Microsoft EXCHANGE TITANIUM SETUP GUIDE

Microsoft Exchange Titanium Getting Started Guide

Exchange Documentation Team

Microsoft Exchange Titanium Getting Started Guide

Exchange Documentation Team

This is a preliminary document and may be changed substantially prior to final commercial release. This document is provided for informational purposes only and Microsoft makes no warranties, either express or implied, in this document. Information in this document, including URL and other Internet Web site references, is subject to change without notice. The entire risk of the use or the results of the use of this document remains with the user. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.

Microsoft, Active Directory, ActiveSync, FrontPage, MSN, Outlook, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Published: December 2002 Applies To: Exchange Titanium Beta

Contributors: Patricia Anderson, Teresa Appelgate, Susan Hill, Jon Hoerlein, Aaron Knopf, Jyoti Kulkarni, Michele Martin, Joey Masterson, Thom Randolph, John Speare, Randy Treit Editors: Cathy Anderson, Lindsay Pyfer Technical Reviewers: Exchange Product Team Artist: Kristie Smith Production: Stephanie Schroeder, Sean Pohtilla

Introduction

Introduction .............................................................................. 1

Chapter 1 3

Overview of Exchange Titanium Beta............................................ 3

Supported Use of the Beta........................................................................................ 3

Test Environments for Exchange Titanium............................................................... 4

Operating Systems.............................................................................................. 4

Coexistence and Upgrade from Previous Versions...........................................4

What Has Been Removed.......................................................................................... 5

Real-time Collaboration Features...................................................................... 5

M: Drive ............................................................................................................... 5

Key Management Service ..................................................................................6

Chapter 2

Clients ...................................................................................... 7

Outlook Improvements .............................................................................................. 7

Outlook Cached Mode Protocol and Synchronization Improvements ............. 7

Cached Mode Configuration............................................................................... 8

Kerberos Authentication .................................................................................... 9

Outlook Performance Monitoring....................................................................... 9

RPC over HTTP .................................................................................................. 10

RPC over HTTP Deployment Options ........................................................ 10

System requirements for using RPC over HTTP.......................................12

Deploying RPC over HTTP.......................................................................... 12

Outlook Web Access ................................................................................................ 20

Two Outlook Web Access Versions ..................................................................20

Use of Browser Language .........................................................................25

Logon/Logoff Improvements............................................................................27

Cookie Authentication Timeout.................................................................28

Clearing the Credentials Cache at Logoff.................................................29

Choice of Outlook Web Access Version....................................................29

Browser Support........................................................................................29

New User Interface ...........................................................................................30

Preview Pane .............................................................................................31

ii Microsoft Exchange Titanium Getting Started Guide

New Two Line View....................................................................................31

Message Flagging......................................................................................33

Context Menus........................................................................................... 34

Set the number of messages displayed per page...................................35

Deferred Refresh of Views ........................................................................36

Access Search Folders (Saved Searches)................................................36

Notifications...............................................................................................37

Public Folders ............................................................................................37

Logoff .........................................................................................................37

Keyboard Shortcuts...................................................................................37

Right-to-Left Layout...........................................................................................38

Support for Rules..............................................................................................38

Spell Checking ..................................................................................................40

Tasks .................................................................................................................42

Task Requests Not Supported..................................................................43

Delete and Skip Occurrence ..................................................................... 44

Message Signatures.........................................................................................44

View User Properties.........................................................................................45

Easier Removal of Recipients .......................................................................... 46

Add Sender or Recipients to Contacts.............................................................46

Choose a Default Font...................................................................................... 47

Reply Header and Body Not Indented .............................................................47

Junk Mail Beacon Blocking .............................................................................. 47

Attachment Blocking ........................................................................................48

Sensitivity and Reply/Forward Infobar ............................................................ 49

Item Window Size .............................................................................................49

Meeting Requests............................................................................................. 50

Set Reminders ........................................................................................... 50

Forward Meeting Requests.......................................................................50

Compose New Message to Recipient From Address Book ............................ 50

Improved Performance..................................................................................... 51

S/MIME Support ...............................................................................................51

Outlook Web Access S/MIME Architecture..............................................51

Signing and Encrypting Mail......................................................................52

Certificate Validation with Outlook Web Access ...................................... 54

Certificate Enrollment................................................................................56

Configuring Outlook Web Access S/MIME ............................................... 56

Wireless Access to Exchange..................................................................................63

Wireless Synchronization Access.....................................................................63

Configuring Exchange Titanium for Wireless Synchronization Access ... 64

Delivery to User-Specified SMTP Addresses ............................................65

Configuring Devices for Wireless Synchronization Access...................... 66

Wireless Browse Access...................................................................................66

Browsing Exchange with a Supported Wireless Device...........................67

Table of Contents iii

Unsupported Devices ................................................................................ 67

Configuring Exchange Titanium Beta to use Outlook Mobile Access .....68

Chapter 3

Administration Features............................................................71

New Mail-Enabled Objects in Recipient Management...........................................73

InetOrgPerson ...................................................................................................73

Creating an InetOrgPerson........................................................................ 74

Added Query-based Distribution Groups ................................................................74

What is a Query-based Distribution Group?....................................................74

How Does a Query-based Distribution Group Work?......................................75

Creating a Query-Based Distribution Group ....................................................76

Modifying Exchange SP3 Servers for Use with Windows 2000 Global Catalog

Servers .......................................................................................................76

Creating Query-based Distribution Groups...............................................76

Combining Multiple Query-based Distribution Groups ...................................78

Guidelines for Creating Query-based Distribution Groups .............................78

Deployment Recommendations for Query-based Distribution Groups..........80

Enhanced Exchange Features on User Properties.................................................81

Move Mailboxes in Exchange System Manager..................................................... 82

Enhancements to Queue Viewer.............................................................................84

Disable Outbound Mail.....................................................................................84

Queue Viewer Refresh Rate Settings...............................................................85

Find Messages..................................................................................................86

View Additional Information about a Queue....................................................87

Hidden Queues Exposed in UI.......................................................................... 88

Improved Public Folder Referral .............................................................................89

Improved Public Folder Interfaces..........................................................................90

Manually Starting Replication .................................................................................92

Microsoft Exchange Public Folder Migration Tool..................................................93

Mailbox Recovery Center......................................................................................... 94

Message Tracking Improvements........................................................................... 96

Enhanced Control of Message Tracking Logs in Exchange System Manager96

Enhanced Message Tracking Capabilities.......................................................98

Exchdump.................................................................................................................98

Chapter 4

Performance and Scalability Features......................................101

Improved Distribution List Member Caching........................................................101

Suppressing the Sending of Out of Office Messages to Individuals Within Distribution

Lists ........................................................................................................................102

Enhanced DNS based Internet mail delivery........................................................102

Improved Outlook synchronization performance.................................................102

iv Microsoft Exchange Titanium Getting Started Guide

Improved Outlook Web Access Performance.......................................................103

Outlook Web Access Logon Options Can Improve Performance.........................103

Monitoring Outlook Client Performance ...............................................................105

Link State Improvements ......................................................................................107

Chapter 5

Reliability Features ................................................................ 109

Active/Passive Clustering Recommended ...........................................................109

Improved cluster failover time ..............................................................................110

Clustering Permission Model ................................................................................111

Exchange 2000 Model ...................................................................................111

Titanium Model...............................................................................................112

Kerberos Enabled by Default on Exchange Virtual Servers.................................113

Upgrading an Exchange 2000 Cluster and Exchange Virtual Server to Titanium113

Added Mailbox Recovery Center ...........................................................................114

Recovery Storage Group........................................................................................114

Improved Error Reporting......................................................................................114

Enabling Exchange to Automatically Send Error Service-Related Reports to Microsoft

................................................................................................................................117

Improved Virtual Memory Usage...........................................................................119

Chapter 6

Transport and Message Flow................................................... 123

Link State Improvements ......................................................................................124

Exchange will not change link state if no alternate path exists...................125

Link state improvements for Oscillating Connections..................................125

Configuring Cross-Forest SMTP Authentication ...................................................125

Step 1: Create a User Account in the Destination Forest with Send As Rights

..................................................................................................................127

Step 2: Create the Connector in the Connecting Forest .......................128

Internet Mail Wizard ..............................................................................................131

Configure an Exchange Server to Send Internet Mail...................................132

Configure an Exchange Server to Receive Internet Mail..............................141

Configure an Exchange to Send and Receive Internet Mail.........................149

Configure a Dual-Homed Exchange Server for Internet Mail .......................160

ArchiveSink Supports BCCs...................................................................................172

How ArchiveSink Works..................................................................................173

OnMessageSubmission Event ................................................................173

OnPostCategorize Event..........................................................................173

Turning On Archiving For Bcc Recipients.......................................................174

Step 1: Enable Archiving on an SMTP Virtual Server.............................174

Step 2: Set the SMTP Virtual Server Registry Key .................................175

DSN Diagnostic Logging and DSN Codes.............................................................175

Table of Contents v

Configure DSN Diagnostic Logging................................................................175

DSN Codes Available in Exchange Titanium .................................................176

Support for Moving X.400 (MTA) and SMTP Queue Directory Locations............178

Connection Filtering...............................................................................................180

How Connection Filtering Works....................................................................181

How Real-time Black List Providers Match Offending IP Addresses............181

Understanding Black List Providers Response Codes..................................182

Specifying Exceptions to the Connection Filter Rule ....................................183

Enabling Connection Filtering ........................................................................183

Step 1: Create a connection filter...........................................................184

Step 2: Apply the Connection Filter to the Appropriate SMTP Virtual Servers

..................................................................................................................187

Inbound Recipient Filtering ...................................................................................188

Enabling Recipient Filtering ...........................................................................189

Step 1: Create a recipient filter...............................................................189

Step 2: Apply the Recipient Filter to the Appropriate SMTP Virtual Servers

..................................................................................................................191

Improved Ability to Restrict Relaying ....................................................................192

Improved Ability to Restrict Submissions (Restricted Distribution Lists)............193

Chapter 7

Storage Features ....................................................................195

Shadow Copy Backup ............................................................................................195

Using Shadow Copy Backup...........................................................................196

Recovery Storage Group.................................................................................196

Using a Recovery Storage Group ............................................................197

Overriding the Recovery Storage Group.................................................199

Microsoft Exchange Mailbox Merge Wizard .........................................................200

Improved Public Folder Store Replication ............................................................200

Improved Virus Scanning API ................................................................................201

Chapter 8

Development Features............................................................ 203

WMI Providers ........................................................................................................203

Active Directory Classes and Attributes................................................................205

Deprecated Development Technologies...............................................................205

Deprecated MAPI Technologies............................................................................205

Chapter 9

Deploying Exchange Titanium Beta...........................................207

New Features in Exchange Titanium Beta............................................................207

Exchange Server Deployment Tools ..............................................................207

vi Microsoft Exchange Titanium Getting Started Guide

ADC Tools ........................................................................................................208

Microsoft Exchange Public Folder Migration Tool.........................................209

Improvements in Exchange Titanium Beta Setup.........................................209

Windows .NET Server 2003 Benefits ............................................................212

Prerequisites ..........................................................................................................212

Hardware Requirements ................................................................................212

File Format Requirements..............................................................................213

Operating System Requirements...................................................................213

Windows 2000 Server.............................................................................213

Windows .NET Server 2003 ....................................................................213

Upgrading Windows 2000 Server to Windows .NET Server..................213

Active Directory........................................................................................214

Permissions .............................................................................................214

Upgrading Front-End Servers .........................................................................215

Upgrading Active Directory Connector...........................................................216

Removing MIS Components...........................................................................216

Components Required for Wireless Support.................................................216

Removing Instant Messaging, Chat and KMS Components ........................216

Third-party Software .......................................................................................217

Installing Exchange Titanium Beta or Upgrading from Exchange 2000.............217

Run ForestPrep...............................................................................................217

Run DomainPrep.............................................................................................218

Install and Enable Required Services............................................................219

Run Exchange Titanium Beta Setup..............................................................222

Upgrading from Exchange 5.5 to Exchange Titanium Beta.................................222

Appendix A

Titanium Beta Schema Changes.............................................. 227

Introduction

This guide provides important information about using the beta (build 6803.6) release of Microsoft® Exchange Titanium Server, the latest version of Microsoft Exchange Server. The purpose of this guide is to outline the new features in the Exchange Titanium release and provide the basic information necessary to get started trying these new features. This is not a comprehensive document for Exchange Server, but a guide for getting started with testing and running this beta release.

This document supplements the release notes document (releasenotes.htm), and should be read only after reviewing the release notes. The release notes contain critical information about known issues with this beta release of Exchange Titanium. If you have not yet read the release notes, you should read them now.

This guide is designed for Exchange administrators who will be testing and deploying the Exchange Titanium beta. The beta is not supported in a production environment and should only be deployed in a test lab. The guide assumes that you have an excellent working knowledge of Exchange 2000. It is structured based on Exchange components and contains chapters that explain what the new component features are, and how to get started using them.

E-mail feedback on this document to

mailto:exchdocs@microsoft.com?subject=Feedback: Exchange Titanium Getting Started Guide.

Overview of Exchange Titanium Beta

Microsoft® Exchange Titanium Server is the next release in the Microsoft Exchange messaging server line of products. Exchange Titanium builds on the Exchange 2000 code base, providing many new features and improvements in areas such as reliability, manageability, and security.

Exchange Titanium is the first Exchange release designed to work with Microsoft® Windows® .NET Server 2003. Running Exchange on Windows .NET Server provides several benefits, such as improved memory allocation, reduced Microsoft Active Directory replication traffic, and rollback of Active Directory changes, as well as new features such as volume shadow copy and cross-forest Kerberos authentication. Exchange Titanium also runs on Windows 2000 Server.

Exchange Titanium works with Microsoft Outlook® 11 to provide a range of improvements such as cached mode synchronization, client-side performance monitoring, and support for RPC over HTTP, allowing users to connect directly to their Exchange server over the Internet without needing to establish a VPN tunnel.

When combined with Windows .NET Server and Outlook 11, Exchange Titanium provides a robust, feature-rich end-to-end messaging system that is both scalable and manageable.

Supported Use of the Beta

The purpose of the Exchange Titanium beta is to give you an opportunity to try the new

Exchange features. You should roll out the beta in a test lab environment. None of the features in the Titanium beta are supported in a production environment. Do not roll out the beta in production; deploying the Exchange Titanium beta requires modifications to

4 Microsoft Exchange Titanium Getting Started Guide

your Active Directory schema, which are permanent changes.

For information about supported operating system environments, prerequisites, and other requirements for deploying the Titanium beta, see Chapter 9, "Deploying Exchange Titanium Beta."

Test Environments for Exchange Titanium

This section explains the test environments that you can use to deploy the Exchange Titanium beta.

Operating Systems

Exchange Titanium runs on Windows .NET Server 2003 and Windows 2000 Server SP3 or later. Exchange Titanium has been optimized to run on Windows .NET Server, and several Titanium features require Windows .NET Server.

Exchange Titanium is supported in all Active Directory forest environments: native Windows 2000, native Windows .NET Server, or mixed Windows 2000 and Windows .NET Server forests. When running in an environment with Windows 2000 domain controllers and global catalog servers, the domain controllers and global catalog servers that Exchange Titanium uses must all be running Windows 2000 SP3 or later. Exchange Titanium will not use a Windows 2000 domain controller or global catalog server that is not running Windows 2000 SP3 or later. This requirement affects both Exchange Titanium servers and the Titanium version of Active Directory Connector (ADC). ADC will not work with domain controllers or global catalog servers that are running a version of Windows 2000 earlier than SP3.

Pre-release (beta) versions of Exchange Titanium are only supported in a test environment. Exchange Titanium will not be supported on Windows .NET Server in a production environment until it is released publicly.

Note Although Exchange 2000 SP2 and later is supported in an environment with Windows .NET Server domain controllers and global catalog servers, Exchange Titanium is the first version of Exchange that is supported when running on Windows .NET Server. Exchange 2000 is not supported on Windows .NET Server.

Coexistence and Upgrade from Previous Versions

Exchange Titanium can coexist with Exchange 2000 and, when running in Exchange mixed mode, with Microsoft Exchange Server 5.5 servers.

For Exchange 2000, Titanium supports in-place upgrades.

Chapter 1: Overview of Exchange Titanium Beta 5

In-place upgrades are not supported for Exchange 5.5 servers. To upgrade from Exchange 5.5 to Titanium, you must join an Exchange Titanium server to the Exchange

5.5 site, then move Exchange resources, such as mailboxes, to the Exchange Titanium server. Use the Exchange Server Deployment Tools to migrate from Exchange 5.5 to Exchange Titanium.

Although Exchange 2000 did support in-place upgrade from Exchange 5.5, the moveresources scenario is the recommended Exchange 5.5 to Exchange 2000 upgrade path.

What Has Been Removed

Although the bulk of this document discusses what is new in Exchange Titanium, there are several features that existed in Exchange 2000 that have either been discontinued or moved to other product lines. The following features have been removed:

• Real-time Collaboration Features

• M: Drive

• Key Management Service

Real-time Collaboration Features

Exchange 2000 supports numerous real-time collaboration features such as chat, Instant Messaging, conferencing (using Exchange Conferencing Server), and multimedia messaging (also known as unified messaging). These features have been removed from Exchange Titanium. These real-time collaboration features will now be provided by a new dedicated real-time communications and collaboration server, code-named Greenwich, which is currently under development.

If you are upgrading from Exchange 2000 to Exchange Titanium, features such as Instant Messaging will still work, but new deployments should use the Greenwich server.

M: Drive

The Exchange information store (which uses the \\.\BackOfficeStorage\ namespace) has traditionally been mapped to the M: drive on an Exchange server. The M: drive mapping provided file system access to the Exchange store. The M: drive will be disabled by default in Titanium. You can still interact with the information store using the file system, but you will need to enter the path directly using the \\.\BackOfficeStorage\ namespace. For example, to see the contents of the mailbox store on an Exchange server in the mail.adatum.com domain you would type the following from a command prompt:

6 Microsoft Exchange Titanium Getting Started Guide

dir \\.\BackOfficeStorage\mail.adatum.com\mbx

The reason the M: drive mapping has been removed is that, in some cases, the mailbox store would become corrupted from file system operations, such as running a file-level virus scanner on the M: drive, or by running file backup software on the drive. For Exchange 2000, you should consider disabling the M: drive mapping. See KB article Q305145 for information about how to disable this feature.

Key Management Service

Exchange 2000 includes the Key Management Service, which works with Windows 2000 Certificate Services to create a public key infrastructure (PKI) for performing secure messaging. With a PKI infrastructure in place, users can send signed and encrypted messages to each other. The Key Management Service included with Exchange 2000 provides a mechanism for enrolling users in Advanced Security, and handles key archival and recovery functions.

Exchange Titanium no longer includes the Key Management Service. The PKI included with Windows .NET Server 2003 now handles the key archival and recovery tasks that were performed by the Key Management Service in Exchange 2000.

Clients

This chapter focuses on the new features involving how clients access Microsoft® Exchange. In addition to taking advantage of new Microsoft Outlook® 11 features, Microsoft Exchange Titanium Server includes a much-improved Microsoft Outlook Web Access client, as well as new support for mobile device access to Exchange.

Outlook Improvements

Outlook 11 works with Exchange Titanium to offer many enhancements. This section introduces you to the improvements and new features in Outlook 11.

Outlook Cached Mode Protocol and Synchronization Improvements

Exchange Titanium and Outlook 11 allow users to read e-mail or perform other messaging tasks in low-bandwidth networks and in situations where network connectivity is lost. Notifications for requests for information from the Exchange server will be eliminated on the user's Outlook client, allowing the user to work without interruption using Outlook in low-bandwidth, high-latency networks.

Exchange Titanium combined with Outlook 11 significantly improves client performance by reducing remote procedure calls (RPCs) and conversation between the Outlook client and the Exchange server. This is accomplished in two ways:

• Cached mode. Outlook 11 clients will use the local Exchange mailbox data file

stored on their computer when possible, thus reducing the number of requests to the server for data and improving performance for items that are stored in the cache.

8 Microsoft Exchange Titanium Getting Started Guide

This new functionality eliminates the need to inform users of delays when requesting information from the Exchange servers.

• Kerberos Authentication. Exchange Titanium allows Outlook 11 clients to

authenticate to Exchange Titanium servers using Kerberos authentication.

• Synchronization Improvements. Exchange Titanium will perform data

compression to reduce the amount of information sent between the Outlook 11 client and the Exchange Titanium servers. Exchange Titanium will also optimize the communication between the client and the server by reducing the total requests for information between the client and server.

The combination of Cached mode and the synchronization and optimization improvements significantly enhances the end user experience associated with using Outlook as a remote user. Dialog boxes that would display requests for information from an Exchange server will no longer appear on a user’s Outlook client, because the user will work from primarily from their local Exchange mailbox data file. More importantly, when network connectivity is lost between the Outlook client and the network, Outlook will operate without interruption.

Additionally, because users will work primarily from their local Exchange mailbox data file, they will request less information from the Exchange servers in total, thus reducing the total load on your Exchange servers.

Cached Mode Configuration

By default, new installations of Outlook 11 use Cached mode. If you are upgrading from previous versions of Outlook to Outlook 11, you must configure the Outlook client manually to use Cached mode by modifying a user's profile to use their local copy of their Exchange mailbox.

To Enable Cached Mode for Outlook 11 Upgrades



1. On the computer with an upgrade of Outlook 11, click Start, click Control Panel,

and then double-click Mail. If you do not see Mail, you may need to switch to classic view by clicking Switch to Classic View in the left pane under Control Panel.

2. On the Mail Setup screen, click the E-mail Accounts button.

3. In the E-mail accounts Wizard, click the option button next to View or change

existing e-mail accounts, and then click Next.

4. On the E-mail Accounts screen, select your account and then click the Change

button.

5. On the Exchange Server Settings page, click the check box under Run Outlook

using a local copy of my Exchange mailbox.

Chapter 2: Clients 9

Figure 2.1 The Exchange Server Settings dialog box

Click Next, and then click Finish to save the changes to your local profile.

Kerberos Authentication

Exchange Titanium and Outlook 11 can now use Kerberos to authenticate users to the Exchange Titanium servers. If your network uses Microsoft Windows® .NET Server 2003 domain controllers, your users can authenticate cross-forest to the domain controllers in trusted forests allowing user accounts as well as Exchange servers to exist in different forests.

Titanium uses Kerberos delegation when sending user credentials between an Exchange front-end server and the Exchange back-end servers. Previous versions of Exchange Server used Basic authentication when users used applications such as Microsoft Outlook Web Access to send their credentials between an Exchange front-end server and an Exchange back-end server. As a result, companies would need to use a security mechanism such as IPSec to encrypt information from the Exchange front-end server to the Exchange back-end servers

Outlook Performance Monitoring

Exchange Titanium now includes the ability to monitor client-side performance with Outlook 11. For information on how to monitor client-side performance, see Chapter 4 "Performance and Scalability Features" later in this book.

10 Microsoft Exchange Titanium Getting Started Guide

RPC over HTTP

Exchange Titanium and Outlook 11 combined with Windows .NET now supports RPC over HTTP. This eliminates the need for a VPN to access Exchange information; users running Outlook 11 can connect directly to an Exchange server within a corporate environment over the Internet using HTTP. RPC over HTTP provides an RPC client such as Outlook 11 with the ability to securely connect across the Internet to RPC server programs and execute remote procedure calls. If the client can make an HTTP connection to a computer on a remote network running IIS, it can connect to any available server on the remote network and execute remote procedure calls. The RPC client and server programs can connect across the Internet—even if both are behind firewalls on different networks.

When you deploy RPC over HTTP, you configure your Exchange front-end server as an RPC Proxy server. This RPC Proxy server will then specify which ports to use to communicate with the domain controllers, global catalog servers and all Exchange servers that the RPC client needs to communicate with.

RPC over HTTP Deployment Options

When you deploy RPC over HTTP in your corporate environment, you have several deployment options based on where you locate your RPC Proxy server. The recommended deployment strategy is to deploy Internet Security and Acceleration (ISA) Server in the perimeter network and to locate your Exchange front-end server within the corporate network. You can also locate the Exchange Titanium front-end server acting as an RPC Proxy server in the perimeter network.

Option 1: Locating the RPC Proxy Server in the Corporate Network

By using ISA Server in the perimeter network to route RPC over HTTP requests and locating the front-end Exchange server in the corporate environment, you eliminate the need to open the ports that your RPC proxy server will need to communicate with the computers that it needs. The following figure describes this deployment scenario.

Chapter 2: Clients 11

Figure 2.2 Deploying RPC over HTTP with ISA Server 2000 in the perimeter network

By deploying ISA Server in the perimeter network, the ISA server will then be responsible for routing RPC over HTTP requests to the Exchange front-end server acting as an RPC Proxy server. When you choose this deployment option, you can then configure the RPC Proxy server to use all ports within the specified range to communicate with the servers that are required to use RPC over HTTP.

Option 2: Locating the RPC Proxy Server in the Perimeter Network

You can locate the RPC Proxy server on your Exchange Titanium front-end server located inside of the perimeter network. In this scenario, it is recommended that you limit the number of ports that the RPC Proxy server needs to a specific set of ports. The following figure describes this deployment scenario.

Figure 2.3 Deploying RPC over HTTP on the Exchange front-end server in the perimeter network

For information about how to configure the outlined deployment options as listed above, use the steps to configure RPC over HTTP in this section.

12 Microsoft Exchange Titanium Getting Started Guide

System requirements for using RPC over HTTP

To use RPC over HTTP, you will need Windows .NET Server as your operating system on the following servers:

• All Exchange Titanium servers using RPC over HTTP.

• Exchange front-end server acting as the RPC Proxy Server.

• Domain controllers that communicate with the Exchange servers configured to use

RPC over HTTP.

• The global catalog server that the Exchange server configured to use RPC over

HTTP will use.

Exchange Titanium Beta must be installed on all Exchange servers that are used by the RPC Proxy server. Additionally, client computers running Outlook 11 will need Microsoft Windows XP Service Pack 1 (SP1) with the following hot fix: Q331320

Deploying RPC over HTTP

The following section describes how to deploy RPC over HTTP in your network environment. Complete the following steps in the order listed to deploy RPC over HTTP:

1. Configure your Exchange front-end server as an RPC Proxy server.

2. Configure the RPC virtual directory in Internet Information Services (IIS).

3. Modify the registry on the Exchange server that communicates with the Proxy

server to use a specified number of ports.

4. Open the specific ports on the internal firewall.

5. Create an Outlook Cached Mode profile for your users to use with RPC over HTTP.

After you have completed these steps in order, your users can begin using RPC over HTTP to access the Exchange front-end server.

Step 1: Configure your Exchange front-end server to use RPC over HTTP

The RPC Proxy server processes the Outlook 11 RPC requests coming in over the Internet. In order for the RPC Proxy server to know what to do with the RPC over HTTP requests, you need to install the RPC over HTTP Proxy networking component on your Exchange Titanium front-end server.

Configure your Exchange front-end server to use RPC over HTTP



1. On the Exchange Titanium front-end server running Windows .NET Server RC2,

click Start, click Control Panel, and then click Add or Remove Programs.

2. Click the Add/Remove Windows Components icon in the left pane of the Add or

Remove Programs page.

Chapter 2: Clients 13

3. On the Windows Components screen, highlight Networking Services and then

click the Details button.

4. On the Networking Services component selection screen, select the check box next

to RPC over HTTP Proxy and then click OK.

5. On the Windows Components screen, click Next to install the RPC over HTTP

Proxy Windows component.

Step 2: Configure the RPC virtual directory in Internet Information Services

Now that you have configured your Exchange Titanium front-end server to use RPC over HTTP, you must now configure the RPC Virtual directory in IIS.

To Configure the RPC virtual directory



1. Click Start, point to All Programs, click Administrative Tools, and then click

Internet Information Services (IIS) Manager.

2. On the Internet Information Services (IIS) Manager screen, expand the Web

Sites folder under your server, expand Default Web Site, right-click the RPC virtual directory, and then select Properties.

3. On the RPC properties page, on the Connections tab, in the Authentication and

access control pane, click the Edit button.

4. In the Authentication Methods window, disable Anonymous access.

5. In the Authentication Methods window, in the Authentication access pane, select

one of the following:

• If you are have located your RPC Proxy server inside of the perimeter

network, select Basic authentication, and then click OK.

• If you are locating your RPC Proxy with the corporate network, select Basic

authentication, and then click OK

6. Click Apply and then click OK.

Your RPC virtual directory is now disabled for anonymous access and is set to use Basic authentication. You must now configure your proxy server to use a specific set of ports to communicate with the Exchange servers.

Step 3, Option 1: Configure the RPC Proxy server with ISA Server in the perimeter network

If you have deployed ISA Server in the perimeter network and located your Exchange front-end server acting as the RPC Proxy server in your corporate environment, use the following procedure to configure the ports that the RPC Proxy server will use to communicate with the server it uses for RPC over HTTP communication. You will do this by setting a registry key in the following location:

HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy

14 Microsoft Exchange Titanium Getting Started Guide

The registry key will specify the ports that will be used with RPC over HTTP.

Warning This section contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about restoring the registry, see the “Restore the Registry” Help topic in Regedit.exe or Regedt32.exe.

To set the ports for RPC over HTTP for the RPC Proxy server located within the perimeter network

1. Click Start, click Run, and then type Regedit in the box next to Open. Click OK.

2. Navigate to the following registry key:

* HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy

3. Right-click the Valid Ports registry key and select Modify.

Figure 2.4 The RPCProxy registry settings

In the Edit String window in the box under Value data enter the following information:

ExchangeServer:593;ExchangeServer:1024-65535;

DomainController:593;DomainController:1024-65535

Chapter 2: Clients 15

Where ExchangeServer is the NetBIOS name of your Exchange Titanium server, and DomainController is the NetBIOS name of your domain controller. Your values must appear as shown below.

Note You may also use the Fully Qualified Domain Name (FQDN) in place of the NetBIOS name for your servers, as shown in this example.

Figure 2.5 The value data for the RPC ValidPorts registry key

Click OK.

6. Click File and click Exit.

Your proxy server is now configured to use the specified ports to communicate with your Exchange Titanium server and your domain controller. Now you must create a profile for your user to use RPC instead of HTTP.

Step 3, Option 2: Configure the RPC Proxy server to use specific ports (Optional)

If you have located the RPC Proxy server inside of the perimeter network, you can configure the RPC Proxy server to use a limited number of ports to communicate with the servers in the corporate network. In this scenario, the RPC proxy server will be configured to use a specified number of ports and the individual computers that the RPC Proxy server communicates with will also be configured to use a specified number of ports when receiving requests from the RPC Proxy server. This step involves three separate procedures:

1. Configuring the RPC Proxy server to use a specified number of ports for RPC over

HTTP to communicate with servers inside of the corporate network.

2. Configuring the Exchange server to use a specified number of ports for RPC over

HTTP requests to communicate with the RPC Proxy server inside of the perimeter network.

3. Configuring the domain controllers and global catalog servers to use a specified

number of ports for RPC over HTTP requests to communicate with the RPC Proxy server inside of the perimeter network.

Complete these steps to configure the servers that will be used for RPC over HTTP.

Note Using this method to specifically limit the number of ports to open for RPC over HTTP communication is the recommended method of configuring your servers to use RPC over HTTP.

16 Microsoft Exchange Titanium Getting Started Guide

To configure the RPC Proxy server to use a specified number of ports for RPC over HTTP



1. For the purposes of this procedure, the following ports will be used as an example.

Table 2.1 Example ports for setting specific ports for RPC over HTTP

Server Ports (Services)

Exchange back-end servers 593 and 6001 and 6002 (DS referral) or 6003 (DS

Proxy). Note that using DS referral is recommended.

Domain controllers 593 and 6004

Global catalog server 593 and 6004

2. On the RPC Proxy server, click Start, click Run, and type Regedit in the box next

to Open. Click OK.

3. Navigate to the following registry key:

* HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy

4. Right-click the Valid Ports registry key and click Modify.

Figure 2.6 The RPCProxy registry settings

Chapter 2: Clients 17

5. In the Edit String window in the box under Value data enter the following

information:

ExchangeServer1:593;ExchangeServer1:6001-6004; DomainController:593;DomainController:6004; GlobalCatalogServer:593;GlobalCatalogServer:6004

6. Where ExchangeServer is the NetBIOS name of your Exchange Titanium Server,

DomainController is the NetBIOS name of your Domain Controller and GlobalCatalogServer is the NetBIOS name of your Global Catalog Server.

7. Continue to list all servers in the registry key for all servers in the corporate network

that the RPC Proxy server will need to communicate with.

Important All servers that the Outlook client will need to access must have the ports set to communicate with the RPC Proxy server. If a server, such as an Exchange public folder server has not been configured to use the specified ports for RPC over HTTP communication, the client will not be able to access the server.

To Configure the Exchange Server to use a specified number of ports for RPC over HTTP



requests

1. On the Exchange Server, click Start, click Run, and type Regedit in the box next

to Open, and then click OK.

2. Navigate to the following key to set the port for DS Proxy:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeS A\Parameters

3. Click Edit, then click New, and then select DWORD value.

4. Create a DWORD value with the name RPC/HTTP NSPI Port.

5. Right-click the RPC/HTTP NSPI Port dword value and choose modify.

6. In the Base window, click the button next to Decimal.

7. In the Value data field, enter the value 6003.

Note The value 6003 was chosen for the purposes of this example. You can, however, use any value between 1024 and 65535.

8. Navigate to the following key to set the port for DS Referral (recommended):

*HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange SA\Parameters

9. Click Edit, then click New, and then select DWORD value.

10. Create a DWORD value with the name HTTP Port.

11. Right-click the HTTP Port dword value and choose modify.

12. In the Base window, click the button next to Decimal.

18 Microsoft Exchange Titanium Getting Started Guide

13. In the Value data field, enter the value 6003.

Note The value 6003 was chosen for the purposes of this example. You can, however, use any value between 1024 and 65535.

14. Navigate to the following key for the port to use the Exchange Store:

*HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange IS\ParametersSystem

15. Click Edit, then click New, and then select DWORD value.

16. Create a DWORD value with the name RPC/HTTP Port.

17. Right-click the RPC/HTTP Port dword value and choose modify.

18. In the Base window, click the button next to Decimal.

19. In the Value data field, enter the value 6001.

Note The value 6001 was chosen for the purposes of this example. You can, however, use any value between 1024 and 65535.

Important All servers that the Outlook client will need to access must have the ports set to communicate with the RPC Proxy server. If a server, such as an Exchange public folder server, has not been configured to use the specified ports for RPC over HTTP communication, the client will not be able to access the server.

To configure the domain controllers and global catalog servers to use specified ports for RPC



over HTTP

1. On the domain controller, click Start, click Run, type Regedit in the box next to

Open, and then click OK.

2. Navigate to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Paramet ers

3. Click Edit, click New, and then select Multi String value.

4. Create a DWORD value with the name NSPI interface protocol sequences.

5. Right-click the NSPI interface protocol sequences multi-string value and choose

modify.

6. In the Value data field, enter: ncacn_http:6004

Step 4: Create an Outlook profile to use with RPC over HTTP

In order for your users to use RPC over HTTP from their client, they will need to create an Outlook profile that uses the settings necessary for using RPC over HTTP. These settings enable Secure Sockets Layer (SSL) communication with Basic authentication that is necessary when using RPC over HTTP.

Chapter 2: Clients 19

To create an Outlook profile to use RPC over HTTP



1. Click Start and then click Control Panel.

2. If you are using Category View in Control Panel, click Other Control Panel

Options in the See Also Pane, and then select Mail.

3. If you are using Classic View in Control Panel, select Mail.

4. In the Mail Setup window, in the Mail Profiles pane, click the Show Profiles

button.

5. In the Mail window, click Add.

6. In the New Profile window, enter a name for this profile in the box next to Profile

Name.

7. In the New E-mail Accounts Wizard, click Add a new e-mail account, and then

click Next.

8. On the Server Type page, select Microsoft Exchange Server and then click Next.

9. On the Exchange Server Settings page:

a. Enter the name of your Exchange Titanium server in the box next to Microsoft

Exchange Server.

b. Enter the user name in the box next to User Name. c. Select Use local copy of Mailbox.

Figure 2.7 The Exchange Server Settings dialog box

d. Click the More Settings button.

10. On the Connections tab:

20 Microsoft Exchange Titanium Getting Started Guide

a. In the Connections pane, click Connect using Internet Explorer’s or a 3rd

party dialer.

b. Select the check box next to Connect to my Exchange mailbox using HTTP.

11. Click the Exchange Proxy Settings button.

12. On the Exchange Proxy Settings page, in the Connections Settings window, do

the following:

a. Enter the Fully Qualified Domain Name (FQDN) of the RPC Proxy server in

the box under Use this URL to connect to my proxy server for Exchange.

b. Select the check box next to Connect using SSL only. c. Select the check box next to Mutually authenticate the session when connecting

with SSL.

d. Enter the Fully Qualified Domain Name (FQDN) of the RPC Proxy server in the

box under Principle name for proxy server. Use the format: msstd:FQDN of Server.

13. On the Exchange Proxy Settings page, in the Proxy authentication settings window,

select Basic Authentication from the drop-down menu under Use this authentication when connecting to my proxy server for Exchange.

14. Click OK

Your users are now configured to use RPC over HTTP.

Outlook Web Access

The new version of Outlook Web Access in Exchange Titanium represents a major upgrade from Exchange 2000. The new version is truly a full-featured e-mail client, with support for rules, spell checking, secure messaging, and many other improvements detailed in the next sections. The interface has also been redesigned to provide an enhanced user experience similar to that provided with Outlook 11, including a new right-hand preview pane and improved navigation pane.

The following Outlook Web Access features are new in Exchange Titanium.

Two Outlook Web Access Versions

Exchange Titanium now includes two different versions of Outlook Web Access:

1. Rich Experience Outlook Web Access. The rich experience Outlook Web

Access is for Microsoft Internet Explorer 5 or later and includes all features of Outlook Web Access including the new enhanced features for Exchange Titanium.

+ 247 hidden pages