Using ExMap to view your Exchange Topology
Almost every Exchange administrator would like to see his Exchange servers and the relations between them in one visual map.
Using Microsoft ExMap, you will be able to see in one diagram, all the exchange servers, including versions, in the relevant administrative groups, the SMTP connectors and the routing groups connectors.
In this article I will present the Microsoft ExMap tool and the different options it has.
Requirements and naming conventions
ISRDC01 – Domain Controller (LDAP Server).
C:\ExMap 2.0.58 – Location of the ExMap extracted files (working directory).
* Because most of the Exchange configuration (Connectors, Routing Groups, Administrative Groups, Storage Groups, etc’) is located in the AD configuration partition (on each one of the DCs in your forest), you don’t need access to any of your Exchange servers – only to one of your AD servers.
Windows 2000 Professional / Server
Visio 2000 or later
Access to LDAP server (Active Directory) – the user needs read permission to the LDAP
ExMap works with Exchange 5.5 or higher
The ExMap utility is available to download from the following link:
Download ExMap (626kb)
After downloading the .exe file, you just need to extract it to a working directory (usually its C:\ExMap 2.0.58).
In order to start the utility, just double click the ExMap.exe file in the directory where you extract the files.
Configuring the ExMap:
ExMap has some options that can be configured, in many cases the defaults will do.
I will present the major and important options:
Server – In most cases, the only thing that needs to be configured is the LDAP server (ISRDC01 in this example), which stores most of the Exchange configuration in the AD configuration partition.
Visio – By default, the drawing and the Visio configuration files (template and stencil) are located in the same folder where you extract the ExMap files – C:\ExMap 2.0.58 in this example.
Draw! – Begins the drawing process.
Exit – Terminates ExMap.
SMTP – Marked by default, show the connections of the Exchange servers with SMTP to internet.
Directory Replication – Draw the connections between each Exchange server and its global catalog (as configured in the Directory access tab on each exchange server in the ESM).
cc:Mail – If there are any old cc Mail systems in your network, check this option in order to include them in the drawing.
Microsoft Mail – If there are any old MS Mail systems in your network, check this option in order to include them in the drawing.
Include server version:
Check this option if you want to include the server’s version in the drawing.
Credentials – Use this option if you logged in with a user that doesn’t have read access to the Exchange configuration in the AD.
In that case, you have to type the domain and username that have the required rights; during the drawing users will be prompted for their passwords.
Log Application Error – Use this option to log the application messages in case of problems in the drawing.
Export Directory Data – Use this option to export the list of all the servers in the sites into CSV file, including the versions (if you checked it):
* The various configurations that are performed in the ExMap tool are saved in the registry for each specific user in following location:
HKCU\Software\VB and VBA Program Settings\ExMap\Settings
One step before drawing:
Some of the processes used for drawing use macros which by default (in Visio 2003) are blocked because of high security
Before running the drawing from the ExMap, change the Macro security level to Low or Medium:
Note that if you change the security level to Medium, you will be prompted 2 times during the drawing, as seeing in the following screen shot (press the Enable Macros option):
If you do not change the Macro security level and leave it in High or Very High the ExMap will not be able to draw, and the following alert will appear:
After clicking on Draw! the following diagram is displayed (in this specific example):
More in Exchange Server
M365 Changelog: Get-AdvancedThreatProtectionDocumentReport and Get-AdvancedThreatProtectionDocumentDetail to be retired
May 24, 2022 | Petri Staff
M365 Changelog: (Updated) Microsoft Defender for Office 365: Updates to URL Protection Report
May 24, 2022 | Petri Staff
M365 Changelog: Safe Links Global Settings Migrated to Custom Policies
May 20, 2022 | Petri Staff
Microsoft to Ship Some Exchange Server Security Updates in .EXE Packages
May 11, 2022 | Rabia Noureen
M365 Changelog: Exchange Transport Rule Report moving to the new Exchange Admin Center (EAC) from the Security and Compliance Center
Apr 22, 2022 | Petri Staff
Hive Ransomware Group Attacks Vulnerable Microsoft Exchange Servers
Apr 22, 2022 | Rabia Noureen
Most popular on petri