Shulou(Shulou.com)05/31 Report--

This article will explain in detail how to prepare the activity catalogue for Exchange 2007. The content of the article is of high quality, so the editor shares it for you as a reference. I hope you will have some understanding of the relevant knowledge after reading this article.

Exchange 2007 is the industry's leading email, calendar, and unified messaging server. In Exchange Server 2007, the Mailbox server role is integrated with active Directory services

You can install Exchange 2007 using either GUI or command line. In both cases, the installation process requires several tasks to prepare the active directory. There are several reasons to choose to install on the command line.

Preface

Before you can install Exchange 2007, you must prepare the active Directory service. We will describe this process in detail below.

Introduction

You can install Exchange 2007 using either GUI or command line. In both cases, the installation process requires several tasks to prepare the active directory. There are several reasons to choose to install on the command line. Installation from the command line allows you to use minimum permissions, perform these tasks at different locations and times through different administrators, and allow each task to be validated separately before performing the next task.

Before installing the first Exchange 2007, adding Exchange 2007 to an organization that already exists in Exchange 2003 or Exchange 2000 requires the following command to be completed.

1. Setup / PrepareLegacyExchangePermissions 2. Setup / PrepareSchema 3. Setup / PrepareAD 4. Setup / PrepareDomain

Note: if you create a new Exchange 2007 organization, you only need to start with step 2.

These commands do not need to be run separately. For example, when running the Setup / PrepareAD command, Setup / PrepareSchema and Setup / PrepareLegacyExchangePermissions will be run at the same time, if necessary. However, in large or complex environments, you may want to divide the Exchange installation process into several parts for administrative reasons. Because each Setup / PrepareXX command is interdependent, it is necessary to allow replication to be completed before performing the next task.

Note that if you create a new Exchange 2007 organization, you cannot add Exchange 2003 or Exchange 2000 later. So if you change and need, for example, an X.400 connector or a GroupWise connector, you will not be able to add Exchange 2003 or Exchange 2000 to provide this functionality. If you have any feature requirements that are required by any obsolete Exchange 2003 or Exchange 2000, please consider carefully.

Note: you can run the above on a computer with a 32-bit or 64-bit processor. To run these operations on a 32-bit computer, you must download the 32-bit version of Exchange.

Apply older Exchange permissions

The following details describe the background, implementation, and validation information that you need to add Exchange 2007 to an organization that already exists in Exchange 2003 or Exchange 2000.

Background

Let's briefly review how Exchange 2003 or Exchange 2000 Recipient Update Service (RUS) is authorized to update objects in the active Directory. A property set is a collection of attributes in the active directory, and each property can only be a member of a single property set. The predefined set of Public Information properties in the active Directory contains properties such as Proxy Addresses and Email Addresses.

Exchange 2003 or Exchange 2000 RUS is authorized to update the property set to set the mail address. Exchange 2003 or Exchange 2000 DomainPrep grants permissions on these property sets to Exchange Enterprise Servers groups at the domain level.

The computer account of the Exchange 2003 or Exchange 2000 RUS server is added to the Exchange Domain Servers group, which is a member of the Exchange Enterprise Servers group. Therefore, RUS has permission to modify the e-mail address on the Public Information property set of a specific domain.

But how can a property set be simply delegated, which can be used to authorize access to a subset of an object's properties by setting a single access control entry (ACE) without setting the ACE for each property.

Exchange 2007 has more precise delegated administrative roles, such as recipient management, that limit the scope of tasks that administrators can perform. To implement this, the Exchange-Information and Exchange Personal Information property sets are created when the schema is extended by Exchange 2007. These property sets contain only Exchange-related properties, making recipient management more accurate than using the built-in active Directory property set. Because an attribute can only belong to a single property set, such as Proxy Addresses and Email Addresses

From the active directory Public Information property set to the Exchange-Information property set

In Exchange 2007, the mail address of the object that activates the mail feature is created immediately, so RUS is not required. The challenge is that Exchange 2003 or Exchange 2000 RUS does not have permissions on the Exchange-Information and Personal Information property sets during coexistence. As long as the schema is extended by Exchange 2007, the creation of any Exchange 2003 or Exchange 2000 active mail object cannot be completed. We will describe how Setup solves this problem in detail below.

You can install Exchange 2007 using either GUI or command line. In both cases, the installation process requires several tasks to prepare the active directory. There are several reasons to choose to install on the command line.

Execution

Setup / PrepareLegacyExchangePermissions or Setup / pl can be executed in any active directory site or domain in the forest. The installation requires checking from the global catalog server in the domain and confirming that there are legacy Exchange servers (Exchange 2003 or Exchange 2000) in the organization. Then verify that the Exchange 2003 or Exchange 2000 DomainPrep in the domain is running by looking for the following groups:

Exchange Enterprise Servers (EES) Exchange Domain Servers (EDS)

Note: do not rename or delete these groups

The installation does not need to be able to contact each domain in the forest because the installation is determined from the global catalog server in the domain that contains EES and EDS groups. The installation only needs to be able to contact the domain from which Exchange 2003 or Exchange 2000 DomainPrep has been run, where the installation needs to perform contact, and the installation will use port 389 to connect to the target domain.

To confirm that DomainPrep has been run, Setup / pl grants the following permissions to each Exchange 2003 or Exchange 2000 domain:

In the root domain, authorize the Exchange Enterprise Servers group to the Exchange-Information genus

Write permission for the property set.

In the root domain, authenticated users are authorized to read the Exchange-Information property set.

On the AdminSDHolder object, authorize the Exchange Enterprise Servers group to read / write to the Exchange-Information property set

On the Exchange organization container in the active Directory configuration partition, authorize the Exchange Domain Servers group to write to the Exchange-Information property set.

If you want to execute Setup / pl from a single location, and set permissions in all validated target domains. You must run the command with a user with Enterprise Admin privileges. If you do not plan to use a user with Enterprise Admin privileges, you must divide the installation task into several steps.

If the active forest has only a single domain, you must use such an account, which has domain administrator privileges and Exchange full administrator privileges in the root domain. In command line mode, run the following command:

Setup / pl:

If the active forest has multiple domains, you can specify a specific domain and run Setup / pl in that domain. In order to run this command, you must use an account that has domain administrator privileges and full Exchange administrator privileges in the domain. In command line mode, run the following command:

Setup / pl:

After Exchange 2007 installation, if you are running Exchange 2003 or Exchange 2000 DomainPrep in a newly added domain or an existing domain, you should prepare the old version of Exchange permissions. In this case, in the root domain of the forest, run Setup / pl with the account with Enterprise Admin privileges, or in the domain where you are running DomainPrep, use the account with the Domain Admins and Exchange Organization Administrators permissions of the new domain, and execute execute Setup / pl:.

On how to prepare an active directory for Exchange 2007 to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.