Exchange 2000 has several different places that you can access for Administration. It all really just depends on what you want to do. Think about what you want to do before you get into it. The reason I say this is because you probably won’t remember where everything is that is available to you, but if you can isolate what the option does, then you can find out how to configure it. Anything can be found through various Microsoft Management Console Snap-ins. The above image depicts the Microsoft Exchange program menu. Active Directory Users and Computers is located here because this is where you manage your user’s mailboxes.
In Exchange 5.5, the Exchange Administrator program was used to manage Servers, configure sites, connectors, mailboxes, public folders, etc… User’s Windows security accounts were managed separately though either User Manager for Domains in NT 4 or Active Directory Users and Computers in 2000. Microsoft has apparently shifted the administrative model for Exchange 2000 into two separate sections: User Configuration through Active Directory Users and Computers, and Server Configuration through the Exchange System Manager. So now, if you must configure one user to use a separate mail store, or even enable instant messaging for a user, it’s done through Active Directory Users and Computers.
If you need to set up a second mail store on the Exchange Server, configure a connector, or enable instant messaging, go to the System Manager. Another tool, the Migration Wizard is used to extract users’ mailboxes from a dissimilar mail system to Exchange 2000. This is a wizard-driven application. The Active Directory Cleanup Wizard is used to merge user information between Windows 2000 Accounts or through an imported file.
Before we begin I want to answer one question:
How does Exchange 2000 look inside of Active Directory?
We already know that Exchange 2000 uses Active Directory as its directory service. There is no longer an independent one for Exchange. But what does it look like, and how closely tied into Active Directory is Exchange? To fully answer this, you must first understand where everything is stored inside of AD. Active Directory is a database that is divided into three partitions, or divisions: Domain, Configuration and Schema. The diagram below displays this.
If you really want to see EVERYTHING that is Active Directory, you’ll need to configure a few additional administrative tools. First, you should register a dll that will enable you to view and modify the schema of AD. Open a command prompt and type: regsvr32 schmmgmt.dll. After you do that you are able to look at a new snap-in through the MMC called the Active Directory Schema. Be very careful with this snap-in, as it will affect your ENTIRE ACTIVE DIRECTORY FOREST. Better yet, look, but don’t touch. The second item that you will need to set up is the Windows 2000 Support Tools. This can be found on the Windows 2000 Server CD ROM in the SUPPORT\TOOLS folder. Execute the 2000Rkst.MSI file. After setup of the 2000 Support Tools is complete, you can use another new tool called ADSI Edit.
Open a MMC from the Run Menu and add four Snap-ins:
After adding the Snap-ins, you will need to configure them. Right-click Active Directory Users and Computers and select View -> Advanced Features. To configure the Sites, right-click AD Sites and Services and select View -> Show Services Node. Finally, you will need to configure ADSI Edit. Right-click ADSI Edit and Select Connect To. In the Connect to dialog box, select Domain NC from the Naming Context pull down menu. Repeat that process to add the Configuration Partition and Schema. Your custom MMC should look something like this:
If you expand AD Users and Computers and the DomainNC section of ADSI Edit, you should see some similarities. Also, compare the Configuration Container against Sites and Services, then finally the Active Directory Schema against the Schema Container. You will see that they are exactly the same. Think of ADSI edit as being the Registry Editor for Active Directory. With that thought in mind, ask yourself one question: “Would I modify the registry for any reason?” If the answer is no, then treat ADSI Edit with the same respect because if something is incorrectly modified in the registry of your computer, it can cause the system to crash. Well, if you modify something incorrectly in ADSI Edit, AD can crash, so BE CAREFUL!!!
The Domain partition holds every Object in your domain, like Users, Computers, Groups, OU’s, etc… So, whenever you create a new user account in Active Directory Users and Computers, you are actually modifying this partition. The information stored in here is unique to the domain that you are currently connected to.
The Configuration partition is a little more spread out through your Active Directory Administrative tools. We will only touch on two of the sections of this partition, Sites and Services. As you add Sites, or modify Services, like Exchange, you will see this partition modified. If you add a new server, or Administrative Group, you are affecting this container, and you will see it in AD Sites and Services. When you open the Exchange System Manager, you will see everything pertaining to Exchange in the Services Node. Exchange mostly modifies the information in this container when you run ForestPrep. Open the container and look at the similarities between it, the Services Node in AD Sites and Services, and the Exchange System Manager.
The Schema partition can be seen through Active Directory Schema. This is a list of every possible object that can be created in Active Directory, and the attributes of those objects. I like to think of this as the “Template” partition. The information stored in the Configuration and Schema Partitions are replicated across the entire Active Directory forest.
The System Manager
This is a tool that you can use to completely manage the Server; users aren’t directly affected by this utility. When you open it for the first time, you see a screen like this:
I think that this view looks a little too cluttered, so the first thing that I usually do is selecting the options to view the Administrative and Routing Groups. To do this, right-click your Organization and select properties. Then check the two boxes to display the Administrative and Routing Groups. Your System Manager should now look like this:
The reason why I prefer this view is because most of the time you will be working with the Exchange Servers, Connectors or Mail Stores, so with this view, they are all nested together. So, I guess we’ll start at the top and work our way down the list.
Global Settings - The global settings are ones that affect the entire Exchange organization. They are broken down into three sections: Internet Message Formats, Message Delivery, and Instant Messaging settings.
Recipients – The Recipients section allows you to configure how recipient email addresses and Address Lists are generated. You can also configure what information people see, when they open users attributes through the Global address list in Outlook. There are seven sections here: Recipient Policies, All Address Lists, All Global Address Lists, Offline Address Lists, Recipient Update Services, Details Templates and Address Templates.
Administrative Groups in Exchange 2000 give you the ability to organize servers into groups for administrative purposes. With these administrative groups, you can create policies that apply to a set if servers in that administrative group. For example, you can create a policy for maximum size limits on mail or public folder stores.
Within the tools container, you can track messages, control the flow of Active Directory-to-Exchange 5.5 replication, and even check the status of other Exchange Servers.
Note: You must turn message tracking on at the Server to track messages!!! Right-Click your Server in the Administrative Group and Select the Enable Message Tracking check box.
Message tracking does not keep a copy of all messages sent through your organization, but it does log the paths that every message, since your enabled it, has taken in and out of your Exchange Organization.
As you can see, Exchange has some very interesting Administrative tools inside of the System Manager. I could go into much more detail, but I think it would take a VERY long time to cover all that. This could also turn into an in-depth tutorial if I went any further, and I can’t quite do that because then none of you would need to come to my company and take an Exchange 2000 class. If you are interested in me teaching you Exchange 2000, or any other Microsoft Server stuff, you can arrange it through my company at www.biermangroup.com. (Cheap plug) Let’s go on to more things in Exchange…
Helpful Knowledge Base Articles