Managing Exchange 2003 With MOM 2005 (Part 3)
If you missed the other articles in this series please read:
So far in parts one and two of this three part article I have discussed the new state and diagram views of MOM 2005, as well as looking deeper into the Exchange management pack. In this final part, I first want to take a look at the Exchange Management Pack Configuration Wizard, a wizard for quickly configuring your Exchange servers to be monitored by MOM. Then I want to show you the relatively new ExBPA management pack, how to deploy it and briefly how it works. Finally, I’ll round of this article by looking at one key area to monitor outside of Exchange: Active Directory client side monitoring. I’ll tell you why areas such as Active Directory client side monitoring are important to consider in addition to monitoring your actual Exchange servers.
Exchange Management Pack Configuration Wizard
This wizard very simply provides a graphical user interface for configuring the Exchange management pack. It easily configures test mailboxes, message tracking, services to be monitored, mail flow tests and front-end monitoring. It’s really important to ensure you are running the latest version; at the time of writing this article, a new version of the wizard was released in April 2005 and a link to this version can be found at the end of this article. This new version includes a number of important fixes to bugs that were regularly reported to the MOM public newsgroups.
In order to run the wizard, some prerequisites must be met. They are:
- The wizard must be run from a computer that also has Exchange System Manager installed.
- You must have Exchange Full Administrator rights at the Organization or relevant Administrative Group level.
- The wizard writes to the registry of each Exchange server selected for configuration, so you therefore need to ensure that you have local administrative rights and that the Remote Registry Service is running on each Exchange server.
I’m not going to present screen shots of every screen that is presented within the wizard as some of them are self explanatory. Like most wizards, you are first presented with a welcome screen. Next you need to select which administrative group you wish to work in, or choose the option to work with servers in all administrative groups. After this you will be presented with a list of servers that are available to be configured by the wizard. This screen is shown below in Figure 1.
Figure 1: Configuration Wizard Server Selection
As you can see from Figure 1, in this example we have a total of 10 Exchange servers selected for configuration comprising 9 back-end mailbox servers and a single front-end server. When you have made your selection, clicking Next takes you to the screen which gives you an important option as shown below in Figure 2. Here you have the chance to select from either the Default or Custom configuration type.
Figure 2: Configuration Wizard Configuration Type Selection
It’s very important to note that if you wish to enable monitoring on a per-store basis, you need to select the Custom option. This is because the Default option will enable monitoring for a single mailbox store only on each server.
Next you will be presented with the Properties screen as shown below in Figure 3. Here you can choose which properties you wish to configure from the available list of message tracking, front-end monitoring, service monitoring, mailbox availability and mail flow tests. Note that in the example in Figure 3 the front-end monitoring option is greyed out. This is because there were no front-end servers within the system that this screen shot was taken from.
Figure 3: Configuration Wizard Properties Selection
As I previously mentioned, the Properties screen shown in Figure 3 merely asks you which features you wish to configure. Assuming you select message tracking and front-end monitoring, the next two screens that follow simply allow you to choose whether message tracking and front-end monitoring are actually enabled or disabled on each Exchange server by the configuration wizard.
This then leads you to the screen shown below in Figure 4. Here you can select from a simple list the services that you would like the MOM agent to monitor on your Exchange server. Obviously it’s important not to include services like POP3 and IMAP4 if you are not using them, since they are disabled by default on new installations of Exchange 2003. Failing to do so will result in instant alerts from MOM informing you that these services are not running.
Figure 4: Configuration Wizard Service Selection Screen
The next screen will allow you to decide on your mailbox availability monitoring options. These options are simply per-server monitoring, per-store monitoring, or no store monitoring at all. So, if you desire to monitor every mailbox store on your Exchange servers, you must choose the per-store monitoring option. Remember, you won’t see this screen if you choose the Default configuration option presented earlier in the wizard.
The last major configuration option screen is then presented as shown below in Figure 5. The mail flow configuration screen allows you to define your matrix of mail flow tests. As you can see from Figure 5, we have selected Server 6 to receive mail flow messages from Server 1. If Server 1 was a hub server in a classic hub and spoke design, you’d more than likely configure servers 2-9 to receive mail flow messages. Obviously it’s important to ensure that you plan the test message matrix to give you accurate monitoring of your Exchange infrastructure.
Figure 5: Configuration Wizard Mail Flow Selection Screen
The penultimate screen allows you to configure the mailbox access account, the account that MOM uses to log into each mailbox to perform the MAPI logon tests, the mobility synthetic logons and the mail flow tests. For each mailbox store that you wish to monitor, the configuration wizard will create a mailbox-enabled disabled Windows account. The configuration wizard will also set up the permissions accordingly, granting the mailbox access account the rights required to access the mailboxes on each store.
The final screen is the summary screen that gives you the chance to review your configuration. Additionally, you can choose to save an XML file of the configuration which can be edited directly and re-applied to the configuration wizard to make configuration changes. As I mentioned in part 2 of this series, configuration options such as the mail flow tests and the monitored services are written to the registry in each Exchange server, so it’s possible to manually modify the configuration there.
ExBPA Management Pack
ExBPA v2 was released back in March 2005 and along with it, the ExBPA MOM management pack was also released. Using the ExBPA MOM management pack therefore requires that you are using ExBPA v2. The links for ExBPA v2 and the ExBPA MOM management pack are included at the end of this article.
If you have deployed MOM 2005, you no longer have to run ExBPA as a standalone tool – it can be run through MOM 2005 and all issues found raised as warning or error alerts within the MOM Operator Console.
Deployment of the ExBPA MOM management pack is straightforward. First, though, note that each Exchange server that is to be monitored with ExBPA via MOM requires the .NET Framework 1.1 to be installed on that Exchange server; this is already part of Exchange 2003 but will be required to be installed on Exchange 2000 and Exchange 5.5 servers. This is because ExBPA will run locally on each Exchange server.
Once you have downloaded the ExBPA MOM management pack, you need to import the management pack into MOM using the MOM Administrator Console. See your MOM documentation on how to do this. You will then need to create a deployment share on a suitable server, such as the actual MOM server, from where MOM can push-install the ExBPA MSI installer onto each Exchange server. More on why ExBPA is required on each Exchange server can be found in the next section. Once you’ve created the deployment share, the ExBPA MSI installer is copied to the share.
Administrators can perform various tasks against managed servers from directly within the MOM Operator Console. An example of such a task is the task to install ExBPA on an Exchange server. Figure 6 below shows the properties of the ExBPA install task. Note the value of the ExBPAShare parameter – this is the UNC deployment share you created earlier.
Figure 6: ExBPA Deployment Task
You can then use this install task to install ExBPA on all Exchange servers directly from within the MOM Operator Console.
ExBPA Management Pack Operation
The reason that ExBPA is required on each Exchange server is because MOM runs the command-line version of ExBPA locally on each Exchange server. This command-line version is run via a MOM script and has a switch to tell ExBPA to log any warnings and errors to the local event log on that server. For example, the ExBPA server scan is performed using the following command line:
<drive>:\Program Files\ExBPA\ExBPACmd –p Events:Enable –dat ExBPA.Server.data.xml –r “3,Server=”<servername>””
If ExBPA finds any issues, they are logged to the event log on that Exchange server as per any normal event log entries. The ExBPA management pack has MOM processing rules to alert you on the presence of any ExBPA warnings or errors logged in the event log; alerts are raised as normal in the MOM Operator Console. It’s that easy.
It is important to note that ExBPA must also be installed onto the MOM Management Server in order to run the ExBPA organization scan. Failure to do this results in an error being logged into the MOM Operator Console, which states that the scan fails with exit code 9. If you see this error, it’s because you have not installed ExBPA on the MOM Management Server.
The ExBPA management pack also configures MOM with two other tasks in the MOM Operator Console: run an ExBPA organization scan and run an ExBPA server scan. You can choose to run a server or organization scan at any time by simply selecting the relevant Exchange server in the MOM Operator Console and then choosing the relevant task. Alternatively, the ExBPA MOM management pack will perform scheduled scans each night at around 11pm.
Hopefully when you run ExBPA against your servers you will not see any issues. However, if you do, an example of what you see when a MOM ExBPA alert is generated is shown below in Figure 7.
Figure 7: Sample MOM ExBPA Alert
Note that the alert contains a link to the online ExBPA knowledgebase; the ExBPA management pack contains no knowledgebase built into it. This is in contrast to the normal Exchange management pack which has a large quantity of knowledge built into it as you have seen in part two of this series of articles.
Active Directory Client-Side Monitoring
Now that you have Exchange being monitored by the normal Exchange management pack and now the ExBPA management pack, life should be rosy. However, the smooth running of your Exchange environment also depends on the smooth running of a number of other components, such as Active Directory, DNS and IIS. Obviously Microsoft provides MOM management packs for all major products, including Active Directory, DNS and IIS. I want to take a few moments to explain the Active Directory Client-Side Monitoring rules and how they can help you to ensure that your Exchange environment does indeed run smoothly.
If you place your Exchange servers into the Active Directory Client Side Monitoring MOM group found within the MOM Administrator Console, a whole new set of rules are applied to your Exchange servers. These rules allow MOM to understand Exchange’s view of Active Directory health and include checks such as:
- Serverless bind – can Exchange contact a domain controller and is it in the local site?
- Is the PDC Emulator available?
- Is the minimum number of Global Catalog servers available?
- Are the targeted domain controllers available and responsive?
In other words, various scripts are run on your Exchange servers to determine if certain functions of Active Directory are available and responsive. For example, if your Exchange server has chosen a domain controller in another Active Directory site, response time may be slow. Without the Active Directory client side rules deployed, MOM would not necessarily indicate any issues with the Exchange server since nothing is fundamentally wrong with the Exchange services. With the Active Directory client side rules deployed, the situation of selected domain controllers not being available or responding slowly would be raised as an alert.
If you are not comfortable with deploying these additional Active Directory rules to your Exchange servers, note that you can deploy these rules on an alternate server that’s near to your Exchange server.
If you’ve not already done so, hopefully over the three parts of this article I’ve given you enough information to help decide whether to check out MOM 2005 on its ability to monitor and manage Exchange. There’s little doubt that implementing MOM 2005 with the Exchange management pack will allow you to keep Exchange running, respond effectively to alerts via the built-in knowledge and to be accountable by discovering usage and capacity trends as well as sharing performance metrics of your Exchange infrastructure.
Exchange Management Pack Configuration Wizard:
ExBPA MOM management pack:
If you missed the other articles in this series please read: