Using the Exchange Management Console
The Exchange Management Console provides a graphical view of all the resources and components of an Exchange organization. No matter how many servers you have set up, you can manage them all from a single Exchange Management Console window. Use this window, and the property sheets of all the objects in it, to navigate the Exchange organizational hierarchy and perform the various tasks associated with Exchange administration.
You use both container and leaf objects to administer an Exchange organization. Most objects in the Exchange System console window—both container and leaf—have a property sheet that allows you to configure various parameters for that object and make it act in the way that best serves the organization’s needs. You can open an object’s property sheet by selecting the object and choosing Properties from the Action menu. You can also right-click an object and choose Properties from its shortcut menu. You use property sheets to both configure and administer Exchange Server 2007.
Major Areas of the Exchange Management Console
You can start the Exchange Management Console by clicking Start, pointing to All Programs, then to Microsoft Exchange Server 2007, and then clicking Exchange Management Console. The Exchange Management Console is divided into the major areas shown in Figure 10-4. These areas include:
- Console tree The console tree is located on the left side of the console and is organized by containers that represent the hierarchy of the Exchange organization. The specific containers that are displayed are based on the server roles that are installed. When you select a container in the console tree, the results of that container are shown in the Result pane.
- Results pane The Results pane is located in the center of the console. This pane displays objects that reflect the container you have selected in the console tree. For example, if you select the Mailbox object inside the Recipient Configuration container, the Results pane shows individual mailboxes.
- Work pane The Work pane is located at the bottom of the Result pane. The Work pane is shown only when you select objects under the Server Configuration container, such as Mailbox, Client Access, or Unified Messaging. This pane displays objects based on the server role that is selected in the Server Configuration container. For example, if you select the Mailbox object in the Server Configuration container, the Results pane shows a list of Mailbox servers. When you select a server in the Results pane, storage groups on that server are shown in the Work pane.
- Actions pane The Actions pane is located on the right side of the console. This pane lists actions you can perform based on the object that is selected in the console tree, Results pane, or Work pane. These actions are the same actions you can take by displaying the Action menu or by right-clicking the object. For this reason, you might find it more useful to hide the Actions pane. You can do this by clicking the Show/Hide Action Pane button on the Exchange Management Console toolbar.
Figure 10-4 Areas of the Exchange Management Console
Real World Explore!
The sheer number of property sheets you encounter when administering Exchange Server 2007 can seem daunting, but don’t let them intimidate you. Take the time to play with the program. You probably won’t be able to remember exactly where to go to accomplish every administrative task in Exchange Server 2007, but it helps to think about what the task involves. If you need to manage the way all mailboxes on a server are handled, find the Mailbox container inside the Server Configuration container. If you need to manage a single mailbox, find the Mailbox container inside the Recipient Configuration container. Each component handles a different aspect of the configuration, so multiple components might be involved with a single configuration or administrative task. As you use the program and get used to the Exchange environment, it becomes easier to navigate the program and find exactly the object or objects you need to administer.
Learning the contents and layout of the various property sheets in the Exchange Management Console is a key to learning how Exchange Server 2007 works. After you know how to organize tasks that match the way Exchange Server 2007 is structured, your administrative tasks flow more easily.
To administer an Exchange environment with the Exchange Management Console, you must log on to Active Directory under a domain user account that has administrative privileges for administering the Exchange organization.
Examining the Exchange Hierarchy
The top of the hierarchy in the console tree of the Exchange Management Console is the snap-in root container that represents the Exchange organization, as shown in Figure 10-5. The snap-in root container is named Microsoft Exchange. All the Exchange containers are held within this container. Additionally, selecting the root container shows two tabbed screens in the Results pane: Finalize Deployment, which shows you tasks to perform after installation (and which is discussed in Chapter 6, “Installing Exchange Server 2007”); and End-to-End Scenario, which allows you to configure end-to-end solutions in Exchange, such as implementing best practices for disaster recovery.
There are four primary containers directly within the snap-in root container. The following sections describe each of these containers.
Figure 10-5 The Exchange hierarchy
Selecting the Organization Configuration container itself displays all users configured as Exchange administrators and allows you to configure administrative access roles for users or groups, as shown in Figure 10-6. You must be a member of the Exchange Server Administrators group in order to view the Organization Configuration container or change the roles assigned to users.
Figure 10-6 Viewing Exchange administrative roles with the Organization Configuration container
Exchange administrator roles are similar in function to Windows Server security groups. Administrator roles allow you to easily assign sets of permissions to users for the most common administrative functions in Exchange Server. Exchange administrative roles include the following:
- Exchange Server Administrators This role provides access to only local server Exchange configuration data, either in the Active Directory or on the physical computer on which Exchange Server 2007 is installed. Users who are members of the Exchange Server Administrators role have permissions to administer a particular server, but do not have permissions to perform operations that have global impact in the Exchange organization. Members assigned to this role are granted the following:
- They are made owners of all local server configuration data. As owners, members of the role have full control over the local server configuration data.
- They are made local administrators on the computer on which Exchange is installed.
- They are made members of the Exchange View-Only Administrators role.
- Exchange Organization Administrators Role The Exchange Organization Administrators role provides administrators with full access to all Exchange properties and objects in the Exchange organization. Additionally, members assigned this role are granted the following:
- They are made owners of the Exchange organization in the configuration container of Active Directory. As owners, members of the role have control over the Exchange organization data in the configuration container in Active Directory and the local Exchange server Administrator group.
- They are given Read access to all domain user containers in Active Directory. Exchange grants this permission during setup of the first Exchange Server 2007 server in the domain, for each domain in the organization. These permissions are also granted by being a member of the Exchange Recipient Administrator role.
- They are given Write access to all Exchange-specific attributes in all domain user containers in Active Directory. Exchange Server 2007 grants this permission during setup of the first Exchange Server 2007 server in the domain, for each domain in the organization. These permissions are also granted by being a member of the Exchange Recipient Administrator role.
- They are made owners of all local server configuration data. As owners, members have full control over the local Exchange server. Exchange Server 2007 grants this permission during setup of each Exchange server.
- Exchange Recipient Administrators Role The Exchange Recipient Administrators role has permissions to modify any Exchange property on an Active Directory user, contact, group, dynamic distribution list, or public folder object. Members are granted the following:
- They are given Read access to all the Domain User containers in Active Directory that have had Setup /PrepareDomain run in those domains.
- They are given Write access to all the Exchange-specific attributes on the Domain User containers in Active Directory that have had Setup /PrepareDomain run in those domains.
- They are automatically granted membership in the Exchange View-Only Administrator role.
- Exchange View-Only Administrators Role The Exchange View-Only Administrators role has read-only access to the entire Exchange organization tree in the Active Directory configuration container and read-only access to all the Windows domain containers that have Exchange recipients.
The Organization Configuration container contains the following containers:
- Mailbox At the organization level, the Mailbox container allows you to manage Mailbox server role settings that apply to the entire Exchange organization. You can create and manage address lists, managed custom folders, messaging records management (MRM) mailbox policies, and offline address books (OABs). You learn more about this in Chapter 11, “Creating and Managing Recipients.”
- Client Access At the organization level, the Client Access container allows you to create and manage Exchange ActiveSync mailbox policies for mobile users. These policies apply common sets of security settings or policies to collections of users.
- Hub Transport At the organization level, the Hub Transport container allows you to configure features of the Hub Transport server role. The Hub Transport server role handles all internal mail flow, applies organizational message routing policies, and is responsible for delivering messages to a recipient’s mailbox.
- Unified Messaging At the organization level, the Unified Messaging container allows you to manage Unified Messaging (UM) server role settings that apply to your entire Exchange Server 2007 organization. You can maintain existing or create new UM dial plans, UM IP gateways, UM mailbox policies, and UM auto attendants. For more information on Unified Messaging, see Chapter 14, “Unified Messaging.”
Use the Server Configuration container, shown in Figure 10-7, to view a list of all the servers in your Exchange organization and perform tasks specific to server roles. When you select the Server Configuration container itself, you can view the role, version, edition, product ID, cluster status, last modified time, and site for each server in the Results pane. For more information about how to view these columns in the Results pane, see the section, “Custom Consoles,” earlier in this chapter.
Figure 10-7 Viewing the Server Configuration container
The containers that appear under Server Configuration show only the Exchange servers that have a particular server role installed. The Server Configuration container contains the following containers:
- Mailbox At the server level, the Mailbox container allows you to display a list of all servers in the organization that have the Mailbox server role installed and to perform actions specific to that server role. The Database Management tab in the Work pane lists all the storage groups and databases that exist on the selected server.
- Client Access At the server level, the Client Access container allows you to view and maintain the settings for Microsoft Outlook Web Access (OWA), Exchange ActiveSync, and the offline address book (OAB).
- Hub Transport At the server level, the Hub Transport container allows you to display a list of all servers in the organization that have the Hub Transport server role installed and to perform actions specific to that server role.
- Unified Messaging At the server level, the Unified Messaging container allows you to configure voice messaging, fax, and e-mail messaging into one store that users can access from a telephone and a computer. Exchange Server 2007 Unified Messaging integrates Microsoft Exchange with telephony networks and brings the Unified Messaging features to the core of Microsoft Exchange.
The Recipient Configuration container, shown in Figure 10-8, allows you to perform a variety of recipient management tasks. You can view all the recipients in your organization, create new recipients, and manage existing mailboxes, mail contacts, mail users, and distribution groups.
Figure 10-8 Viewing the Recipient Configuration container
The Recipient Configuration container contains the following containers:
- Mailbox At the recipient level, the Mailbox container allows you to manage mailbox users and resource mailboxes. Resource mailboxes include room and equipment mailboxes. You can create new mailboxes and remove, disable, or move existing mailboxes. You can also configure mailbox properties, enable and disable Unified Messaging (UM), and manage mobile devices.
- Distribution Group The Distribution Group container allows you to manage mail-enabled distribution groups (which include security groups) and dynamic distribution groups. You can create new distribution groups and remove, disable, or configure existing distribution groups.
- Mail Contact The Mail Contact container allows you to manage mail contacts. You can create new mail contacts and delete or configure existing mail contacts.
- Disconnected Mailbox The Disconnected Mailbox container allows you to view and connect disabled mailboxes. Disconnected mailboxes are retained based on the configured mailbox database limits. You will see only the mailboxes that have been disconnected within the retention period that is specified for the mailbox database.
The Toolbox is a collection of tools that are installed with Microsoft Exchange Server 2007. The Toolbox provides a central location for diagnostic, troubleshooting, and recovery activities using various Exchange tools.
The tools in the toolbox are divided into the following categories:
- Configuration Management Tools This category contains only the Exchange Server Best Practices Analyzer, which automatically examines an Exchange Server 2007 deployment and determines whether the configuration is in line with Microsoft best practices. Run the Exchange Server Best Practices Analyzer after installing a new Exchange server or after making any configuration changes. You learn more about this tool in Chapter 15, “Troubleshooting Exchange Server 2007.”
- Disaster Recovery Tools This category contains two tools: Database Recovery Management Tool and Database Troubleshooter. Both tools work through a set of troubleshooting steps to help identify and resolve database issues.
- Mail Flow Tools This category contains the following three tools:
- Mail Flow Troubleshooter This tool allows you to troubleshoot common mail flow problems. After selecting a symptom of the mail flow problems you are experiencing (such as delays or non-delivery reports), the tool attempts to find a solution and then provides advice to walk you through the correct troubleshooting path. It shows an analysis of possible root causes and provides suggestions for corrective actions.
- Message Tracking Tool This tool lets you view a detailed log of all message activity as messages are transferred to and from an Exchange Server 2007 server that has the Hub Transport server role, the Mailbox server role, or the Edge Transport server role installed. You can use message tracking logs for mail flow analysis, reporting, and troubleshooting.
- Queue Viewer This tool allows you to monitor mail flow and inspect queues and messages. You can also perform actions to the queuing databases such as suspending or resuming a queue, or removing messages.
- Performance Tools This category contains two tools: Performance Monitor and Performance Troubleshooter. Performance Monitor is a tool you can configure to collect information about the performance of your messaging system. Specifically, you can use it to monitor, create graphs, and log performance metrics for core system functions. Performance Monitor is covered in detail in Chapter 17, “Tuning Exchange Server 2007 Performance.” Performance Troubleshooter helps you to locate and identify performance-related issues that could affect an Exchange server. You diagnose a problem by selecting the symptoms observed. Based on the symptoms, the tool walks you through the correct troubleshooting path. This tool is covered in Chapter 15.
© Microsoft. All Rights Reserved.