Difference between revisions of "Exchange 2013"

From GWAVA Technologies Training
Jump to: navigation, search
(Microsoft Exchange 2013)
 
(37 intermediate revisions by one user not shown)
Line 1: Line 1:
 
=Microsoft Exchange 2013=
 
=Microsoft Exchange 2013=
 +
 +
Once you have installed [[Windows 2012R2]]
  
 
Microsoft Exchange is an email server. It is one of the email systems that Retain can connect to. It is helpful to have an Exchange server handy for testing. Microsoft is pushing people toward Office 365 but it is safe to say people will continue to use Exchange for 5-20 years.
 
Microsoft Exchange is an email server. It is one of the email systems that Retain can connect to. It is helpful to have an Exchange server handy for testing. Microsoft is pushing people toward Office 365 but it is safe to say people will continue to use Exchange for 5-20 years.
Line 26: Line 28:
  
 
Make sure to do the [http://technet.microsoft.com/en-US/Library/bb691354 prerequisites]!
 
Make sure to do the [http://technet.microsoft.com/en-US/Library/bb691354 prerequisites]!
 +
 +
==Prerequisite installs==
 +
 +
''If you are using Windows Server 2012 prior to R2 you will need to install these feature.
 +
*Install the features: '''.NET Framework 4.5''' and '''Windows Management Framework 3.0''' in Server Manager.
 +
'''Note:''' .NET Framework 4.5 and Windows Management Framework 3.0 are included with Windows Server 2012 R2 and don't need to be downloaded separately. SP1 is before CU6.''
  
 
Open PowerShell and execute the commands
 
Open PowerShell and execute the commands
Line 33: Line 41:
 
and  
 
and  
  
<pre>Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy,  
+
<pre>Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features,  
RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console,  
+
RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt,  
WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing,  
+
RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth,  
Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext,  
+
Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors,  
Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45,  
+
Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter,  
Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI,  
+
Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45,  
Windows-Identity-Foundation
+
Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth,  
 +
Web-WMI, Windows-Identity-Foundation
 
</pre>
 
</pre>
  
===Prerequisite installs===
+
You'll need to restart here.
  
Note: .NET Framework 4.5 and Windows Management Framework 3.0 are included with Windows Server 2012 and don't need to be installed separately.
+
[[Downloads:]]
.NET Framework 4.5 and Windows Management Framework 4.0 are included with Windows Server 2012 R2 and don't need to be installed separately.
+
*The Unified Communications Managed API 4.9 Runtime [http://www.microsoft.com/en-us/download/details.aspx?id=34992]
Just add the role/feature in Server Manager.
+
  
Download and install the Unified Communications Managed API 4.9 Runtime
+
*The Microsoft Office 2010 Filter Packs [http://www.microsoft.com/en-us/download/details.aspx?id=17062]
[http://www.microsoft.com/en-us/download/details.aspx?id=34992]
+
  
The Microsoft Office 2010 Filter Packs
+
*Filter Packs SP1 [http://www.microsoft.com/en-us/download/details.aspx?id=26604]
[http://www.microsoft.com/en-us/download/details.aspx?id=17062]
+
  
Filter Packs SP1
+
*Filter Packs SP2 [http://www.microsoft.com/en-us/download/details.aspx?id=39668]
[http://www.microsoft.com/en-us/download/details.aspx?id=26604]
+
  
Filter Packs SP2
+
Run Windows update and restart.
[http://www.microsoft.com/en-us/download/details.aspx?id=39671]
+
  
===Preparing AD===
+
Snapshot here.
 +
 
 +
==Preparing AD==
  
 
First you need to extend the schema.
 
First you need to extend the schema.
Open a command prompt in administrator mode, go to the directory you downloaded exchange into and run  
+
Open a command prompt in administrator mode, go to the disk or directory you downloaded exchange into and run  
 
<pre>Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms</pre>
 
<pre>Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms</pre>
  
Now you have to prepare Active Directory this can be done right after the previous command.
+
Now you have to prepare Active Directory, this can be done right after the previous command.
 
<pre>Setup.exe /PrepareAD /OrganizationName:"<organization name>" /IAcceptExchangeServerLicenseTerms</pre>
 
<pre>Setup.exe /PrepareAD /OrganizationName:"<organization name>" /IAcceptExchangeServerLicenseTerms</pre>
 +
 +
<organization name> is something like gwavasupport, gwava, microsoft, or novell without .com or anything like that.
  
 
Now you have to prepare your AD domains and in the case of a lab you want to do all of them.
 
Now you have to prepare your AD domains and in the case of a lab you want to do all of them.
 
<pre>Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms</pre>
 
<pre>Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms</pre>
  
===Install Exchange===
+
==Install Exchange==
 
Now we can start installing Exchange:
 
Now we can start installing Exchange:
From File Explorer you can run Setup.exe as administrator (right-click and choose Run as administrator)
+
*From File Explorer you can run Setup.exe as administrator (right-click and choose Run as administrator)
  
It will ask you about downloading updates which is a good idea.  
+
*It will ask you about downloading updates which is a good idea.  
  
There will be more screens but defaults will be sufficient.
+
*There will be more screens but defaults will be sufficient.
  
When it comes to Server Role Selection you want to choose Mailbox role and Client Access role (Client Access will appear to be greyed out but you can select it.)
+
*When it comes to Server Role Selection you want to choose Mailbox role and Client Access role (Client Access will appear to be greyed out but you can select it.)
  
Take the default location or if you have two disks set it for the Data disk.
+
*Take the default location or if you have two disks set it for the Data disk (recommended).
  
Turn off Malware detection.
+
*Turn off Malware detection.
  
Then it will check for the prerequisites. Warnings are okay, because this will be the first exchange server and as long as there are no errors you are good to go.
+
*Then it will check for the prerequisites. Warnings are okay, because this will be the first exchange server and as long as there are no errors you are good to go.
  
Then it will take about a hour to install and prepare all the software.
+
*Then it will take about an hour to install and prepare all the software.
  
Finally, you will have to reboot.
+
*Finally, you will have to reboot.
  
===Post-install steps===
+
==Post-install steps==
  
There are a number of post-install tasks that need to be completed before your Exchange Server is fully functional.
+
There are a number of post-install tasks that need to be completed before your Exchange Server is fully functional. These will be done from the Exchange Admin Center (EAC).
  
 
You can log into the Exchange Admin Center (EAC) by browsing to https://[serverName|IP address]/ecp Remember to log in with your AD forest domain name\user name
 
You can log into the Exchange Admin Center (EAC) by browsing to https://[serverName|IP address]/ecp Remember to log in with your AD forest domain name\user name
Line 100: Line 108:
 
You can use the Outlook Web App(OWA) to send and receive mail https://[serverName|IP address]/owa Remember to log in with your AD forest domain name\user name
 
You can use the Outlook Web App(OWA) to send and receive mail https://[serverName|IP address]/owa Remember to log in with your AD forest domain name\user name
  
Instructions for installing the [http://support.gwava.com/kb/?View=entry&EntryID=2339 Outlook Retain Plugin]
+
You will also want to create a workstation and give it Outlook.
  
====Send Connector====
+
===Send Connector===
 
You will need to create a Send Connector so the mail can flow.
 
You will need to create a Send Connector so the mail can flow.
  
 
First you need to create a send connector.
 
First you need to create a send connector.
  
Go to EAC/Mail Flow/Send Connector.
+
*Go to EAC/Mail Flow/Send Connector.
  
Click the plus sign to create a new connector, a dialog box will appear, for the lab an internal connector will be enough. Route it through a smart host.
+
*Click the plus sign to create a new connector, a dialog box will appear, for the lab an internal connector will be enough. Route it through a smart host
I name mine intranetMailSendConnector, not terribly original but it is straightforward.
+
*I name mine intranetMailSendConnector, not terribly original but it is straightforward
now add the host, which is the Active Directory domain you created before.
+
*Route mail through smart hosts. Add the host, which is the Active Directory domain you created before e.g. ad.gwavasupport.net
No need for authentication, at this time.
+
*No need for authentication, at this time
Add your AD domain as an SMTP host.
+
*Address space: Press + and set Type = SMTP, FQDN = your domain, Cost = 1
Add your domain as a transport server.
+
*Source server: Press + and add your domain server as a transport server
and click finish.
+
*Click finish
  
====Accepted Domain====
+
===Add Users===
  
 +
An email system isn't much good without users. You can create users in the EAC but that puts all of them in the Users container in AD. You will want to make some Organizational Units to mimic a real system.
 +
 +
Exchange monitors itself and the most visible way it does that is to send itself mail. In Retain you will see at least two mailboxes that begin with the name HealthMailboxNNNN. These will generate about a thousand messages a day. These will also end up in the Administrator mailbox. You'll have to create a mailbox rule that will move them to the trash so they don't fill up the Administrator's inbox.
 +
 +
Now you can install and connect [[Retain Exchange Install | Retain]]
 +
 +
==Other things==
 +
 +
===Accepted Domain===
 +
 +
The Deployment assistant talks about creating a new one but since Exchange already has the current domain, you can skip this step in the assistant. However, many organizations have multiple domains. One place to add them is Active Directory Domains and Trusts[http://support.gwava.com/kb/?View=entry&EntryID=2401], and this is another place.
 
Next configure an accepted domain.
 
Next configure an accepted domain.
  
In the EAC goto Mail flow/Accepted domains
+
*In the EAC goto Mail flow/Accepted domains.
The Deployment assistant talks about creating a new one but since Exchange already has the current domain, you can skip this step in the assistant.
+
*Click the Plus sign.
 +
*Give it a name.
 +
*Give it a domain
 +
*Choose the checkbox that makes the most sense, usually Internal relay domain. The first domain would be the Authoritative domain.
 +
 
 +
===Change password policy===
 +
 
 +
“On my server, these settings are disabled under the Local Security Policy (WS2012 Essentials.) However, they can be changed under the Group Policies.
 +
From the charms, search Apps for “gpmc.msc” and start it.
 +
Group Policy Management -> Forest: YourServerName.local -> Domains -> YourServerName.local
 +
Select “Default Domain Policy” then right-click and select “Edit…” to open the Group Policy Management Editor.
 +
Group Policy Management Editor
 +
Computer Configuration / policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy
 +
”[http://www.win2012workstation.com/password-restrictions/]
 +
 
 +
====Mailbox Limits====
 +
Mailboxes have certain limitations that you need to be aware of. [http://technet.microsoft.com/en-us/library/exchange-online-limits.aspx]
 +
 
 +
There are also some important practical limits that show up. These were discussed in a Microsoft blog:
 +
"I usually recommend no more than about 2500 - 5000 messages in any of the critical path folders. The critical path folders are the Calendar, Contacts, Inbox, and Sent Item folder. Ideally, keep the Inbox, Contacts and Calendar to 1000 or less.  Other folders, particularly custom folders created by the user, can handle having larger numbers of items without having a broad impact on the user experience (20,000 items in my "Cookie Recipes" folder?  No problem - except when I need to find that recipe from last Christmas!)." [http://blogs.technet.com/b/exchange/archive/2005/03/14/395229.aspx]
 +
 
 +
GWAVA has learned by experience that large (100GB+) mailboxes are unable to be served by Exchange.
 +
 
 +
====HealthMailBox users====
 +
Each database will also have at least a couple of HealthMailbox users that will show up in Retain, in production they can be excluded as all they are doing are sending "Can you still hear me?" messages.
 +
 
 +
==Next Steps==
 +
[[Windows 2012R2|Installing Windows Server 2012 R2]]
 +
 
 +
[[Creating CAS]]
 +
 
 +
[[Retain Exchange Install]]

Latest revision as of 20:13, 27 July 2015

Contents

[edit] Microsoft Exchange 2013

Once you have installed Windows 2012R2

Microsoft Exchange is an email server. It is one of the email systems that Retain can connect to. It is helpful to have an Exchange server handy for testing. Microsoft is pushing people toward Office 365 but it is safe to say people will continue to use Exchange for 5-20 years. For the lab environment we are not going to give Exchange quite as many resources as it might want. 8GB of RAM and 2 cores would be good enough. Giving it less than that and it really starts to drag.

Give it two drives: OS and Data.

  • OS: 60-80GB
  • Data: 60GB

The OS drive needs a lot of room mainly for logs. Exchange keeps lots of logs now, but doesn't give you much in the way of tools for managing them. [1] The best you can do is provide plenty of room to store them.

You'll need to follow these directions to move the Exchange database if you didn't set it up correctly the first time. [2]

[edit] Installing Microsoft Exchange 2013

You need to install Exchange 2013 on a Microsoft Windows Server 2012 R2 system.

Make sure your server has the name that you want, Exchange does not like having it changed once it is set up.

The most important tool to have handy is the Exchange Server Deployment Assistant. This provides a great checklist of things you must do to successfully deploy an Exchange server.

We will want an On-premise, new install, with both Mailbox and CAS roles on board. We will NOT be using disjoint namespaces. We will NOT be using Unified Messaging (but it will install it anyway). We will NOT be using an Edge server.

Save that checklist.

Make sure to do the prerequisites!

[edit] Prerequisite installs

If you are using Windows Server 2012 prior to R2 you will need to install these feature.

  • Install the features: .NET Framework 4.5 and Windows Management Framework 3.0 in Server Manager.

Note: .NET Framework 4.5 and Windows Management Framework 3.0 are included with Windows Server 2012 R2 and don't need to be downloaded separately. SP1 is before CU6.

Open PowerShell and execute the commands 

Install-WindowsFeature RSAT-ADDS

and 

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, 
RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, 
RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, 
Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, 
Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, 
Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, 
Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, 
Web-WMI, Windows-Identity-Foundation

You'll need to restart here.

Downloads:

  • The Unified Communications Managed API 4.9 Runtime [3]
  • The Microsoft Office 2010 Filter Packs [4]
  • Filter Packs SP1 [5]
  • Filter Packs SP2 [6]

Run Windows update and restart.

Snapshot here.

[edit] Preparing AD

First you need to extend the schema. Open a command prompt in administrator mode, go to the disk or directory you downloaded exchange into and run 

Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

Now you have to prepare Active Directory, this can be done right after the previous command. 

Setup.exe /PrepareAD /OrganizationName:"<organization name>" /IAcceptExchangeServerLicenseTerms

<organization name> is something like gwavasupport, gwava, microsoft, or novell without .com or anything like that.

Now you have to prepare your AD domains and in the case of a lab you want to do all of them. 

Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms

[edit] Install Exchange

Now we can start installing Exchange:

  • From File Explorer you can run Setup.exe as administrator (right-click and choose Run as administrator)
  • It will ask you about downloading updates which is a good idea.
  • There will be more screens but defaults will be sufficient.
  • When it comes to Server Role Selection you want to choose Mailbox role and Client Access role (Client Access will appear to be greyed out but you can select it.)
  • Take the default location or if you have two disks set it for the Data disk (recommended).
  • Turn off Malware detection.
  • Then it will check for the prerequisites. Warnings are okay, because this will be the first exchange server and as long as there are no errors you are good to go.
  • Then it will take about an hour to install and prepare all the software.
  • Finally, you will have to reboot.

[edit] Post-install steps

There are a number of post-install tasks that need to be completed before your Exchange Server is fully functional. These will be done from the Exchange Admin Center (EAC).

You can log into the Exchange Admin Center (EAC) by browsing to https://[serverName|IP address]/ecp Remember to log in with your AD forest domain name\user name

You can use the Outlook Web App(OWA) to send and receive mail https://[serverName|IP address]/owa Remember to log in with your AD forest domain name\user name

You will also want to create a workstation and give it Outlook.

[edit] Send Connector

You will need to create a Send Connector so the mail can flow.

First you need to create a send connector.

  • Go to EAC/Mail Flow/Send Connector.
  • Click the plus sign to create a new connector, a dialog box will appear, for the lab an internal connector will be enough. Route it through a smart host
  • I name mine intranetMailSendConnector, not terribly original but it is straightforward
  • Route mail through smart hosts. Add the host, which is the Active Directory domain you created before e.g. ad.gwavasupport.net
  • No need for authentication, at this time
  • Address space: Press + and set Type = SMTP, FQDN = your domain, Cost = 1
  • Source server: Press + and add your domain server as a transport server
  • Click finish

[edit] Add Users

An email system isn't much good without users. You can create users in the EAC but that puts all of them in the Users container in AD. You will want to make some Organizational Units to mimic a real system.

Exchange monitors itself and the most visible way it does that is to send itself mail. In Retain you will see at least two mailboxes that begin with the name HealthMailboxNNNN. These will generate about a thousand messages a day. These will also end up in the Administrator mailbox. You'll have to create a mailbox rule that will move them to the trash so they don't fill up the Administrator's inbox.

Now you can install and connect Retain

[edit] Other things

[edit] Accepted Domain

The Deployment assistant talks about creating a new one but since Exchange already has the current domain, you can skip this step in the assistant. However, many organizations have multiple domains. One place to add them is Active Directory Domains and Trusts[7], and this is another place. Next configure an accepted domain.

  • In the EAC goto Mail flow/Accepted domains.
  • Click the Plus sign.
  • Give it a name.
  • Give it a domain
  • Choose the checkbox that makes the most sense, usually Internal relay domain. The first domain would be the Authoritative domain.

[edit] Change password policy

“On my server, these settings are disabled under the Local Security Policy (WS2012 Essentials.) However, they can be changed under the Group Policies. From the charms, search Apps for “gpmc.msc” and start it. Group Policy Management -> Forest: YourServerName.local -> Domains -> YourServerName.local Select “Default Domain Policy” then right-click and select “Edit…” to open the Group Policy Management Editor. Group Policy Management Editor Computer Configuration / policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy ”[8]

[edit] Mailbox Limits

Mailboxes have certain limitations that you need to be aware of. [9]

There are also some important practical limits that show up. These were discussed in a Microsoft blog: "I usually recommend no more than about 2500 - 5000 messages in any of the critical path folders. The critical path folders are the Calendar, Contacts, Inbox, and Sent Item folder. Ideally, keep the Inbox, Contacts and Calendar to 1000 or less. Other folders, particularly custom folders created by the user, can handle having larger numbers of items without having a broad impact on the user experience (20,000 items in my "Cookie Recipes" folder? No problem - except when I need to find that recipe from last Christmas!)." [10]

GWAVA has learned by experience that large (100GB+) mailboxes are unable to be served by Exchange.

[edit] HealthMailBox users

Each database will also have at least a couple of HealthMailbox users that will show up in Retain, in production they can be excluded as all they are doing are sending "Can you still hear me?" messages.

[edit] Next Steps

Installing Windows Server 2012 R2

Creating CAS

Retain Exchange Install

Retrieved from "https://traininggwava.microfocus.net/index.php?title=Exchange_2013&oldid=114487"
Personal tools
Namespaces

Variants
Actions
Home
Exchange
GroupWise
JAVA
Linux
MTK
Retain
GW Monitoring and Reporting (Redline)
GW Disaster Recovery (Reload)
GW Forensics (Reveal)
GWAVA
Secure Messaging Gateway
GW Mailbox Management (Vertigo)
Windows
Other
User Experience
Toolbox
Languages
Toolbox