The Expert's Guide for Exchange 2003 Preparing For, Moving To, and Supporting Exchange Server 2003

The Expert's Guide for Exchange 2003 Preparing for, Moving to, and Supporting Exchange Server 2003

by Steve Bryant iii

Books

Contents Chapter 3 Consolidating Your Exchange Services ...... 34 Server Ownership Costs ...... 34 Exchange Server Proliferation ...... 34 Consolidating Protocols ...... 35 Exchange 2003 and AD ...... 37 Front-End Exchange Servers ...... 39 Front-End Servers and Performance ...... 45 Balancing Front-End and Back-End Servers ...... 45 Consolidating Servers ...... 46 Storage Space and Recovery ...... 46 Configuration and Memeory ...... 47 Mailbox Consolidation Concerns ...... 47 Creating Server Redundancy ...... 48 Spreading the Load ...... 48 Clustering ...... 48 Deploying High- or Continuous-Availability Servers ...... 50 Consolidating Mailbox Servers ...... 50 Move Mailbox Tool ...... 50 Consolidating Sites ...... 51 Consolidating Your Exchange Organization ...... 52 Consolidating Exchange 2003 and Exchange 2000 Organizations ...... 52 Tools for Merging Exchange Organizations ...... 53 Using the Exchange Migration Wizard ...... 53 Copying Public Folder Data ...... 53 Copying the Organizational Forms Library ...... 54 Copying Contacts from One Organization to Another ...... 54 Collecting Group Distribution Memebership ...... 55 Completing the Consolidation ...... 57 More Consolidation Details ...... 64 Next: Installing Exchange 2003 ...... 64 34

Chapter 3: Consolidating Your Exchange Services At the heart of most successful and cost-effective Microsoft Exchange 2003 and Exchange 2000 deployments lies consolidation. Fewer Exchange servers translates to fewer server licenses, smaller data centers, easier administration, and a reduced cost of doing business. These benefits of consolidation are often the desired end results that prompt – and justify budgets for – upgrading and consolidating Exchange deployments. Estimating the savings that your consolidation efforts can realize will require some intelligent speculation because you’ll derive your overall savings from multiple sources. In fact, Microsoft recently performed a consolidation that illustrates the potential for administrative savings. With Exchange Server 2003, Microsoft reduced its 113 mailbox servers in 75 geographical locations worldwide to 38 mailbox servers in 7 locations worldwide. Server Ownership Costs IDC estimated that 62 percent of 2002 server costs came from the additional staffing required to support the servers. Another 23.1 percent of the costs came from downtime, with the balance assigned to training, software, and hardware. IDC broke down its 2002 numbers for the annual cost of Windows server ownership (per server) into the following server categories: • File server $19,809 •Networking server $2,357 • Print server $17,369 • Security server $14,099 • Web server $6,461

Although reports about messaging costs offer various figures, I like to use an annual cost of $10,000 per server for most calculations. Whether your specific numbers are higher or lower, you can see how quickly server-consolidation savings can add up. So the questions you’re probably asking right now are “How did we get here?” and “Where did all these servers come from?” In 2003, the Gartner Group noted that independent business units within companies – rather than the company’s IT department – initiate more than 60 percent of all IT projects. The high proportion of business units initiating deployments is especially true for Exchange because remote offices and departments often decide they need more horsepower or an additional server – or worse still (in terms of additional ports) their own SMTP domain or Microsoft Outlook Web Access (OWA) server. Exchange Server Proliferation Although you can certainly blame departmental projects for proliferation, Exchange 5.5 Server’s limited scalability has also been a key factor. Most of Exchange 5.5’s scalability limits involved the

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 35 limits of the Extensible Storage Engine (ESE) engine. Administrators didn’t want to scale Exchange 5.5 servers too large because a 500GB database would take more than 15 hours to back up or restore). Moreover, a single database failure or corruption could mean certain death to the Exchange administrator who had decided to put all users on the same box (I won’t even mention how the OWA client performed). In short, many companies needed additional Exchange 5.5 servers to “spread the load” – both to accommodate users and protocols and to maintain acceptable performance. Also, although Microsoft Outlook 98 offered a stable offline mode that permitted remote access to the Exchange server, it wasn’t robust. Most remote offices wanted the same performance they enjoyed with local Microsoft Mail (MS Mail) and cc:Mail post offices. To achieve that performance, many remote offices installed a small Exchange 5.5 server. Fortunately, you now have more options. For this discussion, I’ll divide the subject of consolidation into distinct categories and begin with the lowest common denominator: protocols. I’ll then cover server consolidation, site consolidation, and, finally, Exchange organization consolidation. Consolidating Protocols Although administrators often consider protocol consolidation only after they’ve deployed or upgraded Exchange, the security implications involved should make protocols an early priority. As an Exchange consultant, I work all over the world and I get to hear many instructive stories. One customer described a security incident that put the virtues of consolidation in sharp perspective. His company was burglarized one afternoon; apparently the culprit had “tailgated” an employee into the building through a side door. Thereafter, the security team insisted that everyone come in and out the main doors so that security personnel needed to watch just one entrance for unauthorized access. Chances are you need to reduce the number of “entrances” to your network. And, although you might not be able to control the number of firewalls on your network (whose protection can be somewhat offset by the monitoring and management challenges that different access rules create), you probably can control how many and which protocols (and therefore ports) your company uses. Because business units drive many IT projects, companies often have multiple Internet connections. One of my client companies has roughly 50 business units and as many Internet connections. (I won’t discuss the potential problems that come with 50 Internet connections and possibly 50 firewalls; you understand the risks and administrative nightmares.) However, you no longer need all those connections. Instead, you can place a couple of inbound servers for the mail protocols centrally to provide a redundant inbound path for email and OWA. As you know, the more inbound ports you have open on your network, the less secure your network will be. Although I’ll discuss security in more depth in Chapter 7, I want to emphasize here some key points about the vulnerabilities that multiple protocols can create. Figure 3.1 shows a three-site design with multiple protocols in use.

Brought to you by Quest Software and Windows & .NET Magazine eBooks 36 The Expert’s Guide for Exchange 2003

Figure 3.1 Site design with multiple protocols

SUv.com

Internet

Other Sites

SMTP POP Trucks.com IMAP HTTPS SportsCar.com

Other Sites

You can see several points of vulnerability in this design: 1. A new virus or network attack could bring down all three sites because they’re all exposed to the Internet. 2. From an SMTP perspective, a server or network failure stops inbound mail for that entire SMTP domain. 3. Virus and antispam updates might not be in sync, so different locations might have different protection levels. 4. Three firewalls and their access rules are much more difficult to manage and monitor than one or two.

In Figure 3.1, you can see that many inbound ports must be enabled to support each business unit. A better design would establish a clear boundary between the Internet and the email servers (i.e., a Demilitarized Zone or DMZ) and consolidate the Internet email services to better secure and stabilize the environment.

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 37

You can establish a protective boundary for your organization in various ways. You can configure Microsoft IIS to provide a boundary or configure Linux with Sendmail to accomplish the same purpose. Other products and more sophisticated solutions also exist. Microsoft has recently announced a new product, Exchange Edge Services, which will eventually play this role for SMTP and provide additional features as well. The current Microsoft solution is to place Microsoft ISA Servers or Exchange 2003 front-end servers at the boundary. Exchange 2003 and AD Before I discuss front-end server deployment, I want to point out that Exchange 2003 is smarter than I once thought. Because its folders and mailboxes are published to Active Directory (AD), Exchange 2003 knows to look in AD for Exchange resources. In your Exchange organization, you have mailboxes on servers. AD keeps mailbox information under several Exchange attributes in the Class object USER for each person who has a mailbox. But if you look at the Exchange objects in the Microsoft Management Console (MMC) Users and Computers snap-in, you see that the public folder proxies (in the default top-level hierarchy) are also added to AD, as Figure 3.2 shows. Figure 3.2 Exchange System Objects and Exchange Mailbox Store

Each Exchange server in the routing group is notified of a hierarchy change, and information about the folder structure is replicated. This notification lets each mailbox server (within the routing group) report the folder hierarchy as well. And therein lay the magic.

Brought to you by Quest Software and Windows & .NET Magazine eBooks 38 The Expert’s Guide for Exchange 2003

Although the public folder exists on only one server in the routing group, other Exchange 2003 servers can automatically redirect to the appropriate server. If I use OWA to access a public folder that exists on a different server, the server to which I’m connected will perform a quick directory lookup and send me to the server that contains the data. All Exchange 2003 and Exchange 2000 servers can automatically redirect the OWA client, as Figure 3.3 shows, to the appropriate mailbox or public folder server. Figure 3.3 Using OWA to find a public folder

In this case, I’m attempting to connect to a public folder that exists only on Server2. When ServerA realizes it doesn’t have the folder I’m requesting, it performs a directory lookup to find the server that holds the data. The Exchange 2003 server then redirects my request to the appropriate server that stores the data. As Figure 3.4 shows, Exchange 2003 has redirected the request to the server that holds a replica of the OWATEST folder. Figure 3.4 Exchange 2003 redirected request

Mailboxes work similarly. By default, Exchange 2003 and IIS servers make a quick check to see which server holds the data, and then redirects the client. It doesn’t matter how you create the folder.

n Note The preceding paragraphs describe default behavior for Exchange 2003 and Exchange 2000, none of which depends upon Front-End Services or any special functionality.

An interesting aspect of this functionality is that you can have a single internal namespace for email and route users to their mail server automatically. In other words, an internal DNS alias of MAIL can route to a single Exchange 2003 server – and that server will automatically redirect the user to his or her appropriate mail server. In an environment with fast links, you could even consider DNS round-robin or some other way to provide DNS lookup for the server. Again, this approach is default behavior for Exchange 2003 and Exchange 2000.

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 39

Front-End Exchange Servers Now let’s talk about front-end servers. After you’ve installed your second Exchange 2003 server in the organization, you can choose to turn it into a front-end server. No additional settings are involved for a front-end server. An Exchange 2003 server is either a front-end server or a “regular” server – usually referred to as a back-end server when a front-end server is present. Making an Exchange 2003 server a front-end server is one of the easiest things you’ll ever do. Open the MMC Exchange System Manager snap-in and expand the Servers node under your Exchange organization’s name. Right-click the server you want to convert to a front-end server and select This is a front-end server, as Figure 3.5 shows. Click OK and reboot the server to complete the transition. In this case, I right-clicked Server1 and selected This is a front-end server. Figure 3.5 Converting an Exchange server to a front-end server

Brought to you by Quest Software and Windows & .NET Magazine eBooks 40 The Expert’s Guide for Exchange 2003

n Note Making a server a front-end server prohibits that server’s access to the local stores for mailbox or public folder information. Fortunately, it’s easy to change the server role back.

So what have I done? By designating a server as a front-end server, I’ve instructed that server to no longer refer me to a server that holds requested information. The front-end server performs the same lookups as before, but now it also handles authentication and all communications with the back-end server. Let me demonstrate. First, I try to open the OWA session from the front-end server, as Figure 3.6 shows. Figure 3.6 Using the front-end server

In a front-end server test, the front-end server doesn’t redirect me to the appropriate back-end server. Instead, I’m “proxied” to the appropriate mailbox or public folder server. I enter the same information as before. However, this time, I’m prompted for a password, as the dialog box in Figure 3.7 shows. Figure 3.7 Front-end server password prompt

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 41

n Note Front-end servers understand only basic authentication and always prompt for a password – even if you already have a token in memory. So if you have an in-house application and don’t want to prompt the user for authentication, don’t use front-end servers.

Next, instead of redirecting me to the appropriate Exchange Server, the front-end server acts like the back-end server it found. Notice in Figure 3.8 that the Address bar shows an Exchange directory on Server1. Figure 3.8 OWA session appearing to come from the front-end server

Brought to you by Quest Software and Windows & .NET Magazine eBooks 42 The Expert’s Guide for Exchange 2003

As you see in the Address bar, the OWA session appears to come from the front-end server, Server1 – although the mailbox is actually on another Exchange 2003 server. As I mentioned before, Exchange servers search AD to find Exchange objects. In a typical situation, the server that actually holds the data instructs the referring server to redirect the client. However, front-end servers are directed to respond as if they held the data. To illustrate, I’ve included a packet trace I performed in the lab while a client requested an OWA session from the front-end server. I started the process that Figure 3.9 shows by accessing http://server1/exchange from Internet Explorer (IE). Figure 3.9 OWA session request packet trace

In this case, the client’s mailbox was on ServerA. First, the client performs a DNS lookup for Server1.bryant.com. The response arrives, and the client then performs a GET request for an OWA session. (Remember that Server1 is the front-end server.) The front-end server uses DNS to find the Global Catalog (GC) server. After the front-end server finds the GC server, it queries the AD to determine the mailbox server for the request.

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 43

After the front-end server finds the appropriate back-end server, the front-end server begins to echo the client requests verbatim to the back-end server. The mailbox back-end server responds with information for the client, as Figure 3.10 shows. Figure 3.10 Front-end and back-end servers responding to a client request

n Note Another key component that lies at the heart of Exchange 2003 is Web-based Distributed Authoring and Versioning (WebDAV). WebDAV, a series of extensions of HTTP, is a protocol standard for performing basic file system operations across the Web. Because WebDAV is based on HTTP, it’s an excellent way to code through firewalls. When used in conjunction with XMLHTTP, WebDAV can also define the XML post data structure. OWA for Exchange 2003 is a prime example of this combination.

A front-end server is designed to reroute Internet protocols to the appropriate back-end servers. HTTP, POP, and IMAP sessions are directed to the front-end server(s), then proxied to the appropriate back-end or mailbox server located within the corporate network. (SMTP is handled a little

Brought to you by Quest Software and Windows & .NET Magazine eBooks 44 The Expert’s Guide for Exchange 2003 differently in that the messages are spooled locally on the front-end server, then routed internally.) This layer of protection helps isolate the production mail servers and their data from the Internet, as Figure 3.11 shows. Figure 3.11 Front-end server protection layer

Internet

Exchange Trucks.com SportsCar.com SUV.com Other Sites

SMTP POP IMAP HTTPS Front End Servers

Exchange Exchange

Other Sites Main Site

A front-end server doesn’t “care” where a request originates. Its sole task is to proxy the requests. The front-end server will look in AD to find the source you’re requesting and proxy the request to that server on your behalf. Essentially, the front-end server has no inherent load-balancing characteristics nor can it provide your mail if your mail server is unavailable. In short, front-end servers let you consolidate your inbound Internet protocols and help simplify and secure your Internet messaging. By reducing the number of inbound ports, you make your environment more secure and easier to manage. Moreover, you can leverage these central servers on behalf of other corporate-wide features such as Outlook Mobile Access and even remote procedure call (RPC) over HTTP.

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 45

Front-End Servers and Performance Interestingly, front-end servers offer little performance gain apart from offloading Secure Sockets Layer (SSL) from the back-end servers. As you saw in the protocol traces, the front-end server must be able to find your internal DNS Server, an AD domain controller (DC), and a GC for your domain. The front-end server uses these tools to locate and communicate with the back-end servers. So, what exactly does a front-end server offload from back-end servers? • Authentication – As I mentioned previously, front-end servers support only basic authentication. If you use SSL, the front-end server will handle SSL. SSL adds overhead to transactions. In most cases, SSL doubles or more than doubles the processor use on the server and the amount of data sent over the wire, so offloading this overhead is helpful. • Controls – Your custom applications will use a set of tools or controls for the client. The front-end server acts as an IIS server and provides the controls you specify to the HTTP client.

Although a front-end server doesn’t hugely lighten the load on back-end servers, it lessens the load somewhat. You can see the degree to which the back-end server’s load is lightened in the performance comparison snapshot that Figure 3.12 shows. Figure 3.12 Back-end server performance with and without front-end servers

The peak on the left in Figure 3.12 was generated when a client entered http://server2/exchange directly to access mail. The peak on the right was generated when the client entered http://server1/exchange and accessed data on Server2 through the front-end server. As you can see, the load on the back-end server is slightly lower when access occurs through the front-end server.

Balancing Front-End and Back-End Servers Based on this data, routing clients through a front-end server doesn’t dramatically reduce the load on the back-end servers. In most cases, the bottleneck continues to be the back-end servers.

j Tip The overall recommendation to provide a good balance is one front-end server to four back-end servers.

Brought to you by Quest Software and Windows & .NET Magazine eBooks 46 The Expert’s Guide for Exchange 2003

As a general rule, add back-end servers as you typically would to overcome capacity issues on the mail servers. Add front-end servers to provide redundancy to the browser clients and to add a single namespace. Keep in mind the following six points about Exchange 2003 front-end servers: • Front-end servers use basic authentication, so users will always be prompted for a password. • Front-end servers do nothing with Messaging API (MAPI). Your Outlook clients gain nothing from the introduction of a front-end server • Front-end servers require quite a bit of network access, including access to the internal DNS and GC servers and the ability to communicate directly with the Exchange back-end servers. •Microsoft and security professionals highly recommend (many consider it a requirement) that you require HTTP Secure (HTTPS) for POP, IMAP, and HTTP traffic to protect not only the data, but most importantly the logon credentials. I’ll cover such security topics in more detail in later chapters. • By default, Kerberos secures the channel between the front-end and back-end servers. If you’ve installed Microsoft SharePoint Portal Server or another program that might have disabled Kerberos support, you should look at the following Web page, which shows you how to correct the situation: http://www.microsoft.com/exchange/support/e2k3owa.asp •You can implement Windows Network Load Balancing (NLB also formerly known as WLBS) to help balance the load on front-end servers. With Windows NLB, you can put a collection of front-end servers into place to centralize all the inbound Internet protocols for a division or entire company. Consolidating Servers How many mailboxes can you put on a single Exchange 2003 server? That question is at the heart of any Exchange project, and the answer depends on your service level agreements (SLAs) and uptime requirements explicitly defined or implied. If your current backup and restore procedures can handle 50GB per hour and you have a maximum downtime window of 8 hours, each Exchange server should hold no more than 400GB of data. When the server load gets beyond that point, you can reduce mailbox sizes, increase the allowed downtime in your SLA, or allocate a new server. Storage Space and Recovery More than anything else, storage space and recovery determine the number of servers you need. Outlook clients (including Outlook Express and OWA) don’t create heavy CPU use on servers. LoadSim is an excellent tool you can download to stress-test your servers with Outlook traffic. You’ll see rather quickly that a single Exchange server (even Exchange 5.5) can handle thousands of users. Be careful that you consider both current capacity and capacity trends so that your environment can handle anticipated growth rates in messaging quantity, messaging volume and message sizes for a given period of time into the future. If you plan to increase quota limits in the near future make sure you take that into consideration, as well. On quite modest equipment with dual processors, you can successfully simulate thousands of users with ease. HP and Dell both have some excellent hardware guides for Exchange that can help you identify the type of hardware you need for specific server types and numbers of Outlook users. I/O is much more important to Exchange, so that will likely be your primary concern.

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 47

Configuration and Memory For configuration and memory, you need to specify enough disk space to handle the data you plan to store or spool. To begin with, avoid placing different types of programs and their data on the same set of disk-drive spindles as Exchange components. Exchange database reads are random, so a RAID array constantly moves the drive heads to seemingly random spots on the platters to find data. At the same time, the database transaction logs (not to be confused with the message tracking logs) are being written sequentially. Different applications place different requirements on the drives and thus contend for them, which creates potential delays for all the programs that share the drive. Given the way the overall process works, you face two concerns. First, because transaction logs are deleted every night, drive fragmentation occurs. If your database is on the same drive (which is a very bad practice and not recommended), you’ll probably experience a very fragmented Exchange Store. Second, because the spindles in the arrays can spin only so fast and the drive heads can occupy only one position at a time, a heavily accessed database will contend with transaction log writes. The result could be a slower operating environment, with Outlook users experiencing pauses while Outlook opens folders or individual items. If you expect heavy or frequent database access (e.g., if you have 500 to 1000 users), consider locating your Exchange databases and their transaction logs on completely different (and dedicated) arrays. Moreover, if your consolidation plan shows that you need to run multiple databases and storage groups on your server, consider a mirrored array for each set of storage group transaction logs and a striped array for the databases in one storage group. Depending on the size of your Exchange databases and expected activity, you might even want to consider placing each database on a dedicated array. Memory and processor specifications are easy to define and plan for. Exchange Server will use as much memory as you install. By caching as much data and as many processes as possible, Exchange Server can reliably service thousands of simultaneous users on a server with as few as two Pentium II (or better) processors.

j Tip You’ll find two exceptions to the preceding rule of thumb for Exchange Server service ratios: OWA servers that support SSL and Exchange application servers that regularly initiate complicated events might need more processing power.

Mailbox Consolidation Concerns The next question you need to answer is whether you want to run all of the mailboxes from one server (or a few servers). Although you probably could reduce your entire Exchange organization to a few servers, you might not want to. The following factors affect this decision: •Foreign mail connectors – The Lotus Notes Connector, for example, should be run on a separate server because you’ll need to install a Notes client and will probably need to reboot the server more often than an ordinary mailbox server.

Brought to you by Quest Software and Windows & .NET Magazine eBooks 48 The Expert’s Guide for Exchange 2003

• Remote offices – Companies with slow WAN links to remote offices will probably require an additional server – at least for the larger remote locations. Later in this book, we'll describe the savings gained by using Outlook 2003 in cached mode with Exchange 2003 mailbox servers. While this will certainly affect the decision to place servers in smaller locations, the larger remote locations will likely still need a local server to expedite the delivery of local messages with large attachments and to help reduce the impact to the WAN link for large populations of mailbox users. •“Putting-all-your-eggs-in-one-basket” concerns – IT Managers (and administrators) are sometimes skeptical about placing all resources on one or just a few servers. Creating Server Redundancy Although this chapter is about consolidation, the need for redundancy sometimes outweighs the need for consolidation. So how can you create redundancy in an Exchange network and still keep it as consolidated and cost-effective as possible? Let’s consider three widely used options: spreading the load, clustering, and deploying high-availability servers.

Spreading the Load By placing your connector servers on dedicated equipment and placing the mailbox databases on separate Exchange 2003 servers, you can mitigate some of the risk associated with server failure or database corruption. Should a server fail because of hardware or software issues, the services on that machine alone would be affected. Although such a configuration lets you use cheaper servers because capacity is kept low, licensing and administration costs often make this configuration less desirable.

Clustering Clustering is often initially considered the “silver-bullet” for protection and redundancy in a design that has fewer servers. Microsoft Clustering Services requires that similar machines share a common data storage device, such as a Storage Area Network (SAN) or external drive array. Each server runs a local set of drives for the OS and uses the external device for the database stores and transaction logs, as Figure 3.13 shows.

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 49

Figure 3.13 Microsoft Clustering Services configuration

Active Node A Active Node B Active Node C Passive Node D

C:\ C:\ C:\ C:\

G:\ H:\ I:\ J:\ K:\ L:\

DB1 LOGS1 DB2 LOGS2 DB3 LOGS3

Shared storage clusters rely on shared drives to store the Exchange log files and the databases. Many External SCSI and Fibre Channel arrays support this configuration, as do many SANs. In March 2004, Microsoft announced support for the iSCSI interface, which might eventually support clusters as well. If one server should fail, the other server can load the databases and continue to service clients as the failed server. The switchover from one node to another could take several minutes depending on the size and fragmentation of the Exchange databases. An active/active configuration (in which both servers are typically live and sharing the load) has a practical limit of roughly 3000 active MAPI sessions. In an active/passive configuration (in which only one server at a time is live), the number of concurrent sessions has no practical limit. Exchange 2003 also offers you the ability to mix the configurations: Options such as active/active/active/passive are available. In fact, Exchange 2003 has added support for up to 8-node active/passive clusters if you use Windows Server 2003 (Windows 2003) Enterprise Edition or Win- dows 2003 Datacenter Edition. Clustering for Exchange lets you load databases from one node onto another node in case of failure. Some Exchange features (e.g., the foreign-mail connectors) and many third-party Exchange add-ons are not cluster-aware or only active/ passive aware. In addition, because a clustered server runs its own OS and applications, it’s subject to separate licensing. You must license both Windows 2003 Advanced Server and Exchange 2003 Enterprise. Furthermore, you must purchase antivirus software, antispam software, management tools, and agents for each node.

Brought to you by Quest Software and Windows & .NET Magazine eBooks 50 The Expert’s Guide for Exchange 2003

Deploying High- or Continuous-Availability Servers The concept of fault-tolerant servers isn’t new. Digital Equipment (DEC) and the inheritors of that fault-tolerance knowledge, then Compaq and now Hewlett Packard (HP), as well as IBM, have been building fault-tolerant solutions for more than a decade. Many companies still run critical business applications on dedicated IBM, Hitachi, and other non-Intel-based server equipment. These platforms use redundant I/O modules, processor and memory modules, and other redundant hardware within the same system. Failed components are taken offline; their processes are re-routed before anyone is aware of a problem. The same level of protection is now available on the Windows platform. You may want to explore fault-tolerant options in your research. For example, when I first encountered a Stratus FT Server in 2001, I was surprised how well it worked. NEC has purchased and improved upon the Stratus technology, which makes the company’s high-availability servers well worth a look. Consolidating Mailbox Servers Regardless of the approach you take to fault tolerance, you’ll be able to reduce your server count with Exchange 2003. You’ll also find the consolidation process has improved. For years, Exchange management tools have let you move mailboxes from server to server, but Exchange 2003 offers some advanced features that make the job faster and more reliable. Moreover, you can now script moving mailboxes.

Move Mailbox Tool The new Move Mailbox tool is multi-threaded, so you can move multiple mailboxes at the same time. The number of threads is based on the number of mailboxes you move, so don’t be disappointed if you see only a single migration thread when you move small batches of mailboxes. You can expect performance of roughly 1GB per hour, depending on what your underlying infrastructure will support. In addition to its performance improvements, you’ll notice that the migration tool offers support for error logging and automatically leaves the old mailbox intact should corruption or other errors occur during the migration. Initial screens give you the option of instructing the tool to skip corrupted items and continue or skip the mailbox in which corrupted items occur entirely. The tool generates a report at the end of the migration to detail which mailboxes it moved and to identify any errors it encountered. Because of its “roll-back” support, you can now let the tool run on a schedule or let a script initiate it. Let’s say that you decide to balance the load on two servers manually, but you don’t want to move mailboxes to accomplish that purpose during the day. You can schedule the move to occur at night, while the users (and you) are asleep. Any errors that occur during the migration would result in problematic mailboxes not being moved or moved with any corrupted items skipped. When you move mailboxes, keep the following factors in mind: • You’ll lose the single instance store. Moving mailboxes results in items being copied, so be prepared for the data stores to grow larger than the size of the Exchange database .edb file. You can easily estimate the necessary space by looking at the Mailbox resources of the source mailboxes before the move. Exchange System Manager (ESM) lets you export the Mailbox resources page so you can bring the numbers into Microsoft Excel and calculate totals.

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 51

• You can move mailboxes while users are logged on. The Move Mailbox tool is pretty clever in that it runs two passes. The first pass copies email items from the source server and begins populating the target server. The migration tool then collects the deltas before it deletes the mailbox on the source. Although you can move email messages while users are connected to Outlook, they’ll have to re-launch Outlook to get their email messages. • Outlook clients will automatically correct the Outlook profile upon launch. After mailboxes are moved, users need only launch Outlook to find the new server. All other mailbox settings are retained. (Note that this is dependent on the original mailbox server remaining online until Outlook has connected once.) • The Move Mailbox tool works for certain moves only. To move from server to server in the same Admin Group, you need only to use the ESM console to make the moves. Outlook clients will automatically be redirected to the correct server. If you need to move the mailbox across admin groups and the source server is Exchange 2000 or Exchange 2003, then the organization must be set to Native mode. If you're moving from one admin group to another and the source server is Exchange 5.5, you'll need to use the ESM from Exchange Server 2003, SP1 and use the Outlook profile modification tool to change the Outlook profile to the new server. • Streaming content will be promoted to the Rich Text Store as part of the migration. As mailboxes are moved from Exchange 2000 or Exchange 2003, any content in the streaming store (.STM file) will be promoted to the rich text store (.EDB) of the Exchange database prior to being moved. This means that native storage is “lost” as part of the move mailbox process, and your resulting .EDB files will be much larger on the target server than they were on the source server. Consolidating Sites Most remote Exchange servers exist to meet performance requirements. Outlook clients and even OWA clients haven’t been terribly efficient on the wire. In other words, they put a lot of information on the network. Some lab testing I did in 1999 showed that just launching Outlook 97 created more than 100KB of network traffic. The numbers associated with Outlook 2003 – when used in conjunction with Exchange 2003 – are substantially better due to compression and the new cached mode. I’ll discuss client-server performance numbers in detail in Chapter 6, but the bottom line is that you can retire many of those remote servers. Outlook 2003 and Exchange 2003 now offer better options for slow networks, and Microsoft has made dramatic improvements in compression, caching directory lookups, and Outlook client performance. If you deploy Exchange 2003, you can take either of the following approaches to collapsing your remote sites. You can • collapse remote sites before you deploy Exchange 2003. This scenario closely resembles the organizational move described in the following text because you’ll have to “brute force” copy the mailboxes over with ExMerge, the Exchange Migration Wizard, or third-party tools. Because the mailboxes you move will basically be new mailboxes, you’ll lose distribution list membership along with delegate information. In addition, rules probably won’t function, and you’ll need to create a new Outlook profile for the client machine and configure it to point to the new server. The mobile users will be affected the most as the OST files will need to be rebuilt and the offline address books will need to be downloaded new.

Brought to you by Quest Software and Windows & .NET Magazine eBooks 52 The Expert’s Guide for Exchange 2003

•collapse remote sites after you deploy Exchange 2003. In this scenario, the migration will be more like the mailbox moves I’ve already discussed except for the latency associated with the slow link. You’ll probably need several nights of moving mailboxes to get remote users onto the central server. • you could also decide to collapse the sites as you move. This would not result in a “double” migration. Personally, I have found it best to break these steps up into separate small projects in order to ensure focus on the moves.

ExMerge is an efficient, multi-threaded migration tool that can access mailboxes on a source server and import the data into personal folder store (PST) files and ultimately onto a target Exchange server. Before you can use ExMerge on Exchange 2003 and Exchange 2000 systems, however, you’ll need to create an account that has permissions to the mailboxes you intend to populate. See http://support.microsoft.com/default.aspx?scid=kb;en-us;823143&product=exch2003 for detailed information about the necessary configuration settings. You need to get to know ExMerge because you’ll use it more and more with Exchange Server. In fact, it’s the tool you’ll use to extract a single mailbox or item from an Exchange database restore. You’ll find the tool on the Exchange 2000 Service Pack 2 (SP2) CD-ROM, but I recommend that you get the most current version directly from Microsoft’s Exchange site. As you collapse your remote sites, you would use ExMerge to connect to the source server, select the mailboxes you want to copy, and select the target server. ExMerge can then migrate items – Mail folders, Drafts, Sent Items, Calendar, Tasks, Contacts, and every folder created in the mailbox – from the source mailbox to the target server. You’ll need to rebuild any connector information on the central server. For example, you would need to replace a fax gateway, voicemail connector, or Blackberry service. For most remote locations, you could conduct the migration overnight by preloading the redundant gateways, public folders, distribution groups, and contacts before moving the mailboxes. Consolidating Your Exchange Organization Merging Exchange organizations has, unfortunately, become more complex since Exchange 2000, because you now must deal with AD and the security accounts, as well as email and public folders. (In an Exchange 5.5 environment, you can use Microsoft’s InterOrg synchronization tool from the Microsoft BackOffice Resource Kit, Second Edition.) As you consolidate fairly current Exchange organizations, such as those that involve Exchange 2003 or Exchange 2000 (or a mix of the two), no single wizard helps you perform all the necessary changes and additions, so you must use several or look for third-party tools that offer an all-in-one solution. The rest of this chapter describes a process for consolidating Exchange 2003 and Exchange 2000 organizations. The process lets you keep your old and new systems running until the final merging. Because you can roll back if necessary, you don’t have to worry about a “point of no return” in the process of moving hundreds of users at once. Consolidating Exchange 2003 and Exchange 2000 Organizations First, you need to understand the nature, scope, and risks of the task you’re tackling as you collapse one Exchange organization into another. You’ll be copying mailboxes, Public Folders, Distribution

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 53

Lists, and Contacts from one Exchange organization into the other. You’ll need to change Outlook profiles manually or through a script to direct the users to the new server. Several functions won’t work correctly after the merge. For example, all offline users will need to create a new offline folder store (OST) file and download a new copy of the Offline Address Book(s). Delegate information won’t carry over smoothly – if at all. Mailbox rules probably won’t function correctly. Also, replies to existing messages might fail if you don’t exercise great caution during the migration. It is very important that the old mail proxy addresses for the users are migrated from the old organization to the new organization. When a person replies to a message, the old X.400 or X.500 and, in some cases, the SMTP address will be used to address the message. The Exchange Migration Wizard will bring these over, as will third-party tools. Finally, you’ll probably need to delete the nickname files that the Outlook client keeps. For most companies I work with, the migration is worth the risk because a single organization is much more flexible and offers better collaborative functions than two organizations. Tools for Merging Exchange Organizations The easiest way to merge two Exchange organizations is to purchase migration tools from such vendors as Quest Software (including migration solutions from recent acquisitions of Aelita Software and Discus Data Solutions) or NetIQ. The capable tools these companies offer are all-in-one, and they let you perform the migration with few manual steps. Moreover, these third-party tools let you handily undo tasks, and they offer detailed reports about the migration. You can migrate accounts and change Outlook profiles with ease. For those who lack the budget for a third-party tool, the following text provides a step-by-step walk-through with Microsoft tools and some light scripting. Administrators who are considering purchasing a third-party tool will also benefit from a better understanding of the tasks involved.

Using the Exchange Migration Wizard If you plan to merge Exchange organizations without third-party tools, you’ll probably use the Microsoft Exchange Migration Wizard. With this most recent version of one of my favorite tools, you can migrate Exchange 2003 and Exchange 2000 mailboxes to Exchange 2003 servers in different organizations. The wizard also creates any necessary AD accounts in the target directory, including most of the old attributes, such as the SMTP addresses. However, the wizard doesn’t address everything. For example, because the wizard is single-threaded, no matter how many mailboxes you migrate (e.g., 100), they’ll move one at a time until the migration is complete. To get the mail moved over, I run the Exchange Migration Wizard and copy the mailboxes. One strength of the Exchange Migration Wizard is its ability to match up the accounts before committing to migrating any email messages. One of the final screens in the wizard lets you view the account matches and change the mapping if necessary. If you have few mailboxes to move and have already created the accounts, follow the wizard’s screens and move the mail.

Copying Public Folder Data The next step – copying public folder data – involves a combination of several tools as well as a few custom applications. First, you need to capture the current public folders. To do so, put together a workstation (or two) with the following configuration: Windows 2000 or Windows NT, Outlook 97 or

Brought to you by Quest Software and Windows & .NET Magazine eBooks 54 The Expert’s Guide for Exchange 2003 later, network access to your public folder server, and access to the public stores on the source and target servers. In addition, install on the workstations the PFAdmin tool from the \exreskit\tools\pftools\pfadmin directory on the Microsoft Exchange 2000 Resource Kit CD-ROM or download it from the Exchange 2003 site at Microsoft. In a nutshell, you need to create a text file that lists the ACLs on each folder. You’ll use this information later to restore the permission settings. Refer to the exchtool.chm file located in the Help folder on the CD-ROM for detailed instructions about the PFAdmin tool. After you run the Listacl command to generate the list, you can begin copying the public folder data. Use an Outlook client and your administrator account to systematically copy each of the folders in the public folder tree to a local PST file. I recommend that you keep the PST file size less than 1 GB for stability and performance reasons. Depending on the size of your public store, you might need to use Outlook sessions on several machines to copy the data in a timely fashion. In large migrations, I’ve used as many as 20 computers to capture the public folder store among several PST files.

Copying the Organizational Forms Library Now, back up the organizational forms library – if such a library exists – on the server. With one of the Outlook sessions, create a new folder in the PST named Backup Forms. Right-click the folder, select Properties, then select the Forms tab. Select Manage to open the Forms Manager screen. If you have permissions to the organizational forms libraries, you should be able to select it from the left pane and view the available forms. Select all the forms on the left and click Copy in the center of the window to copy the forms to the PST. After the copying process is complete, close any open PST files and close Outlook. Upload the PSTs into the target public folder system. After the upload is complete, use the PFAdmin information to reset the folder permissions on the newly created folders. If you follow the instructions in the exchtool.chm Help file, you can export the ACLs into a text file, manipulate the file, and then import the ACLs into the new structure. Finally, make sure you have permissions to the new organizational forms library and upload the forms you copied to the PST as before.

Copying Contacts from One Organization to Another To collect the distribution group membership on the source domain, we can use the LDIF export function to collect the SMTP address and names from the source AD. Launch the following command from a batch file: ldifde -m -f collect.txt -r "(&(objectClass=contact)(mailnickname=*))" -l "displayname,objectclass,mailnickname,proxyaddresses,targetaddress" The result of this command will be a file named collect.txt that contains the field specified in the command: dn: CN=Jason Sherry,OU=USERS,DC=oldcompany,DC=com changetype: add displayName: Jason Sherry mailNickname: JSherry objectClass: top

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 55

objectClass: person objectClass: organizationalPerson objectClass: contact proxyAddresses: SMTP:[email protected] proxyAddresses: X400:c=us;a= ;p=First Organizati;o=Exchange;s=Jason Sherry; targetAddress: SMTP:[email protected] You'll need to change this file so that all references to the old forest are replaced with references to the new forest. Actually, there should be only one change per entry: dn: CN=Jason Sherry,OU=USERS,DC=newcompany,DC=com changetype: add displayName: Jason Sherry mailNickname: JSherry objectClass: top objectClass: person objectClass: organizationalPerson objectClass: contact proxyAddresses: SMTP:[email protected] proxyAddresses: X400:c=us;a= ;p=First Organizati;o=Exchange;s=Jason Sherry; targetAddress: SMTP:[email protected] After your change is complete, execute the following command to import these contacts into the new AD: ldifde -i -f collect.txt Pretty easy, huh? Be sure to watch the status of the import because LDIF does not work well with duplicates. If the contact already exists, or if the import fails on an entry, the whole import stops. At that point, you can either delete the successful entries from the collect.txt file and start again or remove all the entries and re-run the import phase. Also, if you need more fields than I have provided in this example, use ADSI Edit to see the name of the field you wish to add, and then make the change to the export command.

Collecting Group Distribution Membership To collect the distribution group membership on the source domain, use the LDIF export function to collect the SMTP address, group name, and members from all mail-enabled groups in the source AD. To collect this information, launch the following command from a batch file: ldifde -m -f collect.txt -r "(&(objectClass=group)(mailnickname=*))" -l "displayname,objectclass,member,mailnickname,proxyaddresses,targetaddress" You can then modify the resulting file to import the information into the new AD structure. First, you'll need to change all references to the old AD information:

Brought to you by Quest Software and Windows & .NET Magazine eBooks 56 The Expert’s Guide for Exchange 2003

Before: dn: CN=Sales Team,OU=USERS,DC=oldcompany,DC=com changetype: add displayName: Sales mailNickname: All-Sales objectClass: top objectClass: group proxyAddresses: X500:/o=First Organization/ou=First Administrative Group/cn=Recipients/cn=All- Sales proxyAddresses: SMTP:[email protected] proxyAddresses: smtp:[email protected] proxyAddresses: X400:c=us;a= ;p=First Organizati;o=Exchange;s=All-Sales; After: dn: CN=Sales Team,OU=USERS,DC=newcompany,DC=com changetype: add displayName: Sales mailNickname: All-Sales objectClass: top objectClass: group proxyAddresses: X500:/o=First Organization/ou=First Administrative Group/cn=Recipients/cn=All- Sales proxyAddresses: SMTP:[email protected] proxyAddresses: smtp:[email protected] proxyAddresses: X400:c=us;a= ;p=First Organizati;o=Exchange;s=All-Sales; Later, the import file will contain the actual member list that is added after the initial list is imported. The same changes will be needed in those entries as well:

Before: dn: CN=Sales,OU=USERS,DC=oldcompany,DC=com changetype: modify add: member member: CN=Phil George,OU=USERS,DC=oldcompany,DC=com After: dn: CN=Sales,OU=USERS,DC=newcompany,DC=com changetype: modify add: member member: CN=Phil George,OU=USERS,DC=newcompany,DC=com

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 57

A good search and replace should knock all these out in one step. It is also important to understand that my references here are with all the users in the default USERS OU for both the source and target AD structures. The collect scripts will find the entries no matter the OU, but the target scripts will work much better if you can place all the entries in a single OU. If not, you'll need to make sure the import text file has the correct target OU listed for each account or contact. Completing the Consolidation At this point, it might seem as if the most difficult parts of a large project are behind you. However, the fun has just begun. In many cases, the server parts of consolidation are the easiest because you can plan for most contingencies and work on the weekends or late at night. However, other key aspects of the project are user acceptance and the overall smoothness of the transition from the users’ perspective. For example, when you move Exchange mailboxes from one organization to another (or site to site in an Exchange 5.5 environment), you’ll lose several functions, including Folder Agents, Folder Assistants, and Rules (you can copy server-based Inbox Rules by using ExMerge 2000 to move the mailboxes, but not client-based rules), Delegate Rights and Settings (both client and host), and OST. The migration will affect Notebook users the most because they’ll need to recreate all previous OST and Outlook profile settings. This recreation process could mean some pain for Notebook users who need to resynchronize over a slow link. When you plan your consolidation, keep the impact on users in mind. You should create a new Outlook profile for every user you move. You might be tempted to reuse the old Outlook profiles and just change the server name. However, if you take this route, you’ll experience problems later on because reminders will often break and links to the contacts folder as an address book often do not work properly. Bite the bullet and create new profiles. You should probably leave the old ones intact to manually copy any settings the profiles might contain, such as PST file use. You can create the new profiles with an assortment of tools (e.g., the Office Profile Wizard). You can also script the creation of an Outlook profile by adding just a few registry keys to the client’s machine. And you can find third-party tools to help you create profiles programmatically. Here is the .REG file (Figure 3.14) you need to create if you wish to programmatically create new ones for the clients. You'll need to change the NEWSERVER name to match the name of your target server and replace newserver.company.com with the DNS name of your server. This registry file will work on Windows NT, Windows 2000, Windows XP, and Windows Server 2003 machines – and it will work for any version of Outlook.

Brought to you by Quest Software and Windows & .NET Magazine eBooks 58 The Expert’s Guide for Exchange 2003

Figure 3.14 Example .REG File Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files] "DefaultProfile"="NEWSERVER Profile"

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile]

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\0a0d020000000000c000000000000046] "000b0340"=hex:00,00 "000b0413"=hex:01,00 "000b0412"=hex:01,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\1018e8b4de806342b370f3d513f342ec] "001f300a"=hex:63,00,6f,00,6e,00,74,00,61,00,62,00,2e,00,64,00,6c,00,6c,00,00,\ 00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,36,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\ 45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "00033e03"=hex:23,00,00,00 "001f3006"=hex:4f,00,75,00,74,00,6c,00,6f,00,6f,00,6b,00,20,00,41,00,64,00,64,\ 00,72,00,65,00,73,00,73,00,20,00,42,00,6f,00,6f,00,6b,00,00,00 "01023d0c"=hex:7e,9c,76,23,9d,87,99,45,9f,ee,f1,a7,1d,fd,13,3c "001f3d09"=hex:43,00,4f,00,4e,00,54,00,41,00,42,00,00,00 "001f3001"=hex:4f,00,75,00,74,00,6c,00,6f,00,6f,00,6b,00,20,00,41,00,64,00,64,\ 00,72,00,65,00,73,00,73,00,20,00,42,00,6f,00,6f,00,6b,00,00,00 "00033009"=hex:00,00,00,00 "01026601"=hex:40,d7,e9,2a,74,ea,74,4b,95,c6,3b,db,ba,84,1d,9e

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\13dbb0c8aa05101a9bb000aa002fc45a] "00036661"=hex:00,00,00,00 "00036600"=hex:01,05,00,00 "00036601"=hex:84,01,00,00 "00036605"=hex:03,00,00,00 "00036604"=hex:02,00,00,00 "01023d0c"=hex:d8,9f,f0,41,33,50,43,46,a8,08,96,6b,8a,a2,66,68 "01023d01"=hex:a1,0c,b5,60,87,42,10,4c,85,35,74,c1,b6,64,29,17 "01023d00"=hex:52,54,12,9a,86,7d,1e,49,bf,89,37,20,8f,13,5a,06,52,21,21,b7,57,\ 9c,ad,4f,81,59,65,48,19,63,97,7e "01023d02"=hex:67,d9,62,f7,03,62,04,4d,93,d9,f4,aa,3a,b5,c3,e3,f1,0b,18,7c,fe,\ 97,20,43,87,dc,7d,32,ba,b3,d1,60 "001e6750"="NEWSERVER Profile" "001e6608"="NEWSERVER.company.com" "001f662a"=hex:6e,00,73,00,31,00,30,00,31,00,37,00,2e,00,73,00,73,00,73,00,69,\ 00,2e,00,73,00,65,00,61,00,67,00,75,00,6c,00,6c,00,2e,00,6e,00,6c,00,00,00 "00036606"=hex:00,00,00,00 "00036619"=hex:09,00,00,00 "110265e0"=hex:0f,00,00,00,1e,00,00,00,7c,00,00,00,43,00,00,00,9c,00,00,00,43,\ 00,00,00,e0,00,00,00,43,00,00,00,24,01,00,00,43,00,00,00,68,01,00,00,43,00,\ 00,00,ac,01,00,00,43,00,00,00,f0,01,00,00,43,00,00,00,34,02,00,00,43,00,00,\ 00,78,02,00,00,43,00,00,00,bc,02,00,00,43,00,00,00,00,03,00,00,43,00,00,00,\ 44,03,00,00,43,00,00,00,88,03,00,00,43,00,00,00,cc,03,00,00,43,00,00,00,10,\ 04,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,\ 00,00,00,01,00,00,2f,00,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,\

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 59

00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,32,46,32,41,45,34,\ 38,30,38,30,41,39,42,31,34,35,42,37,31,36,41,31,43,34,37,42,36,33,33,45,30,\ 32,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,\ 00,00,00,01,00,00,2f,67,75,69,64,3d,30,45,37,46,46,31,38,32,31,43,37,30,41,\ 30,34,41,39,34,46,42,44,43,45,45,39,34,41,30,41,39,37,46,00,00,00,00,00,00,\ dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,\ 67,75,69,64,3d,42,45,42,45,31,31,34,31,38,46,41,31,35,35,34,35,38,38,32,45,\ 44,42,39,38,32,34,41,33,30,44,42,36,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,\ 1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,42,35,\ 45,42,45,37,34,30,43,34,43,46,30,39,34,32,39,45,45,39,45,34,41,42,37,39,38,\ 33,38,38,37,31,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,\ e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,37,44,38,46,41,41,46,35,42,\ 37,32,36,43,33,34,43,39,31,46,41,43,33,41,42,39,34,34,35,41,43,42,46,00,00,\ 00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,\ 01,00,00,2f,67,75,69,64,3d,42,31,38,43,41,41,33,34,32,31,30,44,38,32,34,43,\ 42,44,45,38,43,46,38,32,43,36,35,31,35,32,30,45,00,00,00,00,00,00,dc,a7,40,\ c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,\ 64,3d,42,37,46,45,38,44,32,31,38,43,38,43,31,32,34,34,41,38,38,36,34,46,37,\ 30,41,30,41,36,38,39,42,32,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,\ 08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,37,31,38,42,45,\ 33,38,30,35,37,43,30,34,38,34,31,38,33,45,43,41,41,30,35,41,42,39,33,31,30,\ 34,33,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,\ 00,00,00,00,01,00,00,2f,67,75,69,64,3d,46,39,43,38,41,31,30,31,32,45,31,43,\ 31,41,34,39,41,39,30,32,33,32,39,30,34,42,44,33,43,32,31,32,00,00,00,00,00,\ 00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,\ 2f,67,75,69,64,3d,44,36,42,41,33,46,43,37,38,30,42,43,38,39,34,45,41,44,35,\ 46,45,46,35,41,30,39,42,44,44,35,45,31,00,00,00,00,00,00,dc,a7,40,c8,c0,42,\ 10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,31,\ 43,37,37,42,43,31,46,43,42,30,39,46,31,34,42,38,46,36,43,30,39,34,36,32,45,\ 38,41,39,36,39,45,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,\ 2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,39,37,42,39,32,33,45,30,\ 35,44,41,32,38,44,34,39,41,38,46,32,39,45,42,35,37,32,35,36,41,36,31,46,00,\ 00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,\ 00,01,00,00,2f,67,75,69,64,3d,42,41,45,39,43,43,41,45,46,45,30,38,39,39,34,\ 34,38,41,39,35,38,35,41,42,46,30,35,37,38,31,38,33,00,00,00,00,00,00,dc,a7,\ 40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,\ 69,64,3d,44,44,35,46,35,43,36,38,35,38,34,45,33,36,34,37,42,37,33,35,44,36,\ 30,30,32,37,42,39,33,45,33,43,00,00 "100365e1"=hex:09,00,00,00,0b,00,00,00,09,00,00,00,09,00,00,00,09,00,00,00,09,\ 00,00,00,09,00,00,00,09,00,00,00,09,00,00,00,09,00,00,00,09,00,00,00,09,00,\ 00,00,09,00,00,00,09,00,00,00,09,00,00,00 "100365e2"=hex:00,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,01,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,01,00,\ 00,00,01,00,00,00,01,00,00,00,01,00,00,00 "100365e3"=hex:00,00,00,00,27,14,00,00,38,14,00,00,37,14,00,00,05,15,00,00,0e,\ 15,00,00,36,14,00,00,5a,14,00,00,0f,15,00,00,11,15,00,00,10,15,00,00,12,15,\ 00,00,13,15,00,00,14,15,00,00,15,15,00,00 "101f65e4"=hex:0f,00,00,00,40,00,00,00,42,00,00,00,66,00,00,00,80,00,00,00,96,\ 00,00,00,b2,00,00,00,ce,00,00,00,e2,00,00,00,00,01,00,00,24,01,00,00,42,01,\ 00,00,62,01,00,00,82,01,00,00,aa,01,00,00,c0,01,00,00,00,00,41,00,6c,00,6c,\ 00,20,00,41,00,64,00,64,00,72,00,65,00,73,00,73,00,20,00,4c,00,69,00,73,00,\ 74,00,73,00,00,00,41,00,6c,00,6c,00,20,00,43,00,6f,00,6e,00,74,00,61,00,63,\ 00,74,00,73,00,00,00,41,00,6c,00,6c,00,20,00,47,00,72,00,6f,00,75,00,70,00,\ 73,00,00,00,41,00,6c,00,6c,00,20,00,52,00,65,00,6c,00,61,00,74,00,69,00,6f,\ 00,6e,00,73,00,00,00,41,00,6c,00,6c,00,20,00,52,00,65,00,73,00,6f,00,75,00,\ 72,00,63,00,65,00,73,00,00,00,41,00,6c,00,6c,00,20,00,55,00,73,00,65,00,72,\ 00,73,00,00,00,50,00,75,00,62,00,6c,00,69,00,63,00,20,00,46,00,6f,00,6c,00,\ 64,00,65,00,72,00,73,00,00,00,53,00,45,00,41,00,47,00,55,00,4c,00,4c,00,20,\ 00,41,00,75,00,73,00,74,00,72,00,61,00,6c,00,69,00,61,00,00,00,53,00,45,00,\ 41,00,47,00,55,00,4c,00,4c,00,20,00,46,00,72,00,61,00,6e,00,63,00,65,00,00,\ 00,53,00,45,00,41,00,47,00,55,00,4c,00,4c,00,20,00,47,00,65,00,72,00,6d,00,\ 61,00,6e,00,79,00,00,00,53,00,45,00,41,00,47,00,55,00,4c,00,4c,00,20,00,49,\

Brought to you by Quest Software and Windows & .NET Magazine eBooks 60 The Expert’s Guide for Exchange 2003

00,72,00,65,00,6c,00,61,00,6e,00,64,00,00,00,53,00,45,00,41,00,47,00,55,00,\ 4c,00,4c,00,20,00,4e,00,65,00,74,00,68,00,65,00,72,00,6c,00,61,00,6e,00,64,\ 00,73,00,00,00,53,00,45,00,41,00,47,00,55,00,4c,00,4c,00,20,00,55,00,4b,00,\ 00,00,53,00,45,00,41,00,47,00,55,00,4c,00,4c,00,20,00,55,00,53,00,00,00 "100365e5"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00 "110265e6"=hex:0f,00,00,00,00,00,00,00,7c,00,00,00,00,00,00,00,7c,00,00,00,43,\ 00,00,00,7c,00,00,00,43,00,00,00,c0,00,00,00,43,00,00,00,04,01,00,00,43,00,\ 00,00,48,01,00,00,43,00,00,00,8c,01,00,00,43,00,00,00,d0,01,00,00,43,00,00,\ 00,14,02,00,00,43,00,00,00,58,02,00,00,43,00,00,00,9c,02,00,00,43,00,00,00,\ e0,02,00,00,43,00,00,00,24,03,00,00,43,00,00,00,68,03,00,00,43,00,00,00,ac,\ 03,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,\ 00,00,00,01,00,00,2f,67,75,69,64,3d,32,46,32,41,45,34,38,30,38,30,41,39,42,\ 31,34,35,42,37,31,36,41,31,43,34,37,42,36,33,33,45,30,32,00,00,00,00,00,00,\ dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,\ 67,75,69,64,3d,32,46,32,41,45,34,38,30,38,30,41,39,42,31,34,35,42,37,31,36,\ 41,31,43,34,37,42,36,33,33,45,30,32,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,\ 1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,32,46,\ 32,41,45,34,38,30,38,30,41,39,42,31,34,35,42,37,31,36,41,31,43,34,37,42,36,\ 33,33,45,30,32,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,\ e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,32,46,32,41,45,34,38,30,38,\ 30,41,39,42,31,34,35,42,37,31,36,41,31,43,34,37,42,36,33,33,45,30,32,00,00,\ 00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,\ 01,00,00,2f,67,75,69,64,3d,32,46,32,41,45,34,38,30,38,30,41,39,42,31,34,35,\ 42,37,31,36,41,31,43,34,37,42,36,33,33,45,30,32,00,00,00,00,00,00,dc,a7,40,\ c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,\ 64,3d,32,46,32,41,45,34,38,30,38,30,41,39,42,31,34,35,42,37,31,36,41,31,43,\ 34,37,42,36,33,33,45,30,32,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,\ 08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,32,46,32,41,45,\ 34,38,30,38,30,41,39,42,31,34,35,42,37,31,36,41,31,43,34,37,42,36,33,33,45,\ 30,32,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,\ 00,00,00,00,01,00,00,2f,67,75,69,64,3d,32,46,32,41,45,34,38,30,38,30,41,39,\ 42,31,34,35,42,37,31,36,41,31,43,34,37,42,36,33,33,45,30,32,00,00,00,00,00,\ 00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,\ 2f,67,75,69,64,3d,32,46,32,41,45,34,38,30,38,30,41,39,42,31,34,35,42,37,31,\ 36,41,31,43,34,37,42,36,33,33,45,30,32,00,00,00,00,00,00,dc,a7,40,c8,c0,42,\ 10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,32,\ 46,32,41,45,34,38,30,38,30,41,39,42,31,34,35,42,37,31,36,41,31,43,34,37,42,\ 36,33,33,45,30,32,00,00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,\ 2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,69,64,3d,32,46,32,41,45,34,38,30,\ 38,30,41,39,42,31,34,35,42,37,31,36,41,31,43,34,37,42,36,33,33,45,30,32,00,\ 00,00,00,00,00,dc,a7,40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,\ 00,01,00,00,2f,67,75,69,64,3d,32,46,32,41,45,34,38,30,38,30,41,39,42,31,34,\ 35,42,37,31,36,41,31,43,34,37,42,36,33,33,45,30,32,00,00,00,00,00,00,dc,a7,\ 40,c8,c0,42,10,1a,b4,b9,08,00,2b,2f,e1,82,01,00,00,00,00,01,00,00,2f,67,75,\ 69,64,3d,32,46,32,41,45,34,38,30,38,30,41,39,42,31,34,35,42,37,31,36,41,31,\ 43,34,37,42,36,33,33,45,30,32,00,00 "000b65ea"=hex:01,00 "000365eb"=hex:01,00,00,00 "010265ec"=hex:69,09,1c,c0,bd,84,ae,47,a9,17,4a,05,26,ac,b4,c4

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\522121b7579cad4f815965481963977e] "001f300a"=hex:45,00,4d,00,53,00,4d,00,44,00,42,00,2e,00,44,00,4c,00,4c,00,00,\ 00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,41,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\ 45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "00033e03"=hex:21,00,00,00 "00033009"=hex:06,18,00,00

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 61

"00036609"=hex:0c,00,00,00 "0003660a"=hex:01,00,00,00 "01023414"=hex:54,94,a1,c0,29,7f,10,1b,a5,87,08,00,2b,2a,25,17 "001f3001"=hex:50,00,72,00,69,00,76,00,61,00,74,00,65,00,20,00,46,00,6f,00,6c,\ 00,64,00,65,00,72,00,73,00,00,00 "001f3006"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,4d,00,65,00,73,00,73,00,\ 61,00,67,00,65,00,20,00,53,00,74,00,6f,00,72,00,65,00,00,00 "01023d0c"=hex:d8,9f,f0,41,33,50,43,46,a8,08,96,6b,8a,a2,66,68 "001f3d09"=hex:4d,00,53,00,45,00,4d,00,53,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\5254129a867d1e49bf8937208f135a06] "00033e03"=hex:21,00,00,00 "001f300a"=hex:45,00,4d,00,53,00,4d,00,44,00,42,00,2e,00,44,00,4c,00,4c,00,00,\ 00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,41,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\ 45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "00033009"=hex:40,08,00,00 "00036609"=hex:06,00,00,00 "0003660a"=hex:03,00,00,00 "01023414"=hex:78,b2,fa,70,af,f7,11,cd,9b,c8,00,aa,00,2f,c4,5a "001f3001"=hex:50,00,75,00,62,00,6c,00,69,00,63,00,20,00,46,00,6f,00,6c,00,64,\ 00,65,00,72,00,73,00,00,00 "001f3006"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,4d,00,65,00,73,00,73,00,\ 61,00,67,00,65,00,20,00,53,00,74,00,6f,00,72,00,65,00,00,00 "01023d0c"=hex:d8,9f,f0,41,33,50,43,46,a8,08,96,6b,8a,a2,66,68 "001f3d09"=hex:4d,00,53,00,45,00,4d,00,53,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\5acf76a3665511cea39a00aa004acafa]

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\67d962f70362044d93d9f4aa3ab5c3e3] "001f3001"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,52,00,65,00,6d,00,6f,00,\ 74,00,65,00,20,00,54,00,72,00,61,00,6e,00,73,00,70,00,6f,00,72,00,74,00,00,\ 00 "001f3006"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,52,00,65,00,6d,00,6f,00,\ 74,00,65,00,20,00,54,00,72,00,61,00,6e,00,73,00,70,00,6f,00,72,00,74,00,00,\ 00 "001f300a"=hex:45,00,4d,00,53,00,55,00,49,00,2e,00,44,00,4c,00,4c,00,00,00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,41,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\ 45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "00033e03"=hex:24,00,00,00 "00036609"=hex:40,00,00,00 "0003660a"=hex:0a,00,00,00 "01023d0c"=hex:d8,9f,f0,41,33,50,43,46,a8,08,96,6b,8a,a2,66,68 "001f3d09"=hex:4d,00,53,00,45,00,4d,00,53,00,00,00 "00033009"=hex:00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\7e9c76239d8799459feef1a71dfd133c] "001f3d0a"=hex:63,00,6f,00,6e,00,74,00,61,00,62,00,2e,00,64,00,6c,00,6c,00,00,\ 00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,36,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\

Brought to you by Quest Software and Windows & .NET Magazine eBooks 62 The Expert’s Guide for Exchange 2003

45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "101e3d0f"=hex:01,00,00,00,08,00,00,00,63,6f,6e,74,61,62,2e,64,6c,6c,00 "001f3d0b"=hex:53,00,65,00,72,00,76,00,69,00,63,00,65,00,45,00,6e,00,74,00,72,\ 00,79,00,00,00 "00033009"=hex:22,00,00,00 "001f3d09"=hex:43,00,4f,00,4e,00,54,00,41,00,42,00,00,00 "001f3001"=hex:4f,00,75,00,74,00,6c,00,6f,00,6f,00,6b,00,20,00,41,00,64,00,64,\ 00,72,00,65,00,73,00,73,00,20,00,42,00,6f,00,6f,00,6b,00,00,00 "01023d01"=hex:10,18,e8,b4,de,80,63,42,b3,70,f3,d5,13,f3,42,ec

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\8503020000000000c000000000000046] "0102300b"=hex:b1,d7,8e,2b,85,00,cc,47,97,a7,8e,df,c8,d0,40,89

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\9207f3e0a3b11019908b08002b2a56c2] "01023d01"=hex:10,18,e8,b4,de,80,63,42,b3,70,f3,d5,13,f3,42,ec,a1,0c,b5,60,87,\ 42,10,4c,85,35,74,c1,b6,64,29,17 "01023d0e"=hex:7e,9c,76,23,9d,87,99,45,9f,ee,f1,a7,1d,fd,13,3c,d8,9f,f0,41,33,\ 50,43,46,a8,08,96,6b,8a,a2,66,68 "01023d00"=hex:52,54,12,9a,86,7d,1e,49,bf,89,37,20,8f,13,5a,06,52,21,21,b7,57,\ 9c,ad,4f,81,59,65,48,19,63,97,7e "01023d02"=hex:67,d9,62,f7,03,62,04,4d,93,d9,f4,aa,3a,b5,c3,e3,f1,0b,18,7c,fe,\ 97,20,43,87,dc,7d,32,ba,b3,d1,60 "01023d08"=hex:dc,30,43,4b,7a,0e,f8,49,aa,75,c3,7a,99,b3,e7,cd

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\9375CFF0413111d3B88A00104B2A6676] "{ED475418-B0D6-11D2-8C3B-00104B2A6676}"=hex:02,00,00,00 "LastChangeVer"=hex:08,00,00,00,00,00,00,00 "{ED475419-B0D6-11D2-8C3B-00104B2A6676}"=hex:01,00,00,00 "{ED475420-B0D6-11D2-8C3B-00104B2A6676}"=hex:02,00,00,00 "NextAccountID"=dword:00000003

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\9375CFF0413111d3B88A00104B2A6676\00000001] "clsid"="{ED475414-B0D6-11D2-8C3B-00104B2A6676}" "Mini UID"=dword:56742a89 "Service Name"=hex:43,00,4f,00,4e,00,54,00,41,00,42,00,00,00 "Service UID"=hex:7e,9c,76,23,9d,87,99,45,9f,ee,f1,a7,1d,fd,13,3c "MAPI Provider"=dword:00000002 "Account Name"=hex:4f,00,75,00,74,00,6c,00,6f,00,6f,00,6b,00,20,00,41,00,64,00,\ 64,00,72,00,65,00,73,00,73,00,20,00,42,00,6f,00,6f,00,6b,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\9375CFF0413111d3B88A00104B2A6676\00000002] "clsid"="{ED475414-B0D6-11D2-8C3B-00104B2A6676}" "Mini UID"=dword:2460e6dd "Service Name"=hex:4d,00,53,00,45,00,4d,00,53,00,00,00 "Service UID"=hex:d8,9f,f0,41,33,50,43,46,a8,08,96,6b,8a,a2,66,68 "MAPI Provider"=dword:00000005 "Identity Eid"=hex: "XP Provider UID"=hex:67,d9,62,f7,03,62,04,4d,93,d9,f4,aa,3a,b5,c3,e3,f1,0b,18,\ 7c,fe,97,20,43,87,dc,7d,32,ba,b3,d1,60 "Account Name"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,\ 45,00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,53,00,65,00,72,00,76,\ 00,65,00,72,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\a10cb5608742104c853574c1b6642917] "001f3001"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,44,00,69,00,72,00,65,00,\

Brought to you by Quest Software and Windows & .NET Magazine eBooks Chapter 3 Consolidating Your Exchange Services 63

63,00,74,00,6f,00,72,00,79,00,20,00,53,00,65,00,72,00,76,00,69,00,63,00,65,\ 00,00,00 "001f3006"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,44,00,69,00,72,00,65,00,\ 63,00,74,00,6f,00,72,00,79,00,20,00,53,00,65,00,72,00,76,00,69,00,63,00,65,\ 00,00,00 "001f300a"=hex:45,00,4d,00,53,00,41,00,42,00,50,00,2e,00,44,00,4c,00,4c,00,00,\ 00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,41,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\ 45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "00033e03"=hex:23,00,00,00 "01023d0c"=hex:d8,9f,f0,41,33,50,43,46,a8,08,96,6b,8a,a2,66,68 "001f3d09"=hex:4d,00,53,00,45,00,4d,00,53,00,00,00 "00033009"=hex:00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\d89ff04133504346a808966b8aa26668] "001f3001"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,53,00,65,00,72,00,76,00,\ 65,00,72,00,00,00 "001f3d0a"=hex:65,00,6d,00,73,00,75,00,69,00,2e,00,64,00,6c,00,6c,00,00,00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,41,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\ 45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "001f3d0b"=hex:45,00,4d,00,53,00,43,00,66,00,67,00,00,00 "00033009"=hex:02,00,00,00 "101e3d0f"=hex:03,00,00,00,10,00,00,00,1a,00,00,00,25,00,00,00,65,6d,73,75,69,\ 2e,64,6c,6c,00,65,6d,73,61,62,70,2e,64,6c,6c,00,65,6d,73,6d,64,62,2e,64,6c,\ 6c,00 "001f3d09"=hex:4d,00,53,00,45,00,4d,00,53,00,00,00 "01023d01"=hex:a1,0c,b5,60,87,42,10,4c,85,35,74,c1,b6,64,29,17 "01023d00"=hex:52,54,12,9a,86,7d,1e,49,bf,89,37,20,8f,13,5a,06,52,21,21,b7,57,\ 9c,ad,4f,81,59,65,48,19,63,97,7e "01023d02"=hex:67,d9,62,f7,03,62,04,4d,93,d9,f4,aa,3a,b5,c3,e3,f1,0b,18,7c,fe,\ 97,20,43,87,dc,7d,32,ba,b3,d1,60 "01023d08"=hex:dc,30,43,4b,7a,0e,f8,49,aa,75,c3,7a,99,b3,e7,cd "01023d0d"=hex:13,db,b0,c8,aa,05,10,1a,9b,b0,00,aa,00,2f,c4,5a

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\dc30434b7a0ef849aa75c37a99b3e7cd] "001f3001"=hex:4d,00,53,00,20,00,45,00,78,00,63,00,68,00,61,00,6e,00,67,00,65,\ 00,20,00,48,00,6f,00,6f,00,6b,00,00,00 "001f3006"=hex:4d,00,53,00,20,00,45,00,78,00,63,00,68,00,61,00,6e,00,67,00,65,\ 00,20,00,48,00,6f,00,6f,00,6b,00,00,00 "001f300a"=hex:45,00,4d,00,53,00,4d,00,44,00,42,00,2e,00,44,00,4c,00,4c,00,00,\ 00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,41,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\ 45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "00033e03"=hex:28,00,00,00 "00033009"=hex:00,02,00,00 "01023d0c"=hex:d8,9f,f0,41,33,50,43,46,a8,08,96,6b,8a,a2,66,68 "001f3d09"=hex:4d,00,53,00,45,00,4d,00,53,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\dca740c8c042101ab4b908002b2fe182]

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Pro- files\NEWSERVER Profile\f10b187cfe97204387dc7d32bab3d160]

Brought to you by Quest Software and Windows & .NET Magazine eBooks 64 The Expert’s Guide for Exchange 2003

"001f3001"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,54,00,72,00,61,00,6e,00,\ 73,00,70,00,6f,00,72,00,74,00,00,00 "001f3006"=hex:4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,20,00,45,\ 00,78,00,63,00,68,00,61,00,6e,00,67,00,65,00,20,00,54,00,72,00,61,00,6e,00,\ 73,00,70,00,6f,00,72,00,74,00,00,00 "001f300a"=hex:45,00,4d,00,53,00,4d,00,44,00,42,00,2e,00,44,00,4c,00,4c,00,00,\ 00 "001f3d13"=hex:7b,00,36,00,34,00,38,00,35,00,44,00,32,00,36,00,41,00,2d,00,43,\ 00,32,00,41,00,43,00,2d,00,31,00,31,00,44,00,31,00,2d,00,41,00,44,00,33,00,\ 45,00,2d,00,31,00,30,00,41,00,30,00,43,00,39,00,31,00,31,00,43,00,39,00,43,\ 00,30,00,7d,00,00,00 "00033e03"=hex:24,00,00,00 "00036609"=hex:00,00,00,00 "01023d0c"=hex:d8,9f,f0,41,33,50,43,46,a8,08,96,6b,8a,a2,66,68 "001f3d09"=hex:4d,00,53,00,45,00,4d,00,53,00,00,00 "00033009"=hex:00,00,00,00

More Consolidation Details Also, remember that the new AD account is associated with the new mailboxes, not the old ones. Your users need to know that they must log on to the new domain (they might require no more than some basic instructions). I prefer to copy the computer accounts and do the domain-migration work over a weekend and use Systems Management Server (SMS) or Office Wizards during the week to automate the necessary changes to the Outlook profiles. Larger deployments will obviously take much more planning and many helping hands. Later (but as soon as possible), you can provide a clean break by removing the trusts and unplugging the old domain and old Exchange server from the network. In a smaller deployment (e.g., 150 users), you should be able to move the computer and user accounts in an hour, followed by about 8 hours to move the machines from the old domain into the new domain. As with site consolidations, you’ll need to rebuild any connector information in the source organization. For example, you’ll need to replace a fax gateway, voicemail connector, or Blackberry service. In addition, a reorganization such as this Exchange consolidation usually includes migrating an SMTP domain. You’ll need to plan for DNS and SMTP changes before you migrate mailboxes. Consolidation is one of the key aspects of efficient Exchange deployments. Having said that, remember that Exchange site and organizational consolidation projects will affect end users and their current configurations and data. To assist with more complicated consolidation efforts, you can use tools available on the server CD-ROMs, tools that you can download from the Microsoft Exchange Server site, or third-party tools available from vendors. Next: Installing Exchange 2003 The next chapter will discuss installing Exchange Server 2003, including preparing the server and migrating to Exchange 2003. Those who move to Exchange 2003 from Exchange 5.5 will need extensive information (e.g., Did you know that an Exchange 5.5 server can’t be upgraded to Exchange Server 2003?). I’ll also cover in detail the requirements of the Active Directory Connector (ADC), how to create connection agreements manually, and how to use the Exchange Server deployment wizards to prepare the systems for you.

Brought to you by Quest Software and Windows & .NET Magazine eBooks