10135 a xb
-
Upload
bo-su -
Category
Technology
-
view
977 -
download
7
description
Transcript of 10135 a xb
Appendix B
Advanced Topics in Exchange Server 2010
Module Overview
• Deploying Highly Available Solutions for Multiple Sites
• Implementing Federated Sharing
Lesson 1: Deploying Highly Available Solutions for Multiple Sites
• Discussion: High Availability for Multiple Sites
• Using Cross-Site DAGs
• Challenges of Implementing Cross-Site, Nonmailbox Servers
• Failover Process for Data Centers
• Best Practices for Multisite Failover
Discussion: High Availability for Multiple Sites
• What are some of the common multisite high-availability scenarios?
• Does your company have a warm disaster-recovery site or is it planning to have one?
• After mail services successfully fail over to the second site, what other issues might you still need to address?
Using Cross-Site DAGs
Cross-site DAGs do not require:
• Special network hardware
• A single shared subnet
• A single Active Directory site
Cross-site DAGs do require:
• Less than 250 ms latency between all DAG nodes
• Reestablishment of cluster quorum after site failure
• Administrative intervention to complete datacenter failover
• Support for nonmailbox roles in each site
• At least one domain controller in each site
Challenges of Implementing Cross-Site, Nonmailbox Servers
Challenges of implementing cross-site, nonmailbox servers are:
• External DNS records name must point to secondary site
• Clients must reconnect to the new RPC client access array
• Inbound e-mail must be redirected
Failover Process for Data Centers
Site ASite A Site BSite B
DAG
Hub Transport(FSW)
Hub Transport(FSW)
Hub TransportHub TransportClient AccessClient Access Client AccessClient Access
(Alt FSW)(Alt FSW)
Best Practices for Multisite Failover
• Verify failover functionality with periodic testing
• Reduce failover time by using low TTL on DNS records for the Client Access server array, Client Access server URLs, and SMTP records
• Closely monitor replication health and other system components to ensure failover health
• Follow proper change-management procedures
• Prevent cluster network cross-talk
Lesson 2: Implementing Federated Sharing
• What Is Federated Sharing?
• Components of Federated Sharing
• How Federated Sharing Works for Availability Information Access
• How Federated Message Delivery Works
• Configuring a Federation Trust
• Configuring Organizational Relationships and Sharing Policies
What Is Federated Sharing?
Federated sharing:
• Requires Microsoft Federation Gateway as a trust broker
• Uses standard federation technologies to establish trusted relationships
• Enables secure Internet communications between organizations
• Is supported for all messaging clients
• Requires each organization to establish and manage its trust
Components of Federated Sharing
Federated Sharing requires:
• Organization identifier that identifies which domains areavailable for federation
• Federation Trust with Microsoft Federation Gateway
• Establishment of a federated sharing relationship with another federated organization to enable sharing of availability information, or Federated Delivery of e-mail
• Sharing relationships that define the organizations withwhich your users will share data, and the type of data theycan share
Adatum.com Contoso.com
How Federated Sharing Works for Availability Information Access
Client AccessServer
Client AccessServer
MicrosoftFederationGateway
MicrosoftFederationGateway
Client AccessServer
Client AccessServer
DomainControllerDomain
Controller
DomainControllerDomain
Controller22
33
44
77
88
MailboxServer
MailboxServer
6611 55
Adatum.com Contoso.com
How Federated Message Delivery WorksMicrosoft
FederationGateway
MicrosoftFederationGateway
DomainControllerDomain
Controller
DomainControllerDomain
Controller22
33
44
MailboxServer
MailboxServer
Hub TransportServer
Hub TransportServer
6655
Hub TransportServer
Hub TransportServer
MailboxServer
MailboxServer
11
Configuring a Federation Trust
Before configuring a federation trust:
When configuring the federation trust:
• Obtain a trusted certificate
• Configure the authoritative domains
• Configure external DNS records
• Ensure the server has Internet access
• Ensure that the server has the certificate installed
• Provide the certificate thumbprint
Configuring Organizational Relationships and Sharing Policies
Organizational relationships determine the organizations you want to share information with, and what types of information you will share
Organizational relationships determine the organizations you want to share information with, and what types of information you will share
Sharing policies define which users can share information with other organizations, and what types of information those users can share
Sharing policies define which users can share information with other organizations, and what types of information those users can share