11G-Hyperion-EPM Install Procedures

I took some time to get familiar with Oracle’s 11G and EPM solution in my lab. EPM is a large software suite and is useful for enterprises that are looking for management dashboards and end to end visibility.

11G/Hyperion/EPM Install Procedures

  • Install 2008 R2 64 virtual machine
    • Get VMWare ESXi running
    • Upload Server 2008 R2 Standard ISO to your Datastore
    • Create new virtual machine -> Typical
    • Name VM (EPMTest1)
    • Choose your datastore (datastore1)
    • Guest OS: Server2008R2 64
    • Use 1 NIC – type: VMXNET3
    • Virtual disk size: at least 100GB – Thick Provisioned Lazy Zeroed
    • (Edit VM settings before creation of VM -> Continue
    • Under VM Properties:
      • Change CPU and Memory as needed.
      • For CD/DVD drive, use Datastore ISO file and browse to Server 2008 .ISO file, connect at power on.
      • Under Options Tab, Advanced -> Boot Options -> Change Power on Boot Delay to 5000 ms.
      • Under Advanced -> Memory Hot Add -> Enabled memory hot add
      • Ok
    • Right-click on EPMTest1 VM and choose open console
    • Start vm and boot to iso/cd
    • choose default language
    • Install Now
    • Select Windows Server 2008 R2 Standard Full Install
    • Choose Custom installation
    • Select your virtual disk -> next
    • Files will copy/expand/install
    • vm will reboot several times
    • Change Administrator pw to ???????
    • Once at desktop, check for network adapters. If unknown device exists, from vSphere Client, install VMWare tools.
    • Ensure VM is online and can reach network resources
    • Update OS with MS Updates
    • Activate Server 2008
    • Run script to install Roles (open powershell and paste in following command): ServerManagerCmd -Install Application-Server AS-Web-Support Web-Server Web-ASP Web-CGI Web-Mgmt-Service Web-Mgmt-Compat Web-Metabase Web-WMI Web-Lgcy-Scripting Web-Lgcy-Mgmt-Console
    • Backup your VM prior to installing Oracle software (ghettovbs script does ok job and instructions are at: http://www.youtube.com/watch?v=fJmqrMAXQAg – scripts download located at https://github.com/lamw/ghettoVCB
    • Install JRE
    • Download 2 zip files – Oracle Client Runtime 11.2.0.1 from http://www.oracle.com/technetwork/database/enterprise-edition/downloads/112010-win32soft-098987.html –
    • Install Oracle Client Runtime/database 11g 11.2.0.1
      • Installation Instructions:
      • Create new folder c:admin
      • Create new folder c:adminepm_downloads
      • Create new folder c:adminepm_unzipped
      • you need to extract Database 11g zip files into exact same dir as file1. It cannot be in a separate dir. Extract to c:adminepm_unzipped
      • Install Oracle Database 11g – run c:adminepm_unzippeddatabasesetup
      • Enter Oracle Account info
      • Enter proxy info (?) or Check I do not want to be informed of critical updates
      • Install db software only
      • Single instance
      • english, next
      • standard edition one
      • Location c:appOracle
      • Finish
      • Installation Successful – Close
    • Install and configure MS Office 2010
      • In addition to the requirements listed in the previous sections, CLIENTHOST1 requires the following installations: Microsoft Office 2010 Microsoft Word, Excel, and PowerPoint must have the following characteristics:
      • Be registered in the server’s registry for printing
      • Be available to the “SYSTEM” account
      • Have access to, and be able to print from the printers installed by Financial Reporting (HRPrinter1-5). The SYSTEM account issues all print requests, so it is important that the applications can print using the Print Server’s printers.
      • A supported 32-bit version of GhostScript. http://www.ghostscript.com/download/gsdnld.html GPL 32bit – download and install
      • Disable the following on CLIENTHOST1 to support Financial Reporting Print Server:
        • Disable:
        • All add-ins (including EPM System add-ins) from all Microsoft Office applications to enhance application launch time and reduce system resource consumption. If add-ins are present, they may display UI components that require user input.
        • • SmartTags (Office 2002+) to enhance performance.
        • • Microsoft Office Assistant which prompts the user for input and may halt printing.
    • On Local PC – Create User DeployEPM -> Add DeployEPM to local Administrators Group
    • On server, open Local Security Policy, drill down to Local Policy -> User Rights Assignment
    • Add DeployEPM account to following policies
      • • Act as part of the operating system
      • • Bypass traverse checking
      • • Log on as a batch job
      • • Log on as a service
    • Create Shared Filesystem on NAS/SAN (jason-nas1EPM_Shared)
    • Map Network Drive Z: to jason-nas1EPM_Shared
    • Check hostnames, check clock synchronizations
    • Set up Oracle Database
      • Create an Oracle 11g database with AL32UTF8 character set encoding and set these database parameters:
        • NLS_LENGTH_SEMANTICS to CHAR * could not find these settings
        • CURSOR_SHARING to FORCED *could not find these settings
        • Open Database Configuration Assistant -> Create a database -> General Purpose -> Global DB Name: Test11gDB1.EPMTest1 SID: Test11gDB1
        • Uncheck Configure Enterprise Manager
        • Use Same Admin pw for all accounts SYS and SYSTEM
        • Use DB File locations from template
        • Character Sets – Use AL32UTF8 -> Next ->Next->Finish (Create DB)
        • Once DB has been created, open Start->Programs->Admin Assistant For Windows, and browse to new DB
        • Create the following database (and local server/domain/user) accounts:
        • • One user for EPM System Repository
        • • One user for Financial Management data repository
        • • One user for a Planning data repository
        • Each Planning application requires a separate database account. Before creating a new Planning application, you must create a new database user for it.
        • Set table temp space if necessary
        • Setup Firewall ports if necessary
        • EPM_Install_Progress2
    • Download EPM software from https://edelivery.oracle.com
      • Download 11.1.2.1.0 media pack
      • Download the following zip files:
        • 05/05/2013  10:52 AM     1,831,124,877 V25459-01.zip
        • 05/05/2013  11:25 AM        51,317,271 V25460-01.zip
        • 05/05/2013  11:36 AM     1,090,549,336 V25461-01.zip
        • 05/05/2013  11:28 AM         5,556,028 V25462-01.zip
        • 05/05/2013  11:29 AM        28,348,437 V25463-01.zip
        • 05/05/2013  07:19 PM       389,282,485 V25464-01.zip
        • 05/05/2013  07:21 PM        96,713,567 V25468-01.zip
        • 05/05/2013  07:41 PM        88,759,524 V25469-01.zip
        • 05/05/2013  07:22 PM       143,329,315 V25470-01.zip
        • 05/05/2013  07:23 PM        13,426,437 V25475-01.zip
        • 05/05/2013  07:37 PM       199,685,657 V25476-01.zip
        • 05/05/2013  07:24 PM       121,862,788 V25477-01.zip
        • 05/05/2013  07:39 PM       102,999,780 V25479-01.zip
        • 05/05/2013  07:41 PM        70,810,195 V25487-01.zip
        • 05/05/2013  07:35 PM     1,488,695,147 V25494-01.zip
        • 05/05/2013  10:05 AM       269,705,265 V25495-01.zip
        • 05/05/2013  10:21 AM     1,094,215,607 V25496-01.zip
        • 05/05/2013  10:30 AM     1,317,755,597 V25497-01.zip
        • 05/05/2013  10:33 AM     1,168,889,472 V25498-01.zip
        • 05/05/2013  10:47 AM     1,499,139,033 V25499-01.zip
        • 05/05/2013  07:20 PM        93,168,097 V25500-01.zip
    • Install and Configure Foundation Services
      • Ready files for installation
      • Create folder EPM_Unzipped
      • Unzip all files into the same EPM_Unzipped folder
      • On FNDHost1 (in this case, EPMTest1), log in as an administrator
      • From Z:EPM_Unzipped run InstallTool.cmd
      • Run installer – > Check that Prerequisites have been met – ok
      • Enter Default Location of middleware home c:OracleMiddleware
      • Select components individually
      • Install the following components:
        • • Foundation Services
        • • Essbase — Administration Services Web Application
        • • Essbase — Provider Services Web Application
        • • Reporting and Analysis
        • • Planning
        • • Financial Close Management (Assembly missing) @followup
        • • Disclosure Management (Assembly missing) @followup
        • Financial Management — Financial Management Web Service (ADM Driver under Financial Management is selected by default)
        • • Profitability and Cost Management (Assembly missing) @followup
        • Unselect: Essbase — Essbase (Essbase Server is selected by default when you select Planning)
        • Hit Next to Confirm, Next to install
        • Download and apply patch 12552933 from http://support.oracle.com (unable to locate patch, need Support Identifier) @followup
    • Run EPM Configuration -> Start -> Programs -> Oracle EPM System -> Foundation Services -> EPM System Configurator
    • If cannot connect to database – “Connection Refused”, try installing loopback adapter and open Command Prompt and run netca. Install a new Listener on default port 1521. Then go back and run Database Configuration Assistant. After configuration has succeeded make note of location of encryption key, in this case it’s c:/app/oracle/product/11.2.0/dbhome_1/servername_dbname/sysman/config/emkey.ora. Also make note of Database Control URL: https://WIN-9ANJ6AA1428:1158/em
At this point, I had significant problems trying to configure the installation with the System Configurator. Ultimately the resolution was to ensure I had the correct credentials for the installer to run normally.
EPMSetup
I completed the configuration according to my environment and the setup completed successfully. After restarting the default websites, they wouldn’t display with a 404 message. I had to re-run the EPM Configuration and installed the default websites components. Starting up the EPM Services can take some time on a box with 8GB of RAM but eventually the services started and the sites came up and I was able to log into the Shared Services console and Workspace successfully. ScreenShot003
My next steps are to import some test data, create some applications, dashboards, and build some views.

Exchange 2010 – Part 20 – A look at the Hub and Edge Transport Server Roles

The Hub and Edge Transport Server Roles

The purpose of this post is to explain the differences between the two transport role servers, the Hub Transport and the Edge Transport.

We will look at some of the key aspects of transport servers including:

  • Send/Receive Connectors
  • Anti-spam and Anti-virus protection
  • Transport Rules
  • Hub/Edge Synchronization

Take for example a scenario where your company has configured enough of it’s organization that they want to be able to send and receive email in full production. Because of this, we should discuss the configuration elements involved in our transport role servers. In our example, we have more than just a Hub Transport server, we also have an Edge Transport server that we installed but never configured to work with our Hub.

You’re never really completely done with Exchange, there’s always something left to do, to monitor etc.

So to start, in the Hub Transport server in the EMC, and click on Organization Configuration -> Hub Transport, we have several tabs:

Click Image to Enlarge

Send Connectors – Here you might not see any send connectors if none have been setup. Receive connectors are located under the Server Configuration-> Hub Transport. We don’t have any Anti-spam settings here yet in our Hub Transport role.

Edge Subscriptions – Here we will create a connection to our Edge Transport Server

Global Settings – we will go over this later

Email Address Policies – we will go over this later

Transport Rules – Here we can create transport rules, with conditions, actions, and exceptions – by default none.

Journal Rules – by default are blank

Remote Domains – we will go over this later

Accepted Domains – we will go over this later

 

If we remote into our “Edge” transport server, our EMC will be pretty much empty except for our Edge Transport settings. It’s one of the easiest server roles to work with because there is not much here to configure:

Click Image to Enlarge

The five tabs we have to work with are:

Anti-Spam

Send Connectors

Receive Connectors

Transport Rules

Accepted Domains

Hub vs. Edge: – Hub is on the inside of the firewall

Edge Transport sits on the edge of the network, in the DMZ. It it isolated, but is there to defend the network. Edgesynch synchrononization is the connection between the hub and edge transport servers.

Hub handles all of the mail flow within the company: Applies Transport Rules, Journaling policies, delivers messages to mailboxes and more.

 

If there is no Edge transport role, the Hub will relay messages to the internet. The Edge Transport server minimizes attacks from the internet – virus, spam, etc. . You can have more than one Hub or Edge Transport servers for failover capabilities.

You can export settings from one Edge Transport server to a 2nd Edge.

Do you need to have an Edge Transport Server? No. However, it is recommended that you have some kind of protector in se.

Without an Edge Transport Server, by default you will be missing Anti-Spam solution, and certain Transport Rules.

You can enable Anti-Spam on the Hub transport server, or a 3rd party solution.

Mail will go through Hub and Edge transport servers. All mail will flow between them.

  • If you have one HT and one ET, all mail will flow between them, both incoming and outgoing
  • To make the connection between the HT and ET you need to make a manually configured synchronization. It is also called a subscription or an “edge synch process”
The Edge Transport Role is engineered to protect on the front lines of your network
  • It isn’t part of the domain
  • It can cut down the spam at the front door
The Hub Transport role, although it can protect the front lines to a degree, is designed to be a second layer of defense and has a greater role in message compliance, internal mail flow and policy enforcement.

 

 

 

A large majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010 – Part 17 – Using the ECP to manage ActiveSync

Using the ECP to Manage ActiveSync

In this post, we will be visiting the Exchange Control Panel (ECP) to see all the new administrative control we have been given with SP1, without having to work on a system with the EMC Management Tools installed. You may recall our first visit to the Exchange Mangement Console in Part 8 of this series.

To get to the Exchange Control Panel, log into your OWA site as an administrator. From here, you will see the options button in the upper right-hand corner of OWA, this contains the link to the ECP.

From within the Administrative Control Panel we can perform the following (new w/SP1) administrative tasks:

  • Manage default access for mobile devices
  • Configure email alerts when a mobile device is quarantined
  • Create personalized recognition or quarantined messages
  • List quarantined mobile devices
  • Create and manage device access rules
  • Allow/Block specific devices
  • Initiate password recovery or remote wipe of a user’s mobile device

To manage the default access for mobiles, go OWA as administrator, then go to options -> View all options -> Manage My Organization -> Phone and Voice:

ECP Mobile
Click Image to Enlarge

Here, when a device that isn’t managed by a rule or personal exemption connects to Exchange we can allow access, block, or quarantine (on a case by case basis) mobile devices. If we choose, we can send out notification warnings that will go out to administrators.

Under ActiveSync Device Policies, we have a duplicate of what is in the EMC, in that we have a default policy, and the ability to look at, and change, policy settings (Device Security, Sync Settings, Device Settings).

We can create additional activesync policies here as well. Polices created here will be replicated in the EMC. There are some options/tabs that exist only in the EMC however; Device Applications Tab and the “Other” tab: discrete management of Applications on Mobile Devices.

So this is a short post but I think is worthwhile looking at the new enhancements for the Exchange Control Panel in SP1.

 

 

 

 

A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010 – Working with Public Folders – Part 12

In this post, we will look at Public Folders in Exchange 2010. More specifically:

  • We will review the purpose and use of Public Folders within your organization (and discuss the fact that they may no longer be used in some future version of Exchange).
  • We will go through the creation of a Public Folder database in the Exchange Management Console and see the properties that we can configure.
  • We will work with the Public Folder Management Console and the Outlook client to create and manage Public Folders.
  • We will review permission settings and delegating permissions for folders and sub-level folders.
In review, the purpose of Public Folders:
  • Public Folders are Nostalgic (out of date) – Public Folders were introduced with the first version of Exchange and have been used for many years as a means of collaborating with persons in your organization through a shared folder structure.
  • Users will see the Public Folder structure in their Outlook client and can view items that have been either posted or emailed to the folder (if it is mail-enabled) and they may have the ability to add content, create sub-folders and so-forth if they have permissions to do so.
  • Are Public Folders required in Exchange 2010?
  •      If you have Outlook 2007 and/or 2010 clients only, than the answer is no (it is completely optional if you want to).
  •      If you have Outlook 2003 clients, then the answer is yes. They use the Public Folder structure for Offline Address book distribution, free/busy lookups, organization form library, and security settings.
The Offline Address Book distribution in Exchange 2010 is now done with the BITS HTTP connection to the Exchange Client Access server. The Free/Busy look-ups are now done through the Availability Web Service. Security settings are done through Group Policy. Organizational Forms have been pushed aside in favor of InfoPath forms.
Starting with Exchange 2010, Public Folders are De-emphasized
  • Public Folders have become the dumping grounds for anything and everything your people want to share with each other. Public folders tend to sprawl out of control.
  • Public Folders are so late-1990’s. They aren’t designed for two very important 2010+ aspects of corporate life: Archiving data, and Document Sharing and Collaboration (check-in/check-out, versioning). Associates tend to try to hide their personal mail archives in Public Folders so that they are backed up.
  • As a result, the Microsoft Exchange Team has been making threats to pull Public Folder support from a future version of Exchange.
  • The idea is to encourage organizations toward SharePoint (although you are welcome to research and use some other collaboration solution).
  • While SharePoint has great features, any collaboration software has the potential to become the NEW dumping grounds for your organization.
How do I create the Public Folder database in Exchange 2010?
  • During the installation of the first Exchange 2010 Mailbox Server in your organization you see the question: “Do you have any client computers running Outlook 2003 and earlier or Entourage in your Organization?” If you answer “Yes” then the Public Folder database is automatically created.
  • You can also manually create a Public Folder database on any Mailbox Server in your organization and then determine if you want to replicate folders to that server.
How do I establish or create a High Availability structure for my Public Folders?
  • In Exchange 2010 there are no HA solutions you can use by default. The only way to ensure content is available is to create a new database and replicate content to that server.
Options for configuring Public Folder databases:
  • Maintenance Schedule
  • Replication Interval – specific to DB
  • Storage Limits
  • Deletion Settings
  • Age Limits
  • Public Folder Referral
Options for configuring individual Public Folders:
  • Replication (Both server choice and replication schedule)
  • Limits (Storage, Deleted Item, Age)
Path to managing the Public Folder in the Exchange Management Console (EMC):
MS Exchange -> MS Exchange On Premises -> Organization Configuration -> Mailbox -> Database Management Tab -> Right-click on Public Folder DB file and choose Properties.
Maintenance Schedules run from 1-5am by default. (ESE scanning check sum is an option as well. For smaller databases, you can get away with un-checking this option).
Circular Logging, again, is not having transaction logs building up. This is a space saver but not good when trying to recover from an emergency.
Replication Tab – replication of messages between PF databases.
Limits Tab – storage limits on the database. There is by default a maximum size of message of 10MB for each item placed in a Public Folder by default.
Public Folder Referral – Use Active Directory site costs. Essentially PFR comes into play with large organizations with multiple PF DBs, multiple Mail Box servers hosting PF DB’s. Certain PF’s may not be hosted at that same location. Site costs can be used to determine or manage PF locations.

You can configure  certain items on individual public folders like replication. Replication at the database level can be scheduled, or you can establish on the individual folder themselves.

Go to the Public Folder Console by going to the EMC -> Toolbox -> Public Folder Management Console:

Default Public Folders – include existing public folders created by an administrator. Try to maintain and organize Public Folders with a structure to maintain focus. One possibility is organizing by location. To add new folders, select New Public Folder… in the Action Pane. You can create sub-folders inside each Public Folder. You can delegate permissions on Public Folders to allow users the ability to create new sub-folders. Right-Click on a Public Folder, choose Properties. Under the Replication tab, you can add servers to replicate the content to and if you want High Availablity, you will select a different MailBox server and replicate the folder. You might replicate content to put them closer to actual user’s locations. You can use the default public folder replication schedule, or create your own. For limits, you can use the default quotas, or establish your own.

System Public Folders – we will cover these later.

 

Key Focus Points of Public Folders:

What are some of the key concepts of Public Folders?

  • Public Folder Trees
  •      Default Public Folders (IPM_Subtree – folders that users are typically aware of)
  •      System Public Folders (System PF structure known as the Non_IPM_Subtree – used by outlook for free/busy data, eforms registry and events root, for outlook clients that do not support 2010 or 2007 features (Availability service etc.) Legacy clients don’t know where to look for this, but can get their legacy data from these structures)
  • Replication
  •      Hierarchy – Properties of the folders, and organizational information, name of public folder, which server holds the replicas, and permissions are replicated with the heirarchy
  •      Content (Requires configured replication) – you decide which mailbox servers have copies of the content.
  • Referrals
  •      If a client looks for somethign in the Public Folder heirarchy, if they click on the folder, do they get it from their local Mailbox server? If it can’t find the data from their Mailbox, it will look for a replica in the same site. If it can’t find it there, it will look for the lowest cost site.
  • What are Mail-enabled Public Folders?
  •      They provide a bit more functionality to PFs
  •      Users can post to a PF through email.
Permissions: The Reality vs. The Potential
  • Exchange Administrators should consider delegating folder creation and management to others.
  • The easiest way to delegate is to assign persons to the Public Folder Management Group and let them worry about creating and managing Public Folders through Outlook
  • If you wanted to see the permissions or set the permissions on Public Folders, you cannot use the EMC/Public Folder Management Console. You must use the Exchange Management Shell.
  •      – Cmdlet used to add administrative permissions:  Add-PublicFolderAdministrativePermission
  •      – Cmdlet used to add client permissions: Add-PublicFolderClientPermission

In an Outlook 2010 client, if a user does not have permissions to create a sub-folder in a Public Folder, check the properties of the folder first -> Summary Tab.

To add a user to a Public Folder Management Group so that they can make changes/add folders to a Public Folder, you’ll need to open the Exchange Management Shell:

Edit – you can change permissions now through the Public Folders Management Console if Exchange 2010 SP1 is installed

[PS] c:windowssystem32>Add-RoleGroupMember -Identity “Public Folder Management” -Member User.Name 

After hitting Enter, nothing appears to happen, but when logged in as the user, and visiting the properties of a Public Folder in Outlook, you will see the additional properties/permissions available. And from here you can give additional permissions to other users.

If a Public Folder is mail-enabled, in the Global Address List, you can change the address book to Public Folders, which will list all available Mail-Enabled Public Folders.

Permissions: Rights vs. Roles

  • When using Outlook to assign permissions to a Public Folder you assign Roles (like Editor, Author and so forth).
  • Those Roles have underlying Rights assigned to them. For example, a Reviewer (role) has the rights ReadItems and FolderVisible.
  • There are 10 different Rights that mix and match for each role:
  1. ReadItems
  2. CreateItems
  3. EditOwnedItems
  4. DeleteOwnedItems
  5. EditAllItems
  6. DeleteAllItems
  7. CreateSubFolders
  8. FolderOwner
  9. FolderContact
  10. FolderVisible
Each of these is a different set of permissions that combine to create a different role. A “none” role doesn’t allow any permissions and the user will not be able to even view items.
If you are the type that doesn’t want to delegate to users rights and roles, and want to adjust them on the EMShell, you can use the following commands:
[PS] c:windowssystem32>Get-PublicFolderClientPermission -identity “PublicFolderName”
Let’s say we want to give Jason.Coltrin a role:
[PS] c:windowssystem32>Add-PublicFolderClientPermission -identity “PublicFolderName” -user “jason.coltrin” -accessrights Editor
It can be more simple to use the Outlook client GUI, but using the above commands, you can make the changes in the Exchange Management Shell.

With Exchange SP1, you can change permissions (rights and roles) for public folders using the Public Folder Management Console -> Right-click on Default Public Folders -> Choose Properties -> Permissions Tab. 

 

 

 

 

A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010 – Understanding and Managing Databases – Part 11

In this post, we will discuss the following topics:

  • The concept of the Exchange Database including the Extensible Storage Engine or ESE
  • The way transaction logs and database files work together – storage architecture
  • How to create and mount databases
  • Some best practice concepts and implementing them with a newly created mailbox database
It’s important for you to visually realize that every email that goes to your Mailbox server must go into a database, and this creates challenges because of the huge variety of messages Exchange handles. From the tiny on-line emails to the monster MB emails with video attachments.
The I/O profile of a Mailbox server is not predictable (RANDOM). Read/write that occurs between memory and disk is substantial. At times there may be waves of messages, other times may be idle.
Exchange uses the Extensible Storage Engine (ESE) database engine (MS has mentioned moving this to SQL but that has been determined to be too much of an investment, so ESE remains in Exchange 2010). The ESE engine has received some enhancements to improve I/O by 70% (meaning, Exchange 2010 can read/write emails to disk 70% faster than 2007 using the same engine). These improvements included increasing the page size from 8kb to 32kb, storing header data in a single DB table, and compressing attachments. In turn, because of these optimizations, you actually have more options for using lower-end disks for your Exchange server.
Disk Types for Exchange:
  • Better IOPS performance mean flexibility in storage options:
  •      High-end storage (SANs or RAID arrays)
  •      Exchange 2010 uses reduced I/O and this allows for Lower cost SATA disks or Just a Bunch of Disks (JBOD) storage
  • One important point to keep in mind is that Microsoft removes Single Instance Storage with Exchange 2010
  •      The idea behind SIS is when a message is sent to a bunch of people (perhaps with a large file included) the original message is stored once.
  •      SIS is replaced by database compression technology and new tools to help administrators to purge mailboxes and reduce the overall size of the database
To visualize email flow consider the following:
The email comes in, the CPU/Memory sends it to the hard disk but not immediately into the database, because it might be busy. First it goes into transaction logs, which ensure the data is written into the database. Transaction logs don’t do anything, they are 1 MB in size and the amount of files/logs grows. But they are written into the “one monolithic database” file. The exchange store uses write-ahead Transaction Logs and CheckPoint files to help prevent data loss. These files record all changes that have been committed to the in-memory database. While checkpoint files record which data has been committed. If the DB is corrupted, and the transaction logs are safe, your DB will be up to date. Its recommended to keep TL and DB on separate disks. JRS files are used when the hard drive runs out of space and help to stop the queue DB cleanly. When the store runs out of hard disk space, the transport service will be stopped. At 1 GB it will run out of space and is BAD. Space cannot be reclaimed. *Make extra effort to ensure you do not run out of disk space!*
In the Exchange Management Console -> Mailbox server role -> Database Management tab, we can see the database file path and where the Transaction Logs are located.
In the Mailbox Database folder on the hard drive, in the transaction logs, when the placeholder E00 log is complete, it will be renamed.
When you create a new Mailbox, you can change the DB file locations. (PS command: new – mailboxdatabase Server…)
Exchange 2010 Database Best Practices:
  • Place transaction logs and database files on separate disks (off the system disk and/or the location where Exchange is installed – you can move the location of your DB)
  • Place transaction logs on a mirrored volume
  • Place database files on a RAID 5
  • Use the Exchange 2010 Mailbox Server Role Requirements Calculator to help you determine your storage needs. The latest version can be found here: http://blogs.technet.com/b/exchange/archive/2009/11/09/exchange-2010-mailbox-server-role-requirements-calculator.aspx
  • Note: Standard Edition supports 5 databases. Enterprise Edition supports 100 databases
For an existing DB, you can “Move Database Path” at any time and change the default locations for transaction logs and database file location.
EMC -> Organization Configuration -> Mailbox -> Database Management Tab -> Right-click on Database -> Properties ->
Maintenance Tab ->
Database Management Properties
  • Mount and Dismount the Database
  • Move Database and Log Paths
  • Background Database Maintenance (24×7 ESE scanning)
  • Circular Logging
  • Storage Limits
  • Deletion Settings
We will touch upon Journal Recipient later.
Here the Exchange Mailbox Database Maintenance Schedule can be adjusted or Customized.
Database maintenance performs the following maintenance tasks:
  1. Purging mailbox DB and PF DB indexes
  2. Maintaining Tombstones
  3. Cleans up deleted Items Dumpster
  4. Removes public folders that have exceeded expiration time
  5. Removes Deleted Public Folders which have exceeded the tombstone lifetime
  6. Cleans up conflicting Public Folder messages
  7. Updates server versions
  8. Checks schedule plus Free/Busy and offline folders
  9. Cleans up deleted mailboxes
  10. Checks message tables for orphaned messages
  11. Cleans up reliable event tables
By default, from 1am to 5 am, these tasks above are completed.
An online defragmentation process will be run to free up pages in the database at the end of every maintenance schedule. This is done to reduce the amount of I/O.
Legacy versions of Exchange would do a DB check-sum and look at every page to see if there was corruption at end of maintenance schedule.
However, ESE Scanning does the DB check sum process for corruption on the fly, outside of the maintenance schedule. Un-checking the option for ESE 24/7, the defrag will still take place at the end of the scheduled maintenance.
– Enable Circular Logging – saves disk space – allows exchange to overwrite transaction logs. If your database is corrupt, the transaction logs will restore the DB from the logs. It’s not recommended to use this option – but good if you want to save disk space (perhaps you can turn this on for specific databases)
Limits Tab:
Storage limits – mailbox and storage limits
By default, every day at 1am if the user hits these limits, they will be sent a notification that their mailbox has gotten so large that they will either be prohibited to send or send and receive.
Issue Warning at (kb):
Prohibit send at (kb):
Prohibit send and receive at (kb):
Deletion settings defaults:
Keep deleted items for (days): – deleted items do not count against user’s total mailbox size
Keep deleted mailboxes for (days)
Don’t permanently delete items until the database has been backed up (recommended to enable this option)
In summary, there is a lot to consider when managing an Exchange database. We talked about the concept of an Exchange Database, Transaction logs and database files, mounting/dismounting databases, best practices for configuring DB’s and logs, and finally, maintaining our databases with best practices.
A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010 – Understanding and Managing Databases – Part 11

In this post, we will discuss the following topics:

  • The concept of the Exchange Database including the Extensible Storage Engine or ESE
  • The way transaction logs and database files work together – storage architecture
  • How to create and mount databases
  • Some best practice concepts and implementing them with a newly created mailbox database
It’s important for you to visually realize that every email that goes to your Mailbox server must go into a database, and this creates challenges because of the huge variety of messages Exchange handles. From the tiny on-line emails to the monster MB emails with video attachments.
The I/O profile of a Mailbox server is not predictable (RANDOM). Read/write that occurs between memory and disk is substantial. At times there may be waves of messages, other times may be idle.
Exchange uses the Extensible Storage Engine (ESE) database engine (MS has mentioned moving this to SQL but that has been determined to be too much of an investment, so ESE remains in Exchange 2010). The ESE engine has received some enhancements to improve I/O by 70% (meaning, Exchange 2010 can read/write emails to disk 70% faster than 2007 using the same engine). These improvements included increasing the page size from 8kb to 32kb, storing header data in a single DB table, and compressing attachments. In turn, because of these optimizations, you actually have more options for using lower-end disks for your Exchange server.
Disk Types for Exchange:
  • Better IOPS performance mean flexibility in storage options:
  •      High-end storage (SANs or RAID arrays)
  •      Exchange 2010 uses reduced I/O and this allows for Lower cost SATA disks or Just a Bunch of Disks (JBOD) storage
  • One important point to keep in mind is that Microsoft removes Single Instance Storage with Exchange 2010
  •      The idea behind SIS is when a message is sent to a bunch of people (perhaps with a large file included) the original message is stored once.
  •      SIS is replaced by database compression technology and new tools to help administrators to purge mailboxes and reduce the overall size of the database
To visualize email flow consider the following:
The email comes in, the CPU/Memory sends it to the hard disk but not immediately into the database, because it might be busy. First it goes into transaction logs, which ensure the data is written into the database. Transaction logs don’t do anything, they are 1 MB in size and the amount of files/logs grows. But they are written into the “one monolithic database” file. The exchange store uses write-ahead Transaction Logs and CheckPoint files to help prevent data loss. These files record all changes that have been committed to the in-memory database. While checkpoint files record which data has been committed. If the DB is corrupted, and the transaction logs are safe, your DB will be up to date. Its recommended to keep TL and DB on separate disks. JRS files are used when the hard drive runs out of space and help to stop the queue DB cleanly. When the store runs out of hard disk space, the transport service will be stopped. At 1 GB it will run out of space and is BAD. Space cannot be reclaimed. *Make extra effort to ensure you do not run out of disk space!*
In the Exchange Management Console -> Mailbox server role -> Database Management tab, we can see the database file path and where the Transaction Logs are located.
In the Mailbox Database folder on the hard drive, in the transaction logs, when the placeholder E00 log is complete, it will be renamed.
When you create a new Mailbox, you can change the DB file locations. (PS command: new – mailboxdatabase Server…)
Exchange 2010 Database Best Practices:
  • Place transaction logs and database files on separate disks (off the system disk and/or the location where Exchange is installed – you can move the location of your DB)
  • Place transaction logs on a mirrored volume
  • Place database files on a RAID 5
  • Use the Exchange 2010 Mailbox Server Role Requirements Calculator to help you determine your storage needs. The latest version can be found here: http://blogs.technet.com/b/exchange/archive/2009/11/09/exchange-2010-mailbox-server-role-requirements-calculator.aspx
  • Note: Standard Edition supports 5 databases. Enterprise Edition supports 100 databases
For an existing DB, you can “Move Database Path” at any time and change the default locations for transaction logs and database file location.
EMC -> Organization Configuration -> Mailbox -> Database Management Tab -> Right-click on Database -> Properties ->
Maintenance Tab ->
Database Management Properties
  • Mount and Dismount the Database
  • Move Database and Log Paths
  • Background Database Maintenance (24×7 ESE scanning)
  • Circular Logging
  • Storage Limits
  • Deletion Settings
We will touch upon Journal Recipient later.
Here the Exchange Mailbox Database Maintenance Schedule can be adjusted or Customized.
Database maintenance performs the following maintenance tasks:
  1. Purging mailbox DB and PF DB indexes
  2. Maintaining Tombstones
  3. Cleans up deleted Items Dumpster
  4. Removes public folders that have exceeded expiration time
  5. Removes Deleted Public Folders which have exceeded the tombstone lifetime
  6. Cleans up conflicting Public Folder messages
  7. Updates server versions
  8. Checks schedule plus Free/Busy and offline folders
  9. Cleans up deleted mailboxes
  10. Checks message tables for orphaned messages
  11. Cleans up reliable event tables
By default, from 1am to 5 am, these tasks above are completed.
An online defragmentation process will be run to free up pages in the database at the end of every maintenance schedule. This is done to reduce the amount of I/O.
Legacy versions of Exchange would do a DB check-sum and look at every page to see if there was corruption at end of maintenance schedule.
However, ESE Scanning does the DB check sum process for corruption on the fly, outside of the maintenance schedule. Un-checking the option for ESE 24/7, the defrag will still take place at the end of the scheduled maintenance.
– Enable Circular Logging – saves disk space – allows exchange to overwrite transaction logs. If your database is corrupt, the transaction logs will restore the DB from the logs. It’s not recommended to use this option – but good if you want to save disk space (perhaps you can turn this on for specific databases)
Limits Tab:
Storage limits – mailbox and storage limits
By default, every day at 1am if the user hits these limits, they will be sent a notification that their mailbox has gotten so large that they will either be prohibited to send or send and receive.
Issue Warning at (kb):
Prohibit send at (kb):
Prohibit send and receive at (kb):
Deletion settings defaults:
Keep deleted items for (days): – deleted items do not count against user’s total mailbox size
Keep deleted mailboxes for (days)
Don’t permanently delete items until the database has been backed up (recommended to enable this option)
In summary, there is a lot to consider when managing an Exchange database. We talked about the concept of an Exchange Database, Transaction logs and database files, mounting/dismounting databases, best practices for configuring DB’s and logs, and finally, maintaining our databases with best practices.
A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010: Exchange Management Console (EMC) – Part 8

A quick overview of the Exchange Management Console, or EMC; a very capable management console accessed via the OWA web interface.

We can access the EMC through Outlook Web App. On the Exchange Mailbox server itself, you can get to OWA through the address https://localhost/owa

Note: I encountered an issue here. When first logging into OWA I received the following error message: “Your mailbox appears to be unavailable. Try to access it again in 10 seconds. If you see this error again, contact your helpdesk.”

My first instinct when I receive a message like this is to check services. Yes, as I suspected, upon viewing my primary Exchange server services, the Microsoft Exchange Server Information Store Service was not started. I started the service manually, logged into OWA again, and found I could now completely log in and see my OWA inbox.

Once inside the administrator’s mailbox, you can manage the organization by clicking on the Options drop-down in the upper right-hand corner, and then on “See all options…”

ManageOptions
Now that you’ve clicked into all of the options, you will want to change the Mail > Options: “Manage Myself” drop-down to “My Organization”. You are now in the Exchange Management Console.EMC

Once inside the EMC you have the following Options:

  1. Users and Groups – contains Mailboxes, Distribution Groups, and External Contacts
  2. Roles and Auditing – contains Administrator Roles, User Roles, and Auditing. There are some nice Auditing controls available here including * Run a non-owner mailbox access report… * Run a litigation hold report… * Run an administrator role group report… * Export Mailbox Audit Logs… * Export the Administrator Audit Log…
  3. Mail Control – contains Rules, Journaling, and Delivery Reports
  4. Phone and Voice – contains ActiveSync Access (Quarantined Devices and Device Access Rules); and ActiveSync Device Policy
Take note that Multi Mailbox Search (which is under mail control in RTM). RVAC, even the admin is not able to see the Multi Mailbox Search; you have the add the administrator into the Discovery Management Role Group. Once added to that group, you will see MultiMailbox search in the Administrators EMC.

 

 

 

 

A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010 SP1 Installation – Part 6

Exchange 2010 SP1

Exchange Team Points For Deployment Prepraration

The installation of SP1 can be very frustrating, despite it’s great features. There is always some side-IIS elements that were not installed, and they need to be installed before you can move forward. The hotfixes are the key. When you start with an OS, e.g. Server 2008 R2, make sure you first have all of the OS updates installed. Visit Windows Updates and make sure you install any that are available. Then you want to visit the Microsoft Exchange Team site and find all the hot fixes for your Exchange 2010 installation. Make sure all of those hot fixes are installed as well. Then, even though you can install roles and features with checkboxes, it’s better to use the import-modules servermanager commandlet with PowerShell and copy the text for installing roles and features.

Do a google search for “Install Exchange 2010 SP1” and go to the EHLO blog. http://blogs.technet.com/b/exchange/archive/2010/09/01/3410888.aspx

Go to the Upgrade order if you’re going to upgrade from 2007.

Use the Matrix of Updates Required chart. Use the chart and don’t just go with what the Exchange installer tells you. You don’t want to miss one; you may be shown that you finished completely, but end up having to go back to ADSI edit etc. So make sure you have the hotfixes based off the chart.

In my case, all of the updates in the matrix were not required by my system, and the SP1 install went well with my latest install. After the SP1 install, it’s a good idea to install the update roll-up #5 released by Microsoft here:

http://www.microsoft.com/download/en/details.aspx?id=22090

After the update roll-up has been installed, be sure to check Windows Update a few times to ensure you have the latest patches and updates.

After SP1 is installed, and the updates have been installed as well, open up the Exchange console, click on the Organization Configuration, and then Mailbox, and you should see two new Retention tabs:

ExchangeSP1
Click image to enlarge

 

 

 

 

 

 

 

 

 

 

 

 

A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010 Installation Part 5

Absolute Necessities for Exchange 2010

  • You need an Active Directory Domain in place
  • You need a solid DNS infrastructure
  • You can technically install Exchange 2010 on a server that is your Active Directory Server and your DNS server (case in point, Small Business Server)

Typical or Custom Installations:

Exchange 2010 can be deployed through either a Typical or a Custom Installation

1. Typical: will install the Hub Transport, Client Access and Mailbox Server roles

2. Custom: You can install one server type, or some, or all of the roles

  • If you install the Edge Transport (greys out other roles), you cannot install other roles. Can only exist on a DMZ
  • If you are installing one of the other roles, you can combine them together (you may install them on separate servers all together.)
  • You don’t need the Unified Messaging Server role in order for your organization to function. The same with the Edge Transport server, not required but is recommended by Microsoft to provide better protection for Exchange.

The installation itself is fairly typical, and if your prerequisites have been installed you should not encounter any errors.

After installation, if your Exchange server is not licensed, you will have approximately 120 days to activate or license the server.

Be sure to check for critical updates for your exchange server after installation. If you don’t see any updates for exchange in Windows Update, even after a reboot, you may need to start the Exchange Setup.exe Installer again, and click on “Step 5: Get critical updates for Microsoft Exchange”. This is the only way I could force Windows/Exchange to find new updates, for example Exchange Update Rollup 5 for Exchange Server 2010 KB2407113.

 

Exchange Updates
Click Image to Enlarge

 

 

 

 

 

 

 

 

 

Everything we need installed for a working Exchange environment has been accomplished.

When starting the Exchange 2010 Management Console, we are not simply opening it for this server, but for our Exchange Organziation. Whether on a single server, or a multitude of servers, the console will manage the entire Exchange Organization system.

For the Edge Transport Server

We will install Active Directory Lightweight Directory Services. Even though the Edge Transport Server is not a part of the AD (for our own safety) it still requires a directory to work with. We can install it via the GUI, or through the PowerShell.

For the Edge Transport server, we will use the code:

> import-module servermanager

> Add-WindowsFeature NET-Framework, RSAT-ADDS, ADLDS -Restart

When running the command you may receive the following result error:

PS C:UsersAdministrator> Add-WindowsFeature NET-Framwork,RSAT-ADDS,ADLDS -Restart
Add-WindowsFeature : ArgumentNotValid: Invalid role, role service, or feature: 'NET-Framwork'. The name was not found.
At line:1 char:19
+ Add-WindowsFeature <<<<  NET-Framwork,RSAT-ADDS,ADLDS -Restart
    + CategoryInfo          : InvalidData: (:) [Add-WindowsFeature], Exception
    + FullyQualifiedErrorId : NameDoesNotExist,Microsoft.Windows.ServerManager.Commands.AddWindowsFeatureCommand

Success Restart Needed Exit Code Feature Result
------- -------------- --------- --------------
False   No             Invali... {}

If you receive this error, it means that the prerequisite, .NET Framework 3.5.1 is required. See screenshot below. An easy way to install the prerequisite is to use the GUI role installation feature, which will prompt you to install the framework. Be sure to apply all critical updates and service packs to .NET prior completing the installation of Lightweight Directory Services; remember, this is your public-facing computer.

Click image to enlarge

 

 

 

 

 

 

Once .NET and the rest of the Edge Transport role is installed, you’ve rebooted, updated and have rebooted again, now would be a good time to backup the Edge Transport server with either a bare metal/VM system snapshot. Although snapshots are beneficial, an Edge Transport XML export/backup should be performed as well on a regular basis. I exported my first as Edge_BaselineXML.

A very useful article on backing up and restoring the Edge Transport Server can be found here: http://exchangeserverpro.com/exchange-2010-edge-transport-server-backup-and-recovery

Note: The Windows Backup feature is not installed by default on a newly installed Server2008 R2 installation. You can quickly install the backup feature at the powershell using the following two commands:

> import-module servermanager

> add-WindowsFeature backup

When logging into the Edge Server, and launching the Management Console, I encountered the following error:

[ERROR] Provisioning layer initialization failed: ‘Active Directory error 0x8007052E occurred while searching for domain controllers in domain

The problem was that I had logged into the local machine only and not the domain, and when trying to run the console, it was not logged in as a domain user. I logged off, logged back in as DOMAINAdministrator, and then found the Management Console to work correctly and identify my machine as an Edge Transport Server.

Another error I hit was the following:

The following error occurred when searching for On-Premises Exchange Server:

The term ‘C:Program FilesMicrosoftExchange Server V14BinConnectFunctions.ps1′ is not recongnized as the name of a cmdlet, function, script files, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. It was running the command’. ‘C:Program FilesMicrosoftExchange ServerV14BinConnectFunctions.ps1’

(Click here to retry)

By following the workaround here: http://blogs.technet.com/b/nawar/archive/2010/09/03/exchange-management-shell-ems-missing-after-applying-exchange-2010-sp1.aspx I was able to continue with the configuration and open up the Exchange Console. However, all roles were available, which is incorrect. We should only see the Edge Transport role. After re-installing only the Edge Transport Role through the Exchange Setup, I now have the Edge Transport Role up and running. The Exchange Management Console should show only the Edge Transport Role on the Edge Transport server itself.

Click Image to Enlarge

 

 

 

 

 

This makes it clear what we’re working on. We’re on an Edge Transport server and that is all we can work on.

At this point we now have the ability to send mail internally from one mailbox to another. We do not have the ability to send email to the internet or from the internet because we have not configured DNS, or our Send/Receive connectors. We will save these tasks for a different post.

 

 

 

 

A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com

Exchange 2010 Installation Part 5

Absolute Necessities for Exchange 2010

  • You need an Active Directory Domain in place
  • You need a solid DNS infrastructure
  • You can technically install Exchange 2010 on a server that is your Active Directory Server and your DNS server (case in point, Small Business Server)

Typical or Custom Installations:

Exchange 2010 can be deployed through either a Typical or a Custom Installation

1. Typical: will install the Hub Transport, Client Access and Mailbox Server roles

2. Custom: You can install one server type, or some, or all of the roles

  • If you install the Edge Transport (greys out other roles), you cannot install other roles. Can only exist on a DMZ
  • If you are installing one of the other roles, you can combine them together (you may install them on separate servers all together.)
  • You don’t need the Unified Messaging Server role in order for your organization to function. The same with the Edge Transport server, not required but is recommended by Microsoft to provide better protection for Exchange.

The installation itself is fairly typical, and if your prerequisites have been installed you should not encounter any errors.

After installation, if your Exchange server is not licensed, you will have approximately 120 days to activate or license the server.

Be sure to check for critical updates for your exchange server after installation. If you don’t see any updates for exchange in Windows Update, even after a reboot, you may need to start the Exchange Setup.exe Installer again, and click on “Step 5: Get critical updates for Microsoft Exchange”. This is the only way I could force Windows/Exchange to find new updates, for example Exchange Update Rollup 5 for Exchange Server 2010 KB2407113.

 

Exchange Updates
Click Image to Enlarge

 

 

 

 

 

 

 

 

 

Everything we need installed for a working Exchange environment has been accomplished.

When starting the Exchange 2010 Management Console, we are not simply opening it for this server, but for our Exchange Organziation. Whether on a single server, or a multitude of servers, the console will manage the entire Exchange Organization system.

For the Edge Transport Server

We will install Active Directory Lightweight Directory Services. Even though the Edge Transport Server is not a part of the AD (for our own safety) it still requires a directory to work with. We can install it via the GUI, or through the PowerShell.

For the Edge Transport server, we will use the code:

> import-module servermanager

> Add-WindowsFeature NET-Framework, RSAT-ADDS, ADLDS -Restart

When running the command you may receive the following result error:

PS C:UsersAdministrator> Add-WindowsFeature NET-Framwork,RSAT-ADDS,ADLDS -Restart
Add-WindowsFeature : ArgumentNotValid: Invalid role, role service, or feature: 'NET-Framwork'. The name was not found.
At line:1 char:19
+ Add-WindowsFeature <<<<  NET-Framwork,RSAT-ADDS,ADLDS -Restart
    + CategoryInfo          : InvalidData: (:) [Add-WindowsFeature], Exception
    + FullyQualifiedErrorId : NameDoesNotExist,Microsoft.Windows.ServerManager.Commands.AddWindowsFeatureCommand

Success Restart Needed Exit Code Feature Result
------- -------------- --------- --------------
False   No             Invali... {}

If you receive this error, it means that the prerequisite, .NET Framework 3.5.1 is required. See screenshot below. An easy way to install the prerequisite is to use the GUI role installation feature, which will prompt you to install the framework. Be sure to apply all critical updates and service packs to .NET prior completing the installation of Lightweight Directory Services; remember, this is your public-facing computer.

Click image to enlarge

 

 

 

 

 

 

Once .NET and the rest of the Edge Transport role is installed, you’ve rebooted, updated and have rebooted again, now would be a good time to backup the Edge Transport server with either a bare metal/VM system snapshot. Although snapshots are beneficial, an Edge Transport XML export/backup should be performed as well on a regular basis. I exported my first as Edge_BaselineXML.

A very useful article on backing up and restoring the Edge Transport Server can be found here: http://exchangeserverpro.com/exchange-2010-edge-transport-server-backup-and-recovery

Note: The Windows Backup feature is not installed by default on a newly installed Server2008 R2 installation. You can quickly install the backup feature at the powershell using the following two commands:

> import-module servermanager

> add-WindowsFeature backup

When logging into the Edge Server, and launching the Management Console, I encountered the following error:

[ERROR] Provisioning layer initialization failed: ‘Active Directory error 0x8007052E occurred while searching for domain controllers in domain

The problem was that I had logged into the local machine only and not the domain, and when trying to run the console, it was not logged in as a domain user. I logged off, logged back in as DOMAINAdministrator, and then found the Management Console to work correctly and identify my machine as an Edge Transport Server.

Another error I hit was the following:

The following error occurred when searching for On-Premises Exchange Server:

The term ‘C:Program FilesMicrosoftExchange Server V14BinConnectFunctions.ps1′ is not recongnized as the name of a cmdlet, function, script files, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. It was running the command’. ‘C:Program FilesMicrosoftExchange ServerV14BinConnectFunctions.ps1’

(Click here to retry)

By following the workaround here: http://blogs.technet.com/b/nawar/archive/2010/09/03/exchange-management-shell-ems-missing-after-applying-exchange-2010-sp1.aspx I was able to continue with the configuration and open up the Exchange Console. However, all roles were available, which is incorrect. We should only see the Edge Transport role. After re-installing only the Edge Transport Role through the Exchange Setup, I now have the Edge Transport Role up and running. The Exchange Management Console should show only the Edge Transport Role on the Edge Transport server itself.

Click Image to Enlarge

 

 

 

 

 

This makes it clear what we’re working on. We’re on an Edge Transport server and that is all we can work on.

At this point we now have the ability to send mail internally from one mailbox to another. We do not have the ability to send email to the internet or from the internet because we have not configured DNS, or our Send/Receive connectors. We will save these tasks for a different post.

 

 

 

 

A good majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com