Embed Size (px)
Citation preview
70-662: Deploying Microsoft Exchange
Server 2010
Course 01 - Active Directory and
Supporting Infrastructure
Slide 1
Course 01: Active Directory and Supporting Infrastructure
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 2
Active Directory Domain Services Centralizes Login Issues and Configuration
Network Infrastructure must be in place for all to functiono Active Directory
o DNS
o DHCP
o SNTP / Time Server
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 3
All user Accounts
All machine Accounts
Security based information
Group Policy
Replication of DNS records
Physical Topology
Logical Topology
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 4
Forest
Domain
Child Domain
Domain Tree
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 5
Sites – physical topology mixedwith logical
Site 1 Site 2
Domain
Site 1
Domain 1 Domain 2
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 6
Trusts allow communications between machines
Trusts allow users to login from trusted machine and access resources that are also trusted.
Types of Trustso Transitive Trusts
o Shortcut Trusts
o Forest Trusts
o External Trusts
o Realm Trusts
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 7
Domains
Domain Tree
Forests
Trusts
Domain Controller
Global Catalog
Sites
Replication
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 8
Domainso Administrator-defined collection of computers.
o Share a common security database
o User and Group Accounts are maintained by administrators
o Computer and Users can be organized into Organizational Units
Domain Treeo A set of domains that share the same DNS namespace
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 9
One or more domains that share a schema
Schema contains all objects and object attributes for network
All domains in forest share a transitive trust relationship.
Provides a security boundaryo No access from outside of forest
Schema aware applications can only have one instance per forest
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 10
o Allows users to share or authenticate across trusted domains
o Trusted vs. Trusting
• One side can share, one side can access
o All domains in the forest have transitive trust relationships with all domains in the forest.
o You can create a direct or shortcut trust
TrustsDomain A Domain B
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 11
Holds local domain databaseo User accounts and computer accounts
o Responsible for authentication of users and computers
o Only contains information for domain it belongs to
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 12
Holds subset of information from other domains in the forest
Limited information on objects in other forests
Exchange object attributes for mail-enabled and mailbox-enabled objects
Global Address List generation, location of mailboxes for delivering mail
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 13
One or more well connected IP Subnets
Usually in same location
Used to control replication
All computers in site must connect at minimum of 10 Mbps with each other
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 14
The sharing of information between domain controllerso Domain information
o Configuration data
o Schema
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 15
Domain Partitiono Users, Computers, Groups and other objects for domain
o Represents logical domain structure
o Replicated to all domain controllers in a domain
o Exchange Uses for Email Recipients
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 16
Configuration Partitiono Configuration information for Active Directory and applications
o Only one configuration directory partition per forest
o Houses site topology
o Information to construct directory tree hierarchy
o Replicated to all domain controllers in the entire forest
o Where all Exchange Information exists
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 17
Schema Partitiono All object types, and their attributes, that you can create in Active
Directory
o Only one schema per forest
o Replicated to all domain controllers in the entire forest
o Contains all Object classes and attributes
Exchange organization and Active Directory forest: one-to-one relationship
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 18
Application Partitionso All Specific application data that the application requires
o Replicated to all domain controllers in the entire forest with a replica of the partition
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 19
Every Active Directory object is referenced by a distinguished name (also known as DN)o The distinguished name identifies the complete path through the container
hierarchy by which the object is reached
Every forest has:o One configuration directory partitiono One schema directory partitiono At least one domain directory partition that represents the forest root domaino Every additional domain that belongs to a forest adds one domain directory
partition to the forest
The three default Active Directory partitions have the following distinguished names:o Forest-root domain directory partition: DC=ForestRootDomaino Configuration directory partition: CN=configuration,DC=ForestRootDomaino Schema directory partition: CN=schema,CN=configuration,DC=ForestRootDomain
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 20
DNS
DHCP
SNTP / Time Server
Domain Controller / Active Directory
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 21
Consists of records to locate network resourceso SRV Records
• Locate Services on Network
o Host Records
• Name to IP address resolution
o PTR Records
• IP Address to name
o Many other examples
DNS records can be updated manually or automatically
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 22
Active Directory Integrated Zones
Primary Zones
Secondary Zones
Stub Zones
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 23
Dynamically assign IP configuration to clients
Integrates with DNS
Will update client information with DNS
DHCP Client commandso IPConfig.exe /release
o IPConfig.exe /renew
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 24
Works with Kerberos Authentication
Located on PDC Emulator - authoritative
Commands:o Net time
o W32tm.exe
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 25
Requirements:o SRV records to locate domain controllers
o Host records to locate other servers
o MX records to locate mail servers in other organizations
DNS Record Type Example
SRV _ldap._tcp.domain.com. IN SRV 0 100 389 servername.domainname.com
Host servername.domainname.comIN A 10.10.10.10
MX MX 10 servername.domainname.com
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 26
Setup Switch Description
/PrepareAD/OrganizationName:”organizationname”
• Prepares the global Exchange objects • Creates the Exchange universal security groups in the root domain• Prepares the current domain• Requires Enterprise Administrator and Exchange Administrator rights if otherwise denied access
/PrepareLegacy ExchangePermissions
• Required if the organization includes previous versions of Exchange Server
/PrepareSchema • Prepares the schema for the Exchange Server 2010 installation
• Requires Schema Administrator and Enterprise Administrator rights
/PrepareDomain
/PrepareDomain domainname
/PrepareAllDomains
• Prepares the domain by creating a new global group called Exchange Install Domain Servers
• Requires Domain Administrator rights
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 27
Feature Standard Edition Enterprise Edition
Database Support 5 Databases 100 Databases
Database Storage Limit Limits are only hardware dependant
Limits are only hardware dependant
DAG Membership Supported Supported
CAL Option
Exchange Server Standard CAL
E-mailShared CalendaringOWAActive Sync
Exchange Server Enterprise CAL
Requires Standard CALUnified MessagingPer-user and per-distribution list journalingManaged custom e-mail foldersForefront Protection for Exchange
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 28
Hub Transport
Server
Mailbox Server
Edge Transport
Server
Client Access Server
Unified Messaging
Server
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 29
Hub Transport Server Roleo Internal Mail Flow
• Messaging Policy and Compliance
• Anti-Spam and Antivirus protection
Mailbox Server Role• Host mailbox databases
• Provide e-mail storage
• Host public folder databases
• Calculate e-mail address policies
• Generate address lists and offline address books (OABs)
• Conduct Multi-Mailbox Searches
• Provide high availability and site resiliency
• Provide content indexing
• Provide messaging records management (MRM) and retention policies
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 30
Edge Transport Server Roleo Internet Mail Flow
o Anti-Spam and Antivirus Protection
o Edge Transport Rules
o Address Rewriting
Client Access Server Role• Outlook Web App
• The Availability Service
• The Autodiscover Service
• Exchange Active Sync
• POP and IMAP
Unified Messing Server Roleo Combines voice messaging, fax messaging and e-mail messaging into
Exchange
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 31
Install All Server Roles on one servero Except the Edge Transport Server
Exchange Online Services good option
Backups criticalo Mailbox Data
o System State
o Exchange Information
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 32
Small to Medium sized organizations
Install all roles (except Edge Transport Server Role) on minimum of 2 servers
Two Domain Controllers per domain
DAG members can host multiple roles
One Edge Transport Server on Perimeter network
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 33
Two Domain Controllers
Two Global Catalog servers for each domaino If multiple sites – multiple Exchange Servers per site
One + Mailbox Server Role o Best to have multiple per site
Dedicated Exchange Server Roles on servers per site with Exchangeo Hub Transport
o Client Access
1+ Exchange Servers With Edge Transport Server Role
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 34
You can combine all server roles, except the Edge Transport server role, on one server
Component Recommendation
Processor cores • Minimum: 2
• Recommended: 8
• Maximum: 24
• Plan on using half the processor cores for the mailbox server role
Memory • Recommended: 8 GB plus 2-10 MB per mailbox
• Maximum: 64 GB
When combining server roles, reduce the maximum number of mailboxes by 20%. You can combine server roles with Mailbox servers that are DAG members.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 35
Exchange Online Services: o Business Productivity Online solution
o E-mail and calendar functionality hosted by Microsoft
o E-mail co-existence and migration of mailboxes & GAL
o On-premise and hosted mailboxes with Exchange Server 2010
o Includes:
• Live Meeting
• SharePoint
• Communicator
• LYNC
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 36
Infrastructure Component:
Requirements:
Active Directory Schema Master:
• Windows Server 2003 (SP2)
• Windows Server 2008
• Windows Server 2008 R2
Global Catalog Servers (ALL):
• Windows Server 2003 (SP2)
• Windows Server 2008
• Windows Server 2008 R2
Domain and forest functional levels must be at least Windows 2003
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 37
Infrastructure Component:
Requirements:
DNS Name Resolution:Global Catalog Domain ControllersOther Exchange Servers
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 38
Processor
• Intel 64-bit architecture
• AMD64 architecture
Memory
• 2 gigabytes (GB) minimum
• Additional memory required based on server role and load
Disk
• 1.2 GB free disk space for Exchange Server files
• 200 megabytes (MB) free on the system drive
File System
• NTFS file system for all drives
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 39
64-bit edition of Windows Server 2008, Windows Server 2008 R2 Standard, or Enterprise Edition
AD DS management toolso Required for all Exchange 2010 servers (Except Edge Transport Servers)
Microsoft .NET Framework 3.5 (SP1) or later
Windows Remote Management 2.0 (WinRM)
Windows PowerShell version 2.0
Various Server roles require different software requirements
Net.Tcp Port Sharing Service configured to start automatically before Exchange Server Installation
Look at each server role for separate installation requirements
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 40
Install prerequisite software
Run setup.exe from the installation
source
Choose the option to install Exchange
Server 2010
Install the Exchange language
packs
Choose the installation type
Provide the Exchange
organization name
Choose the option to enable Outlook
2003 or earlier clients
Configure the Client Access server
external name
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Slide 41
Parameter Options Description
/mode •Install, Upgrade, Uninstall, Recoverserver•Default: Install
Specifies the Setup program actions
/roles •HubTransport, HT, H• ClientAccess, CA, C• EdgeTransport, ET, E• Mailbox, MB, M• UnifiedMessaging, UM, U• ManagementTools, MT, T
Specifies which roles to install
/ServerAdmin User or group Specifies an account with Exchange Server permission
/NewProvisionedServer Server name/ServerAdmin: User
Creates Exchange computer account for delegated installation
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
Review Questions:
1. Which is NOT a type of trust in a trust relationship?
A. Transitive trust
B. Forest trust
C. External trust
D. Internal trust
2. True or False: An Active Directory Forest is a security boundary to protect
against outside access.
A. True
B. False
3. True or False: It is possible to have several configuration directory partitions per
forest.
A. True
B. False
4. DNS consists of records to locate network resources. The SRV records:
A. Name to IP address resolution
B. Locate services on the network
C. IP address to name
D. Assigns IP configuration
5. True or False: Edge Transport Server Role adds a layer of protection from spam
and viruses from e-mails internal to the organization.
A. True
B. False
6. True or False: All server roles can be placed on one server in a simple
organization.
A. True
B. False
7. True or False: When running Exchange Server 2010, domain and functional
levels must be at least Server 2008.
A. True
B. False
8. True or False: Both Users and Computers have accounts in an Active Directory
domain.
A. True
B. False
9. True or False: The Schema contains all the IP addresses of the nodes on the
network.
A. True
B. False
10. Every Active Directory object is referred to by which of the following?
A. Distinguished name
B. User name
C. Alias
D. Domain name
Answer Key:
1. D
The types of trusts are: transitive trust, shortcut trust, forest trust, external trust
and realm trust.
2. A
True. A forest provides a security boundary; there is no access from outside of
the forest unless explicitly allowed through a forest trust.
3. B
False. Only one configuration directory partition per forest is allowed.
4. B
The SRV records locate services on the network.
5. B
False. The Edge Transport Server Role does add another layer of protection
from spam and viruses, but this layer of protection is provided to messages
coming from the internet, not internally.
6. B
False. In a simple organization all server roles can be placed on one server,
except for the Edge Transport Server. Edge Transport Server cannot be a part of
Active Directory domain or participate in Active Directory security; therefore, it
cannot be on a server with the other roles.
7. B
False. When running Exchange Server 2010, domain and functional levels must
be at least Server 2003.
8. A
True. Active Directory contains accounts for all computers and all users that are
participating in domain security.
9. A
True. The Schema has all the objects and object attributes that will be named
within the forest.
10. A
Every Active Directory object is referred to by a distinguished name.
