Y: ASHWIN VENUGOPAL · The purpose of this document is to help you for Microsoft Exchange Server 2013 Deployment. The information and procedures included in this document focus on
Post on 22-Sep-2020
0 Views
Preview:
Transcript
E XCH AN G E 201 3 AN D U N I F IE D MES SAGIN G – PART 1
D EP LOY IN G AN D CON F I G U R IN G
BY: ASHWIN VENUGOPAL
My Blog: www.roadtomaster.com
TABLE OF CONTENTS
Contents
Introduction _______________________________________________________________________________________________ 1
Purpose of this document _________________________________________________________________________________________1
Ashwin Venugopal __________________________________________________________________________________________________1
Before you Begin __________________________________________________________________________________________ 2
Installing Exchange 2013 into existing Exchange organizations ___________________________________________________2
Server roles _________________________________________________________________________________________________________2
Active Directory update ____________________________________________________________________________________________3
Certificates _________________________________________________________________________________________________________3
DNS _________________________________________________________________________________________________________________3
Clients ______________________________________________________________________________________________________________4
Hybrid deployment with Office 365 _______________________________________________________________________________4
Prerequisites ______________________________________________________________________________________________ 5
Active Directory Prerequisite ______________________________________________________________________________________5
System Prerequisite ________________________________________________________________________________________________5
Exchange Server 2013 Prerequisite ________________________________________________________________________________5
Permissions to Install Exchange Server 2013 ______________________________________________________________________6
Permissions to Manage Exchange Server 2013 ____________________________________________________________________7
Assumptions ______________________________________________________________________________________________ 8
Insight to the Lab ___________________________________________________________________________________________________8
Details of these Servers ____________________________________________________________________________________________8
Installation and Preparation of Active Directory _________________________________________________________ 9
Installing Active Directory Domain Services (ADDS) _______________________________________________________________9
Preparing Active Directory for Exchange 2013 ____________________________________________________________________9
Install Exchange 2013 Mailbox Server Role ______________________________________________________________ 11
Log on to EX2013MB1. ___________________________________________________________________________________________ 11
Navigate to the location where you got the Exchange 2013 installation files. __________________________________ 11
Right-click Setup.exe and select Run as administrator. __________________________________________________________ 11
TABLE OF CONTENTS
Check for Updates Page __________________________________________________________________________________________ 11
Introduction Page ________________________________________________________________________________________________ 11
License Agreement Page _________________________________________________________________________________________ 11
Recommended settings Page ____________________________________________________________________________________ 11
Server Role Selection Page _______________________________________________________________________________________ 11
Installation Space and Location Page ____________________________________________________________________________ 12
Malware Protection Settings Page _______________________________________________________________________________ 12
Readiness Checks Page ___________________________________________________________________________________________ 12
Completion Page _________________________________________________________________________________________________ 12
Install Exchange 2013 Client Access Server Role ________________________________________________________ 13
Log on to EX2013CA1. ____________________________________________________________________________________________ 13
Navigate to the location where you got the Exchange 2013 installation files. __________________________________ 13
Right-click Setup.exe and select Run as administrator. __________________________________________________________ 13
Check for Updates Page __________________________________________________________________________________________ 13
Introduction Page ________________________________________________________________________________________________ 13
License Agreement Page _________________________________________________________________________________________ 13
Recommended settings Page ____________________________________________________________________________________ 13
Server Role Selection Page _______________________________________________________________________________________ 13
Installation Space and Location Page ____________________________________________________________________________ 14
Malware Protection Settings Page _______________________________________________________________________________ 14
Readiness Checks Page ___________________________________________________________________________________________ 14
Completion Page _________________________________________________________________________________________________ 14
Configuring Mail Flow ____________________________________________________________________________________ 15
Open the Exchange Admin Center _______________________________________________________________________________ 15
Send Connectors page ___________________________________________________________________________________________ 15
Specify how to send mail with this connector ___________________________________________________________________ 15
Add * Address Space _____________________________________________________________________________________________ 15
Add Mailbox Server as Source Server ____________________________________________________________________________ 15
Finally _____________________________________________________________________________________________________________ 15
TABLE OF CONTENTS
Configuring Accepted Domains __________________________________________________________________________ 16
Open the Exchange Admin Center _______________________________________________________________________________ 16
Accepted domains Page __________________________________________________________________________________________ 16
Specify the domain type _________________________________________________________________________________________ 16
Finally _____________________________________________________________________________________________________________ 16
Configuring Email Address Policy ________________________________________________________________________ 17
Open the Exchange Admin Center _______________________________________________________________________________ 17
Email address policies page ______________________________________________________________________________________ 17
Finally _____________________________________________________________________________________________________________ 17
Configuring External and Internal URLs _________________________________________________________________ 18
Create the following external DNS entries _______________________________________________________________________ 18
Create the following Internal DNS entries _______________________________________________________________________ 18
Open the Exchange Admin Center _______________________________________________________________________________ 18
Select the Internet-facing Client Access server __________________________________________________________________ 18
Outlook Anywhere External URL _________________________________________________________________________________ 18
Outlook Anywhere Internal URL _________________________________________________________________________________ 18
Virtual directories ________________________________________________________________________________________________ 18
Open Exchange Management Shell ______________________________________________________________________________ 18
Outlook Web App (OWA) ________________________________________________________________________________________ 19
Exchange Control Panel (ECP) ____________________________________________________________________________________ 19
Exchange ActiveSync _____________________________________________________________________________________________ 19
Offline Address Book Distribution (OAB) ________________________________________________________________________ 19
Autodiscover _____________________________________________________________________________________________________ 19
Exchange Webservices (EWS) ____________________________________________________________________________________ 19
Restart IIS _________________________________________________________________________________________________________ 20
Accessing Virtual directories from Exchange Admin Center_____________________________________________________ 20
Configure Certificate _____________________________________________________________________________________ 21
Part 1 - Create Certificate Request _______________________________________________________________________________ 21
Open the Exchange Admin Center _______________________________________________________________________________ 21
TABLE OF CONTENTS
Certificates page _________________________________________________________________________________________________ 21
Select Internet-facing Client Access server to store the certificate _____________________________________________ 21
Add any additional domains you want include __________________________________________________________________ 21
Choose the common name ______________________________________________________________________________________ 21
Provide information about your organization ___________________________________________________________________ 22
Finally _____________________________________________________________________________________________________________ 22
Part 2 - submit the request to your certificate authority (CA) __________________________________________________ 22
Part 3 - Complete pending request ______________________________________________________________________________ 22
Open the Exchange Admin Center _______________________________________________________________________________ 22
Certificates page _________________________________________________________________________________________________ 22
Select the services you want to assign to this certificate ________________________________________________________ 22
Part 4 – Verify the certificate_____________________________________________________________________________________ 22
Open the Exchange Admin Center _______________________________________________________________________________ 22
Certificates page _________________________________________________________________________________________________ 23
Configure Unified Messaging ____________________________________________________________________________ 24
Part 1: Download and install the required UM language packs _________________________________________________ 24
Part 2: Create the UM dial plan __________________________________________________________________________________ 24
Open the Exchange Admin Center ____________________________________________________________________________ 24
Unified Messaging _____________________________________________________________________________________________ 24
New UM Dial Plan page _______________________________________________________________________________________ 24
Part 3: Create an UM IP Gateway ________________________________________________________________________________ 26
Open the Exchange Admin Center ____________________________________________________________________________ 26
Unified Messaging _____________________________________________________________________________________________ 26
New UM IP Gateways page ___________________________________________________________________________________ 26
Part 4: Create a UM auto attendant _____________________________________________________________________________ 26
Open the Exchange Admin Center ____________________________________________________________________________ 26
Unified Messaging _____________________________________________________________________________________________ 26
UM Dial Plan page _____________________________________________________________________________________________ 26
New UM auto attendant page ________________________________________________________________________________ 27
TABLE OF CONTENTS
Open the Exchange Admin Center ____________________________________________________________________________ 27
Unified Messaging _____________________________________________________________________________________________ 27
New UM Dial Plan page _______________________________________________________________________________________ 27
Part 5: Create a UM mailbox policy ______________________________________________________________________________ 29
Open the Exchange Admin Center ____________________________________________________________________________ 29
Unified Messaging _____________________________________________________________________________________________ 29
UM Dial Plan page _____________________________________________________________________________________________ 29
New UM Mailbox Policy page _________________________________________________________________________________ 29
Part 6: Enable users for UM ______________________________________________________________________________________ 29
Open the Exchange Admin Center ____________________________________________________________________________ 29
Recipients _____________________________________________________________________________________________________ 30
Enable UM Mailbox page _____________________________________________________________________________________ 30
UM Dial Plan page _____________________________________________________________________________________________ 30
Post Installation Tasks ____________________________________________________________________________________ 31
Enter Product Key ________________________________________________________________________________________________ 31
High availability options for your Mailbox servers _______________________________________________________________ 31
Maintaining Exchange organization ______________________________________________________________________________ 31
For more Information: ___________________________________________________________________________________ 32
Contact Information _____________________________________________________________________________________ 33
Disclaimer ________________________________________________________________________________________________________ 33
INTRODUCTION
Page 1
Introduction
PURPOSE OF THIS DOCUMENT The purpose of this document is to help you for Microsoft Exchange Server 2013 Deployment.
The information and procedures included in this document focus on the deploying Exchange 2013
Server on a Test Lab, Intended for those who knows older versions of Exchange and are trying to check
out the latest and greatest Exchange.
ASHWIN VENUGOPAL This is my Documentation focused on building an Exchange 2013 Test Environment. My goal is to create relevant content that can be helpful in your Exchange 2013 Deployment and Testing. My past experience include working as Product Support Engineer, Technology Consultant, Architect (Microsoft Exchange), Trainer and as a Migration Specialist. I also conduct career oriented Events to help others in Learning Microsoft Products. I can be reached on my personal mail id: Ashwin.techs@msn.com
BEFORE YOU BEGIN
Page 2
Before you Begin
To make best use of this document, you must have:
Knowledge and Experience administering Windows Server, Active Directory, DNS, Certificates
(including PKI Certificate) on Windows Server 2008 R2 or Windows Server 2012.
INSTALLING EXCHANGE 2013 INTO EXISTING EXCHANGE ORGANIZATIONS This is not intended to be covered in this document, this will be based on a pure Exchange 2013
Organization. Another document on Coexistence and Migration will be documented later.
SERVER ROLES Exchange 2013 has two Roles:
1) Mailbox Server Role
2) Client Access Server Role
Each organization requires minimum one Mailbox Server Role and Client Access
Server Role.
Mailbox Server Role Includes:
Client Access Protocols
Transport Service
Mailbox Databases
Unified Messaging (Except SIP Redirection)
Handles all activities for active Mailboxes on that Server
Client Access Server Role Includes:
Authentication
Redirection (limited)
Proxy Services for HTTP, POP, IMAP and SMTP
Thin and Stateless Server
Does not do any data rendering
Nothing is queued or stored here (except diagnostic logging)
BEFORE YOU BEGIN
Page 3
ACTIVE DIRECTORY UPDATE Active Directory (Schema, Configuration and Domain Partitions) needs to be updated if this is the first Exchange 2013 Installation. These updates needs to be done by Active Directory Administrator and need approval from your Internal Active Directory Team.
CERTIFICATES SSL Certificates are required to protect communication between the Exchange Servers and Clients.
Certificate can be Third Party Certificates, Private Certificate or Self Signed Certificate.
1) Third Party Certificates
a. Issued by
i. GoDaddy
ii. Verisign
iii. Thawte
iv. Comodo
v. GlobalSign
vi. Etc.. etc..
b. Third Party Certificates are trusted by most operating Systems and browsers.
c. These certificates need to be purchased.
2) Private Certificates
a. Issued by Internal Private Certificate Authority
b. These certificates has no cost to issue.
c. Drawback is it only trusted internally inside your organization.
d. External networks should be manually configured to trust this certificate.
3) Self-Signed Certificates
a. Issued by Individual Computer and not by a Private Certificate Authority
b. These certificates has no cost to issue.
c. Drawback is it not trusted on any other computers, operating system or browsers.
d. Other computers should be manually configured to trust this certificate.
DNS Microsoft recommends to use Split DNS.
Split DNS (Split horizon DNS/ Split-brain DNS / Split-view DNS) is a concept that allows you to
configure different IP Addresses for same hostname depending on where the DNS request came from.
For example:
BEFORE YOU BEGIN
Page 4
External Internet Users who visit www.contoso.com will be sent to the company’s public website
while employees in the internal network will be sent to the company’s private intranet site.
CLIENTS Exchange 2013 supports the following clients:
1) Outlook 2013
2) Outlook 2010 SP1 with April 2012 Cumulative Update (or Later)
3) Outlook 2007 Sp3 with July 2012 Cumulative Update (or Later)
4) Entourage 208 for Mac, Web Services Edition (Web DAV Editions are no longer supported)
5) Outlook for Mac 2011
HYBRID DEPLOYMENT WITH OFFICE 365 Hybrid deployment is again out of scope in this documentation, same will be covered in another
upcoming documentation.
PREREQUISITES
Page 5
Prerequisites
ACTIVE DIRECTORY PREREQUISITE • Forest Functional level is at least Windows Server 2003.
• Schema master and Global Catalog is running Windows Server 2003 with Service Pack 2 or later.
SYSTEM PREREQUISITE
• The full installation option of Windows Server 2012 and Windows Server 2008 R2 SP1.
• You must first join the computer to the appropriate internal Active Directory domain.
• Install the latest Windows updates on your computer.
• If you're installing the Mailbox server role and you intend for the server to be a member of a
database availability group (DAG), you must be running Windows Server 2012 Standard or
Datacenter Edition or Windows Server 2008 R2 SP1 Enterprise Edition.
EXCHANGE SERVER 2013 PREREQUISITE • Windows Server 2012 prerequisites
• The prerequisites that are needed to install Exchange 2013 on a Windows Server 2012
computer depends on which Exchange roles you want to install. Read the section below that
matches the roles you want to install.
• Mailbox server role or combined Mailbox and Client Access server roles
• Run the following command to install the required Windows components.
Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience,
NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-
Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt,
RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-
Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-
Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-
Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing,
Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-
Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45,
Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-
Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-
Foundation
• After you've installed the operating system roles and features, install the following software in the
order shown:
PREREQUISITES
Page 6
1) Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit
2) Microsoft Office 2010 Filter Pack 64 bit
3) Microsoft Office 2010 Filter Pack SP1 64 bit
• Client Access server role
• Run the following command to install the required Windows components.
Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience,
NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-
Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt,
RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-
Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-
Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-
Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing,
Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-
Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45,
Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-
Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-
Foundation
• After you've installed the operating system roles and features, install the following software:
• Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit
If installing on Windows Server 2008 R2 SP1
Refer the below TechNet
http://technet.microsoft.com/en-us/library/bb691354(v=exchg.150).aspx
PERMISSIONS TO INSTALL EXCHANGE SERVER 2013
Task Permissions Required
Install the Mailbox Server Role ( First Exchange 2013 Server Installation and where AD Preparation is not performed)
Local Administrator
Enterprise Administrator
Schema Administrator
Install the Second Mailbox Server Role Local Administrator
Organization Management
Task Permissions Required
Install the Client Access Server Role Local Administrator
PREREQUISITES
Page 7
PERMISSIONS TO MANAGE EXCHANGE SERVER 2013
Task Permissions Required
Configure Mail Flow Organization Management
Configure Accepted Domains Organization Management
Configure Email Address Policies Organization Management
Configure External URLs Organization Management
or
Server Management
Configure Certificates Organization Management
or
Server Management
Local Administrator
Configure Unified Messaging Organization Management
or
UM Management
Configure Site Mailboxes Organization Management
or
Server Management
ASSUMPTIONS
Page 8
Assumptions
INSIGHT TO THE LAB Servers are ready with following configuration. Make sure to Join them to Domain once ADDS is
installed.
Server Name Operating System IP Address Subnet Mask Primary DNS IP
EX2013DC1 Windows Server 2008 R2 SP1 + Windows Update 192.168.1.50 255.255.255.0 192.168.1.50
EX2013MB1 Windows Server 2012 Standard Edition + Windows Update 192.168.1.51 255.255.255.0 192.168.1.50
EX2013MB2 (Required for Part 2)
Windows Server 2012 Standard Edition + Windows Update 192.168.1.52 255.255.255.0 192.168.1.50
EX2013CA1 Windows Server 2012 Standard Edition + Windows Update 192.168.1.53 255.255.255.0 192.168.1.50
DETAILS OF THESE SERVERS
Description Value
Active Directory Forest contoso.local
Active Directory Server Name (GC) EX2013DC1
Internal Exchange 2013 Mailbox Server Name EX2013MB1
Internal Second Exchange 2013 Mailbox Server Name EX2013MB2
Internal Exchange 2013 Client Access Server Name EX2013CA1
External Exchange Server FQDN mail.contoso.com
External Outlook Anywhere FQDN
External Outlook Address Book FQDN
External remote PowerShell FQDN
Internal Exchange Server FQDN mail.contoso.local
Internal Outlook Anywhere FQDN mail.contoso.local
Internal Outlook Address Book FQDN mail.contoso.local
Internal remote PowerShell FQDN mail.contoso.local
External Outlook Web App FQDN mail.contoso.com mail.contoso.local autodiscover.contoso.com
Internal Outlook Web App FQDN
Autodiscover FQDN
Primary SMTP Namespace contoso.com
User Principal Name Domain contoso.com
INSTALLATION AND PREPARATION OF ACTIVE DIRECTORY
Page 9
Installation and Preparation of Active Directory
INSTALLING ACTIVE DIRECTORY DOMAIN SERVICES (ADDS)
1. On EX2013DC1, click Start, click Run, type dcpromo, and then click OK.
2. The Active Directory Domain Services Server Role will be installed.
3. Once the role has been installed, you will be presented with the Active Directory Domain
Services Installation Wizard. Click Next.
4. On the Operating System Compatibility page, Click Next.
5. On the Choose a Deployment Configuration page, select the Create a new domain in a new
forest option, and then click Next.
6. On the Name the Forest Root Domain page, enter the FQDN of the forest root domain in
the FQDN of the forest root domain field, and then click Next.
(In our scenario Contoso.Local)
7. On the Set Forest Functional Level page, select a forest functional level, and then click Next. I
used a forest functional level of Windows Server 2008 R2.
8. On the Additional Domain Controller Options page, ensure DNS server is selected, and then
click Next.
9. Click Yes on the delegation for DNS server warning.
10. On the Location for Database, Log files, and SYSVOL page, accept the defaults, and then
click Next.
11. On the Directory Services Restore Mode Administrator Password page, enter and confirm a
password, and then click Next.
12. On the Summary page, verify the information, and then click Next.
13. The installation of Active Directory begins. You can select the Reboot on completion option to
have the computer reboot when the installation is completed.
PREPARING ACTIVE DIRECTORY FOR EXCHANGE 2013 Prepare AD Scheme
From a Command Prompt window, run the following command. (If you want, you can skip this step and prepare the schema as part of Step 2.) setup /PrepareSchema or setup /ps
Prepare AD
INSTALLATION AND PREPARATION OF ACTIVE DIRECTORY
Page 10
From a Command Prompt window, run the following command. setup /PrepareAD [/OrganizationName: <organization name> ] or setup
/p [/on:<organization name>]
In our case:
Prepare AD Domain
From a Command Prompt window, run one of the following commands:
Run setup /PrepareDomain or setup /pd to prepare the local domain. You don't need to
run this in the domain where you ran Step 2. Running setup /PrepareAD prepares the local domain.
Run setup /PrepareDomain:<FQDN of domain you want to prepare> to prepare a
specific domain.
Run setup /PrepareAllDomains or setup /pad to prepare all domains in your
organization.
INSTALL EXCHANGE 2013 MAILBOX SERVER ROLE
Page 11
Install Exchange 2013 Mailbox Server Role
LOG ON TO EX2013MB1. Navigate to the location where you got the Exchange 2013 installation files. Right-click Setup.exe and select Run as administrator.
CHECK FOR UPDATES PAGE Choose whether you want Setup to connect to the Internet and download product and security updates for Exchange 2013. Click Next to continue.
INTRODUCTION PAGE This begins the process of installing Exchange into your organization. This will give links to some helpful deployment content. It’s recommended you visit these links prior to continuing setup. Click Next to continue.
LICENSE AGREEMENT PAGE Here you can review the software license terms. If you agree to the terms, select I accept the terms in the license agreement. Click Next to continue.
RECOMMENDED SETTINGS PAGE Here you can select whether you want to use the recommended settings. Use recommended settings will automatically send error reports and information about your computer hardware and how you use Exchange to Microsoft. If you don't use it, these settings remain disabled but you can enable them at any time after Setup completes. Click Next to continue.
SERVER ROLE SELECTION PAGE Here select the Roles you want to install, here in our case we will select Mailbox Server Role. The management tools are installed automatically. If Exchange Prerequisites as mentioned in the earlier section is not installed, Select automatically install Windows Server roles and features that are required to install Exchange Server. Server will need to be rebooted to complete the installation of some Windows features.
INSTALL EXCHANGE 2013 MAILBOX SERVER ROLE
Page 12
Note: This option will only install the Windows features required by Exchange. You must install other prerequisites manually. Click Next to continue.
INSTALLATION SPACE AND LOCATION PAGE You can either accept the default installation location or click Browse to choose a new location. Click Next to continue. NOTE: If this is your first Exchange Installation and you haven’t already prepared Active Directory for Exchange, you will be prompted to enter an Exchange organization name. Click Next to continue.
MALWARE PROTECTION SETTINGS PAGE Here you can choose whether you want to enable or disable malware scanning. Unless there is a
specific reason you won’t want to disable malware scanning.
Click Next to continue.
READINESS CHECKS PAGE Here you can see if the organization and server role prerequisite checks completed successfully. If they
haven't completed successfully, you must resolve any reported errors before you can install Exchange
2013. Once after resolving a reported error, click Back and then
Click Next to run the prerequisite check again.
If there is no Send Connector for Internet Mail flow then you may see a warning, but you can still
proceed with the server installation.
Click Install to install Exchange 2013. This is fairly a lengthy Installation.
COMPLETION PAGE Click Finish. Restart the computer.
INSTALL EXCHANGE 2013 CLIENT ACCESS SERVER ROLE
Page 13
Install Exchange 2013 Client Access Server Role
LOG ON TO EX2013CA1. Navigate to the location where you got the Exchange 2013 installation files. Right-click Setup.exe and select Run as administrator.
CHECK FOR UPDATES PAGE Choose whether you want Setup to connect to the Internet and download product and security updates for Exchange 2013. Click Next to continue.
INTRODUCTION PAGE This begins the process of installing Exchange into your organization. This will give links to some helpful deployment content. It’s recommended you visit these links prior to continuing setup. Click Next to continue.
LICENSE AGREEMENT PAGE Here you can review the software license terms. If you agree to the terms, select I accept the terms in the license agreement. Click Next to continue.
RECOMMENDED SETTINGS PAGE Here you can select whether you want to use the recommended settings. Use recommended settings will automatically send error reports and information about your computer hardware and how you use Exchange to Microsoft. If you don't use it, these settings remain disabled but you can enable them at any time after Setup completes. Click Next to continue.
SERVER ROLE SELECTION PAGE Here select the Roles you want to install, here in our case we will select Client Access Server Role. The management tools are installed automatically. If Exchange Prerequisites as mentioned in the earlier section is not installed, Select automatically install Windows Server roles and features that are required to install Exchange Server. Server will need to be rebooted to complete the installation of some Windows features.
INSTALL EXCHANGE 2013 CLIENT ACCESS SERVER ROLE
Page 14
Note: This option will only install the Windows features required by Exchange. You must install other prerequisites manually. Click Next to continue.
INSTALLATION SPACE AND LOCATION PAGE You can either accept the default installation location or click Browse to choose a new location. Click Next to continue. NOTE: If this is your first Exchange Installation and you haven’t already prepared Active Directory for Exchange, you will be prompted to enter an Exchange organization name. Click Next to continue.
MALWARE PROTECTION SETTINGS PAGE Here you can choose whether you want to enable or disable malware scanning. Unless there is a
specific reason you won’t want to disable malware scanning.
Click Next to continue.
READINESS CHECKS PAGE Here you can see if the organization and server role prerequisite checks completed successfully. If they
haven't completed successfully, you must resolve any reported errors before you can install Exchange
2013. Once after resolving a reported error, click Back and then
Click Next to run the prerequisite check again.
If there is no Send Connector for Internet Mail flow then you may see a warning, but you can still
proceed with the server installation.
Click Install to install Exchange 2013. This is fairly a lengthy Installation.
COMPLETION PAGE Click Finish. Restart the computer.
CONFIGURING MAIL FLOW
Page 15
Configuring Mail Flow
OPEN THE EXCHANGE ADMIN CENTER Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
SEND CONNECTORS PAGE Navigate - Mail flow > Send connectors > New +
This opens New send connector wizard, specify a name for the Send connector (for eg. To Internet)
and then select Internet. Click Next.
SPECIFY HOW TO SEND MAIL WITH THIS CONNECTOR Select "MX record associated with recipient domain".
Click Next.
ADD * ADDRESS SPACE Under Address space, click Add.
In the Add domain window, make sure SMTP is selected in the Type field. In the Fully Qualified
Domain Name (FQDN) field, enter *. Click Save. Make sure Scoped send connector isn't selected.
Click Next.
ADD MAILBOX SERVER AS SOURCE SERVER Under Source server, click Add.
In the Select a Server window, select a Mailbox server (EX2013MB1).
After you've selected the server, click Add and then Click OK.
FINALLY Click Finish.
CONFIGURING ACCEPTED DOMAINS
Page 16
Configuring Accepted Domains
OPEN THE EXCHANGE ADMIN CENTER Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
ACCEPTED DOMAINS PAGE Navigate - Mail flow > Accepted domains > New +
This opens New accepted domain wizard, specify a name for the accepted domain, and add the SMTP
recipient domain you want to add in the Accepted domain field. In our case its contoso.com – This will
be your smtp email domain and Click Next.
SPECIFY THE DOMAIN TYPE Select Authoritative domain.
FINALLY Click Save.
CONFIGURING EMAIL ADDRESS POLICY
Page 17
Configuring Email Address Policy
OPEN THE EXCHANGE ADMIN CENTER Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
EMAIL ADDRESS POLICIES PAGE Navigate - Mail flow > Email address policies
Select Default Policy and then click Edit .
Click Email Address Format > select the SMTP address you want to change > Edit .
Specify the SMTP recipient domain you want to apply to all recipients in the Email address parameters
field. In our case, @contoso.com. This domain must match the accepted domain you added in the
previous step. Click Save.
Click Save.
FINALLY In the Default Policy details pane, click Apply.
CONFIGURING EXTERNAL AND INTERNAL URLS
Page 18
Configuring External and Internal URLs
CREATE THE FOLLOWING EXTERNAL DNS ENTRIES
FQDN DNS record type Value
Contoso.com MX Mail.contoso.com
Mail.contoso.com A Your Exchange Public IP
Owa.contoso.com CNAME Mail.contoso.com
Autodiscover.contoso.com CNAME Mail.contoso.com
CREATE THE FOLLOWING INTERNAL DNS ENTRIES
FQDN DNS record type Value
Mail.contoso.local CNAME Internal FQDN of Client Access Server
Owa.contoso.local CNAME Internal FQDN of Client Access Server
OPEN THE EXCHANGE ADMIN CENTER Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
SELECT THE INTERNET-FACING CLIENT ACCESS SERVER Navigate - Servers > Servers > Internet-facing Client Access server (In our case EX2013CA1) > Edit
OUTLOOK ANYWHERE EXTERNAL URL Specify the externally accessible FQDN of the Client Access server in the external hostname field. In
our case: mail.contoso.com.
OUTLOOK ANYWHERE INTERNAL URL Specify the internal hostname field, insert the FQDN you used in the previous step. For example,
mail.contoso.local.
VIRTUAL DIRECTORIES
OPEN EXCHANGE MANAGEMENT SHELL Start > All Programs > Microsoft Exchange Server 2013 > Exchange Management.
CONFIGURING EXTERNAL AND INTERNAL URLS
Page 19
OUTLOOK WEB APP (OWA) Run the below command on Exchange Management Shell (change the url as per your requirements)
Set-OwaVirtualDirectory -Identity "EX2013CA1\owa (Default Web Site)" -InternalUrl
https://owa.contoso.local/owa -ExternalUrl https://owa.contoso.com/owa -FormsAuthentication
$false -BasicAuthentication $false -WindowsAuthentication $true
EXCHANGE CONTROL PANEL (ECP) Run the below command on Exchange Management Shell (change the url as per your requirements)
Set-EcpVirtualDIrectory -identity "EX2013CA1\ecp (Default Web Site)" -InternalUrl
https://owa.contoso.local/ecp -ExternalUrl https://owa.contoso.com/ecp -FormsAuthentication $false
-BasicAuthentication $false -WindowsAuthentication $true
EXCHANGE ACTIVESYNC Run the below command on Exchange Management Shell (change the url as per your requirements).
Set-ActiveSyncVirtualDirectory -Identity "EX2013CA1\Microsoft-Server-ActiveSync (Default Web Site)"
-InternalUrl https://owa.contoso.local/Microsoft-Server-ActiveSync -ExternalUrl
https://owa.contoso.com/Microsoft-Server-ActiveSync
OFFLINE ADDRESS BOOK DISTRIBUTION (OAB) Run the below command on Exchange Management Shell (change the url as per your requirements).
Set-OabVirtualDirectory -Identity "EX2013CA1\OAB (Default Web Site)" -InternalUrl
https://owa.contoso.local/oab -ExternalUrl https://owa.contoso.com/oab
AUTODISCOVER Run the below command on Exchange Management Shell (change the url as per your requirements).
Set-ClientAccessServer -Identity EX2013CA1 -AutodiscoverServiceInternalUri
https://owa.contoso.com/Autodiscover/Autodiscover.xml
EXCHANGE WEBSERVICES (EWS) Run the below command on Exchange Management Shell (change the url as per your requirements).
CONFIGURING EXTERNAL AND INTERNAL URLS
Page 20
Set-WebServicesVirtualDirectory -Identity "EX2013CA1\EWS (Default Web Site)" -InternalUrl
https://owa.contoso.local/EWS/Exchange.asmx -ExternalUrl
https://owa.contoso.com/EWS/Exchange.asmx
RESTART IIS Open Command Prompt and Type IISRESET /NOFORCE
ACCESSING VIRTUAL DIRECTORIES FROM EXCHANGE ADMIN CENTER Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in. Navigate - Servers > Virtual directories
CONFIGURE CERTIFICATE
Page 21
Configure Certificate
PART 1 - CREATE CERTIFICATE REQUEST
OPEN THE EXCHANGE ADMIN CENTER Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
CERTIFICATES PAGE Navigate - Servers > Certificates > Select Client Access server >New
This opens New Exchange certificate wizard, select Create a request for a certificate from a
certification authority and then click Next
Give a name for this certificate (you can provide any name) and then click Next.
This page is optional, If you want to request a wildcard certificate, select Request a wild-card
certificate and then specify the root domain of all subdomains in the Root domain field. If you don't
want to request a wildcard certificate leave this page blank and Click Next.
SELECT INTERNET-FACING CLIENT ACCESS SERVER TO STORE THE CERTIFICATE Click Browse and specify an Internet facing client access server to store the certificate on.
Click Next.
Now verify that or each service in the list shown, verify that the external or internal server names.
These domains will be added in the SSL certificate request.
Click Next.
ADD ANY ADDITIONAL DOMAINS YOU WANT INCLUDE
CHOOSE THE COMMON NAME Select the domain that you want to be the common name for the certificate and click Set as common
name. In this case, mail.contoso.com.
Click Next.
CONFIGURE CERTIFICATE
Page 22
PROVIDE INFORMATION ABOUT YOUR ORGANIZATION Click Next.
FINALLY Specify the network location where you want this certificate request to be saved.
Click Finish.
PART 2 - SUBMIT THE REQUEST TO YOUR CERTIFICATE AUTHORITY (CA) This can be an internal CA or a third-party CA, depending on your organization. And download the certificate to Internet Facing Client Access Server.
PART 3 - COMPLETE PENDING REQUEST This can be an internal CA or a third-party CA, depending on your organization.
OPEN THE EXCHANGE ADMIN CENTER Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
CERTIFICATES PAGE Navigate - Servers > Certificates > select the certificate request you created in the previous steps. In the certificate request details pane, click Complete under Status. On the Complete pending request page, specify the path to the SSL certificate file and then click OK.
SELECT THE SERVICES YOU WANT TO ASSIGN TO THIS CERTIFICATE Select the new certificate you just added, and then click Edit . On the certificate page, click Services. Select SMTP and IIS as services you want to assign to this certificate. And you can click yes to the warning “Overwrite the existing default SMTP certificate?”
PART 4 – VERIFY THE CERTIFICATE
OPEN THE EXCHANGE ADMIN CENTER Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
CONFIGURE CERTIFICATE
Page 23
CERTIFICATES PAGE Navigate - Servers > Certificates Select the new certificate
Check the certificate details pane, verify that status shows as valid and Assigned to services shows as
IIS and SMTP
CONFIGURE UNIFIED MESSAGING
Page 24
Configure Unified Messaging
PART 1: DOWNLOAD AND INSTALL THE REQUIRED UM LANGUAGE PACKS By default, when you install a Mailbox server, the U.S. English language (en-US) is installed. It's the
only available language option for your dial plan unless you install another UM language pack.
Download the language-specific UM language pack (.exe) file from the below location and Install it.
http://www.microsoft.com/en-us/download/details.aspx?id=35368
PART 2: CREATE THE UM DIAL PLAN
Open the Exchange Admin Center
Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
Unified Messaging
Navigate - Unified Messaging > UM dial plans > Add
New UM Dial Plan page
Here you need to complete the following
Name
Type the name of the dial plan.
Extension length (Digits)
Enter the number of digits for extension numbers in the dial plan.
This is a required box that has a value range from 1 through 20. You must specify a number of digits
that matches the number of digits in your extensions.
Dial Type
A Uniform Resource Identifier (URI)
There are three types of URIs
CONFIGURE UNIFIED MESSAGING
Page 25
Telephone Extension
This is the most common URI type.
The calling and called party information from the VoIP gateway or IP Private Branch eXchange (PBX) is
listed in one of the following formats: Tel:512345 or 512345@<IP address>. This is the default URI
type for dial plans.
SIP URI
This is used with IP PBX that supports SIP (Session Initiation Protocol) routing.
IP PBX, or Communications Server 2007 R2 or Lync Server is listed as a SIP address in the following
format: sip:<username>@<domain or IP address>:Port.
E.164
E.164 is an international numbering plan for public telephone systems in which each assigned number
contains a country code, a national destination code, and a subscriber number.
For example: +1 425 xxx xxxx
VOIP Security Mode
You can select one of the following:
Unsecured Mode
In unsecured mode, neither the Realtime Transport Protocol (RTP) media channel nor the SIP signaling
information is encrypted.
SIP secured
When you select SIP secured, only the SIP signaling traffic is encrypted, and the RTP media channels
still use TCP, which isn't encrypted.
Secured
When you select Secured, both the SIP signaling traffic and the RTP media channels are encrypted.
Note:
Client Access Server uses TCP Port 5060 for unsecure communication and TCP Port 5061 for secure
communication.
CONFIGURE UNIFIED MESSAGING
Page 26
Country / Region Code
You can type the country/region code number to be used for outgoing calls.
Save
Click Save
PART 3: CREATE AN UM IP GATEWAY
Open the Exchange Admin Center
Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
Unified Messaging
Navigate - Unified Messaging > UM IP Gateways > Add
New UM IP Gateways page
Here you need to complete the following
UM Dial Plan
Click Browse and select the UM dial plan that we just created.
Save
Click Save
PART 4: CREATE A UM AUTO ATTENDANT
Open the Exchange Admin Center
Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
Unified Messaging
Navigate - Unified Messaging > UM dial plans
Select the earlier created dial plan and Click Edit
UM Dial Plan page
Under UM Auto Attendants, click Add
CONFIGURE UNIFIED MESSAGING
Page 27
New UM auto attendant page
Here you need to complete the following
Create this auto attendant as enabled
Select this check box. By default, a new auto attendant is created as disabled.
Set the auto attendant to respond to voice commands
Select this check box to speech-enable the UM auto attendant.
Access numbers
Enter the extension or telephone numbers that callers will use to reach the auto attendant.
Save
Click Save
Open the Exchange Admin Center
Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
Unified Messaging
Navigate - Unified Messaging > UM dial plans > Add
New UM Dial Plan page
Here you need to complete the following
Name
Type the name of the dial plan.
Extension length (Digits)
Enter the number of digits for extension numbers in the dial plan.
This is a required box that has a value range from 1 through 20. You must specify a number of digits
that matches the number of digits in your extensions.
Dial Type
A Uniform Resource Identifier (URI)
There are three types of URIs
CONFIGURE UNIFIED MESSAGING
Page 28
Telephone Extension
This is the most common URI type.
The calling and called party information from the VoIP gateway or IP Private Branch eXchange (PBX) is
listed in one of the following formats: Tel:512345 or 512345@<IP address>. This is the default URI
type for dial plans.
SIP URI
This is used with IP PBX that supports SIP (Session Initiation Protocol) routing.
IP PBX, or Communications Server 2007 R2 or Lync Server is listed as a SIP address in the following
format: sip:<username>@<domain or IP address>:Port.
E.164
E.164 is an international numbering plan for public telephone systems in which each assigned number
contains a country code, a national destination code, and a subscriber number.
For example: +1 425 xxx xxxx
VOIP Security Mode
You can select one of the following:
Unsecured Mode
In unsecured mode, neither the Realtime Transport Protocol (RTP) media channel nor the SIP signaling
information is encrypted.
SIP secured
When you select SIP secured, only the SIP signaling traffic is encrypted, and the RTP media channels
still use TCP, which isn't encrypted.
Secured
When you select Secured, both the SIP signaling traffic and the RTP media channels are encrypted.
Note:
Client Access Server uses TCP Port 5060 for unsecure communication and TCP Port 5061 for secure
communication.
CONFIGURE UNIFIED MESSAGING
Page 29
PART 5: CREATE A UM MAILBOX POLICY What would you like your readers to understand? Add notes on key takeaways here.
Open the Exchange Admin Center
Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
Unified Messaging
Navigate - Unified Messaging > UM dial plans > Add
UM Dial Plan page
Under UM Mailbox Policies, click Add
New UM Mailbox Policy page
Here you need to complete the following
Name
Type the name of the UM Unified Mailbox Policy.
Note
UM Unified Mailbox Policy cannot be deleted if it is associated with any users.
Save
Click Save.
When you save the UM mailbox policy, all the default settings such as PIN policies, voice mail features,
and Protected Voice Mail settings are enabled.
If you want to customize or change these settings, use EAC to change the settings for the UM mailbox
policy.
PART 6: ENABLE USERS FOR UM
Open the Exchange Admin Center
Browse to the URL of your Client Access server. i.e, https://EX2013CA1/ECP. Enter your username and password in Domain\user name and Password, and then click Sign in.
CONFIGURE UNIFIED MESSAGING
Page 30
Recipients
Click on Recipients and Select the user for which you want to enable UM.
In the Details pane, under Phone and Voice Features, click Enable.
Enable UM Mailbox page
On the Enable UM mailbox page, click the Browse button next to UM mailbox policy, locate the UM
mailbox policy you just created, and then click OK.
UM Dial Plan page
Here you need to complete the following
SIP Address or E.164 Number
The number of digits that you add here must match the number of digits configured on the SIP URI or
E.164 dial plan.
Extension Number
Please note that the number of digits in the extension is set on the dial plan that’s linked to the UM
mailbox policy that’s assigned to the user.
PIN Settings
You can choose from these three options
Automatically generate PIN
This is the default setting. When you click this button, a PIN is automatically generated based on the
PIN policies configured on the UM mailbox policy assigned to the user.
Type a PIN
Manually specify a PIN
Require the user to reset their PIN the first time they sign in
Select this check box to force the user to reset their voice mail PIN
Finish
Click finish to confirm the settings and enable UM for the recipient.
Configuring Lync settings are out of scope of this document. Separate documentation will be made on
the same.
POST INSTALLATION TASKS
Page 31
Post Installation Tasks
ENTER PRODUCT KEY Note:
A server that has a trial edition license functions as an Exchange Standard Edition server, but it isn't
eligible for support from Microsoft support services.
Use the below command or Use EAC to license a Server
Set-ExchangeServer <ServerName> -ProductKey aaaaa-aaaaa-aaaaa-aaaaa-aaaaa
HIGH AVAILABILITY OPTIONS FOR YOUR MAILBOX SERVERS After deploying at least two Mailbox servers, you can configure your Mailbox servers and mailbox
databases for high availability and site resilience.
This will be discussed in detail in the later Parts.
MAINTAINING EXCHANGE ORGANIZATION This will be also discussed in detail in the later Parts.
FOR MORE INFORMATION:
Page 32
For more Information:
1.1 Exchange Forum
http://social.technet.microsoft.com/Forums/en-US/category/exchangeserver
1.2 TechNet
http://technet.microsoft.com/en-us/library/bb124558(v=exchg.150).aspx
1.3 Support
http://support.microsoft.com/ph/730/en-us
1.4 Exchange 2013 Evaluation Edition
http://technet.microsoft.com/en-us/evalcenter/hh973395.aspx
CONTACT INFORMATION
Page 33
Contact Information
ASHWIN VENUGOPAL
Tel: +91 8095590128
My Blog: www.roadtomaster.com
Bangalore, India
DISCLAIMER Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of the Author. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
CONTACT INFORMATION
Page 34
Adobe Portable Document Format is a registered copyright of Adobe Systems Incorporated. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
top related