Announcement

Collapse
No announcement yet.

Best Practices ---- to implement a New Exchange server setup

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Best Practices ---- to implement a New Exchange server setup

    Dear Experts,

    I am still very confused about a clean and properly working Exchange server setup....... i have been helped by the stalwarts of exchange server on this forum, but i feel we need to have a one-time comprehensive knowledge of a full blown enterprise type exchange server setup.....

    In this regard i would like to start this discussion with my own setup and hope all the experts on this board put in a list of best practices and proper setup steps for the benefits of budding rookie exchange server admins like us ......

    The setup i have at my organisation looks like this at this moment .... (This is a LIVE setup)

    1. A NAT server with 2 NICs, the first NIC connected to a high speed Leased line network..... with a static IP ....... 203.115.119.93, pointing to a MX record of owamail.adfactorspr.com ....... and the second NIC connects to my internal network of 192.168.100.x network.

    IP Internal NIC - 192.168.100.254
    Subnet mask - 255.255.255.0
    Gateway ---- blank

    P DNS - 192.168.100.50

    IP External NIC - 203.115.119.93
    Subnet --- 255.255.255.248
    Gateway ---- 203.115.119.89

    P DNS ---- 203.115.112.85
    A DNS ---- 203.115.112.86

    M/c name ---- TECH-NAT



    2. A DNS/AD server which has the DNS infrastucture and the AD structure for the enterprise .... the internal domain is called apr.local.......... and it serves the DNS requirements for all our internal users and IT resources.....

    IP --- -192.168.100.50
    Subnet mask --- 255.255.255.0
    Gateway --- 192.168.100.254

    P DNS ---- 192.168.100.50

    M/c Name ----- TECH-DNS


    3. The Exchange Enterprise server, servicing 500 users in 7 offices across the world...... currently we have a 3rd party system hosting the e-mails for us and the users at our organisation use POP3 to gra the emails to their local outlook express client.

    IP adress ---- 192.168.100.5
    Subnet --- 255.255.255.0
    Gateway ---- 192.168.100.254

    P DNS --- 192.168.100.50

    M/c Name ----- TECH-EXCHANGE


    At this moment, i am not receiving e-mails from the outside world, now this has been discussed on this thread ... http://forums.petri.com/showthread.php?t=14941

    Now i am trying to use the simple commands of telnet to try and send a test mail and i get an error "550 5.7.1 unable to relay for [email protected]"....

    Now the questions >>

    1. Is the above setup an ideal setup for an enterprise kind exchange server setup ???

    2. Suppose i remove the NAT server from the setup and directly connect the LIVE connection to the NIC on the Exchange server, will my exchange server refer to the internal DNS server for name resolution..... ????

    3. How do i keep my exchange server running consistently without intermittent shutout...... meaning, my exchange server was available on the OWA till about yesterday and it suddenly has shut itself off..... so now i can only access it internally using http://tech-exchange/exchange......

    4. Also kindly throw some light on why does the OWA interface only accept logins like [email protected]l and not [email protected] .... even when the OWA is accessed using http://owamail.adfactorspr.com ..... i have to authenticate users using [email protected]l and not [email protected]......

    I hope i have been able to lay down problems that a brand new exchange admin would face on his first exchange server implementation......

    Now i request all the experts including Daniel to shed light on these dreaded problems and help all rookie exchange admins like us .......

    Thanks a lot in advance

    Regards

  • #2
    Re: Best Practices ---- to implement a New Exchange server setup

    It seems to me that it would be very hard to make a document that says "do A, B, C, and D, then you'll have a working Exchange environment." I think there's too many variables.

    Originally posted by avidblogger View Post
    M/c name ---- TECH-NAT
    What does M/c name mean?
    Now i am trying to use the simple commands of telnet to try and send a test mail and i get an error "550 5.7.1 unable to relay for [email protected]"....
    what exactly are you doing? Are you following a document on how to send an email through a telnet session?

    3. How do i keep my exchange server running consistently without intermittent shutout...... meaning, my exchange server was available on the OWA till about yesterday and it suddenly has shut itself off..... so now i can only access it internally using http://tech-exchange/exchange......
    If you can use OWA internally then I don't think the Exchange server has a problem, rather you either have forwarding/firewall issue or DNS issue.


    4. Also kindly throw some light on why does the OWA interface only accept logins like [email protected]l and not [email protected] .... even when the OWA is accessed using http://owamail.adfactorspr.com ..... i have to authenticate users using [email protected]l and not [email protected]......
    The reason you have to use [email protected] is because Active Directory is used to authenticate users. Email addresses, correct me if I'm wrong, are there so the Exchange server knows what mailbox to put a particular email in. To have it so that users use [email protected] to logon, you'll need to add a UPN suffix to AD.

    As a side note, you can also use apr\d.g. as the username or even just d.g. ... hmm, can't remember if there's issues with any of the SPs with using just the username.
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Re: Best Practices ---- to implement a New Exchange server setup

      Hi jeremy,

      First of all ---- the M/c is short for Machine ....... sorry had to put in too many details ...


      Well, lemme clear some of the issues ....

      Yes i was trying to figure out a way to solve the mailing problem using telnet ---- when i got the 550 --- 5.7.1 error ...

      Next, the inconsistent OWA issue, yes --- i can access it internally, but when i try telnetting port 25 on it, it refuses to connect ...... i have a NAT server which is forwarding ports 25 and 80 to the internal IP address of the exchange server........ the DNS server is internal to the domain apr.local ........ am not using any external DNS for name resolutions ......... (please lemme know, if i'm doing something wrong here)......

      Currently out of frustration, i have removed the NAT server and have connected a Linksys ADSL router (AM300) and testing the connection to exchange server .... will update on the workings after i have tested it .....

      I'll test the UPN suffix information you have provided, and update on the same .....

      Now the issue i'm facing is this.....

      I have changed the ISP and they have given me a static IP (59.181.118.25) which points to webmail.adfactorspr.com ......... The network cable is now attached directly to my exchange server and port forwarding has been done on the Linksys ADSL router .......... With this setup how do i get access to my internal DNS/AD server ?????? Could you throw some light on this plz .....

      Thanks a lot
      Regards

      Comment


      • #4
        Re: Best Practices ---- to implement a New Exchange server setup

        Originally posted by avidblogger View Post
        First of all ---- the M/c is short for Machine ....... sorry had to put in too many details ...
        Too much information is always better than too little. I just never seen the abv. M/c.


        Well, lemme clear some of the issues ....

        Yes i was trying to figure out a way to solve the mailing problem using telnet ---- when i got the 550 --- 5.7.1 error ...

        Next, the inconsistent OWA issue, yes --- i can access it internally, but when i try telnetting port 25 on it, it refuses to connect ...... i have a NAT server which is forwarding ports 25 and 80 to the internal IP address of the exchange server........ the DNS server is internal to the domain apr.local ........ am not using any external DNS for name resolutions ......... (please lemme know, if i'm doing something wrong here)......
        I still have to ask "What exactly are you doing?" In other words, what did you type?
        Did you type telnet 59.181.118.25 25

        I have changed the ISP and they have given me a static IP (59.181.118.25) which points to webmail.adfactorspr.com ......... The network cable is now attached directly to my exchange server and port forwarding has been done on the Linksys ADSL router .......... With this setup how do i get access to my internal DNS/AD server ?????? Could you throw some light on this plz .....
        You're internal DNS namespace has nothing to do with external users and computers connecting to the Exchange server. You'll need to make sure you have an A record setup for your public IP address (59.181.118.25) and an MX record pointing to the A record for the public IP address. You usually can do this through a control panel your registrar gives you access to or you can call them up and ask them to do it. If your ISP registers your domain names for you then you should call them to setup the records.
        Regards,
        Jeremy

        Network Consultant/Engineer
        Baltimore - Washington area and beyond
        www.gma-cpa.com

        Comment


        • #5
          Re: Best Practices ---- to implement a New Exchange server setup

          HI Jeremy

          Thanks for all the gr8 advice u've been providing m with ........

          I have kinda sorted out a lot of issues with my implementation ..... and wud like to share a couple of do's and don't when on a new implementation .....

          As i had mentioned, we have a provider who kind of strips off spam from incoming mails and then users grab the mail to download on their respective desktops via POP3.

          The other day, i went ahead and changed the MX priority of my exchange server to MX=0 ie. made my exchange server responsible for all mail receipt and delivery .....

          I wuz a little taken aback when it didn't work and then all of a sudden all hell broke loose, when users started complaining of non-receipt of e-mails and my box started getting loaded with non-delivery reports .........

          It then suddenly struck me after going thru the NDR's that most of the e-mails were getting lost in no mans land because the users did n't exist on my exchange server, and then i realised that making users on my exchange server wud grab the e-mails and that's exactly what i did and saved the day .... yeah ....

          So to all the new exchange admins with new exchange server implementations, beware on a live exchange server .......

          Regards
          Avid

          Comment


          • #6
            Re: Best Practices ---- to implement a New Exchange server setup

            Thanks for letting us know how it went.

            This is the "pot calling the kettle black" but it's always a good idea to think through everything that will happen and what effect it will have and to write out a step-by-step procedures guide for yourself.

            Whenever I do write one, it's always helpful to keep me on task and to make sure I don't forget anything.
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment

            Working...
            X