General Product Information
Product Feature Set
Q. What products are included with Windows Essential Business Server 2008?
A. Windows Essential Business Server 2008 includes the following component technologies:
Standard
- Windows Server® 2008 Standard technologies
- Microsoft System Center Essentials 2007
- Windows® SharePoint® Services 3.01
- Microsoft Exchange Server® 2007 Standard
- Microsoft Forefront™ Security for Exchange Server2
- Forefront Threat Management Gateway, Medium Business Edition3
Premium
- Windows Server 2008 Standard
- Microsoft SQL Server 2008 Standard
1 While Windows® SharePoint® Services 3.0 is not shipped with Essential Business Server 2008, a step as part of the setup process is provided to download Windows SharePoint Services 3.0 at no additional cost.
2 One year Microsoft Forefront Security for Exchange Server subscription included in the product.
3 One year Web Antimalware Subscription for Forefront Threat Management Gateway, Medium Business Edition included in product.
Q. What other features are in Windows Essential Business Server 2008?
A. Windows Essential Business Server 2008 provides customers and partners with a complete infrastructure and business solution for midsize businesses. Over and above the product technologies included in EBS 2008, there are also several other unique features:
- Remote access to company e-mail, documents, and desktops
- Centralized command and control over users, devices, and applications on your network
- Easy-to-use, task-based management console
- Line-of-business operating system for your mission-critical applications
- Extensible administration console for managing system and business applications
Q. Are there any design constraints in Windows Essential Business Server 2008?
A. The design constraints are:
- No more than 300 users or devices
- EBS Messaging and Management servers must be installed in the root domain of the forest
- The PDC emulator and Domain Naming Master roles must reside on the EBS Management server
- You cannot create any inter-forest trusts
- You cannot create any child domains
- Terminal Services Application Mode is disabled on the Management, Messaging, and Security servers
- The Messaging, Security, and Premium Edition servers must be members of the Windows EBS 2008 domain.
Q. Do you have a hardware compatibility list for Windows Essential Business Server 2008?
A. Do you have a hardware compatibility list for Windows Essential Business Server 2008?
You can use the list for Windows Server 2008, found at Windows Catalog.
Technical Information
Product Feature Set
Q. Do I have to run the Planning and Preparation tools for a new (green field) install?
A. Yes. EBS 2008 setup requires information generated by the Planning and Preparation tools in order to set up a new installation.
Q. Can I automate the EBS 2008 installation process?
A. No. Each customer environment has a unique mix of workloads, applications, and data and it is not possible to automate settings during the installation process.
Q. Can I use the EBS media to install a base copy of the OS and then manually install the component applications?
A. No. The only supported installation method is to use the EBS 2008 installation process.
Q. Where are the additional installation components on the DVD?
A. Individual component installers are located in C:\Program Files\Windows Essential Business Server\Bin.
Q. Can I have multiple instances of EBS 2008 in a single domain?
A. No. Each Management server must be the root domain controller in the forest, which means you cannot have multiple instances in the same domain. You also cannot create trusts between domains running Essential Business Server 2008.
Q. Can I have the three servers located in three branch offices?
A. Microsoft recommends that you keep all three servers at the same physical location to ensure stable and rapid communication between the three servers.
Q. Are branch offices supported?
A. Branch offices are supported if they are members of the same domain. If you are migrating to EBS 2008 and have child domains for your branch offices, EBS supports those domains.
Q. Can I create child domains?
A. You cannot create child domains using the Management or Messaging servers. However you can create child domains from other domain controllers in the forest.
Q. What does the move Active Directory roles task do during EBS setup?
A.The distribution of FSMO roles during different install phases of Windows™ Essential Business Server could vary depending on whether it is a Migration or a Green Field Install. The differences are not huge, but they are important. The positioning of the FSMO Roles during the install stages can be summarized as follows:
Migration:
a) FSMO Roles stay with the Source Server while the Management Server and Security Servers are installed.
b) As a part of Messaging Server installation, all five FSMO roles are transferred from the Source Server to Messaging Server. This is the first time FSMO roles are moved from one server to another.
c) Once Messaging Server installation completes, PDC Emulator and Domain Naming Master FSMO roles are "Rehomed" to the Management Server when you run the "Move Active Directory Roles" task from the Guided Configuration and Migration Tasks window. Remaining three roles, RID Master, Infrastructure Master and Schema Master stay with the Messaging Server.
Clean Install:
a) Management server being the first DC holds all five FSMO roles. No FSMO role is transferred while installing the Security Server.
b) While installing Messaging Server, all FSMO roles are transferred from the Management Server to the Messaging Server.
c) Post installation, we run the "Move Active Directory Roles" task to transfer the PDC Emulator and Domain Naming Master roles to the Management Server. The Messaging Server holds the other three FSMO Roles which are, RID Master, Infrastructure Master and Schema Master.
EBS licensing requires that the PDC Emulator and Domain Naming Master roles be with the Management Server. If any of these roles are moved from the Management Server to another server, EBS Licensing will fall out of compliance and several error messages are logged to convey this.
Q. How long should migration take?
A. Once all three servers are joined to the domain, you have as much time as you want to migrate any workloads to the servers. We do recommend you complete this migration as soon as possible to reduce you network complexity. If you are migrating from Windows Small Business Server domains, you have thirty (30) days to migrate workloads and data before the server running Windows Small Business Server must be demoted and then removed from the domain.
Q. Is it recommended to have the operating system and application data on separate hard disk drives?
A. Yes. While you can store them on the same partition or the same hard disk drive, it’s a best practice to store them on separate physical disks.
Q. What are the ports I may need to open on my firewall?
A. You may need to open the following ports, depending on the services you need on your network:
- Port 25 TCP – SMTP (Outgoing Exchange e-mail)
- Port 80 TCP – HTTP
- Port 443 TCP – HTTPS (RWW, OWA, remote desktop or Terminal Server sessions)
- Port 987 TCP – External secure Windows SharePoint Services intranet access
- Port 1723 TCP – PPTP (VPN)
These ports are opened by default on Forefront TMG which can replace your existing firewall.
Q. Can I disable Forefront for Exchange Server or Forefront Threat Management Gateway and use other security solutions?
A. These configurations have not been tested and are not supported. If you have other security technologies, you should install them serially with EBS 2008.
Q. On the Premium server, can I change the operating system from 32-bit to 64-bit or vice versa?
A. The software architecture limitations prevent you from changing between 32-bit and 64-bit. You must select one or the other at installation time. If you decide that you need to use the other architecture, you must either reinstall your operating system and applications on the same server or migrate the applications and data to another server.
Q. Can I configure the Premium server as a read-only domain controller?
A. Yes. You can join the fourth server to the domain and then configure it as a read-only domain controller. You can always join additional servers or domain controllers to the Essential Business Server network. The only limitation is that the Management server must be the root domain controller of the forest.
Q. Can I install SQL Server on any of the base servers?
A. No. You must install SQL Server on a separate server such as the Premium server.
Q. Can I run Terminal Services on any of the base servers?
A. Terminal Services in Administration mode is enabled on all three base servers. Terminal Services in Application Sharing mode is also available on all three base servers. However, it is recommended that you use the fourth server in Premium or another server in your environment as an application server and not the three base servers.
Licensing
Q. I bought CALs and installed them, but 30 days after installing, none of my users can log on to the domain. They were able to log on yesterday. Do I have to activate my CALs?
A. CALs must be manually assigned to users in the Administration Console. Once you have assigned them an EBS 2008 CAL, the users should log off and then log on again.
Q. What CALs are included with Windows Essentials Business Server 2008?
A. The CALs included with EBS depend on how it is purchased. Copies of EBS 2008 purchased through Open Value come with one CAL, copies purchased through Open License do not include any CALs, and copies purchased from OEMs may have CALs included with the purchase. Customers with Microsoft licensing agreements may receive licensed CALs depending on the agreement with Microsoft. All editions have five temporary Standard CALs available in the console that can be assigned to users. This is for situations when you have purchased licenses for users but have not received the license key. The chart below illustrates which CALs are available:
|
CALs included with EBS, by Product License Type
|
|
Purchase Method
|
Licensed CALs "in the box"
|
Temporary Standard CALs
|
|
Open Value
|
1 |
5 |
|
Open License
|
None |
|
OEM
|
Depends on OEM vendor |
|
Fully Packaged Product
|
EBS 2008 is only sold through OL, OV, and OEM channels |
</div>
<div>
<h2>Q. Does EBS come with any free CALs? What is a "temporary CAL"?</h2>
<p>
<strong>A.</strong> EBS does not include any "free" CALs. Five temporary CALs are included, but these are meant only for assignment on a temporary basis when you have purchased licenses for users but have not received the license key.</p>
</div>
<p> </p>
<h3>Management, Monitoring, and Health Status</h3>
<div>
<h2>Q. How many servers can I manage in my domain?</h2>
<p>
<strong>A.</strong> System Center Essentials (SCE) provides enough licenses to manage up to fifteen (15) servers on your network. SCE has a fixed management limit of thirty (30) servers. There is no limit to the number of unmanaged servers on your network</p>
</div>
<div>
<h2>Q. How do I properly license additional servers?</h2>
<p>
<strong>A.</strong> Contact your reseller and purchase additional management licenses for each managed server.</p>
</div>
<div>
<h2>Q. Can I uninstall SCE?</h2>
<p>
<strong>A.</strong> SCE is integrated into EBS 2008 and cannot be uninstalled.</p>
</div>
<div>
<h2>Q. Can I use other management packs with SCE?</h2>
<p>
<strong>A.</strong> In general, if the management pack is listed on the <a runat="server" href="https://www.microsoft.com/technet/prodtechnol/scp/essntls07.aspx?scpprodid=4">System Center Essentials 2007 catalog</a>, it can be used with EBS 2008. Note: Each management pack may have its own system requirements and support policies. Check with the management pack vendor to verify if it is supported on EBS 2008.</p>
</div>
<div>
<h2>Q. Is there a way to manage SCE at multiple locations?</h2>
<p>
<strong>A.</strong> You can install a third-party remote management solution to manage all locations that are running System Center Essentials.</p>
</div>
<div>
<h2>Q. If I want to use a third-party remote monitoring and management tool, can I disable SCE?</h2>
<p>
<strong>A.</strong> No. System Center Essentials is integrated into EBS 2008 and cannot be disabled.</p>
</div>
<div>
<h2>Q. Can I configure a pager, SMS, or other device to receive alerts from SCE?</h2>
<p>
<strong>A.</strong> Yes. You can configure alerts that send pages, text messages, or e-mails to any device or address.</p>
</div>
<div>
<h2>Q. Can I uninstall WSUS?</h2>
<p>
<strong>A.</strong> WSUS is integrated into System Center Essentials and cannot be uninstalled.</p>
</div>
<p>
<div>
<h2>Q. What CALs are included with Windows Essentials Business Server 2008?</h2>
</div>
</p>
<p> </p>
<h3>Networking, Security, Forefront Security for Exchange, and Forefront Threat Management Gateway</h3>
<div>
<h2>Q. Do I need an external firewall with Windows Essential Business Server 2008?</h2>
<p>
<strong>A.</strong> No. You can use the Security server as your company firewall device. If you have an existing firewall device, you can continue to use it as part of an advanced configuration with Windows Essential Business Server 2008. In some virtualized configurations, an external firewall may be required.</p>
</div>
<div>
<h2>Q. What are the ports I may need to open on my firewall?</h2>
<p>
<strong>A.</strong> You may need to open the following ports, depending on the services you need on your network:</p>
<ul>
<li>Port 25 TCP – SMTP (Outgoing Exchange e-mail)</li>
<li>Port 80 TCP – HTTP</li>
<li>Port 443 TCP – HTTPS (RWW, OWA, remote desktop or Terminal Server sessions)</li>
<li>Port 987 TCP – External secure Windows SharePoint Services intranet access</li>
<li>Port 1723 TCP – PPTP (VPN)</li>
</ul>
<p>These ports are opened by default on Forefront TMG which can replace your existing firewall.</p>
</div>
<div>
<h2>Q. Should I open port 3389 for remote administration or remote desktop connections?</h2>
<p>
<strong>A.</strong> No. Windows Essential Business Server 2008 uses Terminal Services Gateway to redirect traffic from port 443 to a selected desktop or server for RDP connections.</p>
</div>
<div>
<h2>Q. Does Windows Essential Business Server 2008 support Network Access Protection (NAP) for wireless connections?</h2>
<p>
<strong>A.</strong> Windows Server 2008, the operating system in Windows Essential Business Server 2008, has built-in NAP support. If you want to deploy NAP on your network, follow the guidance provided on TechNet for Windows Server 2008. Windows Essential Business Server 2008 does not directly configure or manage NAP; you must use the consoles provided by Windows Server 2008.</p>
</div>
<div>
<h2>Q. Is the wireless protocol WPA2-Enterprise supported on Windows Essential Business Server 2008?</h2>
<p>
<strong>A.</strong> If your wireless hardware devices support WPA2-Enterprise then you can use it with Windows Server 2008-based technology, including Windows Essential Business Server 2008. If you want to use WPA2-Enterprise on your network, follow the guidance provided on TechNet for Windows Server 2008. Windows Essential Business Server 2008 does not directly configure or manage WPA2-Enterprise; you must use the consoles provided by Windows Server 2008.</p>
</div>
<div>
<h2>Q. Can I disable Forefront for Exchange Server and use other security solutions?</h2>
<p>
<strong>A.</strong> Yes. If you have other security technologies for Exchange Server, you can uninstall Forefront for Exchange Server and install the other security technologies.</p>
</div>
<div>
<h2>Q. Can I disable Forefront Threat Management Gateway (TMG) and use other security solutions?</h2>
<p>
<strong>A.</strong> No. TMG is an integral part of Essential Business Server 2008 and cannot be disabled. If you have other security solutions, you can run them serially with EBS 2008.</p>
</div>
<div>
<h2>Q. How do I sign up for a subscription to Forefront Security for Exchange Server?</h2>
<p>
<strong>A.</strong> Once you have installed Windows Essential Business Server 2008, you can subscribe to these services at any time. Open the respective management consoles for those products and click the Subscribe link.</p>
</div>
<div>
<h2>Q. I do not wish to renew my license to Forefront Threat Management Gateway (TMG). Will it continue to work, or do I have to uninstall it?</h2>
<p>
<strong>A.</strong> The firewall portion of TMG will continue to work; however malware updates will not be downloaded once your subscription expires. If you want to continue using TMG, you should disable malware checking on the gateway.</p>
</div>
<div>
<h2>Q. I do not wish to renew my license to Forefront Security for Exchange Server. Will it continue to work, or do I have to uninstall it?</h2>
<p>
<strong>A.</strong> Forefront Security will continue to work; however antivirus updates will not be downloaded once your subscription expires.</p>
</div>
<div>
<h2>Q. Can I use Forefront Client Security (FCS) with Essential Business Server 2008?</h2>
<p>
<strong>A.</strong> Forefront Client Security (FCS) server roles are not supported on EBS; however, the FCS client can be installed on an EBS server in order to protect it.</p>
</div>
<p> </p>
<h3>Virtualization</h3>
<div>
<h2>Q. Which virtualization scenarios are supported by Windows Essential Business Server 2008 Standard?</h2>
<p>
<strong>A.</strong> For EBS 2008 Standard: you can run one instance of each of the management server software, the security server software and the messaging server software on a physical or virtual machine on up to 3 servers at any one time.</p>
</div>
<div>
<h2>Q. What virtualization scenarios are supported by Windows Essential Business Server 2008 Premium?</h2>
<p>
<strong>A.</strong> For EBS 2008 Premium: you can run one instance of each of the management server software, the security server software, the messaging server software and ‘premium server’ software on a physical or virtual machine on up to 5 servers at any one time. For the premium server software:</p>
<ul>
<li>You can run an instance of Windows Server 2008 Standard on a physical or virtual machine, AND if you run on a virtual machine, you can run an additional instance of Windows Server 2008 on a physical machine in order run hardware virtualization software or provide hardware virtualization services or run software to manage and service operating system environments on the licensed server;</li>
<li>You can run any number of instances of SQL in one physical or virtual machine and it must be joined to the EBS domain.</li>
</ul>
</div>
<p> </p>
<h3>Backup and Server Storage</h3>
<div>
<h2>Q. Does Windows Essential Business Server 2008 support Distributed File System (DFS) for data replication?</h2>
<p>
<strong>A.</strong> DFS is built into Windows Server 2008 and is available in Windows Essential Business Server 2008. If you want to use DFS you must use the technology-specific tools in Windows Server 2008 as there are no tools for configuring or managing DFS in the Administration Console.</p>
</div>
<div>
<h2>Q. Are tape backup devices supported in Windows Essential Business Server 2008?</h2>
<p>
<strong>A.</strong> Windows Server 2008, the underlying technology for Windows Essential Business Server 2008, provides Windows Server Backup which does not support tape backup devices. If you require support for tape backup, contact your tape drive manufacturer for information about hardware and software compatibility with Windows Server 2008.</p>
</div>
<div>
<h2>Q. I used NTbackup and tape-based backup for my previous server; can I use Windows Essential Business Server 2008 to recover the data?</h2>
<p>
<strong>A.</strong> You can restore the data to Windows Essential Business Server 2008 using a free download of NTbackup from the <a runat="server" href="https://go.microsoft.com/fwlink/?linkid=82917">Microsoft Web site</a>. The tool is read-only; you cannot use it to write back to your tape device.</p>
</div>
<p> </p>
<h3>Microsoft Exchange Server, E-mail, and Messaging</h3>
<div>
<h2>Q. Do I have to purchase and install Outlook for users who want an e-mail client?</h2>
<p>
<strong>A.</strong> No. Customers are licensed to use Outlook Web Access which provides access to e-mail, calendar, contact and tasks via a secure browser session.</p>
</div>
<div>
<h2>Q. What are the limits for the Exchange store?</h2>
<p>
<strong>A.</strong> Essentially there are no limits to the Exchange Server 2007 Standard database size. By default, Exchange 2007 SP1 sets a limit of 250 GB but that limit can be changed if needed. Realistically, database performance is dependent on number of processors, amount of RAM, speed of your I/O backplane and storage array configuration, so proper mailbox management policies should be in place to prevent creating back-pressure situations that would affect the server’s performance.</p>
</div>
<div>
<h2>Q. Does Exchange Server 2007 Standard support continuous cluster replication (CCR)?</h2>
<p>
<strong>A.</strong> Windows Essential Business Server 2008 cannot participate in a cluster, and so Exchange Server cannot participate in CCR or single copy cluster (SCC) replication technologies. Exchange Server 2007 Standard supports both local continuous replication (LCR) and standby continuous replication (SCR). LCR and SCR are not enabled by default. You would need a second Exchange 2007 Server license for SCR.</p>
</div>
<p> </p>
<h3>Remote Access, Remote Web Workplace, SharePoint Services, VPN</h3>
<div>
<h2>Q. Is Windows SharePoint Services (WSS) 3.0 installed during setup?</h2>
<p>
<strong>A.</strong> Windows SharePoint Services 3.0 is available as a free download for Windows Server 2008. It must be downloaded and configured for use using EBS-specific guidance. Post installation you can install a management add-in for your SharePoint sites. See the Windows EBS 2008 help files for more information.</p>
</div>
<div>
<h2>Q. Are any SharePoint templates included in Windows Essential Business Server 2008?</h2>
<p>
<strong>A.</strong> The standard product templates included with WSS 3.0 are available for use with Windows EBS 2008. Other templates are available for download from the <a runat="server" href="https://www.microsoft.com/sharepoint/templates.mspx">Microsoft Web site</a>. </p>
</div>
<div>
<h2>Q. Can I migrate my Companyweb data from my server running Windows Small Business Server 2003?</h2>
<p>
<strong>A.</strong> Yes. The Windows Small Business Server Migration white paper provides information on how to migrate your SharePoint data from one server to another. For more information, see the <a runat="server" href="https://go.microsoft.com/fwlink/?linkid=16414">Microsoft Web site</a>.</p>
</div>
<div>
<h2>Q. What are the ports I may need to open on my firewall?</h2>
<p>
<strong>A.</strong> You may need to open the following ports, depending on the services you need on your network:</p>
<ul>
<li>Port 25 TCP – SMTP (Outgoing Exchange e-mail)</li>
<li>Port 80 TCP – HTTP</li>
<li>Port 443 TCP – HTTPS (RWW, OWA, remote desktop or Terminal Server sessions)</li>
<li>Port 987 TCP – External secure Windows SharePoint Services intranet access</li>
<li>Port 1723 TCP – PPTP (VPN)</li>
</ul>
<p>These ports are opened by default on Forefront TMG which can replace your existing firewall.</p>
</div>
<div>
<h2>Q. Should I open port 3389 for remote administration or remote desktop connections?</h2>
<p>
<strong>A.</strong> No. Windows Essential Business Server 2008 uses Terminal Services Gateway to redirect traffic from port 443 to a selected desktop or server for RDP connections.</p>
</div>
<div>
<h2>Q. Can I obtain remote access to files stored in a public share on a server without using a VPN connection?</h2>
<p>
<strong>A.</strong> You can configure and leverage the functionality provided by <a runat="server" href="https://technet.microsoft.com/library/aa998576(exchg.80).aspx">Exchange 2007 Outlook Web Access</a> to accomplish this.</p>
</div>
<p> </p>
<h3>SQL Server and Line-of-Business Applications</h3>
<div>
<h2>Q. Can I install SQL Server on any of the base servers (Management, Messaging, Security)?</h2>
<p>
<strong>A.</strong> No. You must install SQL Server on a separate server, such as the Premium server.</p>
</div>
<div>
<h2>Q. Are there size limits on the SQL Server 2008 database that ships with Windows Essential Business Server 2008?</h2>
<p>
<strong>A.</strong> There are no database size limitations on <a runat="server" href="https://www.microsoft.com/sqlserver/2008/en/us/standard.aspx">SQL Server 2008 Standard</a>.</p>
</div>
<p> </p>
<h3>Interoperability with other Microsoft Applications</h3>
<div>
<h2>Q. Can I run Windows Essential Business Server 2008 as a unified messaging (UM) server?</h2>
<p>
<strong>A.</strong> Not in its out-of-the-box configuration. You would need to purchase additional Exchange Server 2007 Enterprise CALs. Please see <a runat="server" href="https://www.microsoft.com/exchange/evaluation/editions.mspx">https://www.microsoft.com/exchange/evaluation/editions.mspx</a> for additional licensing details, <a runat="server" href="https://technet.microsoft.com/library/aa998891(exchg.80).aspx">https://technet.microsoft.com/library/aa998891(EXCHG.80).aspx</a> for planning guidance, and <a runat="server" href="https://technet.microsoft.com/library/bb738142.aspx">https://technet.microsoft.com/library/bb738142.aspx</a> for hardware sizing recommendations.</p>
</div>
<div>
<h2>Q. Do you support all other Microsoft applications on Windows Essential Business Server 2008?</h2>
<p>
<strong>A.</strong> Support is usually determined by the individual product teams as they are the experts on what their product requirements or technical limitations are. For example, some products cannot be installed on a domain controller. As Windows Essential Business Server 2008 is the root domain controller in the forest, this precludes installing that product on the server. However, by including a fourth copy of Windows Server 2008 in Windows Essential Business Server 2008 Premium, in general, if the product is supported on Windows Server 2008, it should be supported on the Premium server in Premium. Check with the specific product support page for definitive guidance.</p>
</div>
<p> </p>
<h3>Product Roadmap</h3>
<div>
<h2>Q. When I reach the 300-user limit, is there a Transition Pack available for Windows Essential Business Server 2008?</h2>
<p>
<strong>A.</strong> The supported transition path is to standard versions of Windows Server 2008 and Exchange Server 2007 using the Solutions Pathway program. See the <a runat="server" href="https://www.microsoft.com/wess/en/us/solutions-pathway-faq.aspx">Microsoft Web site</a> for details.</p>
</div>
</div>
</div>
</td>
<td valign="top" style="width:300px;">
<div class="RightAdRail">
<ContentInclude Identifier="dd799194" runat="server" />
</div>
</td>