Exchange Install

From Help
Jump to: navigation, search

This is on installing Exchange 2013 CU18 on Windows 2012 R2 running GUI. It is assuming:

You want this all on one server, for both the Mailbox and Client Access Roles. You have some type of ISP-facing firewall you can configure. You have static external IP addresses to use. Set aside an internal static IP on your Windows 2012 R2 server. You have access to your organization's external DNS settings. This Exchange 2013 install is stand-alone, not an upgrade from a previous version, and will only be supporting the English language pack.

Most of this is from Microsoft's TechNet, with additional notes from my install and other sites. See the References links for direct links to them.

NOTICE: Make sure that you do all the AD preparations before installing. Failure during install can cause massive complications.

Return to Main Page

Prerequisites

Hardware Requirements

  • Processor: x64 (either Intel or AMD; Itanium IA64 not supported)
  • Memory: 8GB+ (I am using a VM with 10GB)
  • Disk Space: Minimum of 31GB. I suggest at least 150GB total due to the OS as well.
  • Paging file size:
    • Minimum: RAM+267MB (to also support crash dump writes)
    • Maximum: 32778MB (32GB)
  • File formats: NTFS for system / install.
    • You can use ReFS for:
      • Partitions containing transaction log files
      • Partitions containing database files
      • Partitions containing content indexing files

Return to Top

Software

You will need to download and install several extra packages, and Exchange itself.

Install order:

  • PowerShell
  • Windows Updates
  • .Net
  • Windows Updates
  • Unified Communications Managed
  • Windows Updates

NOTICE: DO NOT install Exchange yet.

Return to Top

Firewall Preparations

Port forwards needed:

  • 25 (SMTP, Simple Mail Transport Protocol)
  • 53 (DNS, Domain Name Service)
  • 80 (HTTP, Hyper Text Transfer Protocol)
  • 81 (HTTP for EAC)
  • 110 (POP3, Post Office Protocol - Version 3)
  • 143 (IMAP, Internet Mail Access Protocol)
  • 389 LDAP (Lightweight Directory Access Protocol)
  • 443 HTTPS / SSL
  • 444 (SNPP, Simple Network Paging Protocol)
  • 465 Outgoing SMTP Mail over SSL
  • 475 Mailbox Transport Delivery Service, MSExchangeDelivery
  • 476 Mailbox Transport Delivery Service, MSExchangeDelivery
  • 587 SMTP Mail port (TLS/Start TLS Port)
  • 593 (RPC)
  • 636 LDAPS Lightweight Directory Access Protocol over TLS/SSL
  • 717 Frontend transport recieve
  • 808 Microsoft Net.TCP Port Sharing Service
  • 890 AD topology for Exchange
  • 993 IMAP-SSL Internet Message Access Protocol over SSL (IMAPS)
  • 995 Post Office Protocol 3 over TLS/SSL (POP3S)
  • 2525 alternate to port 25 SMTP

Return to Top

DNS

You will need to add entries in both your internal AD DNS and external DNS. We will use example.com as a placeholder domain, and 1.1.1.1 as the placeholder external IP. The 300 is the time to live in seconds.

External DNS records needed

@ 300 IN MX 10 mail.example.com.
mail 300 IN A 1.1.1.1
autodiscover 300 IN CNAME mail.example.com.
owa IN CNAME mail.example.com.

You can use a different naming scheme instead of mail; also make sure you add the dot behind the .com.

Internal DNS

Add something like the following to your internal DNS:

mail.example.com CNAME internal.corp.example.com
owa.example.com CNAME internal.corp.example.com
autodiscover.example.com A 192.168.1.10

Change the domain names to fit your organization, and set the 192.168.1.10 to the internal IP your Exchange 2013 server is.

Return to Top

Steps

Before running main Setup

  • Open Powershell as Administrator and run:
Install-WindowsFeature RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS
  • Check Windows Update again
  • Copy the previously downloaded Exchange2013-x64-cu18.exe to the local machine and unpack it.

Return to Top

Prepping AD via Setup

  • Open a command line, change to the unpacked directory, and run (in this order):

Return to Top

Main installation

  • Install Exchange using the Setup file
    • Install Mailbox and Client access roles
  • Reboot

Return to Top

Post-install tasks

  • You should now be able to log into your Exchange Admin Center (abbreviated EAC) via Internet Explorer:
    • https://localhost/ecp
    • Click Continue to this website (not recommended)
    • Enter your Domain Admin credentials

Product Key

If you don't have a key, Exchange will work for 180 days.

  • Add in your key in EAC > servers > "Enter Product Key"
  • Restart the Microsoft Exchange Information Store service (or reboot)

Return to Top

Roles and permissions

  • Add your Exchange admin user account to the role groups
    • EAC > Permissions > Admin roles
    • Click + (add new role group)
    • Give it a name (I used EXCH Admins)
    • Give a description (for on-server documentation)
    • Click + under Roles
    • Select a Role popup will open:
      • Choose the Roles you want, for this group select all of them (select top, shift-click the last one)
      • Click add ->
      • Click OK
      • Select a Role popup will close
    • Scroll down to Members, click +
    • Select Members popup will open:
      • Add in the members you want (I added the domain admin users)
      • Click add ->
      • Click OK.
    • Select Members popup will close
    • Click Save
    • You may have an error with "Datacenter Admin" and / or "Reset Password-EXCH Admins". If so, remove those two rules and then Save.

Return to Top

Create your Send Connector

  • EAC > Mail flow > Send connectors. On the Send connectors page, click New Add Icon.
  • + (click New Add Icon)
  • New Send Connector wizard will open
    • In the New send connector wizard, specify a name for the Send connector. I used the FQDN from the DNS setup
    • Select Internet. Click Next
    • Verify that MX record associated with recipient domain is selected.
    • Click Next.
    • Under Address space, click Add Add Icon. The Address Space (add domain) window will open.
      • In the Add domain window, make sure SMTP is selected in the Type field.
      • In the Fully Qualified Domain Name (FQDN) field, enter *.
      • Click Save.
      • The Address Space window will close.
    • The information you just entered will now be populated.
    • Make sure Scoped send connector isn't selected and then click Next.
    • Under Source server, click + (add icon). This will open the Select a Server window
      • Select the Mailbox server.
      • After you've selected the server, click Add
      • Click OK to close Select a Server window
    • Click Finish.
  • You will see "Please Wait" and then be returned to the mail flow, and should see the information you just entered.

Return to Top

Configure Accepted Domains

In this how-to, we are only configuring a single domain so the default will work and no additional steps are needed. Return to Top

Configure the default email address policy

    • In this how-to, we are only configuring a single domain so the default will work and no additional steps are needed.

Return to Top

Configure external URLs

  • EAC > Servers > Servers, select the name of the Internet-facing Client Access server (there should only be one listed)
  • Click the Edit icon (pencil). This will open up the Exchange Server window
    • Click Outlook Anywhere (very last choice)
    • In the Specify the external hostname field, give the external FQDN of the Client Access server. This will be the FQDN we specified in the External DNS prerequisite. For example, mail.example.com
    • In the Specify the internal hostname field, insert the FQDN you used for this server in the AD DNS.
      • You can use the AD name of the server itself, or one of the CNAMEs we specified.
    • Click Save. The Exchange Server window will close.
  • Servers > Virtual directories
  • Click Configure external access domain Configure icon (the wrench). This will open the configure external access domain window.
    • Under Select the Client Access servers to use with the external URL, click Add Icon. This will open the Select a Server window
      • There should only be one server. Select it
      • Click add ->
      • Click OK. This will close the Select a Server window.
    • The server you choose will now show in the list
    • In Enter the domain name you will use with your external Client Access servers, type the external domain specified in the DNS prereq earlier. For example, mail.example.com.
    • Click Save. The configure external access domain window will close.
  • Done!

Your Exchange server install is now complete. By default, the Administrator will have a mailbox. For all other users, you will need to add a mailbox for them.

Return to Top

References

Return to Top