A First Look at the New Exchange 2007 System Management Console
The MS Exchange team put a lot of effort into making the GUI in the new Exchange 2007 Management console much better than is the case with previous versions of Exchange, actually the GUI has been completely re-designed. Before they started developing the console, the goal was a simple, intuitive and more organized console with less nesting that would reduce the time spent on getting to know the new look and feel, as well as effectively organizing all actions while maintaining strict consistency. It’s no secret that the Exchange 2000/2003 System Manager is a bit tedious to say the least, as I’m sure many of you are aware, it can be a real pain to find your way through the navigation tree in order to find a specific property setting, so one of the most important things was to reduce the buttons and knobs in the GUI. In addition, the team wanted to get rid of all the white space which is currently present in the Exchange 2000/2003 System Manager.
Let’s see whether the MS Exchange team managed to accomplish these goals.
Since this article is based on a Beta 1 build of Exchange Server 2007, several of the screenshots will differ from what you’ll see in Beta 2 and later builds.
New Architecture and Easier Navigation
The new Exchange Management Console uses MMC 3.0 and is built on top of the Windows PowerShell engine (formerly known as Monad) just like is the case with the Exchange Management Shell. This means that the GUI uses the same Windows PowerShell CMDlets as those available via the Exchange Management Shell.
The Exchange 2007 Management Console has been re-designed in such a way that you no longer select a specific server in the console tree in order to see its available resources, instead you select a server role and get a list of the servers in the organization that hold the particular role. From here you can then select a specific service and see the available options within that service as can be seen in Figure 1 below.
Figure 1: Exchange Server 2007 Management Console
As you can see in Figure 1 above the new Exchange Management Console has been divided into four different sections, the Console tree, Result pane, Work pane and the Action pane. Below I’ll go briefly through each of these.
The Console tree has been segmented into four so called work centers. The Organization Configuration center, which as the name implies contains all globally related settings in the organization, the Server Configuration center, which contains server specific data, and the Recipient Configuration center, which is the place where recipients, contacts, distribution groups etc. are manipulated.
With Exchange Server 2007, mail-enabled objects will no longer be managed via the Active Directory Users and Computers snap-in, they will instead be manipulated via the Exchange Management console or shell as I’ll show you later on in this article.
Finally we have the Toolbox center, which isn’t really a place where you go to configure or manipulate Exchange settings and/or objects, instead this can be considered a central repository for different Exchange tools that will help you diagnose and troubleshoot Exchange related issues as well as give you best practice recommendations when it comes to properly configuring and optimizing the servers in your organization. As can be seen in Figure 2 below, tools such as the Exchange Best Practices Analyzer, Exchange Server Disaster Recovery Analyzer, Exchange Server Mail Flow Analyzer, Exchange Server Performance Monitor, Exchange Server Performance Troubleshooting Analyzer can be found here. The Toolbox center has also become the new home for the Exchange Queue Viewer.
A cool thing about the Toolbox center is that it’s extensible, which mean that additional tools can be added via the Microsoft Exchange website. A thing that could have been even cooler would be that 3rd party tools could be added to the Toolbox center as well, but unfortunately it’s limited to Microsoft’s own Exchange tools.
Figure 2: Exchange Server 2007 Toolbox
The Result pane lists all the servers that hold the role selected in the Navigation pane. In the Result pane you can also see what other roles the listed servers hold, as well as Service Pack and build number etc. The Work pane is used to manipulate any child-objects of the Result Pane, more specifically child-objects of the objects under the Server Configuration center.
The Action pane lists all available tasks for the object(s) currently selected in the Result or Work pane. The pane gives you a quick overview of the tasks you can perform for a selected object, which makes it easier to find the task(s) you’re looking for. Bear in mind that even though you now manipulate objects via this new Action pane, you still have the option of right-clicking the respective objects to get a context menu with the same tasks or actions (see Figure 3).
Figure 3: Context menus and Action Pane
As you already know from Exchange Server 2003, using the context menu can be quite tedious, so many of you should find the new action pane a welcome addition.
Should you for some reason want to use context menus, you can remove the Action pane by clicking the respective icon in the Toolbar or View > Customize in the menu, then uncheck Action pane. This could, for example, be a good idea if you’re working on a small screen or in a low resolution.
Figure 4 below compares the navigation tree in Exchange 2003 and Exchange 2007. As you can see the navigation tree in Exchange 2007 is now 3 levels, instead of eight as was the case in Exchange 2003. Talk about an improvement!
Figure 4: Exchange navigation trees – Exchange 2003 versus Exchange 2007
New Exchange 2007 Finalize Deployment Guides
When Exchange Server 2007 has been installed and you launch the Exchange Management console for the first time, you’re faced with an Exchange Server 2007 Finalize Deployment page, which lists the steps that are recommended you complete in order to get your server configured so that it functions properly (see Figure 5).
Figure 5: Finalizing Deployment of Exchange Server 2007
If you should leave the page before you have completed all the listed steps, you can always come back by selecting Microsoft Exchange in the very top of the Console tree. As you can see in Figure 5, there’s also a tab called End-to-End Scenario. Under this tab you will find additional how-to guides that will help you through other multi-step tasks such as configuring E-mail Lifecycle Management etc.
Exchange Delegation Wizard
In Exchange Server 2007 you add delegates (users or groups) in much the same way as is the case in Exchange Server 2003. You do this by selecting the Organization Configuration node in the Console tree, then either right click in the Work pane or click Add Delegate in the Action pane. This brings up the Add Delegate Wizard shown in Figure 6 below.
Figure 6: Exchange Server 2007 Delegation Wizard
As you can see, the role and scope of the delegate can either be Exchange Organization Admin role (permissions to the entire organization), Exchange Recipient Admin role (permissions to managing recipients in the entire organization) and Exchange Server Admin role (permissions to administer the Exchange Servers you specify in the window right underneath this delegate type).
A lot of work has also gone into making the Wizards more polished and clean in Exchange Server 2007. Figure 7 below gives you an idea of how the new wizards look and work. Notice the colored boxes in the left side showing the progress so far. A green box means the particular step has been completed, the yellow box indicates this is the step currently being performed and the grey box indicates steps still not completed.
Figure 7: Colored progress boxes
Another cool thing is that if you type invalid characters in a text box in a wizard, or perhaps mistype the password in the Confirm password text box, you’ll get a red error icon showing where the error is to be found (see Figure 8 below).
Figure 8: Error detections in Wizards
Managing Recipients, Distribution list and Contacts
As some of you might already know, Microsoft went back to using the Exchange Management Console for recipient management (see Figure 9), such as creating mail-enabled users, mailboxes for existing user objects, Distribution Groups and Mail contact objects. This means that Exchange no longer relies on the Active Directory Users and Computer MMC snap-in for these management tasks.
Figure 9: Recipient Management via the Exchange Management Console
You can still install the Exchange Management console on another machine, but you’ll need to do so by selecting Admin only during the installation of Exchange (will not be possible before BETA 2).
Using Filters and Expressions (rich filtering)
The new Exchange Server 2007 Management Console also gives you the opportunity of filtering the objects under a particular node. The console supports up to 10 expressions in each filter rule, which should be sufficient for most of us. If not, you may want to start using the Exchange Management Shell instead. Figure 10 below shows you an example of a filter that uses three expressions in order to list recipients of the type 'mailbox user' not stored in a particular database, but all located on a specific server.
Figure 10: Filter applied to the Mailbox node
You can of course also use the filtering feature to filter servers, Mailbox Stores, Distribution Groups etc.
When adding an expression to a filter you can make use of Equals, Does Not Equal, Contains, Not Contain and several others. AND and OR is also supported. You can save the currently applied filter so that the console shows the node with the specified expressions until you don’t wish to use them anymore. You do this by right-clicking the node in the Console tree, then select View > Save Current Filter as Default.
If you want to remove one or more expressions from a filter, you click the delete icon to the right of the respective expression, and if you want to delete the whole filter you click Remove Filter.
The Exchange Server 2007 Management console also supports recipient scoping, which means that you, for instance, can have users from a specific domain or forest listed, as shown in Figure 11 and 12 respectively.
Figure 11: Specifying the Active Directory Scope
Figure 12: Specifying the maximum number of Recipients to Display
Customizing the Console
You can customize the Exchange Management Console so it only shows the things you want it to show. Let’s suppose you have a helpdesk that only should be able to see the Recipient Configuration center when the Exchange Management console is started. In order to accomplish this you would need to create a simplified tree by first opening MMC by clicking Start > Run and typing MMC.exe. Then you would need to add the Exchange Server 2007 snap-in to the empty MMC by clicking File > Add/Remove Snap-in > clicking Add and double-clicking Exchange Server 2007 in the list of available snap-ins, then clicking Ok as shown in Figure 13 below.
Figure 13: Selecting the Exchange Server 2007 snap-in
You will now see the full Exchange Management Console. Right-click the Recipient Configuration container, then select New Window From Here
Figure 14: New Window from Here
A scoped down window only containing the Recipient Configuration center will appear (Figure 15).
Figure 15: Scoped down management console
You can now close the original window.
When creating a customized Exchange Server 2007 console, the Action pane isn’t shown by default, in order to have it shown, you need to click View > Customize then tick the Action pane box.
The last step is to save the console window and inform the helpdesk personnel they would need to use this customized console when administering mail-enabled Active Directory objects in the organization.
As is the case with the Exchange 2003 System Manager as well as most other snap-ins, you can of course also combine the Exchange Server 2007 snap-in with other required snap-ins.
If you’re dealing with a large organization with helpdesk personnel associated with each department or region or perhaps country, you can even configure expression filters in the custom console to scope it down further.
Exposed CMDlet code
As mentioned earlier on in the article, the Exchange Management console is built on top of the Windows PowerShell engine (formerly known as Monad), what this means is that the GUI actually just executes CMDlets transparently. Because of this the CMDlet code of an executed task is exposed when the Wizard has finished. You can then take this exposed code and copy it to a text editor such as Notepad, edit it and save it as a PS1 script (formerly MSH script) and use it for the same tasks in the future.
In Figure 16 below I’ve enabled RPC over HTTP using the Exchange Management console.
Figure 16: Exposed CMDlet code
As you can see the CMDlet including necessary parameters for this task in the Exchange Management Shell is:
Enable-RpcHttp –Server:’EHVMS06’ –ExternalHostname:’mail.exchangehosting.dk’ –ExternalAuthenticationMethods:’Basic’ –SSLOffloading:’$false’
OWA Configuration via the Exchange Management Console
With Exchange Server 2007, most of the OWA related configuration is also administered from within the Exchange Management Console. You no longer have to configure the authentication settings in the IIS Manager, use separate Web-based tools to enable or disable specific OWA features (segment) or configure what type of files are allowed/disallowed.
Figure 17: OWA 2007 configuration
I won’t delve further into the OWA related improvements you can configure via the Exchange Management Console, as OWA 2007 is a topic of one of my other upcoming articles here on MSExchange.org.
As you know the Exchange 2003 System Manager is tedious and not very intuitive when it comes to finding your way around the GUI. In addition there are too many knobs and buttons as well as way too much nesting in the console tree. So it’s great to see the MS Exchange team put a lot of effort into improving the GUI in Exchange Server 2007 now known as the Exchange Management Console. As I’ve shown you throughout this article, it’s so much easier to find your way around in the GUI when looking for a specific setting. For example there are only 3 levels in the console tree instead of eight as was the case in Exchange 2003. Not only has the navigation experience been improved heavily, but with Exchange 2007 you also have new rich filtering features as well as a much crispier new look with sporty Vista-like wizards. The grey battleship, as Microsoft call the Exchange 2003 System Manager, is now to be found at the bottom of the sea 🙂