Before installing Microsoft Operations Manager (MOM) or the Exchange Server Management Pack, you should take the time to create a few mailboxes and accounts. The Exchange Server Management Pack for MOM can monitor Exchange Server without them -- but it does a much more thorough job if they're set up.
Create a mailbox access account
The first thing you have to do is create a mailbox access account. You can call this account anything you want. Initially, you will create this account the same way you would create any other account. The only thing special you need to do during the setup phase is create an Exchange Server mailbox for the account and set the account's password to never expire.
Once the mailbox access account is up and running, you need to delegate Exchange View Only Administrator privileges to the account:
- Open the Exchange System Manager, right click on the Exchange organization, and select Delegate Control to launch the Exchange Administration Delegation Wizard.
- Click Next to bypass the wizard's Welcome screen.
- Select the Add button and add the mailbox access account to the list as an Exchange View Only Administrator.
- Click OK, Next, then Finish to complete the operation.
Create the necessary disabled mailbox accounts
Now you need to create some other mailbox accounts. These accounts will be disabled, but the mailboxes that go with the accounts will be used by the mailbox access account you just created to test mail flow across your Exchange Server organization.
- Begin by opening the Active Directory Users and Computers (ADUC) console (be sure to do this on a server that also has Exchange System Manager installed).
- Right click on the Users folder and select New -> User to view the New Object – User dialog box.
- Enter a logon name for the new user. The logon name should be server_nameMOM, where server_name is the name of the server. For example, if you were creating a test mailbox for an Exchange server named Server1, you'd use the logon name server1MOM.
If you are creating a test mailbox for an Exchange cluster, make sure you use the virtual server name (the cluster name) rather than the name of a physical server within the cluster.
If you have multiple stores on a single server, and you want to create a separate test mailbox for each store, follow the server_nameMOM with a number or a word that identifies the store. The first test mailbox on the server must be named server_nameMOM. For other test mailboxes on the server, you can append anything that you want to server_nameMOM -- as long as the username does not exceed 20 characters.
The dialog box won't allow you to click Next until you enter at least a first name for the user. I suggest entering something like the server name as the first name and MOM Test Account for the last name, as shown in Figure A.
Figure A: This is what the New Object – User screen looks like.
- Click Next and you will be prompted to enter a password for the account. Don't. Instead, select the User Cannot Change Password, 'Password Never Expires, and Account is Disabled checkboxes. Make sure the User Must Change Password at Next Login checkbox is not checked.
- Click Next and you will be prompted to create an Exchange mailbox. Confirm that the Create an Exchange Mailbox'checkbox is selected. Also, select the server from the Server dropdown list that corresponds with the logon name that you are using, as shown in Figure B. If you are creating multiple mailboxes for multiple stores on the server, make sure the correct store is selected.
Figure B : Create an Exchange mailbox on the appropriate server.
- Click Next to view a summary of the options you just chose.
- If everything looks good, click Finish.
Before continuing to the next step, repeat the process above for any other test mailboxes you need to set up.
- Now that you have created the necessary accounts and mailboxes, go to ADUC
-> View -> Advanced Features.
- Right click on one of the accounts you just created, select Properties -> Exchange Advanced tab (this tab will not exist if you have not selected the Advanced Features command in the previous step).
- Select the Mailbox Rights button and then click the Add button.
- Add the mailbox access account that you created earlier and click OK.
- Grant the mailbox account Full Mailbox Access, as shown in Figure C.
Figure C: Grant Full Mailbox Access to the mailbox account.
- Select the Self account from the list.
- Assign the Associated External Account right to Self and click OK.
- Now, select the properties sheet's Security tab.
- Click the Add button and add the mailbox access account to the group or username list.
- Choose the account that you just added to the list, and then mark off the Send As and Receive As checkboxes.
- Click OK and repeat these steps for any other test mailboxes that you created.
Create a Management Server Action Account
The Management Server Action Account is nothing more than a service account that MOM will use when it has to interact with other computers such as managed computers or the server containing the MOM database. You can name this account anything that you want.
The only special requirement for this account is that it must be a member of the Domain Admins group. It is also advisable to set the account's password not to expire.
Create the Data Access Service Account
The Data Access Service Account (also known as the DAS account) is used to facilitate communications between the various MOM components and the SQL Server database.
One special note regarding this account is that if you the MOM database and MOM itself on different servers, then you must use the same DAS account when you install the MOM database and all management servers in the same management group.
STEP-BY-STEP GUIDE: HOW TO SET UP MOM FOR EXCHANGE SERVER
Step 1: Create mailboxes and accounts for Microsoft Operations Manager
Step 2: Install SQL Server and Exchange System Manager for MOM
Step 3: Install Microsoft Operations Manager
Step 4: Configure MOM to monitor Exchange Server
|ABOUT THE AUTHOR:|
| Brien M. Posey, MCSE
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com.