Exam Reviews
The Design of a Messaging Freeway
Exam 70-225 tests your ability to think through the complex workings of an Exchange 2000 system in enterprises ranging from the small to the huge and multi-national.
I found the Exchange 5.5 exam to be one of the hardest
ever released by Microsoft. With exam 70-225, Exchange
once again becomes one of the toughest tests out there.
It’s designed for administrators who have installed Exchange
2000 in large (5,000 or more clients) implementations,
spanning multiple geographic locations. Passing it demonstrates
that you know the inner workings of Exchange and have
a full understanding of its design and implementation
criteria.
Exchange
Design (70-225) |
Reviewer’s Rating:
“The requirements for this exam live
up to Microsoft’s recommendations. It’s
a difficult exam that tests your knowledge
on just about every facet of Exchange
in the medium to extremely large enterprise.”
Title:
Designing and Deploying a Messaging
Infrastructure with Microsoft Exchange
2000 Server
Current Status:
Live as of March 30, 2001.
Who Should Take
It? Elective credit for MCSE.
Candidates should have a minimum of
a year’s experience managing Exchange
environments in medium to very large
implementations.
What Classes
Prepare You? 1569: Updating Administration
and Support Skills from Microsoft Exchange
Server 5.x to Exchange 2000
|
|
|
This exam uses most of the new Microsoft testing technologies.
The beta included several different case study testlets.
We were presented with a plethora of data about the organization,
including information such as the current infrastructure,
current and future needs, available technical staff and
a large number of exhibits to complicate matters. This
test is loaded with the new “build-tree-and-reorder” and
“select-and-place” style of questions. Download the case
study-based test demo from www.microsoft.com/
trainingandservices (choose Testing Innovations from
the left menu) and practice answering the sample questions.
In build-tree-and-reorder questions, you get a scenario
at the top of the dialog box. Then you must select the
items or actions from one window that applies to the scenario
and move them to another window. In the second window,
you must put the items or actions in the order indicated
by the scenario. These questions are exceptionally difficult
because they test not only if you know what must be done,
but also the exact order in which actions should take
place. In one type of question you might be presented
with a typical scenario at the top of the dialog box.
You’ll have to design the network by dragging different
servers to their desired locations and configuring the
physical connections between them (Figure 1). Don’t expect
feedback to suggest whether you’re answering the question
correctly.
|
Figure 1. A portion of a select-and-place
exam demo from Microsoft’s Training and Services Web
site. |
Analyzing Business
Requirements
The bulk of the objectives under this heading involve
the analysis of your current and future network infrastructure.
You need to remember that Exchange 5.5 defines the administrative
and messaging boundaries somewhat differently from Exchange
2000.
In Exchange 5.5 the site is key to this definition of
boundaries; a site defines the administrative boundaries.
All administrators within the site technically have the
same rights assigned to them. Similarly, the site defines
what servers are to communicate information with each
other. Both boundaries are one and the same. The criteria
for choosing what servers belong in what site must therefore
include the administrators who need access to the server
as well as the speed of connections between the servers.
In Exchange 2000, however, these boundaries don’t need
to match — in fact, they don’t even have to resemble each
other. The rights granted to administrators in Exchange
2000 are much more flexible than those in Exchange 5.5.
Instead of the term, “site,” Microsoft introduced the
concepts of administrative groups and routing groups.
Administrative groups are the boundaries that define
which administrators are allowed to administer the grouped
servers, while the routing groups define which servers
are to communicate with each other. The fact that the
site connector (as it was known in Exchange 5.5) is now
known as the routing group connector should give that
away.
Tip: Spend time understanding
the differences between administrative and routing groups.
Remember that Exchange 2000 is built on Internet technologies
and protocols. This affects the way that Exchange 2000
communicates with other servers on the network. In a pure
Exchange 5.5 implementation the servers within the site
communicate using the Message Transfer Agent (MTA). When
an Exchange 2000 server is introduced into the site, it
also must communicate using the MTA (mostly because the
Exchange 5.5 servers only understand communication from
the MTA). However, in a pure Exchange 2000 implementation
or when two Exchange 2000 servers communicate with each
other, the Simple Mail Transfer Protocol (SMTP) is used.
Tip: Remember that the default
and preferred protocol used by Exchange 2000 to communicate
is SMTP.
This is key because SMTP is the main way that Exchange
2000 communicates with other remote servers, both Exchange
and non-Exchange.
Analyzing Existing and Planned
Resources
An Exchange 2000 server can take on one of three roles:
as a mailbox server, a public folder server or a bridgehead
server. Any combination of roles is also possible. This
is no different from Exchange 5.5. A mailbox server simply
maintains a private mailbox store (or multiple mailbox
stores). The server receives all user e-mail and routes
it to the appropriate store and mailbox. In a public folder
server, the opposite is true. No private mailbox stores
exist. Instead, one or more public mailbox stores exist.
Finally, a bridgehead server acts as a router, routing
information between different Exchange 2000 sites.
Tip: Understand the different
roles that Exchange 2000 servers can take on. Did you
know that Exchange 2000 server can use Exchange 2000 Conferencing
Server as a dedicated chat or instant messaging server?.
The way that remote Exchange 2000 servers communicate
has changed somewhat. SMTP is the dominant protocol used
for sending information back and forth between servers,
which all but eliminates the need for high-speed connections
between them. This makes connections to remote locations
a relatively straightforward task.
In Exchange 5.5 it was up to the directory service on
each server within the site to replicate directory information
(such as public folders, distribution groups and mailboxes).
These tasks are no longer controlled by Exchange but by
Active Directory (AD). Since AD will take care of these
objects, Exchange 2000 no longer needs the bandwidth involved
with the data replication. When Exchange 2000 requires
any information from AD, it makes Lightweight Directory
Access Protocol (LDAP) queries to the Global Catalog (GC)
servers.
Tip: Exchange 2000 no longer
controls its own directory. This allows for a single,
hierarchical directory to be maintained for the entire
organization.
Client access to the Exchange 2000 servers doesn’t change
much. In fact, if you were to upgrade your messaging infrastructure
to Exchange 2000 from 5.5 over the weekend, most users
wouldn’t notice a change, since Exchange 2000 still supports
all client protocols including MAPI, IMAP4, POP3 and HTTP.
That’s on the surface.
Underneath the hood, however, we find some important
changes. First, recall that Exchange 2000 no longer maintains
any directory information, getting it from AD instead.
This poses a problem with some clients. They expect this
information from the server. To solve this problem, the
server either does a proxy or a referral.
When an older Outlook client (Outlook 98 SR1 and earlier)
makes a request for directory information from Exchange
2000, the server performs an LDAP query with the GC on
behalf of the client and sends the results back. As far
as the client is concerned, the Exchange server performed
the query locally. In newer clients (Outlook 98 SR2 or
higher), however, Exchange 2000 responds to the query
with a referral to a GC. The client will then make its
own LDAP query directly to the GC.
Designing a Messaging Solution
Herein lies the bulk of your mission for this topic.
As its title states, this is a designing and deploying
exam. I’ve already covered several of the objectives you
need to understand, including administrative groups, routing
groups, server roles and client access issues. Also important
to know: how to secure Exchange 2000 installations, how
Exchange 2000 co-exists with other messaging systems,
and how to design inter-organizational connections and
synchronizations.
Tip: Understand the differences
between the front- and back-end servers and the ports
that need to be opened on the firewall for the different
communication protocols. Don’t forget that these ports
differ when using SSL.
Exchange 2000 introduces the concept of front- and back-end
server. Front-end servers are placed either on the outside
of a firewall or in its trusted or DMZ area. Users on
the Internet then go to this server to access e-mail and
directory information. The front-end server then communicates—through
specific ports open on the firewall—with the back-end
server on the internal network. It’s the back-end servers
that store all the mailbox and public folder information.
Front- and back-end servers, however, only protect your
Exchange 2000 server from external attacks. A large number
of attacks occur from within the organization. There are
a couple of ways to protect your servers from internal
attack. The first simply builds upon the front- and back-end
servers. More and more organizations are installing firewalls
between their servers and their client network. The Exchange
2000 front- and back-end server topology can accomplish
this task.
The second method ensures that only people with the correct
authentication can access resources. With the introduction
of Windows 2000, Kerberos became the security protocol
of choice. Exchange 2000 leverages this protocol to ensure
that the clients authorized to access the resources are
actually who they say they are.
Fault Tolerance and Data Recovery
Exchange 2000 allows an administrator to perform a
wide range of fault tolerance and data recovery tasks.
As with Exchange 5.5, Exchange 2000 uses a transactional
database. All modifications to the databases are written
to the transaction logs before being committed to the
database. Therefore, I have a couple of recommendations.
First, use RAID 5 arrays for your system. Remember, we’re
focused on large, enterprise-wide Exchange 2000 solutions.
Assume that cost is no object. In this imaginary world,
if you’re given the option of placing each set of log
files and databases on their own RAID 5 arrays (or even
duplexed RAID 5 arrays), then take it! While most of us
will never see servers with six or seven duplexed RAID
5 arrays, the possibility is there.
Tip: Circular logging should
be turned off for fault tolerance. Use as many RAID 5
arrays as possible. It’s especially important to separate
the database and its transaction logs onto separate physical
hard drives.
Second, ensure that circular logging on the servers is
disabled. If the option is enabled, all transaction logs
will be overwritten when they become full, effectively
removing any fault tolerance from the system.
Backing up the system hasn’t changed much from Exchange
5.5, except that you now have the ability to back up different
databases and storage groups at different times.
Tip: Learn the steps involved
in creating storage groups and public and private stores
and mounting and dismounting them.
You have the ability to dismount specific databases,
taking those databases offline while keeping the rest
of the installed databases online.
Deploying Your Messaging Solution
Exchange 2000 Enterprise Server leverages Win2K Advanced
Server’s Active/ Active clustering capabilities. Before
Win2K, most Windows-based clusters used the Active/Passive
model. In this model, one of the servers runs the services,
say, Exchange 2000, while the other is dormant, awaiting
failure of the Active node. Should that node fail, the
Passive node starts up its services and takes over the
desired task (in our case, Exchange).
The Active/Passive model has some inherent problems.
First, the Active node doesn’t always believe that it
has failed. It’s not uncommon for the Active node to stop
responding to Exchange client requests, but still not
pass control to the Passive node. Also, the Passive node
normally sits idle while the Active node processes all
client requests.
Tip: Understand what an
Active/Active cluster does and how it helps organizations
build fault-tolerant Exchange 2000 messaging solutions.
In an Active/Active cluster, both nodes can actively
process all client requests. Should one of the nodes stop
responding to client requests, the second node can automatically
mount the failed node’s databases and process the requests.
Since the Exchange 2000 services are already running on
both nodes, the time to bring the clients of the failed
node back online is greatly reduced.
Experience Is the Key
Pass this exam and your peers will look up to you
as someone who truly understands how Exchange 2000 operates
and communicates. You’ll prove that you know how to design
and implement messaging systems ranging from the small
organization to the huge multi-national, enterprise networks.
And did I mention that it’s tough? Exchange 2000 is robust
in the way that it uses administrative and routing groups.
To get through the exam, you should be able to build a
complex Exchange 2000 organization in a relatively small
number of computers (say, 10 to 15). If you have access
to such resources, install, back up, break, and restore
the system until you truly understand how each component
acts and reacts. Good luck!