The Windows Server 2008 ServerManagerCmd.exe tool makes installing the Exchange Server 2007 pre-requisites a snap. In this example I am installing the pre-requisites for a typical Exchange Server 2007 installation (Mailbox Server, Client Access Server, Hub Transport Server).
The components are installed using ServerManagerCmd.exe. The following commands can be executed in a command shell to install each of the components.
Firstly, if you are intending to use the Windows Server 2008 server to extend the Active Directory Schema for Exchange Server 2007 you must install the Active Directory Domain Services remote management tools. This usually requires a server restart.
C:\>ServerManagerCmd -i RSAT-ADDS
...........
Start Installation...
[Installation] Succeeded: [Remote Server Administration Tools] Role Administrati
on Tools.
[Installation] Succeeded: [Remote Server Administration Tools] Active Directory
Domain Services Tools.
Warning: [Installation] Succeeded: [Remote Server Administration Tools] Server f
or NIS Tools. You must restart this server to finish the installation process.
Warning: [Installation] Succeeded: [Remote Server Administration Tools] Active D
irectory Domain Controller Tools. You must restart this server to finish the ins
tallation process.
<100/100>
Success: A restart is required to complete the installation.
Once the server is restarted you can install the remaining components. You could install them by entering the commands one at a time, but I prefer to run them all at once like this.
C:\>(
More? ServerManagerCmd -i PowerShell
More? ServerManagerCmd -i Web-Server
More? ServerManagerCmd -i Web-ISAPI-Ext
More? ServerManagerCmd -i Web-Metabase
More? ServerManagerCmd -i Web-Lgcy-Mgmt-Console
More? ServerManagerCmd -i Web-Basic-Auth
More? ServerManagerCmd -i Web-Digest-Auth
More? ServerManagerCmd -i Web-Windows-Auth
More? ServerManagerCmd -i Web-Dyn-Compression
More? ServerManagerCmd -i RPC-over-HTTP-proxy
More? )
The commands will execute in sequence and display output similar to this.
.
Start Installation...
[Installation] Succeeded: [Windows PowerShell].
<100/100>
Success: Installation succeeded.
………………..
Start Installation…
[Installation] Succeeded: [Web Server (IIS)] Management Tools.
[Installation] Succeeded: [Web Server (IIS)] Web Server.
[Installation] Succeeded: [Web Server (IIS)] Common HTTP Features.
[Installation] Succeeded: [Web Server (IIS)] Health and Diagnostics.
[Installation] Succeeded: [Web Server (IIS)] Security.
[Installation] Succeeded: [Web Server (IIS)] Performance.
[Installation] Succeeded: [Windows Process Activation Service] Configuration API
s.
[Installation] Succeeded: [Windows Process Activation Service] Process Model.
[Installation] Succeeded: [Web Server (IIS)] IIS Management Console.
[Installation] Succeeded: [Web Server (IIS)] Request Monitor.
[Installation] Succeeded: [Web Server (IIS)] Static Content.
[Installation] Succeeded: [Web Server (IIS)] HTTP Logging.
[Installation] Succeeded: [Web Server (IIS)] Static Content Compression.
[Installation] Succeeded: [Web Server (IIS)] Request Filtering.
[Installation] Succeeded: [Web Server (IIS)] Default Document.
[Installation] Succeeded: [Web Server (IIS)] Directory Browsing.
[Installation] Succeeded: [Web Server (IIS)] HTTP Errors.
<100/100>
Success: Installation succeeded.
…………
Start Installation…
[Installation] Succeeded: .
[Installation] Succeeded: [Web Server (IIS)] Application Development.
[Installation] Succeeded: [Web Server (IIS)] ISAPI Extensions.
<100/100>
Success: Installation succeeded.
…………
Start Installation…
[Installation] Succeeded: .
[Installation] Succeeded: [Web Server (IIS)] IIS 6 Management Compatibility.
[Installation] Succeeded: [Web Server (IIS)] IIS 6 Metabase Compatibility.
<100/100>
Success: Installation succeeded.
…………
Start Installation…
[Installation] Succeeded: .
[Installation] Succeeded: [Web Server (IIS)] IIS 6 Management Console.
<100/100>
Success: Installation succeeded.
…………
Start Installation…
[Installation] Succeeded: .
[Installation] Succeeded: [Web Server (IIS)] Basic Authentication.
<100/100>
Success: Installation succeeded.
…………
Start Installation…
[Installation] Succeeded: .
[Installation] Succeeded: [Web Server (IIS)] Digest Authentication.
<100/100>
Success: Installation succeeded.
…………
Start Installation…
[Installation] Succeeded: .
[Installation] Succeeded: [Web Server (IIS)] Windows Authentication.
<100/100>
Success: Installation succeeded.
…………
Start Installation…
[Installation] Succeeded: .
[Installation] Succeeded: [Web Server (IIS)] Dynamic Content Compression.
<100/100>
Success: Installation succeeded.
…………
Start Installation…
[Installation] Succeeded: .
[Installation] Succeeded: .
[Installation] Succeeded: .
[Installation] Succeeded: [Web Server (IIS)] Client Certificate Mapping Authenti
cation.
[Installation] Succeeded: [Web Server (IIS)] Tracing.
[Installation] Succeeded: [Web Server (IIS)] Logging Tools.
[Installation] Succeeded: [Web Server (IIS)] HTTP Redirection.
[Installation] Succeeded: [RPC over HTTP Proxy].
<100/100>
Success: Installation succeeded.
Your Windows Server 2008 host is now ready to install Exchange Server 2007.
References:
Before deploying your first Exchange Server 2007 server you must apply the Exchange Server 2007 schema extensions. Though you can allow Exchange to do this automatically during setup there are some scenarios where you may wish to do it as a separate process, such as applying the extensions in advance of the first installation, or using a different account for the schema extension than for the Exchange installation so as to perform each task with the minimum required privileges.
If you wish to apply the Exchange Server 2007 schema extension on a 32-bit domain controller that is the Schema Master there are first some pre-requisites that must be installed. Note: for Exchange Server 2007 compatibility the Schema Master must be at least Windows Server 2003 with Service Pack 1 or Windows Server 2003 R2.
You will also need the 32-bit version of Exchange Server 2007 RTM or Exchange Server 2007 SP1.
Extending the Active Directory Schema for Exchange Server 2007
To extend your AD schema for Exchange Server 2007 follow these steps:
- Log on to the Schema Master with an account that has Schema Admins and Enterprise Admins permissions.
How To Find Servers That Hold Flexible Single Master Operations Roles
- Verify that Schema updates have been enabled.
Schema Updates Require Write Access to Schema in Active Directory
- Perform a System State backup of the Schema Master.
- Disabled outbound replication on the Schema Master.
repadmin /options servername +DISABLE_OUTBOUND_REPL
- Extract the Exchange setup files to a temporary location, and open a command prompt in that folder.
- Prepare the legacy Exchange permissions.
C:\temp\Exchange\setup.com /PrepareLegacyExchangePermissions
- Prepare the Schema.
C:\temp\Exchange\setup.com /PrepareSchema
- Prepare the Forest.
C:\temp\Exchange\setup.com /PrepareAD
- Prepare the Domain. Each domain that will hold Exchange servers or Exchange recipients must be prepared.
C:\temp\Exchange\setup.com /PrepareDomain
To prepare all Domains in the Forest in one action use the following.
C:\temp\Exchange\setup.com /PrepareAllDomains
- If the commands have run without error and you are satisfied with the health of your Schema Master you can re-enable outbound replication.
C:\temp\Exchange\repadmin /options servername -DISABLE_OUTBOUND_REPL
Your Active Directory is now ready for the first Exchange Server 2007 installation.
Project Coconut entries:
Getting The Environment Up To Scratch
Project Coconut is underway and the first bit of action is getting the environment up to the pre-requisites for Exchange Server 2007. The existing environment is Active Directory in Windows 2000 Native Mode, with Windows 2000 Server domain controllers, and an Exchange 2000 Server organisation also running on Windows 2000 Server member servers.
While there are many Active Directory Sites in this environment there are only two that are relevant to the Exchange Server 2007 deployment - the HQ site, and the DR site. These are two well-connected locations with unique subnets, which rules out clustering the planned Windows Server 2003 hosts, but with Exchange Server 2007 SP1 allows us to implement site resiliency through Standby Continuous Replication (SCR).
Read the rest of this article…
Some time ago I wrote about my experience recovering a customer’s Active Directory from a USN Rollback condition that had been caused by some virtualisation work. There has been some discussion in the comments in that post about what to do when you have a single domain controller that thinks it is in a USN Rollback condition (eg has disabled outbound replication and paused the NetLogon service).
Logic would suggest that once a DC knows it is the only DC in the Forest that it would shake off the USN Rollback blues and start humming away normally again. Not the case unfortunately.
Rob P recently spent some time and effort with Microsoft support and came up with a solution that can be applied.
!!!Warning!!! !!!Warning!!! !!!Warning!!!
I’m not 100% sure why I’m warning you, but I’ll take Rob’s word on the matter. Apparently this fix is quite dangerous and not for the faint of heart. My heart is not the least bit faint, particularly when it comes to my VMWare test environment, so I didn’t mind testing this out. At the very least you should make sure you have a backup of the server you can go back to if this doesn’t work.
To get a single domain controller out of USN Rollback:
- Open Regedit
- Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
- Locate the key “Dsa Not Writable”=dword:00000004
- Delete the entire key
- Enable replication by running repadmin /options servername -DISABLE_OUTBOUND_REPL and repadmin /options servername -DISABLE_INBOUND_REPL
- Reboot
Once your domain controller has rebooted you should find that NetLogon is running again and repadmin /options no longer shows replication as being disabled.
I performed this test on a Windows Server 2003 R2 domain controller and I imagine it works fine on Small Business Server 2003 as well.
There are two things I tend to see a lot of at the moment. Firstly virtualisation is pretty hot right now. Everyone seems to be virtualising their infrastructure as much as possible, particularly their servers such as Domain Controllers. Secondly, some companies are too cheap (or just haven’t gotten around to it yet) to setup a proper backup and recovery solution for their servers. This often means they are relying on some ad-hoc Ghost or Acronis images for server recovery. This includes recovery of their Domain Controllers.
I specifically mention Domain Controllers twice there because both of these very common scenarios introduce the serious risk of a “USN rollback” condition occurring (USN stands for “update sequence number”). If you want to get deeply technical with the concept you can read this article from Microsoft:
How to detect and recover from a USN rollback in Windows Server 2003
If you just want the summary version, basically a USN rollback condition can occur when the Active Directory database is restored to an earlier version in an improper fashion. Microsoft makes available methods for restoring Active Directory databases such that the Domain Controller can properly resynchronise with its replication partners afterwards. Restoring in an improper fashion, such as restoring a DC using an earlier Ghost or Acronis image, or rolling back to an earlier snapshot of a virtualised DC, will cause a USN rollback condition to occur.
Read the rest of this article…
