Managing Exchange 2003 with SCOM 2007 (Part 1)

If you would like to read the next part in this article series please go to Managing Exchange 2003 with SCOM 2007 (Part 2)

 

Monitoring your Exchange Servers is an absolutely essential task in order to guarantee that the messaging environment is operating reliably. Depending on the complexity of your IT infrastructure, there may be a huge effort involved in monitoring and operations.

 

The Exchange Server 2003 Management Pack (MP) for Operations Manager 2007 contains rules to monitor a significant subset of server health indicators and create alerts when problems are detected, or when reasonable thresholds are exceeded.

 

The following table provides an overview of the Exchange Server 2003 MP monitoring functionality that is enabled through Operations Manager 2007:

 

 

Exchange Component	Monitoring Functionality
Exchange client access	MAPI Logon State monitoring Performance measuring and alerting
Exchange mail flow	State of synthetic e-mail flow Performance measuring and alerting
Exchange back end	Directory Access monitoring and alerting Mailbox status Public folder status
Exchange front end	Outlook Web Access monitoring Outlook Mobile Access monitoring Exchange ActiveSync monitoring Performance measuring and alerting
Configuration and Security	Data Store mount status Exchange best practices
Exchange and related service monitoring	Exchange Services monitoring Exchange messaging-related service
Operating System metrics	Monitoring and alerting of specialized operating system metrics
Exchange Event Log monitoring	Comprehensive rules for Exchange Detailed product knowledge on events
Exchange Topology discovery	Organization-wide Exchange Topology discovery Topology Diagram view

 

Table 1: Exchange 2003 MP monitoring functionalities

 

Besides all the monitoring features, System Center Operations Manager (SCOM) 2007 and the Exchange Server MP will give you the reporting capability that Exchange Server 2003 lacks by itself.

 

Although significant improvements have been made since the release of MOM 2000, configuring the platform in general and the Exchange MP in particular can become quite a challenge.

 

These are more than enough reasons why I decided to write this configuration guide for the Exchange 2003 MP. I won’t cover the installation process of the SCOM 2007 components, only the importing and configuring processes of the Exchange 2003 MP.

 

What’s New

 

The Exchange Server 2003 MP for Operations Manager 2007 contains the following new functionality:

 

 

• Self-tuning threshold monitors for e-mail message queue (the values at which alerts should be raised are automatically set based on the learned values).
• A console task that starts the Exchange Server System Manager.
• Agent tasks that perform the following functions:
  – Install the Exchange Server Best Practices Analyzer.
  – Query local domain controllers to find out the ones that an Exchange server is currently using.
  – Start, stop, pause, and resume Exchange monitored services.
• An agent task targeted at Exchange MAPI Logon that performs a synthetic logon to MAPI.
•  

 

Solution Topology

 

For the purpose of writing this article, I installed the following environment on my test lab:

 

Figure 1: Solution topology

 

As you can see, I’ll use a server called SCOM2007 to monitor an Exchange front-end (E2K3FE) and an Exchange back-end (VM1), which is also the domain controller for the domain virtual.com.

 

Secure Exchange 2003 Servers

 

We must first configure the Exchange environment, before the servers can be managed by Operations Manager 2007

 

 

1. Configure SSL on Exchange Server 2003 front-end servers. SSL is required on the Outlook Web Access, Outlook Mobile Access, and Exchange ActiveSync Web sites. In order to accomplish these tasks, you must first install a certificate on the Exchange website and then require SSL (Figure 2) on the following virtual directories: Exchange, Microsoft-Server-ActiveSync, OMA and Public.
   If you don’t have a front-end, after you enable SSL, ActiveSync and OMA might stop working. If that’s the case, follow the steps from the Knowledge Base article 817379.

 

Figure 2: Virtual Directory security settings

 

 

2. Enable forms based authentication on the front-end servers. If administrative groups are enabled, expand Administrative Groups, expand Servers, and then expand your front-end server. Expand Protocols, expand HTTP, right-click Exchange Virtual Server, and then click Properties. Click the Settings tab and enable the check box Enable Forms Based Authentication (Figure 3).

 

Figure 3: Forms Based Authentication

 

 

3. On every Exchange server, verify that message tracking log shares (\\SERVER\SERVER.LOG) are locked down: remove the Everyone Group from Share Permissions (Figure 4).

 

Figure 4: Message tracking log share permissions

 

 

4. Verify that SMTP cannot anonymously relay messages: follow the procedures from the KB article 895853.

 

Install .NET Hotfix

 

Install the .NET Framework hotfix on Exchange servers, if required. If you have upgraded the .NET Framework from version 1.1 to 2.0 on your Exchange 2003 servers, you must apply the hotfix described in KB article 919356. Although the article says the hotfix addresses an issue related to monitoring Exchange Server 2003 with MOM 2005, the hotfix is also applicable to Exchange Server 2003 with Operations Manager 2007.

 

Install the Exchange Server 2003 MP

 

Download and install the required Management Pack files. To monitor Exchange Server 2003 with Operations Manager 2007, you need the following Management Pack files:

 

 

• Microsoft.Exchange.Server.Library.mp (Exchange Server Core Library)
• Microsoft.Exchange.Server.2003.Monitoring.mp (Exchange Server 2003 Discovery)
• Microsoft.Exchange.Server.2003.Monitoring.mp (Exchange Server 2003 Monitoring)

 

You can find the latest Management Packs at System Center Operations Manager 2007 Catalog. The Management Packs that ship with Operations Manager 2007 are in the ManagementPacks directory of the installation CD.

 

To import the Exchange 2003 MP, open the SCOM 2007 Operations Console. Click the Administration tab, right-click the Management Packs node and then click Import Management Packs. Select the required Management Packs and then click the Import button. After the import process is complete and the dialog box displays an icon next to each Management Pack that indicates success of the importation, click the Close button.

 

Add the Exchange servers as agent managed computers

 

 

1. Click the Administration tab and then click Configure computers and devices to manage on the Actions pane. This will start the Computer and Device Management Wizard (Figure 5). Click Next, choose Advanced Discovery (Figure 6) and select Servers Only from the Computers & Device Types drop-down box.

 

Figure 5: Computer and Device Management Wizard

 

Figure 6: Advanced discovery

 

 

2. On the next window, browse for the computers you are adding (Figure 7) and click Next. Select Use selected Management Server Action Account (Figure 8), click Discovery and wait for the discovery results. (Figure 9). If the Discovery Wizard stops responding, follow the procedures from KB article 941409. Figure 10 shows a brief summary that is displayed at the end of the wizard. Click Finish.

 

Figure 7: Discovery Method

 

Figure 8: Administrator Account

 

Figure 9: Select Objects to Manage

 

Figure 10: Summary

 

 

3. If the agent installation was successful, on each Exchange server you’ll be able to see the System Center Operations Manager 2007 Agent listed on the Add/Remove Programs (Figure 11). A new service is also created, the OpsMgr Health Service, as depicted in Figure 12.

 

Figure 11: Add/Remove Programs

 

Figure 12: OpsMgr Health Service Properties

 

Management Pack Configuration Wizard

 

Install and run the Exchange Management Pack Configuration Wizard on one of the Exchange servers. You must use version 06.05.7903 (or higher) of the Microsoft Exchange Server MP Configuration Wizard with Operations Manager 2007. The user running the wizard must be a local administrator and must have at least Exchange full administrator rights on the administrative group or the organization.

 

 

1. After installing it, run the Exchange Management Pack Configuration Wizard and on the Welcome page, click Next. (Figure 13). On the Administrative Group page, select the Administrative group from the drop-down list that you want to manage and click Next (Figure 14). On the Select Servers page, select the servers that you want to configure and then click Next (Figure 15).

 

Figure 13: Microsoft Exchange Server Management Pack Configuration Wizard

 

Figure 14: Selecting the Administrative Group

 

Figure 15: Select Servers

 

 

2. On the Server Configuration Type page (Figure 16), you can normally leave it set to Default. We’re going to check Custom just for demonstrating purposes. Click Next. On the Properties page, select the properties you want to configure for monitoring (Figure 17) and click Next.

 

Figure 16: Server Configuration Type

 

Figure 17: Exchange Monitoring Properties

 

 

3. On the Message Tracking page (Figure 18) and on the Front-end Monitoring page (Figure 19), you have the option to Enable or Disable front-end monitoring. On the Service Monitoring page (Figure 20), you have the option to select or clear the services that will be monitored. We’ll leave the default settings on all these pages.

 

Figure 18: Message Tracking

 

Figure 19: Front-end Monitoring

 

Figure 20: Service Monitoring

 

 

4. On the Mailbox Availability page (Figure 21), you can configure Per server monitoring or Per store monitoring (you can also Disable mailbox availability monitoring). If you select Per server monitoring, you must disable the Verify Test Mailboxes rule that is targeted at the Exchange 2003 Role object type (we’ll cover this on next part of this article). Click Next.
5. On the Mail Flow page (Figure 22), click a Sending server and its Receiving servers (only back-end servers are listed). Click Next.

 

Figure 21: Mailbox Availability

 

Figure 22: Mail Flow

 

 

6. On the Mailbox Access Account page (Figure 23), type the account and password that will be used to test the mailboxes, and then click Next. If the account does not exist, it will be created.

    

7. On the Summary page (Figure 24), review the configuration settings and then click Next. You can also click Save to save an *.XML file of the configuration settings.

    

8. When the Completing the Microsoft Exchange Management Pack Configuration Wizard page (Figure 25) displays, click Finish. A logfile is created at %TEMP%\ConfigurationLog.xml.

 

Figure 23: Mailbox Access Account

 

Figure 24: Summary

 

Figure 25: Completing the Microsoft Exchange Management Pack Configuration Wizard

 

Every time you add a new server running Exchange Server 2003 to Operations Manager 2007, you must run the Configuration Wizard again for that server.

 

Note:
If you run the Configuration Wizard against a cluster instance, you may get the following error:

 

Error: Cannot configure the mailbox access account on computer ‘SERVER_NAME’. This configuration can only be made after the Exchange MOM event 9986 is registered by MOM.

 

Although there’s a KB article about this problem (Knowledge Base article 899382), the only way I found to solve the problem without a failover was to follow the procedures described by Lee Chang on this link.

 

Summary

 

And this concludes part 1 of this 2 part article. In the next part we will cover the configuration process within the Operations Console required to monitor Exchange Servers with Operations Manager 2007.

 

Related Links

 

 

• Microsoft Exchange Server Management Pack Configuration Wizard
• Microsoft Exchange Server 2003 Management Pack

 

If you would like to read the next part in this article series please go to Managing Exchange 2003 with SCOM 2007 (Part 2)