Microsoft® Exchange Server 2007 stores many types of information in the Active Directory® directory service. Exchange 2007 domains correspond to Active Directory domains for purposes of server and user administration. The first time Exchange 2007 is installed into an Exchange 2007 domain hierarchy, the Active Directory schema is extended to accommodate the Exchange containers and properties. Exchange communicates with the Active Directory Global Catalog server through the Exchange DSProxy service.
Users and Groups
Exchange 2007 uses the Active Directory user and group account information to represent Exchange users and groups. In an Exchange 2007 environment, Active Directory users and groups marked with Exchange-specific attributes indicate whether they are Mail-disabled, Mail-enabled or Mailbox-enabled. User accounts that are marked as Mail-enabled are valid recipients for e-mail messages, even though they might not have a local mailbox. User accounts that are marked as Mailbox-enabled have a mailbox in the Exchange system.
Microsoft Windows Server® operating systems groups that are Mail-enabled are similar to distribution lists in Exchange Server 5.5. Messages sent to the Mail-enabled group are distributed to each mail-enabled member of the group.
The Exchange Recipient Update Service (RUS) ensures that the Exchange mailboxes and configuration are synchronized with changes made to the Active Directory user and group information.
Exchange 2007 administrators use the Exchange 2007 Users and Computers Microsoft Management Console (MMC) snap-in to administer user and group accounts. Applications written for Exchange 2007 can access user and group information stored in Exchange 2007 by using LDAP or Active Directory Service Interfaces (ADSI).
Exchange also stores its own configuration data inside Active Directory. This includes the definition of administrative groups, routing groups, configuration settings for protocol virtual servers, and so on.
Exchange Metabase Update Service
Microsoft Internet Information Services (IIS), delivered with Windows Server, stores configuration data in the IIS metabase store. When Exchange 2007 is installed onto a computer, the IIS metabase configuration information is copied into Active Directory. Exchange modifies the information in Active Directory, and the Exchange Metabase Update service replicates the information from Active Directory to the IIS metabase. The Metabase Update service is part of the Exchange System Attendant. This replication occurs only from Active Directory into the IIS metabase, and changes made directly to the IIS metabase will be lost. The Metabase Update service updates the IIS metabase every couple minutes, so there may be a delay before changes take effect.
Accessing Active Directory Programmatically
LDAP and ADSI are commonly used to manage user data in Exchange 2007, and can be used in an Exchange 2007 environment. However, for applications that need to access data in Exchange, using the appropriate CDO for Exchange 2000 Server (CDOEX), CDO for Exchange Management (CDOEXM), or CDO for Workflow (CDOWF) Component Object Model (COM) objects, and the Exchange Microsoft Windows® Management Instrumentation (WMI) providers is recommended.