Managing Exchange 2003 With SCOM 2007

8/4/2019 Managing Exchange 2003 With SCOM 2007

1/24

Managing Exchange 2003 with SCOM 2007 (Part 1)

Monitoring your Exchange Servers is an absolutely essential task in order to guarantee that the messaging

environment is operating reliably. Depending on the complexity of your IT infrastructure, there may be a huge effort

involved in monitoring and operations.

The Exchange Server 2003 Management Pack (MP) for Operations Manager 2007 contains rules to monitor asignificant subset of server health indicators and create alerts when problems are detected, or when reasonable

thresholds are exceeded.

The following table provides an overview of the Exchange Server 2003 MP monitoring functionality that is enabled

through Operations Manager 2007:

Exchange Component Monitoring Functionality

Exchange client access MAPI Logon State monitoring Performance measuring and alerting

Exchange mail flow State of synthetic e-mail flow Performance measuring and alerting

Exchange back end Directory Access monitoring and alerting Mailbox status Public folder status

Exchange front end Outlook Web Access monitoring Outlook Mobile Access monitoring Exchange ActiveSync monitoring Performance measuring and alerting

Configuration and Security Data Store mount status Exchange best practices

Exchange and related service

monitoring Exchange Services monitoring Exchange messaging-related service

Operating System metrics Monitoring and alerting of specialized operatingsystem metrics

Exchange Event Log monitoring Comprehensive rules for Exchange Detailed product knowledge on events

Exchange Topology discovery Organization-wide Exchange Topology discovery Topology Diagram view

Table 1: Exchange 2003 MP monitoring functionalities

Besides all the monitoring features, System Center Operations Manager (SCOM) 2007 and the Exchange Server MP

will give you the reporting capability that Exchange Server 2003 lacks by itself.


2/24

Although significant improvements have been made since the release of MOM 2000, configuring the platform in

general and the Exchange MP in particular can become quite a challenge.

These are more than enough reasons why I decided to write this configuration guide for the Exchange 2003 MP. I

wont cover the installation process of the SCOM 2007 components, only the importing and configuring processes

of the Exchange 2003 MP.

Whats New

The Exchange Server 2003 MP for Operations Manager 2007 contains the following new functionality:

Self-tuning threshold monitors for e-mail message queue (the values at which alerts should be raised areautomatically set based on the learned values).

A console task that starts the Exchange Server System Manager. Agent tasks that perform the following functions:

- Install the Exchange Server Best Practices Analyzer.

- Query local domain controllers to find out the ones that an Exchange server is currently using.

- Start, stop, pause, and resume Exchange monitored services.

An agent task targeted at Exchange MAPI Logon that performs a synthetic logon to MAPI.Solution Topology

For the purpose of writing this article, I installed the following environment on my test lab:

Figure 1: Solution topology

As you can see, Ill use a server called SCOM2007 to monitor an Exchange front-end (E2K3FE) and an Exchange

back-end (VM1), which is also the domain controller for the domain virtual.com.

Secure Exchange 2003 Servers

We must first configure the Exchange environment, before the servers can be managed by Operations Manager 2007

1. Configure SSL on Exchange Server 2003 front-end servers. SSL is required on the Outlook Web Access,Outlook Mobile Access, and Exchange ActiveSync Web sites. In order to accomplish these tasks, you must

first install a certificate on the Exchange website and then require SSL (Figure 2) on the following virtual

directories: Exchange, Microsoft-Server-ActiveSync, OMA and Public.


3/24

If you dont have a front-end, after you enable SSL, ActiveSync and OMA might stop working. If thats the

case, follow the steps from theKnowledge Base article 817379.

Figure 2: Virtual Directory security settings

2. Enable forms based authentication on the front-end servers. If administrative groups are enabled, expandAdministrative Groups, expand Servers, and then expand your front-end server. Expand Protocols,

expand HTTP, right-clickExchange Virtual Server, and then clickProperties. Click the Settings tab and

enable the check box Enable Forms Based Authentication (Figure 3).
http://support.microsoft.com/kb/817379http://support.microsoft.com/kb/817379http://support.microsoft.com/kb/817379http://support.microsoft.com/kb/817379


4/24

Figure 3: Forms Based Authentication

3. On every Exchange server, verify that message tracking log shares (\\SERVER\SERVER.LOG) are lockeddown: remove the Everyone Group from Share Permissions (Figure 4).

Figure 4: Message tracking log share permissions

4. Verify that SMTP cannot anonymously relay messages: follow the procedures from theKB article 895853.Install .NET Hotfix
http://support.microsoft.com/kb/895853http://support.microsoft.com/kb/895853http://support.microsoft.com/kb/895853http://support.microsoft.com/kb/895853


5/24

Install the.NET Framework hotfixon Exchange servers, if required. If you have upgraded the .NET Framework

from version 1.1 to 2.0 on your Exchange 2003 servers, you must apply the hotfix described inKB article 919356.

Although the article says the hotfix addresses an issue related to monitoring Exchange Server 2003 with MOM

2005, the hotfix is also applicable to Exchange Server 2003 with Operations Manager 2007.

Install the Exchange Server 2003 MP

Download and install the required Management Pack files. To monitor Exchange Server 2003 with Operations

Manager 2007, you need the following Management Pack files:

Microsoft.Exchange.Server.Library.mp (Exchange Server Core Library) Microsoft.Exchange.Server.2003.Monitoring.mp (Exchange Server 2003 Discovery) Microsoft.Exchange.Server.2003.Monitoring.mp (Exchange Server 2003 Monitoring)

You can find the latest Management Packs atSystem Center Operations Manager 2007 Catalog. The Management

Packs that ship with Operations Manager 2007 are in the ManagementPacks directory of the installation CD.

To import the Exchange 2003 MP, open the SCOM 2007 Operations Console. Click the Administration tab, right-

click the Management Packs node and then clickImport Management Packs. Select the required Management

Packs and then click the Import button. After the import process is complete and the dialog box displays an icon

next to each Management Pack that indicates success of the importation, click the Close button.

Add the Exchange servers as agent managed computers

1. Click the Administration tab and then click Configure computers and devices to manage on the Actionspane. This will start the Computer and Device Management Wizard (Figure 5). ClickNext, choose

Advanced Discovery (Figure 6) and select Servers Only from the Computers & Device Types drop-

down box.
http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://go.microsoft.com/fwlink/?LinkId=82105http://go.microsoft.com/fwlink/?LinkId=82105http://go.microsoft.com/fwlink/?LinkId=82105http://go.microsoft.com/fwlink/?LinkId=82105http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356


6/24

Figure 5: Computer and Device Management Wizard


7/24

Figure 6: Advanced discovery

2. On the next window, browse for the computers you are adding (Figure 7) and clickNext. Select Useselected Management Server Action Account (Figure 8), clickDiscovery and wait for the discoveryresults. (Figure 9). If the Discovery Wizard stops responding, follow the procedures fromKB article

941409. Figure 10 shows a brief summary that is displayed at the end of the wizard. ClickFinish.
http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409


8/24

Figure 7: Discovery Method


9/24

Figure 8: Administrator Account


10/24

Figure 9: Select Objects to Manage


11/24

Figure 10: Summary

3. If the agent installation was successful, on each Exchange server youll be able to see the System CenterOperations Manager 2007 Agent listed on the Add/Remove Programs (Figure 11). A new service is alsocreated, the OpsMgr Health Service, as depicted in Figure 12.


12/24

Figure 11: Add/Remove Programs

Figure 12: OpsMgr Health Service Properties

Management Pack Configuration Wizard


13/24

Install and run theExchange Management Pack Configuration Wizardon one of the Exchange servers. You must

use version 06.05.7903 (or higher) of the Microsoft Exchange Server MP Configuration Wizard with Operations

Manager 2007. The user running the wizard must be a local administrator and must have at least Exchange full

administrator rights on the administrative group or the organization.

1. After installing it, run the Exchange Management Pack Configuration Wizard and on the Welcomepage, clickNext. (Figure 13). On the Administrative Group page, select the Administrative group fromthe drop-down list that you want to manage and clickNext (Figure 14). On the Select Servers page, select

the servers that you want to configure and then clickNext (Figure 15).

Figure 13: Microsoft Exchange Server Management Pack Configuration Wizard
http://go.microsoft.com/fwlink/?LinkId=82103http://go.microsoft.com/fwlink/?LinkId=82103http://go.microsoft.com/fwlink/?LinkId=82103http://go.microsoft.com/fwlink/?LinkId=82103


14/24

Figure 14: Selecting the Administrative Group

Figure 15: Select Servers

2. On the Server Configuration Type page(Figure 16), you can normally leave it set to Default. Weregoing to checkCustom just for demonstrating purposes. ClickNext. On the Properties page, select the

properties you want to configure for monitoring (Figure 17) and clickNext.


15/24

Figure 16: Server Configuration Type

Figure 17: ExchangeMonitoring Properties

3. On the Message Tracking page (Figure 18) and on the Front-end Monitoring page (Figure 19), you havethe option to Enable or Disable front-end monitoring. On the Service Monitoring page (Figure 20), you

have the option to select or clear the services that will be monitored. Well leave the default settings on all

these pages.


16/24

Figure 18: Message Tracking

Figure 19: Front-end Monitoring


17/24

Figure 20: Service Monitoring

4. On the Mailbox Availability page (Figure 21), you can configure Per server monitoring or Per storemonitoring (you can also Disable mailbox availability monitoring). If you select Per server

monitoring, you must disable the Verify Test Mailboxes rule that is targeted at the Exchange 2003 Role

object type (well cover this on next part of this article). Click Next.

5. On the Mail Flow page (Figure 22), click a Sending server and its Receiving servers (only back-endservers are listed). ClickNext.

Figure 21: Mailbox Availability


18/24

Figure 22: Mail Flow

6. On the Mailbox Access Account page (Figure 23), type the account and password that will be used to testthe mailboxes, and then clickNext. If the account does not exist, it will be created.

7. On the Summary page (Figure 24), review the configuration settings and then clickNext. You can alsoclickSave to save an *.XML file of the configuration settings.

8. When the Completing the Microsoft Exchange Management Pack Configuration Wizard page (Figure25) displays, clickFinish. A logfile is created at %TEMP%\ConfigurationLog.xml.

Figure 23: Mailbox Access Account


19/24

Figure 24: Summary

Figure 25: Completing the Microsoft Exchange Management Pack Configuration Wizard

Every time you add a new server running Exchange Server 2003 to Operations Manager 2007, you must run the

Configuration Wizard again for that server.

Note:If you run the Configuration Wizard against a cluster instance, you may get the following error:


20/24

Error: Cannot configure the mailbox access account on computer 'SERVER_NAME'. This configuration can only be

made after the Exchange MOM event 9986 is registered by MOM.

Although theres a KB article about this problem (Knowledge Base article 899382), the only way I found to solve

the problem without a failover was to follow the procedures described by Lee Chang on thislink.

Summar

And this concludes part 1 of this 2 part article. In the next part we will cover the configuration process within the

Operations Console required to monitor Exchange Servers with Operations Manager 2007.

Related Links

Managing Exchange 2003 with SCOM 2007 (Part 2)

Exchange Topology Discovery

To enable Exchange Topology Discovery, we must first enable Agent Proxy and then configure overrides.

1. Enable Agent Proxy configuration on all managed Exchange servers. In the Administration pane, underAdministration, Device Management, Agent Managed, right-click on each Exchange server, select

Properties, then the Security tab (Figure 1), and check the box Allow this agent to act as a proxy and

discover managed objects on other computers. This step will also make exchange cluster instances to

appear in the Agentless Managed section.

Figure 1: Agent Properties
http://support.microsoft.com/kb/899382http://support.microsoft.com/kb/899382http://support.microsoft.com/kb/899382http://www.eggheadcafe.com/software/aspnet/29869158/9986-errors-installing-sc.aspxhttp://www.eggheadcafe.com/software/aspnet/29869158/9986-errors-installing-sc.aspxhttp://www.eggheadcafe.com/software/aspnet/29869158/9986-errors-installing-sc.aspxhttp://www.eggheadcafe.com/software/aspnet/29869158/9986-errors-installing-sc.aspxhttp://support.microsoft.com/kb/899382


21/24

2. In the Authoring pane of the Operations Console, clickObject Discoveries. In the Object Discoveriespane, right-clickExchange 2003 Topology Discovery, point to Overrides, point to Override the Object

Discovery, and then clickFor a specific object of type: Exchange 2003 Role (Figure 2). Select the

desired server running Exchange Server 2003 from Matching objects (do it for both), and then clickOK

(Figure 3). In the Override Properties dialog box, select Override for the Enabled parameter, and then

select True from the Override Setting drop-down list (Figure 4). Select the Management Pack to save the

override in (I used the Default Management Pack, but as a best practice, create a new one), and then click

OK.

Figure 2: Exchange 2003 Topology Discovery Override


22/24

Figure 3: Select Object


23/24

Figure 4: Override Properties

The previous procedures will enable topology view of your Exchange Organization, such as the one depicted in

Figure 5.


24/24

Figure 5: Topology View

Documents

Managing Exchange 2003 With SCOM 2007