Installing New Exchange 2003 Servers
This topic provides information about deploying new installations of Microsoft® Exchange Server 2003 in your organization. Specifically, this topic will:
Provide you with the requirements necessary to install Exchange 2003.
Provide you with information about running Exchange Server 2003 Deployment Tools.
Provide you with information about front-end and back-end architecture, including how to configure a front-end server.
Show you how to run ForestPrep.
Show you how to run DomainPrep.
Show you how to install Exchange Server 2003 on new servers, including how to run Exchange Server 2003 Setup in attended and unattended modes.
Note
If you are migrating an Exchange Server 2003 server to a new Exchange Server 2003 computer see Microsoft KB article 822945, How to move Exchange 2003 to new hardware and keep the same server name. Use the information provided in that article together with the information in this topic to install a new Exchange Server 2003 server.
Permissions for Installing New Exchange Server 2003 Servers
After ensuring that your organization meets the necessary prerequisites, the procedures referenced in this topic guide you through the deployment process. This process includes installing the first Exchange Server 2003 computer into your organization.
Table 1 lists the required permissions or roles for the procedures referenced in this topic.
Table 1 Procedures referenced in this topic and corresponding permissions
| Procedure | Required permissions or roles |
|---|---|
Enable Microsoft Windows® 2000 Server or Microsoft Windows Server™ 2003 services |
|
Run ForestPrep on a domain controller (updates the Microsoft Active Directory® directory service schema) |
|
Run DomainPrep |
|
Install Exchange Server 2003 on the first server in a domain |
|
Install Exchange Server 2003 on additional servers in the domain |
|
Install the first instance of a connector |
|
For more information about managing and delegating permissions and user and group authorities, see the Exchange Server 2003 Administration Guide (https://go.microsoft.com/fwlink/?LinkId=47617).
Exchange Server 2003 Security Considerations
Before installing Exchange Server 2003 in your organization, it is important that you are familiar with your organization's security requirements. Familiarizing yourself with these requirements helps ensure that your Exchange Server 2003 deployment is as secure as possible. For more information about planning Exchange Server 2003 security, see the following guides:
Planning an Exchange Server 2003 Messaging System (https://go.microsoft.com/fwlink/?LinkId=47584)
Exchange Server 2003 Security Hardening Guide (https://go.microsoft.com/fwlink/?LinkId=47578)
Exchange Server Deployment Tools
Exchange Server Deployment Tools are tools and documentation that lead you through the entire installation or upgrade process. To ensure that all of the required tools and services are installed and running properly, it is recommended that you run Exchange Server 2003 Setup through the Exchange Server Deployment Tools.
Note
You must download the latest version of the Exchange Server Deployment Tools before you run them. To receive the latest version of the tools, see the Downloads for Exchange Server 2003 Web site (https://go.microsoft.com/fwlink/?linkid=25097).
For detailed steps about how to start the Exchange Server Deployment Tools, see How to Start the Exchange Server Deployment Tools. After you start the tools and specify that you want to follow the process for New Exchange Server 2003 Installation, you are provided with a checklist detailing the following installation steps:
Verify that your organization meets the specified requirements.
Install and enable the required Windows services.
Run the DCDiag tool.
Run the NetDiag tool.
Run ForestPrep.
Run DomainPrep.
Run Exchange Setup.
With the exception of running the DCDiag and NetDiag tools, each of these installation steps is detailed later in this topic. For more information about the DCDiag and NetDiag tools, refer to the Exchange Server Deployment Tools. It is recommended that you run the DCDiag and NetDiag tools on every server on which you plan to install Exchange Server 2003.
When you use Exchange Server Deployment Tools, you can run specific tools and utilities to verify that your organization is ready for the Exchange Server 2003 installation. If you do not want to run Exchange Server Deployment Tools, read the remaining sections in this topic for information about manually installing Exchange Server 2003.
System-Wide Requirements for Exchange Server 2003
Before you install Exchange Server 2003, ensure that your network and servers meet the following system-wide requirements:
Domain controllers are running Windows 2000 Server Service Pack 3 (SP3) or Windows Server 2003.
Global catalog servers are running Windows 2000 SP3 or Windows Server 2003. It is recommended that you have a global catalog server in every domain where you plan to install Exchange Server 2003.
Domain Name System (DNS) and Windows Internet Name Service (WINS) are configured correctly in your Windows site.
Servers are running Windows 2000 SP3 or Windows Server 2003 Active Directory.
For more information about Windows 2000 Server, Windows Server 2003, Active Directory, and Domain Name System (DNS), see the following resources:
Windows 2000 Help
Windows Server 2003 Help
Best Practice Active Directory Design for Exchange 2000 Server (https://go.microsoft.com/fwlink/?LinkId=17837)
Planning an Exchange Server 2003 Messaging System (https://go.microsoft.com/fwlink/?LinkId=47584)
Server-Specific Requirements for Exchange Server 2003
Before you install Exchange Server 2003, ensure that your servers meet the requirements that are described in this section. If your servers do not meet all the requirements, Exchange Server 2003 Setup will stop the installation.
Hardware Requirements
The following are the minimum and recommended hardware requirements for Exchange Server 2003 servers:
Intel Pentium or compatible 133 megahertz (MHz) or faster processor
256 megabytes (MB) of RAM recommended minimum, 128 MB supported minimum
500 MB of available disk space on the drive on which you install Exchange
200 MB of available disk space on the system drive
CD-ROM drive
SVGA or higher-resolution monitor
For more information about hardware requirements for front-end and back-end servers, see the guide Exchange Server 2003 and Exchange 2000 Server Front-End and Back-End Server Topology Guide (https://go.microsoft.com/fwlink/?LinkId=47567).
File Format Requirements
To install Exchange Server 2003, disk partitions must be formatted for NTFS file system and not for file allocation table (FAT). This requirement applies to the following partitions:
System partition
Partition that stores Exchange binaries
Partitions containing transaction log files
Partitions containing database files
Partitions containing other Exchange files
Operating System Requirements
Exchange Server 2003 is supported on the following operating systems:
Windows 2000 SP3 or later
Note
Windows 2000 SP3 or later is available for download at https://go.microsoft.com/fwlink/?linkid=18353. Windows 2000 SP3 or later is also a prerequisite for running the Exchange Server 2003 Active Directory Connector.
Windows Server 2003
Installing and Enabling Internet Information Services on Windows 2000 or Windows Server 2003
Exchange Server 2003 Setup requires that the following components and services be installed and enabled on the server:
.NET Framework
ASP.NET
Internet Information Services (IIS)
World Wide Web Publishing Service
Simple Mail Transfer Protocol (SMTP) service
Network News Transfer Protocol (NNTP) service
If you are installing Exchange Server 2003 on a server running Windows 2000, Exchange Setup installs and enables the Microsoft .NET Framework and ASP.NET automatically. You must install the World Wide Web Publishing Service, the SMTP service, and the NNTP service manually before running Exchange Server 2003 Installation Wizard.
If you are installing Exchange Server 2003 in a native Windows Server 2003 forest or domain, none of these services is enabled by default. You must enable the services manually before running Exchange Server 2003 Installation Wizard.
Important
When you install Exchange on a new server, only the required services are enabled. For example, Post Office Protocol version3 (POP3), Internet Message Access Protocol version4 (IMAP4), and NNTP services are disabled by default on all of your Exchange Server 2003 servers. You should enable only services that are essential for performing Exchange Server 2003 tasks.
For detailed steps about how to install the IIS prerequisites for Exchange Server 2003 on Windows 2000, see How to Install IIS Prerequisites for Exchange Server 2003 on Windows 2000.
For detailed steps about how to install the IIS prerequisites for Exchange Server 2003 on Windows Server 2003, see How to Install IIS Prerequisites for Exchange Server 2003 on Windows Server 2003.
Running Exchange Server 2003 ForestPrep
Exchange Server 2003 ForestPrep extends the Active Directory schema to include Exchange-specific classes and attributes. ForestPrep also creates the container object for the Exchange organization in Active Directory. The schema extensions supplied with Exchange Server 2003 are a superset of those supplied with Exchange 2000 Server. Even if you have run Exchange 2000 ForestPrep, you must run Exchange Server 2003 ForestPrep again. For information about the schema changes between Exchange 2000 and Exchange Server 2003, see "Exchange Server 2003 Schema Changes" in the guide What's New in Exchange Server 2003 (https://go.microsoft.com/fwlink/?LinkId=47591).
In the domain where the schema master resides, run ForestPrep. (By default, the schema master runs on the first Windows domain controller installed in a forest.) Exchange Setup verifies that you are running ForestPrep in the correct domain. If you are not in the correct domain, Setup informs you which domain contains the schema master. For information about how to determine which of your domain controllers is the schema master, see Windows 2000 or Windows Server 2003 Help.
The account you use to run ForestPrep must be a member of the Enterprise Administrator and the Schema Administrator groups. While you are running ForestPrep, you designate an account or group that has Exchange Full Administrator permissions to the organization object. This account or group has the authority to install and manage Exchange Server 2003 throughout the forest. This account or group also has the authority to delegate additional Exchange Full Administrator permissions after the first server is installed.
Important
When you delegates Exchange roles to a security group, it is recommend that you use Global or Universal security groups and not Domain Local security groups. Although Domain Local security groups can work, they are limited in scope to their own domain. In many scenarios, Exchange Setup needs to authenticate to other domains during the installation. Exchange Setup may fail in this case because of a lack of permissions to your external domains.
Note
To decrease replication time, it is recommended that you run Exchange Server 2003 ForestPrep on a domain controller in your root domain.
For detailed steps about how to run ForestPrep for Exchange Server 2003, see How to Run Exchange Server 2003 ForestPrep.
Running Exchange Server 2003 DomainPrep
After you run ForestPrep and allow time for replication, you must run Exchange Server 2003 DomainPrep. DomainPrep creates the groups and permissions necessary for Exchange servers to read and modify user attributes. The Exchange Server 2003 version of DomainPrep performs the following actions in the domain:
Creates Exchange Domain Servers and Exchange Enterprise Servers groups.
Nests the global Exchange Domain Servers into the Exchange Enterprise Servers local group.
Creates the Exchange System Objects container, which is used for mail-enabled public folders.
Sets permissions for the Exchange Enterprise Servers group at the root of the domain, so that Recipient Update Service has the appropriate access to process recipient objects.
Modifies the AdminSdHolder template where Windows sets permissions for members of the local Domain Administrator group.
Adds the local Exchange Domain Servers group to the Pre-Windows 2000 Compatible Access group.
Performs Setup pre-installation checks.
The account you use to run DomainPrep must be a member of the Domain Administrators group in the local domain and a local computer administrator. You must run DomainPrep in the following domains:
The root domain.
All domains that will contain Exchange Server 2003 servers.
All domains that will contain Exchange Server 2003 mailbox-enabled objects (such as users and groups), even if no Exchange servers will be installed in these domains.
All domains that will contain global catalog servers that Exchange directory access components may potentially use.
All domains that will contain Exchange Server 2003 users and groups that you will use to manage your Exchange Server 2003 organization.
Note
Running DomainPrep does not require any Exchange permissions. Only Domain Administrator permissions are required in the local domain.
For detailed steps about how to run DomainPrep for Exchange Server 2003, see How to Run Exchange Server 2003 DomainPrep.
Running Exchange Server 2003 Setup
After planning and preparing your Exchange organization in accordance with the requirements and procedures listed in this topic, you are ready to run Exchange Server 2003 Setup.
To install the first Exchange Server 2003 server in the forest, you must use an account that has Exchange Full Administrator permissions at the organization level and is a local administrator on the computer. Specifically, you can use the account you designated while running ForestPrep or an account from the group that you designated.
Important
When you deploy Exchange Server 2003 servers into multiple domains for the first time, verify that the installation information for the first server you install replicates to all domains before you install the next server. If installation information from the first server has not replicated to all domains, there will be replication collision issues, and that server will lose permissions for the organizational object in Active Directory.
For detailed steps, see How to Install Exchange Server 2003.
For important information about post-deployment steps, see Post-Installation Steps for Exchange Server 2003. That topic includes information about how to verify that your Exchange installation was successful. It also includes information about the latest Exchange Server 2003 service packs and security patches.
Unattended Setup and Installation
Deploying multiple Exchange Server 2003 servers in a large organization with intensive messaging needs can be a time consuming and resource-intensive effort. Your organization may need several hundred Exchange Server 2003 servers, and though many of these servers will be configured identically, you may not have the resources to accomplish the deployment in a given time frame.
To remedy this problem, after you install your first Exchange Server 2003 server, you can install the subsequent Exchange servers in unattended mode, so that you can automate your server installations. An unattended setup of an Exchange Server 2003 server proceeds and completes without any prompts or dialog boxes. Furthermore, an unattended setup creates an answer file that stores information about a sample configuration. The file can then be used to set up Exchange Server 2003 on multiple servers. An answer file contains the deployment parameters and sample configurations so that you can specify what type of installation you want to perform. These configurations are normally set when you perform a manual Exchange Server 2003 installation on one of your servers.
You can run unattended setup only on servers that meet the requirements listed in "System-Wide Requirements for Exchange Server 2003" and "Server-Specific Requirements for Exchange Server 2003" earlier in this topic. Do not run an unattended setup if your servers do not meet these requirements.
For more information about unattended setup, see Microsoft Knowledge Base article 312363, "How to install Exchange 2000 Server in unattended mode." (https://go.microsoft.com/fwlink/?linkid=3052&kbid=312363).
For detailed steps about how to create an answer file for running unattended setup, see How to Create an Answer File for Running Unattended Exchange Setup.
For detailed steps about how to use an answer file to run unattended setup, see How to Use an Answer File for Unattended Exchange Setup.
Note
If Autologon is enabled on the server where the unattend answer file is created, the password of the user creating the answer file is stored in plain text in the answer file. Disable Autologon before using the /createunattend switch. For information about how to enable and disable Autologon, see Microsoft Knowledge Base article 234562, "How to Enable Automatic Logon in Windows 2000 Professional" (https://go.microsoft.com/fwlink/?linkid=3052&kbid=234562).
After starting unattended setup, Exchange Server 2003 is installed on your server automatically without any user interaction. To verify that your Exchange installation is successful, see Post-Installation Steps for Exchange Server 2003.
When Unattended Setup Can Be Run
You can run unattended setup for the following procedures:
Installing the second to nth Exchange Server 2003 server in your organization
Installing Exchange Server 2003 System Management Tools
Running DomainPrep
When Unattended Setup Cannot Be Run
You cannot run unattended setup for the following procedures:
Installing the first Exchange Server 2003 server in your organization
Installing Exchange Server 2003 in a Windows cluster
Installing Exchange Server 2003 in a mixed-mode environment (for example, Exchange Server 5.5 and Exchange Server 2003)
Performing any maintenance tasks (for example, adding or removing programs, re-installing Exchange, or upgrading from Exchange 2000 Server)
Switching from Mixed Mode to Native Mode
By default, when you complete your installation of Exchange Server 2003 into your organization, Exchange Server 2003 is running in mixed mode. If your Exchange Server 2003 servers have to coexist with Exchange Server 5.5 in the future, your organization must run in mixed mode. An Exchange mixed-mode organization uses Site Replication Service to ensure future interoperability and communication between Exchange Server 2003 servers and Exchange Server 5.5.
Running in mixed mode limits the functionality of Exchange Server 2003. Therefore, it is recommended that you switch from mixed mode to native mode. This section discusses the advantages of a native-mode Exchange organization and provides the steps to switch from mixed mode to native mode.
You are ready to change your Exchange Server 2003 organization to native mode if your organization will never require interoperability between your Exchange Server 2003 servers and Exchange Server 5.5 servers in the same organization.
Note
After you switch your Exchange Server 2003 organization from mixed mode to native mode, you cannot switch the organization back to mixed mode. Make sure that your Exchange Server 2003 organization will not have to interoperate with Exchange Server 5.5 in the future before you switch from mixed mode to native mode.
Advantages of Running Exchange in Native Mode
Because many Exchange Server 2003 features are available only when you run your Exchange Server 2003 organization in native mode, it is recommended that you switch from mixed mode to native mode. Running Exchange Server 2003 in native mode has the following advantages:
You can create query-based distribution groups. A query-based distribution group provides the same functionality as a standard distribution group. However, instead of specifying static user memberships, with a query-based distribution group you can use an LDAP query to build membership in the distribution group dynamically. For more information about query-based distribution groups, see "Managing Recipients and Recipient Policies" in the Exchange Server 2003 Administration Guide (https://go.microsoft.com/fwlink/?LinkId=47617).
Your routing bridgehead server pairs use 8BITMIME data transfers instead of converting to 7-bit. This difference equates to a considerable bandwidth saving over routing group connectors.
Routing groups can consist of servers from multiple administrative groups.
You can move Exchange Server 2003 servers between routing groups.
You can move mailboxes between administrative groups.
Simple Mail Transfer Protocol (SMTP) is the default routing protocol.
Switching to Native Mode
For detailed steps about how to switch your Exchange organization from mixed mode to native mode, see How to Convert from Mixed Mode to Native Mode in Exchange.
Important
After you switch your Exchange Server 2003 organization from mixed mode to native mode, you cannot switch the organization back to mixed mode. Before you switch from mixed mode to native mode, ensure that your Exchange Server 2003 organization will not have to interoperate with Exchange Server 5.5 in the future.
To take full advantage of Exchange native mode, you must restart the Microsoft Exchange Information Store service on all of the Exchange servers in your organization. You do not need to restart all of the Microsoft Exchange Information Store services simultaneously, but you must restart the service on each server for the server to take advantage of all Exchange native mode features. Restart the Microsoft Exchange Information Store service on your Exchange servers after the change to native mode has been replicated to your local Windows domain controller. For detailed steps, see How to Restart the Microsoft Exchange Information Store Service.
Uninstalling Exchange Server 2003
After ensuring that your organization meets certain prerequisites, you can run Exchange Setup to uninstall Exchange Server 2003. For detailed steps, see How to Uninstall Exchange Server 2003.