Exchange Server

[pug]

I would like to implement Exchange Server and also have the Outlook Web Access when people area away from their desk. The problem is we have the following:

1) One Domain Server
2) Two Locations
3) The two locations only have cable internet at both
4) Both locations connect to the same domain server

Would this be a problem? What I am asking basically is what kind of setup would you need to have exchange server. I assume you would probably be better off with your own server co-located somewhere so you have fast access to it. I doubt we could do this since we only have cable between the two locations (going across a VPN tunnel).

I have not really setup Exchange and don't know exactly how the setup works/requirements.

 

[YeOldeStonecat]

VPN tunnel between the sites..so that workstations at the second location can log into active directory. But not needed for Exchange..just have your satellite office users use Outlook RPC over HTTP..straight across the internet..to the Exchange server at the main site.

 

[pug]

Wouldn't that be slow as hell for the other location to access their mailbox at the mail location? Considering the main locations up speed is 512kb/s

 

[YeOldeStonecat]

Wouldn't that be slow as hell for the other location to access their mailbox at the mail location? Considering the main locations up speed is 512kb/s

Outlook via RPC over HTTP..is designed for internet use. Outlook 2003 and higher runs in cached mode. These are designed for low bandwidth. RPC over HTTP is also how those Exchange hosting houses run.

But without information like..how many users there are at the satellite office..it's hard to tell.

 

[MorfiusX]

I would suggest a VPN as well. If you have a site to site VPN, there is nothing special about setting up the clients at the far end as it just looks like another subnet to the internal network.

With Exchange 2007, the Outlook CALs no longer come with the regular Exchange CALs. But, you have can have your users use OWA all day long with the regular Exchange CAL. I find Exchange 2007 a little more tricky than 2003, but it can do much more. You can't only by Exchange 2007 licensing now, unless you buy Exchange 2003 as part of SBS.

You will definitely need to contact a vendor about licensing. Depending on your comfort with Exchange, you might want to consider a local contractor as well.

 

[MorfiusX]

Wouldn't that be slow as hell for the other location to access their mailbox at the mail location? Considering the main locations up speed is 512kb/s

Not really. Once the initial cache is built, the traffic is minimal.

 

[pug]

But with 150 email addresses, How often does it have to do the caching? What if they get a large email. It would take a while for them to open a 5mb email across that kind of link.

 

[MorfiusX]

If a client has mail in their mailbox and have configured a new machine, their mailbox will need to be cached. The amount of time this takes will vary depending on the mailbox size.

For a new install, there won't be anything to cache in the beginning. All caching is handled automatically with no user intervention needed. New emails are downloaded in the background. The majority of emails are only a few KB in size. When you get a larger mail, the headers are downloaded first, then the body.

Outlook + Exchange is pretty efficient when it comes to caching. You could elminate this variable by having everyone use Outlook Web Access. When using OWA, the only time the attachment will need to be downloaded is if the actually view or save it, just like any other web based mail service.

 

[YeOldeStonecat]

But with 150 email addresses, How often does it have to do the caching? What if they get a large email. It would take a while for them to open a 5mb email across that kind of link.

OK these are numbers that help us. 150 users at this remote location? And just a single domain controller at the main site...errr....you're going elephant hunting with a BB gun here. Time to ramp up quite a few things. Get another DC at the second location. And 150 users sharing a connection with just a 1/2 meg upload..I'd beef that up a bit too.

 

[pug]

Well its more like 75 per location. Beefing it up means cost, which we don't like to do.

 

[MorfiusX]

Well its more like 75 per location. Beefing it up means cost, which we don't like to do.

Did you expect Exchange to be free?

Oh, and Stonecat is right about having a second DC. There is the right way to do things, and there is the cheap way. The right way will save to a ton of headaches and time down the road.

 

[pug]

Did you expect Exchange to be free?

Oh, and Stonecat is right about having a second DC. There is the right way to do things, and there is the cheap way. The right way will save to a ton of headaches and time down the road.

No I didn't expect it to be free. I guess we would need

2 DC's
2 license for Exchange

Could they still share calendars?

I know we won't do this now because of the cost of another DC. Unless I let the FileServer down there running 2003 be the DC for them. But they need to be on the same Domain in a way because of how our software works. It checks the user/pass on the domain controller to see if it will let you log into the software (IDS).

 

[MorfiusX]

As long as everything is on the same domain, full collaboration will work just fine. Really, most of the time there isn't a big reason to split the domain structure.

You also need to make sure you have the right CALs for both Exchange and Windows. This is where contacting a vendor who has a licensing specialist come into play. Tell them what you are trying to do and they can tell you exactly what to purchase.

 

[pug]

How can you have 2 DC's but one domain name?

 

[YeOldeStonecat]

How can you have 2 DC's but one domain name?

On larger networks this is desired...for redundancy. Also on networks that are spread out across wide area networks.

You have your first domain controller...and you have your additional domain controllers. In the NT 4 days they were called Primary DC and secondary DC. But with Win2K and higher...they're all just called DCs now..even though one is still sort of the primary.

If one fails or goes offline..the other one authenticates so your network still continues to function. If you only had 1x DC..and it failed/went offline...your network would crumble.

 

[pug]

True. What kind of connection should be between locations like ours?

75 per location for example.

 

[MorfiusX]

That really depends on the amount and type of traffic between them. If each site has their own DC, File/Print, Exchange, etc server, then you 512k link will probably be fine. If you are doing a lot of sharing files and such between the sites, then you probably will want to upgrade the connections. What is best depends on budget and what is available in your area.

 

[pug]

The only way I see exchange working is if both locations had their on DC. Correct?

 

[MorfiusX]

Exchange will work with just one DC. But given what you have described, you would probably be better off with 2 DCs and 2 Exchange servers.

 

[Nate7311]

How can you have 2 DC's but one domain name?

With WIndows 2000 and up the same domain can share domain controller responsibilities between multiple DC's. All DC's still have unique computer names but are controllers on the same domain. They will automatically replicate domain info between them. You'd have a DC for your domain at each location. On your workstations, set primary DNS as the local DC and secondary DNS as the remote DC.

 

[pug]

Yea, since the connection between two would be so slow for emails.

 

[YeOldeStonecat]

The only way I see exchange working is if both locations had their on DC. Correct?

No...it technically would work with just 1x DC and 1x Exchange server at your main office..and no servers at the satellite office. However....performance would be piss poor...no...worse than piss poor.

Satellite offices would have to log in and authenticate to the domain...through the VPN tunnel. Taking up substantial bandwidth...not to mention all the DNS requests all day long..through the tunnel. And when one of the internet connections goes down...and/or the VPN tunnel does down for <whatever>reason...the satellite office loses much functionality.

So having a 2nd DC at your satellite office...will alleviate much of the VPN tunnel traffic....freeing up performance in the VPN tunnel..thus alleviating bandwidth for regular internet stuff.

 

[pug]

Yea I know what I would like to do, but its a matter of cost.

 

[MorfiusX]

It is something you can do a phased deployment. You don't have to do everything at once. Figure out what your ROI would, prepare all of the data, and present it to the powers that be as way to save money over time. The worst they can do is say no. But if you clearly present the data, then it on their shoulders and you can say you did your best.

 

[pug]

I'd have to train someone to change the backup (external hard-drives probably) at the other location. I am the ONLY IT person. These people barely know how to wipe their nose let alone turn on a computer. Be a pain to administer.

 

[swatbat]

With that many users I would have recomended 2 servers anyway even if they were at one location. Pretty much let exchange be on its own box.

With what you are looking at you need to get a local consultant in and have them plan it out with you. This is a big and pretty expensive project you are looking at

 

[TechieSooner]

RPC over HTTP will work just fine. Depends how much activity, but my opinion is 1 Exchange server will work just fine for you.

As far as logging on- passing Group Policy and whatnot over a WAN link- 2 DCs might be needed.

 

[Erich in Az]

Yea I know what I would like to do, but its a matter of cost.

You have to pay to play. Sorry, it's the way it works.

I agree that 2 DC's are certainly the way to go. besides traffic, the 2nd DC offers some protection against things like a DIT (AD database) corruption and blowing stuff up during major upgrades.

For example, when you do Exchange you will need to do a schema extension. Most of the time these are fine, but when they bomb, it's often very ugly. We shut off 1/2 of our DC's whenever we do anything to the schema. This way if something goes bad, we disconnect the the ones with the bad schema update, fire up the old ones, then restore the "bad" ones from a backup and let them replicate.

Ta Da! Forest is online with minimal downtime.

For Exchange the OWA (Outlook Web Access) client is great in 2k7 but 2k7 will require that you have a 64bit OS. Exchange 2k3 has an OK OWA setup, but I would suggest RoH (RPC over HTTP) as the better way in this case. 1 Exchange server could work fine if you use a low bandwidth protocol like RoH, but 2 might be better for redundacy. I know that's a big cost for a small company.

Don't take this wrong, but you sound a little green in the IT world. I'd like to offer a little advice when it comes to projects like this. Take it or leave it, but hopefully it will help. When you present solutions to the people holding checkbooks offer at least 2 options and never one that barely scrapes by. One should be a good basic solid solution and one with some extras (such as a 2nd Exchange server here). Try to quantify what it costs the company when email is down and see if it justifies the cost for the redundancy. Some places it's not much, in other places it's crippling. Get them to understand and accept the risk vs. the bottom line and it will go a long way toward keeping you out of trouble and keeping things working smoothly.

Good luck!