Forefront TMG enables you to protect your organization from spam, viruses and other e-mail-based threats. It does this by leveraging the mail protection provided by Forefront Protection 2010 for Exchange Server (FPES), and by utilizing the end-to-end mail relay service provided by Exchange Edge Transport server.

These protection technologies are not included in the default Forefront TMG installation; you must install them separately on each Forefront TMG array member.

The supported versions are:

It is recommended that you install these mail protection technologies (and their prerequisites) on each array member, in the following order:

  1. Install Active Directory Lightweight Directory Services. For instructions, see Installing Active Directory Lightweight Directory Services.

  2. Install the Exchange Server Edge Transport Transport role. For instructions, see Installing the Exchange Server Edge Transport role.

  3. Install Forefront Protection 2010 for Exchange Server. For instructions, see Installing Forefront Protection 2010 for Exchange Server.

  4. Install Forefront TMG. For instructions, see Installing Forefront TMG.

Installing Active Directory Lightweight Directory Services

You must install Active Directory Lightweight Directory Services (AD LDS) before installing the Exchange Server Edge Transport role. If AD LDS is not installed, use the following instructions to install it.

To install Active Directory Lightweight Directory Services

  1. From an elevated command prompt, type cmd.exe /c start /w pkgmgr.exe /iu:"DirectoryServices-ADAM".

Installing the Exchange Server Edge Transport role

Note:
If you have already installed Forefront TMG, you must remove Windows Powershell 1.0 before installing Exchange. See Removing Windows Powershell 1.0 for instructions.

Before installing the Exchange Server Edge Transport role, you must verify that the computer is configured with a DNS suffix. Use the following procedure:

To add a DNS suffix to a Forefront TMG computer

  1. On the Desktop, right-click Computer, and select Properties.

  2. Click Advanced system settings, and then click the Computer Name tab.

  3. Click Change, and then click More.

  4. In the Primary DNS suffix of this computer box, if an FQDN is not configured, type one, and click OK.

To install the Exchange Server Edge Transport role

  1. Run the Exchange Server Setup.exe file, and follow the steps in the Exchange Server Setup Wizard, including the installation of all the prerequisites.

  2. On the Installation Type page, click Custom Exchange Server Installation.

  3. On the Server Role Selection page, select Edge Transport Role, and click Next.On the Readiness Checks page, view the status to determine if the organization and server role prerequisite checks completed successfully. Then, click Install to install Exchange.

  4. On the Completion page, click Finish.

Installing Forefront Protection 2010 for Exchange Server

To install Forefront Protection 2010 for Exchange Server

  1. Insert the Forefront TMG DVD and run autorun.hta.

  2. Click Install Microsoft Forefront Protection 2010 for Exchange Server.

  3. Follow the on-screen instructions in the Setup Wizard.

Removing Windows Powershell 1.0

Note:
If you have already installed Forefront TMG, use the following procedure to remove Windows Powershell 1.0 before installing Exchange:
  1. Click Start, Run, and type CompMgmtLauncher. Click OK.

  2. In the Server Manager tree, expand Features, and in the Features Summary, click Remove Features.

  3. In the Remove Features Wizard, scroll to Windows Powershell, and then clear the check box.Click Next, and then click Remove.

  4. When the process has completed, restart the computer, and then install Exchange Server 2010. The prerequisites page directs you to install Windows Powershell 2.0.

Next Steps

After you have completed the installation of the Exchange Edge Transport Server role, FPES and Forefront TMG on each member of your array, you can begin to configure an e-mail policy for your organization. For configuration information, see Configuring protection from e-mail-based threats.

Related Topics


Copyright © 2009 by Microsoft Corporation. All rights reserved.