Keeping an eye on Exchange 5.5
As any good network administrator knows, you should always keep tabs on your servers so that you know exactly how they are performing and you can spot problems in the making. In reality, though, most of the network administrators I know are too busy to constantly monitor their servers. Fortunately, tools built in to Exchange Server 5.5 will do some of the monitoring work for you. In this article, I'll discuss these tools. As I do, I'll show you some ways to use them most effectively.
Protecting confidential informationNormally, the personal information in the Active Directory is relatively well protected from change. Only the owner or a member of the Administrators group can make changes to the information. In some situations, you'll want to grant someone permission to view or change specific information. To perform such tasks, you'll need to use the Active Directory Users and Computers program. You can find this tool on the Start menu under Programs|Administrative Tools. When the program begins, follow these steps:
1. Select the Domain Controllers folder from the column on the left. Right-click on the folder and select Delegate Control from the resulting context menu. When you do, you'll see the Delegation of Control Wizard.
2. Click Next to begin the wizard. The next screen asks for the users or groups to which you want to apply your security changes. As with all security-related issues in Windows 2000, you should apply your changes on a group basis. Therefore, if you're setting up permissions to view or change information, you might go back and create a group with a name like ViewPersonalInfo or ChangePersonalInfo. When you've selected the group that you want to work with, click Next.
3. The next screen allows you to delegate some common tasks such as the ability to manage group policies or user accounts or the ability to reset passwords. As you can see in Figure 1, one of the choices on this screen is the option to Read All User Information. This option works fine if you only need to grant read access and you want the group to be able to see everything. However, in some situations you need a little more control. If this is the case, select the Create A Custom Task To Delegate radio button and click Next. When you do, you'll see a screen asking if you want to delegate control of This Folder or Only The Following Objects In The Folder. Select the Only The Following Objects radio button. When you do, the area below the radio buttons will become accessible. Select the User Objects check box, as shown in Figure 2, and click Next.Click to see Figure 1 Click to see Figure 2
You can access the Server Monitor directly from Exchange Administrator. To do so, navigate to organization|site|Monitors. Next, select the New Other|Server Monitor command from the File menu. When you do, you'll see a properties sheet with no name. The General tab on this properties sheet has a spot where you can fill in a directory name and a display name. The directory name is the name by which Exchange will recognize the new monitor internally; it can be up to 64 characters. The display name is the name of the new server monitor as it will appear through Exchange Administrator; it can be up to 256 characters.
Once you've filled in this information, you also need to specify the name and path of a log file the server monitor can use to record its activity. Finally, you must set the polling intervals, which specifies how often the server monitor checks the server. The default is 15 minutes for normal sites and 5 minutes for critical sites. You can see an example of this information in Figure 1.Click to see Figure 1
When you've completed the information on the General tab, select the Notification tab. The Notification tab allows you to set who should be notified when a problem occurs, along with the options of when and how they should be notified. To begin building a notification list, click New to open the New Notification dialog box. You have three choices: You can have Exchange launch a process, send a mail message, or use a Windows NT alert. Launching a process involves running a file that you've specified. For example, you might build a script to fax a message to the help desk. Sending an e-mail message is self-explanatory. Generating a Windows NT alert sends an alert message in a pop-up window to any machine you specify.
Whichever option you choose, the next screen asks you to fill in information corresponding to that option. For example, you might be asked for the name of the process to launch or for the name of the server to send the alert to. All these screens have one thing in common: a Test button. The Test button allows you to simulate a failure and generate an alert or mail message or launch a process with the click of a button. This way, you can make sure that what you've set up actually works, so you don't have to wait for a failure.
Next, look at the Servers tab. This tab allows you to select which Exchange servers you want to keep an eye on. Simply select the servers you want to monitor from the left column and click Add. If you want to work with servers that reside in a different site, you can use the Site dropdown list to select the desired site. Once you've selected to correct site, you may add its servers to the list of servers to be monitored.
Now that you know how to set up the basics, it's time for the good stuff. It's nice to be notified when a problem occurs, but wouldn't it be handy if Exchange could do something about the problem? That's where the Actions tab comes in. The Actions tab can be set to perform a function such as restarting the service or rebooting the system if a service fails. It's important to point out that the Server Monitor can keep an eye on all Exchange services except the System Attendant. The System Monitor depends on the System Attendant to function. Therefore, if the System Attendant fails, the Server Monitor will also fail. However, assuming the System Attendant is working, you can perform up to three different actions on a failed service. If you set the System Monitor to automatically restart the server, you can set a time delay and send a message to users who may be logged on, stating that the system is about to reboot. You can see an example of such a configuration in Figure 2.Click to see Figure 2
Obviously, if services fail at 3:00 AM, you probably won't be at the office to see a pop-up message indicating the condition of the server. This is why it's handy to set the server up to always send e-mail messages when a failure occurs. That way, if the Server Monitor restarts the server and everything works correctly, you'll never know there was a problem (unless you look at the event logs every morning). However, if an e-mail message is waiting for you in the morning, you'll know there was a problem and you can check into the condition of the server.
The final tab on the properties sheet is the Clock tab. The Clock tab can send you warnings or alerts if the clocks on two servers are off by more than a predetermined number of seconds. This tab also contains a check box that you can use to resynchronize the clocks. Synchronizing the clocks on servers may sound like no big deal--however, it the clocks are too far off, message delivery can fail as a result.
As I mentioned earlier, the Link Test can test all the links within your messaging system routes at periodic intervals to make sure they are functioning correctly. Link Test accomplishes this by sending a message ping from each server on the list to either another Exchange server in the organization, or to a foreign mail server outside your organization. You can specify the amount of time it should take the message to complete the round-trip journey. If the message takes longer to make the trip than the amount of time you've allowed, the Link Test can generate an alert.
Before we get started with discussing the configuration options within the Link Test, it's important to point out that unlike the Server Monitor, which depends on the System Attendant service, the Link Test requires all the Exchange services to be functional. This is the case because it relies on the ability to send and receive messages. As you may know, the sending and receiving of messages is performed by the Message Transfer Agent service. However, for the Message Transfer Agent to work, the System Attendant, Directory service, and Information Store service must all be running.
Configuring the Link Test is similar to configuring the Server Monitor. You can configure the Link Test through the Exchange Administrator by selecting File|New Other|Link Test. When you do, you'll see the Link Test's properties sheet. As with the Server Monitor, you can begin the configuration process by making sure the General tab is selected. Next, specify the Directory Name, Display Name, A Log File, and the normal and critical site polling intervals. If you have any questions on how these options function, check out the description in the "Server Monitor" section.
After you've entered the appropriate information onto the General tab, select the Notification tab. The Notification tab also works the same way it does in Server Monitor. You can notify someone by launching a process, sending an e-mail message, or by generating a Windows NT alert.
The Servers tab also works exactly as it does within the Server Monitor. Simply select the site you want to work with from the Site dropdown list. Next, select the servers you want to work with from the left column and click Add.
The real differences between the two utilities come into play on the Recipients tab, where you set up the actual link tests. These tests occur by sending a test message to a designated recipient and waiting for the recipient to respond to that message. Therefore, the recipient's mailbox should be configured to automatically reply to inbound messages. It doesn't matter what the reply message says--when the test message goes out, the recipient will reply to it. The Exchange Server that's running the Link Test will check the return message to make sure it is actually a reply to the original test message. If the returned message is a reply, it's assumed that the test is good. From the time the test message is sent, Exchange Server starts counting minutes. If the counter reaches a preset level and the server still hasn't received a reply, it's assumed that either the link or the remote mail server has failed, and an alert is generated.
Because of the way the Link Test works, the best way to test it is by specifying a recipient mailbox that doesn't exist. That way, you'll receive a non-delivery report when the ping message goes out. Had the mailbox existed, you'd never receive confirmation of the test's results unless it was a failure. By temporarily setting up the Link Test to test using a mailbox that doesn't exist, you can at least determine that Link Test is functional without having to wait for a server or a link to go down.
As you can see in Figure 3, the Recipients tab contains two sections. You can use the Message Subject Returned From section to set up your recipients if you're working in a pure Exchange environment. Within Exchange, when someone replies to a message, the subject line stays the same as it was on the original message. By using the Message Subject Returned From section, Exchange only looks at the subject line of the returned message to check the reply message. This saves time, because Link Test never has to open the message to look at the message's body.Click to see Figure 3
The section on the right can be used with foreign mail systems in which you're not exactly sure how the subject line will read. By using this section, the Link Test will open the return message and scan the body of the message for a copy of the original message it sent out.
The final tab within the Link Test is the Bounce tab. Here, you can determine how long a message should take to return. As you can see in Figure 4, the default values are to enter a warning state after 30 minutes and to generate an alert after an hour. However, these values may not be suitable for your system.Click to see Figure 4 For example, if you have a lower-budget mail system that has to dial up to an Internet service provider every half hour or so to send and receive messages, then obviously these values are way too low. On the other hand, if you want to test connectivity with a mail server in the same site that is physically located three feet away, then an hour with no messages flowing between the two servers would be way too long. A better value might be fifteen or twenty minutes. //
Brien M. Posey is an MCSE who works as a freelance writer and as the Director of Information Systems for a national chain of health care facilities. His past experience includes working as a network engineer for the Department of Defense. You can contact him via e-mail at Brien_Posey@xpressions.com. Because of the extremely high volume of e-mail that Brien receives, it's impossible for him to respond to every message, although he does read them all.