Discussion: Best Practise Post Exchange 2007 Deployment
Download
Report
Transcript Discussion: Best Practise Post Exchange 2007 Deployment
Nathan Winters – MVP – Exchange Server
Consultant – Dimension Data
Agenda
Exchange 2007 – A Quick Intro
Planning for Exchange 2007
Designing Exchange 2007
Migrating to Exchange 2007
Documentation
Summary
Server Roles
Forest
Internet
Edge Transport
server role
Hub Transport
server role
Client Access
server role
Directory
Server
Mailbox
server role
UM Server
Agenda
Exchange 2007 – A quick intro
Planning for Exchange 2007
Designing Exchange 2007
Migrating to Exchange 2007
Documentation
Summary
Planning Considerations
Active Directory
Schema update
Permission changes (Split Permissions Model)
Some data exported/sync’d with Edge Transport server
Windows Server 2003 SP1 or later required for;
○ At least one DC in each Site containing Exchange
○ Schema Master
Windows 2000 Native or higher domain functional level
DNS
Edge Transport resolution of Hub Transport server
Autodiscover
Single, unified internal namespace
DNS Suffix for Edge Transport server
Planning Considerations
Hardware
64 Bit
Mailbox server role
Standalone or clustered (CCR or SCC)
Replication (LCR, CCR, SCR, 3rd Party)
Storage (DAS, SAN, iSCSI)
Public Folders
Hub Transport server role
Using Active Directory Sites for routing
Exchange costs can override Site routing
Built-in resilience/failover with multiple servers in Site
Planning Considerations
Client Access server role
Protocols: EAS, HTTPS, POP3, IMAP4
Services: Availability, Autodiscover, Web Services
Very different from Front-End servers in earlier versions
○ Optimize performance for Mailbox server role
○ Never put in a perimeter network
○ Internal, well-connected network (100 Mbps – 1 Gbps)
Unified Messaging server role
Integrates telephony systems with Exchange
○ PBX, IP/PBX, VoIP
Many new terms and technologies to learn
Planning Considerations
Edge Transport server role
Designed for a perimeter network deployment
Not a member of internal Active Directory forest/domain
Can be a member of perimeter network forest/domain
○ Useful for management purposes (group policy, etc.)
○ MSIT does this
Stores configuration data in local file and Active Directory
Application Mode (ADAM)
○ Uses EdgeSync for one-way transfer of data from Active
Directory to ADAM
Minimal attack surface
○ TCP port 25, 50636, optional RDP port
Base Software Requirements for
Exchange 2007
Windows Server 2003 x64 w/SP1 or R2, or SP2
Allows OWA users to browse the GAL
Microsoft .NET Framework 2.0
Windows PowerShell 1.0
Microsoft Management Console (MMC) 3.0
Hotfixes / Updates
272618_intl_x64_zip.exe (Edge)
NDP20-KB926776-X64.exe (.NET update)
WindowsServerver2003.WindowsXP-KB918980-x64-
ENU.exe (Windows Server Update)
Windowsmedia10-kb917312-x64-intl.exe (UM)
.NET Framework 2.0 Service Pack 1 or hotfix from
942027
Windows 2008 Exchange Support
WS08 writeable DC’s are supported in
environments that have the following
Exchange Servers
Exchange 2003 SP2
Exchange 2007 RTM
Exchange 2007 SP1
•
WS08 RODC/ROGC's.
No Exchange servers are RO aware
Exchange 2007 RTM and previous
versions of Exchange are not supported for
installation on a Windows 2008 server.
Exchange 2007 SP1 can be installed on a
Windows 2008 server.
Functional Dependencies
Retain Exchange 2003 for:
X400 Connector
GroupWise Connector and Migration Tools
Event Service
NNTP
OWA
○ PF Access
○ Outlook Mobile Access
○ SMIME Control
Agenda
Exchange 2007 – A quick intro
Planning for Exchange 2007
Designing Exchange 2007
Migrating to Exchange 2007
Documentation
Summary
Starting Off Right...
Getting real customer requirements is
essential
Prioritise and validate those
requirements
Write a Vision and Scope document –
and get it agreed
Deal with changes through a change
control process
If you don’t... It WILL creep
Architecture
Keep It Simple at all times
Forget empty forest roots
Carefully consider delegated admin models
– they rarely work
Clustering is not the only answer
Make sure it is supportable!
Do some discovery - Measure existing
systems – measure peak IOPS, mailflow,
mailbox profile etc.
Know how to use Perfmon
Use ExBPA
Design Considerations
Sizing
Compliance
Archiving
WAN – Cached mode etc (Optimisation)
Client access methods
Existing IPT and Unified Messaging
Management and Reporting
Disaster Recovery – High Availability
Server Placement Considerations
Sites
CAS
Name space
Method of access
WAN links
Public Folders
Public Folders are widely used for sharing and DL
archiving
SharePoint 2007 is another solution for sharing and DL
archiving
http://www.tsunami.com
http://www.casahl.com
http://www.quest.com
http://blogs.msdn.com/joelo/archive/20
07/07/26/migration-tools-from-kimmoforss.aspx
All previous versions of Outlook and Exchange required
Public Folders to be deployed.
Public Folders are required within an organization until:
All Outlook clients are upgraded to Outlook 2007
All mailboxes have been migrated to Exchange 2007
No Public Folder applications are still used
Key Sizing Elements
Size for “peak average”
not “peak peak”
Monday morning
Repeatable
Busiest servers
Not “average
average”, either
Take a visual average
Know when to
use percentiles
Peak average connections: ~2100
Average active connections: 1441
Sizing Methodology
Know thyself
• What is your definition of a “User”
• How do your users behave?
Use the published resources
• Apply sizing best practices
• Utilize tools and help file resources
Test, test and re-test
• Aim to achieve repeatable results
Sizing Resources and Testing Tools
Sizing Tools
Microsoft’s Exchange Server 2007 Mailbox
Server Role Storage Requirements Calculator
DiY
Load Generator
ESP
JetStress
Info on MSIT’s deployment IT Showcase
Blogs, TechNet
White papers
System Center Capacity Planner 2007
Mailbox Server Sizing
Rules of Thumb
CPU
Up to 8 cores
~500 – 1,000 mailboxes /
core
20
15
10
Min Gbit
With CCR use separate NICs for public and private networks
49 - 50
Network
45 - 48
41 - 44
Storage Groups
2 – 5MB/mailbox + 2GB
Also SG-dependent
32GB cost effective at RTM but no real maximum
37 - 40
33 - 36
29 - 32
25 - 28
21 - 24
Memory
17 - 20
0
13 - 16
ratio based on this number
9 - 12
5
5-8
All other roles have a
1-4
25
RAM (GB)
30
Mailbox Server Sizing
Rules of Thumb
Disk
Balance I/O and Capacity
Content Indexing (online
mode, OWA users)
○ +5% capacity onto database
LUN size
Overhead / white space
○ Target database size + 10%
SLA factored into sizing
○ Max database size
○ Recovery Storage Group
○ Backup to Disk
○ Delete items retention default is 14 days (15 – 30% increase)
CCR Considerations
Cold State / Cache Warming impact
CAS Server Sizing
Rules of Thumb
OWA Scalability
80
CPU
60
Up to 4 cores
1:4 CAS:Mailbox cores
40
Memory
2GB/core new!
Processor
20
0
Heavy Outlook Anywhere
access: 2GB+/core
(16GB max new!)
Disk – sure, why not
Network
2500
2000
1500
Gbit recommended
1000
64k connection limit
500
Memory Usage
0
10002000300040005000600070008000
Hub Transport Server Sizing
Rules of Thumb
CPU
With A/V and A/S
Without A/V and A/S
Recommended max
cores / server
8
4
Hub Cores / mailbox
server cores
1:5
1:7
Memory
1GB/core; 16GB max
Large queue scenarios
○ Per message overhead: 3K, per recipient overhead: 1K
Edgesync (enterprise deployments)
○ 4K per mail-enabled object
Disk
Separate mail.que and logs from system disks (RAID 10)
Transport dumpster impact
4GB minimum free space or Back Pressure kicks in…. VM testing - beware
Network
Gbit recommended
UM Server Sizing
Rules of Thumb
CPU
Up to 4 cores
Multiple cores recommended if converting from .wav to .wma
Memory
1GB/core (2GB minimum)
4GB maximum
Disk
Based on codec
Network
Codec
E2K7 RTM
Gbit recommended
WMA
Concurrency
GSM
60 users (WMA)
75 users (GSM)
Equates to 2K – 10K user
population per server
60
E2K7 SP1
(W2K3)
70
E2K7 SP1
(W2K8)
80
75
100+
100+
Tests were conducted on a system with 4 GB RAM and 2 x 2-core, 4 Ghz processors
Agenda
Exchange 2007 – A quick intro
Planning for Exchange 2007
Designing Exchange 2007
Migrating to Exchange 2007
Documentation
Summary
Exchange Migration Methods
a. Intra Organisational
Org A
b. Inter Organisational
Org A
Org B
Preparation
Base build server and install prerequisites
Patch server
Create OUs for server objects in AD
Move server machine accounts in to correct OUs
Create Exchange Full Administrator Service Account
Grant Domain, Ent and Schema Admins and Make Exchange 2003 Full
admin
Copy the install files to each server - c:\software\Exchange2007
Create updates dir on each server - c:\software\Exchange2007Patches
Copy rollup 1 to updates dir (Note Error - currently manual)
Create binaries install location (New-Item -Type directory -Path
"D:\Program Files\Microsoft\Exchange Server")
If not already in existence create Certificate Authority
Implement Link State suppression
Clean up accepted domains and recipient policies before deployment
Verify Server Build: Network config, Patching, IE version, Prerequisites
Exchange 2007 Setup
Prepare AD Overview
/PrepareLegacyExchangePermissions
For every Ex 200x ‘domainpreped’ domain
For a specified domain
/PrepareSchema
Apply legacy permissions if required
Extend schema
/PrepareAD
Apply legacy permissions if required
Extend schema if required
Create Exchange global objects
Prepare local domain
/PrepareDomain
For local domain
For all domains
For a specified domain
Verify the Schema Has Been
Extended
Exchange 2007 Service Pack 1 Schema Version 11116
Verify Prepare AD
Exchange 2007 Security Groups
Setup creates five Exchange USG in the root domain
Exchange Administrative Group (FYDIBOHF23SPDLT)
Exchange Routing Group (DWBGZMFD01QNBJR)
Order of Deployment
Install server roles in this order:
Client Access server role
Hub Transport server role
Mailbox server role
Unified Messaging server role
Edge Transport server role can be introduced at any
time
○ Full functionality requires Hub Transport server and
EdgeSync
Unattended Setup
Setup.com /r:”c,m,u,h”
/roles:<roles to install>
○ Hub Transport (H); Client Access (C); Edge (E); Mailbox (M); Unified Messaging
(U); Management Tools (T)
/mode:<setup mode>
○ Install, Uninstall, Upgrade, RecoverServer
/TargetDir:<folder>
/DomainController
/prepareAD
/prepareSchema
/prepareLegacyExchangePermissions
/NewProvisionedServer
/OrganizationName
/EnableLegacyOutlook
/LegacyRoutingServer
Check Straight After Setup
Check
the Application Event Log
Run the Get-ExchangeServer cmdlet
Parse through setup logs
Get-SetupLog c:\exchangesetuplogs\
exchangesetup.log -error –tree
Enter
Product Key
Run ExBPA
Exchange Setup Log Locations
Log Files
Contents
Located at…
<system drive>\ExchangeSetupLogs\...
\ExchangeSetup.log
Prerequisite and system-readiness checks
\ExchangeSetup.msilog
Contains extraction of the Exchange 2007 code from the
installer file
\Install-ServerRole-yymmdd-hhmmss.txt
Configuration of Exchange for each role.
Each role will generate a separate log file.
\Install-ExchangeOrganizationInternalTaskLogyymmddhhmmss.txt
Creation of default containers and setting of default
permissions
\SetupLogs\ldif.log
Schema installation for Active Directory Application Mode
(ADAM)
\Prereqs\...ExBPAyymmddhhmmss.log
Results of ExBPA pre-req scan
Understanding success or failure
Learning to trust setup
Simple return codes
0 for success
1 for failure
The right data in the log
ExchangeSetup.log, found in the ExchangeSetupLogs directory of your
system drive
Errors and Warnings are uniformly annotated
Success/Failure messages are unambiguous
[5/25/2006 3:32:05 PM] [0] The Microsoft Exchange Server setup operation
completed successfully.
[5/25/2006 3:32:05 PM] [0] End of Setup
get-setuplog.msh used to parse log
Role Specific Post Setup Tasks
CAS
Mailbox
Hub
Edge
Configure Certificates for Configure OAB
SSL
distribution
Create postmaster mailbox
Subscribe the Edge Transport Configure Dial Plan
Server
Configure Outlook
Anywhere
Configure / upgrade
Address Lists
Configure Transport and
Journaling Rules
Configure Anti-Spam/AntiVirus
Configure UM
IP Gateway
Configure ActiveSync
and ActiveSync policies
Configure Managed
Folder Mailbox Policy
Start
EdgeSync
Configure Disclaimers
Configure UM
Mailbox Policy
Create AutoDiscover
DNS Record
Configure OOF
Configure backpressure settings Configure quarantine mailbox Configure UM
Auto Attendant
Set Ext URLs where
required
Configure Backup
Configure connectors &
accepted domains
Split logs and databases Configure Anti-Spam Agents if
not using Edge
Replicate public Folders Consider connection logging
Setup SGs and DBs
Set mail size limits
Setup Replication (SCR, Set how the server identifies
CCR, LCR)
itself when sending mail
Migrate Mailboxes and
Resource mailboxes
Allow internal servers to send
mail
Configure or Migrate email
address policies
UM
Enable Users
for UM
Non Role Specific Tasks
Baseline Performance
Security – SCW
Create and Test your DR plan
Ensure DNS Reverse lookup and Sender ID records
are setup correctly
Monitor the Basics
Permission/Role Delegation
Training
Documentation!
Regularly perform documentation updates
Regularly run ExBPA
Administration delegation
Deploy Outlook 2007
Move Mailbox Preparation
Required permissions
Exchange Recipient Administrator
Exchange Server Administrator
Member of Local Administrators group
Transaction logs increase
Single instance storage loss (potential)
User mailbox cleanup
Bulk Migration Options
User
Move-mailbox –identity bond –targetdatabase “007E2K7\first
storage group\mailbox database”
Database
Get-mailbox –database “009E2K3dc1\First Storage
Group\Mailbox Store (009E2K3dc1)” | move-mailbox –
targetdatabase “007E2K7\first storage group\mailbox
database”
Server
Get-mailbox –server “009E2K3dc1” | move-mailbox –
targetdatabase “007E2K7\first storage group\mailbox
database”
Post-Mailbox Migration Confirmation: Event
Viewer
Event IDs
1006
9354
1007
Decommissioning
Things to consider…
Reroute mail to target environment
Ensure all mail has been moved
Ensure all public folders have been
re-homed.
Agenda
Exchange 2007 – A quick intro
Planning for Exchange 2007
Designing Exchange 2007
Migrating to Exchange 2007
Documentation
Summary
Script It!
Let’s
take a look at some
scripts…….
Agenda
Exchange 2007 – A quick intro
Planning for Exchange 2007
Designing Exchange 2007
Migrating to Exchange 2007
Documentation
Summary
Summary
Prepare!
Planning
Discovery
Requirements
Testing
Sizing
Server Placement
Communication