In the past I’ve blogged about building a hosted Exchange 2010 SP2 environment. Basically you have to prepare Active Directory, create a hosting container where all customer containers (also referred to as organizations, not to mess up with an Exchange organization) are located, secure the OU’s etc. Also you have to create Address Lists, Address Book Policies, Offline Address Books (do not forget to secure these to prevent unwanted downloads) and all this in a reliable and consistent manner.
It is certainly doable with a lot of scripting and HTML knowledge (been there, done that) but the overall recommendation is to use a Control Panel vendor. You can find an overview on the Microsoft website: http://technet.microsoft.com/en-us/exchange/hh563895.aspx
Using a Control Panel
There are a number of vendors, each having their own pros and cons but all work according to the same principle using a provisioning engine. This provisioning engine is talking to all services in your environment like Active Directory, Exchange, Lync or Sharepoint. It is also possible to add even more services like CRM, Hyper-V, online backup or Azure.
The provisioning engine stores all its data in a SQL database, so configuration information, organizations, users, groups etc. is all stored in this database.
The Control Panel also uses a provisioning front-end, this is a web application typically connected to the Internet and where organization admins (or users) can logon. An organization in this context is a company that is hosting their services on your platform. In this Control Panel you can create resellers, organizations, users, services etc.
The cool stuff of a solution like this is that it is fully transactional so it provides roll-back functionality. Suppose you create a new organization with a domain and want to enable this for organization for Lync and Exchange. Using a script you would create the OU in Active Directory, create security groups and users, create an Accepted Domain, Address Lists and the accompanying Address Book Policy and Lync enable the users. Now suppose something goes wrong in the middle of the provisioning script. Your script will fail and you will end up with a partially functioning organization. You have to manually troubleshoot what’s going on and possible clean-up the organization from Active Directory.
In a Control Panel solution when things go wrong the system will automatically perform a roll-back from the point of failure, so all stuff that was already created during provisioning will be deleted and will keep your environment in a consistent state.
Installing a CP solution
Installing a Control Panel solution is straight forward. First install the entire platform, that is Active Directory, Exchange Server, Lync Server and Sharepoint server (of course it is also possible to install and configure one server at a time) and a SQL Server. In my lab I’m using Extend ASP (www.extendasp.com) as a Control Panel, but other vendors use roughly the same idea.
When the platform is up-and-running (and fully functional and tested!) the Provisioning Engine can be installed. When new organizations are created, users are created and mailbox or lync enabled, everything happens on this provisioning server. In the background the provisioning server communicates with all other services and server on the platform.
The next step is to install the front-end. This is a web application provided by the vendor which communicates with the provisioning engine. Please note that this is just a user interface, all provisioning steps are performed on the backend.
At this point the environment is still not configured for hosting. Once the ExtendASP system is fully up-and-running you have to do the initial login to the Control Panel and initialize the system.
In ExtendASP everything is configured from the provisioning front-end so this is where we login first. The first step is to configure Active Directory. This step will create the OU=Hosting container in Active Directory, create the appropriate security groups, set and remove the appropriate permissions and set a tenant model (SP1 /hosting which is no longer recommended or the Enterprise model which Exchange 2010 SP2 is using).
When the Active Directory service is installed the reseller service need to be installed and configured as well, and you can add other services like Exchange 2010 SP2, Lync Server 2010 or Sharepoint 2010. In my lab environment I’ll focus on Exchange 2010 first and add the other services later:
Once the Active Directory and Exchange services are fully configured it’s time to configure the general settings like language settings, LCID, currency code, password change options, error email notifications and other core system settings.
When the core settings are set it’s time to continue with the resource pools. Resource pools define the available resource on the system that are available for end users. Examples are Mailbox Databases and OAB resources.
When the resource pools are created the plans can be created. A Plan represents a service that can be offered to customers and define service specific settings like protocol being used, mailbox sizing and (for example) OWA segmentation. Plans are separated between Organization Plans (like Exchange Plan, Sharepoint Plan or Lync Enterprise Plan) and are assigned to new organizations. User Plans are plans that are assigned to individual users and can be Basic Mailbox, Standard (Plus) Mailbox, Lync Standard or Lync Enterprise.
It depends on the offering of course, but services can be Exchange, Lync and Sharepoint, but also Hyper-V VM’s, CRM or Blackberry for example.
At this point the Active Directory and Exchange services are fully configured and the first reseller can be created. Even if no reseller model is used the hoster itself will be a reseller, reselling services to its own customers.
A Control Panel solution in a hosting environment is like a ‘glue’ between all services you want to offer. Besides provisioning these solutions also prepare your environment for hosting so you don’t have to fiddle around with all kind of scripts etc. I always recommend using a Control Panel solution in a hosting environment to get a consistent environment.