Tuesday, 16 December 2014
Released: Exchange 2013 CU7
Microsoft has recently released the Microsoft Exchange 2013 CU7. The release improve the way of OAB architecture. You may find more information via the Exchange Team Blog here.
Azure AD Connect
Today, Microsoft has announced the Azure AD Connect for public review. The tools could solve the problem such as write back password from cloud to on premise. If you are looking for something to change your password in O365 and sync back to your on premise, you should take a look on this. Here with the link.
Install and Configure Microsoft Exchange 2013 (Part 5)
5.4 Certificates
5.4.1 Request Certificate
1. Open the Exchange Management Shell and enter the following cmdlet
Set-Content -path "d:\mail_cert.req" -Value (New-ExchangeCertificate -GenerateRequest -KeySize 2048 -SubjectName "C=XX, S=XX, L=XX, O=XX Limited, OU=IT, CN=mail.limws.com" -DomainName mail.limws.com, autodiscover.limws.com -PrivateKeyExportable $True)
2. The request file will be generated into d:\. Get the mail_cert.req file and submit to the authorize certificate authority. DigiCert is selected, thus submit the mail_cert.req file to DigiCert
3. DigiCert will issue a certificate after the submission the mail_cert.req file. Get the certificate and copy into the server that you request mail_cert.req in step 1
4. Logon to Exchange admin center and navigate to server > certificate. Select the certificate request you created in the previous steps. In the certificate request details pane, click Complete under Status.
6. The pending request was completed
1. Open the Exchange Management Shell and enter the following cmdlet
Set-Content -path "d:\mail_cert.req" -Value (New-ExchangeCertificate -GenerateRequest -KeySize 2048 -SubjectName "C=XX, S=XX, L=XX, O=XX Limited, OU=IT, CN=mail.limws.com" -DomainName mail.limws.com, autodiscover.limws.com -PrivateKeyExportable $True)
2. The request file will be generated into d:\. Get the mail_cert.req file and submit to the authorize certificate authority. DigiCert is selected, thus submit the mail_cert.req file to DigiCert
3. DigiCert will issue a certificate after the submission the mail_cert.req file. Get the certificate and copy into the server that you request mail_cert.req in step 1
4. Logon to Exchange admin center and navigate to server > certificate. Select the certificate request you created in the previous steps. In the certificate request details pane, click Complete under Status.
5. On the Complete pending request page, specify the path to the SSL certificate file in step 3 and then click OK.
6. The pending request was completed
5.4.2 Export Certificate
1. Select the certificate and choose Export Exchange Certificate.
2. Enter the network path to export with password.
3. The certificate was exported.
5.4.3 Import Certificate
1. Select server to Import Exchange Certificate
2. Enter the path and password for the import certificate.
3. Specify the servers by clicking “+” to add in the server.
4. The certificate was imported into servers.
5.4.4 Assign Service to Certificate
1. Select the new certificate you just added, and then click Edit “
” icon.
2. On the certificate page, click Services. Select the services you want to assign to this certificate. At minimum, you should select SMTP and IIS. Click Save.
3. If you receive the warning Overwrite the existing default SMTP certificate?, click Yes.
4. Service was assigned.
5. Repeat step 1 to step 4 for EXCH02.
Wednesday, 5 November 2014
Install and Configure Microsoft Exchange 2013 (Part 4)
5.0 Server Configurations
5.1 Virtual Directories
5.1.1 Configure External URLs
1. Open the Exchange admin center via https://mail.limws.com/ecp. Enter your user name and password in Domain\user name and Password, and then click Sign in. Navigate to server > virtual directories and then click Configure external access domain Configure “
”icon.
2. Under Select the Client Access servers to use with the external URL, click Add “+” Icon.
3. Select the Client Access servers you want to configure, and then click Add. After you’ve added all the Client Access servers you want to configure, click OK.
4. In Enter the domain name you will use with your external Client Access servers, type the external domain you want to apply. For example, mail.limws.com. Click Save.
5.1.2 Configure Internal URLs
1. Open the Exchange Management Shell and enter the following cmdlet to configure internal URLs for EXCH01
$HostName = "EXCH01"
2. Run each of the following commands in the Exchange Management Shell to configure each internal URL to match the virtual directory’s external URL.
Set-EcpVirtualDirectory "$HostName\ECP (Default Web Site)" -InternalUrl ((Get-EcpVirtualDirectory "$HostName\ECP (Default Web Site)").ExternalUrl)
Set-WebServicesVirtualDirectory "$HostName\EWS (Default Web Site)" -InternalUrl ((Get-WebServicesVirtualDirectory "$HostName\EWS (Default Web Site)").ExternalUrl)
Set-ActiveSyncVirtualDirectory "$HostName\Microsoft-Server-ActiveSync (Default Web Site)" -InternalUrl ((Get-ActiveSyncVirtualDirectory "$HostName\Microsoft-Server-ActiveSync (Default Web Site)").ExternalUrl)
Set-OabVirtualDirectory "$HostName\OAB (Default Web Site)" -InternalUrl ((Get-OabVirtualDirectory "$HostName\OAB (Default Web Site)").ExternalUrl)
Set-OwaVirtualDirectory "$HostName\OWA (Default Web Site)" -InternalUrl ((Get-OwaVirtualDirectory "$HostName\OWA (Default Web Site)").ExternalUrl)
Set-PowerShellVirtualDirectory "$HostName\PowerShell (Default Web Site)" -InternalUrl ((Get-PowerShellVirtualDirectory "$HostName\PowerShell (Default Web Site)").ExternalUrl)
3. Repeat the Step 1 for EXCH02 by entering the following cmdlet and follow by repeating the cmdlets in step 2
$HostName = "EXCH02"
5.2 Outlook Anywhere
1. Open the Exchange admin center via https://mail.limws.com/ecp. Enter your user name and password in Domain\user name and Password, and then click Sign in. Navigate to server > servers and select the name of the Internet-facing Client Access server and then click Edit “” icon. Click Outlook Anywhere.
2. In the Specify the external hostname field, specify the externally accessible FQDN of the Client Access server. For example, mail.limws.com. While you’re here, let’s also set the internally accessible FQDN of the Client Access server. In the Specify the internal hostname field, insert the FQDN you used in the previous step. For example, mail.limws.com. Click Save.
5.3 Autodiscover
1. Open the Exchange admin center via https://mail.limws.com/ecp. Enter your user name and password in Domain\user name and Password, and then click Sign in. Navigate to server > virtual directories and then click Configure external access domain Configure “
”icon.2. Under Select the Client Access servers to use with the external URL, click Add “+” Icon.
3. Select the Client Access servers you want to configure, and then click Add. After you’ve added all the Client Access servers you want to configure, click OK.
4. In Enter the domain name you will use with your external Client Access servers, type the external domain you want to apply. For example, mail.limws.com. Click Save.
5.1.2 Configure Internal URLs
1. Open the Exchange Management Shell and enter the following cmdlet to configure internal URLs for EXCH01
$HostName = "EXCH01"
2. Run each of the following commands in the Exchange Management Shell to configure each internal URL to match the virtual directory’s external URL.
Set-EcpVirtualDirectory "$HostName\ECP (Default Web Site)" -InternalUrl ((Get-EcpVirtualDirectory "$HostName\ECP (Default Web Site)").ExternalUrl)
Set-WebServicesVirtualDirectory "$HostName\EWS (Default Web Site)" -InternalUrl ((Get-WebServicesVirtualDirectory "$HostName\EWS (Default Web Site)").ExternalUrl)
Set-ActiveSyncVirtualDirectory "$HostName\Microsoft-Server-ActiveSync (Default Web Site)" -InternalUrl ((Get-ActiveSyncVirtualDirectory "$HostName\Microsoft-Server-ActiveSync (Default Web Site)").ExternalUrl)
Set-OabVirtualDirectory "$HostName\OAB (Default Web Site)" -InternalUrl ((Get-OabVirtualDirectory "$HostName\OAB (Default Web Site)").ExternalUrl)
Set-OwaVirtualDirectory "$HostName\OWA (Default Web Site)" -InternalUrl ((Get-OwaVirtualDirectory "$HostName\OWA (Default Web Site)").ExternalUrl)
Set-PowerShellVirtualDirectory "$HostName\PowerShell (Default Web Site)" -InternalUrl ((Get-PowerShellVirtualDirectory "$HostName\PowerShell (Default Web Site)").ExternalUrl)
$HostName = "EXCH02"
5.2 Outlook Anywhere
1. Open the Exchange admin center via https://mail.limws.com/ecp. Enter your user name and password in Domain\user name and Password, and then click Sign in. Navigate to server > servers and select the name of the Internet-facing Client Access server and then click Edit “
” icon. Click Outlook Anywhere.2. In the Specify the external hostname field, specify the externally accessible FQDN of the Client Access server. For example, mail.limws.com. While you’re here, let’s also set the internally accessible FQDN of the Client Access server. In the Specify the internal hostname field, insert the FQDN you used in the previous step. For example, mail.limws.com. Click Save.
3. Repeat step 1 and step 2 for EXCH02.
4. To verify by entering the following cmdlet
Get-OutlookAnywhere | Format-List Server, Name, *Hostname*, *Authen*, *SSL*
1. Open the Exchange Management Shell and enter the
following cmdlet to configure the URL for the internal Autodiscover service for EXCH01
Set-ClientAccessServer EXCH01 -AutoDiscoverServiceInternalUri https://mail.limws.com/Autodiscover/Autodiscover.xml
2. Repeat step 1 for EXCH02 by entering the following cmdlet
Set-ClientAccessServer EXCH02 -AutoDiscoverServiceInternalUri https://mail.limws.com/Autodiscover/Autodiscover.xml
3. To verify by entering the following cmdlet.
Get-ClientAccessServer | Format-List Name, AutoDiscoverServiceInternalUri
Install and Configure Microsoft Exchange 2013 (Part 3)
4.0 Mail Flow Configurations
2. Enter the name and add in the “limws.com” as accepted domain. This is an authoritative domain.
3. Click on “ ” on the “limws.com” accepted domain
4. Make this the default domain
5. The default domain has been changed to “limws.com”
2. On the Default Policy Email Address Policy page, click Email Address Format. Click the SMTP address you want to change and then click Edit “” icon.
9. Default Policy was updated and applied
8. Repeat step 1 to step 6 and following by entering the following cmdlet for EXCH02.
13. Send Connector has been created
4.1 Accepted Domains
4.1.1 Create an Accepted Domains
1. Open
the Exchange admin center via https://mail.limws.com/ecp.
Enter your user name and password in Domain\user name and Password, and then
click Sign in. Navigate to mail flow > accepted domain and click on the “+”
to create a new accepted domain
4. Make this the default domain
5. The default domain has been changed to “limws.com”
4.2 Email Address Policies
4.2.1 Configure the Default Email Address Policy
1. Open
the Exchange admin center via https://mail.limws.com/ecp.
Enter your user name and password in Domain\user name and Password, and then
click Sign in. Navigate to mail flow > email address policies, select
default policy and click on the “” to edit default policy
” to edit default policy” icon.
3. On the Email address format page in the Email address parameters field, specify the SMTP recipient domain you want to apply to all recipients in the Exchange organization. This domain must match the accepted domain you added in the previous step. For example, @limws.com. Click Save.
4. Click Save.
5. OK to accept the warning
6. In the Default Policy details pane, click Apply.
7. Yes to accept warning
8. Close
9. Default Policy was updated and applied
4.3 Receive Connectors
4.3.1 Create SMTP Relay Receive Connector
1. Open
the Exchange admin center via https://mail.limws.com/ecp.
Enter your user name and password in Domain\user name and Password, and then
click Sign in. Navigate to mail flow > receive connectors and click on the
“+” to create a receive connector.
2. Enter the Name for new receive connector. Select the Frontend Transport role and use the custom type, then click next.
3. Next
4. Remove the default IP address range by use “-“. Click the “+” to add the trusted IP of application server or device that requires external SMTP relay access. Finish.
5. Select the connector and click on the edit “ ” icon.
6. Go to security and check the Anonymous users. Click Save to apply the settings.
7. Open the EMS and enter the following cmdlet to add access right for the ability to send to external recipients via this connector.
Get-ReceiveConnector EXCH01\"SMTP Relay EXCH01" | Add-ADPermission -User 'NT AUTHORITY\Anonymous Logon' -ExtendedRights MS-Exch-SMTP-Accept-Any-Recipient
Get-ReceiveConnector EXCH02\"SMTP Relay EXCH02" | Add-ADPermission -User 'NT AUTHORITY\Anonymous Logon' -ExtendedRights MS-Exch-SMTP-Accept-Any-Recipient
9. Enter the following cmdlet in EMS to verify.
Get-ReceiveConnector EXCH01\"SMTP Relay EXCH01" | Get-ADPermission | where {$_.User -like '*Anonymous*'} | fl Identity,User,ExtendedRights
Get-ReceiveConnector EXCH02\"SMTP Relay EXCH02" | Get-ADPermission | where {$_.User -like '*Anonymous*'} | fl Identity,User,ExtendedRights
4.4 Send Connectors
4.4.1 Create Send Connectors
1. Open
the Exchange admin center via https://mail.limws.com/ecp.
Enter your user name and password in Domain\user name and Password, and then
click Sign in. Navigate to mail flow > send connectors and click on the “+”
to create a send connector.
2. In the New send connector wizard, specify a name for the Send connector and then select Internet. Click Next.
3. Select Route mail through smart host and click “+” to add in smart host address.
4. Specify the FQDN or IPv4 Address for smart host and click save.
5. Next
6. Next
7. Under Address space, click Add “+” Icon.
8. In the Add domain window, make sure SMTP is selected in the Type field. In the Fully Qualified Domain Name (FQDN) field, enter *. Click Save.
9. Make sure Scoped send connector isn't selected, and then click Next.
10. Under Source server, click Add “+” Icon.
11. In the Select a Server window, select both MR Mailbox server. After you've selected the server, click Add and then click OK.
12. Click Finish.
13. Send Connector has been created
Subscribe to:
Posts (Atom)