Exchange Management Console
With the release
of Exchange Server 2007, Microsoft introduced the Exchange Management
Console, its new Microsoft Management Console (MMC) snap-in that
provided a graphical user interface (GUI). This product had a completely
redesigned interface that was much easier to navigate than the previous
administration tool, the Exchange System Manager.
The Exchange Management
Console (EMC) remains in Exchange Server 2010. It has been refined and
updated but has the same look and feel as it did in Exchange Server
2007, and administrators familiar with the older version can find their
way around with little wasted effort. The EMC utilizes remote PowerShell
commands to perform the actual work, and relies on RBAC to determine
what level of administration accessing users can accomplish.
The EMC is installed
on all Exchange 2010 servers. When utilized on Exchange servers housing
the Exchange Hub Transport, Client Access, Unified Messaging, and/or
Mailbox server roles, the console displays all servers in the
organization that house these roles. However, if the Exchange server has
the Edge Transport server role installed, the console displays only the
Edge Transport server role.
Exchange Server 2007
required a 64-bit platform to install the server roles but enabled the
administrative tools to be installed on 32-bit systems. Exchange Server
2010, however, does not. To deploy the Exchange Server 2010 EMC you must
be running one of the supported x64 platforms:
The EMC Hierarchy
Opening the EMC, as shown in Figure 1, presents administrators with a graphical interface that consists of three primary sections.
The Console
Tree (on the left) shows a hierarchy containing categories of objects
that can be managed. This is how administrators navigate through the
various containers and objects in their environment. The Console Tree
can be shown or hidden by clicking the Show/Hide Console Tree icon on
the EMC toolbar.
The results pane,
located in the center of the console, displays a collection of objects
that an administrator can select. This collection varies based on the
object that is selected in the Console Tree.
The action pane is
located on the right side of the console. This pane lists all actions
that are available to administrators based on the items selected in the
Console Tree or results pane. Like the Console Tree, the action pane can
be shown or hidden by clicking Show/Hide Action Pane on the console
toolbar. Even with the action pane hidden, administrators can still
access relevant actions through context menus available by
right-clicking the object.
In the Console
Tree, the hierarchy of the management containers displays. There are
some changes to the hierarchy that reflect new features and capabilities
in the EMC.
Microsoft Exchange Node
As
in Exchange Server 2007, the first node in the hierarchy is the
Microsoft Exchange node. Selecting this node presents two tabs in the
results pane: Post-Installation Tasks and Community Resources.
The Post-Installation Tasks
tab details steps that are recommended by Microsoft whenever new
Exchange servers are installed, or whenever new roles are added to
existing servers. These Post-Installation Tasks include
- Finalize Deployment Tasks— Lists tasks that are required
to complete the deployment of Exchange Server 2010, including features
that are enabled by default but require manual configuration. Some tasks
that might need to be reviewed follow:
- Configure domains for which you will accept email.
- Subscribe the Edge Transport server.
- Create a postmaster mailbox.
Administrators are strongly encouraged to review this section thoroughly.
- End-to-End Scenario Tasks— Provides a list of recommended
tasks to perform after deploying Exchange Server 2010 to configure
specific end-to-end scenarios. Some areas covered include the following:
- Managing Outlook Anywhere
- Configuring Monitoring for Exchange servers
- Securing your Exchange server from viruses, worms, and other malware
- Configuring your system for the Rights Management Services (RMS) Policy Application Agent
As with the Finalize Deployment page, these items should be reviewed for applicability in your environment.
- Additional Post-Installation Tasks— Provides a checklist of optional
steps for configuring Exchange Server 2010 features and a checklist of
optional tasks to perform after the Exchange Server 2010 installation is
complete.
The Community Resources
tab is new to Exchange Server 2010 and will be populated by Microsoft
with links to various community resources that share information about
the Exchange Server product. Some examples of possible entries here
include links to recent posts on the Microsoft Exchange Server Team Blog
and links to technical articles from Microsoft TechNet. The Community
Resources tab can be a helpful reference for administrators wishing to
keep up with new product announcements and features.
When the Microsoft
Exchange node is selected, the action pane shows a new available action:
Add Exchange Forest. This action heralds a major change in the Exchange
world, the ability to manage multiple Exchange Server 2010 forests from
a single Exchange Management
Console. This not only enables connecting to a secondary forest in the
same organization, but also the ability to connect to and manage
mailboxes that are hosted online with a hosted solution. Up to 10
forests can be added to the EMC.
Note
Before an Exchange
Server forest can be added to the EMC, administrators must establish a
federated trust or an Active Directory trust to the target forest.
Microsoft Exchange On-Premises Node
The next node in the
hierarchy is new to Exchange Server 2010: the Microsoft Exchange
On-Premises node. This is the default first forest that is installed
with Exchange Server 2010, and the name cannot be changed. Selecting the
node brings up two tabs in the results pane: The Organizational Health
and Customer Feedback tabs.
The
Organizational Health tab provides administrators with an Organizational
summary that includes information about their environment. Although
most of this information could be gathered in the Exchange 2007 EMC, it
had to be done manually and was not offered in an “at-a-glance”
presentation.
In a new installation,
the data in the summary must be populated—to do so, click the link that
says “Data is unavailable. Click here to access the latest data.”
Administrators are presented with the “Collect Organizational Health
Data Wizard,” which walks them through the data collection process. When
completed, click Finish.
The tab provides a
Database Summary, which tells how many databases and database copies
exist in the environment, and how many of those database copies are
unhealthy.
There is a License
Summary for Exchange Server 2010 users that tells how many client access
licenses (CALs) are needed for the environment. A Servers Summary lists
the total number of Exchange servers (2010, 2007, and 2003) in the
environment and how many there are of each version. The Servers Summary
also breaks out how many Mailbox, Client Access, Hub Transport, and
Unified Messaging servers are in the organization. Finally, there is a
Recipients Summary that tells the total number of recipients, user
mailboxes, distribution groups, dynamic distribution groups, mail
contacts, and mail users in the organization. The Recipients Summary
also tells how many users are messaging records management, journaling,
OWA, ActiveSync, and Unified Messaging users, and how many have MAPI,
POP3, and IMAP4 enabled.
The next tab on the
On-Premises screen is the Customer Feedback tab, which enables
administrators to configure their level of participation in the
Microsoft Customer Experience Improvement Program. This program collects
anonymous information about how Exchange Server is used in the
organization and presents it to Microsoft; it evaluates the data and
determines which areas they need to focus on for improvement.
Administrators can also connect to the Exchange Tech center to view
documentation and get
the latest software updates. Finally, administrators can submit
suggestions and report bugs to the Exchange Server team, directly from
within the EMC interface.
Organization Configuration Node
This section
configures global data for the Exchange Server organization. Global data
applies to all servers in your organization that hold a particular
role, such as the Mailbox, Client Access, Hub Transport, or Unified
Messaging roles.
One notable change in the Organization Configuration Node—the Exchange 2010 Mailbox Databases, which used to be viewed in the Server Configuration
node, have been relocated to the Organization Configuration node. By
clicking on the Mailbox role, new tabs are visible that control Database
Management and Database Availability Group management. This is because
Exchange Server 2010 now considers databases to be Global objects. In addition, items such as email address policies and the Offline Address Book (OAB) can be managed from this node.
Server Configuration Node
The Server
Configuration node is used to manage the configuration of all Exchange
2010 servers and the associated child objects. By clicking on the Server
Configuration tab, administrators can see a full list of the Exchange
2010 Servers in their environment, and by right-clicking the tab, the
list of servers can be exported to a .txt or .csv
file. Exchange 2003 and 2007 servers cannot be administered using the
Exchange 2010 Management Console, so these servers are not listed. This
is by design.
The Server
Configuration node enables administrators to view and configure server
certificates as well, performing tasks that had to be done from the EMS
in Exchange Server 2007.
Note
In mixed Exchange
2007/2010 environments, administrators may receive an error when
clicking the Client Access node under Server Configuration. The error
reads “AN IIS directory entry couldn’t be created...”. To resolve this
issue, add the “Exchange Trusted Subsystem” as a member of the local
admin group on all Exchange 2007 servers in the environment and reboot
the systems.
Recipient Configuration Node
This section manages
settings for Exchange email recipients throughout your organization.
Exchange Server mailboxes, distribution groups, contacts, and
disconnected mailboxes can be managed from this node.
Recipient
administration is also performed here. Object properties can be
modified, and the objects themselves can be moved, disabled, or deleted.
The
Recipient Configuration node also contains a new container: Move
Request. This is a container that keeps track of current, pending, and
past mailbox moves, enabling administrators to view information about
the moves and cancel pending requests if wanted. Information gathered in
the Move Request container remains there until manually cleared by the
administrator. To view the status of a move request, select the request
in the Move Request folder and click Properties from the action pane.
Toolbox Node
The last of the nodes
is the Toolbox node. The Toolbox includes additional tools that are
extremely useful when managing an Exchange Server organization. Several
configuration management, performance, and security tools, including
utilities to manage public folders, troubleshoot mail flow, view message
queues, and monitor server performance are found here.
The toolbox also
houses the Exchange Best Practices Analyzer; one tool that should be run
in every Exchange Server environment. The BPA checks the configuration
and health of an Exchange Server topology by programmatically collecting
settings and values from multiple sources—the Exchange servers and
their registries, AD, performance monitors, and others—and compares what
it finds to Microsoft’s recommended best practices. Upon completion of
each of the checks, administrators are presented with a detailed report
stating warnings and problems that were found and recommended steps for
resolving them. The BPA should be run after every new server deployment
and should be run as part of a regularly scheduled maintenance routine.
The Exchange Management Shell Command Log
When administrators perform tasks in the EMC, the commands are actually carried out using the EMS using PowerShell cmdlets.
By having access to
these PowerShell commands, administrators can copy the commands, modify
them, and reuse them from the command line or within scripts, without
having to manually figure out all the possible parameters.
In Exchange
Server 2010, administrators can now capture all the PowerShell commands
that are launched during their EMC session in a single location using
the new Exchange Management Shell Command Log.
Before the Exchange Management Shell Command Log can be used, it must be enabled. To do so
1. | In the EMC, select View, View Exchange Management Shell Command Log.
|
2. | In the Exchange Management Shell Command Log, select Action, Start Command Logging.
|
3. | To
modify the number of Windows PowerShell commands to log, select Action,
Modify the Maximum Number of Windows PowerShell Commands to Log. Enter a
number between 1 and 32767. (The default is 2048.)
|
When enabled, the Exchange Management Shell command log tracks all PowerShell commands run from the Exchange Management Console.
Note
The Exchange
Management Shell Command Log is cleared every time the Management
Console is closed. If left “enabled,” the Exchange Management Shell
Command Log begins tracking commands automatically when the EMC is
opened.
When viewing the
Exchange Management Shell Command Log, detailed information can be
viewed about each command by simply selecting the command and reviewing
the results in the results pane below. Administrators can also copy a
particular command (or multiple commands) to the clipboard by
highlighting them and selecting Action, Copy Commands.
Additionally,
administrators can clear the command log by selecting Action, Clear Log
and can export the contents of the command log by selecting Action,
Export List. Exported logs can be saved in any of the following formats:
Text (Tab Delimited) (*.txt)
Text (Comma Delimited) (*.csv)
Unicode Text (Tab Delimited) (*.txt)
Unicode Text (Comma Delimited) (*.csv)
To stop recording
commands, select Action, Stop Command Logging. Newly issued commands
will not be written to the log, but already captured commands will not
be cleared until the administrator closes the EMC. You can resume
logging commands by following Step 2 of the preceding procedure.
Bulk Recipient Editing
Another welcome addition
to the EMC is the ability to edit certain object properties on multiple
objects simultaneously, directly from the Management Console. For
example, imagine that a request comes down notifying you that your
company’s East Coast Mergers department, consisting of 150 users,
decided to rebrand itself as the East Coast Mergers and Acquisitions
department. In Exchange Server 2007, you would have to a) figure out the
PowerShell command to change this entry and the script needed to change
it for the selected users or b) open each user one at a time and
manually make the change.
With Exchange Server
2010, administrators can edit multiple objects at the same time. To
perform the same task, simply perform a search for all users where
Department = East Coast Mergers, select all users, right-click and
select Properties, and enter the new department name. Click on the OK
button, and you are presented with a Bulk Edit Summary, as shown in Figure 2.
After you review the proposed changes, click Cancel to back out or OK to apply the changes to all selected recipients.
Property Dialog Command Exposure
As mentioned in the
section on the Exchange Management Shell Command Log, administrators
often want to know what commands the Shell is going to run in the
background to accomplish tasks they perform in the Management Console.
In Exchange Server 2007, the command was sometimes presented “after the
fact”—when an administrator clicked OK, the associated Wizard showed
what PowerShell command had been executed. Administrators could then
copy the information and paste it elsewhere.
With Property
Dialog Command Exposure, administrators can view the Shell commands that
will be executed when the command is run. This information can be
copied by right clicking and selecting Copy and then pasted elsewhere.
The Shell command to be
run can be viewed by clicking the command-line icon that is located in
the bottom-left corner of the dialog box, as shown in Figure 3. This icon is grayed out until a change is made that requires a shell command to be run.
Using the Exchange Management Console
To use the
Exchange Management Console, the administrator selects either the
Organization, Server, or Recipient Configuration node, depending on the
desired action. The desired server role is then selected, and a list of
the servers in the organization that hold that role is shown in the
results pane. From there, the administrators can select the specific
service they want to administer and view the available options in the
action pane.
Items in the results
pane can be filtered based on several expressions. This enables an
administrator to focus on a subset of items that meet specific criteria.
Filters can be made up of one or more expressions and allow minute
control over which items are displayed in the results pane.
To create a filter,
click Create Filter located in the upper-left corner of the results
pane. A filter consists of one or more administrator-defined
expressions. Each expression contains three parts: an attribute, an
operator, and a value.
The attributes that are
available are determined by the object for which you create a filter.
For example, when selecting a mailbox server, the available attributes
are Database Availability Group, Domain, Edition, Name, Product ID,
Role, Site, and Version.
The operators that
are available are based on the attribute you select. Some of the
possible operators are Equals, Does Not Equal, Contains, Does Not
Contain, Is Present, Starts With, Ends With, and others.
Finally, the list of
values is also based on the selected attribute. Some values, such as
Name or Site, can be typed in to match the name or site of an object in
your organization. Others, such as when selecting the attribute of
Edition or Role, are selected from a drop-down list.
To add additional
expressions (and make the filter more restrictive), click the Add
Expression box and input another attribute, operator, and value.
After you have
set the expressions that you want, you can click Apply Filter. The
expressions you configured are applied to the results pane, effectively
filtering the results so that only the objects that match the expression
are shown.
Applied expressions
can be modified on-the-fly—simply click on the attribute, operator, or
value, make the changes you want, and click Apply Filter. This feature
can be extremely useful when you make a mistake and find that you have
“filtered” yourself into an empty results pane.
To remove any
of the created expressions, simply click Remove Expression located to
the right of it. This button resembles a red X. However, after you have
removed an expression, you must click Apply Filter again to implement
the change.