Wednesday, 29 May 2013

Exchange 2010 Best Practices - Quick server configuration check



Exchange 2010 Best Practices - Quick server configuration check

Server Configuration quick checks

Active Directory - Domain Controllers
  • On each server, run the Best Practice Analyzer
    • Manage Server, Roles, Select the Role, Run the Best Practice Analyzer
    • DNS failure - unable to resolve root hints IPv6 - Safe to ignore
  • IPv6 Configuration
    • NICs on Domain Controllers - IPv6 set to automatically assign on DNS and IP Address
  • Check NIC Binding order
    • Ensure IPv4 is first and IPv6 is second
  • DNS server settings on the NIC
    • Domain Controller from another site as the first DNS server
    • Loopback address as the second or third DNS server
  • Configure Secure Dynamic Updates only
  • Configure Forwarders to your other internal DNS servers
  • Run the following tests on the Domain Controllers
    • Repadmin
    • DCDiag
  • Ensure there are no hidden NICs in Device Manager
  • Configure AD Sites and Services
    • Each site has an IP subnet
  • Run nltest /dsgetsite - confirm site is correct
  • Run Active Directory Topology Diagrammer
  • Date and time zone
Exchange Servers
  • Run the Exchange Best Practice Analyzer
    • EMC - Toolbox - Best Practices Analyzer
      • Run the scan against each site (AD Domain Controller)
      • Run Health Scan, Permissions Scan, Connectivity Scan and Baseline
  • DNS server settings on the NIC
    • Domain Controller from server site as the first DNS server
    • Domain Controller from other sites as the second and third DNS servers.
  • IPv6 Configuration
    • NICs on Exchange Servers - IPv6 set to automatically assign on DNS and IP Address
  • Check NIC Binding order
    • Ensure IPv4 is first and IPv6 is second
    • If there is an issue, change the order,
    • Then RESTART the Microsoft Exchange Active Directory Topology service
  • If Microsoft Exchange Service Host service fails at restart,
    • Set the service to Automatic (Delayed Start)
  • Check event viewer - Application Log
  • Check site affinity
  • Ensure there are no hidden NICs in Device Manager
  • Run nltest /dsgetsite - confirm site is correct.
  • Date and time zone
 Network Interfaces on Domain Controllers

No comments:

Post a Comment