Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
.gif "Cc526566.chm_head_left(en-us,TechNet.10).gif") |
|
.gif "Cc526566.chm_head_right(en-us,TechNet.10).gif") |
Prepare Active Directory for Exchange Server 2007
In these procedures, you further prepare your Microsoft Windows Server 2003 Active Directory installation to support Microsoft Exchange Server 2007.
Tasks
- Extend the Maximum Number of Global Address Lists
- Install Windows PowerShell on AD01
- Run Exchange Server 2007 PrepareSchema
- Run Exchange Server 2007 PrepareAD
Prerequisites
The following software is required to complete this section:
Exchange Server 2007 Media
Microsoft PowerShell 1.0.
PowerShell is available as a download from How to Download Windows PowerShell 1.0
Extend the Maximum Number of Global Address Lists
The default configuration of the global address list (GAL) class object allows only 1000 address lists. In this section, you use the MakeGalLinked tool to extend this limit.
Important
You must complete this procedure before you install the Exchange Server 2007 Schema extensions. If you do not, you may have to rebuild your Hosted Exchange environment again from clean servers.
Procedure DWHE.1: To extend the maximum number of Global Address Lists
Log on to the Schema Master Flexible Single Master Operations (FSMO) server (AD01) and copy the makeGalLinked.exe file from the \Hosted Exchange\makeGalLinked directory from Microsoft Hosting Solutions for Service Providers to a local directory. Execute the following command from the directory to which you copied makeGalLinked.exe:
<pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml"> makeGalLinked.exe /dc:<domain_controller_name> /domain:<domain_name> /admin:administrator /adminpwd:PROMPT /operation:makeGalLinked </pre>Look for the following in the output that indicates the operation was successful:
<pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml"> "globalAddressList" schema object is a linked attribute with linkId: 4048 </pre>An entire result set looks like the following:
`
/Dc = /Domain = /Admin = /AdminPwd = /Operation = makeGalLinked "globalAddressList" schema object is not a linked attribute modifyLdapObject(): ldap_modify_s() succeed for modifying CN=Global-Address-List,CN=Schema,CN=Configuration,DC= ,DC=
"globalAddressList" schema object is a linked attribute with linkId: 4048 [ TESTID ] : makegallinked
Console-only log started at 15:48:18 12/05/2003, finished at 15:48:18 12/05/2003. Time elapsed in Console-only log: 691 Milliseconds.
There were 2 implicit blocks. 2 (100%) blocks attempted, 2 successful (100% of attempted, 100% of total).
LOG_PASS 100% (2/2) [Attempted] [Successful] [0 resultant 2 invoked] `
Install Windows PowerShell on AD01
Note
Before you extend your Active Directory directory service schema to support Exchange Server 2007, you need to install Microsoft Windows PowerShell 1.0 on AD01. The Exchange Server 2007 PrepareSchema command will not run without it.
To install Windows PowerShell, follow the procedures at How to Download Windows PowerShell 1.0.
Run Exchange Server 2007 PrepareSchema
Exchange Server 2007 PrepareSchema connects to the schema master and imports lightweight directory access protocol (LDAP) Data Interchange Format (LDIF) files to extends the Active Directory schema to include Exchange-specific classes and attributes. PrepareSchema also creates the container object for the Exchange organization in Active Directory.
Note
You must run this command on a computer that is in the same domain and the same Active Directory site as the Schema Master.
Procedure DWHE.2: To run Exchange Server 2007 PrepareSchema
Log on to AD01 using an account that has both Enterprise and Schema Administrator privileges.
Open a command prompt. Change directory to the location of your Exchange Server 2007 installation media by typing:
<pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Setup /PrepareSchema </pre>Important
After you run this command, you should wait for the changes to replicate across your Exchange organization before continuing to the next step. The amount of time this takes is dependent upon your Active Directory site topology.
Run Exchange Server 2007 PrepareAD
After you run PrepareSchema and allow time for replication, you must run Exchange Server 2007 PrepareAD. PrepareAD creates the groups and permissions necessary for Exchange servers to read and modify user attributes. The Exchange Server 2007 version of DomainPrep performs the following actions in the domain:
- Creating the Exchange organization in the Active Directory.
- Creating the Microsoft Exchange System Objects container for the domain
- Creating the following Universal Security Groups (USGs) for Exchange:
- Exchange Organization Administrators
- Exchange Recipient Administrators
- Exchange View-Only Administrators
- Exchange2003Interop
- Setting permissions on the global Exchange configuration container, the Microsoft Exchange System Objects container, and the USGs
- Initializing domain permissions by setting permissions for users, contacts, and groups to enable Exchange servers and Exchange administrators to access and manage needed attributes
Procedure DWHE.3: To run PrepareAD
- Log on to AD01 using an account that has Enterprise Administrator privileges.
- Open a command prompt. Change directory to the location of your Exchange Server 2007 installation media, and then type:
<pre IsFakePre="true" xmlns="https://www.w3.org/1999/xhtml">Setup /PrepareAD /OrganizationName:Fabrikam</pre>
Procedure DWHE.4: To verify that Active Directory has been prepared for Exchange Server 2007
- To verify that this step completed successfully, make sure that there is a new organizational unit (OU) in the root domain called Microsoft Exchange Security Groups. This OU should contain the following new Exchange USGs:
- Exchange Organization Administrators
- Exchange Recipient Administrators
- Exchange View-Only Administrators
- Exchange Servers
- ExchangeLegacyInterop