Lessons Learned About Exchange Server 2007

I’m in the midst of a non-virtualization-related project right now, which is a bit odd; a great majority of my work these days is centered around virtualization.  Nevertheless, I try to view every project as one from which I can learn.  I have definitely learned some things with this project, that’s for sure.

Here are a few tidbits that I’ve learned so far this week, most of them centered around the installation of Microsoft Exchange Server 2007:

  • First, if you have even one Active Directory domain controller that isn’t running Windows Server 2003 SP1, you can’t use the GUI setup routine for installing Exchange Server 2007.  That’s right, no GUI setup for you.  Instead, you’ll have to install from the command line like this:

    setup.com /mode:install /roles:mb, ca, ht, mt /EnableLegacyOutlook /LegacyRoutingServer:oldserver.domain.com /dc:win2k3sp1.domain.com

    Nice, eh?  Supposedly this will be fixed in Exchange 2007 SP1.

  • Apparently, about 20% of the installations run from the command-line fail with an error about being unable to access the source files.  This is even when installing from local CD-ROM, as I was.  The Microsoft tech I spoke with recognized that this was a problem; the suggested solution was to copy the files from the CD to a local hard drive and run setup from there.
  • The use of the “/LegacyRoutingServer:” command-line switch, which is required for interoperability with “legacy” Exchange 2000/2003 servers, can only be used when installing the very first server with the Hub Transport role (the “ht” in the command line above).  If the installation of that first server dies for some reason—say, like due to some strange error about not being able to access the source files—then you won’t be able to use this command-line switch again.  This means you’ll need to create the appropriate connector yourself manually after installation.
  • If Exchange Server 2007 setup fails while installing the Client Access server role (the “ca” in the setup command line above) citing an error about not being able to find an object (see this URL), then you’ve got some damaged attributes in Active Directory.  In my case, while sitting on hold with Microsoft Support for an hour, I resolved it by doing a full dump of the domain and configuration naming contexts of Active Directory using LDIFDE:

    ldifde -f example.domain.ldf -d “dc=example,dc=com”
    ldifde -f example.config.ldf -d “cn=configuration,dc=example,dc=com”

    I was then able to find the specific object with which Exchange Server 2007 Setup was having a problem and fix it.  In my case, the Offline Address Book server had somehow gotten damaged and was causing setup to fail.  I was able to manually correct the problem using Exchange 2000 System Manager and then Exchange Server 2007 setup proceeded to completion.

  • Specifying a smart host on the SMTP virtual server properties on your “legacy” Exchange servers will cause a routing loop, and mail won’t flow between the new and old servers.  Apparently this is documented somewhere, although the Microsoft tech I spoke to could only point me to some articles about how to configure a smart host.  I haven’t seen any documentation yet that recommends checking and fixing this potential problem.  Furthermore, the troubleshooting tools in Exchange Server 2007 pick this up, but fail to tell you that it could be a problem.
  • Oh, yes, I almost forgot about one: ASP.NET is required for Exchange Server 2007, but what happens when you can’t install it via Add/Remove Programs > Add/Remove Windows Components?  That’s right, back to the command line again:

    %systemroot%\Microsoft.NET\Framework64\
    v2.0.50727\aspnet_regiis.exe -ir -enable

    This is assuming, of course, that you’ve already installed the .NET Framework 2.0 on your server in preparation for Exchange.

You are welcome to tell me that I’m an idiot for not knowing this stuff, on one condition: you provide a URL where information about the problem is posted and a workaround provided.  That way, when someone else runs into the issue, we’ll at least know where to point them for help.

Tags: , , ,

12 comments

  1. Erik LaBianca’s avatar

    You’re not alone. Exchange Server 2007 is a seriously half-baked product. Everywhere you turn in the KB and docs there are references to how to configure things via GUI in SP1, with an afterthought thrown in that if you are running the RTM (still the only production release) that you’ll have to dig around in the shell to do it.

    I spent a good week moving my simple Exchange 2003 setup to Exchange 2007, after thinking it would just ‘be nice to be on the new version since I’m going to have to reinstall anyway’.

    Other gotcha’s are that you have to hack and slash to install public folders manually and edit AD directly to mail enable them, the smtp mail transport configuration is pretty strange, in that by default it doesn’t want to accept standards based, non-authenticated smtp, and any sort of folder permissions delegation is a shell-only command. Plus, installing IMAP and POP takes a bunch of poking around

    The good news is that once you get it running, it seems to be well thought-out product with respect to security and spam-resistance, and even standards compliance.

  2. slowe’s avatar

    Erik,

    It’s not necessarily that Exchange Server 2007 is a half-baked product as it is that there seem to be so many little “gotchas” about installing it. I guess it’s a matter of whether the glass is half full or half empty. Can’t Microsoft write an installer that checks for the presence of certain hotfixes or patches and installs them if they’re needed? Why create a long list of specific patches that need to be installed before you can install Exchange Server itself?

  3. Erik LaBianca’s avatar

    Yeah, all I can figure is they must have had some serious marketing pressure to get it out the door. I’ve never seen a product with so much discrepancy between first RTM and SP1, although I was lucky enough to avoid most of the weirdness with the initial install. Now that I think of it, I don’t think i have OWA running yet though =P

  4. slowe’s avatar

    Erik,

    Well, I *do* have OWA running now, and thankfully it seems to work well, even with it running on a dedicated server running only the Client Access server role. It seems that once you get Exchange 2007 up and running, it runs well–but getting there is a real challenge.

  5. sk’s avatar

    Hi,
    I am migrating from postfix and unix enviornment to exchange 2007. Is it worth it to keep the openLDAP or just switch to AD.

    How about moving mailboxes? any advice on tools like exmerge?

    Thanks

  6. sk’s avatar

    Hi,
    Sorry anot the err, I meant courier on postfix.

    Thanks

  7. slowe’s avatar

    SK,

    You *MUST* deploy Active Directory if you are going to use Exchange Server 2007. You don’t have any options–Exchange is heavily integrated into Active Directory and requires Active Directory in order to operate.

    There are ways to integrate your non-Windows systems into Active Directory–just have a look around this site and I’m sure you’ll find some information that would be helpful. :)

    Good luck!

  8. Randy Maltbie’s avatar

    It seemingly took forever, but I am sooooo glad I found this blog. I was having difficulty installing the CA role and was makeing one last ditch effort before calling Microsoft. I dumped AD as you described and found that a removed (the corrrect way too) Exchange 2K3 server was still the default offline address book server. I removed it and all is well.

    Great work Scott!

    Thanks

    Randy

  9. slowe’s avatar

    Randy,

    I’m glad that the site has proven to be useful to you. Spread the word!

  10. r4 ds card’s avatar

    Thanx for the valuable information. Please provide more information over the subject. How about moving mailboxes? any advice on tools like exmerge? Provide links to related topics if possible.

  11. amei’s avatar

    it’s really confusing when user receive this warning…they will say that our mail quota is 270mb but we have set it to 300mb previously

    solution plzz

Comments are now closed.