Install Config Wiki

All about installing, configuring and troubleshooting

User Tools

Site Tools

Trace:
wiki:more_tasks_before_applying_exchange_2003_service_packs

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
wiki:more_tasks_before_applying_exchange_2003_service_packs [2017/11/06 02:59] – created wikiadminwiki:more_tasks_before_applying_exchange_2003_service_packs [2017/11/06 03:13] (current) – external edit 127.0.0.1
Line 3: Line 3:
 After you install Exchange 2003, but before applying any Exchange 2003 Service Pack (the latest is cumulative service pack 2), there are first several tasks to complete and items to install or configure, as follows: After you install Exchange 2003, but before applying any Exchange 2003 Service Pack (the latest is cumulative service pack 2), there are first several tasks to complete and items to install or configure, as follows:
  
-1. Install Security Update 913446 before applying the latest cumulative Exchange Server 2003 Service Pack.+====1. Install Security Update 913446 before applying the latest cumulative Exchange Server 2003 Service Pack.====
  
 The Microsoft Release Notes to Service Pack 2 for Exchange Server 2003 provide as follows: The Microsoft Release Notes to Service Pack 2 for Exchange Server 2003 provide as follows:
Line 18: Line 18:
 Note Security update 913446 (security bulletin MS06-007) supersedes this hotfix (898060). For more information, click the following article number to view the article in the Microsoft Knowledge Base: 913446 http://support.microsoft.com/kb/913446/ MS06-007: Vulnerability in TCP/IP could allow denial of service Note Security update 913446 (security bulletin MS06-007) supersedes this hotfix (898060). For more information, click the following article number to view the article in the Microsoft Knowledge Base: 913446 http://support.microsoft.com/kb/913446/ MS06-007: Vulnerability in TCP/IP could allow denial of service
  
-2. Switch Exchange from Mixed Mode to Native Mode if you have no Exchange 5.5 servers in your organization. For detailed explanation and instructions, Download from Microsoft and Read the Exchange 2003 Planning Systems Doc (PlanE2k3MsgSys.doc): Planning a Microsoft Exchange Server 2003 Messaging System, Microsoft Corporation, Published: December 12, 2006, Author: Exchange Server Documentation Team.+====2. Switch Exchange from Mixed Mode to Native Mode if you have no Exchange 5.5 servers in your organization.==== 
 +For detailed explanation and instructions, Download from Microsoft and Read the Exchange 2003 Planning Systems Doc (PlanE2k3MsgSys.doc): Planning a Microsoft Exchange Server 2003 Messaging System, Microsoft Corporation, Published: December 12, 2006, Author: Exchange Server Documentation Team.
  
 By default, Exchange 2003 is always installed in Mixed Mode which allows Exchange 2003 to co-exist with Exchange 5.5 servers in your organization. However, in Mixed Mode, some Exchange 2003 features are not available. In order to enable these features, Exchange 2003 must be switched to run in Native Mode. However, once you move to Native Mode, you cannot switch back to Mixed Mode. Microsoft recommends using pure Native Mode if you do not plan to have exchange 5.5 servers (Pre-Exchange 2000 Servers) in your organization. This author is not exactly sure whether to switch to Native Mode before or after installing the following items (or whether or not it actually matters). By default, Exchange 2003 is always installed in Mixed Mode which allows Exchange 2003 to co-exist with Exchange 5.5 servers in your organization. However, in Mixed Mode, some Exchange 2003 features are not available. In order to enable these features, Exchange 2003 must be switched to run in Native Mode. However, once you move to Native Mode, you cannot switch back to Mixed Mode. Microsoft recommends using pure Native Mode if you do not plan to have exchange 5.5 servers (Pre-Exchange 2000 Servers) in your organization. This author is not exactly sure whether to switch to Native Mode before or after installing the following items (or whether or not it actually matters).
Line 32: Line 33:
 As a side note: Before determining a better place where this topic should be inserted, I will insert it here temporarily. if you ever need to view Administrative Groups in Exchange System Manager, you need to enable the display of Administrative Groups in System Manager. Open the System Manager and right-click your Organization Name (Exchange) at the very top of the tree of this snap-in, left-click properties, on the General Tab select to check the check box next to Display Administrative Groups, click Apply, and click OK. Close and re-open System Manager before you can view the Administrative Groups following this change of display view. As a side note: Before determining a better place where this topic should be inserted, I will insert it here temporarily. if you ever need to view Administrative Groups in Exchange System Manager, you need to enable the display of Administrative Groups in System Manager. Open the System Manager and right-click your Organization Name (Exchange) at the very top of the tree of this snap-in, left-click properties, on the General Tab select to check the check box next to Display Administrative Groups, click Apply, and click OK. Close and re-open System Manager before you can view the Administrative Groups following this change of display view.
  
-3. Install/Add RPC over HTTP Proxy, which is a subcomponent of Network Services when you are installing Windows Components using Add/Remove Programs from the Windows Control Panel. Click Start, Settings, Control Panel, Double click Add/Remove Programs, click Windows Components, and under/within Network Services select to add RPC over HTTP Proxy. Have your Windows Server 2003 CD ready.+====3. Install/Add RPC over HTTP Proxy,==== 
 +Install/Add RPC over HTTP Proxy, which is a subcomponent of Network Services when you are installing Windows Components using Add/Remove Programs from the Windows Control Panel. Click Start, Settings, Control Panel, Double click Add/Remove Programs, click Windows Components, and under/within Network Services select to add RPC over HTTP Proxy. Have your Windows Server 2003 CD ready.
  
 Later (possibly before or after installing exchange 2003 service pack/s) it will be necessary to Configure RPC over HTTP/S on Exchange 2003 and, for a prelude, see the January 7, 2009 article written by Daniel Petri and located in the Daniel Petri knowledge base at http://www.petri.co.il/how-can-i-configure-rpc-over-https-on-exchange-2003-single-server-scenario.htm Later (possibly before or after installing exchange 2003 service pack/s) it will be necessary to Configure RPC over HTTP/S on Exchange 2003 and, for a prelude, see the January 7, 2009 article written by Daniel Petri and located in the Daniel Petri knowledge base at http://www.petri.co.il/how-can-i-configure-rpc-over-https-on-exchange-2003-single-server-scenario.htm
  
-4. Install/Add Certificate Services (for the purpose of being able to self-issue web server certificate to users of Outlook Web Access and Outlook 2003 using RPC over https on ssl port 443). Click Start, Settings, Control Panel, double click Add/Remove Programs, click Windows Components, check/select Install Certificate Services, and check the box with Certificate Services CA, and check the box with Certificate Services Web Enrollment Support.+====4. Install/Add Certificate Services====  
 +Install/Add Certificate Services (for the purpose of being able to self-issue web server certificate to users of Outlook Web Access and Outlook 2003 using RPC over https on ssl port 443). Click Start, Settings, Control Panel, double click Add/Remove Programs, click Windows Components, check/select Install Certificate Services, and check the box with Certificate Services CA, and check the box with Certificate Services Web Enrollment Support.
  
 The CA type = Enterprise Root CA  The CA type = Enterprise Root CA 
Line 66: Line 69:
 Here is a summary of some additional steps to take after installing Exchange Server 2003 (but before installing any Exchange 2003 service packs). Here is a summary of some additional steps to take after installing Exchange Server 2003 (but before installing any Exchange 2003 service packs).
  
-1. Install Security Update 913446 before applying the latest cumulative Exchange Server 2003 Service Pack.+**1. Install Security Update 913446 before applying the latest cumulative Exchange Server 2003 Service Pack.**
  
-2. Switch Exchange Server from Mixed Mode to Native Mode.+**2. Switch Exchange Server from Mixed Mode to Native Mode.**
  
-3. Added RPC over HTTP, a subcomponent of network services, as a windows component.+**3. Added RPC over HTTP, a subcomponent of network services, as a windows component.**
  
-4. Add Certificate Services as a windows component and configured the domain controller as a CA enterprise root.+**4. Add Certificate Services as a windows component and configured the domain controller as a CA enterprise root.**
  
-5. Enable the Display of Administrative Groups in Exchange System Manager.+**5. Enable the Display of Administrative Groups in Exchange System Manager.**
  
 Author's self reminder notes: Next configure the RPC Proxy Ports in registry, and then configure RPC virtual directory in IIS, and create a web server certificate for use with rpc over https in Exchange. Author's self reminder notes: Next configure the RPC Proxy Ports in registry, and then configure RPC virtual directory in IIS, and create a web server certificate for use with rpc over https in Exchange.
  
-6. Configure Registry Key: HKLM/SOFTWARE/MICROSOFT/Rpc/RpcProxy/ValidPorts +**6. Configure Registry Key: HKLM/SOFTWARE/MICROSOFT/Rpc/RpcProxy/ValidPorts** 
 The Key data is previously -  The Key data is previously - 
 hostname:100-5000 hostname:100-5000
Line 85: Line 88:
 hostname:6001-6002;hostname.domainname.lan:6001-6002;hostname.domainname.com:6001-6002;hostname:6004;hostname.domainname.lan:6004;hostname.domainname.com:6004 hostname:6001-6002;hostname.domainname.lan:6001-6002;hostname.domainname.com:6001-6002;hostname:6004;hostname.domainname.lan:6004;hostname.domainname.com:6004
  
-7. Create/Export, submit to local CA Service for issuance, and Import to IIS, a Webserver Certificate for your particular hostName.domainName.com on the IIS Default Website at Directory Security Tab - Server Certificate +**7. Create/Export, submit to local CA Service for issuance, and Import to IIS, a Webserver Certificate for your particular hostName.domainName.com on the IIS Default Website at Directory Security Tab - Server Certificate 
 +**
 Here is how to Generate and Install a Web Certificate.  Here is how to Generate and Install a Web Certificate. 
-See: Create Webserver SSL Certificate for IIS Default Website+See: [[wiki:create_webserver_ssl_certificate_for_iis_default_website|Create Webserver SSL Certificate for IIS Default Website]]
  
-8. Ensure that your DHCP server is authorized in Active Directory. This is probably already accomplished when you add/install DHCP Server service and then convert the server to a domain controller at which time active directory is also installed as part of the conversion.+**8. Ensure that your DHCP server is authorized in Active Directory.** This is probably already accomplished when you add/install DHCP Server service and then convert the server to a domain controller at which time active directory is also installed as part of the conversion.
  
-See: Authorize a DHCP server in Active Directory+See: [[wiki:authorize_a_dhcp_server_in_active_director|Authorize a DHCP server in Active Directory]]
  
-9. Fix Server Error in Outlook Mobile Access (OMA) Application, if necessary.+**9. Fix Server Error in Outlook Mobile Access (OMA) Application, if necessary.**
  
-See: Server Error in OMA Application +See: [[wiki:Server Error in OMA Application|Server Error in OMA Application]] 
 Server Error in '/OMA' Application. Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\oma\55aaeb43\5ef66257" is denied. Server Error in '/OMA' Application. Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\oma\55aaeb43\5ef66257" is denied.
  
-10. Fix another OMA Login Error. Fix Exchange Virtual Directory so it will work with RpcProxy and SSL while OMA works without SSL(article in process)+**10. Fix another OMA Login Error. Fix Exchange Virtual Directory so it will work with RpcProxy and SSL while OMA works without SSL(article in process)**
  
-Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003 See: http://support.microsoft.com/kb/817379+[[wiki:exchange_activesync_and_outlook_mobile_access_errors_occur_when_ssl_or_forms-based_authentication_is_required_for_exchange_server_2003|Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003]] See: http://support.microsoft.com/kb/817379
  
-See: Settings to Tweak In Exchange 2003 System Manager and in IIS+See: [[wiki:Settings to Tweak In Exchange 2003 System Manager and in IIS|Settings to Tweak In Exchange 2003 System Manager and in IIS]]
  
  
wiki/more_tasks_before_applying_exchange_2003_service_packs.1509937196.txt.gz · Last modified: 2017/11/06 02:59 by wikiadmin