Prepare Active Directory for Exchange 2007 SP1
In these procedures, you further prepare your Windows Server 2003 Active Directory installation to support Microsoft Exchange 2007 SP1.
Tasks
Extend the Maximum Number of Global Address Lists
Install Windows PowerShell on AD01
Run Exchange 2007 SP1 PrepareSchema
Run Exchange 2007 SP1 PrepareAD
Prerequisites
The following software is required to complete this section:
Exchange 2007 SP1 Media
Microsoft PowerShell 1.0.
PowerShell is available as a download from How to Download Windows PowerShell 1.0
Extend the Maximum Number of Global Address Lists
The default configuration of the global address list (GAL) class object allows only 1000 address lists. In this section, you use the MakeGalLinked tool to extend this limit.
Important
You must complete this procedure before you install the Exchange 2007 SP1 Schema extensions. If you do not, you may have to rebuild your Hosted Exchange environment again from clean servers.
Procedure W03-DWHE.1: To extend the maximum number of Global Address Lists
Log on to the Schema Master Flexible Single Master Operations (FSMO) server (AD01) and copy the makeGalLinked.exe file from the \Hosted Exchange\makeGalLinked directory from Microsoft Hosting Solutions for Service Providers to a local directory. Run the following command from the directory to which you copied makeGalLinked.exe:
makeGalLinked.exe /dc:<domain_controller_name> /domain:<domain_name> /admin:administrator /adminpwd:PROMPT /operation:makeGalLinked
Look for the following in the output that indicates the operation was successful:
"globalAddressList" schema object is a linked attribute with linkId: 4048
An entire result set looks like the following:
/Dc = /Domain = /Admin = /AdminPwd = /Operation = makeGalLinked "globalAddressList" schema object is not a linked attribute modifyLdapObject(): ldap_modify_s() succeed for modifying CN=Global-Address-List,CN=Schema,CN=Configuration,DC= ,DC= "globalAddressList" schema object is a linked attribute with linkId: 4048 [ TESTID ] : makegallinked ---------------- ezLog report ---------------- Console-only log started at 15:48:18 12/05/2003, finished at 15:48:18 12/05/2003. Time elapsed in Console-only log: 691 Milliseconds. There were 2 implicit blocks. 2 (100%) blocks attempted, 2 successful (100% of attempted, 100% of total). LOG_PASS 100% (2/2) [Attempted] [Successful] [0 resultant 2 invoked]
Install Windows PowerShell on AD01
Note
Before you extend your Active Directory directory service schema to support Exchange 2007 SP1, you need to install Microsoft Windows PowerShell 1.0 on AD01. The Exchange 2007 SP1 PrepareSchema command will not run without it.
To install Windows PowerShell, follow the procedures at How to Download Windows PowerShell 1.0.
Run Exchange 2007 SP1 PrepareSchema
Exchange 2007 SP1 PrepareSchema connects to the schema master and imports Lightweight Directory Access Protocol (LDAP) Data Interchange Format (LDIF) files to extend the Active Directory schema to include Exchange-specific classes and attributes. PrepareSchema also creates the container object for the Exchange organization in Active Directory.
Note
You must run this command on a computer that is in the same domain and the same Active Directory site as the Schema Master.
Procedure W03-DWHE.2: To run Exchange 2007 SP1 PrepareSchema
Log on to AD01 with an account that has both Enterprise and Schema Administrator privileges.
Open a command prompt. Change directory to the location of your Exchange 2007 SP1 installation media.
Run the following command:
Setup /PrepareSchema
Important
After you run this command, you should wait for the changes to replicate across your Exchange organization before continuing to the next step. The amount of time this takes is dependent upon your Active Directory site topology.
Run Exchange 2007 SP1 PrepareAD
After you run PrepareSchema and allow time for replication, you must run Exchange 2007 SP1 PrepareAD. PrepareAD creates the groups and permissions that are needed for Exchange servers to read and modify user attributes. The Exchange 2007 SP1 version of DomainPrep performs the following actions in the domain:
Creating the Exchange organization in the Active Directory.
Creating the Microsoft Exchange System Objects container for the domain
Creating the following Universal Security Groups (USGs) for Exchange:
Exchange Organization Administrators
Exchange Recipient Administrators
Exchange View-Only Administrators
Exchange2003Interop
Setting permissions on the global Exchange configuration container, the Microsoft Exchange System Objects container, and the USGs
Initializing domain permissions by setting permissions for users, contacts, and groups to enable Exchange servers and Exchange administrators to access and manage needed attributes
Procedure W03-DWHE.3: To run PrepareAD
Log on to AD01 with an account that has Enterprise Administrator privileges.
Open a command prompt. Change directory to the location of your Exchange 2007 SP1 installation media.
Run the following command:
Setup /PrepareAD /OrganizationName:Fabrikam
Note
Fabrikam is an example Exchange organization name in the reference deployment.
Procedure W03-DWHE.4: To verify that Active Directory has been prepared for Exchange 2007 SP1
To verify that this step completed successfully, make sure that there is a new organizational unit (OU) in the root domain called Microsoft Exchange Security Groups. This OU should contain the following new Exchange USGs:
Exchange Organization Administrators
Exchange Recipient Administrators
Exchange View-Only Administrators
Exchange Servers
ExchangeLegacyInterop