Export (0) Print
Expand All

Security credentials required for installing on Exchange Server 2010

 

Applies to: Forefront Protection for Exchange

Topic Last Modified: 2010-05-10

Microsoft Exchange Server 2010 contains a feature named Role Based Access Control System (RBAC) that gives Exchange Administrators greater control over access rights for individual users. As a result of this feature, all commands in the Exchange module for Windows PowerShell must be authorized by the Exchange services. This means that Microsoft Forefront Protection 2010 for Exchange Server (FPE) must be granted access rights within Exchange’s Hygiene Management role group. To accomplish this, you must run the FPE installation program with Exchange Organization Management rights.

In organizations with large Active Directory deployments, you can run the FseMachinePrep.exe utility in order to allow machine account replication prior to installing FPE. This avoids delays in the ability of FPE to perform some Exchange management tasks until full Active Directory replication is completed.

To run FseMachinePrep.exe before installing
  1. On the Exchange Server where you will be installing FPE, extract components from the forefrontexchangesetup.exe package by running the following command:

    forefrontexchangesetup.exe /x: extractpath

    noteNote:
    If you are typing an extract path that contains spaces, you must enclose quotation marks around the path. For example:
    forefrontexchangesetup.exe /x:"c:\Forefront\Install Files"
  2. Grant access to the Exchange server resources in Active Directory Domain Services by running the following command from the extract path:

    FseMachinePrep.exe

    This command must be run on each machine in your Exchange organization.

  3. Install FPE by starting the Setup Wizard. For more information, see Installing on a standalone server by using the Setup Wizard. You may also run an unattended installation. For more information, see Installing from a command prompt - specifying parameters.

    noteNote:
    It is also possible for a Local Administrator to run Setup.exe /N and bypass FseMachinePrep.exe. In this case, after installing FPE, it is up to the administrator to run FseMachinePrep.exe from the extract path, and then run fseimc /smptinit (from the location where FPE was installed) in order for FPE to be operational.
 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft