Exchange 2000 Server Deployment Best Practices and Resources
| Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
Published: May 21, 2001
On This Page
Understand and Communicate Upgrade Benefits
Simultaneous Deployment of Exchange Server and Active Directory
Understand the Deployment Process
Active Directory Connector as a Bridge
Migrating Users from Exchange Server 5.5 to Exchange 2000 Server
Upgrading to Exchange 2000 Server Without a Complete Active Directory Deployment
Upgrading with Multiple Active Directory Forests or Merging Exchange Server 5.5 Organizations
Non-Microsoft Products to Assist with the Migration
Additional Resources for Active Directory
Read this document for answers to many common questions about deploying Exchange 2000 Server and understanding the relationship between Exchange Server and Active Directory directory service. Find out about best practices and explore the additional deployment resources.
Understand and Communicate Upgrade Benefits
Whether an organization is upgrading Exchange Server, migrating to Exchange Server from one or more existing messaging systems, or choosing Exchange Server as the company's first messaging and collaboration server, the first step is to understand Exchange Server from a business, as well as a technical, perspective.
Exchange 2000 Server Business Value
The integration of Exchange 2000 Server and Microsoft Windows 2000 reduces costs by providing a single point of administration for all networking and messaging resources. A unified Windows 2000 security model results in only one set of permissions and user accounts for administrators to manage.
Additionally, the use of Windows 2000 Active Directory and Microsoft Management Console (MMC) for centralized management reduces the number of administrators needed to run network and messaging systems and simplifies technician and administrator training. Administrative policies make changing a wide range of objects, such as mailboxes, quick and easy.
Using Windows 2000 Active Directory with Exchange Server also makes system planning and deployment easier, since companies do not need to deploy separate directory structures for messaging and network infrastructure.
Supporting Case Studies
The following reports listed on the Microsoft Case Studies site demonstrate how three companies increased their internal rate of return (IRR) by deploying Exchange 2000 Server as their messaging and collaboration server.
Simultaneous Deployment of Exchange Server and Active Directory
With Exchange 2000 Server, Active Directory provides important services such as address book information for e-mail clients and directory information for efficient message routing.
Deploying Windows 2000 and Exchange 2000 Server simultaneously saves time, simplifies the planning and deployment process, and provides important hands-on experience with Active Directory while still running Microsoft Windows NT 4.0 and the Exchange Server 5.5 infrastructure. In addition, users can be upgraded to Exchange 2000 Server and Windows 2000 at the discretion of the administrator. For example, a few can be upgraded initially in a pilot mode, and then entire departments or divisions can be upgraded. The full cost savings of server consolidation and combined network and messaging administration will be realized when all users are upgraded to Exchange 2000 Server and Windows 2000.
The benefits provided by Windows 2000, such as unified administration and a single directory, are more valuable when organizations deploy a single Active Directory forest. If they choose to upgrade Windows NT 4.0 infrastructure after their Exchange 2000 Server deployment has started, administrators should plan carefully to avoid creating multiple forests.
Understand the Deployment Process
If the organization is not planning to purchase new hardware to consolidate their servers running Exchange Server 5.5, they need to perform the following steps as part of the upgrade:
Upgrade their existing servers running Exchange Server to Exchange Server 5.5 with Service Pack 3 (SP3) or later (included in the box with Exchange 2000 Server).
Upgrade their existing servers running Exchange Server from Windows NT 4.0 to Windows 2000 Server with Service Pack 1 or later.
At a minimum, if upgrading from Exchange Server 5.5 or earlier, deploying an Active Directory and Exchange 2000 Server infrastructure requires that at least one server running Exchange Server 5.5 with SP3 or later in every Exchange Server site to be upgraded. The main upgrade steps are:
Populate Active Directory with user account information using Active Directory Connector.
Deploy global catalog servers to support Exchange 2000 Server and Microsoft Outlook 2000 address lookups against Active Directory. Note: These are the same servers that perform logon authentication for users once user accounts are upgraded to Windows 2000. Think of them as combined backup domain controllers and Exchange Server directory servers.
Upgrade Windows NT 4.0 user accounts to Windows 2000 Active Directory accounts. Note: This step is optional. If user accounts are not ready to be moved over to Active Directory, the Active Directory Connector performs the task of mapping Windows NT 4.0 accounts to the Exchange 2000 Server mailboxes in Active Directory.
Deploy servers running Exchange Server to store mail data. These can be either deployed as new servers and the Move Mailbox tool can consolidate several older servers onto newer equipment running Exchange 2000 Server, or existing servers running Exchange Server 5.5 can be upgraded, as long as they are running Windows 2000 Server and Exchange Server 5.5 with SP3 or later.
For more information, read:
Active Directory Connector as a Bridge
Active Directory Connector is a bridge to Windows 2000 and is a powerful tool for deploying and populating Active Directory while still allowing the use of Windows NT and Exchange Server 5.5 infrastructure.
Active Directory Connector must be used to populate Active Directory with the valuable information stored in the Exchange Server 5.5 directory. This is a prerequisite for the upgrade. Once Active Directory Connector is deployed, there will be ongoing synchronization between Exchange Server 5.5 and Active Directory.
Over time, networking services, such as file and print validation, are added to these Active Directory accounts, simplifying the upgrade process.
Populating Active Directory and the Role of the Active Directory Connector
Active Directory Connector is a piece of software that is deployed to populate Active Directory with directory information that previously resided in the Exchange Server 5.5 directory. While a company retains mixed environments of Exchange 2000 Server and Exchange Server 5.5, it's important to keep the information in Active Directory and the Exchange Server 5.5 directory in sync. Active Directory Connector performs this task.
Migrating Users from Exchange Server 5.5 to Exchange 2000 Server
Once Active Directory Connector is in place and Active Directory is populated with user information, administrators have the choice of upgrading an entire server running Exchange Server 5.5 to Exchange 2000 Server or simply moving an individual mailbox onto a new server running Exchange 2000 Server.
Clean Up Active Directory Prior to Exchange 2000 Server Deployment
Once Active Directory Connector is in place and Active Directory is populated with user information, administrators should clean up the Active Directory information prior to mainstream Exchange 2000 Server deployment. In particular, they should be sure to check for duplicate accounts and, if necessary, use the Active Directory Clean Up Wizard to clean up such accounts. Additionally, this stage of the deployment is a great time to delete any old or inactive user accounts.
Migrating Users from Exchange Server 5.5 to Exchange 2000 Server
Once Active Directory Connector is in place and Active Directory is populated with user information, companies have the choice of upgrading an entire server running Exchange Server 5.5 to Exchange 2000 Server or moving individual mailboxes onto a new server running Exchange 2000 Server to take advantage of the increased storage flexibility with support for multiple databases.
Microsoft Recommendations for In-Place Upgrades Versus Moving Mailboxes to New Hardware Running Exchange 2000 Server
For single-server deployments, the in-place upgrade makes sense. However, larger enterprises with many servers to upgrade might perform an in-place upgrade as an interim step instead of moving directly to newer hardware and storage systems that facilitate server consolidation.
Additionally, larger companies typically want to deploy a test server well in advance of performing an in-place upgrade. Once the test server is functioning, they can choose to do a combination of mailbox moves and in-place upgrades to support their server consolidation and/or deployment goals.
Upgrading a Server Running Exchange Server 5.5 to Exchange 2000 Server
As mentioned previously, a prerequisite for upgrading servers running Exchange Server 5.5 to Exchange 2000 Server is that the server first be upgraded to Exchange Server 5.5 SP3 or later. Additionally, the server should also be upgraded from Windows NT 4.0 to Windows 2000 SP1 or later. Once the server has been upgraded, administrators can run Exchange 2000 Server Setup from the CD and upgrade the server to Exchange 2000 Server.
Important: Prior to performing an in-place upgrade, administrators should thoroughly test Active Directory Connector and the upgrade process.
Moving Mailboxes from an Earlier Version of Exchange Server to Exchange 2000 Server
There are two key benefits of this approach. Administrators can easily test that Exchange 2000 Server and Active Directory Connector are functioning correctly before user mailboxes are upgraded. They can also easily move a mailbox back to a server running Exchange Server 5.5 if they encounter any deployment issues.
Upgrading to Exchange 2000 Server Without a Complete Active Directory Deployment
Deploying Exchange 2000 Server in a Windows NT 4.0 and Exchange Server 5.5 environment does not require that the Active Directory infrastructure be fully deployed.
Because Exchange Server 5.5 and Windows NT 4.0 have been so popular and widely deployed, Exchange 2000 Server has been designed to enable a company to begin deploying Exchange 2000 Server without requiring the full Windows NT 4.0 infrastructure to be upgraded first. Active Directory Connector can be configured to create disabled mailbox accounts in Active Directory while existing Windows NT 4.0 user accounts can be retained for logon validation.
It is, however, important to note that Exchange 2000 Server users go to Active Directory to retrieve address book information. So, the company still needs to deploy servers running Active Directory to support the Exchange 2000 Server users.
Upgrading Windows NT 4.0 User Accounts to Windows 2000 After Upgrading to Exchange 2000 Server
If Active Directory Connector has been deployed, user information for the Windows NT 4.0 users already exists in Active Directory in the form of a disabled user account. This disabled account has no security rights in the Active Directory forest and includes all the Exchange Server 5.5 directory information, such as e-mail address, office location, and phone number.
When the Windows NT 4.0 account is upgraded to Windows 2000, a fully enabled account in Active Directory is created in addition to the existing Active Directory account. By running the Active Directory Clean Up Wizard, the directory information on the disabled account can be merged with the new, security-enabled Active Directory account. The new Active Directory account retains existing security privileges, including rights to access an Exchange Server 5.5 mailbox if the mailbox has not yet been upgraded to Exchange 2000 Server.
Note that if companies upgrade Windows NT accounts at a later time, user account passwords must be reset. The use of non-Microsoft tools from vendors such as NetIQ is encouraged. These tools help more smoothly and rapidly upgrade Windows NT domain accounts to Windows 2000.
Upgrading with Multiple Active Directory Forests or Merging Exchange Server 5.5 Organizations
This is a common scenario where an organization needs a single, global messaging system. However, due to a variety of factors, having a single Active Directory forest is not possible. In some cases, there can be multiple Windows 2000 forests, Windows NT 4.0 domains, or even multiple Exchange Server 5.5 organizations that the Windows 2000 and Exchange 2000 Server deployment teams have little control over.
Because Exchange 2000 Server must exist within an Active Directory forest, a single forest should be selected as the one in which Exchange 2000 Server resides. In that Exchange 2000 Server forest, the administrator can populate Active Directory with Exchange 2000 Server mailboxes for all existing accounts in that forest. For accounts in other forests or Windows NT 4.0 domains, the administrator can create disabled mailbox accounts in Active Directory and associate them with the corresponding account in the external forest or Windows NT 4.0 domain. Users in another forest can then gain access to their mailboxes even though Exchange 2000 Server is installed in a different Active Directory forest.
Microsoft Metadirectory Services (MMS) can be used to synchronize the Active Directory forest containing Exchange 2000 Server account data with other Active Directory forests, Exchange Server 5.5 organizations, Netscape directory servers, or other foreign directories.
Active Directory Migration and Interoperability Technologies
Technology |
|---|
| Scenario: Upgrading to Windows 2000 from Windows NT Server 4.0 |
Active Directory Migration Tool (ADMT) |
Independent Software Vendor (ISV) Products from Mission Critical, Entevo, Master Design, and Aelita |
| Scenario: Synchronization between Exchange Server 5.x Address Books and Active Directory |
Active Directory Connector (ADC) |
| Scenario: Multidirectory Management and Metadirectory Configurations |
MMS |
Non-Microsoft Products to Assist with the Migration
There are several Active Directory–enabled products from Microsoft Partners that can assist with the deployment process. NetIQ, in particular, has a set of tools that greatly expands on that what is available with the standard Active Directory Migration Tool.
For more information, see Active Directory Services, Tools, and Business Solutions from non-Microsoft Companies on the Windows 2000 site.
NetIQ
"NetIQ is a leading provider of systems and applications management solutions for Windows NT and Windows 2000 environments. The NetIQ AppManager Suite provides comprehensive monitoring of Windows NT and Windows 2000–based systems and over thirty applications such as Exchange 2000 Server, Microsoft SQL Server, Citrix MetaFrame, Oracle, SAP R/3, and Lotus Domino. AppManager optimizes performance, provides service level reporting, ensures availability through automated problem detection and correction, and reduces support costs associated with managing and monitoring distributed Windows NT and Windows 2000 environments." --NetIQ
For more information, see the NetIQ site.
BindView
"BindView's bv-Admin product suite is the complete directory management solution that makes sense of your directories, brings them under one point of control, and puts them to work toward your company's goals. Whether your environment includes, or will include, Active Directory, Novell NDS, Exchange Server, or all of these, bv-Admin gives you single-console administration of all users and resources. It even has components to migrate your servers, users, and resources to Windows 2000 from either the Windows NT or NetWare platforms. And the bv-Admin components work in combination with BindView's configuration, security, and performance monitoring product lines to give you total control over your mixed-platform IT environment." --BindView Corporation
For more information, see the BindView site.
Additional Resources for Active Directory
Overviews
The following overviews can be found on the Windows 2000 Server site:
Technical Resources
The following resources can be found on the Windows 2000 Server site:
Gartner Group Case Studies
The following case studies can be found on the Windows 2000 Server site:
For More Information
To learn more about deploying Exchange 2000 Server, see: