Jump to content


Andersson

Established Members
  • Posts

    106
  • Joined

  • Last visited

  • Days Won

    7

Everything posted by Andersson

  1. Hi, Even if I sent you a respond on your message, I'll post it here as well if anyone might run into the same issue. Can you create normal mailboxes? If that is the case you can change mailbox type after you've been creating the mailboxes by using set-mailbox -id roommailbox01 -type room I hope this will help you Ps. Are you using CU1?
  2. Hi, I suppose (and hope) you solved this issue? If not, I want you to investigate the installation log, which is placed by default on the C:\ExchangeSetupLogs You can post it here if you want me and others being able to help you Cheers
  3. Hi, Not sure if you have seen the article collection published on the page, have a look: http://www.windows-noob.com/forums/index.php?/topic/3075-exchange-guides/ There is an article about how to install and configure Exchange 2010 I hope this will help you Cheers
  4. Introduction Since Exchange Server 2013 reached RTM the 11th of October, and finally it was published to MSDN the 24th of October. This post is based on the RTM version of Exchange 2013. I decided to write a post that included both the KEMP configuration together with the Exchange 2013 configuration. I’ve also seen that Jaap Wesselius have posted an article regarding this topic already, it’s my hope that I can fill the gap regarding the complete configuration of both Exchange and the load balancer. For illustrating my lab environment, see the picture below. On the left side is the “client” which tries to connect, in the middle is the load balancers and to the right are my two Exchange 2013 servers. I did decide to have one namespace per service for having a better flexibility, however this is NOT required. But the advantage for having it like this is that the load balancer can check the health of each component. If one component is not working, it’s just disabling that service from the corresponding server, and not the whole server. But an disadvantage is a increased cost for the certificate and the load balancer get’s a bit more complex. I’m using the Virtual LoadMaster which resides in different versions (in the end of my post I will provide some links regarding versions etc). Initial configuration My configuration is a two-leg load balancer, where the first leg is placed as an administrative IP (management IP) and the other leg (NIC) is placed into my server/client segment. The initial configuration is done by providing a license key. Go to System Configuration –> Interfaces –> eth0 for configuring the IP address of the first network card. System Configuration –> Local DNS Configuration –> Hostname configuration for giving the VLM a hostname. System Configuration –> Local DNS Configuration –> DNS configuration for configuring the VLM with a domain and DNS server. System Configuration –> Route Management –> Default Gateway for configuring the VLM with a default gateway. Often it’s required to have the VLM understand other networks and can route traffic to them, for configuring additional route go to System Configuration –> Route Management –> Additional Routes. Don’t forget to configure the date and time on the VLM, go to System Configuration –> System Administration –> Date/Time. I’ve configured to use “ntp.lth.se” as my NTP server, it’s recommended to use the NTP option. When the configuration is done, a good tip is to take a backup of it, go to System Configuration –> System Administration –> Backup/Restore. High Availability configuration Kemp is providing a high availability cluster of two load balancing nodes, where one is active and one is passive (standby). I’ve been playing around with it and it works really good. The passive kicks in right away when the active one is broken or restarted/shutdown. During a restart of the active node the passive becomes the active node. In general, they share a cluster IP/name where the configuration is done and on each LB node the local settings can be done such as configuring date/time, IP addresses etc. Start with the first node, for configuring this go to System Configuration –> Miscellaneous Options –> HA Parameters. Set it to “HA Mode: HA (First) Mode”. Go to System Configuration –> Interfaces –> eth0. Give the load balancer cluster a IP address and also provide the IP address for the second node. Don’t forget to press the “Set Shared address” and “Set Partner address” buttons for saving the configuration. Then go back to System Configuration –> System Administration –> System Reboot. Restart the first node. When the first node is back online, continue with the second node. Go to System Configuration –> Miscellaneous Options –> HA Parameters. Set it to “HA Mode: HA (Second) Mode”. Example of my first node. Example of my second node. Creating and configuring load balancing services I will create two examples for load balancing services, one for OWA and one for Outlook Anywhere. Using these examples, you can easily creating services by yourself for the other ones. OWA Go to Virtual Services –> View/Modify Services –> Add New. Type in the IP address for the service in the Virtual Address field, together with port, protocol and name. Press “Add this Virtual Service”. Make sure that “Force L7” is checked, but the “L7 Transparency” is unchecked. Since Exchange 2013 doesn’t require persistence anymore, make sure that the option is set to “None”. For the load method/Scheduling method, I’m using Round-Robin which is pretty much spreading the load on all servers. Under “Real Servers”, let’s configure the health checks. Make sure it’s set to use HTTPS protocol. This together with URL: /owa. Don’t forget to press the “Set URL” button for saving the settings. Let’s press the “Add New…” button under “Real Servers”. Add your Exchange 2013 Client Access servers. When all servers are added, press the Back button. When everything is setup it should look like the figure below. When you’re satisfied with the configuration, press the Back button. The services should then show up as green if the protocols are available. Outlook Anywhere Go to Virtual Services –> View/Modify Services –> Add New. Type in the IP address for the service in the Virtual Address field, together with port, protocol and name. Press “Add this Virtual Service”. Make sure that “Force L7” is checked, while the “L7 Transparency” is unchecked. Since Exchange 2013 doesn’t require persistence anymore, make sure that the option is set to “None”. For the load method/Scheduling method, I’m using “Round-Robin” which is spreading the load to the servers. Under “Real Servers”, let’s configure the health checks. Make sure it’s set to use HTTPS protocol. This together with URL: /rpc. Don’t forget to press the “Set URL” button for saving the settings. Let’s press the “Add New…” button under “Real Servers”. Add your Exchange 2013 Client Access servers. When all servers are added, press the Back button. Everything is now setup for load balancing the Outlook Anywhere function. In the services console, it should look like below if the health is successfully verified. Note: In my lab environment I’ve decided to not use L7 transparency since I don’t have any use for it. It is used when the Client Source IP address needs to show up at the CAS Servers. This can sometimes be important when using SMTP filters. So for proper load balancing, the traffic needs to flow through the load balancer, both back and forth. Therefore you need to change the Default Gateway settings of your servers, when you are activating the L7 Transparency. Final tests Let’s start with testing the load balancing functions so that Outlook is able to connect and that the connections are spread throughout the servers. Here’s my final configuration, for clarifying that I’m using five different VIP’s, one for each service. The figure below shows that Outlook 2013 profile is getting connected, I was using the autodiscover feature for configuring the Outlook profile. Both the InternalHostname and the ExternalHostname is configured to: outlook.testlabs.se in my scenario, on both my servers. For authentication I’m using NTLM. Since Outlook 2013 was worked fine, it’s up to OWA to show up. I reached the form-based authentication page and put in my credentials and finally got to the Inbox. Did this a couple of times, together with login into the Admin Center for getting some more sessions in the load balancer. This for checking so that the VLM spreads the load between the servers in a good way. Below are two figures that shows how the sessions are spread between the servers. To me this looks really good! The first figure shows the servers and how the sessions are spread between them. The second figure does show the services instead of the servers, this together with the total amount of connections last minute and up to the last hour. These two figures together shows how the load is spread, since this is just a lab environment I don’t have an large amount of connections. It would be really interesting to see in a large enterprise environment how the load is spread between the servers. Helpful links General documentation http://www.kemptechn...m/documentation Sizing tool for load balancer (Exchange 2010) http://www.kemptechn...hange-2010.html Deployment guide http://www.kemptechn...de_5_1_v1.6.pdf Compare Load Balancer models http://www.kemptechn...d-balancer.html Exchange Load Balancers http://www.kemptechn...hange-2010.html Virtual Load Balancers http://www.kemptechn...m-overview.html Multi-Site Load Balancers http://www.kemptechn...s/overview.html Thanks for reading! I hope that this was informative and interesting to read, please feel free to provide feedback Regards, Jonas Andersson
  5. Hi, I would like to start saying that it's recommended to use a UC certificate, and include the necessary names into it. Or else deploy internal PKI and deploy your root/intermediate certificate to your devices and you should be fine You can use the http://www.exrca.com and test your activesync feature Cheers
  6. This includes Exchange 2013, Sharepoint 2013, Lync 2013, Office 2013, Project 2013, Visio 2013 etc. These can all be downloaded from MSDN now
  7. Hi, What auth methods is enabled in IIS for RPC? Cheers, Jonas
  8. If you haven’t seen it already, the whole Wave 15 has reached RTM state, which means that the code is ready. This means that Office 2013, Lync 2013, Exchange 2013 and Sharepoint 2013 is now code completed. The software will be available for download in mid November. More information can be found on Exchange Team blog. Another update regarding Exchange is that Microsoft re-released the Update Rollups. Exchange 2010 UR4 for SP2 was re-released as UR4 v2, more info/download. Exchange 2010 UR7 for SP1 was re-released as UR7 v2, more info/download. Exchange 2007 UR8 for SP3 was re-released as UR8 v2, more info/download. Since my last post I’ve had a great time attending MEC in Orlando, lots of great contents and met a lot of inspiring people. In the upcoming weeks I will try to publish the next post, regarding load balancing for Exchange 2013 Preview. (It will be updated when the RTM is downloadable if there are any changes).
  9. Hi, I've been trying to find the EWS Managed API 1.0.0 but can't find it.. Do you got it? Maybe you can share it at skydrive etc? Sounds like you aimed your own issue, when i got the API i will be testing this in my lab and give you my result Sorry for the late reply
  10. Hi, I have an 2007 server where I can test the code and see what I can find out, can you maybe post or send me the full code. What version of EWS API are you using? The version I did find was this one; Web Services Managed API 1.2.1 http://www.microsoft.com/en-us/download/details.aspx?id=30141
  11. It looks correct, it can also be comma separated like Set-ExchangeServer -Identity mail.Contoso.com -StaticDomainController dc-01.Contoso.com,dc-02.Contoso.com -StaticGlobalCatalogs dc-01.Contoso.com,dc-02.Contoso.com Give it a try
  12. Hi, I would advise you to see if you can bind your Exchange server(s) to one of the new servers instead and then get rid of the old ones. When that's done and everything is OK, then remove the binding and restart your Exchange servers for letting it select DC/GC by itself Here are the parameters for using in PowerShell http://technet.microsoft.com/en-us/library/bb123716%28v=exchg.80%29.aspx
  13. Just be aware of the retention policies before deploying this update into Production, or else the end users can end up with lost data Have anyone of you deployed this into Prod yet?
  14. A couple of months ago I did publish a configuration tool for Exchange 2010, it's now updated again. If you're interested, have a look at: http://www.testlabs.se/blog/2012/04/26/c-net-configure-exchange-2010-tool/ Download at http://www.testlabs.se/blog/wp-content/uploads/2012/08/Configure-Exchange-2010_testlabs.se_v.0.93.zip
  15. In this series of posts, you can read about the fresh release of Exchange 2013 beta/Preview. The posts are done as “how-to” posts with configuration examples from both Exchange Administration Console (EAC) and Exchange Management Shell (EMS). Earlier parts can be found below: Part 1: Installation guide Part 2: Basic configuration Part 3: Continue of configuration, URL’s etc. At the end of the post, I will link to some interesting TechNet articles around High Availability, Disaster Recovery, Site resilience and Public Folder migration. Note: My posts around Exchange 2013 Preview/beta are based on Beta information and it could be changed before it will be released (RTM). Database Availability Group (DAG) If this expression is new to you, here are some background information. The DAG is the new cluster technology from Exchange 2010 and also included in 2013. It give us the opportunity to have a mailbox database replicated between two or more servers, the DAG can have utilize up to 16 copies of each database (16 different servers). The advantage of this is that if one server fails, it’s easy and very fast for doing switchover/failover to another server. Some interesting changes around databases are that each database runs under it’s own process in Windows. Store (ESE) is totally rewritten, again.. which means you can’t use databases from older versions of Exchange directly on Exchange 2013. I have also read that IOPS requirements for databases have been reduced with another 50% from Exchange 2010, but I haven’t read it officially so maybe it’s just a rumor. We’ll see what happens when it’s being release and probably Microsoft will release an update mailbox calculator. DAG is available for both Standard and Enterprise version of Exchange, and supported to run on both Windows 2008 R2 and Windows Server 8. Though all DAG members needs to run the same OS version. Let’s get ready to create the DAG and add the Databases as copies on each DAG member/node. Using EAC: It’s time to like the new EAC “console”. Running “ipconfig” on both mailbox servers, for checking the IP addresses. Both for the MAPI network and the Replication network. Go into Control Panel and check the network interfaces, Login to the EAC, go to Servers and select Database Availability Group. Press Add button (+). Type in DAG name, Witness Server, Witness directory and DAG IP. Press Save. When the DAG is created, select it and Press Edit. Check the option “Configure database availability group network manually”. Press Save. It’s now time for adding the mailbox servers into the DAG, this by pressing “Manage membership” button. Press the Add button (+) and add the mailbox servers. Add the mailbox servers that should reside in the DAG. Press OK. Press Save. The configuration now gets saved, failover clustering was installed on mailbox servers. Press Close. Next thing to do it the DAG Networks, as you can see in the right bottom corner, a network called “MapiDagNetwork” has been created. I want to have the control over these networks so I will create my own. Start by pressing “New DAG Network”. I’m about to create two new networks. I will give the first network a name like MAPI Network, and assign the Subnet to it where the clients are supposed to connect. Press Save. My second network will be called Replication Network, since that it’s purpose and also assign it to the correct Subnet. Press Save. Since we now have created those two network, let’s remove the automatic created one by pressing “Remove” button. Press OK. The MAPI Network is not supposed to be used as replication network, so let’s disable that function by pressing “Disable Replication” on the MAPI network. Press OK. The DAG should now show two networks called MAPI and Replication. The MAPI Network should not be enabled for replication. Final DAG configuration The last step (just a recommendation) is to enable the DAC mode, this for preventing split brain syndrome. Which means that you end up with having same database mounted on two (or more) different servers. More info about DAC mode can be found on the link in the end of the post. This can’t be done through EAC (maybe that will change to RTM). So let’s start up Exchange Management Shell (EMC). Set-DatabaseAvailabilityGroup –Identity DAG01 –DatacenterActivationMode DagOnly Database copies On each mailbox database we now need to add a copy to another server for having the redundancy. In the menu, go to Databases and select one database, then press the Add database copy button. Specify mailbox server that at the moments doesn’t hold a copy of the database and add it by pressing the browse button. Press Save. Note: In this menu you also have the option to configure lag time (if using lagging node). The database now get’s copied (Seeding). Then do the same procedure on all of your databases. Press Close, when the operation is done. Do the same procedure on all of your databases. The seeding operation is running. Press Close. It might take a while (some minutes..) until it get’s Healthy and everything has been checked and verified. In my test environment it took around 15min to be fine. It should look like the picture below when everything is completed. Using PowerShell: The Web interface is nice to work with. But I prefer the PowerShell, because I have the full control over what’s going on. Let’s start with creating the DAG by using the command below: New-DatabaseAvailabilityGroup –Name DAG01 –WitnessServer TLCAS01 –WitnessDirectory C:\FSW_DAG01 –DatabaseAvailabilityGroupIpAddresses 172.16.1.15 Configure the DAG so that the networks can be manually configured: Set-DatabaseAvailabilityGroup –Identity DAG01 –ManualDagNetworkConfiguration $True Add the mailbox servers into the DAG: Add-DatabaseAvailabilityGroupServer –Identity DAG01 –MailboxServer TLMB01 Add-DatabaseAvailabilityGroupServer –Identity DAG01 –MailboxServer TLMB02 Enable DAC mode for the DAG: Set-DatabaseAvailabilityGroup –Identity DAG01 –DatacenterActivationMode DagOnly List the DAG Networks: Get-DatabaseAvailabilityGroupNetwork Create two new DAG Networks, one for Mapi and one for Replication: New-DatabaseAvailabilityGroupNetwork –DatabaseAvailabilityGroup DAG01 –Name Mapi –Description “Mapi Network” –ReplicationEnabled $False –Subnets “172.16.1.0/24” New-DatabaseAvailabilityGroupNetwork –DatabaseAvailabilityGroup DAG01 –Name Replication –Description “Replication Network” –ReplicationEnabled $True –Subnets “10.0.0.0/8” Remove the automated created network, it will not be used: Remove-DatabaseAvailabilityGroupNetwork –Identity DAG01\MapiDagNetwork Database copies On each mailbox database we now need to add a copy to another server for having the redundancy. Specify a mailbox server that at the moments doesn’t hold a copy of the database and add it by running the following commands. Add-MailboxDatabaseCopy –Identity DB01 –MailboxServer TLMB02 Add-MailboxDatabaseCopy –Identity DB02 –MailboxServer TLMB02 Add-MailboxDatabaseCopy –Identity DB03 –MailboxServer TLMB02 Verify the replication status on each mailbox server: Get-MailboxDatabaseCopyStatus –Server TLMB01 Get-MailboxDatabaseCopyStatus –Server TLMB02 Public Folders The Public Folder databases are now gone, and transferred to “normal” mailboxes instead. The advantage of this is that the mailbox itself can now be replicated using DAG technology. This doesn’t mean that the public folder contents is replicated, it’s still required that you configure the public folder replication for the contents. With “normal” mailbox I mean that they reside in the mailbox databases, just like user mailboxes does. However they can in someway be compared to shared and room, those are also special mailboxes. If you decide to use the Public Folders in Exchange 2013, the first step will be to create a mailbox that holds the public folder hierarchy. This will be the writeable copy, you can have copies of the hierarchy. But you can only have one that is allowed to make changes/writeable. How can the hierarchy mailbox be created? Using EAC: Go to Public Folders section, this is the first warning/error message you will receive. It means that you don’t have any public folder hierarchy (mailbox) created yet. Go to the second public folder selection called “Public Folders Mailboxes”. Add (+), create the first mailbox for the public folders, so it’s hierarchy can be saved. Give the mailbox a friendly name, example: PF_Hierarchy, place it into an organizational unit and select a mailbox database where it should be saved into. Press Save. Now when the hierarchy is created, let’s create some test folders too. Go back to “Public Folders”, press the Add (+) button. Give the public folder a name. Press Save. If you want to configure any storage quota on the public folder content, press Edit and configure it. Statistics can also be found under Edit selection, which sometimes is valuable. Just for testing purposes I did mail-enable the folder. By pressing the Enable button. Press Yes. Let’s check the properties for the folder again, now we see that we have lots of new settings. Here’s a small example how the Mail Flow settings looks like. Using PowerShell: Start up Exchange Management Shell, the following commands will be used for creating the public folder hierarchy and contents folder. Create the hierarchy by running the following command New-Mailbox –Name PF_Hierarchy –Alias PF_Hierarchy –Database DB01 –OrganizationalUnit Users This mailbox, like shared/room mailboxes is also disabled by default. This for not having the possibility to logon as this user. Let’s create the folder named Testlabs New-PublicFolder –Name Testlabs Finally, mail enable the public folder Enable-MailPublicFolder –Identity \Testlabs We have public folders located in Exchange 2007/2010, what about them? In the end of this post, you can find a link to a TechNet article, it provides you with a great step-by-step guide. I haven’t tried to migrate public folder contents from earlier versions of Exchange since SP3 for Exchange 2010 is required for having coexistence between Exchange 2010 and Exchange 2013. SP3 is right now under development/testing and no official information can be found. When I get my hands on SP3, this will be one of the first things to try out. Client Access Server Array In my previous blog post I did write about some news regarding MAPI and RPC, where I did mention what changes been made. It can be found here. The “new” Client Access Server role can now been seen as more of a traditional Front-End server. It utilize as a front-end connection point and redirects/proxies (depending on method) the clients to it’s correct mailbox server. After the architectural change around the CAS role, it’s now “stateless” which means there’s no need for the load balancer to configure affinity/sticky session. For example, it means that the clients is not required to have the connection established to the same CAS server for having the OWA to work. This means that all CAS servers now will serve all clients with connections to it’s mailbox endpoint server. How to create a client access array? Right now, I don’t see any specific reason for creating the CAS Array, since the traffic will be proxied from the CAS servers to the correct active Mailbox servers. In an upcoming blog post I will cover how to configure the load balancing for Exchange 2013. Upcoming topics: load balancing Exchange 2013 using different load balancers, database fail-over, move mailbox reports, disaster recovery etc. But first it’s time for 3 weeks of vacation, until then. Keep on reading the posts and you’re more than welcome to comment on them. Thanks for reading, I hope it did gave you some valuable information. More information: High Availability http://technet.micro...exchg.150).aspx DAC mode http://technet.micro...y/dd979790.aspx Client Access Server http://technet.micro...14(v=exchg.150) Public Folder migration scenario http://technet.micro...86(v=exchg.150)
  16. Thanks ramlan, it's great to see that people are reading them and like them If you want me to cover anything special, just create a thread about it. Thanks for your feedback
  17. Working on a bunch of Exchange 2013 articles

  18. I suppose you already have, but if you haven’t read my previous parts in this Exchange 2013 serie, have a look at the links below. Part 1: Complete guide of how to perform the installation Part 2: How to do the Basic configuration This part will include details on how the configuration could be made for Site URL’s/Virtual Directories, Databases, Outlook Anywhere and MAPI vs RPC over HTTPs together with connecting using Outlook 2013. In the previous part we did install the certificate which included the following names, so we can use these names in the site configuration. (If using HTTPS, the configured name needs to be included into the certificate.) mail.testlabs.se autodiscover.testlabs.se tlcas01 tlcas01.testlabs.se Sites / URL’s Let’s go through the steps for configuring the sites with the ExternalURL and other settings. I’ll go through both the EAC and the PowerShell, so you have the opportunity to select which method you prefer. Let’s start.. In EAC: Go to Servers, select Virtual Directories. Select the server in the menu and which type you want to show. Then press Edit. Let’s start with Autodiscover. By default, Integrated Windows Authentication and Basic authentication is enabled. Press Save. Next, select Exchange ActiveSync (EAS). Press Edit. General settings shows the URL’s, I did type in the ExternalURL like the pic below. Press Authentication. Make sure that Basic authentication is enabled. Press Save. Next, select ECP. Press Edit. General settings shows the URL’s, I did type in the ExternalURL like the pic below. Press Authentication. Authentication default settings is “Use forms-based authentication” enabled. Press Save. A warning, make sure to change all virtual directions. Press OK. Next, select EWS. Press Edit. General settings shows the URL’s, I did type in the ExternalURL like the pic below. Press Authentication. Authentication settings, Integrated Windows authentication is enabled by default. Press Save. Next, select OAB. Press Edit. I did type in the ExternalURL in this setting, the InternalURL was already configured. I did also change the Polling interval from 480 minutes to 60. For having a faster update of the OAB. Press Save. Next, select OWA. Press Edit. General settings shows the URL’s, I did type in the ExternalURL like the pic below. Press Authentication. Forms-based authentication is selected, I did select the Logon format: User name only and did select my domain by the browsing button. Press Features. Showing the default settings. Press File Access. Showing the default settings. Press Save. Next, select PowerShell. Press Edit. General settings shows the URL’s, I did type in the ExternalURL like the pic below. Press Authentication. Both Integrated Windows authentication and Basic authentication was selected by default. Press Save. Using PowerShell Start the Exchange Management Shell (EMS) and the following commands will do the same work that’s done in EAC. Autodiscover: Get-ClientAccessServer | fl *uri* Set-ClientAccessServer –Identity TLCAS01 –AutoDiscoverServiceInternalUri https://autodiscover...utodiscover.xml Exchange ActiveSync (EAS): Get-ActiveSyncVirtualDirectory | fl *url*, ide* Set-ActiveSyncVirtualDirectory –Identity “TLCAS01\Microsoft-Server-ActiveSync (Default Web Site)” –ExternalUrl https://mail.testlab...rver-ActiveSync Exchange Control Panel (ECP): Get-EcpVirtualDirectory | fl *url*, ide* Set-EcpVirtualDirectory –Identity “TLCAS01\ecp (Default Web Site)” –ExternalUrl https://mail.testlabs.se/ecp Exchange Web Services (EWS): Get-WebServicesVirtualDirectory | fl *url*, ide* Set-WebServicesVirtualDirectory –Identity “TLCAS01\EWS (Default Web Site)” –ExternalUrl https://mail.testlab...S/Exchange.asmx Offline Address Book (OAB): Get-OabVirtualDirectory | fl *url*, ide*,pol* Set-OabVirtualDirectory –Identity “TLCAS01\OAB (Default Web Site)” –ExternalUrl https://mail.testlabs.se/OAB –PollInterval 60 Outlook Web App (OWA): Get-OwaVirtualDirectory | fl *url*, ide* Set-OwaVirtualDirectory –Identity “TLCAS01\OWA (Default Web Site)” –ExternalUrl https://mail.testlabs.se/OWA PowerShell: Get-PowerShellVirtualDirectory | fl *url*, ide* Set-PowerShellVirtualDirectory –Identity “TLCAS01\PowerShell (Default Web Site)” –ExternalUrl https://mail.testlabs.se/powershell Databases Let’s go through the steps that’s required for renaming the default database, dismount and mount. Also creating new databases. Let’s start with the EAC and then do it in PowerShell. Let’s start.. In EAC: Go to Servers, select Databases. Select the default database, named “Mailbox Database 0883045..”. Press Edit. General settings is shown. Press Cancel. Select the database, Dismount it by pressing the … icon and press Dismount database. It does show a warning, that mailboxes being on this database now will be unavailable. Press Yes. Select the database. Press Edit. Give the database a friendly name, example: DB01. Press Maintenance. Maintenance settings is shown. Press Limits. Mailbox limits are shown, these are the default values. Press Client Settings. By default, no Offline address book was selected. Press Browse and make sure to select the address book. Press Save. What about if you want to create a new database? Let’s start in EAC Press the Add button (+). Give the database a friendly name, example: DB02. Browse for a mailbox server. And also put in the database path and log path. Press Save. During the creating of the database, there is not option for associate the database with the offline address book. When the database is created, press Edit. Then go to Client Settings and select the Offline address book. Using PowerShell Start the Exchange Management Shell (EMS) and the following commands will do the same work that’s done in EAC. Retrieve database information Get-MailboxDatabase Get-MailboxDatabase | fl name,*path* Dismount Database Dismount-Database –Identity DB01 After the default database is renamed to DB01, I want to move the database file and the logs to another drive. It’s done by the commands below: Move-DatbasePath –identity DB01 –EdbFilePath “E:\Database\DB01\DB01.edb” –LogFolderPath “F:\Logs\DB01” Mount-Database DB01 Get-OfflineAddressBook For creating a new database (DB02), we have the opportunity in PowerShell to specify all parameters that’s needed for having all options configured. New-MailboxDatabase -Name DB02 -EdbFilePath “E:\Database\DB02\DB02.edb” -LogFolderPath “F:\Logs \DB02″ -OfflineAddressBook “\Default Offline Address Book” -Server TLMB01 Mount-Database DB02 Note that the OfflineAddressBook is specified during the creation of the database. Outlook Anywhere Configuration of the feature Outlook Anywhere can also be done from both the EAC and EMS, in various ways. Let’s start with the EAC: Go to the servers menu, and select Servers. Press Edit. Then go to the “Outlook Anywhere” option, type in the external name, example: mail.testlabs.se. I’m using Basic authentication for Outlook Anywhere. Press Save. And the Configuration is completed. Using PowerShell Start the Exchange Management Shell (EMS) and the following commands will do the same work that’s done in EAC. Enable Outlook Anywhere: Enable-OutlookAnywhere –Server TLCAS01 –ExternalHostname mail.testlabs.se –InternalHostname tlcas01.testlabs.se –ExternalClientAuthenticationMethod Basic –InternalClientAuthenticationMethod Ntlm –IISAuthentication Ntlm –SSLOffloading:$false Get-OutlookAnywhere –Server TLCAS01 MAPI and RPC The MAPI/RPC (RPC over TCP) traffic is now gone and replaced with RPC over HTTP/s instead. With that said no more load balancing of static RPC ports, as far as I know this will make both the Firewall team and the Load Balancer teams work easier, less ports is used together with the requirement of load balancing affinity/sticky session settings is also gone now. This because of there is no need anymore to have the affinity settings, it can now be load balanced based on IP addresses. Just make sure that the load balancer verifies the Exchange services before sending traffic to it. Outlook instead will use port 443 (HTTPS) or port 80 (HTTP). I think (and hope) most of you will use RPC over HTTPS, with this said I’ll show you the new Outlook 2013 Preview/beta and how it connects and also the traffic it’s using. Outlook 2013 Preview, connects to my mailbox in Exchange 2013. It’s using HTTPS to initiate the connection, using port 6001 by default for it’s connection, using RPC over HTTPS. A small picture from Network Monitor when the connection initiated by Outlook 2013. More information around What’s new in Exchange 2013 can be found here. Next parts will cover Public Folders, Client Access Server Array, Database Availability Groups and more. Thanks for reading, I hope it helped you guys/girls out there. If you want me to cover anything special around Exchange 2013, leave a comment.
  19. If you haven’t read it already, I did post a complete guide for installing Exchange 2013, it can be found here. That was part 1, now it’s time for part 2. Which of course is the configuration of the server setup. We have lots of changes between how you configured Exchange 2007/2010 and 2013. First thing is that Exchange Management Console is gone and replaced by a refreshed ECP called Exchange Admin Center (EAC), built on Silverlight (I suppose). The “old” Exchange Management Shell (EMS) is still there, so I suppose lots of us geeks will use more PowerShell in the near future. The fact that EMC is replaced will make the administration easier and more portable, but I still like the EMC better. I will like the EAC better after used it for a while. This portable administration together with Remote PowerShell will be awesome. I will use both methods for the configuration steps, both EAC and PowerShell. The easiest way to find the URL path to the EAC is to start the Exchange Management Shell and run the command below: Get-EcpVirtualDirectory | fl *url* The picture below is my output from my lab environment So let’s get things started.. Start up an Internet browser and go to the URL output from the command above Mail Flow Let’s get the mail flow configured first so we can receive mails from external senders. In EAC: on the left side (menu) press “Mail Flow”. Accepted Domains Ensure sure that your domains that should be used for SMTP is listed in here for making Exchange able to receive mails for these domains. More info about Accepted Domains can be found here. In EAC: After selecting “Mail Flow” to the left, press “Accepted Domains” at the top menu in the middle. If your domain is not listed and you need to add it, press the plus mark and fill in the information, like my example below. Using PowerShell: Since I’m a geek I like to use PowerShell because it gives you the advantage of see what happens, have the full control and easily build scripts. For listing and adding a domain like above in PowerShell you should write: Get-AcceptedDomain New-AcceptedDomain –Name testlabs.com –DomainName testlabs.com –DomainType Authoritative Email Address Policies These policies are used to stamp each user mailbox object with an email address/SMTP address. These policies does not remove any addresses used previously, it just adds new addresses to mail objects. In EAC: By default after the installation we only have one policy, called Default Policy. I want to edit this one, by selecting the “Default Policy” and pressing the “pen” icon. The Default Policy is showing up, in the left menu, press “Email Address Format”. Since I live in Sweden and we have some special characters that I want to get rid of, I’m using the custom policy, Address type: SMTP and the Email address parameters: %råa%räa%röo%g.%råa%räa%röo%s@testlabs.se %r means it replaces the character after, in this case åäö. Which it replaces with aao. When you have done the change press the “Save” button at the bottom of the page. Check so that the change is correct, then press the “Save” button. After the changes have been saved, it needs to be applied. This is done by pressing the “Apply” text/button down in the right menu. Using PowerShell: Let’s start with listing the Policy and the settings in it. As a final step let’s do the same configuration to the “Default Policy” that we did using EAC. If you want to create more than just alias@domain.com to your policies, then this is done by comma separation. For setting the Primary SMTP address, use capital letters for SMTP, and for additional addresses use small letters for smtp. See the example below: Get-EmailAddressPolicy Get-EmailAddressPolicy | fl Get-EmailAddressPolicy | Set-EmailAddressPolicy –EnabledEmailAddressTemplates “SMTP: %råa%räa%röo%g.%råa%räa%röo%s@testlabs.se”,”smtp: %m@testlabs.se” Set-EmailAddressPolicy –identity “Default Policy” –EnabledEmailAddressTemplates “SMTP: %råa%räa%röo%g.%råa%räa%röo%s@testlabs.se”,”smtp: %m@testlabs.se” Get-EmailAddressPolicy | Update-EmailAddressPolicy It can easily be checked if the policy has been applied, it will show a True or False value. For checking the value run the command below: Get-EmailAddressPolicy | fl *appl* Note: Don’t forget to update the Policy, or else the new addresses won’t be pushed out to the recipients. Receive Connectors Since the HUB Transport server role now is gone and the HUB role is placed together with the CAS role, this is the server you should be looking at. After the SMTP domains have been added into the Accepted Domain tab, some settings could be of value to have a look at before starting to use the servers. A change has been made to the new version, the default connector now named “Default Frontend servername”. It now allows traffic from Anonymous users by default. I suppose this is due to that the Edge Transport Role also is removed. In EAC: Go to the “Receive Connectors”, found under “Mail Flow”. Make sure to select your CAS server(s) and the “Default Frontend servername”. Then press the “pen” icon for Edit the selected connector. The only thing I did change was the “Maximum receive message size” to 30 MB. When you have done your changes for the connector, press the Save button. Using PowerShell: Start the Exchange Management Shell, lets view the receive connectors and then make the changes like above. Get-ReceiveConnector Get-ReceiveConnector | fl Set-ReceiveConnector –Identity “TLCAS01\Default Frontend TLCAS01” –MaxMessageSize 30MB Note: The size can be configured between 64KB up to 2GB. Verify that the settings was correctly set, using the command below Get-ReceiveConnector | fl ide*,maxmes* Send Connectors When the HUB server role now is gone and after the default installation of Exchange we don’t have any send connectors. So… for being able to send out mails to external recipients, let’s create a Send Connector on the CAS server. In EAC: Go to the “Send Connectors”, found under “Mail Flow”. Press the “plus” icon for Creating a new send connector. Give the send connector a friendly name and select what type it should be. Since this one I’m creating now is for sending to external recipients I’m selecting “Internet”. (Seems like we have a typo, see picture below). Press Next. Select how to route those mails, either by using MX records or through a smart host(s). If you have a mail gateway then you should select smart host and type in it’s IP address. My server is just sending them directly to Internet so I’m using the MX method. Then press Next. Press the “plus” icon for adding the address space this connector should use. In my case it will be “*”. Then it takes care of all domains. Press Save. Then Press Next for accepting the settings you’ve just made. Next screen will show you which source servers that should be used. Let’s add these into the connector by pressing the “plus” icon and selecting the Mailbox servers. Press Finish button so the connector get’s created. Note: By default the connector has a maximum message size of 10MB. You can’t configure the maximum send message size when creating the connector, but this can be done by editing the created connector. Using PowerShell: Start the Exchange Management Shell, lets view the send connectors and then make the changes like above. Get-SendConnector Get-SendConnector| fl This creates a new send connector using the DNS/MX method New-SendConnector –Name “Outbound” –AddressSpaces ‘*’ –SourceTransportServers TLMB01 –MaxMessageSize 30MB This creates a new send connector using the smarthost method New-SendConnector –Name “Outbound” –AddressSpaces ‘*’ –SourceTransportServers TLMB01 –MaxMessageSize 30MB –DNSRoutingEnabled:$false –SmartHosts “10.10.10.10” This creates a new send connector using the smarthost method together with using the CAS server as a proxy server for sending the mails New-SendConnector –Name “Outbound” –AddressSpaces ‘*’ –SourceTransportServers TLMB01 –MaxMessageSize 30MB –DNSRoutingEnabled:$false –SmartHosts “10.10.10.10” –FrontEndProxyEnabled:$True Note: The size can be configured between 0 Bytes up to 2TB. Verify that the settings was correctly set, using the command below Get-SendConnector| fl ide*,maxmes* Certificates As most of you already know we need to request and import a certificate for Exchange. This for having a fully working OWA, ActiveSync etc. certificates needs to be configured so let’s get started. In EAC: Go to the “Certificates”, found under “Servers”. Select the server and press the “plus” icon for Creating a new certificate request. I’m using an Internal PKI solution, so in this case I want to “Create a request for a certificate from a certificate authority”. Press Next. Type in a friendly name for the certificate. Press Next. If you want to create the request for a wildcard certificate, this is the checkbox you should use. I don’t want a wildcard certificate, so I just let it be unchecked. Press Next. Press Browse and select which server you want to store it on. Press Next. For each service you can here type in the address, and the request will generate the names in the end. When you’re done press Next. Go through the names in the list and make sure that all names that’s needed are included. Press Next. Fill in Organization name, Department, Country, City and State. Press Next. In my example I did type in the path to a share on my domain controller, which also is my Internal CA. Press Finish. Example: \\tldc01\certificates\certreq.req When the request is completed, it shows up with the friendly name, together with the status “Pending request”. When the certificate is issued, press the “Complete” button below the status. Type in the URL path to the .cer file, my file is saved on my DC. Press OK. Example: \\tldc01\certificates\certnew.cer It’s now time for assigning the services to the certificates. This is done by selecting the certificate and press the Edit button. Go to “Services” and add the one’s that should be used. Press Save. Press OK. Check so that the services is assigned to the certificate. Using PowerShell: Start the Exchange Management Shell, lets view the existing certificates and then make a new cert request like above. Finally import the issued certificate. Get-ExchangeCertificate Get-ExchangeCertificate | fl This creates a new certificate request and saves it to a share New-ExchangeCertificate –Server TLCAS01 –GenerateRequest –FriendlyName Exchange2013-PS –PrivateKeyExportable $true –SubjectName “c=SE, s=Skane, l=Malmo, o=Testlabs, ou=Testlabs, cn=mail.testlabs.se” –DomainName mail.testlabs.se,autodiscover.testlabs.se –RequestFile “\\tldc01\certificates\test.req” Import-ExchangeCertificate –Server TLCAS01 –FileName “\\tldc01\certificates\certnew-ps.cer” –PrivateKeyExportable $true –FriendlyName Exchange2013-PS Enable-ExchangeCertificate –Thumbprint A2E6649A22A99BEAB2654BEB403C92BB9D34B404 –Services “IIS, SMTP, POP, IMAP” –Server TLCAS01 Get-ExchangeCertificate Note: Make sure to specify –Server, or else you can have difficulties finding our created request. Mine landed at my Mailbox server even if I did it on the CAS server. If you haven’t read it already, have a look at Part 1: Complete guide of how to perform the installation Thanks for reading, I hope that it’s informative and great reading for most of you. It would be awesome if you guys leave some comments, what do you think about Exchange 2013? Maybe you have already installed the Preview/Beta? Which new feature is the best one? Next part will cover Databases, Outlook Anywhere, Outlook 2013 and MAPI/RPC etc. Part 3 can be found here
  20. Here we go, this is the first part of Exchange 2013 Preview/beta. It's will walk you through the installation procedure using Windows 2008 R2 SP1. Since Exchange Server 2013 beta was released a couple of days ago I’m glad to announce that my first installation is done and here’s a complete walk through. My setup is basic, using one server as domain controller, Windows 2008 R2. Initially for Exchange I’m using 3 servers, 1 server for the CAS role and 2 servers for the Mailbox role. There are some prerequisites that need to be installed/removed before the installation of Exchange can take place. Note: It’s now recommended to install the Mailbox server first. So I’m starting with that server. Step 1. Install the administration pack using the commands below, make sure to restart the server before proceeding to step 2. Import-Module ServerManager Add-WindowsFeature RSAT-ADDS Step 2. Install the Windows features that Exchange uses, for Mailbox and CAS server use the command below: Import-Module ServerManager Add-WindowsFeature Desktop-Experience, NET-Framework, NET-HTTP-Activation, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Web-Server, WAS-Process-Model, Web-Asp-Net, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI Step 3. When the feature is completed. Continue with the installation of the required components, use the links below to download the components. .NET Framework 4.5 RC Windows Management Framework 4.0 Unified Communications Managed API 4.0, Core Runtime 64-bit Office 2010 Filterpack x64 Office 2010 Filterpack SP1 x64 KB 974405 (Windows Identity Foundation) KB 2619234 (RPC over HTTP) KB 2533623 (Remote code execution) Note: Make sure to uninstall the Visual C++ 11 Beta Redistributable (x64) before starting the Exchange 2013 installation. You can have a look at the setup.exe parameters using setup.exe /? setup.exe /help:install Step 4. Start the installation using unattended installation for the Mailbox server role setup.exe /mode:install /roles:Mailbox, ManagementTools /IAcceptExchangeServerLicenseTerms /InstallWindowsComponents /OrganizationName:Testlabs /TargetDir:"D:\Program Files\Microsoft\Exchange Server\V15" The installation process starts up and prepare the organization for Exchange 2013, install the necessary Windows components. The schema prep can also be done manually using setup.exe /preparead, I’ve chosen to go with the default behavior. When for the Mailbox server role installation is successfully finished it will tell you to restart the server. Step 5. Start the installation of the Windows features for the CAS server role Import-Module ServerManager Add-WindowsFeature RSAT-ADDS Add-WindowsFeature Desktop-Experience, NET-Framework, NET-HTTP-Activation, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Web-Server, WAS-Process-Model, Web-Asp-Net, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI Make sure to restart the server after the Windows features got installed. Step 6. Start the installation of the CAS server role setup.exe /mode:install /roles:ClientAccess, ManagementTools /IAcceptExchangeServerLicenseTerms /InstallWindowsComponents /OrganizationName:Testlabs /TargetDir:"D:\Program Files\Microsoft\Exchange Server\V15" Since this is the second server, the schema prep is already done so the installation will skip that step. When it’s finished it will look like the picture below, a restart of the server is required. The installation of both servers are now completed. Next blog post will be around how to configure Exchange 2013. Thanks for reading, looking forward to your comments about the post and also about Exchange 2013 in general. More information about the prerequisites can be found here. What’s new in Exchange 2013 Next blog post, Part 2: How to do the Basic configuration
  21. Hi, Not using the beta/Preview version of Exchange 2013. But the RTM can run together with 2010 SP3. I'm not 100% when SP3 will be released but it will prepare the 2010 organization for having 2013, prepare schema etc. At the moment you need to have the Preview/beta in it's own forest, that's what I'm doing. I hope it did answer your question? If you have more question, create a new thread and i will reply to those
  22. It will be published either tomorrow or Tuesday And they will be published in here too
  23. Hi, Yes you can both roles on one server, multirole server. But it's not recommended to install it on a DC.. I did in my test env. but it didn't work very well, so i really don't recommend that I'm also using vmware workstation 8.* for my lab, it works pretty good What did you think about the guide?
  24. Yesterday I did write an article of how to install the new beta/preview of Exchange 2013. Follow the link below to read it Part 1 have now been published here, read it at the link below http://www.windows-noob.com/forums/index.php?/topic/6024-exchange-server-2013-preview-part-1-installation-guide/ http://www.testlabs....e-installation/
  25. Hi, What names have you included into the certificate? Have you create the DNS record for autodiscover.domain.com?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.