Seminario de Microsoft Exchange 2010
Eschange es un producto de mail corporativo que en esta versión agrega un paquete importante de mejoras para el usuario, resultando en mi opiniòn que su interface web OWA y ECP sea el cliente elegido mas quizás que el propio Outlook.
Les dejo el seminario para que conozcan este producto.
5. Roles – Estructura Exchange Domain Controller DNS Clobal Catalog Mailbox Server Clientes AD Forest Client Access Server 242 Hub Transport Edge Transport Unified Messaging
7. Proceso de actualización de la DB El Mailbox Server recibe un mensage ESE (Extensible Storage Engine) 442 1 El mensaje se escribe en memoria y luego al Log de transacciones 2 3 Se escribe en la Base 4 Genera un control (checkPoint) 5 El cliente accede al mensaje
8.
9.
10.
11. SharePoint o Carpetas Públicas? 842 Esenario Carpeta Pública en uso Nueva Carpeta pública? Compartir documentos SharePoint puede ser una mejor opción SharePoint es una mejor opción Compartir Calendario No hay necesidad de moverlo Se puede usar ambas Compartir Contactos No hay necesidad de moverlo Se puede usar ambas Foros de discusión No hay necesidad de moverlo Se puede usar ambas Lugar de archivo para grupos No hay necesidad de moverlo Se puede usar ambas Aplicaciones personalizadas SharePoint puede ser una mejor opción SharePoint puede ser una mejor opción Formularios No hay necesidad de moverlo Usar InfoPath
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31. How Client Access Works RPC/MAPI HTTPS IMAP4 POP3 Mailbox Server Domain Controller Client Access Server RPC/MAPI 1 3 2 4 2842
39. Federated Sharing Acceso a la información de disponibilidad Contoso.com Adatum.com 2 3 4 7 8 1 5 Microsoft Federation Gateway A CAS DC CAS DC 6 MBX CAS 3642 CAS chequea con el DC si hay configurada una relac. Compartida con Adatum + si tiene permisos el user para usarla User A invita a un usuario de Adatum Contoso CAS pide un Security Token para el usuario A Contoso CAS pide info de disponibilidad a Adatum y presenta el Token del usuario Adatum CAS valida el Token y verifica la Relación compartida Adatum CAS trae la disponibilidad de la casilla del usuario Envía la info a Contoso CAS
40. Federation: Entrega Adatum.com Contoso.com Microsoft Federation Gateway 2 3 4 6 5 1 HUB DC MBX HUB DC MBX A 3742 User A manda un e-mail a un usuario de Adatum HUB chequea con el DC si hay configurada una relac. compartida + si User A tiene permisos de envío a Adatum Contoso HUB pide un Security Token para el usuario A Contoso HUB encripta el mail con la llave del Token. Luego encripta el security Token con la llave publica del Gateway y lo manda Adatum HUB valida el Token y verifica la Relación compartida Adatum HUB decripta el Token y extracta la llave. Luego decripta el mail y lo entrega al usuario
41.
42.
43. Uso de Procesador 4042 Exchange 2010 role Minimo Maximo recomendado de sockets Ejemplo maximo recomendado (asumiendo 6 core) Edge Transport 1 core x procesador 2 12 core Hub Transport 1 core x procesador 2 12 core Client Access 2 core x procesador 2 12 core Unified Messaging 2 core x procesador 2 12 core Mailbox 2 core x procesador 2 12 core Client Access/Hub 2 core x procesador 2 12 core Multiple roles (Hub, CAS, Mailbox) 2 core x procesador 4 24 core
44. Uso de Memoria 4142 Exchange 2010 rol Minimo Maximo recomendado Edge Transport 4 GB 1 GB por core (4 GB minimum) Hub Transport 4 GB 1 GB por core (4 GB minimum) Client Access 4 GB 2 GB por core (8 GB minimum) Unified Messaging 4 GB 2 GB por core (4 GB minimum) Mailbox 4 GB 4 GB + 3-30 MB adicional por mailbox Client Access/Hub Transport combined role 4 GB 2 GB por core (8 GB minimum) Multiple roles (Hub, CAS, Mailbox) 8 GB 4 GB + 3-30 MB adicional por mailbox
45. Proporciones entre roles 4242 Configuración de Server Role Proporción recomendada por processor core Mailbox:Hub Transport 7:1 (sin antivirus en Hub) 5:1 (con antivirus en Hub) Mailbox : Client Access (con RPC client Access habilitado) 4:3 Mailbox : Client Access & Hub 1:1 AD/GC : Mailbox 1:4 (con GC en 32-bits) 1:8 (con GC en 64-bits)
The deployment scenarios are organized into small, medium, and large organizations. Emphasize that the suggested configuration is typical, but not sufficient for every scenario. For example, some medium-size organizations may desire multiple servers for redundancy. If you have students in the class who are familiar with Exchange 2007, stress that in Exchange 2010, Mailbox servers that are part of a highly available deployment can also host other server roles. Mention that in Exchange Server 2010, except for the Edge Transport Server role, you can implement full redundancy for all other server roles with just two servers. References Topologies: Overview: http://go.microsoft.com/fwlink/?LinkId=179874 Module 1: Deploying Exchange Server 2010 Course 10135A
Discuss the process that the Mailbox server uses when it receives data, as follows: The Mailbox server receives the message. The Mailbox server writes the message to the current transaction log and memory cache simultaneously. Note: If the current transaction log reaches 1 megabyte (MB) of storage, Exchange Server 2010 renames it and creates a new current transaction log. 3. The Mailbox server writes the transaction from memory cache to the appropriate database. 4. The Mailbox server updates the checkpoint file to indicate that the transaction was committed successfully to the database. 5. Clients can access and read the message in the database. When time permits, identify the files from the previous slide that each step of this process affect. Module 2: Configuring Mailbox Servers Course 10135A
Discuss the features that SharePoint provides that are similar to public folders. Then discuss when you would choose one versus the other. In regards to using calendar sharing, contact sharing, discussion forums or distribution group archives depending on scope of scenario, use Exchange Server public folders or SharePoint. Also, regards to custom applications, depending on the application’s scope, use Exchange Web Services and/or SharePoint. Question: For what does your company currently use public folders and SharePoint? Answer: Answers will vary considerably. Some companies many choose to use public folders for shared mail queues, calendars, document repositories or discussion groups. Other companies may choose to use SharePoint for the same reasons. References http://go.microsoft.com/fwlink/?LinkId=179884 Module 2: Configuring Mailbox Servers Course 10135A
Lead a discussion about the types of Exchange recipients. It is important that the students know what each recipient type is, because creating and configuring recipients are common and fundamental tasks that Exchange administrators perform. You can also use this discussion to evaluate student knowledge and to encourage students to interact. Question: What are the various recipient types in Exchange Server? Answer: Exchange Server 2010 includes the following recipient types: User mailboxes Mail users or mail-enabled Active Directory® directory service users Resource mailboxes Mail contact or mail-enabled contacts Mail-enabled security and distribution groups Dynamic distribution groups Linked mailboxes Describe the functionality of each recipient object listed on the slide. Describe the concept of mail-enabled recipients and mailbox-enabled recipients. Explain that Exchange Server recipients are mail-enabled when they have e-mail addresses associated with them, but not mailboxes. For example, a contact that has been mail-enabled becomes a mail contact. You can use a mail-enabled user when Exchange Server 2010 is not responsible for sending and receiving mail for an Active Directory user, but you want that user to appear in the global address list (GAL). This often is done for remote sales people that prefer to use their own ISP-based e-mail. Mention that only universal security groups and universal distribution groups can be mail-enabled. Question: How is a mail-enabled contact different from a mail-enabled user? Answer: A mail-enabled contact does not have an Active Directory user account. This is used for people outside your organization that you want to include in the GAL. References Recipient Management in Exchange 2007 – Overview: http://go.microsoft.com/fwlink/?LinkId=179880 Exchange Server 2010 Help: Understanding Recipients Module 3: Managing Recipient Objects Course 10135A
Use the diagram on the slide to show how different clients connect to the Microsoft Exchange Server 2010 mailboxes. Stress that all clients use the Client Access server role. If you have students in the class with Microsoft Exchange Server 2003 experience, compare the Client Access server role to the front-end server role in Exchange Server 2003. Both provide similar functionality, but the Client Access server also provides additional functionality, such as Remote Procedure Call (RPC) Client Access Services, and Exchange Web Services. If you have students in class who are familiar with Microsoft Exchange Server 2007 Client Access servers, point out that there is one very significant architectural change to the Client Access server in Exchange Server 2010. In Exchange Server 2007, MAPI clients such as Outlook 2007 connected directly to Mailbox servers when accessing the user mailbox. All of this functionality has been moved to the Client Access server, which now runs the RPC Client Access Services component. In Exchange Server 2010, MAPI clients connect directly to the Client Access server, and clients never directly communicate with the Mailbox servers. Mention that this has several advantages, such as: All clients now use the same mailbox access architecture. For organizations that have deployed highly-available mailbox servers, the client outages in situations where a mailbox database fails over to another server have been reduced. When a mailbox fails over to another server, the Client Access Server is notified, and the client connections will be redirected to the new server within seconds. You now can move Mailboxes from one Mailbox server to another while the user is online and connected to the mailbox. The new architecture supports more concurrent client connections to the mailbox server. Students may ask how the new Exchange Server 2010 Client Access server architecture interacts with previous versions of Exchange Server. Tell the students that this will be covered in Module 12. Module 4: Managing Client Access Course 10135A
Ask students if they are familiar with Active Directory® Federation Services (AD FS). If they are, mention that Federated Sharing is similar to AD FS in that it uses the same technologies to establish a federation trust that can be used to establish secure connections between organizations. Federated Sharing is also different than AD FS, in that with AD FS, two organizations establish a federated trust directly with each other, while with Federated Sharing, the organizations establish a federated trust with the Microsoft® Federation Gateway, which then acts as a trust broker between the organizations. Emphasize that organizations do not need to manage any user accounts on the Federation Gateway. All organizations need to do is establish the federated trust with the Federation Gateway. Session 1: Microsoft Exchange – Enhancing the User Experience Course 10133B
Use the slide to describe the information flow when an organization’s user invites another organization’s user to a meeting. Stress that only the Client Access server from Contoso.com needs to send a request to the Microsoft Federation Gateway. The Client Access server obtains a token from the Federation Gateway, and uses that token to authenticate the connection to the Adatum.com Client Access server. Both organizations must have a federation trust with the Federation Gateway, so the Adatum.com Client Access server will trust the security token. Emphasize that using HTTPS protects all communication across the Internet. Also, only the ews virtual directory on each organization’s Client Access server needs to be Internet-accessible to enable the required traffic. Session 1: Microsoft Exchange – Enhancing the User Experience Course 10133B
Stress that the network communication in the federated message delivery scenario is similar to the availability information scenario. In both cases, only the Client Access server in the originating organization needs to obtain the security token used to authenticate and secure network traffic to the destination organization. Session 1: Microsoft Exchange – Enhancing the User Experience Course 10133B