Working with Exchange 2010 (Part 3), Exchange 2010 Post Installation Tasks
In Part 1 of this lessons series, we went through the preparation which required installing Exchange 2010 on Windows 2008 R2. In Part 2, we installed Exchange 2010.
After we install Exchange Server 2010, we should verify the installation and perform post installation tasks and securing Exchange Server. This lesson (Part 3) describes the post installation tasks that we should perform.
The following are the post installation tasks which we will cover in this lesson:
Let's Start
Install Latest Exchange 2010 update (Rollup1).
Exchange server as any of Microsoft products need update from time to time. "Rollup" designated as Exchange 2010 update. Rollup are like a mini service packs which include all the interim patched designed to resolve a range of issues discovered after the product RTM version released. Exchange 2010 have one update since the release of the product which is the Rollup1. To install this update, you need to download it from the following link and install it in your Exchange 2010 Servers:
http://www.microsoft.com/downloads/details.aspx?FamilyID=371add31-d7a0-4c8b-8325-a6fced2d05e6&displaylang=en
Save the rollup in Exchange server local HDD and then double click on the file:
The welcome page of the wizard will appear, click next:
Accept the license terms and then click next:
The installation will start, usually it's take 10 to 15 minutes to finish:
Setup completed, click finish and then restart the Exchange Server
Check Exchange 2010 folder structure
You can see Exchange 2010 folder structure after completing the installation successfully. While we did the installation, we didn't change the default bath of Exchange 2010 installation. The default installation of Exchange 2010 placed in C:\Program Files\Microsoft\Exchange Server\V14, let's open this folder:
As we can see on the above, all Exchange file installed and placed correctly. The following will describes the above folders:
Check Exchange 2010 Services
During the installation of Microsoft Exchange Server 2010, Setup runs a set of tasks that install new services. A service is a background process that can be launched during operating system startup by the Service Control Manager in Microsoft Windows.
Services are executable files designed to operate independently and without administrative intervention. A service can run using either a graphical user interface (GUI) mode or a console mode.
Each server role includes services that are part of the server role to perform its functions.
The following figure lists the services installed by Exchange 2010:
We always have to make sure that Exchange required services running correctly. Many problems can could happen if one of the required servers not work.
You can read more about Exchange 2010 services from the following link:
http://technet.microsoft.com/en-us/library/ee423542.aspx
Check Exchange 2010 Installation Log file
Everything happened within Exchange installation process logs in files. You can back to those files to check your installation process specially if you face problems while the installation. To check the logs file, from Computer open ExchangeSetupLogs folder:
Double-click ExchangeSetup.log to open it. This log file contains information about the status of prerequisite and system-readiness checks that Exchange Server performs before the installation begins. This log also contains information about every task that occurs during the Exchange Server setup, and is the most complete log available for troubleshooting installation errors.
The following will describe some of the other files in this folder:
Register Filter Pack IFilters with Exchange 2010.
Exchange Search uses IFilters to index text content in different file formats. Microsoft Filter Pack includes filters for Microsoft Office 2007 file formats. Installation of the Filter Pack is a prerequisite for Exchange 2010.
The following file name extensions are supported by the filter pack:
.docm, .docx, .one, .pptm, .pptx, .vdx, .vsd, .vss, .vst, .vsx, .vtx, .xlsb, .xlsm, .xlsx, .zip.
After you install the Filter Pack, the included IFilters are registered with Windows Search. To enable Exchange Search to index Office 2007 file formats, you must register the installed IFilters for Exchange 2010 by modifying the registry.
You must perform this step after you have installed Exchange 2010 on the server, to do that; you have to options:
In our lesson, we will choose the automatic option. To do that; Microsoft upload a script to run it in Exchange server. You can get the script from the following site:
http://technet.microsoft.com/en-us/library/ee732397.aspx#RegisterAutomatically
Copy the Script to Notepad file, Save it on C: drive and rename it to "RegisterMicrosoftFilterPack.ps1" like the following:
Now; open Exchange Management Shell and Run the script like the following:
It's completed:
Now; we need to restart MSExchangeSearch service like the following:
Run Microsoft Exchange Server Best Practices Analyzer Tool.
The Microsoft Exchange Server Best Practices Analyzer Tool automatically examines an Exchange Server deployment and determines whether the configuration meets with Microsoft best practices.
Microsoft performs periodic updates on the definitions that the Exchange Server Best Practices Analyzer uses, so they typically reflect the latest version of the Microsoft best practices recommendations.
It's recommend running the Exchange Server Best Practices Analyzer after you install a new Exchange server, upgrade an existing Exchange server, or make configuration changes.
To use Exchange Server Best Practices Analyzer tool, open Exchange Management Console, and click Toolbox and then double click on Best Practices Analyzer:
In welcome page, click on "Check for updates on Startup" and click on "I don't want to join the program at the time" and then click on "Check for updates now":
If there are an update, the tool will download it and install it. In our case, there are not update at this moment. Now click on "Go to the Welcome Screen":
Click on "Select options for a new scan":
Keep the default DC and then click on "Connect to the Active Directory server":
In the "Enter an identifying label for this scan box" type any name you want. In the "Specify the scope for this scan box", it's checked our exchange server, if you have more than one exchange server, they all will appear and you can select them all to do the scan from central place. In "Select the type of scan ... etc" click on Health check. Now click on Start Scanning:
Now the scan will start:
While waiting the scan to finish, let's mention some points in Best Practices Analyzer:
The Exchange Server Best Practices Analyzer can perform four types of scans:
Select Fast LAN (100 mbps or more) as the network speed, this setting does not have any influence on test performance. The estimated scan time is generated based on the network speed selected.
You also can schedule scans for specific times. This scan gathers performance data or performs a weekly health check. However, to perform a scheduled scan, you must configure credentials under which the scan runs. The credentials are configured in the Connect to Active Directory screen in the advanced logon options.
After the scan is completed, click View a report of this Best Practices scan:
The first tab displayed is the Critical Issues tab. This tab highlights issues that you should consider addressing immediately:
Click the All Issues tab, this tab shows any issues that may be a concern:
Click the Informational Items tab, This tab displays configuration information about your Exchange Server organization:
Enter Exchange 2010 Product Key
Exchange 2010 evaluation copy which we use work for 120 days. We can see that when we open the Exchange Management Console, the warning pup-up appear which tell us about the rime remaining for the evaluation copy:
Depending on the product key that you enter, Exchange will determine if the server is running the Standard Edition or Enterprise Edition of Exchange 2010 and will update any necessary settings.
Ok, what if we don't enter the Exchange key? simply the exchange will stop. For that; you need to enter exchange product key. To Enter the key, open Exchange Management Console, In the console tree, navigate to the Server Configuration and then in the action pane, click Enter Product Key Group:
On the Enter Product Key page, enter the product key, and then click Enter:
On the Completion page, review the following, and then click Finish to close the wizard:
As you can see on the above, you need to restart the Information Store service.
Antivirus recommendations
It is recommended to install Antivirus software on every Exchange server. This antivirus software should be Exchange 2010 aware so that it can work properly and does not damage the Exchange databases or other configuration.
On Mailbox servers, antivirus software scans mailbox and public folder databases. On Hub Transport servers and Edge Transport Servers, antivirus software scans messages as they are sent between users.
It's recommended to use Forefront for Exchange 2010 as an antivirus application level software.
Also; it's recommended to deploy a file-level antivirus on Exchange 2010 servers, make sure the appropriate exclusions such as directory exclusions, process exclusions, and file name extension exclusions, are in place for both scheduled and real-time scanning.
The following link provide all files which you need to exclude from the Antivirus file-level scan, it's apply for Exchange 2007 and Exchange 2010:
http://technet.microsoft.com/en-us/library/bb332342%28EXCHG.80%29.aspx
Securing Exchange 2010 Server
Security is important for all the servers in your environment. However, security is even more important for computers running Exchange Server. For most organizations, messaging is a critical part of the network. SCW is a tool which we can use to secure our Exchange servers.
The Security Configuration Wizard (SCW) is a tool that was introduced with Microsoft Windows Server 2003 Service Pack 1.
Use the SCW to minimize the attack surface for servers by disabling Windows functionality that is not required for Microsoft Exchange Server 2010 server roles.
The SCW automates the security best practice of reducing attack surface for a server. The SCW uses a role-based metaphor to solicit services that are required for the applications on a server. This tool reduces the susceptibility of Windows environments to exploitation of security vulnerabilities.
By following the below link, you can register the required files for Exchange 2010 to use SCW later:
http://technet.microsoft.com/en-us/library/bb124977.aspx
Discuss installing any additional third-party software if necessary.
After install Exchange 2010, you might need to install another software or third party tools which they are necessary to do some tasks. Before you install any additional software, ensure that it Microsoft certifies it for use with Exchange Server 2010.
Some of the additional software you might want to install or configure includes:
Until here, This lesson finished. We will continue working with exchange 2010 in coming lessons.
If you like to read the other parts in this article series please go to:
Working with Exchange 2010 (Part 1), Preparation to Install Exchange 2010
Working with Exchange 2010 (Part 2), Install Exchange 2010
Regards,
Ra'fat
Hello Ra'fat,
I truly believe that this a great offer, I believe that you're putting a lot of efforts into the Exchange, and you always choose to share this effort and knowledge.
I like how you presented the lessons, and how you added links and all needed information
thanks a lot for posting here and choosing to share the knowledge,
Thumbs up.
Asem
Home