Exchange Modes:
- Mixed
- Default, Designed for backwards compatibility
- Overall exchange functionality limited to features shared by all servers in organization
- Exchange 2003 appears as just another server to earlier versions of exchange
- Default, Designed for backwards compatibility
- Native
- Contains only exchange 2000, 2003 or later servers
- All DCs that communicate with exchange must be running 2000 server sp3 or later
- When you switch to native you cannot go back
- Use native mode to take advantage of the following features
- Moving servers between routing groups in different admin groups
- Create query-based distribution groups
- Moving mailboxes between admin groups
- Mail-enabling or mailbox enabling the interorgperson object
- Moving servers between routing groups in different admin groups
- Contains only exchange 2000, 2003 or later servers
To change the mode of exchange:
Exchange system manager à Properties of organization object àedit the setting on the general tab
Administrative Groups and Permissions:
- You can set up admin groups prior to installation of first exchange server (allows you to select multiple admin groups during the installation of first exchange servers)
- Run /forestprep à then use adsiedit to create admin groups in AD
- You cannot change admin groups after installation
- If exchange is running in native mode you can rename admin groups using exchange system manager, otherwise use Adsiedit
Permissions
Using permissions you can delegate exchange server administrative tasks to other users. Keep in mind the following facts for managing exchange permissions:
- Permissions are assigned at either the organizational level or the administrative group level
- Use exchange delegation wizard in exchange system manager to manage delegations
- While running /forestprep or during exchange installation, you identify default exchange system administrator. This administrator has all permissions to the exchange organization
- Exchange administrators must have specific permissions in AD for the objects and levels they are working on. They must also have permissions on the local computer
Exchange Administrative Modes:
- Full admin
- Full control over all objects with hierarchy
- Change all permissions
- Delegate permissions
- Read mailboxes
- Full control over all objects with hierarchy
- Administrator
- Same except cannot change permissions
- Same except cannot change permissions
- View only administrator
- Can view configuration of entire organization
- Can view configuration of entire organization
When assigning full administrator/administrator to an administrative group, user also receives view only permission to the entire organization. Allowing the administrator to view configuration of the entire organization
System Policies
= collection of configuration settings that are applied to multiple objects
Exchange includes 3 different types of system policy:
- Public store policy
- Mailbox store policy
- Server policy
System policies are created inside an administrative group. To configure a system policy, take the following steps:
- Add system policy container
àright-click administrative group
à New
à System Policy Container
- Add policy to system Policy container (SPC)
à right-click SPC
àNew
àChoose the type of policy
Then select the property pages the policy will define
- Edit policy settings
àGive Policy a name
àModify the property setting that will be controlled by the policy
- Add objects that will be controlled by the policy
àRight-click the policy
àadd servers, public stores or mailbox stores
Although system policies are defined inside an administrative group, policies can apply to objects outside of administrative group
You can move/copy policies between administrative groups. However can't move/copy system policy container à after copying Policy you must apply it to corresponding objects
When a policy is applied to an object, properties controlled by policy are disabled in the corresponding objects
When you remove an object from policy/delete policy, settings remain on the corresponding object
No comments:
Post a Comment