Exchange 2000 Server must be installed on a Windows 2000 Server which is a member of an Active Directory environment, and must have SP1 installed. Only an administrator in the top level domain has the required permissions to install Exchange 2000 Server. These permissions can be assigned to other domain administrators but must be assigned by the top level admin. The permissions required to install Exchange 2000 are as follows:
	Domain Admins
	Enterprise Admins
	Schema Admins (only on first install in forest)
     There are THREE seperate boundaries you need to take into consideration when planning your Exchange 2000 infrastructure. These are namespace, administrativen groups, and routing groups. The namespace is the AD forest, which contains all of the directory information for your Exchange 2000 env. To subdivide the management of resources within a particular namespace, use administrative groups. Often you can define your admin topology according to departments or divisions. The physical network topology should dictate the configuration of routing groups because they define how messages are actually xfered across the network. Servers are set in routing groups, and routing groups are typically collected into administrative groups, although you can split a routing group across multiple administrative groups. Note: The relationship b/w routing groups and administrative groups is not necessarily hierarchical.

     Similar to Windows 2000 sites, you define routing groups primarily to describe regions of high speed connections with a network. Messages sent b/w servers in the same routing group are transferred directly and immediately using the SMTP transport service. Manual administration becomes necessary only when you need to connect two or more routing groups or when you need to install connectors to foreign messaging systems. You can use a Routing Group Connector, X.400 connector, or an SMTP Connector to provide a message path between Exchange 2000 routing groups.

     In Exchange 2000 Mixed Mode, which allows administrative groups to map directly to sites in an Exchange 5.5 organization, sites replicated to AD appear as administrative groups and administrative groups replicated to the Exchange Server directory (5.5) appear as sites. In Mixed Mode it is impossible to move mailboxes between servers in different administrative groups. Also, routing groups can only contain servers from the same administrative group. Although one administative group may contain multiple routing groups, routing groups cannot span multiple administative groups.

     The minimum hardware requirements Microsoft recommends are 128 - 256 MB RAM, 300 MHz processor, 500 MB on system drive, 2 GB on disk with Exchange Server. Exchange 2000 must be installed on a Windows 2000 Server w/SP1 with SMTP (installed by default) and NNTP running on the IIS service. Exchange also needs to be installed on an NTFS filesystem.

     The Windows 2000 Server you install Exchange 2000 on must be in your domain or in a domain that trusts your domain. A single Exchange 2000 organization cannot span multiple AD forests.


Installation Preperation

     If you are planning on installing Exchange 2000 in an environment with multiple domains in a forest, you can import the Exchange specific schema extensions prior to the actual installation. This elliminates the need to be a Windows 2000 Schema Admin when installing Exchange at a later time. The SETUP.EXE program of Exchange 2000 offers two specific modes for the purpose of preparing the AD, which yo can launch through the command line switches \setup\i386\setup.exe /forestprep and /domainprep.

AD Forest (/forestprep)

     In organizations which have seperate administrative divisions, you can have a member of the Enterprise and Schema Admins run the /forestprep. The first instance, whether by /forestprep or by Exchange 2000 Setup, must be installed in the domain where the schema master resides.

AD Domains (/domainprep)

     Domainprep adds further Exchange 2000 specific configuration information to AD. You need to be a member of the Domain Admins group for the domain that you want to prepare. When installing Exchange 2000 at a later time, you should install it on the server where /domainprep was performed.

Forest preperation is not necessary if you install Exchange 2000 immediately in the domain where the schema master resides. Likewise, you can skip the domain preperation, but domain preperation will be required if you need to support users in domains where you do not plan to install an Exchange 2000 Server. The /domainprep mode creates a global security group named Exchange Domain Servers and a domain local group called Exchange Enterprise Servers. Exchange Domain Servers is then added as a member of the Exchange Enterprise Servers group, which grants appropriate rights to the RUS.

Front End / Back End Configurations

     Back End servers are ordinary Exchange 2000 servers hosting mailboxes and public folders. These servers are dedicated to handling the actual messaging databases, they are sometimes called information store servers. Front End servers are servers that proxy incoming client connections to the back end systems, which actually contain the users' mailboxes. You can configure a front end server by activating the This Is A Front-End Server checkbox in the server's properties within the Exchange System Manager, no further configuration is required.

     Configurations where numerous servers functioning as front end servers handling incoming client connections and fewer funtion as back end servers hosting the actual mailboxes are only interesting if you plan to support Internet-based client programs, such as IMAP4 clients or Outlook Web Access. In front end server configurations, the information store remains intact on the front end servers, yet Internet-based clients will not access this repository.

     In an FE/BE configuration, you have the option to enforce encrypted connections b/w front end servers and Internet-based client programs using SSL, whereas the servers themselves can communicate w/o encryption over the backbone, thus alleviating the SSL overhead.


Installation

     If possible, promote the computer you plan to install Exchange 2000 Server on to a domain controller. AD must be available (global catalog server), SMTP and NNTP must be running, admin performing the installation must have the appropriate permissions, and a certification authority must be available in the network if you want to install the Key Management Service. The folder \program files\exchsrvr\mdbdata\ must not exist on the partition you wish to install Exchange 2000. If the folder exists, rename or delete it.

You can rename the default names "First Administrative Group" and "First Routing Group", but you cannot change the name of your Exchange 2000 organization after the installation.

      When upgrading an NT40 PDC with 5.5 to Exchange 2000, you must first upgrade Windows NT to 2000, in which the AD will conflict with the 5.5 Exchange service for the ldap port 389. Change the port 5.5 uses before upgrading an NT server to 2000 w/SP1. Once you are ready to upgrade Exchange 5.5 to 2000 you must create an AD Connector which has the ldap port set to whatever you changed 5.5 to use. Verify that replication is working. You cannot change installation options when upgrading 5.5 to 2000, you can use add or remove components later. Any connectors not supported by Exchange 2000, such as the PROFS connector, will not be present after the upgrade.

     To create and use an unattended install script, run setup.exe /createunattend c:\setup.ini. The specified initialization file must not exist prior to launching setup in /createunattend mode. To create an encrypted unattended mode initialization file, specify /encryptedmode along with the /createunattend switch. To use an unattended initialization file, use the following command: setup.exe /unattendfile c:\setup.ini. For addition switch options, use /?.

     When installing the Exchange System Management Tools on a remote desktop, use RPCPing to determin if routers b/w you and the Exchange 2000 Server are filtering RPC communications. The Exchange System Mangement Tools come with a newer version of MAPI components that cause Outlook 2000 to display a warning message b/c of a version conflict with the MAPI core files (mapi32.dll). Outlook will attempt to replace the newer Exchange 2000 mapi32.dll with its older version, it is not advisable to install Outlook 2000 and the Exchage System Management Tools on the same workstation. For this reason why your test environment requries a dedicated workstation to test with Outlook 2000. To install the ESM Tools, use the Exchange 2000 CD and run setup.exe, under action in the Microsoft Exchange 2000 catagory, select custom.

     There is a registry setting that will allow you to change the Exchange System Manager so that it will display the security tab on all configuration objects. If this value is not set, the security tab is only available on Address List objects, mailbox and public stores, and top-level public folder heirarchies. The registry setting is a DWORD value "ShowSecurityPage" in HKCU\Software\Microsoft\Exchange\ExAdmin\. The value 1 shows the tabs, the value 0 does not.

     Exchange 2000 servers use the account name and password set on the administrative group object in the Exchange System snap-in when authenticated against Exchange Server 5.5 services. When communicating with other Exchange 2000 servers, the LocalSystem account is preferred.