Beruflich Dokumente
Kultur Dokumente
E S A E E L E R R A E W R P FT O S
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
2009 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Access, Active Directory, ActiveSync, BizTalk, Excel Forefront, Groove, Hyper-V, Internet Explorer, MS, Outlook, PerformancePoint, PowerPoint, SQL Server, Virtual Earth, Visio, Visual Studio, Windows, Windows Live, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are property of their respective owners.
Version 1.2
MICROSOFT LICENSE TERMS OFFICIAL MICROSOFT LEARNING PRODUCTS COURSEWARE STUDENT EDITION Pre-Release and Final Versions
These license terms are an agreement between Microsoft Corporation and you. Please read them. They apply to the licensed content named above, which includes the media on which you received it, if any. The terms also apply to any Microsoft updates, supplements, Internet-based services, and support services
for this licensed content, unless other terms accompany those items. If so, those terms apply. By using the licensed content, you accept these terms. If you do not accept them, do not use the licensed content. If you comply with these license terms, you have the rights below.
1. OVERVIEW.
Licensed Content. The licensed content includes software, printed materials, academic materials (online and electronic), and associated media. License Model. The licensed content is licensed on a per copy per device basis.
2. INSTALLATION AND USE RIGHTS. a. Licensed Device. The licensed device is the device on which you use the licensed content. You may install and use
one copy of the licensed content on the licensed device. licensed device.
b. Portable Device. You may install another copy on a portable device for use by the single primary user of the c. Separation of Components. The components of the licensed content are licensed as a single unit. You may not
separate the components and install them on different devices.
d. Third Party Programs. The licensed content may contain third party programs. These license terms will apply to
your use of those third party programs, unless other terms accompany those programs.
3. PRE-RELEASE VERSIONS. If the licensed content is a pre-release (beta) version, in addition to the other provisions in
this agreement, then these terms also apply:
a. Pre-Release Licensed Content. This licensed content is a pre-release version. It may not contain the same
information and/or work the way a final version of the licensed content will. We may change it for the final, commercial version. We also may not release a commercial version. You will clearly and conspicuously inform any Students who participate in an Authorized Training Session and any Trainers who provide training in such Authorized Training Sessions of the foregoing; and, that you or Microsoft are under no obligation to provide them with any further content, including but not limited to the final released version of the Licensed Content for the Course. charge, the right to use, share and commercialize your feedback in any way and for any purpose. You also give to third parties, without charge, any patent rights needed for their products, technologies and services to use or interface with any specific parts of a Microsoft software, licensed content, or service that includes the feedback. You will not give feedback that is subject to a license that requires Microsoft to license its software or documentation to third parties because we include your feedback in them. These rights survive this agreement. that may be included with the licensed content, is confidential and proprietary to Microsoft and its suppliers. i.
b. Feedback. If you agree to give feedback about the licensed content to Microsoft, you give to Microsoft, without
c. Confidential Information. The licensed content, including any viewer, user interface, features and documentation
Use. For five years after installation of the licensed content or its commercial release, whichever is first, you may not disclose confidential information to third parties. You may disclose confidential information only to your employees and consultants who need to know the information. You must have written agreements with them that protect the confidential information at least as much as this agreement. Survival. Your duty to protect confidential information survives this agreement.
ii.
iii. Exclusions. You may disclose confidential information in response to a judicial or governmental order. You must first give written notice to Microsoft to allow it to seek a protective order or otherwise protect the information. Confidential information does not include information that d. becomes publicly known through no wrongful act; you received from a third party who did not breach confidentiality obligations to Microsoft or its suppliers; or you developed independently.
Term. The term of this agreement for pre-release versions is (i) the date which Microsoft informs you is the end date for using the beta version, or (ii) the commercial release of the final release version of the licensed content, whichever is first (beta term). Use. You will cease using all copies of the beta version upon expiration or termination of the beta term, and will destroy all copies of same in the possession or under your control. Copies. Microsoft will inform Authorized Learning Centers if they may make copies of the beta version (in either print and/or CD version) and distribute such copies to Students and/or Trainers. If Microsoft allows to such distribution, you will follow any additional terms that Microsoft provides to you for such copies and distribution.
e. f.
4. ADDITIONAL LICENSING REQUIREMENTS AND/OR USE RIGHTS. a. Media Elements and Templates. You may use images, clip art, animations, sounds, music, shapes, video clips and
templates provided with the licensed content solely for your personal training use. If you wish to use these media elements or templates for any other purpose, go to www.microsoft.com/permission to learn whether that use is allowed.
b. Academic Materials. If the licensed content contains academic materials (such as white papers, labs, tests,
datasheets and FAQs), you may copy and use the academic materials. You may not make any modifications to the academic materials and you may not print any book (either electronic or print version) in its entirety. If you reproduce any academic materials, you agree that:
The use of the academic materials will be only for your personal reference or training use You will not republish or post the academic materials on any network computer or broadcast in any media; You will include the academic materials original copyright notice, or a copyright notice to Microsofts benefit in the
format provided below: Form of Notice: 2009 Reprinted for personal reference use only with permission by Microsoft Corporation. All rights reserved. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the US and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners.
c. Distributable Code. The licensed content may contain code that you are permitted to distribute in programs you
develop if you comply with the terms below.
i.
Right to Use and Distribute. The code and text files listed below are Distributable Code. REDIST.TXT Files. You may copy and distribute the object code form of code listed in REDIST.TXT files. Sample Code. You may modify, copy, and distribute the source and object code form of code marked as sample. Third Party Distribution. You may permit distributors of your programs to copy and distribute the Distributable Code as part of those programs.
ii. Distribution Requirements. For any Distributable Code you distribute, you must
add significant primary functionality to it in your programs; require distributors and external end users to agree to terms that protect it at least as much as this agreement; display your valid copyright notice on your programs; and indemnify, defend, and hold harmless Microsoft from any claims, including attorneys fees, related to the distribution or use of your programs.
5. INTERNET-BASED SERVICES. Microsoft may provide Internet-based services with the licensed content. It may change
or cancel them at any time. You may not use these services in any way that could harm them or impair anyone elses use of them. You may not use the services to try to gain unauthorized access to any service, data, account or network by any means.
6. SCOPE OF LICENSE. The licensed content is licensed, not sold. This agreement only gives you some rights to use the
licensed content. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the licensed content only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the licensed content that only allow you to use it in certain ways. You may not disclose the results of any benchmark tests of the licensed content to any third party without Microsofts prior written approval; work around any technical limitations in the licensed content; reverse engineer, decompile or disassemble the licensed content, except and only to the extent that applicable law expressly permits, despite this limitation; make more copies of the licensed content than specified in this agreement or allowed by applicable law, despite this limitation; publish the licensed content for others to copy; transfer the licensed content marked as beta or pre-release to any third party; allow others to access or use the licensed content; rent, lease or lend the licensed content; or use the licensed content for commercial licensed content hosting services. Rights to access the server software that may be included with the Licensed Content, including the Virtual Hard Disks does not give you any right to implement Microsoft patents or other Microsoft intellectual property in software or devices that may access the server.
7. BACKUP COPY. You may make one backup copy of the licensed content. You may use it only to reinstall the licensed
content.
8. TRANSFER TO ANOTHER DEVICE. You may uninstall the licensed content and install it on another device for your
personal training use. You may not do so to share this license between devices.
9. TRANSFER TO A THIRD PARTY. You may not transfer those versions marked as beta or pre-release to a third party.
For final versions, these terms apply: The first user of the licensed content may transfer it and this agreement directly to a third party. Before the transfer, that party must agree that this agreement applies to the transfer and use of the licensed content. The first user must uninstall the licensed content before transferring it separately from the device. The first user may not retain any copies. comply with all domestic and international export laws and regulations that apply to the licensed content. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting. or Not for Resale.
10. EXPORT RESTRICTIONS. The licensed content is subject to United States export laws and regulations. You must
11. NOT FOR RESALE SOFTWARE/LICENSED CONTENT. You may not sell software or licensed content marked as NFR
12. ACADEMIC EDITION. You must be a Qualified Educational User to use licensed content marked as Academic Edition
or AE. If you do not know whether you are a Qualified Educational User, visit www.microsoft.com/education or contact the Microsoft affiliate serving your country. services that you use, are the entire agreement for the licensed content and support services.
13. ENTIRE AGREEMENT. This agreement, and the terms for supplements, updates, Internet-based services and support 14. APPLICABLE LAW. a. United States. If you acquired the licensed content in the United States, Washington state law governs the
interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort. apply.
b. Outside the United States. If you acquired the licensed content in any other country, the laws of that country 15. LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws of your country.
You may also have rights with respect to the party from whom you acquired the licensed content. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.
16. DISCLAIMER OF WARRANTY. THE LICENSED CONTENT IS LICENSED AS-IS. YOU BEAR THE RISK OF
USING IT. MICROSOFT GIVES NO EXPRESS WARRANTIES, GUARANTEES OR CONDITIONS. YOU MAY HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES. anything related to the licensed content, software, services, content (including code) on third party Internet sites, or third party programs; and claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
17. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM MICROSOFT
It also applies even if Microsoft knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages. Please note: As this licensed content is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French. Remarque : Ce le contenu sous licence tant distribu au Qubec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en franais. EXONRATION DE GARANTIE. Le contenu sous licence vis par une licence est offert tel quel . Toute utilisation de ce contenu sous licence est votre seule risque et pril. Microsoft naccorde aucune autre garantie expresse. Vous pouvez bnficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualit marchande, dadquation un usage particulier et dabsence de contrefaon sont exclues. LIMITATION DES DOMMAGES-INTRTS ET EXCLUSION DE RESPONSABILIT POUR LES DOMMAGES. Vous pouvez obtenir de Microsoft et de ses fournisseurs une indemnisation en cas de dommages directs uniquement hauteur de 5,00 $ US. Vous ne pouvez prtendre aucune indemnisation pour les autres dommages, y compris les dommages spciaux, indirects ou accessoires et pertes de bnfices. Cette limitation concerne: tout ce qui est reli au le contenu sous licence , aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et les rclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilit stricte, de ngligence ou dune autre faute dans la limite autorise par la loi en vigueur.
Elle sapplique galement, mme si Microsoft connaissait ou devrait connatre lventualit dun tel dommage. Si votre pays nautorise pas lexclusion ou la limitation de responsabilit pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou lexclusion ci-dessus ne sappliquera pas votre gard. EFFET JURIDIQUE. Le prsent contrat dcrit certains droits juridiques. Vous pourriez avoir dautres droits prvus par les lois de votre pays. Le prsent contrat ne modifie pas les droits que vous confrent les lois de votre pays si celles-ci ne le permettent pas.
Contents
vii
Acknowledgements
Microsoft Learning would like to acknowledge and thank the following for their contribution towards developing this title. Their effort at various stages in the development has ensured that you have a good classroom experience.
Contents
ix
Table of Contents
Introduction
Introduction ........................................................................................................................................i Clinic Materials ................................................................................................................................. ii Microsoft Learning Product Types................................................................................................... iv Microsoft Certification Program ....................................................................................................... vi Facilities........................................................................................................................................... xi About This Clinic............................................................................................................................. xii Prerequisites.................................................................................................................................. xiv Clinic Outline.................................................................................................................................. xvi
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Session Overview ......................................................................................................................... 2-1 Section 1: Message Transport Features ...................................................................................... 2-2 Section 2: Mailbox Server Features ........................................................................................... 2-14 Section 3: Database Availability and Site Resilience ................................................................. 2-21 Section 4: Administration and Management Tools..................................................................... 2-37 Section 5: Transitioning from Previous Versions of Exchange Server....................................... 2-49 Clinic Evaluation ......................................................................................................................... 2-56
Introduction
Table of Contents Introduction Clinic Materials Microsoft Learning Product Types Microsoft Certification Program Facilities About This Clinic Prerequisites Clinic Outline
E S A E E L E R R A E W R P FT O S
i ii iv vi xi xii xiv xvi
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Copyright 2009 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Access, Active Directory, ActiveSync, BizTalk, Excel Forefront, Groove, Hyper-V, Internet Explorer, MS, Outlook, PerformancePoint, PowerPoint, SQL Server, Virtual Earth, Visio, Visual Studio, Windows, Windows Live, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Version 1.2
Introduction
Introduction
ii
Introduction
Clinic Materials
The following materials are included with your kit: Student workbook. The student workbook contains the material covered in class. Clinic evaluation. At the end of the clinic, you will have the opportunity to complete an online evaluation to provide feedback on the clinic, training facility, and instructor.
To provide additional comments or feedback on the clinic, send e-mail to support@mscourseware.com. To inquire about the Microsoft Certification Program, send e-mail to mcphelp@microsoft.com.
Introduction
iii
Document Conventions
The following conventions are used in clinic materials to distinguish elements of the text.
Convention Bold Use Represents commands, command options, and syntax that must be typed exactly as shown. It also indicates commands on menus and buttons, dialog box titles and options, and icon and menu names. In syntax statements or descriptive text, indicates argument names or placeholders for variable information. Italic is also used for introducing new terms, for book titles, and for emphasis in the text. Indicate domain names, user names, computer names, directory names, and folder and file names, except when specifically referring to casesensitive names. Unless otherwise indicated, you can use lowercase letters when you type a directory name or file name in a dialog box or at a command prompt. Indicate the names of keys, key sequences, and key combinationsfor example, ALT+SPACEBAR. Represents code samples or examples of screen text. In syntax statements, enclose optional items. For example, [filename] in command syntax indicates that you can choose to type a file name with the command. Type only the information within the brackets, not the brackets themselves. In syntax statements, enclose required items. Type only the information within the braces, not the braces themselves. In syntax statements, separates an either/or choice. Indicates a procedure with sequential steps. In syntax statements, specifies that the preceding item may be repeated. Represents an omitted portion of a code sample.
Italic
Title Capitals
{} | ... . . .
iv
Introduction
Microsoft Learning offers the following instructor-led products. Each is specific to a particular audience type and level of experience. The different product types also tend to suit different learning styles. These types are as follows: Courses are for information technology (IT) professionals and developers who are new to a particular product or technology and for experienced individuals who prefer to learn in a traditional classroom format. Courses provide a relevant and guided learning experience that combines lecture and practice to deliver thorough coverage of a Microsoft product or technology. Courses are designed to address the needs of learners engaged in planning, design, implementation, management, and support phases of the technology adoption life-cycle. They provide detailed information by focusing on concepts and principles, reference content, and in-depth hands-on lab activities to ensure knowledge transfer. Typically, the content of a course is broad, addressing a wide range of tasks necessary for the job role. Workshops are for knowledgeable IT professionals and developers who learn best by doing and exploring. Workshops provide a hands-on learning experience in which participants use Microsoft products in a safe and collaborative environment based on real-world scenarios. Clinics are for IT professionals, developers and technical decision makers. Clinics offer a detailed how to presentation that describes the features and functionality of an existing or new Microsoft product or technology, and that showcases product demonstrations and solutions. Clinics focus on how specific features will solve business problems.
Introduction
First-look Clinics are products specifically designed to deliver early content or critical information that Product Groups or other internal customers need communicated quickly and broadly. The First Look products convey knowledgebased (not skills-based) information to an audience profile identified as high-level Business Decision Makers. Hands-on Labs provide IT professionals and developers with hands-on experience with an existing or new Microsoft product or technology. Hands-on labs provide a realistic and safe environment to encourage knowledge transfer by learning through doing. The labs provided are completely prescriptive so that no lab answer keys are required. There is very little lecture or text content provided in hands-on labs, aside from lab introductions, context setting, and lab reviews.
vi
Introduction
Microsoft Learning offers a variety of certification credentials for developers and IT professionals. The Microsoft Certification Program (MCP) is the leading certification program for validating your experience and skills, keeping you competitive in todays changing business environment.
MCP Certifications
The MCP includes the following certifications. MCITP The new Microsoft Certified IT Professional (MCITP) credential allows IT professionals to distinguish themselves as experts in their specific area of focus. There is a straightforward upgrade path from the MCDBA certification to the new MCITP credentials. There are currently twelve IT Professional certifications: MCITP: Business Intelligence Developer MCITP: Business Intelligence Developer 2008 MCITP: Consumer Support Technician MCITP: Database Developer MCITP: Database Developer 2008 MCITP: Database Administrator MCITP: Database Administrator 2008 MCITP: Enterprise Messaging Administrator MCITP: Enterprise Project Management with Microsoft Office Project Server 2007
Introduction
vii
MCITP: Enterprise Support Technician MCITP: Enterprise Administrator MCITP: Server Administrator
MCPD The Microsoft Certified Professional Developer (MCPD) credential highlights developer job roles, featuring specific areas of expertise. There is a straightforward upgrade path from the MCAD and MCSD for Microsoft .NET certifications to the new MCPD credential. There are four MCPD certification paths: MCPD: Microsoft Visual Studio 2008 MCPD: Web Developer, Visual Studio 2005 MCPD: Windows Developer on Visual Studio 2005 MCPD: Enterprise Applications Developer on Visual Studio 2005
MCTS The Microsoft Certified Technology Specialist (MCTS) credential enables professionals to target specific technologies and distinguish themselves by demonstrating in-depth knowledge of and expertise in the technologies with which they work. The following list contains the current MCTS certifications: MCTS: .NET Framework 2.0 Web Applications MCTS: .NET Framework 2.0 Windows Applications MCTS: .NET Framework 2.0 Distributed Applications MCTS: .NET Framework 3.5, ADO.NET Applications MCTS: .NET Framework 3.5, ASP.NET Applications MCTS: .NET Framework 3.5, Windows Communication Foundation Applications MCTS: .NET Framework 3.5, Windows Forms Applications MCTS: .NET Framework 3.5, Windows Presentation Foundation Applications MCTS: .NET Framework 3.5, Windows Workflow Foundation Applications MCTS: BizTalk Server 2006 MCTS: Business Desktop Deployment MCTS: Connected Home Integrator MCTS: Designing and Providing Volume Licensing Solutions to Large Organizations MCTS: Designing and Providing Volume Licensing Solutions to Small and Medium Organizations MCTS: Enterprise Project Management with Microsoft Office Project Server 2007
viii
Introduction
MCTS: Microsoft Desktop Optimization Pack, Configuration MCTS: Microsoft Exchange Server 2007 Configuration MCTS: Microsoft Forefront Client and Server Configuration MCTS: Microsoft Internet Security and Acceleration (ISA) Server 2006, Configuration MCTS: Microsoft Office Communications Server 2007, Configuration MCTS: Microsoft Office Groove 2007, Configuration MCTS: Microsoft Office Live Communications Server 2005 MCTS: Microsoft Office PerformancePoint Server 2007, Applications MCTS: Microsoft Office Project 2007, Managing Projects MCTS: Microsoft Office Project Server 2007, Configuration MCTS: Microsoft Office SharePoint Server 2007 Application Development MCTS: Microsoft Office SharePoint Server 2007 Configuration MCTS: Microsoft Office Visio 2007, Application Development MCTS: Microsoft SQL Server 2005 MCTS: Microsoft SQL Server 2005 Business Intelligence MCTS: Microsoft SQL Server 2008, Business Intelligence Development and Maintenance MCTS: Microsoft SQL Server 2008, Database Development MCTS: Microsoft SQL Server 2008, Implementation and Maintenance MCTS: Microsoft System Center Configuration Manager 2007, Configuration MCTS: Microsoft System Center Operations Manager 2007, Configuration MCTS: Microsoft System Center Virtual Machine Manager 2008, Configuration MCTS: Microsoft Team Foundation Server: Configuration and Development MCTS: Microsoft Virtual Earth 6.0, Application Development MCTS: Windows Embedded CE 6.0 Development MCTS: Windows Essential Business Server 2008, Configuration MCTS: Windows Mobile 5.0, Applications MCTS: Windows Mobile 5.0, Implementing and Managing MCTS: Windows Server 2003 Hosted Environments Configuration and Management MCTS: Windows Server 2008 Active Directory Configuration MCTS: Windows Server 2008 Applications Infrastructure Configuration MCTS: Windows Server 2008 Network Infrastructure Configuration MCTS: Windows Server Virtualization, Configuration
Introduction
ix
MCTS: Windows SharePoint Services 3.0 Application Development MCTS: Windows SharePoint Services 3.0 Configuration MCTS: Windows Small Business Server 2008, Configuration MCTS: Windows Vista Configuration
MCDST on Microsoft Windows The Microsoft Certified Desktop Support Technician (MCDST) certification is designed for professionals who successfully support and educate end users and troubleshoot operating system and application issues on desktop computers running the Windows operating system. MCSA on Microsoft Windows Server 2003 The Microsoft Certified Systems Administrator (MCSA) certification is designed for professionals who implement, manage, and troubleshoot existing network and system environments based on the Windows Server 2003 platform. Implementation responsibilities include installing and configuring parts of systems. Management responsibilities include administering and supporting systems. MCSE on Microsoft Windows Server 2003 The Microsoft Certified Systems Engineer (MCSE) credential is the premier certification for professionals who analyze business requirements and design and implement infrastructure for business solutions based on the Windows Server 2003 platform. Implementation responsibilities include installing, configuring, and troubleshooting network systems. MCAD for Microsoft .NET The Microsoft Certified Application Developer (MCAD) for Microsoft .NET credential provides industry recognition for professional developers who use Microsoft Visual Studio .NET and Web services to develop and maintain department-level applications, components, Web or desktop clients, or back-end data services, or who work in teams developing enterprise applications. The credential covers job tasks ranging from developing to deploying and maintaining these solutions. MCSD for Microsoft .NET The Microsoft Certified Solution Developer (MCSD) for Microsoft .NET credential is the top-level certification for advanced developers who design and develop leading-edge enterprise solutions by using Microsoft development tools and technologies as well as the Microsoft .NET Framework. The credential covers job tasks ranging from analyzing business requirements to maintaining solutions.
Introduction
MCDBA on Microsoft SQL Server 2000 The Microsoft Certified Database Administrator (MCDBA) credential is the premier certification for professionals who implement and administer SQL Server 2000 databases. The certification is appropriate for individuals who derive physical database designs, develop logical data models, create physical databases, create data services by using Transact-SQL, manage and maintain databases, configure and manage security, monitor and optimize databases, and install and configure SQL Server. MCP The Microsoft Certified Professional (MCP) credential is for individuals who have the skills to successfully implement a Microsoft product or technology as part of a business solution in an organization. Hands-on experience with the product is necessary to successfully achieve certification. MCT Microsoft Certified Trainers (MCTs) demonstrate the instructional and technical skills that qualify them to deliver Official Microsoft Learning Products through a Microsoft Certified Partner for Learning Solutions (CPLS). Certification Requirements Certification requirements differ for each certification category and are specific to the products and job functions addressed by the certification. To earn a certification credential, you must pass rigorous certification exams that provide a valid and reliable measure of technical proficiency and expertise.
Additional Information: See the Microsoft Learning Web site at http://www.microsoft.com/learning/. You can also send e-mail to mcphelp@microsoft.com if you have specific certification questions.
Introduction
xi
Facilities
xii
Introduction
This section provides you with a brief description of the clinic, objectives, and target audience.
Description
Microsoft Exchange Server 2010 provides several new features, many of which are designed to enhance the user experience with the messaging system. This session will introduce some of the design principles that Microsoft used when designing the new Exchange Server 2010 features. This session will also introduce the new Exchange Server 2010 client access and compliance features. The new Exchange Server 2010 features make it easier for administrators to manage and maintain the messaging environment. The goal of this clinic is to describe new message transport features, the new database and high availability options, and the new administration tools and features. This clinic also provides an overview for upgrading from previous Exchange Server versions to Exchange Server 2010.
Objectives
After completing this clinic, you will be able to: Describe the Microsoft Exchange Server 2010 design priorities. Describe the new Client Access features. Describe the new Message Policy and Compliance features. Describe the new Unified Messaging features. Describe the Federated Sharing features. Describe the new Exchange Server 2010 message transport features. Describe the new Exchange Server 2010 Mailbox server features.
Introduction
xiii
Describe the new Exchange Server 2010 database availability and site resiliency features. Describe the new Exchange Server 2010 administration and management tool features. Describe the process for transitioning from a previous of Exchange Server version to Exchange Server 2010.
Audience
The target audience for this clinic includes the following: The primary audience for this clinic are IT Professional messaging administrators, and messaging engineers who serve as technical decision-makers to evaluate new software, and assess new software capabilities that: Enable new business solutions. Improve IT services. Improve IT operations. These IT technical decision makers have at least three years experience working with Exchange Server, and are familiar with Exchange Server 2003 or Exchange Server 2007 administration, basic Exchange design concepts, and the Exchange Best Practices Analyzer.
xiv
Introduction
Prerequisites
This clinic requires that you meet the following prerequisites: Windows Server 2003 or 2008, including directory services. The Windows XP operating system, or Windows Vista, and Microsoft Office Outlook. Windows-based mobile devices. Asynchronous networking technologies including TCP/IP, messaging transports, and remote access. Storage and Storage Area Networks (SANs), clustering, and load balancing. Basic virtualization concepts (e.g. basic awareness of Microsoft Hyper-V) but are not experienced with the details of Windows Server Hyper-V. General IT operations concepts and procedures including service level management, high availability and disaster recovery, and change management. Understanding of IT security basics, including network authentication, access control, encryption, edge security, malicious software and anti-virus/anti-spam concepts, as well as basic messaging security concepts; however, students are not experts in security or messaging security/privacy/compliance, and do not have more than a cursory awareness of Microsoft Forefront Security for Exchange Server.
Introduction
xv
Familiarity with basic Exchange Management Shell/Windows PowerShell capabilities, but they are not familiar with Windows PowerShell 2.0 that is used by the Exchange Server 2010 Management Shell. Familiarity with Exchange Server 2003 or Microsoft Exchange Server 2007. Not familiar with Unified Communications technologies/solutions, and are not familiar with synchronous communications technologies, VoIP, or voice and data integration technologies. Familiarity with basic concepts of cloud computing and hosted services, but not familiarity with hosted Exchange services.
xvi
Introduction
Clinic Outline
E S A E E L E R R A E W R P FT O S
1-1 1-2 1-11 1-29 1-45 1-51
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Copyright 2009 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Access, Active Directory, ActiveSync, BizTalk, Excel Forefront, Groove, Hyper-V, Internet Explorer, MS, Outlook, PerformancePoint, PowerPoint, SQL Server, Virtual Earth, Visio, Visual Studio, Windows, Windows Live, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Version 1.2
1-1
Session Overview
Introduction
Microsoft Exchange Server 2010 provides several new features, many designed to enhance the user messaging system experience. This session will introduce some of the design principles that Microsoft used when designing the new features in Exchange Server 2010. This session will also introduce the new Client Access and compliance features in Exchange Server 2010. After completing this session, you will be able to describe the Exchange Server 2010: Design goals. New Client Access features. New messaging compliance features. New Unified Messaging features. Federated Sharing features.
1-2
Exchange Server 2010 builds on many of the same concepts and options available in Microsoft Exchange Server 2007. Exchange Server roles were introduced in Exchange Server 2007, along with many new features for high availability, and client access. Exchange Server 2010 continues to use the same server roles, but builds on these to provide a better user experience with the messaging system. After completing this section, you will be able to describe the Exchange Server 2010 roles. You will also be able to describe the three main design goals: Improve flexibility and reliability. Enhance Anywhere Access. Maximize protection and compliance.
1-3
Introduction
Exchange Server 2007 introduced the concept of server roles as a means to separate the functions performed by Exchange Server. Each server role provides a specific set of tasks. The server roles can be deployed on as few as two servers, or distributed across many servers. These server roles are also part of Exchange Server 2010.
1-4
1-5
Introduction
One of the Exchange Server 2010 design goals is to provide improved flexibility and reliability in Exchange deployment.
1-6
Simplified Administration
Exchange Server 2010 provides new self-service capabilities aimed at enabling users to perform common tasks without having to call the helpdesk. The list below describes the new self-service capabilities in Exchange Server 2010: The Exchange Control Panel allow users to update their contact information, track delivery receipt information for their e-mail messages, and even manage their own distribution groups without IT assistance. Utilize the new Exchange Roles-based Access Control model to empower specialist users to perform specific tasks, like giving compliance officers the ability to conduct multi-mailbox searches, without requiring full administrative control.
1-7
Introduction
One of the most significant benefits of using Exchange Server as a messaging server is the variety of clients that can be used to access user mailbox messages. Exchange Server has supported many different messaging clients for several versions. For example, Exchange Server 2007 provided internal access to e-mail Office Outlook as a MAPI client); Web-based access (Outlook Web Access); secure access from the Internet for Outlook clients (Outlook Anywhere Access); to e-mail on mobile devices (Exchange ActiveSync); and automatic configuration for all of the clients (Autodiscover). Exchange Server 2010 builds on this functionality from previous Exchange versions, and provides an even better experience for messaging system users.
1-8
1-9
Introduction
Exchange Server 2010 delivers integrated information loss-prevention and compliance tools aimed at helping you simplify the process of protecting your companys communications and meeting regulatory requirements.
1-10
1-11
Introduction
The Client Access server role in Exchange Server 2007 and Exchange Server 2010 accepts connections to your Exchange server from many different clients. Software clients such as Microsoft Outlook Express and Eudora use POP3 or Internet Message Access Protocol (IMAP4) connections to communicate with the Exchange server. Hardware clients such as mobile phones use ActiveSync, POP3, or IMAP4 to communicate with the Exchange Server. The Client Access server role is required in every Exchange Server 2010 organization. After completing this section, you will be able to: Describe the Client Access server. Describe remote procedure call (RPC) Client Access services. Describe new features in Outlook Web Access. Explore Outlook Web Access and MailTips. Describe new features in Exchange ActiveSync for users. Describe new administrative options for mobile clients. Describe Exchange Control Panel. Explore the Exchange Control Panel.
1-12
Introduction
The Client Access server role provides access to Exchange Server mailboxes for many client types.
Exchange ActiveSync
Exchange ActiveSync lets you synchronize data between your mobile phone and Exchange Server 2010. You can synchronize e-mail, Contacts, Calendar information, and Tasks. Devices that run Windows Mobile software, including Windows Mobile Pocket for Pocket PC 2002, Windows Mobile 2003 software for Pocket PCs, Windows Mobile 5.0 and Windows Mobile 6, or later, are all supported. If you use a device that has either Windows Mobile 5.0 with the Messaging Security and Feature Pack (MSFP) installed or Windows Mobile 6, your mobile phone supports Direct Push. Direct Push is a technology that is built into Exchange ActiveSync, and keeps a mobile device continuously synchronized with an Exchange mailbox. Exchange ActiveSync is licensed to other mobile devices manufacturers and is now available on a large variety of mobile devices.
1-13
Autodiscover Service
Exchange Server 2010 includes a service named the Autodiscover service, that was introduced in Exchange Server 2007. The Autodiscover service configures client computers that are running Outlook 2007. The Autodiscover service can also configure supported mobile devices. The Autodiscover service provides access to Microsoft Exchange features for Outlook 2007 clients who are connected to your Exchange messaging environment.
1-14
Introduction
One the most significant architectural changes in Exchange Server 2010 is that the Client Access server now supports all client connections, including MAPI client connections from Outlook clients. In previous versions of Exchange Server, Outlook configured as MAPI client, has always connected to the mailbox server directly rather than connecting to a front-end or Client Access server. In Exchange Server 2010, all clients connect to the Client Access server role, regardless of the client protocol used.
1-15
1-16
The following new features have been incorporated in Exchange Server 2010 OWA: Support for Firefox and Safari Web Browsers. OWA provides access to user mailboxes through a Web browser. In Exchange Server 2007, these browsers are supported, but provide limited functionality when compared to Microsoft Internet Explorer. In Exchange Server 2010, the functionality across all supported browsers is virtually identical. Conversation View. View conversations together by grouping messages from a single conversation. The new conversation view quickly and easily enables its user to identify the most recent messages, the chain of responses, and provide a preview of each response in a conversation without requiring each message to be opened. Conversation view is always preserved, even if individual e-mail messages are located in different mailbox folders. Conversations can be managed, ignored, moved, and deleted as a whole. Cross mailbox search. Search mailboxes via the Exchange Server 2010 search platform, which uses the improved-upon Exchange Server 2007 technology. Indexing is always up-to-date, and communicates efficiently with the Exchange information store, resulting in fast indexing speed. Search indexing is enabled by default and imposes only a minor tax on system resources, utilizing a small percentage of CPU in steady state. View multiple side-by-side view for calendars. For example, when you need to view a delegates mailbox, you can view both calendars in the same window.
1-17
Integration with Microsoft Office Communicator. including presence, chat, and a contact list. OWA now contains instant messaging integrated into the client. Administrators can choose to connect this to Office Communications Server 2007 R2 (on-site) or the Live Messenger Service (hosted). A users contact list is shown in OWA with colorful indicators to let the user know if their contact is available to chat or not. OWA text messages. Send and receive text (SMS) messages from OWA. Multiple OWA mailbox policies. Create multiple OWA mailbox policies that configure different OWA client access settings in Exchange Server 2010 OWA mailbox policies. You can then assign the policies to user or groups in the organization. Shared contacts. View shared contacts so users can interact with others outside their organization while they are away from their desks. WebReady Document Viewing. This feature is also available in Exchange Server 2007 OWA, converts documents in Microsoft Office Word, Microsoft Office PowerPoint, Microsoft Office Excel, and portable document format (PDF) into HTML so they can be viewed in a Web browser. This means that if a user is on a kiosk that does not have Microsoft Office or Adobe Acrobat installed, he or she can still see the document. Also, the original document does not have to be downloaded, so the user does not leave behind sensitive information after logging off a shared computer.
1-18
In this demonstration, you will see some of the new OWA features, including MailTips.
Key Points
The key points in this demonstration are that: OWA in Exchange Server 2010 has several new features. One of the new features in Exchange Server 2010 is MailTips.
1-19
10. In the Outlook Web Access window, click Calendar. 11. Click the shared calendar icon in the top menu bar, and then click Open a Shared Calendar. 12. In the Name field, type Gretchen, and then click OK twice. 13. Click Work Week. 14. Close Internet Explorer. 15. On SEA-EX1, click Start, click All Programs, click Microsoft Exchange Server 2010, and then click Exchange Management Console. 16. Expand Microsoft Exchange On-Premises, expand Organization Configuration, and then click Client Access. Verify that the Default policy is listed in the Details pane. 17. In the Actions pane, click New Outlook Web Access Mailbox Policy. 18. In the New Outlook Web Access Mailbox Policy page, type Research Policy as the policy name. 19. In the list of features, click Change Password, and then click Disable. 20. Click New, and then click Finish. 21. Right-click Research Policy, and then click Properties. 22. On the Public Computer File Access tab, clear all the check boxes. 23. On the Private Computer File Access tab, clear all the check boxes, and then click OK. 24. In the left pane, expand Recipient Configuration, click Mailbox. 25. In the Mailbox list, double-click Kelly Blue. 26. On the Mailbox Features tab, click Outlook Web Access, and then click Properties. 27. Select the Outlook Web Access mailbox policy check box, and then click Browse. 28. Click Research Policy, and click OK three times. 29. Click Start, point to All Programs, and then click Internet Explorer. 30. In the address field, type https://SEA-EX1.Contoso.com/owa, and then press ENTER. 31. Log on to OWA as Contoso\Kelly using the password Pa$$w0rd. 32. On the Outlook Web Access page, click Options. 33. If prompted for authentication, log on as Contoso\Kelly using the password Pa$$w0rd. 34. In the left pane, click Settings, and then click Password. Close Internet Explorer.
1-20
1-21
Introduction
Like Exchange Server 2007, Exchange Server 2010 offers a fast and reliable e-mail experience using Exchange ActiveSync (Direct Push) technology. Mobile devices that incorporate Exchange ActiveSync maintain a connection with the Exchange server, and receive any new or updated e-mail, Calendar items, Contacts, or Tasks, as soon as they arrive on the server. This push method optimizes bandwidth usage while keeping information up-to-date.
1-22
Unified Messaging Support. The unified Inbox provided by Exchange Unified Messaging is available from mobile devices. Missed call notifications, voice mails, and fax messages, are all synchronized to the users inbox along with regular e-mail. Voice mails can be played via a mobile devices built-in media player, eliminating the need for the user to dial in to the voice mail system. Mobile Calendaring Enhancements and Out-Of-Office. Calendaring improvements in Exchange Server 2010 enable a more complete Outlook experience on a mobile device. Users can forward, reply, or reply all to a meeting request. Meeting organizers can view attendee status from the device so they can see who is attending their next meeting while en route.
1-23
Introduction
Mobile clients can complicate the management of messaging clients because the mobile devices cannot be managed as domain members, and mobile devices are more likely to be lost or stolen. Exchange Server 2010 provides several tools for managing devices.
These features are also provided in Exchange Server 2010. In addition, users can also recover their mobile device passwords through the Options page in OWA.
1-24
Introduction
One of the new features in Exchange Server 2010 is the Exchange Control Panel, which is a Web-based management interface that can be used to enable self-service, and enable users to perform specific management tasks without having access to the entire Exchange management interface. For example, compliance specialists can perform multi-mailbox searches and then export the results to PST files for legal discovery by using the Exchange Control Panel. Users can find out for themselves whether a message they sent to a business partner was received successfully, or blocked by a spam filter.
1-25
In this demonstration, you will see the functionality provided by the Exchange Control Panel.
Key Points
The key points in this demonstration are that: Users can configure their own mailbox settings by using the Exchange Control Panel. Distribution group management can be delegated and managed through the Exchange Control Panel. The Exchange Control Panel can be used to perform cross mailbox searches.
1-26
1-27
16. Under Public Groups I Own, click Marketing, and then click Details. 17. In the Group window, click Membership, and then click Add. 18. In the Select Members window, click Alan Brewer, click Add, and then click OK. 19. Click Save, and then close all open Windows on SEA-CL1.
1-28
21. In the Exchange Control Panel, in the upper-right corner, click My Mail. 22. Log on to the OWA as Contoso\Gretchen using the password Pa$$w0rd. 23. In the navigation pane, under Gretchen Rivas, notice the new discovery folder named Customer ID Discovery. Expand the Customer ID Discovery folder. 24. Note the three folders created that correspond to the mailboxes added to the search criteria. 25. Expand Kelly Blue\Primary Mailbox\Sent Items. Verify that the email was discovered using the search criteria. 26. Expand Jake Zukowski\Primary Mailbox\Inbox. 27. Close Internet Explorer.
1-29
One of the urgent issues in many organizations is policy compliance. Privacy legislation in many countries forced organizations to implement policies for managing customer and employee information. Many organizations have other legal or corporate requirements as well, that set limits on how information must be managed. E-mail is a critical tool for many businesses, and is used as the primary means for exchanging data between employees and external partners or customers. This makes it critical for organizations to have some means of enforcing e-mail compliance requirements. Exchange Server 2010 builds on the tools provided in Exchange Server 2007 to provide more options for doing this. After completing this section, you will be able to: Understand transport rules. Describe message journaling. Describe new features in Messaging Records Management. Describe Discovery. Describe Active Directory Rights Management Services (ADRMS) integration. Describe moderated transport. Describe mailbox archiving. Describe message policy and compliance features.
1-30
Transport Rules
Introduction
Exchange Server 2007 introduced the concept of transport rules, which can be used to monitor messages and apply specific actions to the messages as the messages pass through the Hub Transport server. This functionality has been enhanced in Exchange Server 2010. Now, since all messages must pass through a Hub Transport server, and because any transport rules configured on a Hub Transport server are stored in AD DS, it is easy to configure a rule that applies to all messages sent in the organization.
1-31
1-32
Message Journaling
Introduction
Exchange Server 2007 also enables administrators to record all e-mail messages that enter and leave the organization by providing journaling rules. Journaled messages can be archived to any SMTP address, including an Exchange mailbox, Exchange Hosted Archive, or a third-party archiving solution.
Journaling Enhancements
A journal report is the message that the Exchange Server generates when a message is submitted to the journal mailbox. Journal reports now include additional information such as BCC recipients. The original e-mail message that matches the journal rule is included unaltered as an attachment to the journal report. Journaling flexibility has increased with Exchange Server 2010. In Exchange Server 2007, journaling can be set up on a per-database, per-distribution list, per-user, or organizationwide basis. All messages can be journaled, or just those sent internally or externally. Transport rules may also dictate when to journal based on message sender, recipient, or content. In Exchange Server 2010, transport journaling reduces storage costs by decreasing journal report duplication. If there are no distribution list expansion servers, transport journaling creates only one journal report per message. If a distribution list expansion server exists, no more than one extra journal report (per distribution list expansion server) is created.
1-33
Introduction
Transport rules and journaling rules are applied as messages pass through the Exchange organization. In many cases, organizations also want to apply policies to messages already located in user mailboxes.
Retention Policies
Exchange Server 2010 continues to support Managed Folders, but also introduces Retention Policies as a means to manage messages in user mailboxes. Exchange Server 2010 mailbox items use Retention Tags to apply retention settings. Retention Tags can be applied to mailbox folders and individual items. Retention Tags are associated with a Retention Policy, just as Managed Folders are associated with a Managed Folder Mailbox Policy in Exchange Server 2007. An administrator can assign Retention Tags to default folders such as Inbox, Deleted Items, Junk Mail, Sent Items, etc. Additional tags not associated with default folders can be included in the Retention Policy. Users use tags available to them to tag folders or items. A Default tag associated with the Retention Policy applies to items not manually tagged by the user, or to items in folders that do not have tags applied.
1-34
AutoTagging
Although users can use rules and default tags to automatically assign tags to incoming e-mail, the amount of e-mail that requires user intervention is still a drain on users with high-incoming mail flow. Auto-tagging is designed to reduce this burden from users as much as possible. With the auto-tagging approach, the system creates a machine-learning model to learn from users tagging preferences. Once this is done, the system uses the trained model to assign tags to incoming messages. As long as the model has high prediction accuracy, the amount of messages that requires users intervention can be limited to a small and manageable number.
1-35
Discovery
Introduction
Many organizations need to be able to search mailboxes for specific content while performing compliance audits. In Exchange Server 2007, when administrators search mailbox content, they use the export-mailbox Exchange management shell cmdlet to export the mail to a PST file. The export-mailbox command could be used to search mailboxes for specific criteria such as keywords in the subject or message content, for attachments, or messages received in a specified date range.
Discovery Enhancements
In Exchange Server 2010, the mailbox search functionality is now available through the Mailbox Search Manager in the Exchange Control Panel. The Mailbox Search Manager allows multi-mailbox searches of mailbox items (including e-mail, attachments, Calendar items, Tasks and Contacts) across both primary mailboxes and personal archives. Mail located through a discovery search is copied and moved to a specified mailbox or external store, as defined within the Search Control Panel. Advanced filtering capabilities include: sender, receiver, expiry policy, message size, sent/receive date, cc/bcc and regular expressions.
1-36
Introduction
Another compliance issue for many organizations is that most methods of restricting access to content cannot be applied to the content after the content leaves the organization. Security methods such as firewalls and Access Control Lists (ACLs) help prevent unauthorized access to information. These methods, however, stop protecting the information once the authenticated individual has accessed or received it. For example, when you send an e-mail to someone inside your organization, that user cannot be prevented from forwarding the e-mail to someone outside the organization. With Information Rights Management (IRM), Outlook users can control who reads, copies, or forwards a message, no matter where it is stored. This basic IRM functionality is provided by AD RMS in Microsoft Windows Server 2008. Exchange Server 2010 builds on this functionality, and expands the scenarios by which users and administrators can apply IRM-protection to emailboth inside and outside the organization.
ControlPoint Encryption
New in Exchange Server 2010, ControlPoint Encryption allows an Exchange Administrator to create Transport Rules that apply IRM protection on e-mail that is in transit. Classification is driven through regular expressions, and the available protection is determined by the set of Rights Management Service (RMS) Policy Templates that are available from the RMS deployment used by that organization.
1-37
ControlPoint Pre-Licensing
Pre-licensing was introduced in Exchange Server 2007, which enables offline access to IRM-protected mail, in addition to making it faster to open protected mail from Outlook and Mobile solutions. In this scenario, IRM-protected messages already contain the recipients end-user license (EUL) that is required to decrypt and view the message upon delivery.
1-38
Moderated Transport
Introduction
The Exchange Server 2010 moderated transport feature enables you to require all e-mail messages that are sent to specific recipients, be approved by moderators. You can configure any type of recipient as a moderated recipient, and Exchange Server 2010 Hub Transport servers will ensure that all messages sent to those recipients go through an approval process. In any type of organization, you may need to restrict access to specific recipients. The most common scenario is the need to control messages sent to large distribution groups. Depending on your organization's requirements, you may also need to control the messages sent to executive mailboxes or partner contacts. You can use moderated recipients to accomplish this.
1-39
4. The moderator uses the buttons in the approval request to either accept or reject the message. 5. Store driver marks the moderator's decision on the original message stored in the arbitration mailbox. 6. The Information Assistant reads the approval status on the message stored in the arbitration mailbox, and then processes the message based upon the moderator's decision: If the moderator has approved the message, the Information Assistant resubmits the message to the submission queue, and the message is delivered to the recipient. If the moderator has rejected the message, the Information Assistant deletes the message from the arbitration mailbox, and then notifies the sender that their message was rejected.
1-40
Mailbox Archiving
Introduction
Another compliance issue in many organizations is that much of the information users receive by e-mail is not stored within the e-mail system. Because of mailbox size limits, many users move messages from their mailboxes to PST files, where the messages are not regularly backed up, and are not available for discovery or indexing.
1-41
In this demonstration, you will see how to use the message policy and compliance features in Exchange Server 2010.
Key Points
The key points of this demonstration are that: Transport rules can be used to restrict message flow in an organization. Retention policies define how messages are managed or retained in a user mailbox. By using moderated transport, you can require approval for all messages sent to a mailbox or distribution group.
1-42
1-43
1-44
4. On the Introduction page, in the Name field, type IT Group Moderation. Verify that Enable Rule is selected, and then click Next. 5. Under Conditions in Step 1, select sent to a member of distribution list. 6. Under Step 2, click the distribution list link. 7. In the Specify recipient distribution list window, click Add. 8. In the Select Mail Enabled Group window, select IT, click OK, and then click OK again. 9. Click Next. 10. Under Actions in Step 1, select forward the message to addresses for moderation. 11. Under Step 2, click the addresses link. 12. In the Specify recipients window, click Add. 13. In the Select Recipient window, select Kelly Blue, click OK, and then click OK again. 14. Click Next. 15. On the Exceptions page, under Step 1, select except when the message is from member of distribution list. 16. Under Step 2, click the distribution list link. 17. In the Specify sender distribution list window, click Add. 18. In the Select Mail Enabled Group window, select IT, click OK, and then click OK. 19. Click Next, and then click New. 20. On the Completion page, click Finish. 21. Open Internet Explorer, and then connect to https://SEA-EX1.Contoso.com/owa. 22. Log on to OWA as Contoso\Gretchen using the password Pa$$w0rd. 23. In the Inbox, click New. 24. In the To field, type IT. 25. Type a subject and a short message, and then click Send. 26. On SEA-CL1, open Outlook. Verify that there is a message waiting for Kellys approval. 27. Review the e-mail message and then click Click here to vote. Click Vote: Approve.
1-45
Unified Messaging enables users to receive e-mail, voice mail, and fax services in their e-mail mailbox, and allows users to access mailbox contents by computer or phone. This simplifies the user experience, because they have only a single location to manage for all message types. This also provides more functionality for users because they can use traditional messaging clients to access voice mail or fax messages, and they can use telephone technology to access e-mail messages. Unified Messaging also simplifies the administrators workload because they will need to manage this data in only one location. After completing this section, you will be able to: Describe Unified Messaging in Exchange Server 2007. Describe new Unified Messaging features in Exchange Server 2010.
1-46
Introduction
Unified Messaging in both Exchange Server 2007 and Exchange Server 2010 provides several core features: Call Answering. Call answering provides the capability to answer the telephone and record a message whenever the user is not available. Unified Messaging then delivers the voice mail as a message attachment to the users Exchange Server mailbox, where the user can access the message via computer with Outlook, OWA, or Exchange ActiveSync, or over the phone with Outlook Voice Access. Fax Receiving. Fax receiving provides the ability to answer and receive a fax. The fax appears as a fax message with a .tiff attachment in the users Exchange Server mailbox, and the user can then review and manage it with Outlook or OWA. Office Outlook Voice Access. Exchange Server Unified Messaging provides users with full access to their Exchange Server mailbox from any phone. With Outlook Voice Access, users can use the phone to retrieve their e-mail, voice mail, Calendar, and personal contacts. They also can compose messages, reply to or forward messages, and can accept or decline a meeting. Outlook Voice Access provides some enhanced features, such as a simple Ill be late feature that sends a message to everyone invited to a specific meeting. Outlook Voice Access users can use automatic speech recognition (ASR) or Dual Tone Multi-Frequency (DTMF) to choose options and perform actions when connected to the mailbox.
1-47
Play on Phone Feature. The Exchange Server 2007 Unified Messaging Play on Phone feature lets a Unified Messaging-enabled user listen to a voice message using a telephone instead of playing it over their computer speakers or headphones. If the user receives a voice mail and the user is in a location that is not private or the voice message is confidential, they likely will not want to play their voice message via computer. The Play on Phone Feature enables the user to access the message in Outlook or OWA, and then instruct the Unified Messaging server to call a phone number. When the user answers the phone, the voice message is played. Auto attendant. The auto attendant is a set of voice prompts that gives external users access to the Exchange Server 2007 Unified Messaging system. An auto attendant enables the user, via the telephone keypad or speech inputs, to navigate the menu structure, place a call, or locate and place a call to a person. The auto attendant supports custom prompts, integrates with the GAL, and can have different configurations for business and non-business hours, and holidays.
1-48
Introduction
Exchange Server 2010 provides several important enhancements for Unified Messaging users.
1-49
For Exchange Server 2010, all available language packs contain ASR support.
1-50
1-51
Another important new Exchange Server 2010 feature is federated sharing. With Federated Sharing, a user can collaborate with organizations and users external to the Exchange organization by sharing information such as Free/Busy data or Contacts. Sharing relationships can be established between two organizations, allowing users in both organizations to share information with each other, or ad-hoc sharing between a user and an external recipient. After completing this section, you will be able to: Understand how Federated Sharing works. Understand the Federated Sharing configuration process.
1-52
Introduction
One of the issues that many organizations face is sharing Calendar free/busy information, and Contact information between Exchange Server organizations. Exchange Server 2010 makes it easy to share this type if information within an organization, but the fact that the Exchange Server organization boundary is also the AD DS forest boundary makes it difficult to implement this type of sharing between organizations that are in separate forests.
1-53
Once the connection between the organizations is authenticated using Microsoft Federation Gateway, the Exchange Servers use Exchange Web Services running on a Client Access server in each organization to exchange information. This means that when a user attempts to book a meeting with a contact in a trusted organization, the Client Access server from the users organization contacts a Client Access server in the contacts organization, and then retrieves the contacts free/busy information.
Note: Exchange Server 2010 provides other options for sharing information such as free/busy information between organizations. For example, if both organizations use Exchange Server 2010 or Exchange Server 2007 and Office Outlook 2007, the Availability Service in Exchange Server 2010 can be used to share free/busy and calendaring information between the organizations. If previous Outlook clients, you can also configure public folder replication between the two organization to share the free/busy information.
1-54
There are three major components that must be configured in Exchange Server 2010 to set up Federated Sharing.
Federation Trust
The first step in configuring Federated Sharing is configuring a Federation Trust with Microsoft Federation Gateway. To establish the Federation Trust, configure the Client Access servers that are used by Federated Sharing, with a public trusted certificate. Establish the trust by submitting the organization's public key certificate to Microsoft Federation Gateway, and then downloading the Microsoft Federation Gateway public key certificate.
Organization Identifier
The organization identifier defines which of the authoritative accepted domains in an organization are available for federation. Only users that have e-mail addresses with domain-configured organization identifiers can participate in Federated Sharing. Microsoft Federation Gateway then creates Federated user identifiers within this account namespace when the Exchange organization requests a delegation token for a user. This is transparent to the Exchange organization, and has no impact on existing Windows Live IDs.
1-55
Sharing Relationships
After configuring the Federation Trust, the Exchange Administrator must configure sharing relationships within the Exchange organization. A sharing relationship defines a partnership for Federated Sharing with an external Exchange organization. When you configure the sharing relationship, you can configure: The Federated domain of the external organization that you are sharing information with. The level of sharing. For example, you can configure calendar sharing with free/busy information only, or calendar sharing with free/busy information plus subject and location, or contact sharing. The users that will have this sharing policy applied to their mailbox.
1-56
Session Summary
Exchange Server 2010 provides many new features that enable users to interact more effectively with the messaging system. These include: New client access architecture for Outlook clients that are configured to use MAPI. New client access features that provide more functionality for users accessing their mailboxes from a wide variety of devices and locations. New messaging compliance features that make it easier for organizations to enforce legal or corporate requirements for managing information. New Unified Messaging features that enhance the user experience by using a single mailbox for e-mail, voice mail, and fax communication. The option to configure Federated Sharing between external organizations, to extend the option for booking meetings with external users.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Table of Contents Session Overview Section 1: Message Transport Features Section 2: Mailbox Server Features Section 3: Database Availability and Site Resilience Section 4: Administration and Management Tools Section 5: Transitioning from Previous Versions of Exchange Server Clinic Evaluation
E S A E E L E R R A E W R P FT O S
2-1 2-2 2-14 2-21 2-37 2-49 2-56
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2009 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Access, Active Directory, ActiveSync, BizTalk, Excel Forefront, Groove, Hyper-V, Internet Explorer, MS, Outlook, PerformancePoint, PowerPoint, SQL Server, Virtual Earth, Visio, Visual Studio, Windows, Windows Live, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Version 1.2
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-1
Session Overview
Introduction
This session provides a description of some of the new Microsoft Exchange Server 2010 features that make it easier for administrators to manage and maintain the messaging environment. Also included in this session is a description of the new message transport features, the new database and high availability options, and the new administrator tools and features. Finally, this session provides an overview of the process for upgrading from a previous Exchange Server version to Exchange Server 2010. After completing this session, you will be able to describe in Exchange Server 2010: The new message transport features. The new Mailbox server features. The new database availability and site resiliency features. The new administration and management tool features. The process for transitioning from a previous Exchange Server version.
2-2
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
One of the most important Exchange Server 2010 design goals is to make the messaging system more resilient to points of failure. Many of the changes that have been made to the message transport features in Exchange Server 2010 have this same focus. This section describes the shadow redundancy feature in Exchange Server 2010, and describes other new message transport features.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-3
Introduction
Shadow redundancy in Exchange Server 2010 ensures that messages can be delivered in the event of a Transport server failure.
2-4
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-5
Introduction
With shadow redundancy, messages are queued on multiple transport servers until the message has been delivered. Then the messages are deleted from the queues on all transport servers.
2-6
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
d. The Hub Transport server acknowledges the receipt of message, and records the Edge Transport servers name for sending discard information for the message. e. The Edge Transport server moves the message to the shadow queue, and marks the Hub Transport server as the primary server. The Edge Transport server becomes the shadow server. 3. The Hub Transport Server delivers the message to the next hop, in this case, to a Mailbox server. a. The Hub Transport server notifies the Mailbox server that it has a message waiting for the Mailbox server. b. The Mailbox server retrieves the message and notifies the Hub Transport server of successful submission to the user mailbox. c. The Hub Transport server updates the discard status for the message as delivery complete. 4. The Edge Transport server queries the Hub Transport server for discard status (success case). a. At end of each SMTP session with the Hub Transport server, the Edge Transport server queries the Hub Transport server for discard status on messages previously submitted. If Edge Transport server has not opened any SMTP sessions with the Hub Transport server after the initial message submission, after a specific amount of time it opens an SMTP session just to query for discard status. b. The Hub Transport server checks the local discard status, sends back the list of messages that have been delivered, and removes the discard information. c. The Edge Transport server deletes the list of messages from its shadow queue. 5. The Edge Transport server queries the Hub Transport server for discard status and resubmits the message (failure case). a. If the Edge Transport server cannot contact the Hub Transport server, the Hub Transport server resumes the primary server role and resubmits the messages in the shadow queue. b. Resubmitted messages are delivered to another Hub Transport server, and the shadow queue is used again to track message delivery.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-7
Shadow redundancy provides the following benefits: It eliminates reliance on any specific Hub or Edge Transport server. As long as redundant message paths exist in your routing topology, any transport server becomes disposable. If a transport server fails, you can simply remove it from production without worrying about emptying its queues or losing messages. If you want to upgrade a Hub or Edge Transport server, you can bring that server offline at any time without the risk of losing messages. It eliminates the need for redundancy in Transport servers storage hardware. It consumes less bandwidth than creating duplicate copies of messages on multiple servers. The only additional network traffic generated with shadow redundancy is the exchange of discard status between transport servers. Discard status is the information each transport server maintains, which indicates when a message can be discarded from the transport database.
2-8
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Key Points
The key points of this demonstration are: Shadow redundancy ensures that message copies are stored on multiple Transport servers in an Exchange Server 2010 environment. Messages in shadow queues are cleaned up when the messages are delivered to the destination server.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-9
9. On SEA-DC1, click Start, point to Administrative Tools, and then click Services. 10. Locate the Simple Mail Transfer Protocol (SMTP) service, verify that the service is set for Manual start, and that it is not started. 11. On SEA-EX1, click Start, point to All Programs, and then click Internet Explorer. 12. In the address field, type https://SEA-EX1.Contoso.com/owa, and then press ENTER. 13. Log on to OWA as Contoso\Kelly using the password Pa$$w0rd. 14. In the Inbox, click New. 15. In the To field, type Gregory@Adatum.com. 16. Type a subject and a short message, and then click Send. 17. On SEA-Edge1, in the Exchange Management Console, click Toolbox. 18. Double-click Queue Viewer. 19. Double-click the queue with the Next Hop Domain of [10.10.0.10]. 20. Verify that the message from Kelly is in the queue. 21. On SEA-Ex1, in the Exchange Management Console, click Toolbox. 22. Double-click Queue Viewer. 23. Double-click the queue with the Next Hop Domain of sea-edge1.Contoso.com. 24. Verify that the message from Kelly is in the queue. 25. On SEA-DC1, in the Services console, right click the Simple Mail Transfer Protocol (SMTP) service, and then click Start. 26. On SEA-Edge1, in Queue Viewer, click the Queues tab, right-click the queue with the Next Hop Domain of [10.10.0.10], and then click Retry. 27. In the Actions pane, click Refresh, and then verify that the message is delivered.
2-10
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Transport Dumpster
Introduction
Exchange Server 2010 introduces a new, more reliable and more efficient process for managing the transport dumpster.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-11
In Exchange Server 2007, messages stayed in the transport dumpster in a cluster continuous replication (CCR) or in a standby continuous replication (SCR) highavailability solution, based on the transport dumpster size. This could lead to inefficient replays of transport dumpsters in the event of a lossy failover, as well as increasing the disk activity on the Hub Transport server. Also, in a lossy failover, if the size of the log files that was not shipped in a lossy failover exceeded the transport dumpster size, the messages were not recovered. With Exchange Server 2010, the transport dumpster is redesigned so that when messages that are in the dumpster are replicated to all copies of the mailbox databases, they are removed from the dumpster. This ensures that only messages that are not yet replicated to all Exchange Servers with a copy of the mailbox database remain in the dumpster, thus ensuring a more efficient replay in the event of a lossy failover.
2-12
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
The Edge Transport server in Exchange Server 2010 provides the same functionality as the Edge Transport server in Exchange Server 2007. However, the edge synchronization process has been updated.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-13
Because AD DS and AD LDS both use Lightweight Directory Access Protocol (LDAP), and because both directory services use the Exchange Server 2010 schema, you can replicate data from AD DS to AD LDS. This replication is established when you subscribe an Edge Transport server to an Active Directory site. The Edge Subscription process enables the Hub Transport servers in that site to use the Microsoft Exchange EdgeSync service to synchronize recipient and configuration data from AD DS to the AD LDS instance on the Edge Transport server. The Microsoft Exchange EdgeSync service performs scheduled updates so that the information in AD LDS remains current. Several data types are replicated from AD DS to AD LDS: Edge Subscription information Configuration information Recipient information Topology information
2-14
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Some of the most significant Exchange Server 2010 changes are changes made to the Exchange Server 2010 Mailbox server role. These changes make it possible for organizations to deploy mailbox databases to less expensive and lower-performing storage. This means that organizations can deploy much larger mailboxes for their users without greatly increasing the storage costs. This section describes the new Exchange Server 2010 Mailbox database features.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-15
Exchange Server 2010 provides the following new features related to mailbox databases: Storage groups have been removed. In Exchange Server 2010, mailbox and public folder databases are no longer associated with storage groups. Each database maintains its own set of log files. Mailbox databases are no longer associated with specific Mailbox servers. This means that you create mailbox databases at the organization level within the Exchange Server Management Console. This also means that all mailbox databases are completely portable; that is, you can move any mailbox database from one server to another without issues. Input/output (I/O) reductions. The database store schema has been redesigned in Exchange Server 2010 to decrease the number of times that the Exchange server must access the hard disks storing the mailbox databases. In previous Exchange Server versions, mailbox database access is characterized by many random and small disk I/Os, as the Mailbox server reads and writes database pages that are scattered throughout the database. In Exchange Server 2010, the goal is to reduce disk I/O by ensuring that each disk I/O reads or writes more data, and that it performs as many tasks as possible on sequential database pages. Exchange Server 2007 delivered a 70% reduction in disk I/O from Microsoft Exchange Server 2003. Exchange Server 2010 delivers an additional 70% reduction in disk I/O from Exchange Server 2007 levels.
2-16
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Automatic page patching. When minor disk faults cause corruption, Exchange Server 2010 automatically repairs the affected database pages using one of the database copies configured for high availability. When an entire drive fails, fast database-level failover makes it possible for administrators to swap failed drives with minimal impact to users.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-17
In this demonstration, you will see how mailbox databases are managed and created in Exchange Server 2010.
Key Points
The key points of this demonstration are: Mailbox databases are no longer associated with Mailbox database servers. Mailbox databases must have unique names and storage locations to ensure database mobility.
2-18
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
8. Expand Configuration, expand CN=Configuration, DC=Contoso, DC=com, expand CN=Services, expand CN=Microsoft Exchange, expand CN=ContosoOrg, expand CN=Administrative Groups, expand CN=Exchange Administrative Group, and then expand CN=Databases. 9. In the left pane, click the first mailbox listed in the container. 10. Expand CN=Servers, and in the left pane, click CN=SEA-EX1. Notice that there are no database settings associated with the Mailbox server. 11. Leave ADSI Edit open. 12. In the Exchange Management Console, under Organization Configuration, click Mailbox. 13. In the Actions pane, click New Mailbox Database. 14. On the New Mailbox Database page, in the Mailbox database name box, type MDB3. 15. Beside the Server name field, click Browse. In the Select Mailbox Server dialog box, click SEA-EX1, click OK, and then click Next. 16. On the Set Paths page, beside the Database file path, click Browse. 17. In the Exchange Database dialog box, browse to drive C, create a new folder named MDB3, click Open, and then click Save. 18. On the Set Paths page, next to Log folder path, click Browse. 19. In the Browse for folder dialog box, browse to C:\MDB3, click OK, and then click Next. 20. On the New Mailbox Database page, click New, and then click Finish. 21. Under Recipient Configuration, click Mailbox. 22. In the results pane, press the Ctrl key, and then click five mailboxes. In the Actions pane, click Move Mailbox. 23. In the Move Mailbox wizard, next to Mailbox database, click Browse. 24. In the Select Mailbox Database dialog box, click MDB3, click OK, and then click Next. 25. On the Move Options page, click Next. 26. On the Move Schedule page, click Next. 27. On the Move Mailbox page, click Move, and then click Finish.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-19
Introduction
Like Exchange Server 2007, you can deploy an Exchange Server 2010 organization without public folders as long as you have Microsoft Office Outlook 2007 or later messaging-clients. However, if you choose, public folders are also supported in Exchange Server 2010.
2-20
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-21
Introduction
Perhaps the biggest Exchange Server 2010 changes are providing high availability for Mailbox servers. Exchange Server 2007 provides several new features that enabled high availability for Mailbox servers; now these features are enhanced in Exchange Server 2010. One of the primary Exchange Server 2010 design goals in is to make high availability less expensive and easier to implement.
2-22
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
Exchange Server 2007 provides some significant new options for enabling high availability for Mailbox servers. In previous Exchange Server versions, installing Exchange Servers on Microsoft Windows Server clusters was the only option for providing high availability for servers managing Exchange Server mailboxes. However, Windows Server clustering requires specialized deployment hardware and skills, and does not provide data-level redundancy.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-23
Cluster Continuous Replication (CCR). CCR is similar to LCR in that you create and maintain a second passive Exchange Server data copy; however, with CCR, the passive storage group copies are stored on another computer running Exchange Server 2007 in a Windows failover cluster. To configure CCR, you must install Exchange Server 2007 on a computer running the Windows Server2003 operating system with Windows Clustering Service enabled, or running Windows Server 2008 with the failover cluster feature installed. CCR is frequently deployed to provide failover protection for Mailbox servers deployed in the same data center. Standby Continuous Replication (SCR). SCR is a new feature introduced in Exchange Server 2007 Service Pack 1 (SP1). SCR uses the same log shipping and replay technology that LCR and CCR use to copy the mailbox database to one or more Mailbox servers. However like LCR, when the server hosting the active database copy (called a source copy in SCR) fails, you must configure clients manually to start using the target copy on another server. SCR is frequently deployed to provide failover protection for Mailbox servers deployed in different data centers. Single Copy Clusters (SCC). SCC is the Exchange Server 2007 term for a type of Exchange Server failover clustering that is similar to what was present in previous Exchange Server versions. In a SCC deployment, a single copy of the Exchange Server databases and transaction logs is stored on a shared set of disks. You can access data on the shared-disk set through one of the nodes. If one of the nodes fails, the Exchange Server services fail over automatically to another node so that users experience a minimal disruption in service availability. If the data storage disks fail, this solution requires that you restore the databases from backups.
2-24
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
In Exchange Server 2010, the Exchange Server 2007 CCR and SCR high availability options are combined and replaced by the concept of a DAG. A DAG is a defined group of Mailbox servers that provide automatic database-level and server-level recovery. You can deploy a DAG with servers in multiple locations and enable database replication between database copies on as many as 16 Mailbox servers. The key new Exchange Server 2010 features for improving high availability are: The Windows failover clustering technology is used by Exchange Server 2010, but it is now completely transparent. Exchange Server administrators do not need to install, build, or configure any aspects of failover clustering when deploying highly-available Mailbox servers. In previous Exchange Server versions, cluster administration was handled outside of the Exchange Server console. Exchange Server 2010 now provides an integrated cluster management experience for administrators. Each Mailbox server can host as many as 100 databases, and each database can have as many as 16 copies. This provides a great deal of flexibility as you plan distribution for highly-available mailbox databases.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-25
In Exchange Server 2007, in order to provide high availability, you have to deploy Exchange Server Mailbox servers as dedicated servers; you could not install any other Exchange Server roles on clustered Mailbox servers. This meant that to deploy a fully redundant Exchange Server deployment, you had to deploy at least four computers. In Exchange Server 2010, you can install other Exchange Server roles on the servers that are hosting the highly available Mailbox servers at any time. This means that you can deploy a fully-redundant Exchange Server deployment by deploying only two servers. Shadow redundancy also provides an important component in a highly available Exchange Server 2010 deployment. Shadow redundancy provides message redundancy the entire time the messages are in transit.
2-26
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Continuous Replication
Introduction
Continuous replication in Exchange Server 2007 and Exchange Server 2010 uses a log shipping mechanism to update Exchange Server database copies on other servers.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-27
Database copies are for mailbox databases only. For public folder database redundancy and high availability, you should use public folder replication. Unlike Exchange Server 2007 CCR where multiple public folder database copies could not exist in the same cluster, you can now use public folder replication to replicate public folder databases between servers in a DAG. The replicated logs transaction log replay can be delayed. When you deploy SCR in Exchange Server 2007, you can delay the time when the transaction logs are applied to the destination database. This functionality is now available in Exchange Server 2010 for any or all DAG copies.
2-28
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
The underlying concept for configuring Exchange Server 2010 mailbox databases high availability is now the database availability group.
What Is a DAG?
A DAG is a container object that is created in AD DS, to which you can add up to 16 Mailbox servers that provide automatic database-level recovery from failures. Any server in a DAG can host a mailbox database copy from any other DAG server. When a server is added to a DAG, it works with the other servers in the DAG to provide automatic recovery from failures that affect mailbox databases, such as a disk failure or server failure. When you configure a DAG, you have complete control over where each individual database is replicated. For example, if you have six Mailbox servers hosting a total of 20 mailbox databases, you could configure three copies of each database. You could configure each server to host three or four of the active databases, and distribute the passive database copies across all of the other Mailbox servers.
Important: Because of the flexibility in distributing databases between multiple servers, database names for Exchange Server 2010 must be unique within the Exchange Server organization. Also, when a mailbox database is configured with one or more database copies, the full path for all database copies must be identical on all Mailbox servers that host a copy.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-29
Introduction
DAGs rely on the failover clustering feature in Windows Server 2008; yet almost all of the failover clustering configuration complexity is handled automatically by the DAG creation process.
Creating a DAG
When an administrator creates a DAG, it is initially empty, and an object is created in AD DS that represents the DAG. The directory object stores relevant information about the DAG, such as server membership information. When the first Mailbox server is added to a DAG, the following occurs: The Windows failover clustering component installs, if it is not already installed. A failover cluster is created using the name of the DAG. A cluster network object (CNO) is created in the built-in Computers container. An Internet protocol (IP) address assigns to the DAG. The DAG name and IP address registers as a Host (A) record in DNS.
Note: DAGs use the Windows failover clustering cluster heartbeat, cluster networks, and the cluster database, for storing data that changes or can change quickly. Because DAGs rely on Windows failover clustering, they can only be created on Exchange Server 2010 Enterprise Edition Mailbox servers that are running Windows Server 2008 Enterprise or Windows Server 2008 Datacenter. In addition, each DAG Mailbox server must have at least two network interface cards in order to be supported.
2-30
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-31
Active Manager
Introduction
DAGs use a new Exchange Server 2010 component called Active Manager. Active Manager includes functionality that replaces the cluster service failover management features in previous Exchange Server versions.
2-32
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
In this demonstration, you will see how you can configure a DAG, monitor continuous replication, and force a mailbox database switchover.
Key Points
The key points of this demonstration are: You can configure a DAG after you have deployed Exchange Servers with multiple installed server roles. After creating a DAG, you can create copies of any mailbox databases stored on DAG servers. Mailbox servers use continuous replication to update all mailbox database copies. You can manually force a mailbox database switchover to another DAG server. Creating a DAG automatically creates all required Active Directory and failover clustering objects. DAGs use log shipping to update all mailbox database copies.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-33
2-34
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-35
Introduction
Exchange Server 2010 changes to the Mailbox server role and the new high availability features create some interesting options when planning Mailbox server deployments.
Site Resiliency
Because a DAG can have multiple Mailbox servers, and each database copy can have multiple copies, it is easy to provide both single site redundancy and multi-site redundancy. When you configure a DAG, you can include Mailbox servers from the local data center as well as Mailbox servers in a failover data center. Each mailbox database can have one or more copies in the local and the remote datacenters.
2-36
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-37
Introduction
In addition to functional changes, Exchange Server 2010 also includes some significant changes in how you will administer the Exchange Server environment. One of the important new Exchange Server 2010 features is Role-Based Access Control (RBAC) which enables you to assign permissions at a much more granular level than was possible in previous Exchange Server versions. Windows PowerShell command-line interface, and by extension, Exchange Management Shell also have upgrades in Exchange Server 2010.
2-38
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
RBAC is the new Microsoft Exchange Server 2010 permissions model. RBAC enables you to more closely align the roles you assign users and administrators, to the actual roles they hold within your organization. In Microsoft Exchange Server 2007, the server permissions model applies only to the administrators that manage the Exchange Server 2007 infrastructure; RBAC now controls both the administrative tasks that can be performed and the extent to which users can now self-administer themselves.
RBAC Components
RBAC controls through management roles, assignments, and scopes, who can access what, and where. RBAC uses the following components: Management role. A management role is a container for a grouping of management role entries which are used to define the tasks that can be performed by those who are assigned the role using management role assignments. Management role entries. A management role entry is a cmdlet, including its parameters that you add to a management role. By adding a cmdlet or parameter to a role as management role entries, you are granting rights to manage or view the objects associated to that cmdlet or parameter. Management role assignment. A management role assignment assigns a management role to a user or universal security group. Once you create a management role, you must assign it to a user or group so they can make use of it. Assigning a management role to a user or group grants them the ability to use the cmdlets and parameters defined in the management role.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-39
Management role scope. A management role scope is the scope of influence or impact that the person has, once assigned a management role. When you assign a management role, you can use management scopes to target specifically what objects that assignment should control. This can be servers, organizational units, filters on servers or recipient objects, and more.
RBAC Examples
RBAC defines who can perform specific tasks and defines the scope within the Exchange Server organization where the administrators can perform those tasks. For example, you can use RBAC to assign permissions as shown in the following table:
Management role OrganizationManagement SalesDistributionGroups Management role entries All Exchange cmdlets Cmdlets related to distribution group management only Cmdlets related to mailbox and user account management Management role assignments ExchangeAdmins group Sales Managers group HelpDesk group Management role scope Organization Sales department Organizational Unit (OU) in AD DS OUs containing recipient objects
HelpDesk
2-40
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
Exchange Server 2010 includes several management roles by default. These built-in roles provide you with a pre-configured set of roles that you can assign to various administrator and user types in your organization. You cannot modify either the built-in management roles, or the management role entries that you configure on them. However, you can modify the scope of built-in management roles that are assigned to users. You can also assign the built-in roles to users or universal security groups.
Management Roles
Exchange Server 2010 provides the following administrative roles:
Management role DiscoveryManagement Description Administrators assigned this role can perform Exchange Server organization mailbox searches for data that meets specific criteria. Administrators assigned this role configure global address list (GAL) synchronization between two organizations, or between an on-premises deployment and a hosted deployment. Administrators assigned this role have administrative access to the entire Exchange Server 2010 organization, and can perform almost any task against any Exchange Server 2010 object.
GALSynchronizationManagement
OrganizationManagement
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-41
(continued)
Management role RecipientManagement Description Administrators assigned this role can create or modify Exchange Server 2010 recipients within the Exchange Server 2010 organization. Administrators assigned this role can manage the Unified Messaging (UM) features in the Exchange Server organization. Administrators assigned this role can manage UM prompts and auto attendant configuration on Exchange Server organization UM servers. Administrators assigned this role can manage Exchange Server organization recipient UM properties. Administrators assigned this role can view the properties of any Exchange Server organization object. The administrator cannot modify any object properties. MyDistributionGroups Users assigned this role can modify and create distribution groups, and modify and remove distribution groups that they own. Users assigned this role can add or remove themselves from distribution groups that allow users to manage their own membership. Users assigned this role can manage various aspects of their own mailbox profile or configuration. This role can be used to allow third-party scripts and thirdparty cmdlets to be run by users or administrators who are assigned the role.
UMManagement
UMPromptManagement
UMRecipientManagement ViewOnlyOrganizationManagement
MyDistributionGroupMembership
MyOptions CustomScripts
2-42
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
In addition to the built-in management roles, you can also create custom management roles to delegate specific permissions within the Exchange Server organization. Use this option when you need to limit permissions beyond what is available with the built-in management roles.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-43
3. Create a role assignment with an OU scope. You are now ready to assign user or group accounts to the management role and to assign the scope to the role. To do this, use a command such as: New-ManagementRoleAssignment Name BranchOfficeAssignment role BranchOfficeAdmins User BranchOfficeAdmins DomainOrganizationalUnitRestriction Contoso.com/BranchOffice.
2-44
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
Exchange Server 2007 introduced the Exchange Management Console and the Exchange Management Shell as the primary tools for managing an Exchange Server deployment. The Exchange Management Console is a graphical Microsoft Management Console (MMC)-based administration tool that provides wizards for configuring most Exchange Server objects. The Exchange Management Shell is a command-line interface based on Windows PowerShell that allows administrators to automate routine and repetitive tasks using scripts. Administrators can use the Exchange Management Shell to manage all Exchange Server objects and settings.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-45
PowerShell Command Log. The PowerShell Command Log records the Windows PowerShell commands that you execute in the Exchange Management Console. For example, if you view the list of mailbox node recipients, you execute the GetRecipient cmdlet and the PowerShell Command Log records that action. Send Mail. You can now send mail to a recipient from Exchange Management Console. You must first set up an e-mail account on the computer from which you are sending mail before you can send mail.
2-46
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
In this demonstration, you will see how you can manage an Exchange Server 2010 environment by using the Exchange Server management tools.
Key Points
The key points of this demonstration are: The Organizational Health report in the Exchange Management Shell provides an entire Exchange Server organization overview. The PowerShell Command Log displays all the commands that have been run via the Exchange Management Shell. Exchange Management Shell can be used to manage remote Exchange Servers.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-47
2-48
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-49
Introduction
Many organizations are already running a messaging system, and many have already deployed previous Exchange Server versions. For these organizations, a transition to Exchange Server 2010 messaging environments is required. This section introduces supported transition scenarios, and briefly describes the process for upgrading from your current Exchange Server deployment to Exchange Server 2010.
2-50
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
Exchange Server 2010 supports coexistence, and transitioning from both Exchange Server 2003 and Exchange Server 2007.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-51
Note: When transitioning from Exchange Server 2007, all Exchange Server 2007 Client Access servers in the organization must be upgraded to Service Pack 2. All Exchange Server 2007 servers in an Active Directory site must be upgraded to Service Pack 2 before installing an Exchange Server 2010 server in the site. Exchange Server 2007 Service Pack 2 includes all the schema changes that are required in Exchange Server 2010.
After you deploy a new Exchange Server 2010 organization, you cannot add servers to the organization that are running earlier Exchange Server versions. The addition of earlier versions of Exchange Server to an Exchange organization that includes only Exchange Server 2010 servers is not supported.
2-52
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Introduction
When deploying Exchange Server 2010 in a supported Exchange Server organization, you must follow a specified process during the transition.
2. Install Exchange Server 2010 Hub Transport server. When you install the Hub Transport server in an Exchange Server 2003 environment, you are prompted for the name of an Exchange Server 2003 computer that will operate as a routing group bridgehead server between the Exchange Server 2003 routing group and the Exchange Server 2010 routing group. Exchange Server 2010 no longer uses routing groups to manage message routing, but all Exchange Server 2010 servers are installed in a routing group for backwards compatibility.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-53
3. Install Exchange Server 2010 Unified Messaging servers. If you have deployed UM in Exchange Server 2007, add the Exchange Server 2010 Unified Messaging Server to one of your organizations dial plans. 4. Install the Exchange Server 2010 Mailbox servers. Once the rest of the infrastructure is in place, you can deploy the Exchange Server 2010 Mailbox servers and start moving mailboxes and public folders to the new servers. For organizations with multiple sites, there are typically two types of Active Directory sites: Internet-accessible sites, and non-Internet accessible sites. A single Exchange Server organization may have one or more Internet-accessible sites. When transitioning Active Directory sites, Internet-accessible sites should be transitioned before non-Internet accessible sites.
2-54
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
4. Remove the Exchange Server 2007 Client Access Servers, or the Exchange Server 2003 front-end servers. Users who connect to their mailboxes by using non-MAPI clients must be able to communicate with a Client Access Server or front-end server that is the same Exchange Server version as the server hosting the user mailbox. After the last mailbox and public folder is removed from the Exchange Server 2007 or Exchange Server 2003 Mailbox server, you may remove all other Exchange Server 2007 or Exchange Server 2003 servers in the Active Directory site.
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
2-55
Session Summary
Exchange Server 2010 provides many new features that enable administrators to plan and implement a more robust Exchange Server 2010 deployment. These include: New message transport features such a shadow redundancy, that improve message transfer resiliency. Significantly reduced I/O on Mailbox servers, which makes it possible to consider less expensive storage solutions. New high availability features for Mailbox servers that make it easier and less expensive to deploy a fully redundant messaging system. A new permissions model and new administration tools that provide more flexibility in how you will manage the Exchange Server environment. A transition path for upgrading your current Exchange Server deployment to Exchange Server 2010.
2-56
Session 2: Microsoft Exchange Server 2010 Enhancing the Exchange Administrator Experience
Clinic Evaluation
Your evaluation of this clinic will help Microsoft understand the quality of your learning experience. Please work with your training provider to access the clinic evaluation form. Microsoft will keep your answers to this survey private and confidential and will use your responses to improve your future learning experience. Your open and honest feedback is valuable and appreciated.