Microsoft® Exchange 2000 Server

Installation and Setup

Technical Paper

Published: January 2002

Updated: July 2002
Contents

Introduction......................................................................................................... 1
Planning .......................................................................................................... 1
Quick Start: Integrating with Exchange 5.5........................................................... 1
Quick Start: Installing a New Exchange 2000 Organization...................................... 3

Detailed Installation Information ............................................................................. 4

DNS and Name Resolution.................................................................................. 4
Remove Invalid Characters ................................................................................. 5
Set Permissions ................................................................................................ 6
Use the NTDSAtrb Utility .................................................................................... 6
Remove Unused Access Control Entries ................................................................ 7
Install Windows 2000 Service Pack 1 and Hotfixes ................................................. 7
Ensure that One Domain is in Native Mode............................................................ 8
Extend the Active Directory Schema .................................................................... 8
Wait for ADC Schema Extensions to Replicate ....................................................... 9
Install the First Instance of the ADC Service ....................................................... 10
Prepare the Forest........................................................................................... 10
Wait for Exchange 2000 Schema Extensions to Replicate ...................................... 12
Check DomainPrep Prerequisites ....................................................................... 12
Prepare Each Domain with DomainPrep .............................................................. 13
Wait for DomainPrep Replication ....................................................................... 14
Test DomainPrep Policy Replication.................................................................... 15
Create ADC Connection Agreements .................................................................. 15
Check That Connection Agreements Have Replicated ............................................ 16
Use NLTEST ................................................................................................... 17
Run Setup...................................................................................................... 18

Setup—What Really Happens................................................................................ 19

Unattended Installations ...................................................................................... 24

Troubleshooting Setup Failures ............................................................................. 24

Common Setup Problems..................................................................................... 28

Additional Resources ........................................................................................... 29

Microsoft Exchange 2000 Server
Installation and Setup
Technical Paper
Published: January 2002
Updated: July 2002

For the latest information, please see http://www.microsoft.com/exchange.

Introduction
This document provides technical information to help advanced Microsoft®
Exchange administrators and deployment experts get started with Microsoft
Exchange 2000 Server. Read the documentation and release notes on the
Exchange 2000 compact disc for step-by-step installation instructions. Then, read
this paper for more information about installation and the steps that the Setup
program performs during installation. This paper discusses scenarios that involve
new Exchange 2000 installations, in addition to scenarios that involve integrating
Exchange 2000 Server with Exchange Server version 5.5.

Planning

Careful planning is an essential preliminary step for successfully installing any

program. Therefore, although you can just run the Setup program to install
Exchange, your installation may be more successful if you take preliminary steps
to ensure that Exchange is compatible with programs currently running on your
server. If you disregard these preliminary steps, you might have to remove and
reinstall Exchange.

Quick Start: Integrating with Exchange 5.5

The steps to follow for an installation depend on whether Exchange Server 5.5 is
currently installed in your organization. If you want to integrate your new
Exchange 2000 servers into an existing organization, your installation planning
and execution must include the steps described in this section. Although you can
perform an in-place upgrade of your Exchange 5.5 server, it is best to first install
at least one Exchange 2000 server into the organization to ensure that the
Microsoft Active Directory® directory service is deployed properly.

Preparing Your Exchange 5.5 Organization

Before you install the first Exchange 2000 server, look closely at your existing
Exchange 5.5 deployment and make changes if necessary. Perform the following
tasks.

• Ensure that Microsoft DNS name resolution is working among

Exchange 5.5, Active Directory, and the proposed Exchange 2000 servers.
 • Remove invalid characters from the organization and site display names.

• Set permissions so that Exchange 2000 can be installed into the first site.

• Use the NTDSAtrb tool to identify multiple mailboxes that are mapped to
the same Microsoft Windows NT® account if your user domains are running
Windows NT Server version 4.0. Resolve duplicates by using
NTDSNoMatch in custom attribute 10.

• To remove unused permissions on mailboxes and public folders, run the

Directory Service/Information Store consistency adjuster on all servers .

Preparing Active Directory

To prepare Active Directory

1. Install Microsoft Windows® 2000 Service Pack 1 (SP1) and any hotfixes on all
domain controllers and global catalog servers.

2. Ensure that DNS is working correctly by using the NSLOOKUP tool.

3. Ensure that at least one domain in the forest is in native mode.

4. Extend the Active Directory schema with the Active Directory Connector (ADC)
schema extensions. At the command prompt, run Setup /Schemaonly

5. Wait for the schema extensions to replicate to the domain where the first
instance of the ADC service will be installed.

6. Install the first instance of the ADC service.

7. Extend the Active Directory schema with the Exchange 2000 schema
extensions. At the command prompt, run Setup /ForestPrep

8. Wait for all schema extensions to replicate to the entire forest.

9. Check DomainPrep prerequisites.

10. Prepare each Active Directory domain for Exchange 2000. At the command
prompt, run Setup /DomainPrep

11. Wait for replication of the DomainPrep data.

12. Test DomainPrep replication: connect to a domain controller with Active

Directory Users and Computers and search for the Microsoft Exchange
System Objects container.

13. Create a two-way recipient connection agreement between the Active

Directory domain and the first Exchange 5.5 site that will host an
Exchange 2000 server.

14. Create either one-way or two-way recipient connection agreements between

the Active Directory domain and the other Exchange 5.5 sites in the
organization.

15. Create public folder connection agreements between Active Directory and all
sites in the Exchange 5.5 organization.

16. Ensure that all connection agreements are replicated.

Microsoft Exchange 2000 Server Installation and Setup 2

Preparing and Installing the Exchange 2000 Server
After you complete the prerequisites, you can proceed to install the first
Exchange 2000 server in your organization.

To install the first Exchange 2000 server

1. Install Windows 2000 SP1.

2. Use NLTEST on the proposed Exchange 2000 server to ensure that Active
Directory and DNS are integrated correctly.

3. Run Setup to install the first Exchange 2000 server into the Exchange 5.5
site.

4. Verify the installation and check for errors.

5. Move users to the new server and install additional Exchange 2000 servers if
necessary.

Quick Start: Installing a New Exchange 2000 Organization

If you do not have an existing Exchange 5.5 organization, the process for
installing Exchange 2000 servers is simple.

Preparing Active Directory

Active Directory must be properly prepared to accept an Exchange 2000 server.

To prepare Active Directory

1. Install Windows 2000 SP1 and any hotfixes on all domain controllers and
global catalog servers.

2. Ensure that DNS is working correctly by using the NSLOOKUP tool.

3. Ensure that at least one domain in the forest is in native mode.

4. Extend the Active Directory schema with the Exchange 2000 schema
extensions. At the command prompt, run Setup /ForestPrep

5. Wait for all schema extensions to replicate around the entire forest.

6. Check DomainPrep prerequisites.

7. Prepare each Active Directory domain for Exchange 2000;at the command
prompt, run Setup /DomainPrep

8. Wait for replication of the DomainPrep data.

9. Test DomainPrep replication.

Preparing and Installing the Exchange 2000 Server

After you prepare Active Directory, you can install the first Exchange 2000 server
in the organization.

To install the first Exchange 2000 server

1. Install Windows 2000 SP1.

Microsoft Exchange 2000 Server Installation and Setup 3

2. To ensure that Active Directory and DNS are integrated correctly, on the
proposed Exchange 2000 server, use NLTEST.

3. On the proposed Exchange 2000 server, run the Exchange 2000 Setup.

4. Verify the installation and check for errors.

5. Create users on the new server and install additional Exchange 2000 servers if
necessary.

Detailed Installation Information

The Quick Start information in the previous section gives you an overview of the
steps you must perform to install Exchange 2000 successfully. The information in
this section provides you with details about the technical aspects and processes in
each of those steps. Because the steps that explain how to install a new
Exchange 2000 organization are a subset of the Quick Start section about
integrating Exchange 2000 with Exchange 5.5, this section covers only the steps
that pertain to Exchange 5.5 integration.

DNS and Name Resolution

Name resolution can be problematic in most personal computer-based networks.

In the past, differences in network basic input/output system (NetBIOS) name
resolution complicated the problem. You may not notice problems with DNS until
you try to run an application that relies on Active Directory, such as
Exchange 2000. Running Exchange Setup is a good test for both your Active
Directory configuration and your name resolution configuration. Exchange notifies
you if something is wrong with your configurations. If Setup returns an error
message that is unclear, check DNS to begin resolving the problem.

When you run the Setup /ForestPrep command, you are prompted to type the
name of an existing Exchange 5.5 server. Your computer must use DNS name
resolution to find that Exchange 5.5 server on the network. The Exchange 5.5
server must use DNS name resolution to locate the server from where you are
running ForestPrep. If DNS is configured incorrectly on the server running
ForestPrep, or if DNS is configured incorrectly on the Exchange 5.5 server, Setup
returns an error.

If you think that DNS is not working correctly, try the following:

• Examine the DNS database on the DNS server. Ensure that the domain
name appears and that the special underscore nodes are registered (for
instance _msdcs, _sites, and so forth). If the underscore nodes do not
appear to be in the database, check the TCP/IP stack on your domain
controllers to ensure that their DNS settings point to the correct DNS
server.

• Check the TCP/IP stack on each domain controller. The administrator may
have incorrectly typed the IP address of the DNS server, or typed the
wrong IP address. For example, the administrator may have a collection of
UNIX BIND DNS servers in your network. The administrator may have
mistakenly configured your IP stack to point at a UNIX DNS server rather

Microsoft Exchange 2000 Server Installation and Setup 4

 than Windows 2000 DNS. Check the advanced DNS settings to ensure that
the suffix search list is set correctly. An example is shown in Figure 1.

Figure 1 DNS configuration on the TCP/IP stack

Remove Invalid Characters

All objects in Exchange 5.5 have both directory (internal) and display (external)
names. The directory name is used to make up the distinguishing name of an
object (for example, /o=Microsoft/ou=Redmond), whereas the display name is
the name that is displayed in the Exchange Administrator program. You cannot
change the internal directory name of an object after its creation, but you can
change the display name of an object at any time.

Exchange 2000 places strict limitations on the common name values of objects
stored in Active Directory. Therefore, you may need to rename either your
existing Exchange 5.5 organization or your sites. The following characters are
acceptable to use for creating equivalent Exchange 2000 names:

• A–Z

• a–z

Microsoft Exchange 2000 Server Installation and Setup 5

 • 0–9

• dash/hyphen

• space

Important If your existing organization or site names contain

parenthesis or brackets in them, you must change the display names of
these objects before you can install the first Exchange 2000 server. If
you do not change the display names of these objects before you run the
Setup /ForestPrep command, an error occurs. Although you cannot
change directory (internal) object names, you can change display names
with the Exchange 5.5 Administrator program. The directory names for
these objects are stored in the legacyExchangeDN attribute of the
equivalent object in Active Directory.

Set Permissions

The account you use to run the Setup /ForestPrep command must have
permission to read data from the existing Exchange 5.5 organization.

Use the NTDSAtrb Utility

Exchange 5.5 administrators often create resource mailboxes and map them to a
single primary Windows NT 4.0 account. Although this configuration is valid for
Exchange 5.5, Exchange 2000 and Active Directory require that each mailbox
have its own logon account.

If you do not research and fix these duplicate account mappings, the ADC may
perform incorrect object matching. For example:

The following Exchange 5.5 mailboxes are mapped to the Active Directory account
Jeff Smith:

• Jeff Smith

• Conference Room 1

• Conference Room 2 (Video)

ADC matches Jeff’s mailbox to the Active Directory account (and uploads attribute
information such as his telephone number). However, because more than one
mailbox is mapped to the Active Directory account, ADC cannot determine which
mailbox holds Jeff’s personal e-mail messages. In this scenario, ADC takes the
first mailbox in the alphabetical list and matches it (in this case, to Conference
Room 1). ADC then generates Application Log errors for the other mailboxes.

Important If a situation occurs in which ADC matches the wrong

accounts, you must remove the msExchADCGlobalNames attribute
from the Active Directory account by using a tool such as LDP, and you
must remove the ADC-Global-Names attribute from the Exchange 5.5
mailbox by using the Exchange 5.5 Administrator program in raw mode.
To get to raw mode, use the ADMIN /R command.

The easiest way to determine which accounts are mapped to multiple mailboxes is
to run the NTDSAtrb tool. Depending on the size of your Exchange organization,

Microsoft Exchange 2000 Server Installation and Setup 6

the NTDSAtrb tool may run for several hours. After you run NTDSAtrb, it
produces an output file that lists all multiple mailbox mappings. Go through the
output file, and, for each resource mailbox, add the NTDSNoMatch string to
custom attribute 10 of the object in Exchange 5.5. When ADC attempts to
replicate the mailbox to Active Directory, this string notifies ADC not to continue
with the process of matching the account with an existing account—even if a good
mapping is possible. Instead, ADC creates a new Active Directory object for the
resource mailbox. The type of object created depends on how you configure the
ADC connection agreement. By default, a disabled Windows user account is
created. If you prefer, you can configure ADC to create a contact object instead
by using the alternate string of NTDSContact in custom attribute 10.

Note If your organization already uses custom attribute 10, you can
adjust the ADC schema map to use another directory attribute.

Remove Unused Access Control Entries

Before you install the first Exchange 2000 server, you must remove unused
access control entries (ACEs) from your Exchange 5.5 public folders. Unused
entries exist when an object, such as a mailbox, retains permissions on a public
folder resource even after that resource is deleted. The ACE on the public folder is
not removed. In a native Exchange 5.5 environment, the unused entries do not
cause problems; however, when the public folder hierarchy replicates to
Exchange 2000, the Store.exe process attempts to convert all ACEs into Active
Directory security principals (SIDs). Because the unused entries are not present
within Active Directory, the ACEs cannot be converted, which means that the
access control list (ACL) is not converted. The result is that users are unable to
access public folder resources.

You can remove unused entries by running the Directory Service/Information

Store consistency adjuster from the Exchange 5.5 Administrator program. It’s
important that you select to remove only the unknown permissions from
mailboxes and public folders. Selecting the other options in the consistency
adjuster can cause undesirable effects, such as the re-homing or ownership
change of public folders.

Install Windows 2000 Service Pack 1 and Hotfixes

Although Exchange 2000 Setup is hard-coded to check for SP1 on the local
computer, Setup does not physically check the domain controllers in your
environment to determine whether they are running the latest service pack. You
must have a good process in place to ensure that your servers are up-to-date. If
some of the domain controllers are not running the most recent service pack, a
number of problems can arise, including intermittent non-delivery reports (NDRs)
for messages sent as well as other serious performance problems.

Currently, the recommended fixes for all servers (Exchange 2000, ADC,
conferencing, domain controllers, global catalogs) are as follows:

• Windows 2000 SP1

• Windows 2000 Post-SP1 hotfix Q271976, “Hotfix Rollup Package Corrects

Problems Described in Q257357 and Q271907”

Microsoft Exchange 2000 Server Installation and Setup 7

Ensure that One Domain is in Native Mode

If your Exchange 2000 organization must coexist with Exchange 5.5, at least one
of your Active Directory domains must be in native mode, so that Exchange 5.5
distribution lists can be mapped to universal distribution groups and universal
security groups in Active Directory. You configure ADC to replicate distribution list
objects to this native-mode domain. ADC is hard-coded to create universal
distribution groups, but the Exchange Store.exe process converts these to
universal security groups on an as-needed basis.

Important Universal security groups can exist only in native-mode

domains. If these objects exist in a mixed-mode domain, the conversion
fails, an error is logged, and your public folder permissions fail.

If you already have a native-mode domain in your forest, you can use it. If all
your domains are in mixed mode, you must switch at least one of them to native
mode, or you must create a new native-mode domain.

In most enterprise organizations, the root domain typically consists of

Windows 2000 servers only, and therefore, is a prime candidate for native mode.
However, most companies reserve the root domain for system objects only.

Extend the Active Directory Schema

ADC includes a set of schema extensions that you must install before the ADC
service can operate. Either you can let the first ADC installation make these
schema changes automatically, or for security reasons, you can make these
changes manually by installing these extensions with the Setup /SchemaOnly
command-prompt switch. When you run this switch, the 10 schema extension
files (ADCSchema0.ldf through ADCSchema9.ldf) are imported into Active
Directory. You may find that the Active Directory schema operations master
becomes too busy to respond to other requests during the schema update
process.

The ADC schema extensions are a subset of the full Exchange 2000 schema
extensions; however, you must install the ADC extensions before you can install
the Exchange 2000 schema extensions, and thus join an Exchange 2000 server to
an existing Exchange 5.5 organization. To gain a full understanding of the
attributes and changes that occur during the ADC schema update process, you
can read the .ldf files on the Exchange 2000 compact disc. As a quick reference,
Table 1 provides a summary of the changes the ADC schema extensions make to
Active Directory.

Table 1 Number of changes the ADC schema extensions make to Active

Directory
File New attributes New classes Partial Total changes
attribute
changes
ADCSchema0.ldf 41 0 10 41
ADCSchema1.ldf 41 0 14 41
ADCSchema2.ldf 41 0 9 41
ADCSchema3.ldf 4 5 10 41
ADCSchema4.ldf 6 0 13 41

Microsoft Exchange 2000 Server Installation and Setup 8

 File New attributes New classes Partial Total changes
attribute
changes
ADCSchema5.ldf 6 1 8 41
ADCSchema6.ldf 28 0 31 41
ADCSchema7.ldf 6 0 35 41
ADCSchema8.ldf 0 0 4 41
ADCSchema9.ldf 6 3 0 39
Total changes 179 9 134 408

Because the partial attribute set changes during the ADC schema update process,
all global catalog servers in the forest go through a rebuild cycle. This means that
they re-replicate partial domain naming contexts. Although this process has no
effect on users, it can cause additional network overhead; therefore, it is
recommended that the implementation take place during a period of low use.
Figure 2 shows a typical event log message when re-replication is about to occur.

Figure 2 Event Properties dialog box

The Exchange 2000 schema extensions (made through ForestPrep) also change
the partial attribute set. To conserve bandwidth on your network, consider
running Exchange 2000 Setup with the /ForestPrep switch immediately after
installing ADC.

Wait for ADC Schema Extensions to Replicate

You must now rely on Active Directory replication to replicate your schema
changes to all domain controllers. Depending on the size of your installation, this

Microsoft Exchange 2000 Server Installation and Setup 9

process can take anywhere from five minutes to several hours. You can use tools
such as ReplMon from the Windows 2000 Support Tools compact disc to check
Active Directory replication. If you want to manually check a specific domain
controller to see if the ADC schema extensions have been replicated to it, use the
LDP tool and attempt to view the following object:
cn=ms-Exch-Schema-Version-
ADC,cn=schema,cn=configuration,dc=<your-domain-here>

If you receive an object not found error, the schema extensions have not yet
replicated. If you are able to bind to the object, look at its rangeUpper attribute.
If it is set to 4197, the schema has fully replicated. The last change in the
ADCSchema9.ldf file is the importing of this attribute:
dn: CN=ms-Exch-Schema-Version-Adc,<SchemaContainerDN>
changetype: modify
replace: rangeUpper
rangeUpper: 4197

Install the First Instance of the ADC Service

After the ADC schema extensions are replicated, install the first Active Directory
Connector (ADC). ADC replicates directory information (such as users, mailboxes,
and groups) between the Exchange 5.5 directory and Active Directory.
Administrators must define the connection agreements that the ADC service uses.
These connection agreements name the servers involved in replication, the
direction in which to replicate, the objects to replicate, and the schedule for data
replication.

ADC uses Lightweight Directory Access Protocol (LDAP) to contact both

Exchange 5.5 and Active Directory. LDAP works efficiently over all types of
network links: fast, slow, and highly latent. For greatest efficiency, place the
computer running ADC physically close to the servers involved in the connection
agreement. Depending on the amount of information to replicate, a significant
amount of data is sent over the network. If you have the option, it is best to
place the ADC close to the Exchange 5.5 server. In a two-way connection
agreement, ADC usually generates more data to the Exchange server than to the
Active Directory server.

Prepare the Forest

In large enterprises, the person installing Exchange may not have full permissions
to Active Directory. Running Exchange 2000 Setup with the /ForestPrep switch
allows Active Directory schema administrators to prepare the forest for an
Exchange 2000 installation. As such, the person running ForestPrep must have
both schema and enterprise admin permissions.

ForestPrep performs the following tasks:

• Creates an Exchange organization object in Active Directory
• Sets base permissions for the first Exchange administrator account
• Extends the Active Directory schema with Exchange 2000 schema
extensions

Microsoft Exchange 2000 Server Installation and Setup 10

When you run ForestPrep, you can either create a new Exchange 2000
organization or join an existing Exchange 5.5 organization. Make your selection
carefully. If you choose to install a new organization, you can never join an
Exchange 5.5 server to the deployment. If you choose to join an existing
organization, you are prompted for the name of an existing Exchange 5.5 server.
It is important that you understand the result of the server name that you type at
this stage. Exchange 2000 Setup connects to the nominated Exchange 5.5 server
and reads its configuration data (organization, site names, and so forth), and
copies this information to Active Directory. If your Exchange 5.5 deployment
consists of multiple sites, the Exchange 5.5 site name is copied to Active
Directory as the first administrative group. The first Exchange 2000 server you
install must join the first administrative group. You must also know the service
account details for the existing Exchange 5.5 site. Although Exchange 2000
services start as the built-in computer account (also called the LocalSystem
account), the message transfer agent (MTA) and Site Replication Service (SRS)
processes must use the service account name and password as an override when
binding to the MTA and directory services processes on existing Exchange 5.5
servers in the site.

Next, ForestPrep prompts you to select the first Exchange administrator account
(Figure 3). This account can be a user account, but it is better to choose a group.
The object that you nominate here has full organization-wide permissions to
Exchange. You must log on with this account to install the first Exchange 2000
server in the organization.

Figure 3 The Exchange 2000 Administrator Account page of the Microsoft

Exchange 2000 Installation Wizard

After ForestPrep collects the data that it requires, it extends Active Directory with
the Exchange 2000-specific schema extensions. This process takes between 20

Microsoft Exchange 2000 Server Installation and Setup 11

minutes and 2 hours, depending on how busy the schema operations master is.
Table 2 provides a summary of the schema changes that ForestPrep makes.

Table 2 Number of schema changes made when ForestPrep runs

File New attributes New classes Partial Total changes
attributes
changes
Schema0.ldf 133 5 46 205
Schema1.ldf 51 4 77 205
Schema2.ldf 205 0 0 205
Schema3.ldf 205 0 1 205
Schema4.ldf 96 101 0 205
Schema5.ldf 14 19 0 205
Schema6.ldf 93 25 0 205
Schema7.ldf 0 0 0 205
Schema8.ldf 46 3 0 205
Schema9.ldf 12 1 3 199
Total 855 158 127 2,044

Wait for Exchange 2000 Schema Extensions to Replicate

At this point, Active Directory replication sends the schema changes to all domain
controllers. Depending on the size of your installation, this takes from five
minutes to several hours. You can use tools such as ReplMon from the
Windows 2000 Support Tools compact disc to check Active Directory replication.
However, if you want to manually check a specific domain controller to see if the
Exchange 2000 schema extensions have been replicated to it, use the LDP tool
and attempt to view the following object:
cn=ms-Exch-Schema-Version-
Pt,cn=schema,cn=configuration,dc=<your-domain-here>

If you receive an object not found error, the schema extensions have not yet
replicated. If you are able to bind to the object, look at its rangeUpper attribute.
If this attribute is set to 4397, the schema has fully replicated, because the last
change in the Schema9.ldf file is the importing of this attribute:
dn: CN=ms-Exch-Schema-Version-Pt,<SchemaContainerDN>
changetype: modify
replace: rangeUpper
rangeUpper: 4397

Check DomainPrep Prerequisites

Running Exchange 2000 Setup with the DomainPrep switch prepares an Active
Directory domain for Exchange 2000 servers and users. An important DomainPrep
task is to change the domain controller security policy so that all Exchange
servers can manage the auditing and security log. Figure 4 shows the Domain
Controller Security Policy after DomainPrep has been run. Note that the
Enterprise Exchange Servers group has been given permissions to the auditing
and security log.

Microsoft Exchange 2000 Server Installation and Setup 12

Figure 4 Exchange gains permissions to the auditing and security log

Because DomainPrep changes a policy, it is critical that all domain controllers

within the domain are running properly. You might encounter instances in which a
domain controller does not receive a policy change if it’s not running or if
Windows NT File Replication service (FRS) is functioning incorrectly. In these
instances, the databases fail to mount if one of your Exchange 2000 servers
selects this domain controller for its configuration domain controller role.

During the DomainPrep process, the local computer attempts to communicate

with the Active Directory schema operations master role.

Note The name lookup for the schema master is performed using the
short name of the server rather than the fully qualified domain name
(FQDN).

Prepare Each Domain with DomainPrep

To run DomainPrep, you must log on as a Domain Administrator. You must run
DomainPrep in each domain that hosts either Exchange 2000 servers or
Exchange 2000 users. The DomainPrep process runs quickly, and it performs a
number of critical tasks:
• Creates the special Exchange Domain Servers global security group in the
Users container.
• Creates the special Exchange Enterprise Servers local security group in the
Users container.
• Places the Exchange Domain Servers group into the Exchange Enterprise
Servers group.
• Grants various permissions for the Exchange Enterprise Servers group to
the domain object.

Microsoft Exchange 2000 Server Installation and Setup 13

 • Stamps permissions for the Exchange Enterprise Servers group on the
AdminSDHolder object.
• Creates the Microsoft Exchange System Objects container underneath the
domain node.
The special group objects that DomainPrep creates provide the basis for
permissions in Exchange 2000. For example, if an administrator creates a new
user with a mailbox, the Recipient Update Service must modify various attributes
on the account (such as e-mail addresses) so that the user can log on. The
Recipient Update Service runs in the context of the System Attendant, which in
turn, runs under the security context of the local computer account; therefore,
the computer account must have permissions over user objects in the domain to
make the necessary changes.

As you install new Exchange 2000 servers, Setup adds the computer account to
the local Exchange Domain Servers group. In turn, this group is a member of the
Exchange Enterprise Servers group, which has permissions to both the domain
naming context and configuration data. In environments with multiple domains,
the Recipient Update Service enforces that each Exchange Enterprise Servers
group contains membership of all other Exchange Domain Servers groups from
each domain that has been prepared with DomainPrep.

Note It is critical that you do not rename or move the special groups
because Exchange 2000 relies on both their original names and location of the
Users container.

Active Directory blocks the inheritance of permissions to all Domain Administrator

accounts. Because the Recipient Update Service must process all accounts in the
domain, the DomainPrep function grants the Exchange Enterprise Servers group
full read and write permissions on the AdminSDHolder system object. This
allows the Recipient Update Service to make changes to Domain Administrator
objects directly without relying on inheritance.

Finally, DomainPrep creates the Microsoft Exchange System Objects container

used to hold public folder proxy objects. As you create new mail-enabled public
folders in Exchange 2000, proxy objects are created in this container. Public
folder connection agreements in the ADC also create proxy objects for public
folders in this container. Proxy objects allow users to send e-mail messages to
public folders in Exchange 5.5 and Exchange 2000.

Wait for DomainPrep Replication

Depending on the configuration of your Active Directory site, the time required for
domain changes to replicate to all domain controllers can vary. You can use tools
such as ReplMon to verify replication within the domain. If you want to test
DomainPrep replication to a specific domain controller, you can use a tool such as
LDP to query the domain naming context replica. Enumerate the Microsoft
Exchange System Objects container and inspect its objectVersion attribute. This
attribute must be set to 4406. If this attribute is correctly set, DomainPrep
replication has occurred on the domain controller to which you are bound.

Microsoft Exchange 2000 Server Installation and Setup 14

Test DomainPrep Policy Replication

After you verify that the Active Directory data created by DomainPrep has
replicated completely throughout the domain, you must check to ensure that the
domain controller security policy has also replicated. As mentioned earlier, the
Exchange databases fail to mount if the security policy is incorrect.

You can use the Policytest.exe tool from the Exchange 2000 compact disc to
determine whether the policy has replicated. Run Policytest.exe in the domain
and inspect the results. All domain controllers should report SeSecurityPrivilege.
If the policy has not replicated properly, numeric error codes are returned. The
following is an example of a policy test report:
===============================================
Local domain is “extest.microsoft.com"
Account is “RED\Exchange Enterprise Servers"
========================
DC = “EURO-DOG"
In site = “TVP"
Right found: "SeSecurityPrivilege"
========================
DC = “RED43-DOG"
In site = "(null)"
!! LsaOpenPolicy returned error 5 !!
========================
DC = “AFRICA-DOG"
In site = “JOBURG"
!! LsaOpenPolicy returned error 1722 !!To interpret the error codes
that are returned, use the Err.exe tool, which can be found in the Exchange 2000
Resource Kit. For example, error 1722 means RPC_S_SERVER_UNAVAILABLE;
that is, the domain controller is down.

If you find one or more domain controllers not reporting SeSecurityPrivilege, wait
a few hours and run the policy test again. If you find that even after waiting, one
or two domain controllers are still reporting problems, the Windows NT File
Replication service (FRS) might not be working properly. If this is the case, check
the event log for errors. If you want to intervene manually, use the Secedit tool
from the Windows 2000 Support Tools compact disc to enforce the policy on a
particular domain controller.

Create ADC Connection Agreements

It is extremely important that you create connection agreements to the

Exchange 5.5 network (if you have one) before installing the first Exchange 2000
server. Failing to create these agreements may cause problems with the
Exchange 2000 public folder hierarchy. It is recommended that you create the
following connection agreements before installing the first Exchange 2000 server:

• Two-way recipient connection agreement between the first Exchange 5.5 site
that accommodates an Exchange 2000 server and the Active Directory
domains in which the user accounts for those Exchange 5.5 mailboxes are
held.

Microsoft Exchange 2000 Server Installation and Setup 15

• Two-way recipient connection agreement to replicate Exchange 5.5
distribution lists to a native-mode Active Directory domain. You can couple
this connection agreement with the first connection agreement if necessary.

• At least a one-way recipient connection agreement to replicate all mailboxes in

all Exchange 5.5 sites in the organization to Active Directory. If you prefer, a
one-way connection agreement from Exchange can read information from
multiple Exchange sites. As an alternative, you may want to create a two-way
connection agreement from each Exchange site to Active Directory to save
work later on in your deployment.

• Two-way public folder connection agreements between the first Exchange 5.5
site that accommodates an Exchange 2000 server and the Active Directory
domains in which the Exchange 2000 server is installed. A public folder
connection agreement replicates public folder directory proxy objects into
Active Directory so that users and applications can send e-mail messages to
public folders.

The number of connection agreements that a single computer running ADC can
manage depends on the speed of the computer and the amount of memory
available. Each connection agreement (recipient connection agreement, public
folder connection agreement, or configuration connection agreement) spawns a
thread while processing. By default, each thread is allocated a minimum of 1 MB
of memory. To keep your ADC running efficiently, plan to run no more than 100
connection agreements on a single computer.

Check That Connection Agreements Have Replicated

If you set the schedule on your connection agreements to Always, you’ll notice
that replication occurs almost immediately. You can verify this by performing any
of the following tasks:

• Looking at the CPU time for the ADC.exe process in Task Manager.

• Examining the MSADC performance monitor counters.

• Inspecting the directory objects with Active Directory Users and

Computers.

Rich directory information in the Exchange 5.5 directory is uploaded to the same
objects in Active Directory. If it appears that the objects are not replicating, right-
click the connection agreement, and then select Replicate Now. Additionally, if
you have many domain controllers within your environment, you may have to
wait for some time for Active Directory replication to complete.

Important Before you install your first Exchange 2000 server into the
Exchange 5.5 organization, ensure that all recipient connection
agreements are fully replicated. It might not be possible to deploy all of
the connection agreements before installing the first Exchange 2000
server because of timing, security, or political concerns. In that case,
you may need to remove the Public Folder database from the
Exchange 2000 server after installation to ensure that Exchange 2000
users see a complete public folder hierarchy when they log on.

Microsoft Exchange 2000 Server Installation and Setup 16

Use NLTEST

Exchange 2000 Setup makes rigorous checks on Active Directory to ensure that it
is configured correctly. Regardless of how long Active Directory has been installed
and running without a problem, Setup fails if Active Directory is configured
incorrectly.

The first set of checks that Setup performs is to query Active Directory through
the directory service locator service to confirm that the local server is located in a
valid Active Directory site. One of the most common configuration errors is one in
which the Active Directory administrator changes the name of the first site
without defining the subnets for the site.

You can avoid this type of Setup failure by using the NLTEST utility from the
Windows 2000 Support Tools compact disc. NLTEST uses the same Win32®
application programming interface (API) calls as Exchange 2000 Setup. Therefore,
if you receive an error message while running NLTEST, you know that you will
receive an error message when you run Exchange Setup. For the first check, at
the command prompt, run NLTEST with the /DSGETSITE switch. If the server
can locate its own Active Directory site name, it returns a simple string of text
similar to the following example.

Example
C:\>nltest /dsgetsite
Default-First-Site-Name
The command completed successfully

If you see an error message instead, look closely at your site and subnet
definitions. You must resolve this issue before you install the Exchange 2000
server.

At this point, perform some more extensive tests to ensure that you can read
information about your local domain and the forest root. To do this, use NLTEST
with the /DSGETDC:your-domain-here switch:

Example
C:\>nltest /dsgetdc:xg
DC: \\DC-007
Address: \\157.58.36.242
Dom Guid: ef453e9b-fc67-4dbc-8fb2-4f84404a7770
Dom Name: XG
Forest Name: xg.exchange.microsoft.com
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_FOREST
CLOSE_SITE
The command completed successfully

The meaning of some of the information is obvious. The Flags section shows
which services the local domain controller is running. If your Exchange 2000
server is a domain controller, the DSGETDC switch likely returns data about the
local computer. If your Exchange 2000 server is a member of the domain,
NLTEST uses the DSGetDCName Win32 API call to find the closest domain
controller.

Microsoft Exchange 2000 Server Installation and Setup 17

Finally, the last command-line switch that you may want to use with NLTEST is
/DCLIST: your-domain-here. This switch provides a complete list of domain
controllers for the domain name that you specify. You can also see the primary
domain controller (PDC) emulator for the domain.

Example
C:\>nltest /dclist:xg
Get list of DCs in domain 'xg' from '\\DC-007'.
DC-007.xg.exchange.microsoft.com [PDC] [DS] Site: Default-
First-Site-Name
The command completed successfully

If the results from using NLTEST include no errors, Active Directory and DNS are
probably configured correctly in your environment.

Run Setup

After you complete your preparation and planning, you’re ready to install the first
Exchange 2000 server. However, no matter how much you prepare and plan, you
still might miss some simple preliminary steps. The most common mistake is
forgetting to install the Network News Transfer Protocol (NNTP) component from
Windows 2000. Exchange 2000 builds on top of the base NNTP and Simple Mail
Transfer Protocol (SMTP) stacks that are provided with the operating system.

If you have already run ForestPrep and DomainPrep, Setup will not prompt you
for information necessary to prepare Active Directory, but will prompt you to
select components for installation. If you haven’t run ForestPrep and DomainPrep,
and the account your logged on to has the correct level of permissions to Active
Directory, the tasks to prepare Active Directory take place as part of Setup.

Use Command-Prompt Switches with Setup

You can set various command-prompt switches to run with Exchange 2000 Setup.
Table 3 lists these switches and their functions.

Table 3 Exchange 2000 Setup command-prompt switches

Switch Function
/? Shows all command-line switches for Setup.exe.
/DisasterRecovery Recovers missing files, registry keys, and deleted folders—if there is a
valid backup of the data.
/ForestPrep Extends the Active Directory schema and prepares the forest for
Exchange 2000.
/DomainPrep Prepares the domain for Exchange 2000.
/CreateUnattend Creates an unattended installation file named <filename>.ini. This file
<filename>.ini can be used as a basis for installing other servers in an unattended
fashion.
/UnattendFile Runs in unattended mode with settings in <filename>.ini
<filename>.ini
/ShowUI Displays the user interface (UI); use in conjunction with the /unattendfile
switch to show the UI even though you are running off of an unattended
installation file.
/NoEventLog Turns off event logging.
/NoErrorLog Turns off error logging.
/All Marks all components for installation, upgrade, or reinstallation.

Microsoft Exchange 2000 Server Installation and Setup 18

Exchange 2000 Setup Stages
Exchange 2000 Setup has four major stages:

1. Administrator Select components to install.

2. System Close down all dependant services; for example, WinMgmt, SMTP,
NNTP, License Logging, and so forth.

3. System Copy the binary files to the selected directory, modify the registry,
and create the services.

4. System Tidy up and start all Exchange 2000 services.

Stages 1, 2, and 4 usually take less then a minute to complete. The majority of
the time is spent copying the binary files (stage 3). Allow about 30 minutes for
this stage.

If Setup encounters an open file, it generates an error message during the

installation process, usually providing the options Retry, Continue, or Cancel.
Suppose you have the Microsoft Outlook® messaging and collaboration client
installed on the Exchange server and Outlook is open during Exchange 2000
Setup. This causes contention for the MAPI provider files (for example,
Emsmdb32.dll, Emsabp32.dll, and so forth). If this is the case, close down the
offending application and click Retry. (In all other cases, click Continue.)
Clicking Retry, renames the offending file and copies over the new file.

Normally, you do not have to restart the server after installation. However, if the
installation process encountered problems with file contention (whether it
prompted you or not), you are prompted to restart when the installation process
completes so that all temporary files can be removed.

Setup—What Really Happens

If you are interested in reading about the installation process in greater detail,
the Setup progress log provides low-level, raw data regarding each action
performed. However, if you’re looking for more high-level information, this
section may be of help. The actual path of Setup is dictated by the specific
installation scenario. The following example describes the installation of an
Exchange 2000 server into an existing Exchange 5.5 organization. ForestPrep and
DomainPrep have already been run.

Setup.exe Initialization
Setup performs the following steps during initialization:
1. Determines whether the local computer is a member of a domain.
2. Binds to a local domain controller and checks for Exchange 2000 schema
extensions in Active Directory.
3. Looks for services on the local computer (such as Certificate Server).
4. Checks logged on user permissions (Domain Administrator’s permissions,
permissions to create objects, and so forth).

Microsoft Exchange 2000 Server Installation and Setup 19

 5. Initializes individual components for the installation.
6. Binds to a local domain controller, and determines whether DomainPrep
has been run in the domain.
7. Looks for an existing Exchange organization in Active Directory. If an
Exchange organization exists, Setup reads the configuration and
determines if existing servers (Exchange 2000 or Exchange 5.5) are
already installed in that organization.
8. If the existence of an Exchange 5.5 server in the organization is detected
and the installation site contains only Exchange 5.5 servers, prompts the
user for the name of an existing Exchange 5.5 server to use.
9. Binds to the Exchange 5.5 server using Directory API (DAPI) to work out
its LDAP port number, organization, and site names, and whether the
server is running Service Pack 3.
10. Verifies that the user has permissions to the Exchange 5.5 organization
and, if so, reads the name of the site service account.
11. Reports Setup configuration information (paths, domain controllers,
organization name, site name, and so forth) to the progress log and
displays the main component installation page.

Component Selection and Installation

After you select the components you want to install, Setup performs the following
steps.
1. Initializes the appropriate individual components to ensure that the
selections can be honored.
2. Stops dependant services (w3svc, smtpsvc, nntpsvc).
3. Stops existing Exchange 2000 services.
4. Stops other dependant services (IISAdmin, IsmServ, LicenseService).
5. Cross-matches component selections against installation of individual
components and prepares for the file copy process.
6. Copies files to the installation directory.
7. Adds the local computer account to the Exchange Domain Servers group.
8. Determines whether Site Replication Service (SRS) must be enabled. If so,
Setup creates a configuration connection agreement between Active
Directory and an existing Exchange 5.5 server.
9. Creates objects for the Exchange 2000 server in the Organization node of
Active Directory.
10. Removes existing Exchange 2000 registry keys and directories that are the
result of failed installations.
11. Removes existing Exchange 2000 information from the Internet
Information Services (IIS) metabase.

Microsoft Exchange 2000 Server Installation and Setup 20

 12. Deletes existing registry keys and creates new registry keys for System
Attendant.
13. Creates the Microsoft Exchange System Attendant service
(MSExchangeSA).
14. Creates entries for System Attendant within the IIS metabase and Active
Directory.
15. Sets the server to host address lists.
16. Copies the site service account details from an existing Exchange 5.5
server and stamps them on the Admin Group object in Active Directory.
17. Creates the JET (ESE) database component.
18. Deletes existing registry keys and creates new registry keys for the MTA.
19. Creates the Microsoft Exchange Message Transfer Agent service
(MSExchangeMTA).
20. Creates entries for the MTA in the IIS metabase and Active Directory.
21. Deletes existing registry keys and creates new registry keys for the IFS
service.
22. Creates the Exchange Installable File System (ExIFS).
23. Creates entries for ExIFS in the IIS metabase and Active Directory.
24. Deletes existing registry keys and creates new registry keys for the
Information Store service.
25. Creates the Microsoft Search Application.
26. Selects the Site Folder server.
27. Creates the Information Store service (MSExchangeIS).
28. Creates entries for the Information Store in the IIS metabase and Active
Directory.
29. Configures MS Search Application.
30. Deletes existing registry keys and creates new registry keys for the Site
Replication Service (SRS).
31. Creates the Microsoft Exchange Site Replication Service.
32. Determines whether the SRS must be enabled.
33. Stamps the Exchange 5.5 site service account details on the SRS object.
34. Changes the activation schedule for the configuration connection
agreement.
35. Installs and initializes the SRS database (copies Srstempl.edb to Srs.edb).
36. Chooses an Exchange 5.5 server to replicate from and initiates the first
replication.
37. Stops SRS, stamps new attributes, and starts SRS (this occurs three
times).

Microsoft Exchange 2000 Server Installation and Setup 21

 38. Retargets the configuration connection agreement from Exchange 5.5
server to the local SRS.
39. Deletes existing registry keys and creates new registry keys for OLE DB.
40. Creates entries for OLE DB in the IIS metabase and Active Directory.
41. Deletes existing registry keys for the Internet Message Access Protocol
version 4rev1 (IMAP4) service.
42. Creates the IMAP4 service.
43. Creates registry keys for IMAP4.
44. Creates entries for IMAP4 in the IIS metabase and Active Directory.
45. Deletes existing registry keys for the Post Office Protocol version 3 (POP3)
service.
46. Creates the POP3 service.
47. Creates registry keys for POP3.
48. Creates entries for POP3 in the IIS metabase and Active Directory.
49. Deletes existing registry keys and creates new registry keys for the Base
Distributed Authoring and Versioning (DAV) service.
50. Creates entries for the Base DAV service in the IIS metabase and Active
Directory.
51. Deletes existing registry keys and creates new registry keys for the NNTP
service.
52. Creates entries for NNTP in the IIS metabase and Active Directory.
53. Deletes existing registry keys and creates new registry keys for the SMTP
service.
54. Registers Exchange 2000-specific SMTP libraries (Msgtrack.dll, Phatq.dll,
Turflist.dll, Regsinks.dll).
55. Creates entries for SMTP in the IIS metabase and Active Directory.
56. Deletes existing registry keys for the routing service.
57. Creates the Microsoft Exchange Routing service.
58. Creates registry keys for the routing service.
59. Creates entries for the routing service in the IIS metabase and Active
Directory.
60. Deletes existing registry keys and creates new registry keys for the
Service Atom.
61. Stops the IISADMIN service.
62. Creates entries for the Service Atom in the IIS metabase and Active
Directory.
63. Deletes existing registry keys and creates new registry keys for the
Miscellaneous Atom (WMI, CDO Workflow).

Microsoft Exchange 2000 Server Installation and Setup 22

 64. Creates entries for the Miscellaneous Atom in the IIS metabase and Active
Directory.
65. Deletes existing registry keys for the Event service.
66. Creates the Microsoft Exchange Event service.
67. Creates registry keys for the Event service.
68. Creates entries for the Event service in the IIS metabase and Active
Directory.
69. Deletes existing registry keys and creates new registry keys for the
Microsoft Exchange Web component.
70. Creates entries for the Microsoft Exchange Web Component in the IIS
metabase and Active Directory.
71. Deletes existing registry keys and creates new registry keys for Microsoft
Outlook Web Access.
72. Creates entries for the WebClient in the IIS metabase and Active
Directory.
73. Deletes existing registry keys and creates new registry keys for the
Microsoft Exchange Cluster component.
74. Creates entries for the cluster component in the IIS metabase and Active
Directory.
75. Deletes existing registry keys and creates new registry keys for Microsoft
Exchange multimedia messaging.
76. Creates entries for multimedia messaging in the IIS metabase and Active
Directory.
77. Prepares to copy files for Exchange System Management components.
78. Copies files for Exchange System Management snap-ins.
79. Copies files for Exchange Migration Wizard.
80. Copies files for Instant Messaging service administration.
81. Copies files for full-text indexing administration.
82. Copies files for Service Atom (for example, MAPI support files).
83. Cancels system DLLs registration.
84. Configures System Management snap-ins and shortcut.
85. Registers system DLLs.
86. Configures Migration Wizard shortcut.
87. Configures Instant Message administration tool.
88. Configures full-text indexing administration tool.
89. Copies files for the Exchange 5.5 Administration tool.
90. Configures the Exchange 5.5 Administration tool.

Microsoft Exchange 2000 Server Installation and Setup 23

 91. Configures Instant Messaging service.
92. Adds the local computer account to Exchange Domain Servers group.
93. Creates Administration Group objects (policies container, Advanced
Security, and so forth).
94. Creates the Exchange server object in the Administrative Group and
stamps the version.
95. Checks for special Exchange groups and verifies that the domain is
prepared.
96. Starts all services.
97. Removes the interface from the console and exits.

Unattended Installations
Most Exchange 2000 installations require the administrator to be present at the
server console or over a Terminal Services connection. However, it is possible to
perform unattended installations of Exchange 2000. To perform unattended
installations of Exchange 2000, run Exchange 2000 Setup with the
/CreateUnattend option (which creates an unattend file), and then run Setup
with the /UnattendFile option (which performs an unattended Exchange 2000
installation).

Only the core Exchange 2000 services are supported for unattended installation
mode, and only limited manual editing of the unattend file is supported.

For more information about the unattended mode of Exchange 2000 Setup, see
the technical paper Unattended Installations of Microsoft Exchange 2000 Server at
http://www.microsoft.com/exchange/techinfo/administration/2000/Unattended.as
p.

Troubleshooting Setup Failures

The Exchange 2000 Setup process is designed to tolerate minor errors. If a minor
error occurs during installation, you can correct the cause of the error and
continue. In fact, Setup attempts to run as many checks as possible before the
actual installation takes place. When you are presented with the component page
(Stage 1 of Setup), you can determine whether errors occurred during the initial
checks. If you see four dashes (----) adjacent to a component instead of Install,
it usually means that an error message will occur if you try to perform an action
(Install, Remove, and so forth) on that component. The error messages at this
stage provide useful information about what the error might be. Setup may be
unable to contact your Active Directory servers, which probably means that name
resolution is not working properly.

If the initial Setup checks do not uncover an error, a catastrophic failure occurs
during the actual installation process. Usually, you are notified in which
component or action the error occurred, and then given a hexadecimal error
number; for example, 0xC0070430. If you encounter such an error, try clicking
Retry because a transient error may have occurred on either the local computer

Microsoft Exchange 2000 Server Installation and Setup 24

or network. For example, the error code earlier in this paragraph indicates that
Setup attempted to install a service that already exists. You might get this error if
you are reinstalling the server after a failed attempt. If, you are not proceeding in
Setup after you click Retry, use the Microsoft Knowledge Base at
http://support.microsoft.com/ to see if the error is known.

Your next step is to look at the progress log in the root directory of your system
partition. Both Active Directory Connector Setup and Exchange 2000 Setup create
a progress log:

• ADC Active Directory Connector Setup.log

• Exchange 2000 Exchange Server Setup Progress.Log

Exchange 5.5 also creates a progress log, but its file name is different from the
ones listed earlier. All progress log files are formatted in Unicode text, and they
can be very large (over 1 MB in size), so it’s best to read them from a computer
running Windows 2000. The logs themselves contain extremely detailed lists of all
functions called and the results of the Setup process. You may not understand
everything in these files, because you need the source code to understand the
function names. However, by viewing the contents of a log file, you can discover
reasons why Setup failed.

Progress logs are concatenated. This means that all Setup attempts are recorded
in one long file, so it’s best to go to the end of the file and work backwards. In
addition, Setup errors can be either soft or hard, and both kinds of errors appear
in the logs. Soft errors are ignored by the Setup process, and you won’t see a
visual indication of them in the user interface. Here’s a prime example of a soft
error:
[14:31:15] ScGetClusterSvcDir
(K:\admin\src\libs\exSetup\exmisc.cxx:2306)
Error code 0XC0070424 (1060): The specified service does not
exist as an installed service.

Setup is attempting to access the shared cluster directory. If your computer is not
in a cluster, you’d expect to see this error. After the soft errors, you see a
statement in the logs that indicates that these errors were ignored:
[14:31:15] === IGNORING PREVIOUS ERRORS ===
CFileManager::ScAutoDetectDirectoryLocations
(K:\admin\src\udog\Setupbase\tools\filemgr.cxx:463)

Interestingly, you see the file name and path to the source code in these errors.
This information is intended for Microsoft Product Support Services rather than for
users who are installing Exchange 2000.

One of the most interesting sections of the progress log is the following:

Microsoft Exchange 2000 Server Installation and Setup 25

 [14:32:34] Setup configuration information:
[14:32:34] This is a(n) Enterprise version of Microsoft
Exchange 2000
[14:32:34] This is an evaluation copy of Microsoft
Exchange 2000; it expires in 120 days
[14:32:34] InstallSourceDir = Uninitialized
[14:32:34] InstallDestDir = C:\Program Files\Exchsrvr
[14:32:34] InetSrvDir = C:\WINNT\System32\inetsrv
[14:32:34] System32Dir = C:\WINNT\System32
[14:32:34] LocalServer = LABSRV02
[14:32:34] SchemaMasterDC = LABSRV01
[14:32:34] DC = LABSRV02
[14:32:34] Domain = extest.netlab.microsoft.com
[14:32:34] DomainDN =
/dc=com/dc=microsoft/dc=netlab/dc=extest
[14:32:34] NetBIOSDomain = SUB
[14:32:34] NT5Site = Default-First-Site-Name
[14:32:34] Org = MSFT
[14:32:34] LegacyOrg = MSFT
[14:32:34] AdminGroup = SITEA
[14:32:34] LegacyAdminGroup = SITEA
[14:32:34] AdminGroupContainingRoutingGroup = SITEA
[14:32:34] RoutingGroup = SITEA
[14:32:35] 55ServiceAccountLogin = Uninitialized
[14:32:35] PTAdministratorAccount = EXTEST\Administrator
[14:32:35] This is not a clustered machine

The most important information included in this log concerns the domain
controller from which the server reads Active Directory. You can also see the
schema master here, so if you receive an error saying that Setup cannot contact
the schema master, you can find the computer name of the schema master and
try to contact it manually.

Short names are used frequently in the logs. It helps if you understand some of
them, such as the following:

• 55 = Exchange Server 5.5

• Osmium = Exchange Server 5.5

• Oz = Exchange Server 5.5

• Pt = Exchange 2000

Microsoft Exchange 2000 Server Installation and Setup 26

 • Platinum = Exchange 2000

• PtOz = Mixed Exchange 5.5 and Exchange 2000 site or organization

• Udog = Exchange 2000 Setup

• Underdog = Exchange 2000 Setup

• Cartman = BackOffice Setup

Whether the installation process is successful or unsuccessful, the last entry in

the log indicates that the Setup process is being removed from memory, and
looks something like the following:
[16:03:46] CComBOIFacesFactory::QueryInterface
(K:\admin\src\udog\BO\bofactory.cxx:52)
Error code 0X80004002 (16386): No interface.

The log files may provide more information than you need. Fortunately, there is a
tool called LogParser that reads the progress logs and presents them to you in a
format that is easier to read. This doesn’t mean that LogParser translates errors,
but it does show you the individual installation attempts and categorizes the
errors. For example, a log level of 0 shows you only the critical errors that Setup
encountered (Figure 5).

Figure 5 Output of the LogParser tool

If you encounter a persistent Setup problem that cannot be resolved through the
Microsoft Knowledge Base, call Microsoft Product Support Services. Because

Microsoft Exchange 2000 Server Installation and Setup 27

you’ve researched the problem, you can provide Product Support Services with
information from the progress logs.

Common Setup Problems

This section provides a list of some of the most common errors that occur when
you install an Exchange 2000 server. Both the probable cause and possible
resolution are given.

0xC103798A Error
Problem An internal component fails while running Setup.

Probable cause The server on which you are running Setup is configured to
monitor and send e-mail notifications.

Resolution Cancel Setup, turn off all notifications, and then run Setup again.
For more details, see Microsoft Knowledge Base article Q270668, “XADM:
Exchange 2000 Setup Fails with 0XC103798A.”

Overlapped I/O Error When Creating EUSER_EXSTOREEVENT User

Problem The error log shows the following error:
[xx:xx:xx] Entering CAtomBaseMDB::ScCreateStoreEventAccount
[xx:xx:xx] bad member index -1
CAtomBaseMDB::ScCreateStoreEventAccount
(K:\admin\src\udog\exsetdata\components\server\a_basemdb.cxx:29
0)
Error code 0XC00703E5 (997): Overlapped I/O operation is in
progress.

Probable cause Domain policy restrictions are preventing Setup from creating
the user because strict password policies are in place. Exchange Setup attempts
to create the new user with an 8-character password.

Resolution Either allow this account in the domain to have an 8-character

password, or obtain an updated Exchange 2000 Installation compact disc
(4417.5a). The latest installation compact discs do not attempt to create this user
account.

Deleted Items Container Has Not Been Replicated

Problem Setup reports “Active Directory has not replicated all the necessary
permissions for the deleted items container. Please wait until replication
completes before running Setup.”

Probable cause The user who is installing Exchange does not have the correct
permissions to install a new Exchange 2000 server.

Resolution You must have full Exchange organization permissions to install a

new server.

Microsoft Exchange 2000 Server Installation and Setup 28

Additional Resources
It is impossible to envision all scenarios involving the installation of
Exchange 2000 and account for all errors that might arise. The following list of
Microsoft Knowledge Base articles relates to the technologies discussed in this
technical paper. You can access these articles online at
http://support.microsoft.com/.

ADC Setup
• Q237434 XADM: Active Directory Connector Setup Causes Lsass.exe to
Use 100 Percent CPU

• Q253593 XADM: Installation of Active Directory Connector Does Not

Work Because of Logon Failure and References ID Number c007042d

• Q257888 XADM: "No Site Name Is Available for This Machine" Error
Message When You Install the Active Directory Connector

Exchange 2000 Setup

• Q239762 XADM: Exchange 2000 Services Run Under LocalSystem

• Q252486 XADM: Removing the First Exchange 2000 Server from the Site

• Q257415 XADM: Running a Disaster Recovery Setup

• Q258967 XADM: Setup Fails on a Member Server Because of DNS

Settings

• Q260378 XADM: How to Manually Remove an Exchange 2000 Installation

• Q262068 XADM: How to Set Up Exchange 2000

• Q264251 XADM: Error Message 0xC103798A During Key Management

Service Setup

Exchange 2000 Setup: Installing into Exchange 5.5 Sites

• Q237442 XADM: Exchange 2000 Setup Cannot Locate an Active Directory
Connector

• Q245597 XADM: Exchange 2000 Setup Cannot Cycle the Directory

Service on the Exchange Server 5.5 Computer

• Q258799 XADM: When You Join an Exchange 2000 Server to an Existing

Exchange Server 5.5 Site You Receive Error 0xC103FC93

• Q272998 XADM: Setup Doesn't Work with 0XC103FC93 in Function

ScFindLDAPPortNumberUsingDAPI

Exchange 2000 Setup: Upgrades from Exchange 5.5

• Q255256 XADM: Upgrade Fails When Exchange Server 5.5 LDAP Port Has
Been Reconfigured

• Q316886 HOW TO: Migrate from Exchange Server 5.5 to Exchange 2000
Server

Microsoft Exchange 2000 Server Installation and Setup 29

 • Q264879 XADM: Upgrading to Exchange 2000—the Swing Upgrade
Method

• Q264309 XADM: How to Roll Back a Failed Upgrade from Exchange

Server 5.5 to Exchange 2000

For more information: http://www.microsoft.com/exchange/

Did this paper help you? Please give us your feedback. On a scale of 1 (poor)
to 5 (excellent), how would you rate this paper?

mailto:[email protected]?subject=Feedback: Microsoft Exchange 2000

Server Installation and Setup.doc

Microsoft Exchange 2000 Server Installation and Setup 30

The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the
date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment
on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication.

This Technical Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO
THE INFORMATION IN THIS DOCUMENT.

Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this
document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic,
mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft
Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in
this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does
not give you any license to these patents, trademarks, copyrights, or other intellectual property.

Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places
and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email
address, logo, person, place or event is intended or should be inferred.

 2002 Microsoft Corporation. All rights reserved.

Microsoft, Active Directory, Outlook, Win32, Windows, and Windows NT are either registered trademarks or trademarks of Microsoft
Corporation in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Microsoft Exchange 2000 Server Installation and Setup 31

Microsoft Exchange 2000 Server Installation and Setup 32