Deploying Exchange Server 2007 and Office Communications Server 2007 R2 (Part 3)

Introduction

So far, we have seen the roles that an OCS/Exchange implementation can have and we also introduced the scenario that we are going to work on throughout this article series. The main goal here is to provide some guidance in order to help you to set up, from scratch, an environment in order to use UC technologies. In this article, we are going to move really quickly through the initial steps required to install both our Domain Controllers. I am also going to add hints about this process and also about some services offered, such as; Certificate Services, Split-DNS configuration, and OS requirements for OCS Server.

If you have forgotten the scenario we have created in this article series (Figure 1), this article will be a bit of a reminder as we will begin to work on the scenario in this article. Because it’s a POC, the Certificate Services will stay on a Domain Controller but in a production environment it should be a machine dedicate for this role.


Figure 1

Installing Domain Controllers…

Both products (Exchange and OCS) rely entirely on AD and DNS, in this section we are going to go over the process to install the first domain controller and the secondary domain controller as well. It’s extremely recommended to have at least two domain controllers up and running to avoid service outages. If you have just one DC and that one fails, you would not be able to use OCS or Exchange even if they are in different machines.

Some hints:

  • We have a single domain and a single forest; both Domain Controllers should be configured as Global Catalog

  • Configure all servers as static IP address

  • Configure all clients to use both Primary and Secondary DNS pointing out to the Domain Controllers

  • Before installing the first domain controller, make sure that the Primary DNS server is configured to be its own IP; the same IP should be configured as Primary DNS on the second domain controller as well

  • After installing the first domain Controller, go to the DNS Server Manager and create a reverse zone based on your IP configuration

  • Using Active Directory Sites and Services (dssite.msc) associate the IP Address to the site, it is not a requirement when you have a single site, but it is better to do that to be prepared for additional servers that you may have down the road

  • It is not a requirement but you can change the Active Directory site name to reflect your location using the same Active Directory Sites and Services

All process involved to build the first domain controllers in our environment are described in these steps below:

  1. Click on Start, Run and type in DCPromo and click OK.

  2. On Welcome to the Active Directory Domain Services Installation Wizard page. Click on Next.

  3. On Operating System Compatibility page. We already know about the Windows 2008 security improvement and legacy products (Windows 98, NT and simple SMB implementations) may be affected, click on Next.

  4. On Choose a Deployment Configuration page. Select Create a new domain in a new forest and click Next.

  5. On Name the forest Root Domain page. Fill out with your FQDN of your new forest, and make sure that you have not added a single name to this field. In our article series we are going to use apatricio.local and click Next.

  6. On Set Forest Functional Level page. Select the functional level, because we are creating a new one I would say that you don’t intend to install any legacy OS as Domain Controller, then select Windows Server 2008 from the list and click Next.

  7. On Additional Domain Controller Options page. Make sure that DNS server is selected and click Next (Figure 2).


Figure 2

  1. A dialog box about DNS Server delegation may pop up, asking if you want to continue.  If it does, click on yes.

  2. On the Location for Database, Log Files and SYSVOL page. Leave default settings and click Next.

  3. On the Directory Services Restore Mode Administrator Password page. Define a password that will be used during the restore mode process and click Next.

  4. On Summary page. A summary containing everything that we have selected so far will be listed, click on Next to start the process.

  5. On Completion page. Click on Finish and a restart will be required.

Additional Domain Controllers are even easier to deploy, just make sure that your Primary DNS IP address is pointing out to the first Domain Controller that we have just built and follow these steps:

  1. Logged on the second server that will be the additional domain controller.

  2. Click on Start, Run and type in DCPromo and hit OK.

  3. On the Welcome to the Active Directory Domain Services Installation Wizard page. Click on Next

  4. On the Operating System compatibility page. Click on Next.

  5. On the Choose a Deployment Configuration page. Select Existing Forest and click on Add a domain controller to an existing domain and then click Next (Figure 3).


Figure 3

  1. On the Network Credential page. Use the FQDN name that we created on the previous procedure and click on Set… and use the Administrator credential and then click Next (Figure 4).


Figure 4

  1. On the Select a Domain page. Select the designated domain from the list, and click on Next.

  2. On the Select a Site page. By default the first site name is Default-First-Site-Name, select it from the list and click Next.

  3. On the Additional Domain Controller Options page. Select both options: DNS Server and Global Catalog and click Next.

  4. On the Location for Database, Log Files and SYSVOL page. Leave default settings and click Next.

  5. On the Directory Services Restore Mode Administrator Password page. Define a password that will be used during the restore mode process and click Next.

  6. On Summary page. A summary containing everything that we have selected so far will be listed, click on Next to start the process.

  7. On Completion page. Click on Finish and a restart will be required.

After bringing two DCs up, now it is time to configure all servers to join our new domain and the client machines. The only requirement is make sure that all servers/workstations are pointing to the DNS servers and then join them to the domain. If you have are not certain about the process to follow, don’t worry, just follow the steps described on this KB article and you will be good:

Domain and Forest Level…

Both products have specific Forest and Domain level requirements to be in place before the deployment, and also some Operating System requirements. We created our environment from scratch and during the DCPromo we were able to define the Forest level. However, in some environments, you need to change the forest level/domain level to support either OCS or Exchange.

The good news is that if you are closer to the latest Forest/Domain levels you are in a good spot. The following table will help you to identify the minimum requirement for each product that you want to deploy.

Product

Forest Level (minimum)

Domain Level (minimum)

Operating System (minimum)

Hardware

Exchange Server 2007

Windows 2000 native

Windows 2000 native

Windows Server 2003 or 2008

X64

OCS 2007 R2

Windows Server 2003

Windows Server 2003

Windows Server 2003 or 2008

X64

Exchange Server 2010

Windows Server 2003

Windows Server 2003

Windows Server 2008

X64

Table 1

Note:
If you have special configurations requirements, the minimum may not be used. For example: If your solution requires Forest-to-Forest delegation in Exchange Server 2007, then the Windows Server 2003 forest level becomes a requirement.

If you have not started a lab from scratch to follow this article series, you may have to raise your forest/domain level. In order to raise either domain or forest level, you can use Active Directory Domain and Trusts. To raise the forest functional level, we just need to right click on the first item on the left and click on Raise Forest functional level as shown in Figure 5, if you want to raise the domain just right click on the desired domain from the list on the left and click on Raise Domain Functional Level.


Figure 5

Conclusion

If you have not had the chance to play with Active Directory before, now is your chance. Active Directory is the base for the majority of Microsoft products and should be understood before adding more services on top of it. In this article we just covered the basics in setting up an environment from scratch and prepare for OCS and Exchange properly.


nguồn msexchange.org

About Tony Nguyễn
Tôi tên Tony tự Tèo trú tại thôn Tám, Trảng Thanh tỉnh Thừa Thiên. Thưở thiếu thời trí tuệ tôi thường thường, tuy thế tính tình thật thà thẳng thắng, thích thi thơ ...

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: