Upload
mohinuddin-mustaq
View
223
Download
1
Embed Size (px)
Citation preview
8/4/2019 Managing Exchange 2003 With SCOM 2007
1/24
Managing Exchange 2003 with SCOM 2007 (Part 1)
Monitoring your Exchange Servers is an absolutely essential task in order to guarantee that the messaging
environment is operating reliably. Depending on the complexity of your IT infrastructure, there may be a huge effort
involved in monitoring and operations.
The Exchange Server 2003 Management Pack (MP) for Operations Manager 2007 contains rules to monitor asignificant subset of server health indicators and create alerts when problems are detected, or when reasonable
thresholds are exceeded.
The following table provides an overview of the Exchange Server 2003 MP monitoring functionality that is enabled
through Operations Manager 2007:
Exchange Component Monitoring Functionality
Exchange client access MAPI Logon State monitoring Performance measuring and alerting
Exchange mail flow State of synthetic e-mail flow Performance measuring and alerting
Exchange back end Directory Access monitoring and alerting Mailbox status Public folder status
Exchange front end Outlook Web Access monitoring Outlook Mobile Access monitoring Exchange ActiveSync monitoring Performance measuring and alerting
Configuration and Security Data Store mount status Exchange best practices
Exchange and related service
monitoring Exchange Services monitoring Exchange messaging-related service
Operating System metrics Monitoring and alerting of specialized operatingsystem metrics
Exchange Event Log monitoring Comprehensive rules for Exchange Detailed product knowledge on events
Exchange Topology discovery Organization-wide Exchange Topology discovery Topology Diagram view
Table 1: Exchange 2003 MP monitoring functionalities
Besides all the monitoring features, System Center Operations Manager (SCOM) 2007 and the Exchange Server MP
will give you the reporting capability that Exchange Server 2003 lacks by itself.
8/4/2019 Managing Exchange 2003 With SCOM 2007
2/24
Although significant improvements have been made since the release of MOM 2000, configuring the platform in
general and the Exchange MP in particular can become quite a challenge.
These are more than enough reasons why I decided to write this configuration guide for the Exchange 2003 MP. I
wont cover the installation process of the SCOM 2007 components, only the importing and configuring processes
of the Exchange 2003 MP.
Whats New
The Exchange Server 2003 MP for Operations Manager 2007 contains the following new functionality:
Self-tuning threshold monitors for e-mail message queue (the values at which alerts should be raised areautomatically set based on the learned values).
A console task that starts the Exchange Server System Manager. Agent tasks that perform the following functions:
- Install the Exchange Server Best Practices Analyzer.
- Query local domain controllers to find out the ones that an Exchange server is currently using.
- Start, stop, pause, and resume Exchange monitored services.
An agent task targeted at Exchange MAPI Logon that performs a synthetic logon to MAPI.Solution Topology
For the purpose of writing this article, I installed the following environment on my test lab:
Figure 1: Solution topology
As you can see, Ill use a server called SCOM2007 to monitor an Exchange front-end (E2K3FE) and an Exchange
back-end (VM1), which is also the domain controller for the domain virtual.com.
Secure Exchange 2003 Servers
We must first configure the Exchange environment, before the servers can be managed by Operations Manager 2007
1. Configure SSL on Exchange Server 2003 front-end servers. SSL is required on the Outlook Web Access,Outlook Mobile Access, and Exchange ActiveSync Web sites. In order to accomplish these tasks, you must
first install a certificate on the Exchange website and then require SSL (Figure 2) on the following virtual
directories: Exchange, Microsoft-Server-ActiveSync, OMA and Public.
8/4/2019 Managing Exchange 2003 With SCOM 2007
3/24
If you dont have a front-end, after you enable SSL, ActiveSync and OMA might stop working. If thats the
case, follow the steps from theKnowledge Base article 817379.
Figure 2: Virtual Directory security settings
2. Enable forms based authentication on the front-end servers. If administrative groups are enabled, expandAdministrative Groups, expand Servers, and then expand your front-end server. Expand Protocols,
expand HTTP, right-clickExchange Virtual Server, and then clickProperties. Click the Settings tab and
enable the check box Enable Forms Based Authentication (Figure 3).
http://support.microsoft.com/kb/817379http://support.microsoft.com/kb/817379http://support.microsoft.com/kb/817379http://support.microsoft.com/kb/8173798/4/2019 Managing Exchange 2003 With SCOM 2007
4/24
Figure 3: Forms Based Authentication
3. On every Exchange server, verify that message tracking log shares (\\SERVER\SERVER.LOG) are lockeddown: remove the Everyone Group from Share Permissions (Figure 4).
Figure 4: Message tracking log share permissions
4. Verify that SMTP cannot anonymously relay messages: follow the procedures from theKB article 895853.Install .NET Hotfix
http://support.microsoft.com/kb/895853http://support.microsoft.com/kb/895853http://support.microsoft.com/kb/895853http://support.microsoft.com/kb/8958538/4/2019 Managing Exchange 2003 With SCOM 2007
5/24
Install the.NET Framework hotfixon Exchange servers, if required. If you have upgraded the .NET Framework
from version 1.1 to 2.0 on your Exchange 2003 servers, you must apply the hotfix described inKB article 919356.
Although the article says the hotfix addresses an issue related to monitoring Exchange Server 2003 with MOM
2005, the hotfix is also applicable to Exchange Server 2003 with Operations Manager 2007.
Install the Exchange Server 2003 MP
Download and install the required Management Pack files. To monitor Exchange Server 2003 with Operations
Manager 2007, you need the following Management Pack files:
Microsoft.Exchange.Server.Library.mp (Exchange Server Core Library) Microsoft.Exchange.Server.2003.Monitoring.mp (Exchange Server 2003 Discovery) Microsoft.Exchange.Server.2003.Monitoring.mp (Exchange Server 2003 Monitoring)
You can find the latest Management Packs atSystem Center Operations Manager 2007 Catalog. The Management
Packs that ship with Operations Manager 2007 are in the ManagementPacks directory of the installation CD.
To import the Exchange 2003 MP, open the SCOM 2007 Operations Console. Click the Administration tab, right-
click the Management Packs node and then clickImport Management Packs. Select the required Management
Packs and then click the Import button. After the import process is complete and the dialog box displays an icon
next to each Management Pack that indicates success of the importation, click the Close button.
Add the Exchange servers as agent managed computers
1. Click the Administration tab and then click Configure computers and devices to manage on the Actionspane. This will start the Computer and Device Management Wizard (Figure 5). ClickNext, choose
Advanced Discovery (Figure 6) and select Servers Only from the Computers & Device Types drop-
down box.
http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/919356http://go.microsoft.com/fwlink/?LinkId=82105http://go.microsoft.com/fwlink/?LinkId=82105http://go.microsoft.com/fwlink/?LinkId=82105http://go.microsoft.com/fwlink/?LinkId=82105http://support.microsoft.com/kb/919356http://support.microsoft.com/kb/9193568/4/2019 Managing Exchange 2003 With SCOM 2007
6/24
Figure 5: Computer and Device Management Wizard
8/4/2019 Managing Exchange 2003 With SCOM 2007
7/24
Figure 6: Advanced discovery
2. On the next window, browse for the computers you are adding (Figure 7) and clickNext. Select Useselected Management Server Action Account (Figure 8), clickDiscovery and wait for the discoveryresults. (Figure 9). If the Discovery Wizard stops responding, follow the procedures fromKB article
941409. Figure 10 shows a brief summary that is displayed at the end of the wizard. ClickFinish.
http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=941409http://support.microsoft.com/?kbid=9414098/4/2019 Managing Exchange 2003 With SCOM 2007
8/24
Figure 7: Discovery Method
8/4/2019 Managing Exchange 2003 With SCOM 2007
9/24
Figure 8: Administrator Account
8/4/2019 Managing Exchange 2003 With SCOM 2007
10/24
Figure 9: Select Objects to Manage
8/4/2019 Managing Exchange 2003 With SCOM 2007
11/24
Figure 10: Summary
3. If the agent installation was successful, on each Exchange server youll be able to see the System CenterOperations Manager 2007 Agent listed on the Add/Remove Programs (Figure 11). A new service is alsocreated, the OpsMgr Health Service, as depicted in Figure 12.
8/4/2019 Managing Exchange 2003 With SCOM 2007
12/24
Figure 11: Add/Remove Programs
Figure 12: OpsMgr Health Service Properties
Management Pack Configuration Wizard
8/4/2019 Managing Exchange 2003 With SCOM 2007
13/24
Install and run theExchange Management Pack Configuration Wizardon one of the Exchange servers. You must
use version 06.05.7903 (or higher) of the Microsoft Exchange Server MP Configuration Wizard with Operations
Manager 2007. The user running the wizard must be a local administrator and must have at least Exchange full
administrator rights on the administrative group or the organization.
1. After installing it, run the Exchange Management Pack Configuration Wizard and on the Welcomepage, clickNext. (Figure 13). On the Administrative Group page, select the Administrative group fromthe drop-down list that you want to manage and clickNext (Figure 14). On the Select Servers page, select
the servers that you want to configure and then clickNext (Figure 15).
Figure 13: Microsoft Exchange Server Management Pack Configuration Wizard
http://go.microsoft.com/fwlink/?LinkId=82103http://go.microsoft.com/fwlink/?LinkId=82103http://go.microsoft.com/fwlink/?LinkId=82103http://go.microsoft.com/fwlink/?LinkId=821038/4/2019 Managing Exchange 2003 With SCOM 2007
14/24
Figure 14: Selecting the Administrative Group
Figure 15: Select Servers
2. On the Server Configuration Type page(Figure 16), you can normally leave it set to Default. Weregoing to checkCustom just for demonstrating purposes. ClickNext. On the Properties page, select the
properties you want to configure for monitoring (Figure 17) and clickNext.
8/4/2019 Managing Exchange 2003 With SCOM 2007
15/24
Figure 16: Server Configuration Type
Figure 17: ExchangeMonitoring Properties
3. On the Message Tracking page (Figure 18) and on the Front-end Monitoring page (Figure 19), you havethe option to Enable or Disable front-end monitoring. On the Service Monitoring page (Figure 20), you
have the option to select or clear the services that will be monitored. Well leave the default settings on all
these pages.
8/4/2019 Managing Exchange 2003 With SCOM 2007
16/24
Figure 18: Message Tracking
Figure 19: Front-end Monitoring
8/4/2019 Managing Exchange 2003 With SCOM 2007
17/24
Figure 20: Service Monitoring
4. On the Mailbox Availability page (Figure 21), you can configure Per server monitoring or Per storemonitoring (you can also Disable mailbox availability monitoring). If you select Per server
monitoring, you must disable the Verify Test Mailboxes rule that is targeted at the Exchange 2003 Role
object type (well cover this on next part of this article). Click Next.
5. On the Mail Flow page (Figure 22), click a Sending server and its Receiving servers (only back-endservers are listed). ClickNext.
Figure 21: Mailbox Availability
8/4/2019 Managing Exchange 2003 With SCOM 2007
18/24
Figure 22: Mail Flow
6. On the Mailbox Access Account page (Figure 23), type the account and password that will be used to testthe mailboxes, and then clickNext. If the account does not exist, it will be created.
7. On the Summary page (Figure 24), review the configuration settings and then clickNext. You can alsoclickSave to save an *.XML file of the configuration settings.
8. When the Completing the Microsoft Exchange Management Pack Configuration Wizard page (Figure25) displays, clickFinish. A logfile is created at %TEMP%\ConfigurationLog.xml.
Figure 23: Mailbox Access Account
8/4/2019 Managing Exchange 2003 With SCOM 2007
19/24
Figure 24: Summary
Figure 25: Completing the Microsoft Exchange Management Pack Configuration Wizard
Every time you add a new server running Exchange Server 2003 to Operations Manager 2007, you must run the
Configuration Wizard again for that server.
Note:If you run the Configuration Wizard against a cluster instance, you may get the following error:
8/4/2019 Managing Exchange 2003 With SCOM 2007
20/24
Error: Cannot configure the mailbox access account on computer 'SERVER_NAME'. This configuration can only be
made after the Exchange MOM event 9986 is registered by MOM.
Although theres a KB article about this problem (Knowledge Base article 899382), the only way I found to solve
the problem without a failover was to follow the procedures described by Lee Chang on thislink.
Summar
And this concludes part 1 of this 2 part article. In the next part we will cover the configuration process within the
Operations Console required to monitor Exchange Servers with Operations Manager 2007.
Related Links
Managing Exchange 2003 with SCOM 2007 (Part 2)
Exchange Topology Discovery
To enable Exchange Topology Discovery, we must first enable Agent Proxy and then configure overrides.
1. Enable Agent Proxy configuration on all managed Exchange servers. In the Administration pane, underAdministration, Device Management, Agent Managed, right-click on each Exchange server, select
Properties, then the Security tab (Figure 1), and check the box Allow this agent to act as a proxy and
discover managed objects on other computers. This step will also make exchange cluster instances to
appear in the Agentless Managed section.
Figure 1: Agent Properties
http://support.microsoft.com/kb/899382http://support.microsoft.com/kb/899382http://support.microsoft.com/kb/899382http://www.eggheadcafe.com/software/aspnet/29869158/9986-errors-installing-sc.aspxhttp://www.eggheadcafe.com/software/aspnet/29869158/9986-errors-installing-sc.aspxhttp://www.eggheadcafe.com/software/aspnet/29869158/9986-errors-installing-sc.aspxhttp://www.eggheadcafe.com/software/aspnet/29869158/9986-errors-installing-sc.aspxhttp://support.microsoft.com/kb/8993828/4/2019 Managing Exchange 2003 With SCOM 2007
21/24
2. In the Authoring pane of the Operations Console, clickObject Discoveries. In the Object Discoveriespane, right-clickExchange 2003 Topology Discovery, point to Overrides, point to Override the Object
Discovery, and then clickFor a specific object of type: Exchange 2003 Role (Figure 2). Select the
desired server running Exchange Server 2003 from Matching objects (do it for both), and then clickOK
(Figure 3). In the Override Properties dialog box, select Override for the Enabled parameter, and then
select True from the Override Setting drop-down list (Figure 4). Select the Management Pack to save the
override in (I used the Default Management Pack, but as a best practice, create a new one), and then click
OK.
Figure 2: Exchange 2003 Topology Discovery Override
8/4/2019 Managing Exchange 2003 With SCOM 2007
22/24
Figure 3: Select Object
8/4/2019 Managing Exchange 2003 With SCOM 2007
23/24
Figure 4: Override Properties
The previous procedures will enable topology view of your Exchange Organization, such as the one depicted in
Figure 5.
8/4/2019 Managing Exchange 2003 With SCOM 2007
24/24
Figure 5: Topology View