24 Hours Of Exchange Server 2007 (Part 1 Of 24)
-
Upload
harold-wong -
Category
Business
-
view
3.089 -
download
2
description
Transcript of 24 Hours Of Exchange Server 2007 (Part 1 Of 24)
Harold WongSenior Technology SpecialistMicrosoft Corporation
24 Hours of Exchange Server 2007 24 Hours of Exchange Server 2007 (Part 01 of 24): Integration of Exchange (Part 01 of 24): Integration of Exchange Server 2007 and Active DirectoryServer 2007 and Active Directory
What Will We cover?What Will We cover?
• MicrosoftMicrosoft®® Exchange Server 2007 integration Exchange Server 2007 integration with Active Directorywith Active Directory®® directory service directory service
• Message routing using Active Message routing using Active Directory sitesDirectory sites
• New Exchange Server administrator rolesNew Exchange Server administrator roles
Level 200
Helpful ExperienceHelpful Experience
• Experience with Active DirectoryExperience with Active Directory
• Understanding of Active Directory sitesUnderstanding of Active Directory sites
• Experience with Microsoft® Exchange Server Experience with Microsoft® Exchange Server 20032003
AgendaAgenda
• Integrating with Active DirectoryIntegrating with Active Directory
• Planning for Exchange Server 2007Planning for Exchange Server 2007
• Understanding Exchange Server permissionsUnderstanding Exchange Server permissions
Architectural GoalsArchitectural Goals
Active Directory TopologiesActive Directory Topologies
Resource ForestCross ForestSingle Forest
Review: Integrating with Active Review: Integrating with Active Directory (1)Directory (1)
• Which of the following was not one of the Which of the following was not one of the
• basic architectural goals in the development basic architectural goals in the development
• of Exchange Server 2007?of Exchange Server 2007?
• ComplexityComplexity
• FlexibilityFlexibility
• TrustworthinessTrustworthiness
• ScalabilityScalability
Review: Integrating with Active Review: Integrating with Active Directory (2)Directory (2)• Which type of Active Directory topology Which type of Active Directory topology • allows you to separate the administration of allows you to separate the administration of • Exchange Server from that of Active Directory?Exchange Server from that of Active Directory?
• Single forest topologySingle forest topology• Cross-forest topologyCross-forest topology• Resource forest topologyResource forest topology• Multiple forest topologyMultiple forest topology
Review: Integrating with Active Review: Integrating with Active Directory (3)Directory (3)
• In a cross-forest infrastructure, what In a cross-forest infrastructure, what
• Exchange Server 2007 role manages the Exchange Server 2007 role manages the
• communication between organizations?communication between organizations?
• Client Access server roleClient Access server role
• Edge Transport server roleEdge Transport server role
• Hub Transport server roleHub Transport server role
• Mailbox server roleMailbox server role
AgendaAgenda
• Integrating with Active DirectoryIntegrating with Active Directory
• Planning for Exchange Server 2007Planning for Exchange Server 2007
• Understanding Exchange Server permissionsUnderstanding Exchange Server permissions
Active Directory Site Structure Active Directory Site Structure for Routing Mailfor Routing Mail
Overview of IP Site LinksOverview of IP Site Links
IP Site LinkIP Site Link
1010
1010
1515
1010
1515
1010
1010
1010
Access to Active DirectoryAccess to Active Directory
User ConfigurationUser ConfigurationSite ConfigurationSite ConfigurationExchange Server 2007 RolesExchange Server 2007 Roles
Schema Schema PartitionPartition
Configuration Configuration PartitionPartition
Domain Domain PartitionPartition
Edge Transport Server RoleEdge Transport Server Role
Server Roles and Active Server Roles and Active DirectoryDirectory
Schema Schema PartitionPartition
Configuration Configuration PartitionPartition
Domain Domain PartitionPartition
Active Active Directory Directory
APIAPI
Mailbox Server RoleMailbox Server Role
Unified Messaging Server RoleUnified Messaging Server Role
Client Access Server RoleClient Access Server Role
Hub Transport Server RoleHub Transport Server Role
Exploring the Demo EnvironmentExploring the Demo Environment
Explore Domain Users and ComputersExplore Domain Users and Computers Check the Active Directory PartitionsCheck the Active Directory Partitions
demonstrationdemonstration
Review: Planning for Exchange Review: Planning for Exchange Server 2007 (1)Server 2007 (1)
Where does Exchange Server 2007 store Where does Exchange Server 2007 store
attribute, configuration, and recipient attribute, configuration, and recipient
information?information?
1.1. Schema partitionSchema partition
2.2. Configuration partitionConfiguration partition
3.3. Domain partitionDomain partition
4.4. All of the aboveAll of the above
Review: Planning for Exchange Review: Planning for Exchange Server 2007 (2)Server 2007 (2)
How does Exchange Server 2007 determine the best How does Exchange Server 2007 determine the best route to deliver mail within an Exchange route to deliver mail within an Exchange organization?organization?
1.1. By the cost of an IP site linkBy the cost of an IP site link
2.2. By the fastest WAN connectionBy the fastest WAN connection
3.3. Using routes configured in Exchange ServerUsing routes configured in Exchange Server
4.4. By the replication interval of a site linkBy the replication interval of a site link
Review: Planning for Exchange Review: Planning for Exchange Server 2007 (3)Server 2007 (3)
Which server role will first attempt direct Which server role will first attempt direct
communication rather than examining site communication rather than examining site
link costs when sending data between sites?link costs when sending data between sites?
1.1. Client Access server roleClient Access server role
2.2. Edge Transport server roleEdge Transport server role
3.3. Hub Transport server roleHub Transport server role
4.4. Mailbox server roleMailbox server role
AgendaAgenda
• Integrating with Active DirectoryIntegrating with Active Directory
• Planning for Exchange Server 2007Planning for Exchange Server 2007
• Understanding Exchange Server permissionsUnderstanding Exchange Server permissions
Administrative ChangesAdministrative Changes
Exchange Server 2003/2000 Administrative Groups• Insufficient flexibility to effectively manage permissions• Rarely used in Exchange Server 2003 organizations
Exchange Server Security and Exchange Server Security and PermissionsPermissions
Exchange Server 2003
• Predefined Security Roles• Lack of specificity• Little difference between roles• No clear separation between Exchange Administrative Roles
and Active Directory Admins
Exchange Server 2007
• New Administrator Roles• Managed from either the Exchange Management Console or the Exchange Management Shell• No need to alter ACL settings
Split Permissions ModelSplit Permissions Model
Administrator Roles in Exchange Administrator Roles in Exchange ServerServer
Owners of the Exchange organizationRead access to all domain user containersWrite access to all Exchange-specific attributesOwner of all local server configuration data
Must run Setup /PrepareDomain for eachdomain for this group to be applicableRead access to all the Domain User containers Write access to all the Exchange-specific attributesOwner of all local server configuration data.Local administrator on the computer on which Exchange Server is installed.Members of Exchange View-Only Administrators
Read-only access to the entire Exchange organization tree
Exchange Organization
Administrators
Exchange Recipient Administrators
Exchange Server Administrators
Exchange View-Only Administrators
GlobalData
RecipientData
ServerData
Accessing Administrative Roles
Explore the Administrative RolesExplore the Administrative Roles
demonstrationdemonstration
Review: Understanding Review: Understanding Exchange Permissions (1)Exchange Permissions (1)
How many predefined administrative groups How many predefined administrative groups
are provided with Exchange Server 2007?are provided with Exchange Server 2007?
1.1. ThreeThree
2.2. FourFour
3.3. FiveFive
4.4. SixSix
Review: Understanding Review: Understanding Exchange Permissions (2)Exchange Permissions (2)
Which role provides permissions to modify any Which role provides permissions to modify any
Exchange property on an Active Directory user, Exchange property on an Active Directory user, contact, group, or public folder object?contact, group, or public folder object?
1.1. Exchange Organization AdministratorsExchange Organization Administrators
2.2. Exchange Recipient AdministratorsExchange Recipient Administrators
3.3. Exchange Server AdministratorsExchange Server Administrators
4.4. Exchange View-Only AdministratorsExchange View-Only Administrators
Review: Understanding Review: Understanding Exchange Permissions (3)Exchange Permissions (3)
Which role does Which role does notnot provide organization-wide provide organization-wide
permissions to an Exchange administrator?permissions to an Exchange administrator?
1.1. Exchange organization administratorsExchange organization administrators
2.2. Exchange recipient administratorsExchange recipient administrators
3.3. Exchange server administratorsExchange server administrators
4.4. Exchange view-only administratorsExchange view-only administrators
Session SummarySession Summary
• Exchange Server 2007 utilizes Active Exchange Server 2007 utilizes Active Directory sites and site links for routing mailDirectory sites and site links for routing mail
• Each server role manages Exchange data in Each server role manages Exchange data in Active Directory partitionsActive Directory partitions
• Improved Exchange administrative roles Improved Exchange administrative roles simplify permission delegationsimplify permission delegation
Questions and AnswersQuestions and Answers
• Submit text questions using the “Ask” button. Submit text questions using the “Ask” button. • Don’t forget to fill out the survey.Don’t forget to fill out the survey.• For upcoming and previously live webcasts: For upcoming and previously live webcasts:
www.microsoft.com/webcasts
• Got webcast content ideas? Contact us at: Got webcast content ideas? Contact us at: http://go.microsoft.com/fwlink/?LinkId=41781
• Today's webcast was presented using MicrosoftToday's webcast was presented using Microsoft®® Office Live Meeting. Get a free 14-day trial by Office Live Meeting. Get a free 14-day trial by visiting: visiting: www.microsoft.com/presentlive