Ant Drewery

You Had Me At EHLO has the solution to an issue we experienced when installing some of our Exchange 12 boxes. We got round it at the time by using the RC1 Refresh version of MMC 3.0 but we’ll use the registry key and RTM version in future.

You Had Me At EHLO… : Resolving MMC 3.0 errors when installing Exchange 12 CTP release

I’m still trying to get my head around Exchange 12 mail flow and message routing but I’m sure it’ll become clearer once we get the servers up in the other sites. I’m hampered a little by the fact that this beta doesn’t have a GUI for configuring the bridgehead servers so I can’t have a nose around the settings.

From my understanding so far Exchange 12 is an Active Directory site aware application so it is very important that your Subnets and IP Site Links are correctly defined in AD Sites and Services. After checking available hardware in the various regions I’ve settled on 4 AD sites in the sandpit environment. These are Crawley (UK), Tampa (US), Santos (Brazil) and Montreal (Canada). The sites will be fully meshed with IP Site Links. To begin with the links will have uniform costs but at a later stage I’ll be investigating whether adjusting the values has any impact on mail routing within our organisation.

For the Crawley site we’ll have 4 servers initially. There will be a domain controller containing the global catalog, a mailbox server, a server with the bridgehead and client access roles and a gateway server. According to the release notes the gateway server role hasn’t completed the security pass. Therefore we’ll keep it on the internal network and route email to/from it via a Mailsweeper server in our DMZ.

I’ve placed a diagram of the Crawley topology below. Click on it for a larger version.

I’ll provide more information once the other sites are running and we’ve had a chance to experiment with connectors and mail routing. There’s no point me regurgitating the help files at this stage when I don’t have a decent understanding.

Technorati Tags: Exchange 12

Having had some time to review the Exchange 12 help files and documentation I’ve revised my infrastructure design slightly. In this post I’ll address server naming conventions and follow it with a post on my revised topology.

We use strict server naming conventions in our production environment and I’ve carried these through to our AD/Exchange 12 sandpit with some slight modifications.

I’m prefixing all server names with LAB. If for some reason they are picked up by one of our systems (e.g. LanDesk) it groups them together and makes it immediately obvious that they’re not production machines.

Next comes a three letter location code: MTL - Montreal, CRW - Crawley, TPA - Tampa etc.

That’s followed by EX. This makes it clear that they are Exchange servers and makes them easily identifiable to those who don’t work in the Messaging team and understand the role codes that follow.

Now we add a code that identifies the server’s primary role:

MB - mailbox server
BH - bridgehead server
CA - client access server
GW - gateway server
UM - unified messaging server

We might also use PF if the box was a dedicated public folder server.

Lastly we add a numeric increment to prevent duplicate names. We wouldn’t bother with this where you can only have one server of a particular role in a site e.g. SRS in Exchange 2003.
So the final server name would look like LABCRWEXMB2 or LABSYDEXUM1. We’re also using a similar convention for non-Exchange servers in our environment e.g. LABCRWDC1.

Technorati Tags: Exchange 12

Here are some screenshots from the Exchange 12 installation process. Click on the images for a larger view.

Technorati Tags: Exchange 12

Ok, our first Exchange 12 server is up and running. As this is a test environment and we are using slightly dated hardware we installed the 32 bit version. There is an excellent post at You Had Me At EHLO that talks about choosing Exchange 2003 hardware that can be reutilised for Exchange 12.

We installed on to a Windows 2003 R2 member server. This was part of a domain where we had raised the domain and forest functional levels to Windows Server 2003 Native. This is achieved via Active Directory Domains and Trusts. One of the pre-requisites in the Exchange 12 Release Notes is to have a domain functional level of Windows 2000 Native or greater. The default is Windows 2000 Mixed.

Other pre-requisites included Microsoft .Net Framework 2.0 (found under Optional in Windows Update) and Microsoft Management Console 3.0 (found here). We also assumed the Exchange 2003 pre-requisites of ASP.NET, IIS, SMTP and NNTP but our first attempt at installation failed because NNTP must not be installed.

After running setup and accepting the licence agreement we were presented with a choice of server roles. These were:

Bridgehead
Allows the routing between Active Directory Sites (it appears routing groups and admin groups have been dropped).

Mailbox Server
Provides the backend functionality including mailbox and public folder stores.

Gateway Server
Runs in your DMZ to provide ‘messaging hygiene’. I figure that’s virus scanning and spam filtering.

Client Access Server
Provides client connectivity for methods other than Microsoft Outlook e.g. OWA, ActiveSync.

Unified Messaging Server
Integration with the corporate phone system.

For this server we chose Mailbox Server as we have a second server to be built which will take the Bridgehead and Client Access roles.

I noticed that there were no /domainprep or /forestprep commands to be run. This appears to be covered in an installation step called Organisation Preparation.

So after 3 unattended steps (Copy Files, Organisation preparation and Server Roles) the installation was complete…

Note: I’ll update this post with some screen shots from our second installation.

Technorati Tags: Exchange 12

We’re just beginning a pilot/test implementation of Exchange 12 beta running on a global Windows 2003 R2 Active Directory. This is a sandpit environment separate from our production AD.

The initial infrastructure will have routing groups in the UK, US, Canada, Australia, Brazil and possibly New Zealand. Each site will start with a domain controller, front-end server and back-end server but this will expand as we manage to source additional hardware or make use of virtual servers. I hope to be able to add clusters and possibly storage area networks to the environment.

I’m installing the first Exchange server today so expect posts on Exchange 12, Active Directory and Monad over the next few weeks.

Technorati Tags: Exchange 12, Monad

I’ve been loading up my iPod with video in preparation for a trip to the USA. Consequently I ran out of disk space on my laptop. As a temporary measure I wanted to move my entire iTunes music/video library to an external drive. Here’s the process that I followed:

• Under the iTunes preferences Advanced tab I changed the iTunes music folder location.
• I made sure that ‘Keep iTunes music folder organised’ was selected.
• Then back in iTunes under Advanced I chose Consolidate Library. This then copied my entire library to the new location and updated iTunes accordingly.

This process doesn’t remove the files from the old location so you’ll have to do that manually.

Technorati Tags: iTunes, iPod

There are situations where you may want to manually test SMTP connectivity. Some of the common ones for me are:

• When messages are queuing for delivery to or being rejected from a particular domain.
• When I have an application that uses SMTP for notifications but none are being sent.
• Running a basic open relay test.

In the case of queued/rejected messages I’ll first check the MX records for the problem domain via www.dnsstuff.com. For small companies you often see the primary MX record pointing to their server and a secondary record pointing to their ISP. It’s been my experience that the ISP’s mail server is often not configured to store and forward for the domain and instead rejects the message as a relay attempt. This becomes an issue when the primary MX record is unavailable (perhaps the company’s server or Internet connection is down).

So here’s my troubleshooting process in detail:

• Check the MX records for the problem domain via www.dnsstuff.com.
• From the mail server that connects to the destination server (in our case a MailSweeper box) open a command prompt.
• Type telnet mailhost 25 (Mailhost is the host name found in the MX record e.g. myserver.mydomain.com)
• If the mailhost is available you should get a response similar to “220 mydomain.com” followed by some text that identifies the email server software. It is also possible that you get a simpler response designed not to give away any information to potential hackers. If you telnet to my company’s external mail servers you’ll simply get “220 SMTP Relay”.
• If the connection fails you may want to take some additional troubleshooting steps like verifying that the mailhost resolves to an IP address. If you still cannot connect then try the next MX record in order of priority as this is what your mail server would do.
• Once you get a response you need to say hello by typing helo.
• The receiving server should respond with “250 mydomain.com yourIPaddress” or something similar.
• Now you have to simulate sending a message from your domain. To do this first type mail from:youremailaddress e.g. mail from:ant@mycompany.com.
• You should see a response similar to “250 Sender OK”. If you get a rejection it will hopefully give you some additional information to identify why.
• Now enter the destination email address by typing rcpt to:destinationemailaddress.
• You should get a response like “250 desinationemailaddress” although this is often the point where you’ll get an “unable to relay” message if there’s a configuration issue or if you are genuinely trying to relay a message through a closed server.
• Next we need to enter the subject and body text so type the command data which should respond with something like “354 Start mail input; end with .”
• To add a subject you need to type Subject:my_subject_text followed by a carriage return.
• You can then type the body text. When you are finished start a new line type a full stop then hit return.
• You’ll see something like “250 message queued for delivery”.

Following this process through allows me to see at which point it fails and hopefully to obtain a clue as to why.

If I’m troubleshooting an application that should be sending SMTP notifications I would run the commands on the same box as the application and telnet to the SMTP server used in the application settings.

If I’m testing one of my boxes to ensure it’s not an open relay I would telnet to it but use an external email address for both the From address and the To address. I would expect to see a rejection after the RCPT TO: command.

Technorati Tags: Exchange, SMTP, telnet

I have an MSI RX480M2-IL motherboard in my home PC which supports serial ATA RAID. I had a single 160GB SATA drive with the SATA controller running in IDE mode and would backup my important files to an external drive whenever I remembered.

With the growing number of photos, videos and important documents on my PC, and plunging hardware prices I thought it was time I made use of a mirrored RAID set. I purchased a pair of 250GB SATA drives and got cracking.

The motherboard came with an SATA RAID driver but there was a catch - it was on floppy disk and needed to be installed during the XP installation process. I don’t have a floppy drive and I certainly didn’t want to re-install my PC so I thought through a different approach. I’d heard that XP SP2 recognises most SATA controllers so this is what I did:

First I used Ghost to image my 160GB disk to one of the 250GB disks. This way if I completely messed things up I could just plug the 160GB disk back in.

Next I changed the SATA controller settings in the BIOS to RAID and booted with both 250GB disks connected.

I was given an option during the POST to configure RAID so I created a mirror pair with my two disks. It let me choose the primary (the one I had imaged my XP installation to) and a secondary. I was given the option of doing the rebuild online or offline so I chose online.

Windows took about 10 minutes to boot but once it was up performance seemed ok. However, I noticed that both disks were showing Disk Manager and Explorer so I decided to reboot and do the rebuild offline.

With the rebuild complete Windows still took 10 minutes to startup. Both drives were still visible and contained similar data. However, I added a file to the primary and it wasn’t created on the secondary. I decided I needed the MSI SATA driver.

After downloading the driver from the MSI site I needed to find somewhere to install it. I couldn’t see any hard drive controllers in Device Manager so I chose the option to show hidden devices. Sure enough there was now a section for drive controllers and under it two entries for IDE/SATA Controllers. I updated these with the MSI driver and rebooted. The reboot only took a minute and once loaded Windows XP only saw the mirrored set as a single drive.

I need to give the PC a thorough test but the boot time is quick and performance seems good. Although I’ll still periodically backup to DVD or external drive I don’t have to worry about a single drive failure taking my data with it.

Technorati Tags: SATA, RAID, Windows, XP