Exchange 2010 – Five Server Roles
Compared with Exchange 2003, one of the biggest changes in Microsoft’s philosophy is that Exchange 2010 now has five server roles. This passion for ‘Roles’ mirrors Microsoft’s mantra of ‘Customize This Server’ on Windows Server 2008.
At one extreme you could deploy a single 2010 Server with four roles and forget about the Edge (Gateway) server role. At the other extreme you could have five separate Exchange servers, one for each role. Microsoft call this increased scalability, I think of it as greater flexibility.
Exchange 2010 with its five roles, will benefit those who have a clear plan of what they want to achieve from their email servers. In retrospect it could be argued that Exchange 2003 tried to be all things to all people. As a result add-ons like Conference Server and Instant Messaging are not available, instead Exchange 2010 concentrates on being a premier email server.
♠
Exchange 2010 – Five Server Roles
In 2003 versions of Microsoft Exchange Server you could not select specific roles, because all features were installed on each server. Exchange Server 2010 uses the concept of server roles to control which capabilities are installed on which Exchange server. The benefit of this new arrangement is improved scalability, better security and simplified administration.
Note: Exchange Server 2010 should be installed on a member server, and not a domain controller.
———————————
Exchange 2010 Mailbox Role
Mailbox is a good name for the core Exchange server, which stores all the email. Incidentally, remember to install IIS and the World Wide Web (WWW) service. Installing a Mailbox Server on Windows Server 2008 and linking it a CAS (Client Access Server) would be like pairing the Back-end / Front-end servers in Exchange 2003.
One surprise is that Mailbox servers do not transfer messages between mailboxes, for this message delivery you need a Hub Transport server. Bear this in mind when troubleshooting non-delivery of internal email. For smaller Exchange Organization you could combine the Mailbox and Hub Transport roles on the same server.)
Conceptially, the Mailbox server must connect with the Active Directory, CAS, the Hub Transport server, Unified Messaging server and of course those Microsoft Outlook clients.
Here is a list of Exchange related services on your Windows 2008 Server.
- MSExchangeIS – Microsoft Exchange Information Store
- MSExchangeMailboxAssistants – Microsoft Exchange Mailbox Assistants
- MSExchangeSearch – Microsoft Exchange Search Indexer
- MSExchangeServiceHost – Microsoft Exchange Service Host
- MSExchangeMonitoring – Microsoft Exchange Monitoring
- MSExchangeSA Microsoft – Exchange System Attendant
- MSExchangeMailSubmission – Microsoft Exchange Mail Submission
- Msftesql-Exchange – Microsoft Search (Exchange Server)
- MSExchangeTranportLogSearch – Microsoft Exchange Transport Log Search
- MSExchangeADTopology – Microsoft Exchange Active Directory Topology
- See also SolarWinds Network Topology Mapper
Mailbox servers can also be used to host public folder databases, and produce address lists including offline address books (OABs).
Client Access (CAS)
TheClient Access Server (CAS) is installed by default. Plan to have for a Client Access server in each site that has an Exchange 2010 mailbox server. Your main clients will probably be desktop machines running Microsoft Outlook 2002 or later. Other client types include POP3, IMAP4, Exchange ActiveSync, Web, and Outlook Anywhere.
In terms of transition , CAS replaces those front-end servers from Exchange 2003 days. As expected CAS also supports OWA (Outlook Web Access) clients.
The Client Access Server also supports Autodiscover. For those who require internet access then configure an ISA server to manage the transition across the firewall from internet to internal network.
Guy Recommends : SolarWinds’ Free VM Monitor
The best feature of this new this new version of SolarWinds VM Monitor is that it checks Windows Hyper-V. Naturally, it still works with virtual machines on VMware ESX Servers. VM Monitor is a clever desktop tool that not only tests that your server is online, but also displays the CPU and memory utilization for each node.
It’s easy to install and to configure this virtual machine monitor, all you need the host server’s IP address or hostname and the logon info. Give this virtual machine monitor a try – it’s free.
Download your free copy of SolarWinds VM Monitor.
Placing Your CAS Server
If your Client Access Server is accessible from the Internet, you need to take precautions. The crucial decision is whether to locate CAS on the internal network or the perimeter network. If the decision is close, I would locate the Client Access Server(s) on the internal network.
You must install the CAS role on a member server that has access to a Global Catalog server. Also remember that the CAS must be able to contact the Mailbox servers inside your Exchange organization. A ratio of 1 CAS : 4 Mailbox servers works well. In the case of Exchange organizations with fewer than 500 mailboxes you could combine CAS with other Exchange roles, for example, Hub Transport.
Once installed, I would call for the Security Configuration Wizard and listen to its suggestions to lock down ports and disable services that your particular Client Access server deployment does not require. Only allow access through the external and internal firewall for the essential protocols. One solution would be to install and configure Microsoft’s Internet Security and Acceleration (ISA) Server.
Hub Transport (Bridgehead)
The hub transport role replaces the old routing connectors. Smaller organizations would probably add this role to the Mailbox Server or possibly the Client Access server. The key point is that even for large organizations, the Hub Server manages the delivery of all internal Exchange 2010 email. At its heart, the Hub Server has a categorizer, which analyzes each email and delivers it to the appropriate mailbox.
Hub Servers also have a Journaling Agent. You have the technical ability to save a copy of all email, how much, or how little use you make of this facility is best discussed with your company lawyers.
Guy Recommends: The SolarWinds Exchange Monitor
Here is a free tool to monitor your Exchange Server. Download and install the utility, then inspect your mail queues, monitor the Exchange server’s memory, confirm there is enough disk space, and check the CPU utilization.
This is the real deal – there is no catch. SolarWinds provides this fully-functioning freebie, as part of their commitment to supporting the network management community.
Free Download of SolarWinds Exchange Monitor
Exchange Hub Transport Components and Processes
Let us consider what happens to ‘native’ clients. By native I mean: Microsoft Office Outlook 200x, Office Outlook Web Access, Outlook by Phone. Let us analyze what happens when one of these accounts with an Exchange mailbox, sends a message. We will pick up the trail from the message waiting in the outbox.
The Exchange Mail Submission service, contacts the Store driver which transfers the email into the ‘Submission queue’ on the Hub Transport server. This queue leads to the Categorizer, which is the heart of the Hub Transport server. Rather like the snail-mail postal service, the Categorizer looks up the recipient’s mailbox, then resolves the best route to that site. Unlike the snail-mail service, the Categorizer can also do other stuff, such as content conversion and applying any mail flow rules that are in operation.
The categorizer has two helpers, ‘Local Delivery’ and ‘SMTP Send’. From their descriptive names, I am sure you can work out which one is for a mailbox delivery to a server in the same site, and which one requires remote delivery with external routing.
Because I want to build up concepts slowly but surely, the above diagram focuses only on internal email. To make the diagram more realistic, the Categorizer would also have arrows indicating delivery of email from the internet. My point is that the Categorizer is the central component, and deals with routing all email irrespective of its source.
While the Hub Server could be used to deliver email to the internet, it is better to deploy an Edge Server. See more on the Hub Transport Server Role
Unified Messaging
This server hosts the integration of voice (voice-mail), calendar, email and fax. Unified messaging enables voicemail and faxes to be delivered to the Outlook 2010 (Version 14) Inbox. This role needs ‘speechify’, most likely the wizard will install it automatically.
Edge Transport or Gateway Server
This Edge Transport (Gateway) server is a new development for Microsoft’s Exchange. Think of the Gateway server as the hygiene server, as a rival of Message Labs or as a replacement for your third party email cleaning service. An absolute requirement is that the Edge server must be in it’s own workgroup and must not, repeat not, be a member of the Exchange Organization’s Active Directory domain. For this reason the Role Selection wizard displays a horizontal separator between this and the other server roles.
For a variety of reasons the Edge server has proved to be the least popular Exchange Server 2010 role. This is especially true in the UK where people rely on other solutions to clean mail and act as a gateway to the internet. See more on the Edge Server Role
Guy Recommends: SolarWinds Network Topology Mapper (NTM)
NTM will produce a neat diagram of your network topology. But that’s just the start;Network Topology Mapper can create an inventory of the hardware and software of your machines and network devices. Other neat features include dynamic update for when you add new devices to your network. I also love the ability to export the diagrams to Microsoft Visio.
Finally, Guy bets that if you test drive the Network Topology Mapper then you will find a device on your network that you had forgotten about, or someone else installed without you realizing!
Download your 14 day free trial ofSolarWinds Network Topology Mapper
Exchange 2010 Server Virtualization – No! Yes
In July 2009 Mike Mclean wrote to me pointing out that Microsoft themselves now support 64-bit guest operating systems for Hyper-V. Thus you can now use this marvellous virtual technology to support the 64-bit version of Exchange 2010.
Back in June 2008 Microsoft Virtual Server only supported 32-bit guests. You may know that Exchange 2010 server REQUIRES 64-bit hardware. Now that has been fixed and you can run 64-bit guests in Hyper-V virtual machines.
Exchange Server 2010 Two Editions – Standard and Enterprise
Exchange Server 2010 is available in two editions, Standard and Enterprise the difference is determined by the product key. The Enterprise Edition supports up to 100 databases on each server, whereas the Standard Edition supports only 5 databases. Fortunately, Exchange 2010 has no software limit on the database storage, each storage group database can be as big as you like. In Exchange 2003 Standard edition, the limit was 16Gb or 75Gb.
Exchange licensing can either be per server or per CAL (Client Access License). If find it difficult to work out the cheapest licensing option, check here to see the best solution for your Exchange Organization.
Summary of Exchange Server Roles
Microsoft has decided on a structured approach and provide five roles for Exchange Server. You have the flexibility of multiple roles on the same server, or you could deploy a dedicated server for each role. However, remember that the Edge Server MUST be on a separate server in a separate workgroup, also, there are also advantages in separating the Mailbox and Client Access roles.
If you like this page then please share it with your friends
See more Microsoft Exchange Server 2010 topics:
• Exchange Home • Exchange 2010 Transition • Exchange 2010 Migration • Exchange 2010 SP1
• Exchange MX Records • Exchange 2010 Logs • Exchange 2010 Circular Logging • Exchange Stores
• Exchange 2010 GAL • Exchange 2010 SMTP Connector • Free Exchange Monitor • Home
