Permissions required to install the first Exchange 2003 Service Pack 2 (SP2) in the Org


Because of the fact that the Community Technology Preview (CTP) build of Exchange 2003 SP2 is now available, we wanted to mention a permissions requirement for the FIRST SP2 installation into the organization.


 


With Exchange Server 2003 Service Pack 2, we have made a slight change in the way setup functions.  As you may recall with Exchange Server 2003 Service Pack 1, you only needed the following rights to complete the installation:


 


·         Exchange Administrator role on the administration group where the Exchange Server 2003 server exists.


·         Member of the local Administrators group on the target Exchange Server 2003 server.


 


With Exchange Server 2003 Service Pack 2, we now include the Intelligent Message Filter; it is no longer a separate add-on to Exchange. As a result, we have to create an object within the Active Directory to store the IMF settings (if it does not already exist):


 


cn=UCE Content Filter,cn=Message Delivery,cn=Global Settings,cn=<ORG NAME>,cn=Microsoft Exchange,cn=Services,cn=configuration,dc=<Domain Name>


 


In order to be able to create and validate that object, the following right is needed:


 


          – Exchange Administrator (or higher) on the Organization level


 


The first time you attempt to upgrade an Exchange Server 2003 RTM/SP1 server in your organization to Service Pack 2, setup will check permissions of currently logged on user and ensure that it has the necessary rights to create the above object.  If the necessary rights are missing, the following warning will be displayed:


 



 


The part of the popup that applies to the permissions issue is:


 


This service pack requires Exchange Administrator permissions at the organization level the first time it is applied in an Exchange organization.  Subsequent installs of this service pack in the same organization require Exchange Administrator permissions at the administrative group level only.


 


After the first upgrade completes successfully, setup will check for the existence of the above AD object and allow customers to proceed with a more restricted permission set (i.e. Exchange Administrator role at the administrative group or higher, as per original permission requirements). So those elevated rights are needed only for the first Exchange 2003 SP2 installation in the Organization.


 


If the “UCE Content Filter” Active Directory object is not present in the AD, the IMF tab will not be visible in ESM Message Delivery properties.


 


Ross Smith IV

Comments (5)
  1. Robert says:

    What happens if the Intelligent Message Filter is already installed?

  2. Exchange says:

    Robert,

    Exchange 2003 SP2 Setup will check for the presence of IMF v1 on the box and if found – will throw an error that the IMF v1 needs to be uninstalled first, before SP2 (with IMF v2 bundled in) can be installed.

  3. Nawar says:

    IMF v1 is not supported in a clustered environment, will IMF v2 support clustered environment? If not how can we apply SP2 in a cluster?

  4. Nawar,

    You can install SP2 in a clustered environment, however you will not be able to enable the IMFv2 filter on a clustered SMTP instance. Our support chance hasn’t changed.

    Ross

  5. Anonymous says:

    I tried installing the Exchagne 2003 SP2 CTP over the weekend and was rewarded with an error message!

    The component &quot;Microsoft Exchange Messaging and Collaboration Services&quot; cannot be assigned the action &quot;Update&quot; because:

    -Microsoft Internet Inform

Comments are closed.