folders

The default behaviour of Exchange Server 5.5 is to allow all users to create top (i.e. root) level public folders. As the creator of any one public folder becomes the administrator of it and is responsible for setting permissions for anyone he or she wishes to create sub folders, the administrator need only be concerned about the permissions for top level folder creation.

To set permissions for top level folder creation, first create a DL (Distribution List) to contain those users whom you wish to have top level folder creation permission. Next, select the properties sheet for the Information Store Site Configuration object. On the Top Level Folder Creation page add the DL in the Allowed to Create Top Level Folders column.

4.Location of New Top Level Folders

To modify the location of top level public folders as they are created, select the properties sheet for the Private Information Store object for each of the servers in the site. On the General page specify the name of the public folder server where you wish top level folders to be created.

5.Enabling Remote Connectivity through a Firewall

7. Creating Aliases

Exchange Server 5.5 automatically creates the Display Name and Alias for each new mailbox as the mailbox is created. These names can be manually changed afterwards, but it is far easier to change the way in which Display Name and Alias are automatically created to be correct in the first place. To do this select Tools, Options from the Exchange Administrator menu. In the Auto Naming page specify the settings that you require. You can also select whether or not you wish to retrospectively apply the new rules to all existing mailboxes.

8. Using Address Space Restrictions

The default behaviour of an address space for a connector is for it to be replicated throughout the Exchange organisation. In this way, every server in every site learns about the availability of the new route and adds it to its GWART (Gateway Address Resolution Table). Although generally this is a good thing as it automates the process of updating routing tables and adds resilience to connectivity, there may be times when you want to restrict the address space to just the routing tables in the site, or even just the servers in one location within the site. To do this, simply select the properties sheet for the Connector and in the Address Space Limitations page select either Entire Organisation, This Site or This Location.

9. Public Folder Affinity

By default, Exchange Server 5.5 limits users to only seeing public folders that reside in the same site as themselves. To allow a user to view a public folder that resides in a different site in the organisation (without having to replicate a copy of the public folder to the user’s site) you must set public folder affinity. Public folder affinity is set on a per site basis. In the Information Store Site Configuration properties sheet select the Public Folder Affinity page. On this page, add in the names of each of the sites that contain public folders that you wish the users in this site to be able to access. You can set a cost value for each affinity. Exchange uses the affinity cost values to prioritise the order in which the other sites are contacted to search for a copy of the public folder that the user requires. The site with the lowest value is searched first. Servers within sites that hold the same affinity value are searched in random order.

10. Speeding Up Client Access to Exchange Server

To speed up client access to the Exchange Server, configure the RPC binding order of the client to use the appropriate protocol first. To do this you can modify the registry on each client. The key to modify is HKEY_LOCAL_MACHINE, System, CurrentControlSet, Services, Exchange, RPCLocator, ClientBindingOrder.

The Managing Resources Section

What to Revise

Restoring Exchange Server, Recovering Databases, Assigning Administrator Rights, Setting Mailbox Permissions, Essential Files

Watch For:

Restoring Exchange Server

To perform a full restore of Exchange Server 5.5 successfully, you must ensure the following: The computer that you restore to must have the correct (NetBIOS) server name and be in the same site within the same organisation. This is because each server’s existence is replicated through directory services to all other servers in the site. If a server with a different name is used, other servers in the site will view it as a new server in a new site. Similarly if a different site or organisation name is used, the same problem will occur.

To perform a full restore onto new hardware, first install NT Server with the same server name and service pack/s. Next install Exchange Server 5.5. The Exchange Server files do not have to be located on the same logical drives as the previous installation, but you must apply the same service pack/s. Finally, restore the database files from your backup. When you install Exchange Server, make sure not to choose the join an existing site option. Although this seems like the obvious thing to do, in fact it will create a new object for the server in each of the site’s other server’s directory database. Instead choose to create a new site and make sure to use the same organisation, site and site service account details as before.

1. Recovering Mailboxes

Exchange Server 5.5 does not come with the ability to restore a single mailbox. This is due to the fact that all mailboxes share a single physical file, rather than each having a separate file as you might assume. This file is called PRIV.EDB and is stored by default into C:\EXCHSRVR\MDBDATA\. Some third party backup utilities do allow you to restore an individual mailbox, but the default method for restoring a mailbox from an exam perspective is to restore the entire private information store database.

2. Assigning Administrator Rights

To grant full administrative rights for the entire Exchange organisation, a user will need to be an NT administrator and also be given Exchange Administrator rights for the Organisation, Site and Configuration objects in Exchange Administrator. All other objects pertaining to Exchange Server are held in one of these three containers and will automatically inherit the rights set on these three parent containers. To modify an individual object to have different rights to its parent, you must first select Tools, Options from the Exchange Server Administrator menu. On the Permissions tab, select Display Permissions Page for All Objects. You will now be able to view a Permissions page on the properties sheet of every individual object in Exchange and alter it as you wish. If you wish to grant permission for a non-Exchange Server administrator to be able to add new mailboxes into a container (for example an HR manager) you must make the user an NT Account Operator or higher and grant that user Exchange Admin rights on the at least the Site object.

3. Setting Mailbox Rights

The primary NT account associated with the mailbox automatically becomes the owner of the mailbox and is granted USER rights. You can give other NT accounts the same level of rights from the Exchange Administrator programme by adding the accounts in the text box on the permissions page of the properties sheet for the mailbox. This gives each added account the Send As permission. However, it is normal practice to grant the Send on Behalf Of permission instead, which is done from the user application (e.g. Outlook) by logging on as the mailbox owner and then adding the other user/s in Tools, Options.

4. Names and Locations of Essential Files

The following are the most important files from a backup and restore perspective, the purpose and recommended location for it (by default all files are installed to C:\).