Applies to: Exchange Server 2007 SP3, Exchange Server
2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2008-03-17
Of the four defined organizational models for Microsoft Exchange Server 2007, the standard Exchange organization represents the most common topology into which Exchange 2007 is deployed. As messaging service needs grow beyond the resource limits of a single computer, separation of Exchange 2007 services onto multiple computers becomes the next topological division: the standard Exchange organization. The standard Exchange organization builds upon the simple Exchange organization by deploying multiple computers running Exchange.
|For more information about the simple Exchange organization, see Planning for a Simple Exchange Organization.|
Unlike the simple Exchange organization, in which all Exchange services, except for the Edge Transport server, are installed on a single computer, the distinguishing characteristic of the standard Exchange organization is that Exchange services are installed on multiple computers. In this topology, Exchange Server is not installed on a directory server, and it may be installed on multiple member servers. In this case, adequate directory service resources must be available to meet the needs of the messaging system. Other distinguishing characteristics of the standard Exchange organization include:
- The Service Delivery Location (SDL) and Client Service Location
(CSL) reside on the same local area network (LAN).
- There are more than 1,000 mailboxes in the organization.
- There are fewer than five routing groups, and between one and
five Active Directory directory service sites. Multiple
locations and Active Directory sites introduce the multi-site
routing protocol and role discovery algorithms, as well as a
requirement to use IP site links.
Note: Multiple routing groups will only exist in a standard Exchange organization that includes Exchange 2007 and either Exchange Server 2003 or Exchange 2000 Server, or both. In a pure Exchange 2007 environment, all servers belong to a single routing group.
- There is a single Active Directory forest. We recommend
the single-forest Exchange design because it offers the richest set
of mail system features and has the most streamlined administrative
model. Because all resources are contained in a single forest, a
single global address list (GAL) contains all users across the
forest. The main disadvantage associated with this option is that
administrators must determine how to share or divide
responsibilities for managing Active Directory and Exchange
objects. The introduction of a second or subsequent forest
automatically redefines the topology as a complex Exchange
Note: For more information about the complex Exchange organization, see Planning for a Complex Exchange Organization.
An Exchange organization with all of the previously listed characteristics is considered a standard Exchange organization. Standard Exchange organizations can also optionally include one or more Edge Transport Servers.
Using Dedicated Active Directory Sites for Exchange
Historically, deploying a dedicated Active Directory site for Exchange services has been a recommended best practice. This optimization partitioned the global catalog servers for Exchange and Active Directory replication, a strategy that is typically used to mitigate performance issues that arise from using a common collection of domain controllers for Exchange and normal user, application, and logon activities.
In some situations when dedicated Active Directory sites are used, Exchange servers in those Active Directory sites are no longer considered to be in the routing path. This is usually the case when the Exchange site is subordinate to an Active Directory replication hub site via a single IP site link. There are several ways to address this issue including the placement of a Hub Transport server in the replication site or combining the sites.
We recommend that you introduce a new IP site link to bring the dedicated Active Directory site into the back-off routing path. One way to do this is to introduce new IP site links, which cause the site to be an intermediate site between other Active Directory sites with Exchange servers. On these new IP site links, Exchange override costs are created to identify the preferred route for message flow. The override cost will not affect Active Directory replication if the site cost is such that it is not a low cost route for Active Directory replication.
Another method is to introduce new IP site links, which place the dedicated Active Directory site between other sites with Exchange servers and then eliminate the existing site links. This method will not affect Active Directory replication to any branch offices but will change the Active Directory replication path for the dedicated Active Directory site.
Examples of Standard Exchange Organizations
The standard Exchange organization is any Exchange organization that is not simple, large, or complex. In the simplest form, this topology includes a single Active Directory site definition per SDL and it also contains a single point of egress to the Internet.
The following figure illustrates one example of a standard Exchange organization.
As you can see in Figure 1, the Woodgrove Bank topology includes two Active Directory sites connected by an IP site link. In this example, each SDL is responsible for providing minimum dependent services, such as name resolution and directory services using resources deployed on the local LAN. In addition, there are multiple Hub Transport servers and Edge Transport servers, and the Unified Messaging server is co-located with each Mailbox server.
Planning Considerations for Standard Exchange Topologies
During the planning phase of your deployment, and before you deploy any Exchange 2007 servers in a standard Exchange organization, we recommend that you consider the following points:
- The single forest option offers the following advantages:
- Provides the richest set of mail system features
- Allows for a streamlined administrative model
- Takes advantage of an existing Active Directory
- Uses existing domain controllers and global catalog servers
- Does not require provisioning or synchronization with other
- Provides the richest set of mail system features
- An increase in the number of Exchange SDLs is generally
accompanied by an overall increase in the number of mailboxes and
an increased dependence upon reliable mail delivery. To meet these
requirements, we recommend that you install multiple Edge Transport
servers to address external mail flow requirements and multiple Hub
Transport servers to address internal mail flow requirements. The
requirement for multiple Hub Transport servers will not only be to
service Mailbox servers from the immediate location, but will also
likely include hub-to-hub communication across locations.
- When Exchange servers are hosted across multiple
Active Directory sites, directory replication latency becomes
a consideration. Directory replication between
Active Directory sites occurs much less frequently than it
does between domain controllers within an Active Directory
site. The actual cross-site replication interval cannot be
predicted because this is configured according to the directory
service administrator's design requirements. The replication
latency across Active Directory sites is generally measured in
fractions of or entire hours and continues to increase as the
number of Active Directory sites increases. For more
information about Active Directory replication within and
between Active Directory sites, see Replication within a site, Replication between sites, and How the Active Directory Replication Model Works.
- Deployment of Exchange 2007 server roles that respect
network design assumptions is required to a much greater extent
than with the simple Exchange organization.
- Active Directory site and subnet mapping becomes critical
for Exchange 2007 to function normally.
- In this topology, although the Exchange organization is
distributed across multiple physical locations, the external Simple
Mail Transfer Protocol (SMTP)-specific and client protocol-specific
namespaces are common across the locations. To provide resiliency
and reliability of external services, and because in these
environments, the network requirements for Internet connectivity
become more stringent, we recommend that you implement a true
perimeter network when deploying a standard Exchange organization.
In addition, to achieve even higher security, we recommend that you
use dissimilar firewall products on inner and outer firewalls, so
that an attacker cannot use the same techniques on inner and outer
firewalls to penetrate the internal network. For example, if you
use Microsoft Internet Security and Acceleration (ISA) Server on
the inner firewall, use a non-Microsoft product on the outer
firewall, or vice versa.
- When deploying a standard Exchange organization, providing high
availability deployment options becomes a consideration. In
Exchange 2007, there are multiple solutions that can be used
to provide high availability for each server role. For more
information about high availability strategies and features for
Exchange 2007, see High
Transitioning a Standard Exchange Organization
If you are transitioning from an existing Exchange Server 2003 or Exchange 2000 Server organization to an Exchange 2007 organization, be aware that you cannot perform an in-place upgrade of your existing servers. You must add one or more Exchange 2007 servers to your existing organization, move mailboxes and other data to Exchange 2007, and then remove the Exchange 2003 or Exchange 2000 server from the organization.
For more information about deploying and transitioning to a standard Exchange 2007 organization, see Deploying a Standard Exchange Organization.