Tuesday, February 17, 2009
Friday, February 13, 2009
Exchange 2007 Install Checklist
Active Directory Configuration
• Run Exchange 2007 forestprep to bring the schema to required version
• Add necessary DNS entries
Exchange Prerequisites
• See Installing Exchange 2007 Prerequisites entry
• Install CAS / HUB role on first Exchange 2007 server
• Install RPC over HTTP on CAS / Hub role
If Installing CCR
(See MSExchange Article)
• Create FSW share on HUB server
• Install Windows Failover Cluster on the two cluster nodes
• Configure Failover Clustering
• Install Mailbox server roles for active cluster
• Install Mailbox server role for passive cluster
Exchange Configuration
• Activate licensing for all servers
• Configure Organization and Server settings (select DC)
• Create all storage groups and stores on active node
• Logs and system path should be the same location
• Move databases to new location
• Move log files to new location
Testing
• Configure mail flow – between E2K7 andE2K3
• Test mail flow between internal and external and internally between the all systems
• Create SSL csr file and order certificate (use PowerShell command)
• Install SSL on CAS / HUB server
• Configure OWA settings – Use form-based authentication, redirect, etc
• Public folder replication between old and new
• Configure backup solution
• Configure antivirus on Exchange servers
• Reconfigure any printers or other servers that are relaying through old connector
• Run Exchange 2007 forestprep to bring the schema to required version
• Add necessary DNS entries
Exchange Prerequisites
• See Installing Exchange 2007 Prerequisites entry
• Install CAS / HUB role on first Exchange 2007 server
• Install RPC over HTTP on CAS / Hub role
If Installing CCR
(See MSExchange Article)
• Create FSW share on HUB server
• Install Windows Failover Cluster on the two cluster nodes
• Configure Failover Clustering
• Install Mailbox server roles for active cluster
• Install Mailbox server role for passive cluster
Exchange Configuration
• Activate licensing for all servers
• Configure Organization and Server settings (select DC)
• Create all storage groups and stores on active node
• Logs and system path should be the same location
• Move databases to new location
• Move log files to new location
Testing
• Configure mail flow – between E2K7 andE2K3
• Test mail flow between internal and external and internally between the all systems
• Create SSL csr file and order certificate (use PowerShell command)
• Install SSL on CAS / HUB server
• Configure OWA settings – Use form-based authentication, redirect, etc
• Public folder replication between old and new
• Configure backup solution
• Configure antivirus on Exchange servers
• Reconfigure any printers or other servers that are relaying through old connector
Enabling SCR
When installing SCR for your DR site, a couple of decisions need to be made. If the SCR server is going to be just a mailbox server or will it hold the roles of CAS and HUB as well. If all roles are on the SCR server, it is important to remember that the HUB role will act as an additional hub transport server for out going mail. This can be disabled, but it is not recommended.
- For this test in a lab, the following information relates to the install for SCR:
The SCR server was installed with Windows 2008 Enterprise and Exchange 2007 Enterprise - Server name is DRMBX1
- Server partitions were created identical to the mailbox server (very important since the replicate needs to go to the same location)
- The server was configured with CAS, HUB and mailbox server roles (if all roles are going to be installed and the server used in a full disaster recovery, the SSL certificate(s) from production should be exported then imported to the SCR server
- If IIS is redirected to the \owa folder in production, the same should be done on the SCR server
1. Enable SCR Copy - In order for each storage group to be replicated over to the SCR server, the following command needs to be run for each storage group (see Test SCR for folder locations):
Enable-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1 –ReplayLagTime 0.0:0:0
If stopping the replication is required, use the following syntax:
Suspend-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
or
Disable-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
2. Re-Seed SCR Copy - Once the storage group copy has been enabled, the database will require re-seeding. You might have to suspend the copy before re-seeding. To re-seed each database, use the following command:
Update-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
Depending in the size of the database, it could take anywhere from 30 minutes for a 10GB database and up to 5 hours for a 100GB database. This should only be required for the initial configuration.
3. Check SCR Copy Health - Once the database has been replicated / seeded to the SCR server, to check the health of the copy, run:
Get-StorageGroupCopyStatus EXMBX1\SG1 -StandbyMachine DRMBX1 Fl Summary*,Copy*
4. Create DR Storage Groups and Databases - In order to mount the replicated databases, a few steps need to be completed. A storage group and store will need to be recreated, just to have a location on the SCR server. This will be used just for a reference (pointer) for the actual replicated databases. The storage groups and stores can be created manually or with the powershell commands:
To create Storage Group (This needs to be done for each storage group in production):
New-StorageGroup -Server DRMBX1 -name SG1 -LogFolderPath L:\Recovery\SG1\ -systemfolderpath L:\Recovery\SG1\
To create Mailbox Store:
New-MailboxDatabase -StorageGroup DRMBX1\DR_SG1 -Name DR_Central -EdbFilePath S:\Recovery\SG1\Store1.edb
Once the syntax is run for each storage group and store, the stores will need to be mounted, dismounted and all logs and databases files deleted. Use the following command prompt:
Mount-Database SG1
Dismount-Database SG1
Del S:\Recovery\SG1\*.*
Del L:\Recovery\SG1\*.*
5. Configure SCR for DR
a. Before you are able to mount the databases, the storage group needs to be activated on the SCR server. The following command will need to be run for each storage group after the database is dismounted in production:
Restore-StorageGroupCopy –Identity EXMBX1\SG1 –StandbyMachine DRMBX1 -Force
b. Once the storage group is activate, the database needs to be checked to see if it is in a clean or dirty shutdown. To check this, drilldown to bin directory and run:
ESEUTIL/mh “S:\SG1\DB1.edb” findstr State
The database should always be in a ‘Dirty Shutdown’, so run a soft recovery to commit the logs to the database. You will need to see what generation the checkpoint file is. This example uses generation E02. For the soft recovery, run:
ESEUTIL /r E02 (this will probably error out. If it does run:)
ESEUTIL /r E02 /a
Run ESEUTIL against the database again to make sure the database is in a ‘Clean Shutdown’
ESEUTIL/mh “S:\SG1\DB1.edb” findstr State
c. Now that the database is in a clean shutdown, the redirect for the storage group and database paths need to be done. Run the following two commands:
Move-storagegrouppath DRMBX1\SG1 -SystemFolderpath L:\SG1 -Logfolderpath L:\SG1 -configurationonly -confirm:$False
Move-DatabasePath DRMBX1\SG1 \Store1 -edbfilepath S:\SG1\DB1.edb -ConfigurationOnly -Confirm:$False
d. Finally before mounting the DB we must set it to allow it to be overwritten during a restore as follows:
Set-MailboxDatabase DRMBX1\SG1 \DB1 -AllowFileRestore:$True
e. Now that the database is clean, you can mount the store:
Mount-Database DRMBX1\SG1\DB1
f. The database is now restored and available for use. All we have to do now is ensure that the users know where to access it. This is done by pointing the users to the mounted database on the SCR server.
Get-Mailbox -Database EXMBX1\SG1\DB1 where {$_.ObjectClass -NotMatch '(SystemAttendantMailboxExOleDbSystemMailbox)'} Move-Mailbox -ConfigurationOnly -TargetDatabase DRMBX1\SG1\DB1
Having completed the above steps the next stage is to test that users can now access mail again. It should be noted that they will have to exit and re-open Outlook for the setting to take effect. If the user is running Outlook 2007, their profile will automatically point to the new server name. If they are running Outlook 2003, the server name in the profile might need to be changed.
Thursday, February 12, 2009
Testing SCR
The following information will help when testing SCR failover to the DR server. The server, file and path locations have been kept simple, so the syntax is easier to understand.
Production Info
Server: EXMBX1
Storage Group: SG1
Storage Group Path: S:\SG1
Database Name: Store1
Database File: S:\SG1\Store1.edb
Log Path: L:\SG1
System Path: L:\SG1
DR Information for Failover
Server: DRMBX1
Storage Group: SG1
Storage Group Path: S:\SG1
Database Name: DB1
Database File: S:\SG1\DB1.edb
Log Path: L:\SG1
System Path: L:\SG1
DR Information for Move Back
Server: DRMBX1
Storage Group: SG1
Storage Group Path: S:\Recovery\SG1\
Database Name: DB1
Database File: S:\Recovery\SG1\DB1.edb
System Path: L:\Recovery\SG1
Log Path: L:\Recovery\SG1
FAILOVER TO DR
1. Dismount the test store database in production
dismount-Database EXMBX1\SG1\Db1 -Confirm:$False
2. Make database available to DR server
Restore-StorageGroupCopy –Identity EXMBX1\SG1 –StandbyMachine DRMBX1 -Force
3. Check that the database is in dirty shutdown
eseutil /mh "S:\SG1\DB1.edb" findstr State
NOTE: Database will always be in a ‘Dirty Shutdown’ state. A soft recovery will need to be run to commit the log files to the database. In order to commit the logs to the database, it is required to check the log folder for what generation the logs are. Eg E0A
4. Open command prompt with admin privileges, change to database folder S:\Program Files\Microsoft\Exchange Server\Test and run:
eseutil /R E0A /L "L:\SG1" (this will error out)
eseutil /R E0A /L "L:\SG1" /a
5. Check integrity again (See step 3) Now that the database is in a ‘Clean Shutdown’ the system path and log path for the storage group needs to be changed.
move-storageGroupPath DRMBX1\SG1 -SystemFolderPath "L:\SG1 -LogFolderPath "L:\SG1 -configurationonly -confirm:$False
6. Also change the database path for the store
move-databasepath DRMBX1\SG1\DB1 -edbfilepath "S:\SG1\DB1.edb" -configurationonly -confirm:$False
7. Set database on DR server to allow a restore to the database
Set-MailboxDatabase DRMBX1\SG1\DB1 -AllowFileRestore:$true
8. Mount the database on the DR server
Mount-Database DB1
9. Moves all users in the database to point to the DR server
Get-Mailbox -Database EXMBX1\SG1\DB1 where {$_.objectClass -NotMatch '(SystemAttendantMailbox ExOleDBSystemMailbox)'} Move-Mailbox -ConfigurationOnly -TargetDatabase DRMBX1\SG1\DB1 -Confirm:$false
MOVE BACK TO PRODUCTION
1. Dismount database on DR server
2. Delete database file and log files from production server location
3. Delete checkpoint file
4. Copy over the database from DR server to production server. Check to make sure the database is in a ‘Clean Shutdown’ state
5. On the production server database check 'This database can be overwritten by a restore' or run from the production server:
Set-MailboxDatabase EXMBX1\SG1 \DB1 -AllowFileRestore:$True
6. Mount database
7. Point users back to production server
Get-Mailbox -Database DRMBX1\SG1\DB1 where {$_.objectClass -NotMatch '(SystemAttendantMailbox ExOleDBSystemMailbox)'} Move-Mailbox -ConfigurationOnly -TargetDatabase EXMBX1\SG1\DB1 -Confirm:$false
REBUILD SCR REPLICATION
1. Delete database, log and checkpoint files on the DR server
2. Change system path and logs back to old location
move-storageGroupPath DRMBX1\SG1 -SystemFolderPath L:\Recovery\SG1 -LogFolderPath L:\Recovery\SG1 -configurationonly -confirm:$False
3. Change the database path for the store
move-databasepath DRMBX1\SG1\DB1 -edbfilepath "S:\Recovery\SG1\DB1.edb" -configurationonly -confirm:$False
4. Enable storage group copy
Enable-StorageGroupCopy EXMBX1\SG1 -StandbyMachine DRMBX1 -ReplayLagTime 0.0:0:0 5. Suspend the storage group copy before re-seeding the database
Suspend-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
6. Re-seed the database
Update-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
7. Resume storage group copy
Resume-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
Production Info
Server: EXMBX1
Storage Group: SG1
Storage Group Path: S:\SG1
Database Name: Store1
Database File: S:\SG1\Store1.edb
Log Path: L:\SG1
System Path: L:\SG1
DR Information for Failover
Server: DRMBX1
Storage Group: SG1
Storage Group Path: S:\SG1
Database Name: DB1
Database File: S:\SG1\DB1.edb
Log Path: L:\SG1
System Path: L:\SG1
DR Information for Move Back
Server: DRMBX1
Storage Group: SG1
Storage Group Path: S:\Recovery\SG1\
Database Name: DB1
Database File: S:\Recovery\SG1\DB1.edb
System Path: L:\Recovery\SG1
Log Path: L:\Recovery\SG1
FAILOVER TO DR
1. Dismount the test store database in production
dismount-Database EXMBX1\SG1\Db1 -Confirm:$False
2. Make database available to DR server
Restore-StorageGroupCopy –Identity EXMBX1\SG1 –StandbyMachine DRMBX1 -Force
3. Check that the database is in dirty shutdown
eseutil /mh "S:\SG1\DB1.edb" findstr State
NOTE: Database will always be in a ‘Dirty Shutdown’ state. A soft recovery will need to be run to commit the log files to the database. In order to commit the logs to the database, it is required to check the log folder for what generation the logs are. Eg E0A
4. Open command prompt with admin privileges, change to database folder S:\Program Files\Microsoft\Exchange Server\Test and run:
eseutil /R E0A /L "L:\SG1" (this will error out)
eseutil /R E0A /L "L:\SG1" /a
5. Check integrity again (See step 3) Now that the database is in a ‘Clean Shutdown’ the system path and log path for the storage group needs to be changed.
move-storageGroupPath DRMBX1\SG1 -SystemFolderPath "L:\SG1 -LogFolderPath "L:\SG1 -configurationonly -confirm:$False
6. Also change the database path for the store
move-databasepath DRMBX1\SG1\DB1 -edbfilepath "S:\SG1\DB1.edb" -configurationonly -confirm:$False
7. Set database on DR server to allow a restore to the database
Set-MailboxDatabase DRMBX1\SG1\DB1 -AllowFileRestore:$true
8. Mount the database on the DR server
Mount-Database DB1
9. Moves all users in the database to point to the DR server
Get-Mailbox -Database EXMBX1\SG1\DB1 where {$_.objectClass -NotMatch '(SystemAttendantMailbox ExOleDBSystemMailbox)'} Move-Mailbox -ConfigurationOnly -TargetDatabase DRMBX1\SG1\DB1 -Confirm:$false
MOVE BACK TO PRODUCTION
1. Dismount database on DR server
2. Delete database file and log files from production server location
3. Delete checkpoint file
4. Copy over the database from DR server to production server. Check to make sure the database is in a ‘Clean Shutdown’ state
5. On the production server database check 'This database can be overwritten by a restore' or run from the production server:
Set-MailboxDatabase EXMBX1\SG1 \DB1 -AllowFileRestore:$True
6. Mount database
7. Point users back to production server
Get-Mailbox -Database DRMBX1\SG1\DB1 where {$_.objectClass -NotMatch '(SystemAttendantMailbox ExOleDBSystemMailbox)'} Move-Mailbox -ConfigurationOnly -TargetDatabase EXMBX1\SG1\DB1 -Confirm:$false
REBUILD SCR REPLICATION
1. Delete database, log and checkpoint files on the DR server
2. Change system path and logs back to old location
move-storageGroupPath DRMBX1\SG1 -SystemFolderPath L:\Recovery\SG1 -LogFolderPath L:\Recovery\SG1 -configurationonly -confirm:$False
3. Change the database path for the store
move-databasepath DRMBX1\SG1\DB1 -edbfilepath "S:\Recovery\SG1\DB1.edb" -configurationonly -confirm:$False
4. Enable storage group copy
Enable-StorageGroupCopy EXMBX1\SG1 -StandbyMachine DRMBX1 -ReplayLagTime 0.0:0:0 5. Suspend the storage group copy before re-seeding the database
Suspend-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
6. Re-seed the database
Update-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
7. Resume storage group copy
Resume-StorageGroupCopy EXMBX1\SG1 –StandbyMachine DRMBX1
Exchange Powershell Command for SSL
Names to add into SSL certificate...
webmail.company.com
company.com
autodiscover.company.com
FQDN of cas.company.com
NETBIOS of cas.company.com
New-ExchangeCertificate -GenerateRequest -Path D:\SSL.csr -KeySize 1024 -SubjectName "c=CA, s=PROVINCE, l=CITY, o=COMPANY, ou=Exchange, cn=webmail.company.com" -DomainName company.com, autodiscover.company.com, autodiscover, exchange.company.com,exchange, svrhub1.company.com, svrhub1 -PrivateKeyExportable $True
Enable-ExchangeCertificate -Thumbprint-services IIS, SMTP
webmail.company.com
company.com
autodiscover.company.com
FQDN of cas.company.com
NETBIOS of cas.company.com
New-ExchangeCertificate -GenerateRequest -Path D:\SSL.csr -KeySize 1024 -SubjectName "c=CA, s=PROVINCE, l=CITY, o=COMPANY, ou=Exchange, cn=webmail.company.com" -DomainName company.com, autodiscover.company.com, autodiscover, exchange.company.com,exchange, svrhub1.company.com, svrhub1 -PrivateKeyExportable $True
Enable-ExchangeCertificate -Thumbprint
Wednesday, February 11, 2009
Removing the Last Exchange 2003 server
Move all mailboxes off an Exchange 2003 Server.
Move all public folder replicas off an Exchange 2003 server.
In the Exchange System Manager, navigate to Administrative Groups - Servers - First Storage Group, right‐click Public Folder Store and select Move All Replicas. Verify in EMCMove the default Offline Address generation.
EMC - Organization Configuration - Offline Address Book - Move to new E2K7 server - Run Update.Remove routing group connectors between Exchange 2003 and Exchange 2007.
In the ESM, navigate to old Administrative Groups - Routing Groups - Connectors, right‐click the connector and then click Delete. Then navigate to new Administrative Groups - Routing Gorups - Connectors and delete required connection.Prepare for and remove the last legacy Exchange 2003 Server from an Organization.
- Move the public folder hierarchy from the Exchange 2003 administrative group to the Exchange 2007 administrative group.
- Delete the Recipient Update Service for the domain.
- Delete the Recipient Update service for the Enterprise.
- Uninstall Exchange Server 2003 from EX2003.
1. On EX2003 in Exchange System Manager, expand Administrative Groups, right‐click Exchange Administrative Group (FYDIBOHF23SPDLT), select New, and then click Public Folders Container.
2. In Exchange System Manager expand the Administrative Group and expand Folders and then drag Public Folders to Folders in the Exchange Administrative Group (FYDIBOHF23SPDLT),
3. In Exchange System Manager, expand Recipients, and then select Recipient Update Services.
4. Right click CN=Recipient Update Service and then select Delete. Click Yes to confirm the deletion.
5. Close the Exchange System Manager.
6. Open ADSI Edit, click Start, click Run and type adsiedit.msc and click OK.
7. In ADSI Edit, expand Configuration, expand CN=Configuration,DC=xxx,DC=com, expand CN=Services, expand
CN=Microsoft Exchange, expand CN=xxx, expand CN=Address Lists Container, and then select CN=Recipient Update Services.
8. In the result pane, right‐click Recipient Update Service (Enterprise Configuration), click Delete, and then click Yes to confirm the deletion. Close ADSIEdit.
9. Click Start, click Control Panel, click Add or Remove Programs.
10. In Add or Remove Programs, select Microsoft Exchange and click Change/Remove.
11. On the Welcome to the Microsoft Exchange Installation Wizard page, click Next.
12. On the Component Selection page, in the Action column, use the drop‐down arrows to select Remove, and then click Next twice.
13. Wait for Exchange Server 2003 to uninstall (approximately 15 minutes, depending on the speed of your computer).
14. Once complete, click Finish and close Add or Remove Programs. While waiting for Exchange to uninstall you may perform the following optional steps.
15. Switch to new server.
16. Click Start, All Programs, and click Internet Explorer and open webmail.
17. Confirm you can see the Global Address List (GAL). In OWA, click New and click To. Confirm the GAL appears.
18. Close the Address Book window and close the new message.
19. Confirm you can see the Public Folders. In OWA, click Public Folders.
Thursday, February 5, 2009
Installing Standby Continuous Replication
- Install powershell tool - ServerManagerCmd -i PowerShell
- Install Exchange with required roles. If using the SCR server as a CAS, HUB and DR mailbox server, just install those roles as usual.
- If installing 2 SCR servers that will be in a cluster, you will need to install Failover Clustering service on the SCR server (make sure you reboot)
- If using clustering, create folder structure for Exchang install files %:\Program Files\Microsoft\Exchange Server and install Exchange passive node to this location.
- Create storage group folders in the same location as the primary server
- Create log folders in the same location as the primary server
- Enable the storage group eg. Enable-StorageGroupCopy “
\SG_NAME” –StandbyMachine –ReplayLagTime 0.0:0:0 - Seed the database if required (database file will not be there on the SCR server until 50 log files are available. You can dismount the stores and copy databases or follow article from MS Exchange
- To check the storage group copy status use get-storageGroupCopyStatus from a CCR node
Subscribe to:
Posts (Atom)