All the security issues for Exchange 2000 are central to other Microsoft Applications such as IIS and the Operating System. All the Administration for Exchange is now handled by Active Directory and not Exchange itself as it was with Exchange 5.5. 6
If at some stage IHD decides to publish Outlook Web Access to the internet it is strongly advised to install a Certificate server to enable secure authentication to occur. 6
All Domain, Enterprise and Schema admin usernames and password are kept in a secure passwords file. 6
This Standard Operating Procedure (“SOP”) sets out the guidelines to be followed when configuring and installing Exchange Server 2000 software.
This SOP covers the installation of Exchange Server 2000 in the IHD Domain. It includes a description of the overall Exchange architecture.
The Infrastructure Manager is responsible for all aspects of design and operation of the network, including loading of software on servers. Nobody shall install or modify software on a server without the approval of the Infrastructure Manager, and all such installations or modifications shall be in accordance with this SOP.
The architecture is a simple “hub and spoke” arrangement. The system at Internet Solutions functions as the “hub”, and all the site servers as the “spokes”.
Routing Group connectors on the Exchange Server at Internet Solutions deliver mail to all the relevant sites. The mail gets routed from here to the internet.
Internet mail arrives at Internet Solutions from the Internet via the Mail Marshall infrastructure where it is scanned for virus and the content is checked. At Internet Solutions the mail travels via the firewall to the machine called TWEETIE, which runs the Trend Microsystems Interscan software. From TWEETIE the mail gets routed to the Exchange Server, called SRISFE01. From SRISFE01 it gets routed to the relevant site server where the specific mailbox is homed.
Mail form the relevant sites get routed to SRISFE01, to the Mail Marshall and then out to the Internet.
Install the Software
Gather all the materials you will need before you start – checklists, software disks, patch procedures etc.
Install Windows 2000 Server onto the new Exchange server machine.
Install the server as a Domain Controller. This is important for servers which will be located away from the Linbro Park LAN, so that authentication will happen locally and not over the WAN / VPN links. If the server is on a LAN, which already has a domain controller on it, then this requirement can be waived.
Do these installations in accordance with the relevant SOP.
Prepare the hard drive configuration as a C drive of 8 GB, and the rest of the storage as D drive.
Select I Agree on the License Agreement screen and click Next.
On the Component Selection screen, leave the defaults that are selected and click Next.
On the Site Selection screen be sure to select the correct Site to join. This will be either, Johannesburg, Durban, Bloemfontein, Cape Town or Port Elizabeth. Click Next.
Click Next and wait for the install to finish.
Configure the Exchange Server
Create a Routing Group connector to the new Site server. The connection should always point to SRISFE01 at Internet Solutions, unless it is this machine that is being reinstalled. If that is the case then I would suggest a System State restore.
When making any changes on any of the Exchange Servers ensure that enough time has been left for replication to complete.
Move the Mailbox Store as well as the log files onto the D Drive.
All the security issues for Exchange 2000 are central to other Microsoft Applications such as IIS and the Operating System. All the Administration for Exchange is now handled by Active Directory and not Exchange itself as it was with Exchange 5.5.
The Security SOPs for the Operating System and IIS should be adhered to, to enable Exchange to be secure.
If at some stage IHD decides to publish Outlook Web Access to the internet it is strongly advised to install a Certificate server to enable secure authentication to occur.
All Domain, Enterprise and Schema admin usernames and password are kept in a secure passwords file.