Setting up Windows Server for the lab environment

If you are going to be supporting a business computing environment you need a computer lab. Mainly because the business environment is fast paced and experimenting on the company’s production machines is very unwise.

The objective of this document is to help you create a functioning Exchange server set for a lab. There are many steps and prerequisites and this should have all of them so you can get a basic system up and running. Hopefully you will learn enough to make creating the production version of these systems go much easier and successfully.

Creating a Computer Lab

For this exercise you will need at least two computers: an Exchange Server and a Retain Server.

You don’t need to spend a lot of money to create a computer lab, and they don’t even need to be real.

I highly recommend Virtual Machines (VMs). The main reason is because you can take snapshots some once you have a working system, you can safely experiment. VMs are very useful in a production environment as well as they make backup and recovery much easier. But that is a different subject.

You can even use a couple of old laptops and a switch.

Installing Windows Server 2012 R2

As long as your hardware is up to the job the basic install of Windows Server 2012 R2 is straightforward, you put in the disc/iso and let it rip. It's what comes afterwards that is the issue. Since this will be an Exchange server it is best to create a boot disk for the OS and a Data disk for everything else. A real system might have several disks or a SAN but a couple of partitions (80-100GB each) is good enough for the lab.

Once the server is up and running it will bring you to Server Manager.

Setting up Local Server

Clicking on Local Server is the machine you are on.

From here you can do a few things that are pretty important:

• Set the Computer name (once you start installing software it often does not like changing the computer name. Especially Exchange.)
• Turn off the firewall
• Setting the IP address
• Turning off IE Enhanced Security Configurations
• Setting the Timezone (very important) and possibly the internet time server(s) [1] [2] [3]
• Make sure Windows Time is set to run automatically at startup in Services
• Install latest updates

Setting time servers to use:

in cmd or run (make sure the w32tm service is started)

w32tm /config /manualpeerlist:"ntp-nist.ldsbc.edu, wwv.nist.gov, nist1-lv.ustiming.org, nist.time.nosc.us" /syncfromflags:manual /reliable:yes /update

Changing Password Policy

One of the first things to do is change the Windows password policy so it isn't so onerous.

Search for Edit Group Policy or go to Local Group Policy Editor/Windows Settings/Security Settings/Account Policies/Password Policy

• Maximum Password age = 0
• Minimum password age = 0
• Minimum password length = 0
• Password must meet complexity requirement = disabled

This is a good place to take a snapshot If you are expecting to make other Windows based servers, this is a good place to make a template for future use.

Making a Server Serve

Right now there is nothing that really makes this machine a server. So we are going to have to install some roles and features. The server software has installed most things you need, it just isn't active yet.

Since we are focused on creating an email server we need to install some infrastructure to pull that off. The basis for any Microsoft network is Active Directory and to install AD we need a DNS server that it can have access to.

GWAVA has DNS and DHCP for the company so you don't need a DHCP in this case but it is necessary to the network in general. But AD interacts with DNS and you will want a local one for that for it to play with. Just have the machines you want to connect to it use that DNS and set the IPs manually so you do not have to worry about DHCP.

Installing DNS

In Server Manager, click on "Add roles and features" in the Dashboard.

• Click Next because you know you are starting a wizard.
• Select Role-based or feature-based installation.
• Select your server.
• Select the Role of DNS Server. A dialog box will popup and tell you it will add required tools.
• Click Next because it is what you want to do.
• Install.

Soon you will see a new role on the left side-bar and if you click on the Tools drop-down you will see tools related to DNS.

ProTip: in a lab things will change rather often so you will occasionally want to go into the DNS manager and Clear Cache and Scavenge stale resource records to clean things up.

Installing Active Directory Directory Services

As above we add a role or feature, and this time you will see there are several choices, but the only one we need is Active Directory Domain Services.

Install like we did with the DNS role. You will see warnings. That is because it is looking for things we are about to create.

Once AD DS is installed you will get a flag in Server Manager, there is some Post-deployment configuration that needs to be done. Just click the link to promote this server to a domain controller. This should start up the Configuration Wizard.

• In the Configuration Wizard you will first need to Add a new forest and give the Root domain name. Since we are not letting it out into the wild you can name it anything you want. e.g. ad.gwavasupport.net. Best practice is to not use an un-mappable domain gwava.local (messes with OSX Bonjour) or the external domain (messes with web server) but a sub-domain of the external domain.

• Since we don't have any legacy equipment to worry about we can leave the functional level at Windows Server 2012 R2 and set the password.

• You will get a DNS delegation warning at this point, but don't worry you aren't done creating everything yet. That will be taken care of later.

• No one uses NetBIOS anymore but you can give it a name as long as it is equal or less then 15 characters.

• Take the defaults for storage paths. (though setting them to a data drive is a best practice)

• Review, click Next.

• There will be warnings, but as long as the bottom of the list is a green check mark you are good to go. Click Install.

After installing it will require a reboot.

In Server Manager you will see the new role and tools available.

Post-Install Configuration

Now you can go into DNS Manager: (Server Manager/Tools)

Go to Forward Lookup Zones Right click on the zone and add a new record. You can add a name and IP address. This is the GUI way of updating the host file.

For example, we had a cloud customer that had an issue: Retain in the cloud needed an external IP address to reach into their email server, but the Retain Worker was inside their system and was using an internal IP address. So, depending on which IP address we used, we could either archive emails or allow users to see their archives. By changing each servers host file both functions could work correctly.

Any clients you want to have access to this Active Directory will need to be pointing to the DNS on this server. Make this the primary domain and the company DNS the secondary so it can find sites on internet.

This is another good point to take a snapshot.

Next Steps

Installing Exchange 2013 for Retain

Installing Standalone CAS for Exchange 2013

Retain Exchange Install