mvramana.com

Server roles allow an administrator to split the functions of an Exchange server and place each role, or a combination of roles, on different servers in the organization. This can be done for performance reasons, management reasons, or any other reason deemed necessary by the organization’s policies.
With current Exchange servers you can make a server a Front-End server or a Back-End server and that is about it. Exchange 2007 introduces five roles to the Exchange organization.

• Edge Transport
• Hub Transport
• Client Access
• Mailbox
• Unified Messaging

The following graphic (Figure 1) shows the placement of each role in a typical organization.

Figure 1: Exchange 2007 Roles

Edge Transport Role

The Edge Transport role is installed on the edge of the network and therefore is installed on a standalone server that is not a member of the Active Directory domain. Because the server is not a member of the Active Directory domain, Active Directory Application Mode (ADAM) is used to sync AD with the Edge Transport server. ADAM and a component called EdgeSync are used to perform scheduled one-way synchronization of the configuration and recipient information from Active Directory. This allows the Edge Transport to perform recipient lookups and Spam filtering.

The Edge Transport role performs a number of functions including Anti-spam and Anti-virus protection. The Edge Transport uses connection filtering, content filtering, recipient filtering, SenderID, sender and IP reputation to reduce the amount of Spam delivered to the end users inbox. Mail tagged as Spam will sit in a Spam quarantine from which administrators can delete or allow messages tagged as Spam. One of the top features is the ability for Outlook 2003 and 2007 clients to merge their Spam settings (like white and black lists) to the Edge Transport server to increase the efficiency and accuracy of the filters. The built in VSAPI has been improved and the introduction of transport agents will allow third party AV applications to provide stronger AV filtering.

Edge Transport Rules are used to protect the Exchange organization by applying rules and, based on whether the message passes or fails, appropriate action is taken. Unlike the Anti-virus and Anti-Spam processing, Edge Transport rules are based on SMTP and MIME addresses, words in the subject or message body, and SCL rating. The Edge Transport role also handles address rewriting; in Exchange 2007 an administrator can modify the SMTP address on in or outbound mail.

The Edge Transport server is also responsible for all mail entering or leaving the Exchange organization. Mail travels inbound through the Edge Transport and once the Edge Transport Rules have been applied the message is passed on to the Hub Transport server. Because the Edge Transport is responsible for all in and outbound mail, you can configure multiple Edge Transport servers for redundancy and load balancing.

Hub Transport Role

The Hub Transport role is responsible for all internal mail flow. This role is similar to the bridgehead server in an Exchange 2000/2003 organization. In fact it originally was called the Bridgehead Role until it was changed.

The Hub Transport server, as well as the rest of the server roles, is installed on member server(s) in an Active Directory domain. There is no need for ADAM on this, or any other role aside from the Edge Transport. Because it is a member of an AD domain, all its configuration information is stored in AD and any other Hub Transport servers you install will get their configuration from AD.

Inbound mail is accepted from the Edge Transport and passed on to the user’s mailbox and all outbound mail is relayed from the Hub Transport to the Edge Transport and out to the Internet. The Hub Transport and Edge Transport servers are very similar and in fact, one can forgo the Edge Transport server and configure the Hub Transport to accept mail from, and send mail to, the Internet. Hub Transport agents can also be deployed to enforce corporate message policies such as message retention, something that will come as good news to administrators attempting to comply with SarbOx rules.

The Anti-Spam and Anti-virus features of the Edge Transport can be configured on the Hub Transport in order to reduce the number of servers required. It is quite feasible that you may only have one server in your Exchange organization with all the roles installed on it. In this case you cannot have an Edge Transport and all those features will be passed on to the Hub Transport role.

Mailbox Role

The simplest of the roles has to be the Mailbox Role. Quite simply the Mailbox role holds the Exchange databases within which the user mailboxes are contained. It is also home to the Public Folder databases if you enabled Public Folders. (They are not enabled by default in Exchange 2007)

Client Access Role

The Client Access Role is similar to the role a Front-End server would play in an Exchange 2000/2003 organization. The Client Access server is the server that users connect to with their mail client, mobile device, or web browser. The Client Access server handles all connections whether they come from an application such as Outlook 2003 or 2007, Outlook Express, or any other MAPI, POP3 or IMAP4 client. The Client Access server also handles connections made from mobile devices such as a Windows Mobile 5 Smartphone, or any other device using Exchange ActiveSync. Exchange ActiveSync in Exchange 2007 supports all devices with PocketPC 2002/2003 and Windows Mobile 5. Figure 2 shows how all the clients and roles connect to each other

.

Figure 2: Exchange 2007 Client Access

This role also provides Outlook Web Access (OWA). OWA allows a user to access his or her mailbox from a web browser and have full access to all the information in the mailbox including task lists, calendar information, mail items and public folders. One of the hot new functions of OWA is Sharepoint and UNC access. Now users can access UNC shares (\\servername\share) and Sharepoint document libraries reducing the need for complex VPN configurations.

Unified Messaging Role

The last, and in my opinion, coolest role is the Unified Messaging Role. The Unified Messaging role is responsible for merging your VOIP infrastructure with your Exchange organization. What does this allow for?

•combined voice, fax, and mail in one inbox to interact with your phone system and more information will be released as Exchange 2007 gets closer to RTM.
• access to voice, fax and mail via multiple interfaces

Need to check your voicemail but all you have is Internet access? No problem, connect to the Exchange server with OWA and you will find your voicemail as attachments in email messages. Running late for a meeting and no access to email or your calendar? Call the Exchange server and move the start of the appointment in your calendar and the attendees with get an email notifying them of the change.

Unified messaging will change the way user’s access voice, fax and email and they will love you for it. Now before you get too excited this will require some special hardware

Microsoft announced the Exchange 2010 to be available from the second period of 2009

Preliminary changes include: Storage Groups are being eliminated and incorporated into the Information Store. Clustering is now at the Database level, not Server level. LCR and SCC clustering no longer offered. CCR now at Datastore level, not Server Level although the terminology has changed. Clustering functionality is now known as DAG (Database Availability Group). Exchange 2010 is also only available in 64-bit as part of Microsoft’s drive for all its future products to be solely 64-bit based. Exchange 2010 will run on Windows Server 2003 with SP2 at least and Windows Server 2008 R2 (also only released in a 64-bit edition) .

Clustering and high availability

Exchange Server Enterprise Edition supports clustering of up to 4 nodes when using Windows 2000 Server, and up to 8 nodes with Windows Server 2003. Exchange Server 2003 also introduced active-active clustering, but for two-node clusters only. In this setup, both servers in the cluster are allowed to be active simultaneously. This is opposed to Exchange’s more common active-passive mode in which the failover servers in any cluster node cannot be used at all while their corresponding home servers are active. They must wait, inactive, for the home servers in the node to fail. Subsequent performance issues with active-active mode have led Microsoft to recommend that it should no longer be used. In fact, support for active-active mode clustering has been discontinued with Exchange Server 2007.

Exchange’s clustering (active-active or active-passive mode) has been criticized because of its requirement for servers in the cluster nodes to share the same physical data. The clustering in Exchange Server provides redundancy for Exchange Server as an application, but not for Exchange data.In this scenario, the data can be regarded as a single point of failure, despite Microsoft’s description of this set up as a “Shared Nothing” model. This void has however been filled by ISV’s and storage manufacturers, through “site resilience” solutions, such as geo-clustering and asynchronous data replication. Exchange Server 2007 introduces new cluster terminology and configurations that address the shortcomings of the previous “shared data model”.

Exchange Server 2007 provides built-in support for asynchronous replication modeled on SQL Server’s “Log shipping” in CCR (Cluster Continuous Replication) clusters, which are built on MSCS MNS (Microsoft Cluster Service—Majority Node Set) clusters, which do not require shared storage. This type of cluster can be inexpensive and deployed in one, or “stretched” across two datacenters for protection against site-wide failures such as natural disasters. The limitation of CCR clusters is the ability to have only two nodes and the third node known as “voter node” or file share witness that prevents “split brain” scenarios, generally hosted as a file share on a Hub Transport Server. The second type of cluster is the traditional clustering that was available in previous versions, and is now being referred to as SCC (Single Copy Cluster). In Exchange Server 2007 deployment of both CCR and SCC clusters has been simplified and improved; the entire cluster install process takes place during Exchange Server installation. LCR or Local Continuous Replication has been referred to as the “poor man’s cluster”. It is designed to allow for data replication to an alternative drive attached to the same system and is intended to provide protection against local storage failures. It does not protect against the case where the server itself fails.

In November 2007, Microsoft released SP1 for Exchange Server 2007. This service pack includes an additional high-availability feature called SCR (Standby Continuous Replication). Unlike CCR which requires that both servers belong to a Windows cluster, typically residing in the same datacenter, SCR can replicate data to a non-clustered server, located in a separate datacenter.

Licensing

Like Windows Server products, Exchange Server requires Client Access Licenses, which are different from Windows CALs. Corporate license agreements, such as the Enterprise Agreement, or EA, include Exchange Server CALs. It also comes as part of the Core CAL. Just like Windows Server and other server products from Microsoft, you can choose to use User or Device CALs. Device CALs are assigned to a device (workstation, laptop or PDA). User CALs, are assigned to a user or employee (not a mailbox). User CALs allow a user to access Exchange e-mail from any device. User and Device CALs are the same price, however cannot be used interchangeably. For Service Providers looking to host Microsoft Exchange, there is an SPLA (Service Provider License Agreement) available whereby Microsoft receives a monthly service fee in the place of the traditional Client Access Licenses. Two types of Exchange CAL are available: Exchange CAL Standard and Exchange CAL Enterprise. The Enterprise CAL is an add-on licence to the Standard CAL.

Exchange 2010 Clients

Microsoft Exchange Server uses a proprietary RPC protocol, MAPI/RPC, that was designed to be used by the Microsoft Outlook client. Clients capable of using the proprietary features of Exchange Server include Microsoft Outlook, Novell Evolution, and the latest version of Microsoft Entourage for Mac. Also, since the release of Mac OS X v10.6 (also known as Mac OS X Snow Leopard), Mac computers running OS X embed native support for this technology, without having to use additional software such as of Microsoft Entourage. Built in support with Mac OS X 10.6 requires the Exchange organization to be running Exchange Server 2007 SP1/SP2 or Exchange Server 2010. Apple relies on Exchange Web Services, which is a feature that significantly reduces synchronization time between the server vs. WebDAV, which is used by Exchange Server 2003.

Mac users wishing to access Exchange e-mail running on Exchange Server 2000 or 2003 must use Microsoft’s Entourage client versions X, 2004 or 2008. Alternatively a limited version of Outlook Web Access is available to Mac users using a web browser. Entourage X, 2004 and 2008 do not support synchronizing tasks and notes with Exchange Servers 2000, 2003, 2007 or 2010. However Entourage 2008 “Web Services Edition”, which is a free download from Microsoft for users of Office 2008, does support synchronizing tasks and notes with Exchange Server 2007 SP1 roll up 4 or later (including Exchange 2010).

E-mail hosted on an Exchange Server can also be accessed using POP3 and IMAP4 protocols, using clients such as Outlook Express, Mozilla Thunderbird, and Lotus Notes. (These protocols must be enabled on the server. Recent versions of Exchange Server turn them off by default.)

Exchange Server mailboxes can also be accessed through a web browser, using Outlook Web Access (OWA). Exchange Server 2003 also featured a version of OWA for mobile devices, called Outlook Mobile Access (OMA).

ActiveSync

Support for ActiveSync was added to Microsoft Exchange Server 2003. ActiveSync, in the context of Exchange Server, allows a compliant device such as a Windows Mobile device to sync mail, contacts and other data directly with the server – similar to BlackBerry devices. Apple, Nokia and other companies have licensed the software to enable their devices to sync with Exchange Server as well

Support for Push E-mail was added to Exchange Server 2003 with Service Pack 2. Windows Mobile 5.0 requires the “Messaging and Security Feature Pack (MSFP)”, later versions of the mobile operating system have the capability inbuilt. Many other devices now support ActiveSync push e-mail, such as the iPhone and devices that use the Android operating system.

Exchange Server 2007 was released on November 30, 2006, to business customers as part of Microsoft’s roll-out wave of new products. It includes new clustering options, 64-bit support for greater scalability, voice mail integration, better search and support for Web services, better filtering options, and a new Outlook Web Access interface. Exchange 2007 also dropped support for Exchange 5.5 migrations, routing groups, admin groups, Outlook Mobile Access, X.400, and some API interfaces, amongst other features.

Exchange Server 2007 (v8, code name E12, or with SP1 v8.1) runs only on 64-bit x86-64 versions of Windows Server. This requirement applies to supported production environments only; a 32-bit trial version is available for download and testing. Hence, companies currently running Exchange Server on 32-bit hardware will be required to replace or migrate hardware if they wish to upgrade to the new version. Companies that are currently running Exchange Server on 64-bit capable hardware are still required to migrate from their existing Exchange 2000/2003 servers to a new 2007 server since in-place upgrades are not supported in 2007.

The first beta of Exchange Server 2007 (then named “Exchange 12″ or E12) was released in December 2005 to a very limited number of beta testers. A wider beta was made available via TechNet Plus and MSDN subscriptions in March 2006 according to the Microsoft Exchange team blog. On April 25, 2006, Microsoft announced that the next version of Exchange Server would be called Exchange Server 2007.

Exchange Server 2007 is an integrated part of the Innovative Communications Alliance products.

New features

The principal enhancements, as outlined by Microsoft, are:

•Protection: anti-spam, antivirus, compliance, clustering with data replication, improved security and encryption

•Improved Information Worker Access: improved calendaring, unified messaging, improved mobility, improved web access

•Improved IT Experience: 64-bit performance & scalability, command-line shell & simplified GUI, improved deployment, role separation, simplified routing

•Exchange Management Shell: a new command-line shell and scripting language for system administration (based on Windows PowerShell). Shell users can perform every task that can be performed in the Exchange Server graphical user interface plus additional tasks, and can program often-used or complex tasks into scripts that can be saved, shared, and re-used. The Exchange Management Shell has over 375 unique commands to manage features of Microsoft Exchange Server 2007.

•”Unified Messaging” that lets users receive voice mail, e-mail, and faxes in their mailboxes, and lets them access their mailboxes from cell phones and other wireless devices. Voice commands can be given to control and listen to e-mail over the phone (and also send some basic messages, like “I’ll be late”)

•Increased the database maximum size limit. Database size is now limited to 16TB per database

•Increased the maximum number of storage groups and mail databases per server, to 5 each for Standard Edition (from 1 each in Exchange Server 2003 Standard), and to 50 each for Enterprise Edition (from 4 groups and 20 databases in Exchange Server 2003 Enterprise).

•You can configure Outlook Anywhere (formerly known as RPC over HTTP) to provide external access to Microsoft Exchange Server 2007 for your clients. If you want Microsoft Office Outlook 2007 user profiles to be automatically configured to connect to Exchange 2007, configure the Autodiscover service. This also provides external URLs for Exchange services such as the Availability service and offline address book.

Exchange Server 2003 (v6.5, code name Titanium) debuted on September 28, 2003. Exchange Server 2003 (currently at Service Pack 2) can be run on Windows 2000 Server (only if Service Pack 4 is first installed) and 32-bit Windows Server 2003, although some new features only work with the latter. Like Windows Server 2003, Exchange Server 2003 has many compatibility modes to allow users to slowly migrate to the new system. This is useful in large companies with distributed Exchange Server environments who cannot afford the downtime and expense that comes with a complete migration.

The June 2, 2003, release of Exchange Server 2003 made the migration from pre-2000 versions of Exchange significantly easier (although still involved the same basic steps), and many users of Exchange Server 5.5 waited for the release of Exchange Server 2003 to upgrade. The upgrade process also required upgrading a company’s servers to Windows 2000. Some customers opted to stay on a combination of Exchange Server 5.5 and Windows NT 4.0, both of which are no longer supported by Microsoft.

One of the new features in Exchange Server 2003 is enhanced disaster recovery which allows administrators to bring the server online more quickly. This is done by allowing the server to send and receive mail while the message stores are being recovered from backup. Some features previously available in the Microsoft Mobile Information Server 2001/2002 products have been added to the core Exchange Server product, like Outlook Mobile Access and server-side ActiveSync, while the Mobile Information Server product itself has been dropped. Better anti-virus and anti-spam protection have also been added, both by providing built-in APIs that facilitate filtering software and built-in support for the basic methods of originating IP address, SPF (”Sender ID”), and DNSBL filtering which were standard on other open source and *nix-based mail servers. Also new is the ability to drop inbound e-mail before being fully processed, thus preventing delays in the message routing system. There are also improved message and mailbox management tools, which allow administrators to execute common chores more quickly. Others, such as Instant Messaging and Exchange Conferencing Server have been extracted completely in order to form separate products. Microsoft now appears to be positioning a combination of Microsoft Office, Microsoft Office Live Communications Server, Live Meeting and SharePoint as its collaboration software of choice. Exchange Server is now to be simply e-mail and calendaring.

Exchange Server 2003 added several basic filtering methods to Exchange Server. They are not sophisticated enough to eliminate spam, but they can protect against DoS and mailbox flooding attacks. Exchange Server 2000 supported the ability to block a sender’s address, or e-mail domain by adding ‘*@domain.com’, which is still supported in Exchange Server 2003. Added filtering methods in Exchange Server 2003 are:

• Connection filtering
• Messages are blocked from DNS RBL lists or from manually specified IP addresses/ranges
• Recipient filtering
• Messages blocked when sent to manually specified recipients on the server (for intranet-only addresses) or to any recipients not on the server (stopping spammers from guessing addresses)
• Sender ID filtering
• Sender ID, a form of Sender Policy Framework (SPF)
• Intelligent Message Filter

A free Microsoft add-on that uses heuristic message analysis to block messages or direct them to the “Junk E-Mail” folder in Microsoft Outlook clients.

Exchange 2003 mainstream support ended on April 14, 2009
Editions

Exchange Server 2003 is available in two versions, Standard Edition and Enterprise Edition. Standard Edition supports up to two storage groups (with one of the storage groups, called the recovery storage group, being reserved for database recovery operations) and a maximum of 2 databases per storage group. Each database is limited to a maximum size of 16GB. Beginning with the release of Service Pack 2, Standard Edition allows a maximum database size of 75 GB, but only supports 18 GB by default; larger sized databases have to be updated-in with a registry change. Enterprise Edition allows an 16 TB maximum database size, and supports up to 4 storage groups with 5 databases per storage group for a total of 20 databases per server.

Exchange Server 2003 is included with both Microsoft Small Business Server 2003 Standard and Premium editions and is 32-bit only, and will not install on the various 64-bit versions of Windows Server 2003.