Directory site configuration allows you to set preferences on Exchange site directory functions. Settings made to this object's properties affect an entire Microsoft Exchange site.
In this section you learn to make the following changes:
The rest of this section defines some concepts essential to proper configuration of the Directory Service agent.
A "tombstone" in Exchange directory terms is a marker representing a deleted directory object. At the moment when you delete a directory object, it is removed instantly from the local server only. All the other Exchange servers that participate in directory replication with this server do not become immediately aware of that object's deletion. Therefore, a "tombstone" marker is created that when replicated to other servers informs them of the original object's deletion. The tombstone lifetime dictates the number of days a tombstone marker exists before it expires and can be deleted from the system.
Here are some considerations for setting tombstone lifetimes:
Situation 1--Frequency of directory object deletion. If you set the tombstone lifetime for an excessively long period of time and you frequently delete objects, there will be a large number of tombstone markers clogging your entire directory replication system.
Situation 2--Length of time a server could be down. For example, you set the tombstone lifetime for a site at seven days. Suppose that one server in your site is down for over a week. The server that was down will not be notified of an object's deletion before the tombstone of some directory object is deleted. There will be some directory inconsistencies to correct as a result.
NOTE: Tombstones cannot be used to undelete a previously deleted directory object.
The garbage collection interval determines the number of hours between deletion of expired tombstone markers (referred to as garbage). Much like a traditional garbage collection service, this operation is a scheduled removal of expired directory "garbage." Once directory object tombstone markers have expired, they are ready (placed on the curb) for deletion at the garbage collection interval.
Remote users can take advantage of Exchange address lists by downloading a current version of the offline address book. This address list is generated from the main address list, and the process is managed through these property pages. A remote user uses the offline address book like a standard recipient directory when disconnected from the network. The offline address book contains only the recipients or recipient groups specified by the Exchange administrator. The offline address book object itself is a hidden public folder held in the public information store of a designated Exchange server. There can be only one offline address book per site.
Custom attributes pertain specifically to recipients. They are added to represent any extra information you want to have entered when creating recipients. Sample standard attributes are city, state, zip, and phone number; a custom attribute can be anything from birthday, age, or hair color to favorite music or bowling average.
The administrator can select which site directory objects are accessible to certain classes of LDAP users and which objects are to be replicated to other Exchange sites.
In this section, you begin to configure the DS Site property pages. You will find that a wide variety of settings affect how directory functions are carried out in your Exchange site.
The pages that will be covered are as follows:
Figure 13.1 shows the General property page and the various directory settings associated with it.
You can assign a new Display name, view the Directory name, and change the Tombstone lifetime and Garbage collection intervals by going through the following steps:
FIG. 13.1 General directory settings for a site.
NOTE: The Anonymous account is different from the accounts you specify for individual containers for anonymous users. This is a single account that will be used by anonymous users (usually Web-based users) to access directories in Microsoft Exchange.
The Permissions property page allows you to define certain Windows NT user accounts that have rights to modify this directory object.
The Offline Address Book Schedule property page allows you to determine at what intervals a new offline address book will be generated. By downloading the offline address book to their computers, remote users can verify e-mail addresses as though they were online. This also makes it easier to compose mail while offline, rather than having to connect to the Exchange server to verify e-mail addresses.
To schedule a new time interval to generate the offline address book, you take the following steps:
FIG. 13.2 Setting the schedule for creating an offline address book.
NOTE: Generating an offline address book can often take several hours. If one cycle of offline address book generation carries into the next scheduled generation time, the generation will finish normally, then begin again at the next scheduled time after its completion.[dagger]
The Offline Address Book property page defines parameters on how the offline address book will be created. You choose what elements of the directory will be included. If you desire a highly customized list of recipients to be included in the offline address book, then consider creating a recipient container dedicated to offline address book generation.
You can take the following steps to change the offline address book server, generate the offline address book before its regular schedule, and change which recipient container is used to create the offline address book:
FIG. 13.3 Setting offline address book creation and location options.
TIP: Because the generation of a large offline address book can be a lengthy process, select a lower-traffic, lesser-used server (if available) to perform this task.
NOTE: Before an offline address book is available to remote users, it must first be generated. Check your generation schedule to see if the next scheduled cycle falls within an acceptable time frame. If necessary, click the Generate All button to create it immediately.
CAUTION: There must be only one offline address book per Microsoft Exchange site. Replicating the offline address book as a hidden public folder will create directory errors.
The Custom Attributes property page allows you to define characteristics that will appear on the Custom Attributes property page of each recipient only in the local site. The field can be defined to display any additional information for which you want to create a space.
To create custom attribute fields, complete the following steps:
FIG. 13.4 Setting the custom attribute whose values you will set in the recipient's properties pages.
The Attributes property page assists administrators in managing access for LDAP users and in directory replication of objects in the site directory. An example would be enabling authenticated users access to most mailbox attributes, such as "direct reports" or phone numbers but denying anonymous users access to these objects.
To reduce possible network traffic and system overhead associated with directory replication, additional options are provided to control inclusion of directory objects in intersite replication. Caution should be exercised when deselecting objects under the System attributes heading because it could affect directory operation.
Modifying attribute access options requires the following steps:
It is important to note that in the case of custom attributes, only the data associated with the custom attribute is replicated, not the new label replacing the phrase "Custom Attribute 1." This could result in one Exchange site relabeling the site's "Custom Attribute 1" to become "Cube Number" and then entering appropriate numeric values. Meanwhile, a different Exchange site might relabel its "Custom Attribute 1" to "Favorite Color" with alpha values subsequently entered. When the two sites replicate data and the values of their respective Custom Attributes 1 are exchanged, the sites will see a mix of data types that makes no sense with the labels in their local sites!
FIG. 13.5 The Attributes tab of the DS Site Configuration Properties page.
CAUTION: After initial installation of your Exchange site, double-check the default settings associated with anonymous requests to make sure that your site is presenting for anonymous access only the LDAP information you want to make public.
These sets of property pages allow you to configure site properties that have to do with automatic creation of e-mail addresses, setting default site e-mail address values, and routing messages to their intended destination within an Exchange system. These options determine which servers will be used to calculate routing tables, and when to calculate those tables. Also, you can use these pages to get an overview of how messaging links are established in your organization.
The pages described in this section are as follows:
In the General property page, you can edit this object's Display name and also do the following:
FIG. 13.6 Setting general site routing parameters.
E-mail addresses are used by the various Exchange gateways and connectors to identify specific directory objects to other messaging systems (see Figure 13.7). In this case, these addresses affect all messages routed to this site. There are four default addresses created each for Microsoft Mail Post Office, SMTP, X.400, and cc:Mail. If other connectors or gateways are installed, those addresses can be created by default as well.
Another feature in Exchange is the capability to select which address types will be automatically created when a new mailbox or public folder is created. This is controlled by simply checking or unchecking the box adjacent to the address type. Additionally, when a box is unchecked, the administrator is presented with the option to remove this address from all currently installed mailboxes, if desired.
Just as in Exchange version 4.0 and 5.0, the default address values are editable. A common example for editing address values might be if your corporation elected to change the root DNS value for your SMTP addresses, such as swspectrum.com being changed to softwarespectrum.com.
FIG. 13.7 Setting e-mail address entries for the entire site.
When changes in site configuration are made, routing tables need to be rebuilt in order to maintain accurate message delivery information. By default, routing is calculated once per day at 4:00 a.m. local time (see Figure 13.8). Generally, the default settings will be more than adequate to maintain up-to-date routing tables in your site; use the manual override when immediate recalculation is necessary. If your site undergoes frequent changes in components (more servers, new connector types, and so on), you may want to increase the routing calculation frequency.
The Routing page indicates the type of address space used by the Exchange routing table, shows the value for that address space, and shows the cost of sending messages to a selected site. Click on a type of message destination and click Details to view the route of such a message. The dialog boxes in Figure 13.9 and Figure 13.10 appear.
FIG. 13.8 Defining a schedule when routing table calculations occur.
FIG. 13.9 Viewing the message routes available from this Exchange site.
FIG. 13.10 You can view routing details for connectors available from this site. Note the file extensions for this file type.
Each Microsoft Exchange server has its own set of property pages. Here, you can configure general functions that apply specifically to a single Exchange server.
The following are the property pages for server configuration:
To open the Server property page, complete the following steps:
The following sections cover configuring Exchange Server properties.
FIG. 13.11 You can select the Exchange server to edit, then open its properties.
The General property page displays the server's Directory name and has a space for an additional administrative note (see Figure 13.12).
The server's directory name cannot be changed without reinstalling Microsoft Exchange.
FIG. 13.12 The server name cannot be changed after Exchange has been installed.
The Permissions property page allows you to define certain Windows NT user accounts that have rights to modify this directory object. See Chapter 12, "Using the Administrator Program," for a detailed description of working with the standard Permissions property page.
The Services property page allows you to define what services will be checked by a Microsoft Exchange Server monitor. The top display window shows all services currently installed on this Windows NT server. The bottom display window shows all the services by default currently monitored by Exchange.
To select the service to be monitored by an Exchange Server monitor, complete the following steps:
FIG. 13.13 Selecting the services to be monitored by an Exchange Server monitor.
Locales determine how values (such as date or currency) are displayed in the Exchange Client. International settings are determined by the Exchange Client settings (see Chapter 30, "Using Outlook") and also affect default sorting order for lists. This property page allows you to activate certain locales from the list of installed locales.
The Installed Locales window displays all the formats currently installed on this Exchange server.
To add or remove support for various foreign-language Exchange clients, refer to the following steps:
FIG. 13.14 You can use this dialog box to add or remove support for various foreign language Exchange clients.
The Database Paths are pointers to the hard disk directories where Exchange actually stores information. This property page allows you to set the paths to the directory for placement of the public and private information store files on this server. The paths are set up when you initially install Exchange Server.
CAUTION: It is recommended that instead of manually editing the paths to the critical databases of the Exchange server, the administrator use the Exchange Optimizer wizard to move these files and adjust the necessary directory and registry values automatically.
The three main Exchange Server databases are:
Additional information files (see Figure 13.15) store additional Exchange data such as transaction logs.
TIP: One basic way to improve Exchange performance is to spread the database files across several hard drives. The Microsoft Exchange Optimizer can assist with this process.
FIG. 13.15 You can use this dialog box to view the physical location.
Click the Modify button (in Figure 13.15) to bring up the dialog box that enables you to browse through your system's file structure and select a location for the database information. You can view the physical location, that is, hard disks, for the various types of Exchange data such as Directory Database, Transaction Logs, Information Store data, and so on.
Information Store Maintenance optimizes an Exchange server's operating speed. Basic maintenance includes disk defragmentation for improved hard disk performance and compression of the various database files by removing excessive "white space" left by deleted data (see Figure 13.16). Use this page to schedule maintenance for each Exchange server.
TIP: Maintenance tasks are taxing on hard drive and overall server performance. Always schedule them at the server's least busy period of the day.
FIG. 13.16 Selecting the least busy time of the day for information store data upkeep.
This property page allows you to configure two advanced options:
CAUTION: If the circular logging options are enabled, you will no longer be able to perform differential and incremental backups (see Chapter 25, "Maintaining Exchange").
This property page allows you to control at what point these inconsistencies are to be corrected.
Select All inconsistencies to correct them immediately or select Inconsistencies more than X number of days and enter the time an inconsistency can exist before it is automatically corrected (see Figure 13.17).
FIG. 13.17 Setting general logging and inconsistency adjustment preferences.
This property page works in conjunction with the Windows NT Event Log to record various "events" that occur within the many Exchange services. Various levels of logging determine what constitutes an event and, therefore, what types of information are actually recorded in the event log. For troubleshooting purposes, you would want a very detailed record of occurrences and, hence, set a high logging level. However, normally you would want to log only events that are critical, so set a lower logging level for everyday operation (see Figure 13.18). Individual components (for example, Directory, MTA, and Information Store) also have diagnostic logging pages for their individual service, but all services are available through this server property page.
FIG. 13.18 Controlling log settings for all Exchange services running on this server.
The Directory Service Properties pages are mainly used for configuring diagnostics information. However, two additional functions provided by this object will be used more frequently during normal operation. These functions are as follows:
An example is as follows: Exchange Server SEATTLE01 is brought down for two hours for a memory upgrade. During the time of the upgrade, a new server, DUBLIN08, is added to the site. When SEATTLE01 is restored to proper functioning, it will not be aware of the existence of the new server until the Knowledge Consistency cycle is run at the end of the day. Knowing this, the administrator for SEATTLE01 runs the Knowledge Consistency cycle manually from the Directory Service Properties pages. SEATTLE01 is now aware of the new server's existence.
If an inconsistency is detected when checking manually, it is a good idea to manually execute all processes related to correcting inconsistencies. Use this sequence:
Although the preceding sequence is optional and will be automatically executed with a 24-hour period, performing the tasks immediately will reduce the possibility of other conflicts or errors.
To open the Directory Service Properties pages, complete the following steps:
The General property page allows you to synchronize directory information manually if you have made changes to directory information on the server and don't want to wait for automatic synchronization. To update or check directory information manually, complete the following steps:
FIG. 13.19 These two controls manually update the local site directory and check knowledge consistency.
E-mail addresses are used by the various Exchange gateways and connectors to identify specific directory objects to other messaging systems. There are four default addresses created each for Microsoft Mail Post Office, SMTP, X.400, and now cc:Mail.
To set public directory service e-mail addresses, complete the following steps:
FIG. 13.20 Defining any additional e-mail addresses for this directory object.
This property page works in conjunction with the Windows NT Event Log to record various "events" that occur within the Directory Service (MSExchangeDS). Various levels of logging determine what constitutes an event and, therefore, what types of information are actually recorded. For troubleshooting purposes, you would want a very detailed record of occurrences within the Directory Service, and hence set a high logging level. However, normally you would want to log only events that are critical, so set a lower logging level for everyday operation (see Figure 13.21).
FIG. 13.21 This page controls logging for the directory synchronization saervice only.
These property pages allow for directory synchronization between Exchange, Microsoft Mail Post Office, and other compatible foreign systems, including direct support for cc:Mail. For further directory synchronization information, see Chapter 18, "Using Directory Replication and Synchronization."
The following are the property pages available for configuration on the directory synchronization service:
To open the Directory Synchronization Service Properties pages, complete the following steps:
The General property page allows you to view only the current server's name and enter an administrative note (see Figure 13.22). An Exchange server's name is set when the software is installed and cannot be changed after the fact.
FIG. 13.22 The name of this server cannot be altered.
E-mail addresses are used by the various Exchange gateways and connectors to identify specific directory objects to other messaging systems. The directory synchronization service receives regular update messages sent to these addresses. There are four default addresses created each for cc:Mail, Microsoft Mail Post Office, SMTP, and X.400.
The directory synchronization service executes its functions by the transfer of messages between itself and other systems. The Delivery Restrictions property page assures that only specific users can send messages to the directory synchronization service.
To configure delivery restrictions, complete the following steps:
FIG. 13.23 Preventing unnecessary messages from being sent to this service.
In the Incoming Templates property page you can define a template that will apply to all incoming directory synchronization messages (see Figure 13.24). See Chapter 18, "Using Directory Replication and Synchronization," for more details on this template and its use in directory synchronization.
FIG. 13.24 Mapping standard Microsoft Mail Post Office attributes to Exchange Server recipients.
In the Outgoing Templates property page you can define a template that will apply to all outgoing directory synchronization messages (see Figure 13.25). See Chapter 18 for more details on this template and its use in directory synchronization.
FIG. 13.25 Mapping Exchange Server recipient attributes to the standard Microsoft Mail Post Office directory template attributes.
The Diagnostics Logging property page works in conjunction with the Windows NT Event Log to record various "events" that occur within the Directory Synchronization Service. Various levels of logging determine what constitutes an event and, therefore, what types of information are actually recorded. For troubleshooting purposes, you would want a very detailed record of occurrences within the Directory Synchronization Service, and hence set a high logging level. However, normally you would want to log only events that are critical, so set a lower logging level for everyday operation.
The System Attendant service must be running in order for most other Exchange system services to run. Stopping the System Attendant service, for example, will prompt the halting of several other Exchange services, simultaneously.
Each Microsoft Exchange server within your organization can be configured with different properties.
To configure the System Attendant properties, complete the following steps:
FIG. 13.26 The System Attendant is found in the individual Exchange Server container.
FIG. 13.27 The System Attendant
General property page.
CAUTION: Opting to keep old log files on a server with a high volume of message traffic could easily take up many megabytes of storage space. If you do select Do not remove old log files, make sure to keep track of log file sizes!
E-mail addresses are used by the various Exchange gateways and connectors to identify specific directory objects to other messaging systems. The System Attendant, though not capable of receiving messages, is a directory object just the same and has a set of e-mail addresses associated with it. There are four default addresses created each for cc:Mail, Microsoft Mail Post Office, SMTP, and X.400.
Complete the following steps to add, modify, or remove e-mail addresses from the System Attendant:
FIG. 13.28 The E-mail addresses page displays the four default addresses for this System Attendant.
All other functions of the System Attendant (such as checking directory replication inconsistencies and gathering information about other running Exchange services) are carried out without additional configuration by the administrator.
The Address Book Views pages enable you to restrict what entries users are able to see in the Global Address List (GAL). This feature also allows users to create and see address book views sorted by various mailbox characteristics. You can create new Address Book Views in Exchange 5.5 by selecting File, New Other, Address Book View from the toolbar in the Exchange Administrator program.
The pages that will be covered are as follows:
Use the General page to specify a Display name and Directory name for your Address Book View.
Go through the following steps to change the Display name and/or the Directory name of your address book view:
FIG. 13.29 Setting the Display Name and the Directory Name from the General page.
This page defines how the recipient objects in the Address Book view are grouped (see Figure 13.30).
To group recipient objects with specific attributes that appear in the Group items by box on the Group By page, complete the following steps:
FIG. 13.30 You can have up to four grouping attributes with your Address Book View.
The Permissions property page allows you to specify the rights users will have to view the Address Book (see Figure 13.31).
To delegate permissions to a user or group, complete the following steps:
FIG. 13.31 Using the Permissions page to specify the rights users or groups have to Address Book views.
Use the Advanced property page to determine whether recipient objects should appear in one or more parent containers and which Address Book view containers you want to show in Microsoft Outlook. You can also delete empty containers within an Address Book view through this page (see Figure 13.32).
To configure advanced container properties, follow the steps below:
FIG. 13.32 You can configure recipient objects for parent containers, Address Book view containers for Microsoft Outlook, and delete empty containers.