Because
the server with the Edge Transport role doesn’t have access to the
internal AD, configuration and recipient information is stored within
the Active Directory Application Mode (ADAM) directory service (on
pre-2008 Servers) and Active Directory Lightweight Directory Services
(AD LDS) on a server that runs 2008.
So,
for starters, ADAM or AD LDS must be installed. You should configure
the Domain Name System (DNS) suffix on the Edge Transport server, too.
Then the Edge Transport server must be installed. Finally, a connection
must be made between a HT server and the Edge Transport server.
Preparing the Edge Transport Directory Service
If you use Server 2003, you will need to install ADAM. To do this, perform the following:
1. | Select Start, Control Panel, and then click Add or Remove Programs.
|
2. | Select Add/Remove Windows Components.
|
3. | Select Active Directory Services under Components, and then select Details.
|
4. | Select
the Active Directory Application Mode (ADAM) check box under
Subcomponents of Active Directory Services, and then select OK.
|
5. | Select Next on the Windows Components page.
|
6. | Read and review the message that displays. Then do one of the following:
- a. Select Finish if the message, “You have successfully completed the ADAM Setup Wizard” displays.
- b. If an error message displays, make a note of the error, select Finish, and then review the ADAM event messages in Event Viewer.
|
If you plan to use Server 2008, you need to install AD LDS. To do that, perform the following:
1. | Select Start, Server Manager.
|
2. | From the console tree, right-click Roles, and then select Add Roles.
|
3. | Review the information on the Before You Begin page of the Add Roles Wizard, and then select Next.
|
4. | On
the Select Server Roles page, in the Roles list, select the Active
Directory Lightweight Directory Services checkbox, and then click Next.
|
5. | Finish adding the AD LDS server role by following the instructions in the wizard.
|
Configuring the DNS Suffix and Adding a Host Record for the Edge Servers
The
Edge Transport server, because it doesn’t have a connection to the AD
and resides in the perimeter network, requires a manual intervention on
a variety of configuration options that would ordinarily occur
automatically if it were part of the AD. The configuration will fall on
the administrator’s shoulders. To begin with, you should configure the
DNS suffix for the server by performing the following:
1. | Select Start, Control Panel, and then double-click System to open the System Properties.
|
2. | Select the Computer Name tab.
|
3. | Click Change.
|
4. | From the Computer Name Changes page, click More.
|
5. | In the Primary DNS Suffix Of This Computer: field, type a DNS domain name and suffix for the Edge Transport server.
|
6. | Click OK three times and you are done.
|
Note
Your
Edge Transport server, depending on your configuration, might have two
network connections: one to the outside firewall and one to the
internal. The internal connection should be configured to use two
internal DNS servers as the preferred and alternative DNS servers.
Creating a Host record requires work on the DNS server side. This is done on an internal DNS server. Perform the following:
1. | Select Start, Administrative Tools, and from the expansion of tools, select DNS.
|
2. | Expand Forward Lookup Zones and right-click the name of your domain. Select New Host (A).
|
3. | From the New Host dialog, enter the name of the server in the Name field and the IP address in the IP Address field.
|
4. | Check the Create Associated Pointer (PTR) Record box.
|
5. | Select Add Host and then click Done.
|
Installing the Edge Server
The
installation procedure is the same for the Edge as it is for the other
server roles. However, unique factors include that it rests on the
perimeter of the network, that you cannot install the Edge Transport
role with other roles, and that you have to ensure another directory
services is in place and that a connection is made to the HT afterward.
To perform the installation graphically, do the following:
1. | Insert
the DVD or mount the ISO for the Installation screen to display. Select
the link from Step 4 to begin the installation wizard.
|
2. | You are taken to the Introduction screen. Click Next.
|
3. | You
are taken to the License Agreement screen, where you can scroll down
and read the entire agreement if you like. Choose I Accept The Terms In
The License Agreement and select Next.
|
4. | You
are taken to the Error Reporting screen. Here you are asked to
participate in a group effort with Microsoft to determine why certain
errors occur on systems. If you say Yes (Recommended), errors that
occur automatically send reports to Microsoft without further
permission. The other option is No. Choose an option and then select
Next.
|
5. | This
brings you to the Installation Type screen, where you can choose either
a Typical or Custom Exchange Server installation. In this case, select
Custom Exchange Server Installation.
|
6. | Select Edge Transport Server Role, and then select Next.
|
7. | The
Readiness Checks screen checks to make sure your system is ready for
the installation of the server options you chose. After you are clear
to move forward, choose Install.
|
8. | The
Progress screen walks you through the process of the actual
installation. When complete, it takes you to the Completion screen and
shows you what has been installed successfully. Click Finish.
|
After the installation is complete and the EMC displays, as shown in Figure 1,
you will notice the difference in the console immediately. Your
finalization needs are different from the other server roles, but you
will notice that the navigation console on the left is sparse. This is
because the Edge Transport server can be installed alone only, so that
the console is not cluttered with additional pieces that are not needed.
Note
To avoid the graphic installation completely, you can put the DVD in and type setup /mode:install /roles:ET as a command prompt. As long as all the prerequisites are met, the installation should proceed without a problem.
Making the Connection with an HT Server
The
process of linking an HT server and ET server together is known as the
EdgeSync process. The process begins with exporting the EdgeSync
subscription file and then taking the file and importing it on an HT
server. The purpose of this process is to establish a one-way
replication of recipient and configuration information from Active
Directory to either ADAM or AD LDS (depending on the type of server you
are using). The connection with the HT servers and the Edge Transport
server(s) is a unique one of trust, so that the HT servers can route
messages going to the Internet through the Edge Transport server that
has been configured and is associated with the HT server.
To begin, you want to log on to the Edge Transport server and perform the following:
1. | Open the Exchange Management Shell.
|
2. | Type New-EdgeSubscription -FileName “c:\edgesubscriptioninfo.xml” (note that the filename and location is completely your choice, this is just an example).
|
After
the file is complete, copy it over to the HT server. Make sure you have
fully qualified domain name (FQDN) connectivity between the servers by
performing simple ping tests by name. On the HT server, perform the
following:
1. | Open the Exchange Management Shell.
|
2. | Type New-EdgeSubscription -filename “C:\EdgeSubscriptionInfo.xml” -CreateInternetSendConnector $true -site “Default-First-Site-Name”.
(Note that the filename is your choice when you create the file, so
enter the name you gave it. The default site name might have been
changed, so make sure the site is correct, too.)
|
3. | The
synchronization process usually takes places at four-hour intervals. If
you want to immediately begin the process of synchronization, you can
type Start-EdgeSynchronization.
|
Note
You
can use the Test-EdgeSynchronization cmdlet to determine whether there
is a problem between the Edge Transport servers and the HT servers.
This is an Exchange 2007 SP1-only cmdlet. Simply typing in the cmdlet
retrieves plenty of information; however, you can use switches that
enable you to tailor your test. You can find these at http://technet.microsoft.com/en-us/library/aa996925(EXCHG.80).aspx.
