Configure Disjoint Namespace

  • View

  • Download

Embed Size (px)



Text of Configure Disjoint Namespace

Configure disjoint namespace Estimated time to complete: 20 minutes By default, the primary Domain Name System (DNS) suffix portion of a computer's fully qualified domain name (FQDN) is the same as the name of the Active Directory domain where the computer is located. When the primary DNS suffix portion of a computer's FQDN is different from the Active Directory domain where the computer is located, this is known as a disjoint namespace.To run Exchange 2010 in a disjoint namespace, there are two tasks you must perform: Configure the DNS suffix search list. Create a list of allowed suffixes by modifying the value for the msDS-AllowedDNSSuffixes attribute of the domain object container. For more information about the msDS-AllowedDNSSuffixes attribute, download this topic from the Windows Server Help and Support Center: Domain Rename ProcedureHow do I configure the DNS suffix search list?

You'll use the Group Policy Management Console (GPMC) to get this task done. If you're running Windows Server 2008, GPMC is installed by default. If you're running Exchange 2003, you can download GPMC from: Group Policy Management Console with Service Pack 11. Open the GPMC on a Windows directory server in your domain by clicking Start > Programs > Administrative Tools > Group Policy Management. 2. In Group Policy Management, expand the forest and the domain in which you will apply Group Policy. Right-click Group Policy Objects, and then click New.3. In New GPO, type a name for the policy, and then click OK.4. Right-click the new policy that you created in Step3, and then click Edit.5. In Group Policy Object Editor (Group Policy Management Editor in Windows Server 2008) expand Computer Configuration, (expand Policies in Windows Server 2008), expand Administrative Templates, expand Network, and then click DNS Client.6. Right-click DNS Suffix Search List, and then click Properties.7. On the DNS Suffix Search List Properties page, select Enabled. In the DNS Suffixes box, type the primary DNS suffix of the disjoint computer, the DNS domain name, and any additional namespaces for other servers with which Exchange may interoperate, such as monitoring servers or servers for third-party applications. Click OK.8. In Group Policy Management, expand Group Policy Objects, and then select the policy that you created in Step3. On the Scope tab, in the Security Filtering area, click Add to scope the policy so that it applies to only the computers that are disjoint.Install the Client Access server role Estimated time to complete: 45 minutes The Client Access role is one of five server roles in Exchange 2010. It's also the first server role that must be installed. The Client Access role enables access to mailbox data through a variety of clients, such as Microsoft Office Outlook, Outlook Anywhere, Outlook Web App, POP3, and IMAP4, and it also hosts Exchange Web services, such as the Autodiscover service and the Availability service.Learn more at: Understanding the Client Access Server RoleAlthough you can deploy each server role on a single server, we recommend that you deploy multi-role servers in certain scenarios.Learn more at: Understanding single and multi-role server installationsWe recommend installing the latest update rollup for Exchange 2010 on all your servers. Although you can install update rollups on a server after Exchange 2010 has been installed, it's also possible and less time-consuming to incorporate the update rollup into the install server installation process. To do this, copy the contents of the Exchange 2010 DVD to the file system, and then copy or move the downloaded update rollup file to the Updates folder in the installation tree. When you perform the procedure below, the update rollup will be installed as part of the initial installation process.To download the latest update rollup for Exchange 2010, visit: Microsoft Download CenterImportant:

When you upgrade your organization to the RTM version of Exchange 2010, your clients running Outlook 2003 dont use RPC encryption, and RPC Client Access requires it by default. This can cause connection issues between Exchange 2010 and Outlook 2003. In Exchange 2010 SP1, RPC Client Access doesn't require RPC encryption by default. If you have Outlook 2003 clients within your organization, we recommend that you install Exchange 2010 SP1 to avoid connection issues between Exchange 2010 SP1 and Outlook 2003. For more information, see Understanding RPC Client Access.

How do I do this?

You'll use the Exchange Server 2010 Setup wizard to install the Client Access role. Important:

When you install the first Exchange 2010 server role, Exchange 2010 prepares your Windows schema and forest before installing the server role. The amount of time that forest preparation and replication takes depends on your Active Directory site topology.

1. Insert the Exchange 2010 DVD into the DVD drive. When the AutoPlay dialog appears, click Run Setup.exe under Install or run program. If the AutoPlay dialog doesn't appear, navigate to the root of the DVD and double-click Setup.exe. Alternatively, browse to the location of your Exchange 2010 installation files and double-click Setup.exe.2. The Exchange Server 2010 Setup welcome screen appears. In the Install section, the software listed for Step 1: Install .NET Framework 3.5 SP1 and Step 2: Install Windows PowerShell v2 was installed with the Exchange 2010 prerequisites. If these prerequisites aren't already installed, click the appropriate step to install them.3. When Step 1, Step 2, and Step 3 are listed as Installed, click Step 4: Install Microsoft Exchange.Note:

After your installation is complete, you can return to complete Step 5: Get critical updates for Microsoft Exchange.

4. On the Introduction page, click Next.5. On the License Agreement page, review the software license terms. If you agree to the terms, select I accept the terms in the license agreement, and click Next.6. On the Error Reporting page, select Yes or No to enable the Exchange Error Reporting feature, and click Next.7. On the Installation Type page, select Custom Exchange Server Installation. For Exchange 2010 SP2, you can select to automatically install all required Windows roles and features for this server. If you want to change the installation path for Exchange 2010, click Browse, locate the appropriate folder in the folder tree, and then click OK. Click Next.8. On the Server Role Selection page, select the Client Access Role, (or other server roles you want to install) and click Next. The Management Tools option, which installs the Exchange Management Console and the Exchange Management Shell, will also be selected and installed.

9. Use the Configure Client Access Server external domain page to configure an external fully qualified domain name (FQDN). This is the FQDN that you give to Outlook Web App, Outlook Anywhere, and Exchange ActiveSync users to connect to Exchange 2010. Select the check box, enter your FQDN, and then click Next.10. On the Customer Experience Improvement Program page, optionally join in the Exchange Customer Experience Improvement Program (CEIP). The CEIP collects anonymous information about how you use Exchange 2010 and any problems that you encounter. To join the CEIP, select Join the Customer Experience Improvement Program, choose the industry that best represents your organization, and then click Next. 11. On the Readiness Checks page, review the Summary to determine if the system and server are ready for the Client Access role to be installed. If all prerequisite checks completed successfully, click Install. If any of the prerequisite checks failed, you must resolve the displayed error before you can proceed with installing Exchange. In many cases, you don't need to exit Setup while you're fixing issues. After you resolve an error, click Retry to run the prerequisite check again. Also, be sure to review any warnings that are reported.12. The Progress page displays the progress and elapsed time for each phase of the installation. As each phase ends, it's marked completed and the next phase proceeds. If any errors are encountered, the phase will end as incomplete and unsuccessful. If that happens, you must exit Setup, resolve any errors, and then restart Setup.13. When all phases have finished, the Completion page displays. Review the results, and verify that each phase completed successfully. Clear the check box for Finalize this installation using the Exchange Management Console, and then click Finish to exit Setup.14. When you're returned to the Setup welcome screen, click Close. On the Confirm Exit prompt, click Yes.15. Restart the computer to complete the installation of the Client Access role.Create a Client Access Server Array

If you're installing multiple Client Access servers in one Active Directory site, you can create a Client Access server array. This is a load-balanced group of Client Access server computers that can be accessed through a single URL. Creating a Client Access array reduces the number of fully qualified domain names (FQDN) you need to have on your certificate, and it allows all users in one Active Directory site to access Exchange 2010 through a single URL. After you've completed the installation of your first Client Access server computer, you can start creating your Client Access server array. To create a new Client Access server array, run the following command using the Exchange Management Shell. CopyNew-ClientAccessArray -FQDN -Site "YourSite" -Name ""There can only be one Client Access array per Active Directory site. After you've created the array, you can manage which Client Access server computers are part of the array through your load balancer configuration. If you're unfamiliar with the Shell, learn more at: Overview of Exchange Management ShellHow do I know this wor