Remotely Administering Exchange 2003
Exchange provides you with a single administration tool, Exchange System Manager. However, you also have to use the Active Directory management tools to solve problems, and sometimes also use the IIS management console, because Exchange relies on the underlying web components.
These days you need access to these tools anywhere you go, because Exchange is a critical system, and system administrators are generally not locked up in the computer room. Knowing how to solve problems remotely can save you time when in the middle of the night, instead of driving to work, you simply interface with your systems from your laptop or home computer. Remote access also allows small businesses to save money by relying on technicians that are not onsite.
Before we go on the road, let's first consider how we access Exchange locally. A lot of Exchange issues are solved by using the Active Directory Users and Computers management console. For me, as a seasoned Exchange administrator, the easiest way is to go to Start -> Run, type "dsa.msc" and press the Enter key.
However, Microsoft Exchange engineers thought it would be cool to call Exchange System Manager's management console "Exchange System Manager.msc" and also forgot to add the Exchange "bin" directory where this console is located to the system path. So, even if you decide you want to type the full name, Windows will not be able to locate it.
This leaves us with a few other options. Start -> Programs -> Microsoft Exchange -> System Manager is the obvious one. A lot of people drag and drop this icon to the desktop and access it there. I like to drag and drop it in the quick launch toolbar. If you can't see this toolbar, right click on an empty spot in task bar and choose Toolbar -> Quick Launch.
Along with the Exchange System Manager shortcut, you can drag all the other tools you might need.
You can also create a single management console. For this choose Start -> Run and type "mmc" and press Enter. This will open an empty management console. Now choose File -> Add/Remove Snap-in to add more management console snap-ins to your console.
Pressing the Add button will present you with a list of available snap-ins.
When you add a console, you might be required to select a domain controller to connect to. I sometimes create a management console which connects to different domain controllers to help diagnose replication problems. For a day to day basis though, choosing "Any Writable Domain Controller" is the best option.
After adding a few snap-ins, you get a nice all-in-one tool for administrating your Exchange servers.
Now we can save this onto the desktop or any other convenient folder by choosing File -> Save as…
Saving a console in the Windows directory or any other directory in the search path will allow you to run it using Start -> Run by typing the console name.
Short names in this case with no spacebars, are preferable.
Installing Exchange Management Console on a Workstation
Since, as mentioned before, we want to limit our visits to the cold, cold, server room, we can install Exchange Management tools on a Windows XP Professional workstation.
First of all, make sure that Service Pack 2 (or later) is installed on your Windows XP workstation. Installing the latest patches from the Windows Update site is also recommended.
Once this is done you need to install the Windows 2003 Administration Tools. The package is called adminpak.msi and can be located on any server at the [system drive]:\Windows\System32 folder. You can access it through the network using UNC by typing for example: \\dc1\c$\windows\systems\adminpak.msi
To install Exchange System Manager itself, first you have to install the IIS core components. In previous versions of Windows workstation you also had to install the SMTP service and then disable it but this is no longer required, starting from Windows XP SP2. To do so go to Start -> Settings -> Control Panel and choose Add/Remove Programs. There choose Add/Remove Windows Components from the left grey pane.
Locate "Internet Information Services (IIS)" in the list and press the "Details" button. There choose "Common Files" and "Internet Information Services Snap-In".
This will neither make your workstation a web or a mail server of any kind. It will just enable you to manage them. You should have the Windows XP Professional SP2 CD available for this process, or perhaps located on a network drive.
Now your workstation is ready for installing Exchange System Manager. Before we begin this process, let me state that installing ESM is the same as installing an Exchange 2003 server. You first have to install from your original Exchange media (or a copy of it) and then install Exchange 2003 SP2 on top of it.
To perform the installation, run under the Exchange 2003 Media CD or its copy, the setup.exe file located in the "Exchange\Setup\I386" folder. For some reason the installation does not distinguish between Windows 2003 and Windows XP, and will even let you try to install Exchange services. Since we are not interested in that you should choose "Custom" for "Microsoft Exchange" and "Install" for "Microsoft Exchange System Management Tools".
The process is almost the same for the Exchange 2003 SP2 update though the file is called update.exe instead of setup.exe and the Actions are updated (you need not change the default). Once installation is done you can create a local management console as shown in the previous section.
If you've got Outlook installed on your workstation, you might encounter some MAPI related problems because Outlook and Exchange use different versions of MAPI. To solve this follow the steps detailed in this Microsoft KB article.
The question remains to be asked, "Why bother with all this complex installation process?" There are a few utilities that allow you to connect remotely to an Exchange server. The most common is Remote Desktop, previously called Terminal Services. To run it go to Start -> Run and type "mstsc" then press Enter. You can also find the shortcut for it under Start -> Run -> Programs -> Accessories -> Communications.
On a typical server you would be able to start no more than two Remote Desktop sessions. This is why I usually type "mstsc /console" which logs on to the primary session of the server. If you go to the server and unlock it using the same user you will be able to access this session. If you don't want to fuss with the Remote Desktop GUI you can simply type "mstsc –v:[server name] /console".
Remote Desktop is easy to set up through Firewalls and doesn't require domain membership and such. You simply need to create a rule opening port 3389 to a particular server and limit it to certain IP address or Firewall users. You can also set up VPN access and access it using the server's internal IP.
If you plan to access a server through the Internet, best thing to do is implement a black and white color scheme for the server, and set a blank black desktop bitmap. This will speed things up. The GUI can allow you to further save on bandwidth.
Pressing "Options" will reveal a lot of ways to tinker with Remote Desktop, such as limiting display size and colors.
Connecting to local devices and playing remote can really slow you down. Of course sometimes you will need to transfer files or print, but try to make this the exception, unless you are connecting internally. Last but not least you can limit a few graphic Windows elements.
After you finish setting the connection up you can save it for future use.
Please note that in a Remote Desktop session Ctrl + Alt + End replaces Ctrl + Alt + Del, or if you prefer the mouse you can choose Start -> Settings -> Windows Security. If you installed adminpak.msi in the previous section, you get the Remote Desktops MMC Snap-in which you can add to your management console and set up all the remote desktop connections that you need.
You can download this tool here. You can also download the Remote Desktop add-in for Active Directory Users and Computers and right click a server there to connect to it remotely.
Exchange and Windows allow you to tailor the way you remotely connect to a server according to your needs and bandwidth. There are a few more ways, including third-party utilities, but they mostly work similarly to the tools presented here and have the same issues.