Exchange 2010 Installation Considerations Part 2

More requirements for Exchange 2010:

Your Forest is required to be running at Server 2008 R2 Forest Functional Level.

x64 based hardware is required.

There is no in-place upgrade for Exchange 2007 to 2010.

It’s always important to map out your network prior to installing servers.

Consider your existing infrastructure and the needs of the company.

Discuss your design and deployment goals for using Exchange 2010.

Review the order of your deployments and consider the physical network layout and network connection speeds.

The following table shows minimum CPU core requirements for Exchange 2010 components:

Exchange2010_Cores
Click image to enlarge

The following table shows the minimum memory requirements for Exchange 2010:

Exchange2010_Memory
Click Image to Enlarge

Exchange Server 2010 is available in two different editions: Standard and Enterprise

The edition is determined by the product key, however, when installing as a trial version it will be running as Enterprise Edition.

The Exchange Management tools can run on Windows 7, Windows Vista with Service Pack 2, Server 2008 SP2, Windows Server 2008 R2.

Standard Edition – Limited to 5 Databases per server

Enterprise Edition – Can run up to 100 databases per server (previous editions both standard and enterprise allow database availability groups (High Availability) but require cluster which require Enterprise Edition of Server 2008 Enterprise.

Client Access Licensing (CAL’s) also come with both Standard and Enterprise versions. Sometimes the type of license will limit clients. For example, mobile devices without the correct license may not be able to use certain features.

Prerequisites: Use the powershell commandlet or Server Roles and Features to install prerequisites. Different Exchange roles will have certain requirements. Eg. the UM role requires the Desktop Experience feature installed.

 

More Hardware Requirements:

Processor(s): x64 Intel or AMD

Memory: can change due to different role being installed, but typically 4GB min per server. If combining roles, 8GB. Add 2-10MB memory per mailbox. The maximum memory for a Mailbox role is 64GB

Disk Space: For the Mailbox Role, you will need a minimum of 1.2GB to install Exchange.

Server OS: Server 2008 or Server 2008 R2

Prerequisites for Server 2008 SP2

  1. .NET Framework 3.5 SP1
  2. Install the .NET Framework 3.5 Family Update
  3. Windows Remote Management (WinRM) 2.0 here: http://support.microsoft.com/kb/968929
  4. PowerShell v2
  5. For Hub Transport and MailBox servers, install the MS Filter Pack. *Note: On Exchange 2010 RTM, you can meet the prerequisite by installing 2007 Office System Converter: Microsoft Filter Pack. However, MS recommends that you upgrade to the Microsoft Office 2010 Filter Packs.
  6. From an elevated command prompt, from the Scripts folder, issue the following commands:
  • Sc config NetTCPPortSharing start auto
  • ServerMangerCmd -ip Exchange-Typical.xml -Restart

7.  With the Unified Messaging role type:

  • ServerManagerCmd -i Desktop-Experience

Some useful tools in the scoping and stress testing of Exchange are:

1. Risk and Health Assessment Program for Exchange Server (ExRAP) – Scoping Tool v1.5 http://www.microsoft.com/download/en/details.aspx?id=20857

2. Planning and deployment guide: http://technet.microsoft.com/en-us/library/aa995902.aspx *Especially the Mailbox Server Storage Design

3. Install and run Jetstress on your hardware prior to deployment

The documentation for the Exchange Server 2010 version of Jetstress is available on TechNet at the following location.

http://technet.microsoft.com/en-us/library/ff706601.aspx

 

Version Build Usage Link
14.01.0225.017 32 bit
  • Exchange 2003[1]
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=6c9c1180-4dd8-49c4-85fe-ca1cdcb2453c&displayLang=us
14.01.0225.017 64 bit
  • Exchange 2007
  • Exchange 2010
http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=13267027-8120-48ed-931b-29eb0aa52aa6

Table 1 – Jetstress version and download table



[1] Refer to Appendix D – Exchange 2003 for information on configuring Jetstress 14.01.225.x for Exchange 2003

 

 

 

A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

 

Exchange Server 2010 Overview Part 1

Microsoft’s Exchange Server:

Email is a mission critical tool for business. How do you provide that capability? Hosted, in-house, BPOS? There are many options. With Exchange you gain the following:

  • A reliable and flexible messaging platform for business communications.
  • Provides e-mail capabilities
  • Also provides calendar access and contact management
  • Users can have access to their communications anywhere; through their browser, mobile device, or their Outlook client.

Exchange 2010 adds the following:

  • Provides the email typical for Exchange that we’ve come to expect. Some features are the same as Exchange 2007, but new features are notable.
  • Continues the Server Roles for your organization’s deployment strategy. (5 Roles)
  • Includes High Availability and Site Resilience
  • Allows Unified Communications through the Unified Messaging Server Role that will give users a Universal Inbox (fax’s, voicemail, etc)

5 Server Roles: – Prior to Exchange Server 2010, you installed the entire Exchange infrastructure on an Exchange Server. Eg. if a Front-end server was only needed, you still had to install the entire Exchange Infrastructure. Now you have a lighter footprint with Roles. Server 2008 also uses Roles and Features.

  • The Mailbox Role: user mailboxes with mailbox DB’s. Also contains public folders.
  • Client Access Role: connection point for all users to their mailboxes internally or externally. (MAPI, OWA, Outlook Anywhere, ActiveSync, IMAP/POP)
  • Hub Transport Role: Flow of traffic to and from the Mailbox server. (These first 3 roles need to be installed in order for Exchange to work, but not necessarily on the same server.)
  • Optional Role – Unified Messaging Role: Provides the Universal Inbox for voicemail, email, faxes, etc.
  • Optional Role (recommended)- Edge Transport Role: Perimeter-based server to handle anti-spam and anti-virus protection and additional transport rules.

Requirments for Exchange 2010:

1. Domain Controller – AD Domain controller

2. DNS Services

3. Member Server (on which you will install Exchange)

 

For Exchange 2010 running behind your firewall or DMZ on your internal network, you can install the following 4 roles on their own server: Client Access Server, Mailbox Server, Hub Transport Server, and Unified Messaging Server.

To add an Edge Transport Server to your network, you will need to setup a Member Server that is not a member of the Domain. You install Exchange, but only the ET server role. This will sit out on the Perimeter Network (between internal and external firewalls – DMZ). Again, the ET server cannot be a member of the Domain.

New in Exchange 2010:

Storage Architecture – There’s a new focus on the database itself, not on a storage group. Storage groups have been removed from Exchange’s DB design (Exchange 2000 – 2007)

High Availability and Site Resiliency – Database Availability Groups have replaced legacy Exchange  HA versions.

Permissions – Role-based access control has been implemented – permissions to manage exchange.

Control – A cool new Web-Based Exchange Control Panel (ECP). Carries over Exchange 2007’s exchange management console and an exchange management shell.

Voicemail and Unified Messaging – including voicemail preview, better protection.

Exchange 2010 has something for everyone. It is a complete communications platform for organizations large and small.

 

 

A good majority of the content provided in my Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Outlook 2010 – Cannot create new profile; An unknown error occurred, error code: 0x80070057 – Solved!

One of our Windows 7 Pro, 32 bit users (not SP1), experienced Outlook 2010 failing on a regular basis. The client was setup with Auto-discover and the application would crash / freeze/ hang randomly as well as could be made to crash by going into the Calendar, create a New Meeting->Scheduling Assistant -> and enter another user’s name.

Additionally, we tried closing Outlook, going to the Control Panel and chosing the Mail applet. Click on Profiles -> Profiles -> Show Profiles… -> Add…

The Outlook wizard would start, but then fail with the error message:

“An unknown error occurred, error code: 0x80070057”.

The Event Viewer (Local) -> (Windows Logs: Application) would have a cryptic message with the following information:

Event 1000, Application Error

Faulting application name: OUTLOOK.EXE, version: 14.0.4760.1000, time stamp: 0x4ba8fefdFaulting module name: OUTLOOK.EXE, version: 14.0.4760.1000, time stamp: 0x4ba8fefdException code: 0xc0000005Fault offset: 0x0054ac63Faulting process id: 0x1174Faulting application start time: 0x01cc0e56a826f1c7Faulting application path: C:Program FilesMicrosoft OfficeOffice14OUTLOOK.EXEFaulting module path: C:Program FilesMicrosoft OfficeOffice14OUTLOOK.EXEReport Id: 375d88cc-7a62-11e0-a74c-b8ac6fc5d92c

Running a search on these errors produced a lot of options for repairing the problem including checking OWA IIS certificates, installing .NET on the exchange server, Exchange SP2/SP3,  editing your hosts file, Exchange PowerShell setting virtual directory, and the list goes on.

The solution that resolved this issue finally for us was to install on the Outlook client, the hotfix created by Microsoft here: http://support.microsoft.com/default.aspx?scid=kb;en-US;2281463

The download is not easily accessible on this page, so don’t be discouraged and go ahead and “View and request hotfix downloads” from the link at the top of the page.

This link will send you to a Hotfix Request page where you place a checkmark on the update you wish to download. Be careful because if you visit the page with a x64 machine, you will most likely be prompted to download the x64 client. It’s best to visit the hotfix page on the client that has the problem. Enter your email address and then confirm. Type in the captcha and then hit “Request hotfix.” You will be quickly emailed the link to the hotfix download as well as a password.

*Note: Prior to installing a hotfix of this nature, it is always recommended you backup your system (Windows 7 backup is a pretty good free image-based backup, my next best recommendation is something like Acronis 10.) Also, it is a good idea to take a manual System Restore point: Start -> Right-click on Computer, choose Properties, System Protection, Create.

Once the hotfix has been downloaded, when you try to run the .exe you will be prompted for the password for the file to run. Enter the password that was emailed to you and complete the setup. After the hotfix completes, for good measure, go ahead and reboot. After the restart, keep Outlook closed and go back to the Mail control panel applet. Go to Profiles ->Show Profiles… -> Add… and create a new Outlook Profile. Under “When starting Microsoft Outlook, use the profile: -> Always use this profile -> Hit the dropdown for the newly created profile.

Start Outlook. This will create a new Outlook profile for the user. Also, a new .ost file will be created which if the mailbox size is large, it may take a considerable amount of time to rebuilt the new profile. You may need to visit the old profile in the Control Panel Mail Applet to see if any data files were attached or settings/signatures were modified or need to be created or copied to the new profile.

You can test to see if the application crashes by visiting the Calendar Scheduling Assistant.

Offline Outlook Address Book – delays in syncing Outlook and Exchange 2010 – Solved!

When an administrator makes a change in Active Directory/Exchange, why do the changes not appear in the Outlook Offline Address Book immediately?

I found that it may take up to two days for the changes to appear in Outlook.

In Exchange 2010 it takes even longer to synchronize the changes in the OAB than Exchange 2007.  After the OAB is updated, which by default is once a day, it may take up to 8hrs for the OAB to be available to the client. The reason is that the OAB is generated in the MAILBOX role and needs to be copied to the CLIENT ACCESS role. The CLIENT ACCESS role checks for changes every 8 hrs. On top of these delays, if a client does not close/open his or her Outlook, it can take even longer for a change to take place.

If you want the changes to appear in your Outlook Address Book right away, you need to do the following:

  1. Make a change or changes to the OAB. An administrator can do this by going to their Exchange server, and open the Exchange Management Console. Drill down from Microsoft Exchange to ->Microsoft Exchange On-Premises ->Recipient Configuration -> Mailbox. Right-click on the user in which you want to make changes or add another SMTP address. Add or Edit the addresses, etc.EMC1
  2. Manually update OAB  in the Exchange server. Go to the Exchange Management Console -> Microsoft Exchange -> Microsoft Exchange On-Premises -> Organization Configuration -> Right-Click on Mailbox and choose Properties. Click on the Offline Address Book tab. Right-click on the default offline address book and choose Update. EMC2
  3. Restart Microsoft Exchange File Distribution service. On the Exchange server, go to Start -> Run -> type in Services.msc and hit Enter/OK. Browse to the Microsoft Exchange File Distribution service, right-click on the service and click Restart.Services
  4. You may need to Sync the Domain Controllers between sites (in a multi-site environment).
  5. Download the OAB in Outlook. Open Outlook on the client that wants the change. Go to the File tab/menu. Click on the Account Settings button and then click on Download Address Book…OutlookDownloadAddressBook

Otherwise, the process may take up to 56  hrs (24hrs to generate OAB, 8 hrs to update the CLIENT ACCESS, and 24 hrs to update Outlook).

Exchange/SBS 2003 – You do not have permission to send to this recipient. -Solved!

There are a lot of variables where a problem like this can take a while to track down and resolve, so hopefully if you encounter this issue again, the resolution will be easy.

A user called complaining they would receive a bounceback message from Exchange whenever trying to send an email as a different user, for example, “[email protected]”. They had not previously experienced this problem trying to send on behalf of that user and “something suddenly changed.”

To make a long story short, in this case, the resolution was that the From: field contained a corrupt .NK2/NickName entry for the “Promoter” address. When auto-resolving the email address for the “From” field, I had to type in the first letter of the bad entry, arrow down to the corrupt entry in the nickname list, so that it was highlighted and hit the Delete button. Next, to put in the correct “From: Promoter” address, I had to manually click the “From” button, go to the Global Address List and select “Promoter”. This resolved the correct entry and the From: field was now populated with “Promoter” instead of “[email protected]”. The message could now be sent without a failure/bounceback/error message.

Read below for the workflow that caused the problem and what I had to do to resolve it:

The user opened a new mail message. The From field is “shown” and the user typed in the first letter of the address who the email is from. In this case, “p”. This auto-resolved the nickname as an email address “[email protected]”. The user would then type in the recipients name into the To: field (in this case [email protected]) and then supply a subject, a message body, and hit send. A moment later the following email arrived from the Exchange System:

Your message did not reach some or all of the intended recipients.

Subject: test Sent: 4/27/2011 11:43 AM
The following recipient(s) cannot be reached:
example@hotmail.com on 4/27/2011 11:42 AM            You do not have permission to send to this recipient.  For assistance, contact your system administrator.            MSEXCH:MSExchangeIS:/DC=local/DC=domain:servername

Solution:

The first thing to check was that the user has the ability to send on behalf of the “Promoter” account:

On the SBS2003 server, go to Server Management. Click on the View menu and checkmark the “Advanced Features”. Then browse   -> Active Directory Users and Computers -> Domain.local ->MyBusiness ->Users -> SBSUsers

Right click on the account that the user is trying to send on behalf of (in this case “Promoter”). Click on the Exchange General tab. Click on the Delivery Options… button. Under Send on behalf, make sure the user that is trying to send as is listed under “Grant this permission to:”. If not, click the Add button… and add the user.

Next, in Server Management, browse to Advanced Management -> EXCHANGESERVERNAME (Exchange) ->Servers -> SERVERNAME -> Protocols -> SMTP

Right-click on “Default SMTP Virtual Server” and click Properties.

SMTP Properties.jpg
Click image to enlarge

Under the Access tab, click on the Relay… button

Under Relay Restrictions, “Only the list below” should be selected and Granted: the server’s IP address/SNM; and Granted loopback 127.0.0.1

Uncheck “Allow all computers which successfully authenticate to relay, regardless of the list above. Click on the Users… button. Under Permissions – Group or user names, make sure Authenticated Users has both Submit and Relay permission set to Allow. Click OK, OK, OK.

If any changes have been made to SMTP, right-click on Default SMTP Virtual Server under Protocols/SMTP and Stop/Start the Default SMTP Virtual Server.

Now, on the client, open a new mail message, remove the bad auto-resolving address, click on the From: button, select the account you wish to send from, and hit “Send”. See the 2nd paragraph of this post for further details on how to accomplish this part. The message should now be sent to the recipeint with the correct “From” address.

 

 

 

 

ActiveSynch troubleshooting on Exchange/SBS 2003

Do you have Exchange running in your environment but are having trouble connecting iPhones and Android phones? ActiveSync is much more preferable to POP or IMAP, so hunker down and fix ActiveSync on your server to get email, calendar, and contacts synched with your smartphones. Below are two of my favorite links for troubleshooting ActiveSync on Exchange and Small Business Server 2003. I was able to resolve issues on a few servers who’s certificates had expired by using the following resources:

Alan Hardisty’s ActiveSync Configuration Guide is a great starting point:

http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/

Secondly, the following website can test Exchange connectivity in a number of different ways:

https://testexchangeconnectivity.com/

The site above is able to test exchange connectivity with the following tests:

Microsoft Exchange ActiveSync Connectivity Tests
Microsoft Exchange Web Services Connectivity Tests
Microsoft Office Outlook Connectivity Tests
Internet E-Mail Tests

 

 

ActiveSynch troubleshooting on Exchange/SBS 2003

Do you have Exchange running in your environment but are having trouble connecting iPhones and Android phones? ActiveSync is much more preferable to POP or IMAP, so hunker down and fix ActiveSync on your server to get email, calendar, and contacts synched with your smartphones. Below are two of my favorite links for troubleshooting ActiveSync on Exchange and Small Business Server 2003. I was able to resolve issues on a few servers who’s certificates had expired by using the following resources:

Alan Hardisty’s ActiveSync Configuration Guide is a great starting point:

http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/

Secondly, the following website can test Exchange connectivity in a number of different ways:

https://testexchangeconnectivity.com/

The site above is able to test exchange connectivity with the following tests:

Microsoft Exchange ActiveSync Connectivity Tests
Microsoft Exchange Web Services Connectivity Tests
Microsoft Office Outlook Connectivity Tests
Internet E-Mail Tests