Exchange Server 2007 - Install

How to Install Exchange 2007 SP1 Server

This page explains how to install an Exchange 2007 server.  My first impression was that the whole look and feel was very different from previous Exchange installs.  I have to say the 2007 installation process felt easier; whereas Exchange 2003 left me with a feeling of bemusement at its clunky controls, Exchange 2007 combined power with simplicity.  What particularly impressed me was the new Exchange Roles menu.

Topics for - How to Install Exchange 2007 Server

• Choose your Underlying Operating System
• Active Directory
• Key preparation steps before you install Exchange 2007
• Installation Switches to Prepare Active Directory
• Finalize Deployment Tab
• Verification Check List
• Exchange 2007 Roles
• Troubleshooting Exchange 2007 Installation Problems
• Summary - Install your Exchange 2007

 ♠

Introduction to Installing Exchange Server 2007

All installations reward planning; in the case of Exchange 2007, decide on the underlying operating system and then decide which Exchange roles to install.  What makes setting up Exchange 2007 such a joy is the way the wizard helps you check the pre-requisites.  For example, it prompts you to raise the domain level, and shows you the way to install .Net Framework 2.0

The trickiest feature of Exchange 2007 is not the installation, but the new method of creating Mailboxes from the Exchange manager.  In Exchange 2007, creating mailboxes (mailbox enabled users) with Active Directory Users and Computers is fool's gold.  Any objects you manage to create have no SMTP address and don't work.  You simply must use the Exchange Management Console to create mailboxes.

Choose your Underlying Operating System

Before you install Exchange Server 2007, you need a 64-bit operating system; I choose the Windows Server 2003 R2 rather than the minimum requirement of Windows Server 2003 with SP1.

An even better option would be to install Exchange Server 2007 SP1 on Windows Server 2008, but note those three letters: SP1.  Just to emphasise that for Server 2008 you need the later, slipstreamed SP1 DVD (or image), and not the original RTM disk.  Furthermore, you need a clean install of Windows Server 2008 on 64-bit hardware, and not an upgrade from W2K3.

It terms of tactics, Microsoft recommend that you install Exchange 2007 on member server.  Exchange on a  Domain Controller is not supported, and should only be used for testing where you only have one machine.  If you have already prepared your domain, then jump to Key preparation steps

Active Directory

Creating the Active Directory domain is not strictly a part of installing Exchange, I added here below a brief description of the most important features for the sake of completeness. 

Domain Functional Level

The Domain Function Level must be at least - Windows 2000 Server Native.  Fortunately, this is not a great burden as there is only one lower setting, 2000 Mixed.  This is a reminder that Exchange Server 2007 has Servered the umbilical cord to Exchange 5.5.   Thus all those old 5.5 servers must be decommissioned and removed if you are migrating an existing organization to Exchange Server 2007.

You also need to check the Forest Functional Level, particularly where you want the advanced features of Exchange 2007.  Incidentally, Functional Level is my one of my 'Litmus tests' for seeing if people have sufficient Active Directory knowledge to install Exchange 2007.  If someone does not know how to find and configure Function Levels, then they are likely to need help installing Exchange 2007.

Global Catalog

Every active directory site where you install Exchange Server 2007 needs at least one Global Catalog server.  As you may know, GC is a configurable role of every domain controller.

System Icon - DNS Domain Configuration

A trivial task, I appended the fully qualified domain name to the hostname.  What I did was open the System Icon, Computer Name (Tab), click on the Change button.

As with Exchange 200x, the mail server relies on Active Directory.  Therefore, I installed a Windows Server 2003 (RC2) member server then ran DCPROMO, from there I followed the wizard's prompting to create a new domain in a new forest.

DNS - Automatic addition of _SRV

When I installed my active directory domain, the plan was to persuade DCPROMO to install DNS using the wizard to automatically add all the _SRV records. To succeed, at the menu below, I selected the middle (automatic) option, Install and configure DNS server on this computer.

I was taken aback to get an error message, however, I allowed the DCPROMO to finish, then I went to the Services and Stopped then restarted the Netlogon Service.  What followed was a magic moment, restarting the Netlogon Service triggered the creation of all the DNS records under _msdcs.

The bottom line is check that DNS has the 'A' Host record for each Exchange 2007 server.

Exchange Server 2007 is a complex topic, do you need practical hands on training?  As an MCT trainer, I can thoroughly recommend TrainSignal.  In particular, I like the way that TrainSignal cover all learning methods, instructor lead, video and of course text material.  You can either take one module, for example Exchange 2007 or go for a combination of modules.  Learn more about Microsoft Exchange Server 2007 here

Key preparation steps before you install Exchange 2007:

At every stage of installing Exchange 2007, kind friendly wizards guide you through the minefield.  Here is a screen shot of the wizard checking then explaining a problem with mixed mode.

Raise Domain Level
As indicated by the wizard, I needed to Raise Domain Level 2003 (2000).  What I did was launch the ADUC (Active Directory Users and Computers), right click on your domain and select, Raise Domain Function Level.  As I had no old domain controllers, I chose Windows Server 2003.

Global Catalog
I would like to give a timely reminder of the importance of Global Catalog to Exchange.  Insure that at least one Domain Controller on the subnet where you install Exchange 2007 has Global Catalog enabled.

.Net Framework 2.0
Exchange 2007 requires .Net Framework 2.0 (or 3.0). We need to install PowerShell before the main Exchange 2007.  This is an indication of the importance of the new PowerShell / PowerShell cmdlets.

MMC v 3.0
One minor surprise, was that when I installed on Windows Server 2003, Exchange 2007 needs MMC v 3.0.

PowerShell
Once you start using Exchange Server 2007 it wont belong before you meet PowerShell.  If follows therefore, that you have to add it as a 'Feature' of Windows Server 2008, else, on Windows Server 2003 install PowerShell together with .Net Framework by downloading the files from Microsoft's site.

64-bit Hardware
Production versions of Exchange 2007 require 64-bit hardware.  Don't be lulled by 32-bit beta versions of Exchange 2007, they are only for testing, and for a specific preparation context.  That context is to prepare Active Directory and domains for Exchange 2007 from a computer that has a 32-bit processor.  Remember that Exchange 2007 will be the first Microsoft product which runs solely on 64-bit processors. 

Other than this processor requirement, just use common sense and provide plenty of RAM.  It's also worth spending a few minutes thought and planning on the disks sizes and partitions, particularly servers hosting the Mailbox Role.  For larger organization, this would be a good time to review your SAN (Storage Area Network) needs.

No NNTP
Finally, avoid 'over-think', you do not, repeat, not need the NNTP service.  The good news is that the wizard coupled with the result pane not only alerts you to the problem, but also suggests a remedy.

Guy Recommends:  A Free Trial of the Orion Network Performance Monitor (NPM) v10

Solarwinds' Orion performance monitor will help you discover what's happening on your network.  Also this utility will guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.  Because it produces network-centric views, the NPM is intuitive to navigate, and you can export the results to Microsoft Visio.

Perhaps Orion's best feature is the way it suggests solutions.  Moreover, if problems arise out of the blue, then you can configure Orion NPM v10 to notify members of your team what's changed and how to fix it.

If you are interested in troubleshooting, and creating network maps, then I recommend that you take advantage of Solarwinds' offer and download a free trial of Orion's Network Performance Monitor.

Installation Switches to Prepare Active Directory

Prerequisites, you need the Exchange Server 2007 disk or image.  (SP1 would be even better)  Each command is prefaced by setup.  You could also try setup /? to see the full list of options, for example: /mode or /role.

Setup /PrepareAD  Creates the necessary global Exchange objects and universal security groups in Active Directory.  Must be run by a member of the Enterprise Admins group, run this command in both the root and current domain.  You may find that if you run this command as a Schema Admin (and Enterprise Admin), there is no need to run the other commands.

/PrepareLegacyExchangePermissions  This command is needed if your organization contains Exchange Server 2003 or 2000 computers.  It modifies the permissions assigned to the Enterprise Exchange Servers group so that the Recipient Update Service can run.  Remember to logon as a member of the Enterprise Admins group.

/PrepareSchema  This prepares the Active Directory schema so that it allows Exchange Server 2007 to install.  You must be a member of both the Schema Admins and Enterprise Admins.  You need to run this command in the root domain, or the domain which holds the Schema Master role.

/PrepareDomain /PrepareDomain domainname  This creates a new global group in the Microsoft Exchange System Objects container called Exchange.  You must be a member of both the Enterprise Admins and the Domain Admins group.

One more point, if you are using a Windows Server 2008 computer, first install the AD DS management tools.

Finalize Deployment Tab

Once the Exchange setup wizard finishes its tasks, there is yet more work for you.  Seek out the Finalize Deployment tab, and also the End-to-End Scenarios tab.

Launch the Exchange Management Console, select Microsoft Exchange in the left tree, and now you should see the 'Finalize Deployment tab'.   Most of these configuration tasks are optional, and will vary depending on which Server Role(s) you added.  However, I bet that there will be at least two items that you had forgotten or not previously considered changing.

While you have the Management Console open, take the chance to investigate the End-to-End Scenarios tab.  As with the previous tab, these tasks are optional and vary depending on which Exchange 2007 features you added.

Verification Check List

• Check the installation log at: C: \ExchangeSetupLogs.  Also check the system and application event logs.
• Launch the Exchange Management Console and check your newly installed Exchange server.  If this is a brand new installation check that the Organization Name is the same as you planned.
• Create a mail-enabled user and then connect to that mailbox using Outlook Web Access, or an Outlook client if you prefer.
• Once you create a Hub Server see if you can receive email from another mail-enabled account.
• For CAS servers make sure you check with OWA.
• In the case of the Edge Server send email to an external internet account.
• Check that services to see that the dozen or so Microsoft Exchange Services are running.  Note they begin with Microsoft and not Exchange. 
• If anything seems wrong check the Exchange files underneath: C: \Program Files\Microsoft\Exchange Server. 
• When there is no quick resolution to the problem, seek the ExBPA (Exchange Server Best Practices Analyzer), then run the Exchange 2007 Readiness check.  The best way is to launch the Exchange Management Console and open the Toolbox and there you will find the Exchange Server Best Practices Analyser.

Guy Recommends:  A Free Trial of the Orion Network Configuration Monitor (NCM) v6

Config management of routers, switches and firewalls is fun with NCM (Network Configuration Manager.  Furthermore, it can help to achieve your compliance policy, for example, pinpoint devices not backed up and discover access infringements or even weak passwords.  This Solarwinds NCM suite can not only detect violations, but also upload scripts to correct the problem.

Most computer problems arise from configuration changes.  Thus it makes sense to get a proper monitoring system so that you can double-check that that all the settings confirm to your security policy.

Download your free trial of Orion's Network Configuration Monitor.

Exchange 2007 Roles

Once I completed all the preparatory steps, I was ready for the main Exchange 2007 installation.  All that remained was to decide upon the role or roles for your exchange server.  As expected, you can always return to this menu to add more roles.

Additional Requirements for the Various Roles

Mailbox Server
This back-end server needs IIS and WWW.

Client Access Server (CAS)
The CAS server also requires ASP.Net and the WWW service.  Remember that this should be the first role to implement for Exchange Server 2007.  See more on CAS

Unified Messaging Server
Needs speechify.  No worries, setup will automatically install as needed.  This Unified Messaging role provides integration for email, calendars, voicemail and if you still use it, fax.

Bridgehead Server
No special requirements

Edge Transport Server
The Edge Transport Server (Formerly Gateway Server) must be in it's own workgroup.  Just will not operate in a Domain for the obvious reason of security. 

The role of Edge Transport server is to accept messages from the internet that come are addressed to your Exchange 2007 organization.  After these emails are processed, the Edge server routes them to the Hub Transport servers inside your organization.

Client Requirements
Mapi clients need Outlook 2002 or later.  Outlook 2007 is by far the best client.  Outlook 2007 and Exchange 2007 are made for one another.  OWA (Outlook Web Access) is a great alternative all clients need is a browser.

Troubleshooting Exchange 2007 SP1 Installation Problems

Problem: Public Folder Replicas

Solution: Temporarily disable the OAB, then delete the replicas or move them to another Exchange server. This task is ideal for PowerShell:

The cmdlets are
get-PublicFolderStatistics   Check the situation
get-PublicFolder
remove-PublicFolder  Dangerous if you don't know what you are doing, effective if you do.

Get-PublicFolderStatistics -Server <YourExchangeServer> | fl

Get-PublicFolder -Server <server containing the public folder database> "\" -Recurse -ResultSize:Unlimited | Remove-PublicFolder -Server <server containing the public folder database> -Recurse -ErrorAction:SilentlyContinue

Get-PublicFolder -Server <server containing the public folder database> "\Non_Ipm_Subtree" -Recurse -ResultSize:Unlimited | Remove-PublicFolder -Server <server containing the public folder database> -Recurse -ErrorAction:SilentlyContinue

Problem: Email Address Policy

Solution: Check the Exchangesetup.log for this message:

[ERROR]The Exchange server Address list failed to respond- error 0x8004010f

Next launch the Event Viewer and check the Application log (not the system log) for Event ID: 8325.  If you examine the details it will tell you precise Filter Rule that is preventing installation. 

This problem occurs when you add the Mailbox role to Exchange 2007.  The root cause was an incorrect filter was created in Exchange 2003.

Problem: Existing object in Active Directory

[ERROR] Active Directory operation failed on DC.YourDom.com The object 'CN=Default Global Address List,CN=All Global Address List

Solution: Launch ADSI Edit and investigate the  Address Lists Container, in particular, edit the purportedSeach attribute.

Problem:DNS

Example: Unable to connect to 'YourDC' DC No Exchange Server with identity 'YourServer' was found

Solution: Check with Netdiag and Dcdiag.  With luck it could just be a latency, or initial connection problem, which mysteriously disappears when you try to repeat the Exchange 2007 server install.

Problem: Windows 2000 Domain Controllers

Solution: Upgrade to Windows Server 2003.  Or install a Windows Server 2003 in that child domain or site.

Problem: ADC (Active Directory Connectors)

Remove (uninstall) the ADC on the Windows 2003 servers before continuing with Exchange 2007 server install.

Problem: CAS server setup fails with a Watson MultiValuedProperty error

Solution: Launch ADSI Edit check Default Offline Address List.  In particular, set the value of the MsExchVersion attribute to 4535486012416

Problem: Disabled IPv6

Windows Server 2008.  Problem installation failed.  Reason, I had foolishly disabled IPv6.  Solution, give the NIC and IPv6 address.  Extra information, I had checked the install Hub Transport role, whether this was relevant, I have not had time to research.

Guy Recommends: SolarWinds Engineer's Toolset v10

The Engineer's Toolset v10 provides a comprehensive console of utilities for troubleshooting computer problems.  Guy says it helps me monitor what's occurring on the network, and the tools teach me more about how the system itself operates.

There are so many good gadgets, it's like having free rein of a sweetshop. Thankfully the utilities are displayed logically: monitoring, discovery, diagnostic, and Cisco tools.  Download your copy of the Engineer's Toolset v 10

Exchange Tactics

Whenever I produce my recommendations for Exchange, clients accuse me of not belonging to the real-world.  Nevertheless, I will persist in pushing my simple strategy.

What you need for Exchange Server 2007 SP1 is:
Windows Server 2008
Outlook 2007.
Windows Vista.  Alternatively connect via Outlook Web Access (OWA) if you prefer.

I realize that it could be an immense capital cost to replace Outlook 2003, Windows Server 2003 and probably XP.  While all manner of other combinations are supported by Microsoft, in the sense that they SHOULD work, in practice they never actually deliver what you hoped.  Thus you are condemned to years of frustrating cycles of playing 'fix it'.

Suppose you start with Exchange Server 2007 housed on Windows Server 2003, on the client side you have Outlook 2003 and XP.  My estimate is that you will have 4 months of chasing compatibility problems and trying various Microsoft Kb work-arounds.  Then you get the money to upgrade XP to Vista, this will spark another round of stuff which needs fixing.  Then a year later you belated try to upgrade to Windows Server 2008 only to run into more problems.  To cap it all, by this time the original team have left your company and there will be incomplete documentation of what they did.

It all depends how you cost time and frustration, but after 9 months of fire-fighting, most managers and many of the techies would pay a small fortune to have implemented my suggestion of a matched system, Exchange 2007, Outlook 2007, with Vista and Windows Server 2008.

There is an insidious side to running older computing system which managers wont talk about.  The best 'teams' of employees are drawn to companies with the best kit.  Thus your organization will attract good people if you follow my 'expensive' solution.  Even worse, if your network is plagued by computer problems then it is always the most talented people who jump ship first.

Summary - Install your Exchange Server 2007

The secret of avoiding a lot of re-work is planning.  Begin by deciding the domain that your Exchange 2007 organization will join.  Once you have installed the operating system, check the specific Exchange prerequisites, finally choose the role or roles for each Exchange 2007 server.  Bear in mind that the wizards are helpful and friendly, when you are new to Exchange 2007 use them at every opportunity.  Once you become experienced then you can automate many of the tasks with PowerShell cmdlet scripts.

See more Microsoft Exchange Server 2007 topics:

• Exchange 2007 Home   • SP1   • Migration Advice   • Transition Checklist   •Compatibility   • ExBPA

• Install   • Server Roles   • CAS Role   • Hub Transport  • SMTP Connector  • Exchange CCR   • Edge

• Mailbox Role   • Create Mailbox   • Mailbox Stores   • Recipients   • GAL   • Free Syslog Analyser

Please write in if you see errors of any kind.  Please report any factual mistakes, grammatical errors or broken links, I will be happy to not only to correct the fault, but also to give you credit.

 *