Microsoft Fax Service

Microsoft Fax Service provides fax services to clients on the small business network. Once the fax client software is installed, users can send and receive faxes using fax devices installed on the server. At least one Class 1 fax modem must be installed during Small Business Server setup in order to enable Fax Service installation.

Faxing Model

Fax Service uses the concept of a fax printer to send faxes. During installation, the Fax Service creates a default shared fax printer that enables sending and receiving faxes. Users can fax documents by printing them to the shared fax printer, just as if they were sending a document to a shared printer. The fax printer then communicates with the fax device to send the fax.

Managing Microsoft Fax Service

The Manage Faxes page of the Small Business Server console shows the most common tasks for managing the Fax Service. To manage the Fax Service using the console, select Manage Faxes on the More Tasks page of the console. You can manage the following tasks from Manage Faxes page:

• Control access to fax services.
• Change how faxes are received.
• Add or remove a fax modem.
• Add or remove fax printers.
• Create cover pages.
• Generate fax reports.
• Manage fax jobs.
• Troubleshoot faxing.

Accessing Fax Service Properties

Most of the tasks for configuring Fax Service involve setting options in the Fax Server Properties page. Although this page is easily launched from Manage Faxes tasks on the Small Business Server console, it can also be opened in the following ways:

• From the Start menu using Programs and Fax (Common).
• From the Start menu using Settings and Control Panel.

To open the Fax Server Properties dialog box from Programs

• Click Start, point to Programs, point to Fax (Common), and then click Fax Configuration to display the Fax Server Properties dialog box shown below.

Adding a Fax Device

When Small Business Server installs Fax Service, it configures any fax modems installed during setup to send and receive faxes. If your fax modem was not automatically installed, refer to Chapter 19, Small Business Server Setup Issues, in Part 3, Deployment, and Chapter 56 Modem Sharing Service Troubleshooting in Part 11, Troubleshooting of this resource guide. Make sure your fax modem(s) has the following requirements:

• Must be a Class 1 fax modem. Business class fax modem is recommended.
• If using the same modem for inbound faxes and RAS, it must support adaptive answering.

To install additional modems after setup, use the Small Business Server console Manage Faxes page. After installing a fax modem, use the Manage Faxes page to enable the modem to send or receive faxes and to configure how Fax Service uses the device. These devices must model their ports as modems. To install such devices, refer to the manufacturer's instructions.

Fax Service can also be configured to work with some specialized fax cards.

Note Fax Service does not support advanced Private Branch Exchange (PBX) routing features such as Direct Inward Dialing (DID).

Adding and Configuring Fax Printers

When Small Business Server installs Microsoft Fax Service, it creates a fax printer. This fax printer can be configured to use a single modem or multiple modems.

Different fax printers can be set up for different people or groups in the small business organization. Each printer can be configured to archive sent faxes to a specific destination directory and to use a different fax modem.

To add a fax printer, refer to the Online Guide.

Windows NT Clients

For Windows NT Workstation clients, after Fax Service setup, additional fax printers may be created to serve different needs in the small business organization. For example, if you have different discount billing rate periods for domestic and international long-distance calling, you can create one fax printer with the discount rate period set for international use and another for domestic.

User Access to the Fax Printer

The technology consultant can control who uses a fax printer in the same way that access to any printer is controlled — by changing the security and sharing settings for the fax printer. On Small Business Server, clients are given access to the fax printer using the console's Manage Faxes page.

Creating Cover Pages for Your Fax Printers

Fax Service includes a fax cover page editor for Windows NT Workstation clients. The editor is similar to Microsoft Wordpad and allows you to insert text, shapes, and fax fields on a what-you-see-is-what-you-get (WYSIWYG) window. Custom fax pages can be created for your company, for specific users, or for specific fax printers. Refer to the Online Guide for procedures.

Assigning Cover Pages for Your Fax Printers

When Small Business Server installs Fax Service, it sets up a fax printer and assigns four default cover pages that users can send with faxes. For each fax printer, you can create new cover pages, add existing cover pages, edit the cover pages, or delete them. Refer to the Online Guide for specific procedures.

Receiving and Routing Incoming Faxes

When Small Business Server installs Fax Service, it enables all the fax modems on your computer to only send faxes. To receive a fax, a fax device must be selected in the Fax Server Properties dialog box Receive tab. For each fax modem, you can specify several routing options for received faxes, as follows:

• Automatically print faxes as they are received.
• Save faxes in a shared folder anywhere on the network. You can view these faxes in the folder online using a Tagged Image File Format (TIFF) viewer. In a typical installation, all clients have access to the share.

  When Fax Service is installed during setup, the default location for received faxes, %systemroot%\FaxStore, can be changed. The Receive tab on the Fax Server Properties dialog box can be used to change the default location of the received fax store. The destination directory for archiving sent faxes can be specified using the Send tab. With these tabs, you can also choose to not archive received and sent faxes.

  Note If you archive sent and received faxes, delete them periodically from the saved location to reduce disk space consumption.

• Send faxes to a local profile (such as the administrator's) if Microsoft Exchange Server is installed. Faxes are saved as an attachment to the e-mail message (using TIFF file format). The e-mail may then be sent by the administrator to any supported e-mail client. Once received, the fax can be viewed with a TIFF viewer. Refer to the Online Guide for specific procedures on configuring fax routings.

  After installation, fax modems can be disabled or enabled to receive faxes and the way faxes are routed can be changed. For example, all received faxes could be sent to an office manager's mailbox. The office manager would then open the faxes in the fax viewer and use the Send command to forward each one to the cover page addressee.

The following diagram illustrates the various ways a fax can be received and routed.

Figure 27.1 Receiving a fax with Small Business Server

Checking Received Faxes

Microsoft Fax Service routes faxes through the fax printer queue. When the Fax Service is unable to route an incoming fax, such as when a shared directory is unavailable, it keeps the fax in the fax jobs list until it successfully delivers the fax. Once the destination is available, the fax jobs list can be opened for any fax printer and the print job for the incoming fax can be restarted.

Sending and Resending Faxes

Fax Service can be configured to solely send and not receive faxes. Fax Service can also be configured to resend messages up to a maximum of 15 times. The amount of time to wait in between redial attempts may also be specified.

Fax Send Notification

Clients receive e-mail notification of fax-send status whether it succeeded or failed. Since Fax Service is set up like a printer driver, the printer queue can be viewed to see the fax printer and obtain the status of the fax.

Fax Job Management

Fax jobs may be paused, restarted, or canceled from the Small Business Server console Manage Fax Jobs page. These functions may also be performed from client machines using the Windows Print Manager.

Status Monitoring

Small Business Server has fax monitoring tools that report real-time status of each fax device. The tools also generate a history log of all fax activity. The tools may be accessed from the Small Business Server Start menu, once the Microsoft Small Business Server Resource Kit is installed. For further information on what the fax monitoring tools can do, refer to Part 10, Tools and Utilities, of this resource kit.

Microsoft Fax Server Fax and E-mail Integration

Small Business Server 4.5 integrates fax and e-mail services by routing messages between the Fax Service and Exchange Server. With Small Business Server, the following options are available:

• You can receive and view incoming fax messages in your Outlook 2000 Inbox.
• You can send fax messages to a contact from within Outlook 2000.
• You can create distribution lists that contain both e-mail addresses and fax numbers.
• You can send faxes to contacts using the Windows Send-To command.
• You can create shared fax distribution lists using Microsoft Exchange Public Folders.

Inbound Fax Routing

Inbound fax messages can be routed to an Exchange Server mailbox. To do this, you must specify an Exchange profile on the server that points to the mailbox. After inbound faxes are routed to the Exchange mailbox, they can be forwarded to other Exchange users from Outlook. When fax routing is enabled, faxes are routed by default to the Administrator messaging profile. This profile is created on the server during Small Business Server installation and is the messaging profile for the Administrator account. Incoming faxes can be received by users other than administrator if one of the following is done:

• Give the user permission to view the Administrator mail box.
• Change the routing settings at the Fax Server to route faxes to a different messaging profile.

For instructions on how routing settings may be changed, refer to the Online Guide or to Chapter 55, Fax Service Troubleshooting, in Part 11, Troubleshooting, of this resource guide.

Utilizing Microsoft Exchange Server Features

Microsoft Exchange public folders can be created to contain company-wide shared fax and e-mail contacts. These public contact lists can be configured as address books for use in Microsoft Outlook 2000. This provides individual users the ability to add contacts to this list\in contrast, the global address list can only be configured using the Exchange Administrator. Use the following steps to create a company-wide shared contacts list in Exchange Server.

To create a shared contacts list in Exchange

1. Using Outlook 2000, create a new public folder. On the File menu, click New and then click Folder to display the Create New Folder dialog box.
2. In the Name text field, enter a name for the folder, such as Company Rolodex.
3. In the Folder contains drop-down list, select Contacts. Select OK to create the folder, and then close and reopen Outlook.
4. Right-click the newly created public folder and select Properties. Select the Outlook Address Book tab, and then select Show this folder as an e-mail address book. Perform this step on every machine that will use the public folder as an address book.

   Note This option only works if Outlook Address Book is installed as a service.

   Note The user who creates this public folder becomes the owner of the folder. Additional permissions can be set on the folder by right-clicking the folder, selecting Properties, then selecting the Permissions tab.

5. After the public folder has been created, make a shortcut to the public folder by dragging it onto the Outlook bar.

Faxing Documents

On the Small Business Server, there are several ways to fax documents, as described in the following sections:

Faxing a Document with the Print Command

Any document may be faxed to a fax recipient using the program's Print command. The fax is addressed by entering a recipient's name and fax number or by selecting a fax address from the Exchange or Microsoft Outlook Address Book if an e-mail client is installed. To send a fax using the Print command, use the following procedure.

To fax a document using the Print command

1. Open the document you want to fax. You can also right-click the document and select Print.
2. On the File menu, click Print (or follow the procedure for printing documents in your program).
3. Select a fax printer and then click OK in the Print dialog box.
4. The Compose New Fax dialog box opens. Either click Address Book (if an e-mail client is installed) or type a name and fax number. For Country, click the location of the recipient.
5. To send a fax to more than one recipient, click Add, and then repeat step 4.
6. Click Next and follow the instructions to add a cover page and send the fax.

Note Do not use the File/Send To/Fax Recipient command to send a fax with Fax Service. This menu item is for Microsoft Fax installed on a stand-alone machine and it does work on Microsoft Small Business Server 4.5 fax.

Note To allow a client to send faxes from Microsoft Access, change the spool settings of the client PC's fax printer to EMF.

Faxing a Message from Outlook or Exchange

A message may be sent from Outlook or Exchange to fax and e-mail addresses either separately or concurrently. Messages are composed and documents may be inserted as in any other message. Faxes may be sent as follows:

• From within Microsoft Outlook. Outbound fax sending is set up for Outlook contacts when you enter the business fax number. Messages are routed to these contacts by the Fax Service. Distribution lists created within Outlook can have both e-mail addresses and fax numbers. If both the e-mail address and business fax number are entered for an Outlook contact, then Outlook offers the choice of which method to use whenever a message is sent to that contact.
• Using the Send-To command. By right-clicking a document and then clicking Send-To and Mail Recipient, a user routes a document to the fax server. The Outlook New Message dialog box appears with the global address list and personal and shared contact lists available.

Virtually any type of file can be sent through Outlook as an e-mail message, but the file must be rendered properly in order to be sent to a fax contact. Refer to Chapter 55, Fax Service Troubleshooting, in Part 11, Troubleshooting, of this resource guide for information on rendering fax documents. The procedure below describes how to send a fax from Outlook or Exchange.

To fax a message from Outlook or Exchange

1. Compose an e-mail message as you normally would.
2. For To or Cc, specify one or more fax addresses.
3. Specify e-mail addresses if sending messages to both fax and e-mail addresses.
4. After specifying a fax address, the fax printer and other fax message attributes may be changed, if required, by clicking Fax Attributes on the Tools menu.
5. Click the Send button to send the message.

Creating a Fax Address

A fax address is needed when faxing documents and messages using Microsoft Outlook® 2000 or Exchange. Outlook automatically creates a fax address for each contact's fax number entered in the Outlook Contacts folder. In order to fax with Exchange, you must first create a fax recipient address in the Address Book.

Note If you wish to use fax addresses from the Microsoft Exchange Client Address Book rather than using an Outlook Contact, you must install the Fax Address Book as well.

Use the steps that follow to create a fax address in Exchange.

To create a fax address in Microsoft Exchange

1. Open the Microsoft Exchange Administrator.
2. On the Tools menu, click Address Book.
3. On the File menu of the Address Book, click New Entry.
4. In the New Entry dialog box, click Fax Address.
5. Click OK. The New Address Properties dialog box appears.
6. For Fax Recipient, type the full name of the fax recipient.
7. For Country, click the location of the recipient.
8. For area code and fax number, type the area or city code and telephone number for the fax recipient.
9. On the Business tab, enter any additional information you want to appear on the cover pages, then click OK.

Note When viewing entries in either the Exchange or Outlook Address Book, the entry type for fax addresses is shown as "FAX."

Faxing a Document From Office 2000 Applications

Faxes can also be sent from Office 2000 applications. See the Office 2000 Resource Kit for details.

Upgrading to BackOffice Server

If the small business upgrades to BackOffice Server, new users can still access Fax Service. When upgrading to a full version of Windows NT Server, you can keep the functionality you have. If you want more users to use Fax Service, they must each have a Windows NT Server Client Access License for file and print services.

Microsoft Modem Sharing Service

The Microsoft Modem Sharing Service allows Small Business Server clients to use modems installed on the server, to connect to remote networks, bulletin board systems, and online services such as MSN^™ (the Microsoft Network). By sharing modems installed on Small Business Server, hardware costs are reduced since users do not need modems for their individual computers. Users can then connect to and use the modem pool in the same way they use modems connected to the COM ports on their computers. When users need access to a remote network or online service, the modem sharing application is run. This application uses a COM port connected over the network to a modem pool on Small Business Server.

Modem Sharing Server also allows modems on the Small Business Server to be pooled together. When a modem from the modem pool becomes available, it dials the remote network or online service. If there is more than one modem in the modem pool, the server automatically uses the next available (idle) modem in the pool.

Administering the Modem Sharing Service

Small Business Server installs the Modem Sharing Service during setup and automatically shares and configures modem pools based on the installed modems. However, the modem pools should serve the unique needs of the small business organization. The material that follows explains how to administer and configure the Modem Sharing application.

To manage Microsoft Modem Sharing Server

1. On the Small Business Server console, click More Tasks.
2. Click Manage Modems to display the Manage Modems page.

From this page, you can perform the following tasks:

• Add, remove, and configure modems and modem pools.
• Add or remove a modem from a pool.
• View the status of a modem pool.
• Troubleshoot modem problems.

Accessing Modem Sharing Service Properties

Most of the tasks for configuring Microsoft Modem Sharing Server involve setting options in the Modem Sharing Administration dialog box, accessed using the procedure below.

To open the Modem Sharing Administration dialog box

• From Control Panel, double-click Modem Sharing to display the following Modem Sharing Administration dialog box.

  Note The Modem Sharing Administration dialog box is also accessed within Online Guide procedures launched from various taskpads on the Manage Modems page.

Viewing the Modem Pool

Small Business Server setup configures modem pools using the modems found during installation. To view the modem pool from a client computer, you must specify the modem pool name when connecting to it on the server. To view a modem pool name for connecting with it, refer to the procedure below.

To view the modem pools configured on the server

1. On the More Tasks page of the console, click Manage Modems.
2. Click View the status of a modem pool to display the online Help procedure.
3. Click the Modem Sharing utility link in Step 1 of the online Help to display the Modem Sharing Administration utility.
4. Select the Configuration tab to show a list of the modem pools, a short description of each pool, and the COM ports assigned to the pool. Client computers use this pool name to specify the modem pool to which they want to connect.

Configuring Modem Pools

Although Small Business Server automatically configures modem pools on the server for modems found during setup, in some cases you may not want these modems assigned to a modem pool. You may also prefer to organize the modems into different pools. Refer to the steps that follow to configure modem pools.

To configure the modem pools on the server

1. On the More Tasks page of the console, click Manage Modems.
2. Click View the status of a modem pool to display the online Help.
3. In the online Help, click the Modem Sharing utility link to display the Modem Sharing Administration utility.
4. Select the Configuration tab.
5. In the Pool pane, select the modem pool name.

   Add or remove COM ports as follows:

   • To add a COM port to the modem pool: Select the COM port in the Available for Pool box, and click the right arrow. The COM port appears in the Assigned to Pool box along with the other COM ports assigned to the pool.
   • To remove a COM port from the modem pool: Select the COM port in the Assigned to Pool box, and click the left arrow. The COM port appears in the Available for Pool box.
6. Click Apply.
7. Select the General tab, click Stop, and then Start to restart the service and apply the changes to the Modem Sharing Server.

Configuring Clients for Modem Pool Connection

Modem Sharing Server supports client computers running Windows 95 and Windows NT 4.0 Workstation. Both of these modem sharing clients may connect to a modem pool configured on Small Business Server. However, the modem sharing client must be installed by the Set Up Computer Wizard and a modem driver, the same as the one on the server, must be configured before connecting to the modem pool.

Warning Performing these client configuration procedures will disconnect all users from the modem pool. Before proceeding, refer to the Online Guide for procedures that identify which users are connected.

Connecting Windows 95-Based Clients to the Modem Pool

During client setup, a modem sharing port is installed on your computer. To use this shared port, you must first install a modem and then configure it to use the shared port. Perform the following steps.

To install a modem

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Modems.
3. Follow the on screen instructions to install a modem. Install the modem that matches the modem attached to the server computer.

To connect Windows 95-based client computers to the modem pool on the server

1. Click Start, point to Settings, and then click Control Panel.
2. Click Add/Remove Programs.
3. Select the Modem Sharing Client and then click Add/Remove to display the Modem Sharing Setup utility.
4. Follow the instructions for adding a port to your Windows 95-based computer.
5. For the modem pool path, specify \\servername\poolname (for example by typing \\smallbiz\modems), then click Finish.
6. Click OK to exit Add/Remove Program.
7. On the Windows 95-based desktop, right-click My Computer, then click Properties.
8. Click the Device Manager tab.
9. Click the plus sign (+) next to Ports. Ports assigned for modem sharing are shown with a corresponding port number.
10. Select the new port and click Properties to verify that Modem Sharing is assigned to a COM port. Change any settings necessary.
11. Click OK and exit.

Connecting Windows NT Workstation-Based Clients to the Modem Pool

During client setup, a modem sharing port is installed on your computer. To use this shared port, you must first install a modem and then configure it to use the shared port. Perform the following steps.

To install a modem

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Modems.
3. Follow the on screen instructions to install a modem. Install the modem that matches the modem attached to the server computer.

To connect Windows NT Workstation-based computers to the modem pool on the server

1. Click Start, point to Settings, and then click Control Panel.
2. In Control Panel, double-click Ports, and then click Add.
3. Click Modem Sharing Port, and then click OK.
4. For COM Port Number, accept the default COM port or any available port from the drop-down box.
5. For Server, type the name of your Small Business Server computer that has the shared port resources available.
6. For Pool, enter the name of the modem pool to which you are connecting on the server.
7. Click OK and exit.

After connecting to the modem pool, the client computer uses the remote serial port as if it were a local serial port. To run client applications that require a shared modem, for example, Remote Access Service (RAS) or CompuServe, the user must first install a modem on the newly connected remote port. Refer to the Online Guide for details.

Status Monitoring

Small Business Server includes Modem Status Tools that allow identification of telephony application programming interface (TAPI) line states and the manipulation of calls, lines, and devices. The Modem Status Tools may be accessed from the Small Business Server Start menu, once the Microsoft Small Business Server Resource Kit is installed. For further information on what the modem tools can do, refer to Part 10, Tools and Utilities, of this resource kit.

Microsoft Exchange Server 5.5

Microsoft Exchange Server 5.5 is a client/server messaging system that integrates e-mail, rules, group scheduling, electronic forms, groupware, and Internet connectivity. As an integrated application of Small Business Server 4.5, the Exchange Server platform is scaled and optimized for the typical small business application. When Small Business Server 4.5 is installed, Exchange Server is set up automatically to support this configuration. Refer to Part 5, Performance Optimization and Tuning of this resource kit for the Exchange default set up.

Once Small Business Server is up and running, Exchange is managed with console wizards that perform behind-the-scenes steps to create the appropriate operating configurations for Exchange and other integrated applications. However, Exchange Server is also accessible as a stand-alone application on Small Business Server. This allows the technology consultant to have a more comprehensive control of certain Exchange features and interactions beyond the basic application through manual configuration.

This section discusses several Exchange features and tools available to the technology consultant for fine-tuning the messaging system of the small business network. The material presented here is intended to give the technology consultant a greater knowledge of these features as well as the information necessary to streamline the administration techniques that use them.

Administrator Program Interface

The Administrator program is the window into Exchange Server. All Exchange Server components may be accessed through this window and the entire system may be managed through a single set of commands. The Administrator program displays the small business organization in a hierarchical manner, making it easy to navigate and manage the elements at each level in the hierarchy.

Exchange Server consists of a series of objects. Some of these objects belong to the end user while others facilitate connectivity, communication, and team collaboration. All of these objects are centrally managed through the Administrator program which simultaneously contacts each object's instance.

The end-user objects that may be managed by the Administrator program are mailboxes, end-user distribution lists, custom recipients, and public folder objects. The management techniques and commands for these objects are consistent for all administration procedures.

Mailboxes

End-user mailboxes may be configured manually using the New Mailbox command on the File menu in the Administrator program. You may associate up to 22 predefined attributes and 10 custom-defined attributes for each end user mailbox. The mailbox's Properties window allows for sufficient flexibility to design user and organizational details to suit the needs of the small business network. A sample Administrator Properties dialog box follows. Mailboxes may also be used as a repository for a wide range of data about each employee in the small business.

Distribution Lists

Distribution lists are groups of users that can be addressed as one user. A large mail system may include many distribution lists, often totaling more than the number of single mailboxes. Distribution lists are created with Small Business Server wizards, but may also be generated manually with the Administrator program using the same commands and terminology used for creating mailboxes.

End-User Management of Distribution Lists

The Exchange permissions model can be used to delegate management of certain distribution lists to some users, thus providing an element of decentralized control within a centralized administration model. The model also facilitates departmental distribution lists, allowing members to be added to a team-specific distribution list, controlled at the team level. To create a distribution list or add users to it, use the Small Business Server console manage e-mail distribution lists taskpad.

Distribution List Options

The management of distribution lists can account for a significant part of small business information systems overhead (a manually intensive aspect of the system). Microsoft Exchange Server automates distribution list management, making it cost-effective for the small business organization to offer users a wide range of distribution list options.

Custom Recipients

Custom recipients are addresses of users on other mail systems that appear in the Exchange Server address book because they are used frequently by users in the small business network. The technology consultant may use the simple management tools of the Administrator program to configure these addresses manually.

Address Formats

Custom recipient addresses can appear in a format that clearly depicts them as users of another mail system or they can appear indistinguishable from Exchange Server user addresses. This option is particularly useful in a migration/coexistence scenario where users will be migrated to Microsoft Exchange Server gradually. For instance, representing IBM® PROFS® users in the Exchange Server format sets the stage for a seamless migration strategy.

Migration of New Users

When users are migrated to Exchange Server, their display names remain unchanged in the address book, so other users don't need to change the way they communicate with migrating colleagues. Custom recipients appear in the address book the same way as users of Exchange Server. They each can be sent mail or included on distribution lists in the same way as regular Exchange Server users. Custom recipients are created, managed, and deleted with the identical commands used for mailboxes and distribution lists.

Address Book Views

Address Book views are virtual containers that allow the technology consultant to group recipient objects together logically based on common directory attributes. By grouping recipients together in views, the technology consultant can sort recipient lists according to tasks or functions.

For example, the technology consultant needs to scroll to a particular recipient or use the Find feature to modify or obtain information in a directory with a large number of entries. Although there are tools to do this easily, having users grouped specifically by job functions allows the technology consultant to locate the entry in a manner more suitable to the small business context. Views do not provide filtering, only groupings of users.

Address Book views are created in the Administrator program from the File menu, New Other, and Address Book View option as follows.

The technology consultant can create a directory and display name for the Address Book view. The technology consultant can also control how the address view is grouped based on attributes assigned to the mailbox user (City, State, Site, custom attributes, and so on). In the dialog box that follows, the Group By tab allows the technology consultant to specify the order that recipients are grouped by. These groups are nested if more than one directory attribute is defined.

Public Folders

The public folder is the fourth end-user object existing on an Exchange Server that may be configured manually with the Administrator program. Public folders are created from the client but are managed from the Administrator program with the same commands used to manage the other end-user objects.

Off-Line Folder Synchronization

Exchange Server enables users to automatically perform two-way synchronization between a server folder and a copy of that folder on a local PC. Off-line folder synchronization enables users to maintain up-to-date information without having to be continuously connected to the small business network.

For example, a user can create an off-line folder (a snapshot or replica) of a customer-tracking application to take on a business trip and update it based on interactions with customers during the trip. Then by reconnecting to the server — either remotely via modem or by connecting to the small business LAN upon returning to the office — the user can bidirectionally synchronize the off-line and server folders. Changes made on the local PC (including forms and views) are updated to the server and changes to the server-based folders automatically show up on the user's PC.

Creating an off-line folder is different from simply copying a server folder to the hard disk, because an off-line folder remembers its relationship with the server folder and uses that relationship to perform the bidirectional update. Only changes are copied and not the whole folder. This also helps minimize network traffic.

An offline folder is created in Outlook. First the client specifies that they want an offline folder (.ost). Then they set up offline synchronization in the folder properties.

Off-line folder synchronization provides an alternative to continuous network connection. Exchange Server supports off-line folder synchronization sessions from many different locations simultaneously. Built-in conflict resolution for public folders ensures that all changes are added. The owner of the folder is notified of any conflicts and asked which version to keep.

Managing End-User Objects

The four end-user objects can all be managed from the Administrator program. By providing a single user interface for managing these four objects, Exchange Server provides rich layers of functionality for end users. The four end-user objects reside in the Recipients container of the Administrator program. Mailboxes, distribution lists, and public folders exist whether or not Small Business Server is connected to another mail system. Custom-recipient objects exist only if Exchange Server is connected to another mail system or the Internet.

Accessing object management is done with a double-click. For example, double-click Recipients, and the technology consultant can view all the mailboxes, distribution lists, public folders, and custom recipients on Small Business Server, as follows.

Protecting Exchange Data

Exchange Server includes an enhanced version of the Windows NT Backup utility included with Small Business Server. This utility includes all the standard file and directory backup functions as well as the ability to back up and restore Exchange Server directories and information stores.

Backups are done while Small Business Server is up and running, so downtime is not necessary to secure the data. The new Windows NT Backup program recognizes Exchange Server and backs up the directory and/or information store as an object. It is not necessary to know which files make up the service, only the components that are to be backed up.

Backups can be full, differential, incremental, or copy. Exchange Server backup capabilities are also included in the command-line mode of Windows NT Backup, which allows backup jobs to be batched and scheduled. The following window displays the NT Backup utility configured for backup of Exchange data in the Small Business Server domain. Refer to the Online Guide for further information on using the NT Backup utility.

Exchange Administration Tips

This section provides several tips for Exchange Server administration, including the automation of e-mail forwarding and web access to Exchange.

Automating E-mail Forwarding

From the Administrator program, automate e-mail forwarding by changing the user's Simple Mail Transfer Protocol (SMTP) e-mail address to their new one (usually off site).

Web Access to Exchange

Exchange Server can be accessed over the Internet using a web browser. In order to utilize this feature, install Outlook Web Access from Small Business Server installation CD 3 using the following path:

<Drive:>/ExchSrvr/Server/Setup/i386/Setup, where Drive: is your CD ROM partition.

Accessing Exchange from the Internet does not compromise security since Proxy Server blocks all access to client computers on the small business network. When the Outlook Web Access client establishes a connection to Exchange Server, the following functionality is available to the user.

• Send and receive e-mail.
• Review and publish to public folders.
• View the Global Address List (GAL).

When an e-mail message, public folder, GAL, or other Exchange resource is viewed with a browser, the Outlook Web Access client, it is converted to HTML. Also, inbound access to Exchange resources through a browser requires conversion from HTML to a MAPI-based call. This is accomplished using Exchange Active Server Pages (ASPs) and Collaboration Data Objects (CDOs).

Monitoring the Performance of Exchange

Small Business Server 4.5 includes an NT Performance Monitor tool that allows the technology consultant to collect and analyze performance data on the Exchange Server. This tool was used to pre-configure several key performance monitors supplied with Exchange, to reveal its important underlying operating characteristics. These monitors enable the technology consultant to maintain an accurate view of the overall health of the Exchange system in the small business network.

The monitors provide quick system feedback and statistics to help the technology consultant detect and eliminate problems before they occur.

Performance Monitor Tool Features

The Performance Monitor Tool can provide the technology consultant with statistics on more than 300 system characteristics for processor, process, memory, disk, and network objects. The counters in the Performance Monitor may be used to view such things as access bottlenecks and errors, browse operations, reads/writes, and thread use on the Exchange directory, Exchange Information Store, and other Exchange services. Using the features of Performance Monitor, the load and activity of users requesting addresses or updating directory information may be easily determined in the small business network.

Exchange Performance Monitoring Processes

The diagram that follows presents an overview of the processes involved in setting up accurate and meaningful performance monitors for the Exchange Server. The different phases for accomplishing this task are depicted in diagrammatic format in order to present the technology consultant with an up-front view of the scope of material covered in this section.

Figure 27.2 Exchange performance monitoring process overview

Performance Monitoring Scenarios

The sections that follow include several scenarios in which the NT Performance Monitor may be utilized to assess Exchange Server performance.

Collecting and Analyzing Data

Exchange Server 5.5 is a complex application with multiple components that place varying performance demands on Small Business Server. For example, the Information Store must manage all communication with the various clients connecting to the server. In order to understand how this demand and others translate to actual system performance in the small business environment, it is exceedingly useful to perform the data collection process.

The data collection process involves running a number of performance monitor tests over defined periods and logging the results to a file for analysis. If the correct set of counters were used in the tests, the technology consultant can easily assess the major performance characteristics of Exchange. We recommend performing this process periodically to identify long term trends in server performance.

This process is invaluable in developing a comprehensive understanding of Exchange performance characteristics. This understanding is essential for the technology consultant to define realistic baselines for the initial Exchange usage and capacity profile.

Problem Detection and Notification

Once thresholds are defined, Performance Monitor can then be configured to alert the appropriate support group when a particular threshold has been exceeded. Methods for configuring Performance Monitor to act in this manner are outlined in the section ahead entitled "Performance Monitor Alerts."

Problem Analysis

Once a performance problem is detected, Performance Monitor can be used to identify a particular system component that may be the cause of the problem. However, the effectiveness of using Performance Monitor in this way is greatly dependent on the technology consultant's level of understanding.

Performance Baseline Definition Phase

The predefined performance monitors included with the Exchange Server are set up with counters, but not with counter thresholds, since counter threshold levels are uniquely dependent upon the usage characteristics of the small business network. Before using the predefined Exchange performance monitors, it is necessary to establish an Exchange usage, capacity, and performance counter threshold profile by collecting initial data on the system.

Using the information gathered in the data collection process, baseline performance thresholds can be defined. The logical values for these thresholds will be based on the load characteristics present during the data collection period. It will be obvious if these thresholds are incorrect — thresholds set too low will generate unnecessary alerts, while those set too high may result in undetected problems.

Exchange Usage Characteristics

Over time, the usage characteristics of Exchange Server may change, resulting in a negative impact on performance. Changes in usage levels can be detected early if they are measured on a regular basis.

For example, a common characteristic of e-mail systems is the gradual increase in the average message size. Continuous monitoring of message size can provide early warning of any trends that invalidate initial key operating assumptions made about Exchange in the small business network. In order to detect changes in usage levels, you must first define basic service expectations so you can establish a substantial basis of comparison.

Defining Service Levels

Performance measurement must have baselines in order to be comprehensive. Defining basic service levels is the most effective way to focus performance measurement activities. Some service levels the technology consultant may want to define include:

Service Delivery Parameters

• System availability
• Average message delivery time
• Average time to read a message
• Average time to send a message

Service Usage Assumptions

• Maximum user mailbox size
• Average message size
• Average number of active users
• Average number of messages sent per user per day

Once these levels are defined and understood by both the service delivery and user groups, a clear framework to work within can be established. This also forms in part, the basis on which logical thresholds for performance monitor counters is founded.

Counter Thresholds

In order to define meaningful thresholds, the technology consultant collects and analyzes initial data from the network to create the Exchange usage and capacity profile. The table that follows describes the significant counters to be monitored for capturing initial data on Exchange in the small business network. Once this data is evaluated and understood, the appropriate counter thresholds for the network capacity can be calculated for use with the key performance monitors that continuously track Exchange health. To create the performance monitors for the counters that follow, refer to the "Method For Creating A New Performance Monitor" section later in this chapter.

Table 27.1 Performance Monitor Counters for the Initial Exchange Profile

Object	Counter
Memory	Pages/sec
	Page Faults/sec
	Available Bytes
	Committed Bytes
Process	Page Faults/sec
Paging File	% Usage
Logical Disk	Average Disk Queue Length
	Current Disk Queue Length
	Disk Reads/sec
	Disk Writes/sec
	Free Megabytes
Processor	% Processor Time
Process	% Processor Time (individual Exchange processes)
MSExchangeIS	User Count
MSExchangeIS Private (+Public)	Average Local Delivery Time
	Send Queue Size
	Receive Queue Size

Data Collection and Analysis Phase

For the data collection and analysis process, the most significant performance counters are provided in this section for both Windows NT 4.0 and Exchange servers. Background information on each counter and its relationship to other counters is also discussed.

Note Only a small subset of the counters used in the data collection process is used in the key performance monitors that continuously track the health of Exchange.

When using the counters specified for data collection, you create performance monitor charts that write performance data to log files. The duration of the logging process depends on user capacity. In most cases, the data collection period is a minimum of one day and a maximum of one week. It is important to consider counter sampling rate — the sampling frequency must be short enough to get a realistic average, but not so long that you run the risk of missing temporary spikes. In general, sampling ranges between 20 minutes and 120 minutes are suitable for data collection purposes.

Disk space requirements must also be considered since log file growth will vary proportionally with the sample frequency selected. Refer to the section ahead entitled "Configuring Log Files for the Data Collection Phase" for log configuring.

Critical Subsystem Monitors

On a Small Business Server installation, Exchange and Windows NT 4.0 Servers are tightly integrated. As a result, there are several areas of NT and Exchange that should be monitored. The critical subsystems are listed below.

• System Memory
• Disk I/O
• System CPU
• Information Store (IS)

The first three in the list above deal with standard Windows NT counters used to detect degradation in NT performance. The fourth deals with counters that monitor user access to the IS.

System Memory

System memory counters are used in detecting whether memory is a bottleneck in the Exchange system. If Exchange performance has degraded, monitor the system memory. CPU and disk I/O time may appear as a bottleneck, as a result of trying to mask a deficiency in system memory. The key to assessing memory performance is in determining how much the system is paging data in and out of memory. The relevant memory counters to watch are provided in the following table and described in the paragraphs that follow.

Table 27.2 Memory performance counters

Object	Counter
Memory	Pages/sec
	Page Faults/sec
	Available Bytes
	Committed Bytes
Process	Page Faults/sec
	Virtual Bytes
Paging File	% Usage

• Memory – Pages/sec. The total in and out paging activity. Paging occurs when an application references data not in its working set (physical memory). If this counter is consistently greater than 5, this is an early indication of a memory bottleneck.
• Memory – Page faults/sec. The actual number of times application data was not found in its physical memory working set and had to be paged from the disk. This counter should never display a consistently high single figure amount or a memory bottleneck is indicated.
• Memory – Available Bytes. The amount of physical memory still available to the system. For acceptable performance, we recommend a minimum of 4MB available on an Exchange server with less than 256MB of RAM.
• Memory – Committed Bytes. Indicates how much virtual memory space has been committed to an application. This counter must not exceed the overall size of the pagefile or it will indicate that too much application data has been committed to virtual memory space.
• Process – Page Faults/sec. Monitors individual processes to help identify which one is suffering the most from lack of virtual memory.
• Process – Virtual Bytes. Each process running on Small Business Server has 2GB of virtual memory available. If the store's virtual memory is approaching the limit, it may encounter an out-of-memory condition.
• Paging File – % Usage. Indicates how much of the page file is in use. Also determines if there is a possible memory bottleneck.

Note It is more reliable to set these counters at 3 to 5 second intervals so a clear average value is reached. If the pagefile has a usage greater than 50 to 60 percent with less than 25 percent memory available to the system, increase the RAM.

The detection of memory bottlenecks is covered in greater detail in Chapter 12 of the Windows NT Workstation Resource Guide.

Disk I/O

Exchange Server must be able to move information in and out of the three Exchange databases at the fastest possible speed. All Exchange database write transactions are first written to a transaction log and then committed to the database, once there is a sufficient amount of data ready to be committed.

Exchange cuts down on the necessity of requesting information from its databases by keeping the most recent data in buffer memory. If a piece of information is not in one of these buffers, Exchange must make a disk I/O request.

The relevant counters to monitor for disk I/O in relation to Exchange are provided in the following table. These disk counters should be collected every 5 or 10 seconds during a relatively short period of time (2 to 4 hours) during peak utilization.

Table 27.3 Disk I/O Counters

Object	Counter
LogicalDisk	Average Disk Queue Length
	Current Disk Queue Length
	Average Disk sec/Read
	Average Disk sec/Write
	Average Disk sec/Transfer
	Free Megabytes

• Average Disk Queue Length. The average queue length during the monitoring period. This value should not average more than 2 under normal operating conditions.

  Current Disk Queue Length. Interpreting this counter depends on the function of the logical disk being monitored. On most Exchange servers, there are two key logical disks — one for the transaction logs and the other for the Information Store. The Current Disk Queue Length is interpreted differently for each:

  1. Transaction logs. The log volume should never have a queue length above 1 since the I/Os are synchronous and single-threaded. It is unsafe to assume there is no disk performance problem if the queue length is below 1. It will never be above one in normal operations (not including backup operations). If a performance problem is detected on the log volume, the only real remedy is to employ a write-back cache.
  2. Information Store. The database volume can be subject to a burst of write operations every 30 seconds — up to a maximum of 64 seconds. In between two bursts, the only I/O activity is read operations. So you will get peaks above the acceptable queue length (which is generally the number of spindles divided by 2, every thirty seconds). If you do have a queue length larger that half of the spindles between the peaks, it means that you are short on read I/Os and that you should add more spindles. To shorten the duration of the peak queue length, you should use caching (write-back), and increase the number of spindles — or possibly shift from RAID5 to RAID0+1, if the RAID array controller is not very powerful.
• Average Disk sec/Read. Calculates the latency on disk reads. Increases from the calculated baselines are a good indicator there is a disk bottleneck.
• Average Disk sec/Write. Calculates the latency on disk writes. Increases from the calculated baselines are a good indicator there is a disk bottleneck.
• Average Disk sec/Transfer. Calculates the latency on disk transfers. Increases from the calculated baselines are a good indicator there is a disk bottleneck.
• Free Megabytes. This is a very important counter to use. Configure alerts on this counter so disks that contain Exchange databases or log files will issue an alert as soon as they approach capacity. Exchange shuts down if its log files or databases have no more space to grow.

System CPU

Abnormally high CPU utilization is typically a side effect of a problem with a separate system component such as the disk or network subsystems. Continuous high CPU utilization (over 80 percent) may also be attributed to software issues. It is therefore critical that the correct CPU is in use for the projected server load. The relevant counters that should be monitored to detect a CPU utilization problem are provided in the table below.

Table 27.4 CPU Utilization Counters

Object	Counter
Processor	% Processor Time
Process	% Processor Time (individual Exchange processes)
	Elapsed Time

• Processor – % Processor Time. The time that the processor is running active threads. If this value is consistently above 75 percent, the server is overloaded; take actions to lower this time, such as adding a second processor or changing the CPU.
• Process – % Processor Time. Individual processes can be tracked using this counter. This is key to identifying which particular process is causing high CPU utilization.
• Process – Elapsed Time. The total running time, in seconds, a process has been active. This can be used for overall system maintenance purposes. A zero value here indicates a non-active process.

Note When overall processor usage is showing a consistently high value, compare it against how many users are currently connected to the system. Do this by adding the MSExchangeIS – User Count counter to the performance monitor chart in question to correlate the information.

Information Store

The Information Store (IS) is the interface between the user and the Exchange Server. It is therefore critical that IS performance is measured continuously. Performance problems normally result in slower response times at the client and a lengthened message delivery time. It is imperative the Information Store is always available and performing at optimum performance levels.

IS performance is regularly impacted by problems with other Exchange core components. The IS uses the Directory service to look up user addresses and to retrieve information about a user, thus problems with the Directory service can have an impact on IS performance. The most relevant counters to monitor in relation to the Private and Public stores are provided in the following table.

Table 27.5 Information Store Counters

Object	Counter
MSExchangeIS	User Count
MSExchangeIS Private + Public	Average Time for local Delivery
	Send Queue Size
	Receive Queue Size
	Message Opens/sec
	Folder Opens/sec

• MSExchangeIS – User Count. The actual count of people (not connections) currently using the IS. Performance measurement must always be correlated with current user numbers.
• MSExchangeIS Private + Public – Average Time for Local Delivery. The average time it took for the last 10 messages to be submitted for local delivery within the IS. This counter should never remain at a nonzero value for longer than a few seconds.
• MSExchangeIS Private + Public – Send Queue Size. The queue of messages outbound from the IS. Under normal operating conditions, this queue rarely stays at a nonzero value for any significant duration.
• MSExchangeIS Private + Public – Receive Queue Size. The queue of all messages destined inbound for the IS. As with the Send Queue, this should also stay at a nonzero under normal operating conditions.
• MSExchangeIS Private + Public – Message Opens/sec. Shows how often users are opening messages. Peak load may show this coinciding with other system behavior.
• MSExchangeIS Private + Public – Folder Opens/sec. Shows how often users are opening public folders. Another good indicator of user activity.

Full Utilization of NT Performance Monitor

To maximize your utilization of the NT Performance Monitor, an in-depth technical knowledge of Windows NT and Exchange is helpful. Detailed information on the Performance Monitor is provided in Chapters 10 and 11 of the Windows NT Workstation Resource Guide.

Accessing Predefined Exchange Performance Monitors

The Exchange performance monitors included with Small Business Server 4.5 may be easily adapted to small business applications. Access these predefined monitors from the Start menu — point to Programs, click Exchange Server, and then select the performance monitor. Statistics displayed by these monitors can provide accurate performance data that helps the technology consultant determine where problems occur and when system expansion is required. The latter may be of particular interest to the growing small business. Observing these monitors also serves as training for the technology consultant.

Exchange Performance Monitor Configuration Phase

With profiles obtained from the data collection and analysis phase, you can apply meaningful counter thresholds to predefined Exchange performance monitors. Descriptions of the key Exchange performance monitors useful for Small Business Server and their related counters follows.

• Queue monitoring, including Internet Mail Service (IMS) and Server queue monitors.
• Server monitoring, including Server health, load, history, and user monitoring.

Queue Monitoring

An immediate indication of possible Exchange service interruption is a message queues buildup on the services responsible for routing messages. Queue monitoring involves tracking the IMS queue and the overall Exchange Server queue status.

IMS Queue

The following Performance Monitor chart shows inbound and outbound message queue activity for the IMS. The queue status for messages going out to the Internet may show where bottlenecks exist or if messages are being sent randomly. For the growing small business network, this monitor (along with the IMS Statistics and Traffic monitors) may indicate when a faster Internet connection is needed. The counters in this chart indicate the following:

• Queued Inbound. The number of messages from the Internet destined for the Exchange server.
• Queued Outbound. The number of messages from Exchange for delivery to the Internet.
• Queued MTS IN. The total number of messages awaiting final delivery in the Exchange Message Transaction Server (MTS).
• Queued MTS OUT. The total number of messages waiting to be converted to Internet mail format in the Exchange MTS.

Server Queue

The following Performance Monitor chart shows the send and receive message queue size for the Exchange Server, which may provide the technology consultant with an indication of overall message volume in Exchange. The counters in this chart indicate the following:

• Send Queue Size. The number of messages in the private or public information store's Send queue.
• Receive Queue Size. The number of messages in the private or public information store's Receive queue.

Server Health Monitoring

The server monitoring capabilities in Exchange help maintain system availability by enabling the technology consultant to monitor the general health of the Exchange Server. The Performance Monitor chart that follows is used for this purpose. The counters shown in the chart for the objects monitored indicate the following:

• System – % Total Processor Time. This counter is linked to the System object. It charts the total percentage of CPU utilization time of the system.
• Process – % Processor Time. This counter is linked to the Process object. Several counters are used in this monitor to chart the percentage CPU time of each Exchange core process. This chart is good for immediately identifying a process utilizing too much CPU time.
• Memory – Pages/sec. This counter is linked to the Memory object. This is the number of pages read from the disk, or written to the disk, to resolve memory references to pages that were not in memory at the time of the reference. This is the sum of Pages Input/sec and Pages Output/sec. This counter includes paging traffic on behalf of the system cache, to access file data for applications. This value also includes the pages to/from non-cached mapped memory files. This is the primary counter to observe if there is concern about excessive memory pressure and the excessive paging that may result.

Server History

This Performance Monitor chart provides a general overview of system performance. It displays the number of users currently on the system and it also charts the memory in and out paging rate. The counters shown in the chart for the objects monitored indicate the following:

• MSExchangeIS – User Count. The actual count of people (not connections) currently using the IS. Performance measurement must always be correlated with current user numbers.
• Memory – Pages/sec. The total in and out paging activity. Paging occurs when an application references data not in its working set (physical memory). If this counter is consistently greater than 5, this is an early indication of a memory bottleneck.

Server Load

This Performance Monitor chart goes deeper into Exchange Server functionality and tracks items such as address book usage and the number of messages being submitted and delivered. The counters shown in the chart for the objects monitored indicate the following:

• MSExchangeIS – Message Recipients Delivered/min. This is the rate at which recipients receive messages.
• MSExchangeIS – Messages Submitted/min. This is the rate that messages are submitted by clients.
• MSExchangeIS – RPC Packets/sec. This is the rate that (Remote Procedure Call) RPC packets are processed.
• MSExchangeDS – AB Browses/sec. This counter charts the rate at which Address Book clients perform browse operations.
• MSExchangeDS – AB Reads/sec. This counter charts the rate at which Address Book clients perform read operations.
• MSExchangeDS – ExDS Reads/sec. This is the rate at which Extended Directory Service clients perform read operations.

Server Users

This Performance Monitor chart uses the User Count counter to display the current number of users connected to the Exchange IS.

Creating Other Performance Monitors

If you wish to create other performance monitors for Exchange, you can use any of the monitors recommended from the data collection phase. Two important monitors you may want to consider adding are listed in the table below. This section covers creating a new Exchange performance monitor, options that may be set, and setting up an Exchange performance monitor alert.

Table 27.6 Suggested Additional Performance Monitors

Object	Counter
LogicalDisk	Free Megabytes
MSExchangeIS Private (+ Public)	Messages Submitted/min

Method for Creating a New Exchange Performance Monitor

You can create new Exchange performance monitors using selected objects and counters by following the procedure below.

To create a new Exchange performance monitor

1. Click Start, point to Programs, point to Administrative Tools (Common), and then click Performance Monitor to display the Performance Monitor utility.
2. On the File menu, click New Chart.
3. On the Edit menu, click Add to Chart to display the Add to Chart dialog box.

   From here, select the desired objects and counters (see "Creating Other Performance Monitors," above and refer to the Performance Monitor Help).

4. On the Options menu, select Chart to display the Chart Options dialog box for chart settings and parameters. See "Performance Monitor Chart Options" below for details.
5. On the File menu, click Save Chart Settings As to save the performance monitor chart.

For more details on creating performance monitors, refer to the "Performance Monitor Tool" section of Chapter 26, Administrative Tools.

Performance Monitor Chart Options

Exchange Performance Monitor chart options allow for several parameter variations when customizing monitoring features. Parameter variations may be introduced in new or existing performance monitors. The variables or options listed below appear in the Chart Options dialog box (on Performance Monitor Options menu, click Chart).

• Sample rate interval. Varies the rate at which the counter samples the object.
• Relative (vertical) amplitude settings. Sets the Performance Monitor chart vertical axis value.
• Grid configuration. Selects vertical and horizontal grid lines.
• Legend and value bar. Displays counters in use and statistics.

Note Other counters may be added to any performance monitor with the Edit menu, Add to Chart option. This option displays a dialog box that allows you to select an object to monitor and the type of counter used. If you need an explanation of counter functions, select the counter and click Explain. It may take some time to discover the usefulness and application of the many counters and objects available.

Performance Monitor Alerts

When a system event occurs, an alert can be sent to designated users or the technology consultant. For example, if you want to provide an alert when the Queued Outbound counter for the IMS exceeds a predefined threshold, you can configure the system to send it to the technology consultant or other recipient. Alerts are important for maintaining the availability of the system because the right people can be notified about problems that have occurred or about potential problems that are likely to occur.

Alert Mechanisms

The Performance Monitor tool has a flexible alert mechanism that specifies whether the alert does one of the following:

• Sends a network message. A network alert is sent to a specific computer or user logged on to the network.
• Updates an application log. Alerts are sent to the application log of the NT Event Viewer.
• Displays the alert view. The Alert dialog appears in real time and requires immediate attention.

Configuring a New Exchange Performance Monitor Alert

If you wish to configure an alert for an existing Exchange Server performance monitor, use the procedure below.

To create an Exchange performance monitor alert

1. On the View menu, click Alert to display the Alert dialog box.
2. On the Edit menu, click Add to Alert to display the Add to Alert dialog box.

   From here, select the alert threshold value and program to run (refer to the Performance Monitor Alert Help).

3. On the Options menu, select Alert to display the Alert Options dialog box for update time and alert notification settings.
4. On the File menu, click Save Alert Settings As to save the performance monitor alert.

For further details on setting up performance monitor alerts, refer to the "Configuring Performance Monitor Alerts" section of Chapter 26, Administrative Tools.

Windows NT Event Viewer and Alert Logging

The Windows NT part of Small Business Server provides a logging facility in which application, security, and system events can be recorded. The status of Exchange Server may be viewed locally with the Windows NT Event Viewer; Exchange-related events are written to the Application log.

When an alert condition is detected, various configurable actions may be taken. The most basic is to write to the NT Event log. The most complex is to call a program in which more advanced alert notification processes can be utilized (with a third-party extension). An example of an NT Event Viewer log follows.

Event Types

There are four types of Exchange events logged in the Event Viewer, as defined below. The icon on the left side of the Event Viewer screen classifies the event by type. Since each event type is unique, they are not combined.

• Error. A red stop sign icon, indicating significant problems, such as a loss of data or loss of functions. For example, an Error event might be logged if a service was not loaded during startup of Small Business Server.
• Warning. A red stop sign icon, indicating events that may pose future problems. For example, a Warning event might be logged when disk space is low.
• Information. An icon with an "i" encapsulated in a black circle. These are infrequent but significant events describing successful operations of major Small Business Server services. For example, when an information store program loads successfully, it may log an information event (if configured).
• Failure Audit. A "//" symbol, indicating audited security access attempts that failed. For example, if a user tried to access a network drive and failed, the attempt can be logged as a Failure Audit event (if configured).
• Success Audit. An icon of a key indicates audited security access attempts, such as when a user successfully logs on to the system.

Viewing Event Logs

Before using the Event Viewer to diagnose a problem, it is essential to be able to interpret the event that is logged. Event entries consist of three main parts, the header information, event description, and additional data. For Exchange logs, only the date, time, user, computer, and category are contained in the header. The components of an event log are described in the table below.

Table 27.7 Event Viewer Components

Event Section	Information	Meaning
Header	Date	Date the event occurred.
	Time	Time the event occurred.
	User	In Exchange, the user is commonly the service account ID, since this is the account the service logged in under.
	Computer	The name of the computer the event occurred on.
	Event ID	The numerical identification of the event for diagnostics and logging.
	Category	Signifies specific auditing categories — primarily used by the security log.
Description		Contains the information on the exact event that occurred.
Additional Data		At the bottom of the event, binary data can be displayed — used for advanced troubleshooting by Microsoft Technical Support.

Filtering Events

Filters may be applied to focus on certain types of events in the Event Viewer. For example, you may view only the Error events while excluding warnings, information, and audit events. The Event Viewer also allows you to filter events based on the source of the event. Events generated by Exchange services usually fall into the following groups:

• Internal configuration errors
• Directory access errors
• Internal operating system errors
• Internal processing errors

Searching for Events

The Search option of the Event Viewer is useful for finding specific events by Source or Category. It can perform individual searches with a granularity similar to the Filtering option. The Search feature is most beneficial when viewing events from a very large log file.

Diagnostics Logging

Diagnostics logging is probably the most powerful diagnostic feature built into Exchange. All Exchange components can be configured to varying diagnostic reporting levels. In most cases, once logging is enabled it is immediate and does not require any service restarts.

Diagnostics logging settings can be modified by displaying the properties for the Server object in the Exchange Administration program. Individual diagnostic logging settings can be modified by selecting the properties for each distinct object in the Configuration container.

Default Exchange Logging

By default, Exchange performs basic logging, which includes information events such as backup and restore success or failures, service initialization or shutdown, and background maintenance notifications. More importantly, it also logs events such as low disk space warnings or IS and Directory Services (DS) database errors. Exchange generally logs any errors or warnings that signify an event that may cause degradation or disruption of service.

Configuring Log Files for the Data Collection Phase

To implement the initial data collection phase, set up a log file for the counters specified earlier. The set up process for logs is identical, whether for the data collection phase or any period in which you collect statistical data for performance counters. Also, set up an alert log in the Performance Monitor to facilitate analysis of the data collected in the initial phase.

During normal Exchange operation in the network, alerts should also be reported to the NT Event Log in order to maintain an easily accessed record of alerts in real-time. The diagram that follows provides a functional overview of the processes involved when setting up Exchange logs for the initial data collection phase and thereafter.

Figure 27.3 Exchange logging processes

Displaying Performance Data in the Chart View

Use the Performance Monitor Chart view to see either current activity in real-time or logged data. When current activity is selected, the chart view begins tracking counter statistics from the point it is configured, for as long as the Performance Monitor chart view is open. When log data is displayed, the chart view shows the data captured from the point the log file was started, up until the current time of viewing (when data is extracted from the log file). Specific windows of time may be set to view counter statistics at points of the data collection period that are of particular importance.

Defining Windows of Data with Bookmarks

When data from a log file is being displayed in Performance Monitor Chart view, you can bookmark the data display within a particular window of time. Bookmarks are added only after the log file starts running. Bookmarks can only be set in real-time to mark intervals of particular interest during a data collection period. Bookmarks may be set up to support a granular analysis of the data collected, depending on how narrow the window of time you set.

After the bookmarks are set, implement them from the Time Window, accessed from the Edit menu of the Performance Monitor in Chart view — the window appears only when log file data is being displayed. When the bookmarks are entered into the Chart view data, markers first appear defining the start and end points of the data window. When you click OK in the Time Window, the horizontal excursions (time axis) of the chart view expands to display only the time interval you specified with the bookmarks.

Creating and Viewing Exchange Log Files

Use the following steps to set up and view log files for Exchange.

To create and view a log for the data collection phase

1. Click Start, point to Programs, point to Administrative Tools, and then click Performance Monitor to display the Performance Monitor chart view.
2. On the View menu, click Log to display the Performance Monitor log view.
3. On the Edit menu, select Add to Log to display the following Add to Log dialog box.

4. Select the object(s) you wish to monitor. Click Add and Done. The following dialog box appears to show you the objects you selected for monitoring.

5. On the Options menu, click Log to display the following Log Options dialog box.

   To create and save the Log file, follow the steps below.

   • Type the file name in File name.
   • Specify the interval for updating the log in Periodic Update.
   • Click Start Log to save the file and start logging data.
6. On the Options menu, click Bookmark to display the following Add Bookmark dialog box.

   

7. Set starting and ending times to define a real-time window in which you want to view data on the object selected — click Add for the start and end points at the appropriate moments in real-time. The text entered (time 1 in the example) is tagged by Performance Monitor with the current time.

   Note For example, in the initial data collection phase, you might set your first bookmark at the time logging is initialized. Then, when you want to view the data on the last day of the collection period, you enter a bookmark again at the moment in real-time that defines the upper limit of your time window. You can also enter multiple bookmark start and end points to define other windows in which you want to look at performance data during the data collection period.

   When a log is created, an object is selected and all the counters internally associated with it begin running. When you want to view the statistics of a particular counter, do the following:

   • On the View Menu, click Chart.
   • On the Options menu, click Data From to display the following Data From dialog box.

   

   • Select Log File and enter the name of the log file or browse for it. Click OK.
   • On the Edit menu, click Add to Chart to select the specific counter statistics you want to view. Click Add and Done. The performance of the counter over the entire period is displayed, starting from the point at which the logging was initialized.
   • On the Options menu, click Chart to configure the display parameters, if necessary.
   • To look at data only from within the time window you specified with the bookmarks, click Time Window on the Edit menu to display the following dialog box.

• Click Set as Start and Set as Stop to define the window where you want to observe the data. Click OK. The Chart view shows the counter statistics only within the window points you bookmarked. Adjust Chart display parameters if necessary.

Viewing Performance Monitor Alert Logs

Performance monitor alerts may be applied to the counter statistics gathered during the data collection period. When you set a threshold and apply it to a log file that has already run for a specific time period, you can view alerts related to specific counters that have recorded data in the log file. This provides an emulation of the alert profile that would have occurred if the counters viewed were actually set to provide real-time alert notification (as you would have when monitoring the normal operation of Exchange in the network).

This feature allows you to experiment and observe the alert log response to different threshold settings. This is helpful when trying to calculate the threshold levels you will need to establish in relation to your baseline Exchange performance profile. Once data is collected, an alert profile may be derived from the logs and viewed using the procedure that follows.

To view Alert logs

1. On the Performance Monitor View menu, click Alert.
2. On the Options menu, click Data From to display the following dialog box.

   

3. Type the name of the log file or browse for it, then click OK.
4. On the Edit menu, click Add to Alert to display the following Add to Alert dialog box. Select the counter(s) you want to observe and specify a certain threshold.

5. Click Add and Done. A mock alert record appears indicating the alerts occurring for the thresholds applied to the logged data.

   Note Change threshold values to generate other mock alert profiles.

Generating Reports

Report view can be used to select the current activity and display statistics for any counter in the system — use Add to Report for counter display. By selecting log, the report view displays only the counters for the objects in the log (entered when the log was first created). The report view provides a decimal readout value that dynamically tracks the chart view values, as shown below. Time windows may also be utilized in the report view.

Sending Performance Monitor Alerts to the NT Event Log

For the data collection phase and later on during routine monitoring, the Performance Monitor should be configured to report alerts to the NT Event log, in addition to the regular performance monitor alert log. This may be configured by editing a registry key setting. Refer to the Performance Monitor online Help for the procedure.

Memory Considerations for Logging

Before setting up log files, consider disk space requirements. Disk space for logs is consumed in proportion to the counter collection rate and the log file update interval. The items listed below have an impact on memory requirements; consider them when allocating disk space for log files. When data is being logged, the rate at which memory is used per the update interval is displayed in Performance Monitor log view.

• Counter sampling rate during the data collection period. The sampling rate is configurable in seconds from 20 to 120 minutes.
• Log update interval. Can be specified using values from 1 to 3600 seconds.
• Logging period during the data collection period. This is not a configurable parameter. The logging period ends at the discretion of the technology consultant, at whatever point it is decided to end the data collection period, from one day to a week.

Note The counter sampling rate is the interval at which data is collected on the counter. The logging interval is the rate at which the log file is updated. The logging interval should not be shorter than the counter sampling rate or some counter statistics may not be captured.

Proxy Server 2.0

Microsoft Proxy Server 2.0 is an extensible firewall with high performance content caching that provides secure and managed Internet access for client desktops in the small business organization. As an integrated application of Small Business Server 4.5, the Proxy Server platform is optimized for the typical small business application. When Small Business Server 4.5 is installed, Proxy Server is set up automatically to support this configuration. Refer to Part 5, Performance Optimization and Tuning of this resource kit for Proxy Server's default configuration.

Once Small Business Server is up and running, the console's Internet Access Wizard and User Resource Wizard allow management of Internet access permissions on a per-user basis. The wizards perform the steps necessary behind- the-scenes to create the corresponding permissions list configuration for Proxy Server.

To customize user Internet access permissions or to add other enhancements to the basic Proxy Server configuration, Proxy Server must be accessed as a stand-alone application on Small Business Server. By manually configuring Proxy Server, the technology consultant has a more comprehensive control of Proxy features, beyond what is done with console wizards.

This section discusses several Proxy features useful to the small business application, that can be configured manually by the technology consultant. This information is supplementary to the Proxy online documentation (available from the Start menu of Small Business Server). The material presented in this section is intended for enhancement of small business Internet access management, to supplement the technology consultant with knowledge of the applicable techniques required for these enhancements. Proxy Server performance monitoring is also discussed.

User Access Control

An issue that may concern small business organization management is how to manage employee Internet access in a highly selective manner. Sometimes management is concerned that too much time might be spent surfing the Internet, thus detracting from employee productivity. If this is the case, you may want to limit employee Internet activity on the small business network or deny unauthorized access altogether.

Microsoft Proxy Server 2.0 is an ideal way to address this situation. With Proxy Server, the technology consultant can exert the appropriate control over Internet and intranet resources. This access control can be applied to the entire small business organization or only to individual users.

For example, the technology consultant may allow Gopher and browser-based World Wide Web (WWW) access for all employees, but permit only certain managers to use the Internet for conferencing or other multimedia services. By configuring the access protocol for users, the technology consultant controls the type of resources they can access on the Internet.

NT Server Directory and User Access Control

Configuring user access permissions manually is identical for both the Web Proxy and Winsock Proxy services included with Small Business Server 4.5. User names and domain information of the Windows NT Server directory serves as the basis for user access control, since Proxy Server 2.0 is tightly integrated with this directory. As a result, the technology consultant does not have to maintain a separate database or directory of Internet users.

Manually Configuring User Outbound Internet Access

When a user goes out to the Internet, the Web Proxy service is used by default. This service has the basic Internet services and protocols available: File Transfer Protocol (FTP), Gopher, Secure Sockets Layer (SSL), and World Wide Web (WWW). The technology consultant can manually configure Internet access permissions using these protocols, as required.

If the technology consultant needs a more diverse selection of protocols to configure Windows client Internet access permissions, use the Winsock Proxy service, as specified in the steps below.

Note If you manually configure Internet access in the Winsock Proxy service using Groups, and then use the console wizards to change Internet access, the group permission will be removed and the group members at the time of the change will be given access.

To manually configure Winsock Proxy access permissions for a user

1. Click Start, point to Programs, point to Microsoft Proxy Server, and then click Microsoft Management Console to display the following IIS Console.

2. In the left pane, double-click the Internet Information Server folder.
3. Expand the Server icon, right-click Winsock Proxy, and then click Properties to display the following Winsock Proxy Service Properties page.

4. Select the Permissions tab, and then select Enable access control.

   Note Unlimited Access appears in the drop-down Protocol list by default, indicating the default user Internet access level.

5. From the drop-down Protocol list, select HTTP to limit the user to HTML-based resources on the Internet.
6. Click Edit to display the following HTTP Permissions dialog box.

7. Click Add to display the following Add Users and Groups dialog box.

8. Click Show Users to display the network users. Select a user and click Add. The name of each user you select appears in the Add Names pane at the bottom of the dialog box.
9. Click OK in the Add Users and Groups dialog box.
10. Click OK in the HTTP Permissions dialog box. All users configured with HTTP permissions appear in the Permissions tab Grant access to box.

11. Click Apply, and then click OK.

    Add other protocols to the newly created user permissions configuration per the following the steps. Each protocol allows the user to access different Internet resources.

    • On the Winsock Proxy Service Properties page, click on Copy To.
    • Select the protocol you want to add, and then click OK.
    • When finished, click Apply, and then click OK.

    Note Protocols may be removed from the user with the Remove From button in the Winsock Proxy Service Properties page.

12. Repeat the preceding steps for each user that requires modified permissions in the Winsock Proxy service.

Other Proxy Features

Several other Proxy features that may be of interest to the small business are found on the Proxy Service Properties dialog box Services tab. These are security, local address table, and current sessions, as shown in the Winsock Proxy Service Properties dialog box below. These features are discussed in the sections that follow.

Security

To display the Security dialog box with tabs for packet filtering, domain filtering, alerting, and logging, click Security in the Proxy Service Properties dialog box. The technology consultant may configure these services manually to enhance or customize the Proxy configuration in several different ways.

Dynamic Packet Filtering

Packet filtering is a security feature of Proxy Serve 2.0. When enabled, all ports in the firewall are closed until they are opened by an access request. After the request, the ports are shut again unless a response is required, in which case, the port will stay open — up until the time the request is received. When a request opens a port, only certain types of packets are allowed to be interchanged at the external interface, depending on the protocols specified. If packet filtering is enabled with the Internet Connectivity Wizard, it is selected in the Packet Filters tab, as shown below. You may also manually enable or disable packet filtering on the Packet Filters tab.

You can edit, remove, or create new packet filters in the Exceptions list shown below — refer to the online Help and Part 7, Security of this resource kit for more information. Filters appearing in the Exceptions list contain the only protocols recognized by Proxy Server 2.0 when an access request to the small business network is received.

Alerting

When packet filtering is enabled by the Internet Connection Wizard, alerting on rejected packets is also enabled by default. When alerts occur on rejected packets, it is usually a sign that a network intruder is trying to breach the server (even though the ports are closed, they are still monitored). On the following Alerting tab, the technology consultant can set the threshold for the number of packet rejection events that occur before a system-level event is reported.

Alerts are reported to the NT Event Viewer, which the technology consultant should monitor regularly — especially for attempted intrusion events. Alert notification may be sent by Simple Mail Transfer Protocol (SMTP) mail to an appropriate recipient. Click Configure Mail to display the following Configure Mail Alerting dialog box.

In the Configure Mail Alerting dialog box, click Help for assistance when configuring the e-mail alert. It is strongly recommended to send e-mail alerts to an internal mail server and not to a mail server on the Internet. Sending an e-mail alert on a path that may be under attack is not advised.

Before configuring the e-mail alert, make sure a new user mail account is created (or an existing mail account is used). Use the Small Business Server Online Guide for help.

Domain Filters

This Proxy feature lets the technology consultant selectively deny or allow small business network access to specific web sites, computers, or groups of computers. This filtering feature applies to web sites on the Internet or on the small business intranet. The technology consultant has the ability to indicate a specific Internet Protocol (IP) address, a range of IP addresses for a group of computers, or a domain name for any Proxy service (Web, Winsock, or SOCKS). Defaults can be set to grant access with exceptions or to deny access with exceptions. Follow the steps below to create a site filter.

To create a site filter

1. Click Start, point to Programs, point to Proxy Server, and then click Microsoft Management Console to display the IIS Console.
2. In the left pane, double-click the Internet Information Server folder.
3. Expand the Server icon, right-click the required Proxy service, and then click Properties to display the Proxy Service Properties page.
4. Select the Service tab, and then click Security to display the following Security dialog box.

5. Select the Domain Filters tab, and then select Enable filtering.
6. Select Granted to set the default access. If access is to be granted to only a few Internet sites, then select Denied.

   Note If Granted is selected, use the Deny Access To dialog box to specify an Internet site that no users in the small business network are allowed to access. If Denied is selected, use the Grant Access To dialog box to specify an Internet site that all users are allowed to access.

7. Click Add to enter the excluded sites in the exception box. The Deny Access To dialog box shown below is displayed.

   This dialog gives you several choices. You can block a group of IP addresses, an entire domain, or a single address. If you select Single Computer, the button with three dots to the right of the IP address box displays the DNS Lookup dialog box. This is useful if you know a site's name, but not its IP address.

8. Click OK and Apply to enable the access settings.

Note When you use the Winsock Proxy service, filtering by domain name does not affect Internet requests when the client application accesses a site using an IP address. To effectively filter a site, you may find it useful to create filters both on the domain name and the IP address.

Value-Added Site Filtering Services

With new web sites going live every day, it can be an ongoing challenge for a technology consultant to know the address of each and every Internet site having material that should be filtered for users. This has initiated the development of value-added services that complement the core site-filtering features of Microsoft Proxy Server 2.0.

Third-Party Filtering Services

Third-party solution developers utilizing the extensibility of Proxy Server can offer subscription services that essentially plug in to Proxy Server site filtering. For example, with these services a technology consultant does not need to know the web address for each and every undesirable web site in order to deny user access to those sites. Instead, the technology consultant can use a simple checkbox to select the categories of web content to be filtered. The third-party companies offering filtering services keep continuously updated lists of those sites by category, as a value-added service.

Logging

Proxy reports are generated from Proxy log files and displayed on an HTML page using the generate Internet reports taskpad on the Small Business Server console, as described in Chapter 26, Administrative Tools. On the following Logging tab, the technology consultant may configure several Proxy log file parameters useful to the small business.

Log Files and Hard Disk Space Usage

Log files generated by Proxy consist not only of those used for displaying Internet reports on the console, but also of packet rejection alerts that are sent to the NT Event Viewer. Proxy logs contribute to the usage of hard disk space, which can fill up quickly depending on the rate at which events are logged.

On the Logging tab, the technology consultant can limit the logging rate with the Automatically open new log drop-down menu. To curtail disk space consumption, the logging rate should be changed to a longer interval (weekly or monthly). The number of old log files retained may also be limited as another measure to conserve disk space. Select the Limit the number of old log files to box and type a number in the data entry box. Adjust these parameters for all applicable Proxy services accessed in the IIS root directory.

Important Do not change the default location of the Proxy log file directory since this is used to find the data for generating Internet reports displayed on the Small Business Server console. The default log directory is also accessed by the Server Status Tool when it generates reports to send to the technology consultant.

Proxy Local Address Table

The Local Address Table (LAT) maintains a record of the IP address range that spans the internal network address space used by the Dynamic Host Configuration Protocol (DHCP) Server. This tells Proxy Server whether client-requested IP addresses are to be found on the intranet or Internet, so appropriate routing may occur. When a client in the small business network makes a Unified Resource Locator (URL) request from the Internet, the LAT tells Proxy Server to route that request outside the local address space and to the Internet. When the resource is retrieved, Proxy Server consults the LAT, which then tells it where to route the request so it reaches the network client who asked for it.

The Transmission Control Protocol/Internet Protocol (TCP/IP) address of Small Business Server is set by default to 10.0.0.2. The IP address range in the Proxy LAT is also configured by default during Small Business Server setup. The only time the LAT may need to be reconfigured is if the base IP address of Small Business Server is changed. If this is required, the IP address range in the LAT must be changed for compatibility with the new base IP address of the server. This is also necessary since the LAT enables Proxy Server to distinguish between internal nonroutable network IP addresses and external (Internet-routable) IP addresses. This is a security feature that prevents direct client connection with Internet hosts (having external IP addresses). Before the LAT is modified, the DHCP Server scope must be changed to accommodate the new IP address range. The appropriate changes to the LAT can then be added automatically by the Local Address Table Configuration dialog box Construct Table button\refer to the section ahead entitled "Updating the Proxy LAT."

The sections that follow describe how to change the TCP/IP address of Small Business Server 4.5 manually and how to reconfigure the LAT.

Before Beginning Update Procedures

Before changing the Small Business Servers default TCP/IP address, make a complete backup of Small Business Server files and create an Emergency Repair Disk. Refer to the Online Guide for backup procedures. Use the Small Business Server Console Manage Disks page to create an Emergency Repair Disk. After backup and disk creation, but before the updates to the default TCP/IP address are made, inform users the server will be unavailable during the update process.

Disconnecting All Users

Users need advance notice that the server will not be available for a period of time in order to plan their use of server resources accordingly. Also, all users must be disconnected from the server and all queued mail must be sent before changing the server IP address. Perform the following steps to accomplish this.

To warn users of the Small Business Server shutdown

1. On the Start menu, point to Programs, Administrative Tools, then click Server Manager to display the Server Manager utility.
2. On the Computer menu, click Send Message to display the following Send Message dialog box.

3. Compose and send a message warning users that the server is shutting down. Be sure to give them time to close any open files and save their work to the server.

   Note Winpopup must be running on the Windows 95 client computers to receive system messages. If Winpopup is not running, either start the program on the client computers or inform users in another manner that the server will be shutting down.

To disconnect all users

1. On the Small Business Server Console Manage Users page, click the manage connected users taskpad.
2. Click Disconnect All Users to disconnect all current user sessions.

Changing the Default TCP/IP Address

There are several components of the Small Business Server that use the default TCP/IP address. In order to change the default TCP/IP address, it is important that the appropriate changes are made to each of the dependent components. The following sections describe the modifications that must be made.

Updating the DHCP Server

A DHCP Server provides the ability to dynamically assign IP addresses to DHCP clients. If a DHCP Server is being used to assign IP addresses to clients in the small business network, then the DHCP Server's scope will need to be changed on the Small Business Server to give out IP addresses valid for the IP subnet. If a static IP address is to be used, then the DHCP Server should be disabled. Perform the steps of the appropriate procedure below.

To update the DHCP Server with a new base IP address

1. On the Start menu, point to Programs, Administrative Tools, then click DCHP Manager to display the DHCP Manager utility.
2. Double-click on Local Machine to display [10.0.0.0]Default Subnet as shown below.

3. From the Scope menu, select Properties to display the following Scope Properties dialog box.

4. Update the IP Address Pool details: Start Address, End Address, Subnet Mask, and Exclusion Range.
5. Click OK and exit the DHCP Manager.

   Note For further information on configuring DHCP Server scope, see the article "How to Configure Your DHCP Server Scope" at the following web address:
   http://support.microsoft.com/support/kb/articles/q139/9/04.asp

To disable the DHCP server

1. On the Start menu, point to Settings, then click Control Panel.
2. Double-click Network to display the following Network utility.

   

3. On the Services tab, select Microsoft DHCP Server.
4. Click Remove to remove the DCHP Server.

Updating the Remote Access Server

By default, Small Business Server's Remote Access Server (RAS) is setup to give out IP addresses gathered from the DHCP Server. RAS stores the addresses in the registry. To clear out these addresses and to reference more information on this topic, see the following two articles:

• "RAS Server Assigns Cached IP Addresses to RAS Clients" at:
  http://support.microsoft.com/support/kb/articles/q124/3/58.asp
• "Understanding DHCP IP Address Assignment for RAS Clients" at:
  http://support.microsoft.com/support/kb/articles/q160/6/99.asp

Note If you configure RAS to use a static pool, make sure the range you use is in the Proxy Server LAT.

Updating the TCP/IP Property Settings

The server's IP address, subnet mask, default gateway, and WINS server settings must be updated in the TCP/IP property settings. Use the steps that follow to configure these components.

To change the TCP/IP property settings

1. On the Start menu, point to Settings, then click Control Panel.
2. From Control Panel, double-click Network to display the following Network utility.

   

3. Select the Protocols tab, TCP/IP protocol, then click Properties.
4. In TCP/IP Properties, select the WINS Address tab, then set the Primary and Secondary WINS Server addresses to Small Business Server's new IP address.
5. Select the IP Address tab, then highlight the internal network adapter to which the new IP address will be binded.
6. In the IP Address text field, change the IP address of Small Business Server to the new IP address.
7. In the Subnet Mask text field, change the Subnet Mask (if necessary).
8. If Small Business Server dials an ISP for Internet access, clear the Default Gateway text field.
9. Click on OK and exit.
10. Click Yes to restart the server when asked.

Updating Existing Small Business Server Client Machines

After the server has been reconfigured with the new IP address, the client machines must also be updated with a new IP address and Proxy Server settings.

Updating the Small Business Server Client IP Address

The Small Business Server client machine IP addresses only need to be updated if the client machines are using DHCP to obtain an IP address.

To verify whether the client machine is using DHCP

1. On the client machine, go to the Start menu, point to Settings, then click Control Panel.
2. Double-click Network to display the Network utility. Select the Configuration tab.
3. For Windows 95/98 machines, select TCP/IP - network card (the name of your network card), then click Properties to display the following TCP/IP Properties dialog box.

   

4. For NT Workstation client machines, select the Protocols tab, select the TCP/IP protocol, then click Properties to display the TCP/IP Properties dialog box.
5. In TCP/IP Properties, select the IP Address tab, then verify that Obtain an IP address automatically is selected.
6. Click OK to exit.

To update client machines using DHCP

If the client machine is running Windows 95/98, perform the following steps:

• On the Start menu, click Run, type winipcfg in the Open text field, then click OK.
• In the IP Configuration dialog box shown below, make sure your network card is selected in the drop-down list. Click Release All.
• Once the IP address is released (displays as 0.0.0.0), click Renew All.
• Verify that an IP address from Small Business Server's DHCP server appears in the IP Address field, and that it is on the new IP subnet.



If the client machine is running Windows NT Workstation, perform the following steps:

• On the Start menu, click Run, type cmd in the Open text field, then click OK.
• At the command prompt, type the following commands:

  ipconfig /release all, then press ENTER

  ipconfig /renew all, then press ENTER

• To verify the new IP address, type:

  ipconfig, then press ENTER

Updating the Winsock Proxy Client

The Winsock Proxy client must be updated for compatibility with the new IP address.

To update the Winsock Proxy Client

1. Copy the updated Mspclnt.ini file in Small Business Server %systemroot%\Msp\Clients to the client machine's %systemdrive%\Mspclnt directory.
2. Restart the client machine.

Updating Internet Explorer's Proxy Settings

For each user logging on to a Small Business Server client machine, or Small Business Server itself, Internet Explorer must be set to go to Small Business Server's new IP address. Perform the steps below to configure Internet Explorer.

To verify that the client machine goes to the new IP address

1. Logon to the Small Business Server client machine as the user.
2. Right-click Internet Explorer on the desktop, then click Properties to display the following Internet Properties dialog box.

3. On the Connection tab under Proxy server, make sure Access the Internet using a proxy server is selected.
4. Verify that Small Business Server's new IP address appears in the Address text field. If not, change it to match the new IP address or server name.

Updating the Proxy LAT: Using Construct Table

In order to ensure that Proxy Server knows which addresses are on the small business LAN, the Proxy Local Address Table must be updated. Use the steps that follow to update the Local Address Table.

Note The LAT is used by all Proxy services. Configuring the LAT for one Proxy service, configures it for all.

To update the LAT using Construct Table

1. Click Start, point to Programs, Microsoft Proxy Server, then click Microsoft Management Console to display the IIS Console.
2. In the left pane, double-click the Internet Information Server folder.
3. Expand the Server icon, right-click the Winsock Proxy service, then click Properties to display the following Winsock Proxy Service Properties dialog box.

4. On the Services tab, click Local Address Table to display the following Local Address Table Configuration dialog box.

5. To add the new range of internal IP addresses configured in the DHCP Server, click Construct Table to display the following Construct Local Address Table dialog box.

   Note When using the Construct Local Address Table dialog box, the DHCP IP address range, private IP address ranges, and those found in the NT Internal Routing Table are all added to the Proxy LAT by default. The routing table includes addresses that are bound to all network adapter cards in the system. The IP addresses that are of interest in the LAT are the ones bound to the internal network adapter cards. IP addresses bound to external network adapter cards are routable Internet IP addresses which do not belong in the Proxy LAT.

6. If you can identify the internal network adapter, configure the Construct Local Address Table dialog box to take the address range directly from this card by selecting Load known address ranges from the following IP interface cards — then place a check mark next to the internal network adapter card in use.
7. If you cannot identify the internal network adapter, select Load known address ranges from all IP interface cards.
8. Click OK in the Construct Local Address Table screen. The newly configured IP address range for the DHCP Server will be consulted and the address values will be automatically added to the Proxy LAT.
9. Click OK to the Setup Message.

   If you selected Load known address ranges from all IP interface cards in this procedure, IP addresses bound to the external network adapter are loaded into the Proxy LAT. In the Local Address Table Configuration dialog box, select the external IP addresses and click Remove to delete them.

10. Click OK and restart Small Business Server for the changes to take effect.

Manually Updating the Proxy LAT: Without Using Construct Table

If you want to add only the range of IP addresses configured in the DHCP Scope Properties dialog box, without the private address ranges or those binded to external network adapter cards, you may configure the LAT manually without using the Construct Table button. Follow the steps below to configure the Proxy LAT manually.

Note The LAT is used by all Proxy services. Configuring the LAT for one Proxy service, configures it for all.

To update the Proxy LAT manually

1. On the Start menu, point to Programs, Proxy Server, then click Microsoft Management Console to display the IIS Console.
2. In the left pane, double-click the Internet Information Server folder.
3. Expand the Server icon, right-click the Winsock Proxy service, then click Properties to display the following Winsock Proxy Service Properties dialog box.

4. On the Service tab, click the Local Address Table button to display the Local Address Table Configuration dialog box.
5. In the Edit From and To text fields, enter the correct range of IP addresses for the network. Use the values configured in the DHCP Scope Properties dialog box (refer to the earlier section entitled "Updating the DHCP Server").

   Note For example, if the IP address for the DHCP Server is to be changed to use a 169.254.1.1 IP address, with a subnet mask of 255.255.255.0, then the LAT should include an IP address range of 169.254.1.0 — 169.254.1.255.

6. Click Add to enter the new range in the Internal IP ranges box.
7. Click OK and exit all dialog boxes.

Viewing Active Internet Sessions

The technology consultant can monitor Proxy Server active sessions via the Proxy Service Properties dialog box Services tab. Use the steps that follow to view the active Internet sessions.

To view active Internet sessions

1. On the Start menu, point to Programs, Proxy Server, then click Microsoft Management Console to display the IIS Console.
2. In the left pane, double-click the Internet Information Server folder.
3. Expand the Server icon, right-click the Winsock Proxy service, then click Properties to display the following Winsock Proxy Service Properties dialog box.

4. On the Service tab, click Current Sessions to display the following User Sessions dialog box.

5. From here, you can view the users connected to the Internet, their nonroutable IP address, and the time the Internet session started. Select the other radio buttons to view the Internet sessions in progress for each Proxy service. Click Close and exit all dialog boxes when finished.

Caching

Caching is enabled by default during Small Business Server setup. It may be manually modified in the Web Proxy Service Properties dialog box shown below. Caching helps to minimize the number of Internet accesses on frequently visited sites. However, it is not recommended that small businesses use the Enable active caching option, since this results in nonstop dial-ups at regular intervals to the Internet to update the cached sites.

Cache Size

The size of the cache may be limited to conserve disk space. Click Cache Size to display the following Proxy Server Cache Drives dialog box, then set the cache's maximum size, in megabytes.

Using FTP

FTP for inbound requests from the Internet is not installed by default in Small Business Server 4.5 setup, although an optional installation procedure is provided in the Getting Started guide. Only FTP Read service is enabled on Small Business Server 4.5 for outbound requests.

In order to use the FTP protocol for inbound requests into the small business network, the FTP service must be installed and the FTP default site properties must be configured. When installed, site properties are accessed in the IIS Console by right-clicking on Default FTP Site to display the Properties dialog box. Refer to the online Help supplied with the service to configure the FTP site. Site properties that must be configured follow.

Note The technology consultant should be aware that using the FTP protocol with a full-time Internet connection to accommodate inbound requests poses a security risk to the small business network. However, this is not an issue for typical Small Business Server installations where the ISP hosts the web site.

• FTP Site property sheet. Used for configuring FTP Site identification, maximum connections, and logging.
• Security Accounts property sheet. Used for configuring anonymous access and FTP Site operators.
• Messages property sheet. Used for configuring welcome, exit, and maximum connection messages.
• Home Directory property sheet. Used for configuring home directory and directory listing style.
• Directory Security property sheet. Used for configuring access restrictions.

Configuring Performance Monitor Alerts for Proxy Services

Microsoft Proxy Server 2.0 is heavily instrumented for performance counters. Several of these can be set up for Proxy services to monitor Internet-related activities on the server and provide performance data and alerts, meaningful to the small business application. These include performance monitors for the Web Proxy and Winsock Proxy services, which are discussed in this section.

Web Proxy Service Performance Monitor Alerts

Some performance monitor counters for Web Proxy capacity that may be applied to Small Business Server are listed below. Additional performance monitors may be configured using some of the other Web Proxy counters. When choosing other counters in the Add to Alert dialog box, click Explain for a description of the selected counter. Refer to the "Performance Monitor Tool" section in Chapter 26, Administrative Tools, for general information on how to set up a performance monitor alert or refer to the Performance Monitor online Help for more information.

• Cache Hit Ratio (%). The percentage of requests served using cached data, out of the total number of requests to the Web Proxy Server. This statistic can help the technology consultant determine whether caching is being effectively utilized in the small business network. The statistics of this counter indicate the hit rate for objects in the cache. A suggested threshold for this counter is 50 percent. If you have a large number of users and a hit ratio of less than 50 percent, you might consider adding more cache space.
• DNS Cache Hits (%). The percentage of Domain Name Service (DNS) domain names served from the Web Proxy Server cache, from the total of all DNS entries retrieved by the Web Proxy Server. The threshold for this counter should be set close to 90 percent. If the system does not meet this criteria, more DNS cache space may be required.
• HTTP Requests. The number of HTTP requests made to the Web Proxy Server. This statistic can give the technology consultant a profile on the number of HTTP requests made by users with permission to access this type of web resource through the Web Proxy service.
• Current Users. Number of users currently connected to the Web Proxy Server.
• Maximum Users. The maximum number of users connected to the Web Proxy Server simultaneously.
• Sites Granted. The total number of Internet sites to which the Web Proxy Server has granted access.
• Thread Pool Failures. The number of requests rejected because the thread pool was over committed.
• Total Cache Fetches. The total number of requests served by using cached data from the Web Proxy Server cache.
• Total Requests. The total number of requests ever made to Web Proxy Server.

Winsock Proxy Service Performance Monitor Alerts

Of all the counters available for the Winsock Proxy service, those described below are the most suitable for setting up performance monitor alerts, while others (discussed in "Other Winsock Proxy Performance Monitors") are better used for informative purposes. Descriptions of how counter thresholds may be applied to the performance monitors are discussed.

• Active TCP Connections counter. Registers the total number of active Transmission Control Protocol (TCP) connections currently passing data. Connections that are pending or not yet established are counted elsewhere. This counter provides a more accurate resolution of active connection count than the Active Sessions counter, since with the latter, users are still considered connected for at least 20 minutes after they have actually disconnected from their Internet session. The Active TCP Connections counter registers only users that are actually connected and currently passing data.

  An alert set up for this counter may help the technology consultant detect when there is too much Internet traffic for current modem capacity, thus providing an indication that a faster Internet connection is needed in the small business network. The value for the alert threshold of this counter should be set at a critical point where internet access time starts to become slower than what is tolerable for the network. It may take some experimentation to determine this value, since it is dependent upon variables such as the speed of the modem in use.

• Active Sessions counter. Registers the total number of active sessions for WinSock Proxy service. This provides the technology consultant with an indication of the total number of Winsock clients in the network making connections to the Internet, thus helping to develop an overall client Internet usage profile. The value for the threshold of this counter can be set at a level that alerts the technology consultant when a specified number of active connections has been exceeded.

  Note The technology consultant can use the Active Sessions counter (or the Active TCP Connections counter) to track extended client Internet sessions or to determine when a client has left their workstation unattended for too long with a live internet connection in progress.

• DNS Cache Entries counter. The current number of DNS domain name entries cached by the Web Proxy Server. When DNS names are cached, it allows IP address mapping to be done from the cache (by WINS) without going to a DNS server at the ISP. This saves web site access time for the small business network. The DNS Cache Entries counter registers the number of DNS domain names requested by Small Business Server clients.

  Since the DNS Cache Entries counter contributes to consumption of allocated cache disk space, the technology consultant may want to be notified before too many DNS domain names are cached. To do this configure a performance monitor alert and set the alert threshold for the DNS Cache Entries counter to correspond with the level at which currently allocated cache memory space is near full. Note that cache memory size is allocated using the Web Proxy Properties dialog box Caching tab.

Other Winsock Proxy Performance Monitors

The counters described below are linked to the Winsock Proxy object. Configuring these counters with an alert is not necessarily meaningful, however, they may be viewed periodically at the discretion of the technology consultant to provide indications of system performance.

• DNS Cache Hits. Registers the total number of times a DNS domain name was found in the DNS cache. This identifies the most frequented web sites accessed from the small business network.
• Pending DNS Resolutions. Registers the number of gethostbyname and gethostbyaddr API calls pending resolution. These calls are used to resolve host DNS domain names and IP addresses for Winsock Proxy connections. As such, this counter basically indicates how many calls are queued up awaiting to be resolved. This may give the technology consultant an indication when a bottleneck in DNS resolutions is causing an increase in Internet access time for small business network users.
• Bytes Read/second. Registers the number of bytes read per second by the data pump. Along with the Bytes Written counter, this gives an overall indication of byte traffic across Winsock Proxy connections.
• Bytes Written/second. Registers the number of bytes written per second by the data pump. Along with the Bytes Read counter, this gives an overall indication of byte traffic across Winsock Proxy connections.

Creating Proxy Performance Monitors

Create Proxy performance monitors using the steps that follow. To configure alerts for these performance monitors, follow the procedures generally in "Creating an Alert" in Chapter 26, Administrative Tools.

To create a Proxy performance monitor

1. On the Start menu, point to Programs, Administrative Tools, then click Performance Monitor to display the following Performance Monitor utility.

2. On the Edit menu, select Add to Chart to display the following Add to Chart dialog box.

3. Select the Winsock Proxy Server Object, then highlight and click Add for all counters you want to use. You can add all the counters into one performance monitor since each one is tracked by a different color coding, or you can create separate performance monitors for each counter if desired. When finished, click Done.

   Note You can configure separate performance monitors for up to 25 network client workstations by browsing for client machines using the Computer U (ellipsis) button. These machines must be running Windows NT Workstation or the Performance Monitor will not work.

4. In Performance Monitor chart view, on the Options menu, select Chart to display the following Chart Options dialog box.

   

5. Customize the chart(s) for the counters you are using, then click OK.
6. In the Add to Chart dialog box, click Add and then Done when you are finished. The Performance Monitor will begin registering the counter statistics you configured.
7. On the File menu, click Save Chart Settings and store the file in a convenient location. Name the file according to its function for ease of identification later. The technology consultant may want to create a desktop folder for easy access to important performance monitors.

Viewing Proxy Performance Monitors

When you want to view an instance of Proxy performance, you can retrieve the performance monitor file you configured using the following steps.

To view a Proxy performance monitor

1. On the Start menu, point to Programs, Administrative Tools, then click Performance Monitor to display the Performance Monitor utility.
2. On the File menu, click Open to display the following Performance Monitor - File Open dialog box.

3. Locate the desired Proxy performance monitor in the directory where it was stored, then click Open.
4. The Proxy performance monitor will be launched displaying the statistics collected by configured counters.

Proxy Performance Logs

If you want to monitor and assess Proxy performance over a certain period of time, set up a log file using the counters discussed earlier. To do this, the log file must be properly configured. The section "Creating and Viewing Exchange Log Files" earlier in this chapter, contains the general guidelines you need for configuring a Proxy performance monitor log file. When log file creation is complete, leave the Performance Monitor utility up and running to collect the data. When the Performance Monitor is closed, it ceases to collect data on performance counters.

Note Proxy performance monitor logs are not the same as the Proxy logs used to display Proxy reports on the Small Business Server Console (using the generate Internet reports taskpad).

SQL Server 7.0

Small Business Server 4.5 is provided with SQL Server^™ 7.0. The SQL Server application contains a single database engine that scales to deliver solutions spanning from mobile laptops running Windows 95/98, to small user group applications, all the way up to terabyte symmetric multiprocessor clustering environments. As the small business expands, SQL Server 7.0 easily supports growth in transactions, data handling, and users while maintaining the security and reliability necessary for mission-critical business systems.

Upsizing Access to SQL Server 7.0

The small business may already be using an early version of Microsoft Access as a client database, or may want to create an Access 2000 prototype database using the Microsoft Data Engine (MSDE) before migrating to SQL 7.0. Microsoft Access 2000, included with Office 2000, is a powerful relational database application that targets the desktop category and works best for individuals and workgroups managing data in the order of megabytes. Microsoft Access also allows multiuser access to the same database using file-server architecture (rather than client-server architecture). However, when the small business (using Access 2000 or earlier) encounters one of the following situations, upgrading to SQL Server 7.0 is recommended:

• The database expands to over two GB.
• The database must support a mission-critical application.
• The application's usage grows beyond the individual or small group it was intended to support.
• The data needs to be accessed through the Internet.
• The application requires a more comprehensive security infrastructure.

SQL Server 7.0 resolves these problems for the small business owner. It provides scalability, advanced database management, replication, advanced and easy-to-manage security features, and Web-page building wizards to support the small business application. When migrating data to Microsoft SQL Server 7.0, the small business can continue to use Access as the development environment or the database application can be redeveloped using Visual Studio®.

When expansion to SQL Server 7.0 is imminent, Access 2000 can easily migrate to SQL since MSDE is completely compatible with the SQL Server 7.0 code base. Earlier versions of Access can also migrate to SQL Server 7.0, although an Upsizing Tool is required and some Access functionalities are impaired in the migration.

Small Business Database Scenarios

One of the scenarios below may apply to database planning in the small business network. Depending on the scenario, follow the directives specified below to prepare for implementation of the small business database.

• A new database application will be created using SQL Server 7.0.

  Refer to SQL Server 7.0 online documentation for information on setting up a database and to the SQL Server web site for various white papers at:
  http://www.microsoft.com/sql

• An existing Access database will be migrated over to SQL Server 7.0.

  If an Access database (Office 97 or earlier) exists and you want to migrate to SQL Server 7.0, obtain information about Microsoft's Upsizing Tool at the following web site: http://premium.microsoft.com/da_smallbiz/tech/archive/tip_98_0515.htm

  As an alternative to using the Upsizing Tool, you can accomplish a seamless migration of earlier Access applications to SQL Server 7.0, by first upgrading to Access 2000 and then using the Upsizing Wizard included with Microsoft Office 2000. Refer to Part 8, Migration and Upgrade of this resource kit for Access 2000 to SQL Server 7.0 migration procedures.

• An existing Btrieve database will be migrated over to SQL Server 7.0.

  Refer to the Microsoft Direct Access web site at the following address to obtain the download for the Btrieve to SQL Server 7.0 Migration Guide: http://www.microsoft.com/directaccess/prodinfo/sql/btrieve.htm

• Access 2000 will serve as the new database.

  If you are planning to use Access 2000 as your new database in the small business network and future expansion is anticipated, MSDE should be used instead of Jet 4.0. This will better accommodate migration to SQL 7.0 when the small business has expanded to the point where it can utilize the robust features of SQL Server. Refer to Part 9, Developing Small Business Server Solutions, of this resource kit, for scalability advantages of using MSDE with Access for application development. Refer to Access 2000 online documentation for setting up a database.

• When you are ready to upsize to SQL Server 7.0, the Access 2000 Upsizing Wizard (available with Microsoft Office 2000) may be used to move Access tables and queries into SQL Server 7.0. Refer to Part 8, Migration and Upgrade of this resource kit for Access 2000 migration procedures.

SQL Server 7.0 Administration

Whether you have developed a new database application for SQL Server 7.0 or you have migrated Access to SQL 7.0, all the administrative techniques necessary for a small business implementation are found in the SQL online documentation provided with Small Business Server 4.5.

The online SQL documentation also describes key counter statistics recorded by predefined performance monitors for SQL 7.0. The performance monitors which gather this data are discussed, along with how to set them up for alert notification when critical operating threshold points are exceeded. This enables the technology consultant to oversee the health and status of the server and to be notified of trends in server usage that are problematic.

NTFS and FAT Volume Security

Small Business Server must be installed on a Windows NT File System (NTFS) partition. If you choose to install it on a FAT partition, setup will auto-correct the partition to NTFS. Small Business Server requires NTFS so that permissions can be used to protect individual files. This protection can be applied for access locally (at the workstation or server where the file is stored), or for Internet access. This provides exceptional performance, reliability, networking, and security for file sharing over FAT partitions.

NTFS File and Directory Permissions

On NTFS volumes, you can set access permissions on files and directories that specify the users that are allowed to access the files. NTFS file and directory permissions apply both to users working at the computer where the file is stored and to users accessing the file over the network when the file is in a shared directory.

Share permissions for NTFS volumes work in combination with file and directory permissions. When a directory is shared, the permissions set through the shared directory allows users to connect to the share. Using default permissions (Full Control) for NTFS shared directories, you can manage the security of the files with directory and file permissions.

Note Using "Full Control Permission for Everyone" for all NTFS shared directories is the easiest way to manage NTFS file security. You can apply directory and file permissions and allow share access to Everyone through share permissions. This is also what the Small Business Server Shared Folder Wizard does — it provides added security since, if the share is removed, permissions still exist on the files and directories.

FAT Share Permissions

With volumes that have the FAT file system, you can only protect share directories. Once a directory is shared, you can only protect it by specifying one set of share permissions that applies to the share point and all files underneath, and thus to users who connect to the shared directory over the network. Share permissions are significantly less versatile than the file and directory permissions used for NTFS volumes. File-level protection is not available for FAT volumes.

File and Directory Compression on NTFS Partitions

Files on NTFS volumes (but not FAT volumes) can be compressed and uncompressed using Windows NT Explorer or the Compact command line utility. In Explorer, right-click any directory or file, then click Properties to compress or uncompress. The following compression configurations can be set:

• You can compress one file or all files in a directory. Compressing a directory ensures that new files created in the directory are automatically compressed. Uncompressing a directory ensures that new files created in the directory are created uncompressed.
• When you copy a file into a directory or subdirectory within and NTFS volume (or from one NTFS volume to another), the file inherits the compression state of the destination directory.
• When you move a file into a directory or subdirectory within an NTFS volume, the file retains its compression state, regardless of the compression setting of the destination directory.
• When you compress or uncompress a directory, NT Explorer prompts you to indicate whether to compress or uncompress existing subdirectories in the selected directory. Existing subdirectories in compressed or uncompressed directories retain their compression state unless you change it.
• You can highlight compressed files and directories in an alternate color via the Explorer View menu Options.

Note You can also compress shared folders using the Small Business Server console manage folder size taskpad on the Manage Shared Folders page.

Microsoft Outlook

Microsoft Outlook 2000, included in the Office 2000 suite of applications, is a messaging and collaboration client for Small Business Server 4.5 users that supports Internet and Microsoft Exchange Server e-mail standards, combining them with integrated calendar, contact, and task-management features. The Exchange Server and Outlook combination is an ideal platform for creating collaborative applications using your existing messaging infrastructure.

Team Interaction

Collaborative applications facilitate team interaction, enabling individuals and teams to do such things as share information, coordinate projects, and conduct online meetings across the network. To help individuals and teams in the Small Business Server network interact, the following information is covered in this section:

• Configuring Outlook with public folders for information sharing.
• Publishing to a public folder.
• Creating discussion groups.
• Testing the discussion group.
• Allowing anonymous access to public folders.
• Setting up group task and contact lists.

Configuring Outlook With Public Folders

Public folders are folders configured for accessibility to small work groups or the entire small business network. They may contain any type of information, including e-mail messages and documents. They are well suited to be accessed by discussion groups in the organization or made public on the Internet. Public folders reside on the Exchange Server, however, they can be synchronized to the local hard drive for offline access. Perform the following steps to create a public folder.

To create a public folder in Outlook 2000

1. On the Start menu, point to Programs, and then click Microsoft Outlook to launch the Outlook 2000 application.
2. On the View menu, click Folder List to display the Outlook Folder List, as follows.

3. Double-click Public Folders.
4. Right-click All Public Folders and then click New Folder to display the following Create New Folder dialog box.

   

5. In Name, type a new folder name.
6. In the Folder contains drop-down list, select the type of folder you want.
7. Click OK.
8. When asked to add this folder to the Outlook bar, click Yes.
9. In the Outlook Folder List, right-click the newly created folder and then click Properties to display the following Folder Properties dialog box.

   

10. On the Administration tab, click Personal Address Book to add the folder to your personal address book, which is usually your Outlook Contact folder.
11. Click OK.

Publishing to a Public Folder

To publish to a public folder, you can either drag and drop to the public folder in the Outlook bar, or send an e-mail to the folder, as described in the following steps.

To publish to a public folder by dragging and dropping

1. In Outlook, click Inbox.
2. Select a message, then drag and drop it onto the Outlook bar public folder you created in the previous procedure.
3. In the Outlook bar or Folder List, click the public folder and verify that the message appears there.

Note You can drag and drop any type of item to the public folder, including Word documents.

To publish to a public folder by sending an e-mail

1. On the Outlook Actions menu, click New Mail Message to display the following Untitled - Message dialog box.

2. Compose a message and fill in the Subject.
3. Click To which displays the following Select Names dialog box.

4. In the Show names from the: drop-down list, select Personal Address Book.
5. From the list, select the public folder to which you are publishing, then click To.

   Note If the public folder you want to publish to does not appear in the list, make sure the address book is configured to keep personal addresses in the Personal Address Book. You do this from the Addressing dialog box\from the Outlook 2000 Tools menu, click Address Book to display the Address Book dialog box. From the Address Book Tools menu, click Options to display the Addressing dialog box.

6. Click OK.
7. In the Message dialog box, click Send to route the message.
8. In the Outlook bar or Folder List, click the public folder and verify that the message appears there.

Creating a Discussion Group

Discussion groups allow users to collaborate and share information. They can also be used to host list servers and knowledge bases for use by co-workers, business partners, and customers. Discussion groups are accessed using any Internet newsreader, a Web browser, or with Outlook itself.

Note The Network News Transfer Protocol (NNTP) connector must be configured on Exchange Server to allow anonymous client access for reading and posting Internet news articles in public folders. Refer to the Exchange Administrator online Help for information on configuring the NNTP properties.

Perform the following steps to create a discussion group.

To create a discussion group in Outlook

1. On the Start menu, point to Programs, and then click Microsoft Outlook to launch the Outlook 2000 application.
2. On the View menu, click Folder List to display the Outlook Folder List.
3. On the File menu, point to Folder, then click New Folder to display the following Create New Folder dialog box.

   

4. In Name, type a name for your discussion group.
5. In the Folder contains drop-down list, select Mail Items.
6. Click OK.
7. When asked to add this folder to the Outlook bar, click Yes.

To configure the discussion group on Exchange Server

1. If you are not logged on as the Administrator, on the Start menu, click Shutdown and then select Close all programs and logon as a different user.
2. Enter the administrator password, then click OK.
3. On the Start menu, point to Programs, Microsoft Exchange, and then click Microsoft Exchange Administrator to display the following Microsoft Exchange Administrator utility.

4. On the Tools menu, click Newsgroup Hierarchies to display the following Newsgroup Hierarchies dialog box.

5. Click Add to display the following Add Newsgroup Hierarchy dialog box.

6. Select your discussion group folder, then click OK.
7. If necessary, add a newsgroup name in the Root Newsgroup Name dialog box. Click OK. Your discussion group folder should now appear in the Public Folder list in the Newsgroup Hierarchies dialog box.
8. Click OK.
9. On the File menu of Exchange Administrator, click Exit.

Testing the Discussion Group

You can test the discussion group you just created by posting messages to the discussion group folder, using the following steps.

To test the discussion group

1. On the Outlook View menu, click Folder List.
2. From the Folder List, double-click Public Folders, All Public Folders, then select the discussion group folder created in the previous procedure.
3. Click New above the Outlook bar to display the following Untitled - Discussion dialog box.

   

4. Create several messages with different subject fields. To do so, on the Actions menu, click New Post in this Folder when you want to open more Untitled - Discussion dialog boxes.
5. Click Post in each open Discussion dialog box and observe that postings are automatically filtered by message topic.
6. On the Outlook View menu, point to Current View and then click By Conversation Topic to group the postings according to conversation topic, as shown below.

Allowing Anonymous Access to Public Folders

In order to open a discussion group to customers of the small business and other users on the Internet, you must allow anonymous access to the public folder. With anonymous access, users do not need a Windows NT account on Small Business Server to participate in discussions. To allow anonymous user access to Microsoft Exchange Server public folders, perform the following steps.

To configure anonymous user access to public folders

1. On the Outlook View menu, click Folder List.
2. From the Folder List, double-click Public Folders, All Public Folders, then right-click the discussion group folder to display the following Folder Properties dialog box.

   

3. On the Permissions tab, select Anonymous.
4. In the Roles drop-down list, select Author.
5. Click Apply and then OK.

Before anonymous users can access a public folder, the Exchange Server's HTTP Site Settings Properties must be configured with a shortcut to the public folder, by following the steps below.

To configure public folder shortcuts on the Exchange Server

1. On the Start menu, point to Programs, Microsoft Exchange, and then click Microsoft Exchange Administrator.
2. Double-click Configuration and then in the Display Name pane, double-click the Protocols object.
3. Double-click HTTP (Web) Site Settings to display the HTTP (Web) Site Settings Properties dialog box.
4. On the General tab, select Allow anonymous users to access the anonymous public folders.
5. On the Folder Shortcuts tab, click New to display the Public Folders dialog box.
6. Select the appropriate public folder for anonymous access.
7. Click OK and exit all open dialog boxes.

   Note Including only the Public Folder tree object will not provide anonymous access to any of the top level public folders.

To verify anonymous user access to the discussion group folder

1. On the Start menu, point to Programs, and then click Internet Explorer to launch your Internet Explorer 5.0 web browser.
2. In the Address field, type http://CompanyServerName/Exchange to display the following Outlook Web Access page.

3. Click click here to display the following Outlook All Public Folders view.

4. Click the public discussion group folder you created with anonymous access.
5. In the Compose New drop-down list, select Posting to this Folder to post a message to the discussion group folder.
6. Click Compose New to display the following New Post - Microsoft Internet Explorer dialog box.

7. Complete the above posting form, then click the Post icon under the File menu.
8. Verify that the posted message appears in the Outlook discussion group folder.

Note For troubleshooting information on Outlook Web Access, refer to the white paper Troubleshooting Guide for Outlook Web Access at the following location:
http://support.microsoft.com/support/exchange/content/whitepapers/owa_tshoot.asp

Setting Up Group Task Lists and Contact Databases

Public folders can be used to host other shared information such as task and contact lists, thus creating easy ways for users or groups to manage projects or contact databases. Perform the following steps to set up a group task list and a contact database.

To configure Outlook for a group task list

1. On the Start menu, point to Programs, and then click Microsoft Outlook to launch the Outlook 2000 application.
2. On the View menu, click Folder List to display the Outlook Folder List.
3. From the Folder List, double-click Public Folders, then single-click All Public Folders.
4. On the File menu, point to New and then click Folder to display the following Create New Folder dialog box.

   

5. In Name, type Group Tasks.
6. In the Folder Contains drop-down list, select Task Items.
7. Click OK.
8. When asked to add this folder to the Outlook bar, click Yes.

To create a group task in Outlook

1. On the Outlook bar, click Group Tasks to display the Outlook Group Tasks list.
2. On the File menu, point to New, and then click Task to display the following Untitled - Task dialog box.

3. Enter all appropriate information and type a task name in Subject.
4. Click Save and Close.
5. Verify that the task appears in the following Outlook Group Tasks folder.

To configure Outlook for a group contact database

1. On the Start menu, point to Programs, and then click Microsoft Outlook to launch the Outlook 2000 application.
2. On the View menu, click Folder List to display the Outlook Folder List.
3. From the Folder List, double-click Public Folders, and then single-click All Public Folders.
4. On the File menu, point to New, and then click Folder to display the following Create New Folder dialog box.

   

5. In Name, type Group Contacts.
6. In the Folder Contains drop-down list, select Contact Items.
7. Click OK.
8. When asked to add this folder to the Outlook bar, click Yes.

To create a group contact in Outlook

1. On the Outlook bar, click Group Contact to display the Outlook Group Contacts list.
2. On the File menu, point to New, and then click Contact to display the following Untitled - Contact dialog box.

3. Type in all appropriate information, including a contact name.
4. Click Save and Close.
5. In the Outlook Group Contacts list, verify that the new contact appears.

Note If you want to define permissions for the Group Contact list, right-click the Group Contact folder, click Properties, and then select the Permissions tab.

More Information

For additional information on collaborative solutions with Microsoft Exchange and Outlook, refer to the Introduction to Collaboration white paper at the following web site:
http://www.microsoft.com/exchange/techinfo/collab.htm