Administering an Exchange Server 2010 Environment : Administrative Tools (part 2) - Exchange Management Console

Exchange Management Console

With the release of Exchange Server 2007, Microsoft introduced the Exchange Management Console, its new Microsoft Management Console (MMC) snap-in that provided a graphical user interface (GUI). This product had a completely redesigned interface that was much easier to navigate than the previous administration tool, the Exchange System Manager.

The Exchange Management Console (EMC) remains in Exchange Server 2010. It has been refined and updated but has the same look and feel as it did in Exchange Server 2007, and administrators familiar with the older version can find their way around with little wasted effort. The EMC utilizes remote PowerShell commands to perform the actual work, and relies on RBAC to determine what level of administration accessing users can accomplish.

The EMC is installed on all Exchange 2010 servers. When utilized on Exchange servers housing the Exchange Hub Transport, Client Access, Unified Messaging, and/or Mailbox server roles, the console displays all servers in the organization that house these roles. However, if the Exchange server has the Edge Transport server role installed, the console displays only the Edge Transport server role.

Exchange Server 2007 required a 64-bit platform to install the server roles but enabled the administrative tools to be installed on 32-bit systems. Exchange Server 2010, however, does not. To deploy the Exchange Server 2010 EMC you must be running one of the supported x64 platforms:

• Vista x64 SP1 or later

• Windows Server 2008 x64 SP2 or later

• Windows Server 2008 x64 R2

• Windows7 x64 Client

The EMC Hierarchy

Opening the EMC, as shown in Figure 1, presents administrators with a graphical interface that consists of three primary sections.

Figure 1. Exchange Management Console components.

The Console Tree (on the left) shows a hierarchy containing categories of objects that can be managed. This is how administrators navigate through the various containers and objects in their environment. The Console Tree can be shown or hidden by clicking the Show/Hide Console Tree icon on the EMC toolbar.

The results pane, located in the center of the console, displays a collection of objects that an administrator can select. This collection varies based on the object that is selected in the Console Tree.

The action pane is located on the right side of the console. This pane lists all actions that are available to administrators based on the items selected in the Console Tree or results pane. Like the Console Tree, the action pane can be shown or hidden by clicking Show/Hide Action Pane on the console toolbar. Even with the action pane hidden, administrators can still access relevant actions through context menus available by right-clicking the object.

In the Console Tree, the hierarchy of the management containers displays. There are some changes to the hierarchy that reflect new features and capabilities in the EMC.

Microsoft Exchange Node

As in Exchange Server 2007, the first node in the hierarchy is the Microsoft Exchange node. Selecting this node presents two tabs in the results pane: Post-Installation Tasks and Community Resources.

The Post-Installation Tasks tab details steps that are recommended by Microsoft whenever new Exchange servers are installed, or whenever new roles are added to existing servers. These Post-Installation Tasks include

• Finalize Deployment Tasks— Lists tasks that are required to complete the deployment of Exchange Server 2010, including features that are enabled by default but require manual configuration. Some tasks that might need to be reviewed follow:
  
  
  • Configure domains for which you will accept email.
    
    
  • Subscribe the Edge Transport server.
    
    
  • Create a postmaster mailbox.
    
    
  Administrators are strongly encouraged to review this section thoroughly.
  
  
• End-to-End Scenario Tasks— Provides a list of recommended tasks to perform after deploying Exchange Server 2010 to configure specific end-to-end scenarios. Some areas covered include the following:
  
  
  • Managing Outlook Anywhere
    
    
  • Configuring Monitoring for Exchange servers
    
    
  • Securing your Exchange server from viruses, worms, and other malware
    
    
  • Configuring your system for the Rights Management Services (RMS) Policy Application Agent
    
    
  As with the Finalize Deployment page, these items should be reviewed for applicability in your environment.
  
  
• Additional Post-Installation Tasks— Provides a checklist of optional steps for configuring Exchange Server 2010 features and a checklist of optional tasks to perform after the Exchange Server 2010 installation is complete.
  
  

The Community Resources tab is new to Exchange Server 2010 and will be populated by Microsoft with links to various community resources that share information about the Exchange Server product. Some examples of possible entries here include links to recent posts on the Microsoft Exchange Server Team Blog and links to technical articles from Microsoft TechNet. The Community Resources tab can be a helpful reference for administrators wishing to keep up with new product announcements and features.

When the Microsoft Exchange node is selected, the action pane shows a new available action: Add Exchange Forest. This action heralds a major change in the Exchange world, the ability to manage multiple Exchange Server 2010 forests from a single Exchange Management Console. This not only enables connecting to a secondary forest in the same organization, but also the ability to connect to and manage mailboxes that are hosted online with a hosted solution. Up to 10 forests can be added to the EMC.

Microsoft Exchange On-Premises Node

The next node in the hierarchy is new to Exchange Server 2010: the Microsoft Exchange On-Premises node. This is the default first forest that is installed with Exchange Server 2010, and the name cannot be changed. Selecting the node brings up two tabs in the results pane: The Organizational Health and Customer Feedback tabs.

The Organizational Health tab provides administrators with an Organizational summary that includes information about their environment. Although most of this information could be gathered in the Exchange 2007 EMC, it had to be done manually and was not offered in an “at-a-glance” presentation.

In a new installation, the data in the summary must be populated—to do so, click the link that says “Data is unavailable. Click here to access the latest data.” Administrators are presented with the “Collect Organizational Health Data Wizard,” which walks them through the data collection process. When completed, click Finish.

The tab provides a Database Summary, which tells how many databases and database copies exist in the environment, and how many of those database copies are unhealthy.

There is a License Summary for Exchange Server 2010 users that tells how many client access licenses (CALs) are needed for the environment. A Servers Summary lists the total number of Exchange servers (2010, 2007, and 2003) in the environment and how many there are of each version. The Servers Summary also breaks out how many Mailbox, Client Access, Hub Transport, and Unified Messaging servers are in the organization. Finally, there is a Recipients Summary that tells the total number of recipients, user mailboxes, distribution groups, dynamic distribution groups, mail contacts, and mail users in the organization. The Recipients Summary also tells how many users are messaging records management, journaling, OWA, ActiveSync, and Unified Messaging users, and how many have MAPI, POP3, and IMAP4 enabled.

The next tab on the On-Premises screen is the Customer Feedback tab, which enables administrators to configure their level of participation in the Microsoft Customer Experience Improvement Program. This program collects anonymous information about how Exchange Server is used in the organization and presents it to Microsoft; it evaluates the data and determines which areas they need to focus on for improvement. Administrators can also connect to the Exchange Tech center to view documentation and get the latest software updates. Finally, administrators can submit suggestions and report bugs to the Exchange Server team, directly from within the EMC interface.

Organization Configuration Node

This section configures global data for the Exchange Server organization. Global data applies to all servers in your organization that hold a particular role, such as the Mailbox, Client Access, Hub Transport, or Unified Messaging roles.

One notable change in the Organization Configuration Node—the Exchange 2010 Mailbox Databases, which used to be viewed in the Server Configuration node, have been relocated to the Organization Configuration node. By clicking on the Mailbox role, new tabs are visible that control Database Management and Database Availability Group management. This is because Exchange Server 2010 now considers databases to be Global objects. In addition, items such as email address policies and the Offline Address Book (OAB) can be managed from this node.

Server Configuration Node

The Server Configuration node is used to manage the configuration of all Exchange 2010 servers and the associated child objects. By clicking on the Server Configuration tab, administrators can see a full list of the Exchange 2010 Servers in their environment, and by right-clicking the tab, the list of servers can be exported to a .txt or .csv file. Exchange 2003 and 2007 servers cannot be administered using the Exchange 2010 Management Console, so these servers are not listed. This is by design.

The Server Configuration node enables administrators to view and configure server certificates as well, performing tasks that had to be done from the EMS in Exchange Server 2007.

Recipient Configuration Node

This section manages settings for Exchange email recipients throughout your organization. Exchange Server mailboxes, distribution groups, contacts, and disconnected mailboxes can be managed from this node.

Recipient administration is also performed here. Object properties can be modified, and the objects themselves can be moved, disabled, or deleted.

The Recipient Configuration node also contains a new container: Move Request. This is a container that keeps track of current, pending, and past mailbox moves, enabling administrators to view information about the moves and cancel pending requests if wanted. Information gathered in the Move Request container remains there until manually cleared by the administrator. To view the status of a move request, select the request in the Move Request folder and click Properties from the action pane.

Toolbox Node

The last of the nodes is the Toolbox node. The Toolbox includes additional tools that are extremely useful when managing an Exchange Server organization. Several configuration management, performance, and security tools, including utilities to manage public folders, troubleshoot mail flow, view message queues, and monitor server performance are found here.

The toolbox also houses the Exchange Best Practices Analyzer; one tool that should be run in every Exchange Server environment. The BPA checks the configuration and health of an Exchange Server topology by programmatically collecting settings and values from multiple sources—the Exchange servers and their registries, AD, performance monitors, and others—and compares what it finds to Microsoft’s recommended best practices. Upon completion of each of the checks, administrators are presented with a detailed report stating warnings and problems that were found and recommended steps for resolving them. The BPA should be run after every new server deployment and should be run as part of a regularly scheduled maintenance routine.

The Exchange Management Shell Command Log

When administrators perform tasks in the EMC, the commands are actually carried out using the EMS using PowerShell cmdlets.

By having access to these PowerShell commands, administrators can copy the commands, modify them, and reuse them from the command line or within scripts, without having to manually figure out all the possible parameters.

In Exchange Server 2010, administrators can now capture all the PowerShell commands that are launched during their EMC session in a single location using the new Exchange Management Shell Command Log.

Before the Exchange Management Shell Command Log can be used, it must be enabled. To do so

When enabled, the Exchange Management Shell command log tracks all PowerShell commands run from the Exchange Management Console.

When viewing the Exchange Management Shell Command Log, detailed information can be viewed about each command by simply selecting the command and reviewing the results in the results pane below. Administrators can also copy a particular command (or multiple commands) to the clipboard by highlighting them and selecting Action, Copy Commands.

Additionally, administrators can clear the command log by selecting Action, Clear Log and can export the contents of the command log by selecting Action, Export List. Exported logs can be saved in any of the following formats:

• Text (Tab Delimited) (*.txt)

• Text (Comma Delimited) (*.csv)

• Unicode Text (Tab Delimited) (*.txt)

• Unicode Text (Comma Delimited) (*.csv)

To stop recording commands, select Action, Stop Command Logging. Newly issued commands will not be written to the log, but already captured commands will not be cleared until the administrator closes the EMC. You can resume logging commands by following Step 2 of the preceding procedure.

Bulk Recipient Editing

Another welcome addition to the EMC is the ability to edit certain object properties on multiple objects simultaneously, directly from the Management Console. For example, imagine that a request comes down notifying you that your company’s East Coast Mergers department, consisting of 150 users, decided to rebrand itself as the East Coast Mergers and Acquisitions department. In Exchange Server 2007, you would have to a) figure out the PowerShell command to change this entry and the script needed to change it for the selected users or b) open each user one at a time and manually make the change.

With Exchange Server 2010, administrators can edit multiple objects at the same time. To perform the same task, simply perform a search for all users where Department = East Coast Mergers, select all users, right-click and select Properties, and enter the new department name. Click on the OK button, and you are presented with a Bulk Edit Summary, as shown in Figure 2.

After you review the proposed changes, click Cancel to back out or OK to apply the changes to all selected recipients.

Property Dialog Command Exposure

As mentioned in the section on the Exchange Management Shell Command Log, administrators often want to know what commands the Shell is going to run in the background to accomplish tasks they perform in the Management Console. In Exchange Server 2007, the command was sometimes presented “after the fact”—when an administrator clicked OK, the associated Wizard showed what PowerShell command had been executed. Administrators could then copy the information and paste it elsewhere.

With Property Dialog Command Exposure, administrators can view the Shell commands that will be executed when the command is run. This information can be copied by right clicking and selecting Copy and then pasted elsewhere.

The Shell command to be run can be viewed by clicking the command-line icon that is located in the bottom-left corner of the dialog box, as shown in Figure 3. This icon is grayed out until a change is made that requires a shell command to be run.

Using the Exchange Management Console

To use the Exchange Management Console, the administrator selects either the Organization, Server, or Recipient Configuration node, depending on the desired action. The desired server role is then selected, and a list of the servers in the organization that hold that role is shown in the results pane. From there, the administrators can select the specific service they want to administer and view the available options in the action pane.

Items in the results pane can be filtered based on several expressions. This enables an administrator to focus on a subset of items that meet specific criteria. Filters can be made up of one or more expressions and allow minute control over which items are displayed in the results pane.

To create a filter, click Create Filter located in the upper-left corner of the results pane. A filter consists of one or more administrator-defined expressions. Each expression contains three parts: an attribute, an operator, and a value.

The attributes that are available are determined by the object for which you create a filter. For example, when selecting a mailbox server, the available attributes are Database Availability Group, Domain, Edition, Name, Product ID, Role, Site, and Version.

The operators that are available are based on the attribute you select. Some of the possible operators are Equals, Does Not Equal, Contains, Does Not Contain, Is Present, Starts With, Ends With, and others.

Finally, the list of values is also based on the selected attribute. Some values, such as Name or Site, can be typed in to match the name or site of an object in your organization. Others, such as when selecting the attribute of Edition or Role, are selected from a drop-down list.

To add additional expressions (and make the filter more restrictive), click the Add Expression box and input another attribute, operator, and value.

After you have set the expressions that you want, you can click Apply Filter. The expressions you configured are applied to the results pane, effectively filtering the results so that only the objects that match the expression are shown.

Applied expressions can be modified on-the-fly—simply click on the attribute, operator, or value, make the changes you want, and click Apply Filter. This feature can be extremely useful when you make a mistake and find that you have “filtered” yourself into an empty results pane.

To remove any of the created expressions, simply click Remove Expression located to the right of it. This button resembles a red X. However, after you have removed an expression, you must click Apply Filter again to implement the change.