Solved

Exchange 2010 questions

Posted on 2010-09-01
2
1,523 Views
Last Modified: 2012-05-10
SERVER INFO:
-2x AD Win2K8 in one site
-2x Exchange 2010 MAIL,HUB,CAS
-2x Exchange 2010 EDGE
-2x Win2K8 FileServer

QUESTIONS:
1. Usually if I create user email in Exchange that mean that user can have an email and can access my fileserver using the same a/c.
Can I create email only without allowing this user to access my fileserver
2. Whether the Exchange 2010 EDGE server must be member of domain
3. If the EDGE server are located in different subnet, and in between front and backend exchange has CISCO ASA firewall. What port need to be opened if the EDGE is member of domain

thanks
0
Comment
Question by:nbctcp
2 Comments
 
LVL 25

Assisted Solution

by:Tony1044
Tony1044 earned 62 total points
Comment Utility
1. Usually if I create user email in Exchange that mean that user can have an email and can access my fileserver using the same a/c.
Can I create email only without allowing this user to access my fileserver

Yes - if they're members of groups that have access to the share, you could always create a new group and give them the "Deny" permission to the relevant shares.

2. Whether the Exchange 2010 EDGE server must be member of domain

No - it mustn't be.

3. If the EDGE server are located in different subnet, and in between front and backend exchange has CISCO ASA firewall. What port need to be opened if the EDGE is member of domain

Edge ports for synchronisation are:

For Inbound traffic:
SMTP - TCP port 25 (from Internet)
SMTP - TCP port 25 (from Edge server to Hub server on internal network)

For Outbound traffic:
SMTP - TCP/UDP port 25 (from Edge to Internet)
SMTP - TCP/UDP port 25 (from Hub to Edge server)
LDAP for EdgeSync - TCP port 50389 (from Hub to Edge server) Secure LDAP for EdgeSync - TCP port 50636 (from Hub to Edge server)
0
 
LVL 8

Accepted Solution

by:
Mkris9 earned 63 total points
Comment Utility
1. Usually if I create user email in Exchange that mean that user can have an email and can access my fileserver using the same a/c. Can I create email only without allowing this user to access my fileserver

If you just want to create a mailbox that is not possible. There has to be an associated Active Directory account associated with a mailbox. When you create a user, it normally gets added to the domain user group. If the domain users group has access to your shares in the file server, then he / she will be able to access shares.

2. Whether the Exchange 2010 EDGE server must be member of domain

No, Edge servers uses ADAM - which is AD Application Mode - through which it communicates with AD

3. If the EDGE server are located in different subnet, and in between front and backend exchange has CISCO ASA firewall. What port need to be opened if the EDGE is member of domain

Edge servers cannot be a member of domain. It normally sits on the DMZ between WAN and your local subnet.  This shows the ports to be opened. http://technet.microsoft.com/en-us/library/bb331973.aspx to and from Edge and WAN and HT servers.

Also one of the best articles I've used for ET is http://www.msexchange.org/articles_tutorials/exchange-server-2007/planning-architecture/uncovering-exchange-2007-edge-transport-server-part1.html. though it is for 2007, the basic principles rmains the same.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now