Exchange 2007 is a site-aware application. Site-aware applications can determine their own Active Directory site membership and the Active Directory site membership of other servers by querying Active Directory. In Exchange 2007, the Microsoft Exchange Active Directory Topology service is responsible for updating the site attribute of the Exchange server object. When an Exchange server role has to determine the Active Directory site membership of another Exchange server role, it can query Active Directory to retrieve the site name. All Exchange 2007 server roles also use site membership to determine which domain controllers and global catalogs servers to use for processing Active Directory queries. Because the Active Directory site membership is a server object attribute, you do not have to query DNS to resolve a server address to a subnet that is associated with an Active Directory site. Stamping the Active Directory site attribute on an Exchange server object enables Active Directory site membership to be assigned to a server that is not a domain member, such as a subscribed Edge Transport server.

The Exchange 2007 server roles use Active Directory site membership information as follows:

• The Mailbox server role uses Active Directory site membership information to determine which Hub Transport servers are located in the same Active Directory site as the Mailbox servers. The Mailbox server submits messages for routing and transport to a Hub Transport server that has the same Active Directory site membership as the Mailbox server. The Hub Transport server performs recipient resolution and queries Active Directory to match an e-mail address to a recipient account. The recipient account information includes the fully qualified domain name (FQDN) of the user’s Mailbox server. The FQDN is used to determine the Active Directory site of the user's Mailbox server. The Hub Transport server delivers the message to Mailbox server within its same Active Directory site, or it relays the message to another Hub Transport server for delivery to a Mailbox server that is outside the Active Directory site. If there are no Hub Transport servers in the same Active Directory site as a Mailbox server, mail can't flow to that Mailbox server.
  
  
• Active Directory site membership and IP site link information is used to prioritize the list of servers that are used for public folder referrals. Users are directed first to the default public folder database for their mailbox database. If a replica of the public folder being accessed does not exist in the default public folder database, the Mailbox store where the default public folder database resides will provide a prioritized referral list of Mailbox servers that hold a replica to the client. Public folder databases that are in the same Active Directory site as the default public folder database are listed first, and additional referral locations are prioritized based on Active Directory site proximity. Active Directory site proximity is determined by aggregating the costs of the IP site links between the Active Directory site where the default public folder database resides and the Active Directory sites where public folder replicas exist. The list of referrals is prioritized from lowest cost to highest cost. The connecting client will try each referral in the list until a connection is made or all attempts fail.
  
  
• The Unified Messaging (UM) server role uses Active Directory site membership information to determine which Hub Transport servers are located in the same Active Directory site as the Unified Messaging server. The Unified Messaging server submits messages for routing and transport to a Hub Transport server that has the same Active Directory site membership as the Unified Messaging server. The Hub Transport server performs recipient resolution and queries Active Directory to match a telephone number, or other UM property, to a recipient account. The recipient account information includes the fully qualified domain name (FQDN) of the user’s Mailbox server. The FQDN is used to determine the Active Directory site of the user's Mailbox server. The Hub Transport server delivers the message to a Mailbox server within its same Active Directory site, or it relays the message to another Hub Transport server for delivery to a Mailbox server that is outside the Active Directory Site.
  
  
• When the Client Access server role receives a user connection request, it queries Active Directory to determine which Mailbox server is hosting the user's mailbox. The Client Access server then retrieves the Active Directory site membership of that Mailbox server. If the Client Access server that received the initial user connection is not located in the same site as the user's Mailbox server, the connection is redirected to a Client Access server in the same site as the Mailbox server.
  
  
• Exchange 2007 Hub Transport servers retrieve information from Active Directory to determine how mail should be routed inside the organization. When a message is submitted to the Microsoft Exchange Transport service, the categorizer uses the header information in the message to query Active Directory for information about where the message must be delivered. If the recipient's mailbox is located on a Mailbox server in the same Active Directory site as the Hub Transport server, the message is delivered directly to that mailbox. If the recipient's mailbox is located on a Mailbox server in a different Active Directory site, the message is relayed to a Hub Transport server in that site and then delivered to the Mailbox server.
  
  

Active Directory clients assume site membership by matching their assigned IP address to a subnet that is defined in Active Directory Sites and Services and associated with an Active Directory site. The client then uses this information to determine which domain controllers and global catalog servers exist in that site and communicates with those directory servers for authentication and authorization purposes. Exchange 2007 takes advantage of this relationship by also preferring to retrieve information about recipients from directory servers that are in the same site as the Exchange 2007 server.

All computers that are part of the same Active Directory site are considered well-connected, with a high-speed, reliable network connection. By default, when an Active Directory forest is first deployed, there is a single site named Default-First-Site-Name. If no other sites are manually configured by the administrator, all server and client computers in the forest are considered members of Default-First-Site-Name.

When more than one site is defined, the Active Directory administrator must define the subnets that are present in the organization and associate those subnets with Active Directory sites.

The Microsoft Exchange Active Directory Topology service checks the site membership attribute on the Exchange server object when the server starts. If the site attribute has to be updated, the Microsoft Exchange Active Directory Topology stamps the attribute with the new value. The Microsoft Exchange Active Directory Topology service verifies the site attribute value every 15 minutes and updates the value if site membership has changed. The Microsoft Exchange Active Directory Topology service uses the Net Logon service to obtain current site membership. The Net Logon service updates site membership every five minutes. This means that up to a 20-minute latency period may pass between the time that site membership changes and the new value is stamped on the site attribute.

Relationships between Active Directory sites are defined by IP site links. The IP site link consists of two or more Active Directory sites. All Active Directory sites that are part of the link communicate at the same cost. The IP site link properties include a cost assignment, a schedule, and an interval. The schedule and interval properties are only used for determining Active Directory replication frequency. Exchange 2007 uses the cost assignment to determine the lowest cost route for traffic to follow when multiple paths exist to the destination. The cost of the route is determined by aggregating the cost of all site links in a transmission path. The Active Directory administrator assigns the cost to a link based on relative network speed and available bandwidth compared to other available connections.

By default, the Hub Transport server always tries a direct connection to a Hub Transport server in another Active Directory site. Messages in transport do not relay through each Hub Transport server in a site link path. However, Hub Transport servers in intermediate Active Directory sites along the routing path may perform message relay in the following scenarios:

• Direct relay between Hub Transport servers will not occur when a hub site exists along the least cost routing path. You can configure an Active Directory site as a hub site so that messages are routed to the hub site to be processed before the messages are relayed to the target server. Hub sites are discussed later in this topic.
  
  
• Exchange 2007 uses the routing path derived from IP site link information when communication to the destination Active Directory site fails. If no Hub Transport server in the destination Active Directory site responds, message delivery backs off along the least cost routing path until a connection is made to a Hub Transport server in an Active Directory site along the routing path. The messages are queued in that Active Directory site and the queue will be in a retry state. This behavior is called queue at point of failure.
  
  
• The Hub Transport server can also use the IP site link information to optimize routing of messages that are sent to multiple recipients. The Hub Transport server delays bifurcation of messages until it reaches a fork in the routing paths to the recipients. The bifurcated message is relayed to each recipient destination by a Hub Transport server in the Active Directory site that represents the fork in the individual routing paths. This functionality is called delayed fan-out.
  
  

Designating Hub Sites

Setting an Exchange Specific Cost on an IP Site Link

New in Exchange 2007 Service Pack 1

For message routing between Exchange 2007 roles to occur correctly, all roles that are deployed in the forest must belong to an Active Directory site. Make sure that the IP addresses that you have assigned are in subnets that are correctly associated with Active Directory sites.

The first step in planning the placement of Exchange 2007 servers in the Active Directory site topology is to document the current topology. Your documentation should include the following:

• Sites
  
  
• Subnets and their site association
  
  
• IP site links and their member sites
  
  
• IP site link costs
  
  
• Directory servers in each site
  
  
• Physical network connections
  
  
• Firewall locations
  
  

After you have diagrammed these objects, plan the placement of Exchange servers. Consider the following information when you are deciding where to put servers:

• A Hub Transport server must be able to communicate directly with a global catalog server to perform Active Directory lookups.
  
  
• Mailbox servers should be located in the same site as a Hub Transport server. We recommend that you deploy more than one Hub Transport server in each Active Directory site to provide load balancing and fault tolerance.
  
  
• Unified Messaging servers submit messages to a Hub Transport server for transport to a Mailbox server. A Unified Messaging server may be located in a hub site or near the IP/voice over Internet Protocol (VoIP) gateway or IP Private Branch eXchange (IP PBX). The Hub Transport server that has the same site membership as the Unified Messaging server will receive messages for transport and route the messages to other Hub Transport servers and Mailbox servers in the organization.
  
  
• Client Access servers provide a connectivity point to the Exchange organization for users who are accessing Exchange remotely. A Client Access server must be deployed in each site that contains Mailbox servers. The Client Access server lets the user connect directly to the Mailbox server to retrieve messages, but any messages that are sent from the remote client must be transported through the Hub Transport server.
  
  

After you plan Exchange 2007 placement, you may identify areas where you can modify the Active Directory site topology to improve communication flow. You may want to adjust IP site links and site link costs to optimize delayed fan-out and queue at point of failure. An efficient Active Directory topology does not require any changes to support Exchange 2007.

For more information, see the following topics:

• New Transport and Routing Functionality
  
  
• Understanding Active Directory Site-Based Routing
  
  
• Active Directory Forest Topologies
  
  
• Get-AdSite
  
  
• Set-AdSite
  
  
• Get-AdSiteLink
  
  
• Set-AdSiteLink
  
  
• Managing Exchange 2007 Message Routing