Tags
Exchange 2013 Configuration details, Exchange 2013 Installation requirements, Exchnage 2013 Preview
- Server Roles: Microsoft Exchange Server 2013 Preview consists of the following two server roles Client Access server role and Mailbox server role Exchange2013 Server Roles
- Exchange Administration Center: No Exchange management console ,Exchange 2013 Preview provides a single unified management console that allows for ease of use and is optimized for management of on-premises, online, or hybrid deployments. The Exchange Administration Center (EAC) in Exchange 2013 Preview replaces the Exchange 2010 Exchange Management Console (EMC) and the Exchange Control Panel (ECP). ExchangeAdministration Center
- No Coexistence with Exchange 2003 Planning and deployment
- Exchange 2013 architecture RPC is no longer a supported direct access protocol. This means that all Outlook connectivity must take place using RPC over HTTPS (also known as Outlook Anywhere).
- New public folder design: Public folders in Exchange 2013 Preview now take advantage of the existing high availability and storage technologies of the mailbox store. The public folder architecture uses specially designed mailboxes to store both the hierarchy and the public folder content. This new design also means that there is no longer a public folder database. Public folder replication now uses the continuous replication model. Public Folders.
- 2013 Preview has *Offline* access in Outlook Web App (OWA).
- The transport pipeline in Exchange 2013 Preview is now made up of several different services: the Front End Transport service on Client Access servers, the Hub Transport service on Mailbox servers, and the Mailbox Transport service on Mailbox servers. For more information, see Mail Flow.
- Site mailboxes improve collaboration and user productivity by allowing access to both documents in a SharePoint site and email messages in an Exchange mailbox, using the same client interface. A site mailbox is functionally comprised of SharePoint site membership (owners and members), shared storage through an Exchange mailbox for email messages and a SharePoint site for documents, and a management interface that addresses provisioning and lifecycle needs.see Site Mailboxes.
- Microsoft Exchange Server 2013 Preview consists of the following server roles:
- Client Access server role This role proxies connectivity for all clients, such as Microsoft Office Outlook, Outlook Web App, mobile devices, POP, and SMTP and also accepts mail from and delivers mail to other mail hosts on the Internet. Client access servers can be organized into Client Access server arrays.
- Mailbox server role This role stores mailbox data, performs processing and rendering for client connections proxied by the Client Access server, and handles Unified Messaging requests. Mailbox servers can be organized into back-end clusters that use database availability groups (DAGs).
You can install Exchange 2013 Preview in one or more Active Directory sites. In each Active Directory site where you install Exchange 2013 Preview, you must install at least one Mailbox server and at least one Client Access server. You can install the roles on separate computers or on the same computer. Many functions in Exchange 2013 Preview, such as client connectivity and the Exchange Administration Center, won’t work until both Mailbox and Client Access servers are installed in an Active Directory site.
Important: We recommend that you install the Mailbox server first. The Edge Transport server role isn’t included with Exchange 2013 Preview. However, Exchange 2013 Preview does support the Exchange Server 2010 Service Pack 2 (SP2) Edge Transport server role.
The following sections provide a summary of each server role.
Client Access servers accept connections from clients and proxy those requests to the back-end Mailbox server that houses the active mailbox database copy. Multiple Client Access servers can be grouped together into a load-balanced array. The Client Access server performs authentication, redirection, and proxy services; it doesn’t perform any data rendering. Connections to the Client Access server are stateless which means that there is no need to maintain affinity between a client and an individual Client Access server for subsequent connections because all data processing and transformation occurs on the Mailbox server. Because of this change in architecture, Exchange 2013 Preview requires layer 4 load balancing. Layer 4 load balancing is protocol-unaware and balances traffic based on IP address and TCP/UDP port.
A Client Access array includes two different components: the Client Access service and the Front End Transport service.
The Client Access service performs the following functions:
- Provides a unified namespace, authentication, and network security.
- Handles all client requests for Exchange.
- Routes requests to the correct Mailbox server.
- Proxies or redirects client requests for legacy servers, such as Exchange 2007 and Exchange 2010 Client Access.
- Enables the use of layer 4 (TCP affinity) routing.
The Front End Transport service performs the following functions:
- Protocol level filtering Performs connection, recipient, sender, and protocol filtering
- Network protection Centralized, load-balanced egress and ingress point for the organization.
- Mailbox locator Avoids unnecessary hops by determining the best Mailbox server to deliver the message to.
- Load-balances client and application SMTP requests.
Mailbox servers house the mailbox data for the organization and perform data rendering and other operations. Mailbox servers can be grouped into back-end clusters which consist of database availability groups (DAG). Mailbox servers perform the following functions:
- Host mailbox databases.
- Provide email storage.
- Host public folder databases.
- Calculate email address policies.
- Conduct multi-mailbox searches.
- Provide high availability and site resiliency.
- Provide messaging records management and retention policies.
- Handle connectivity because clients don’t connect directly to the Mailbox servers.
- Provide all core Exchange functionality for a given mailbox where that mailbox’s database is currently activated.
- Fails over mailbox access when a database fails over.
The following briefly describes some new and some improved features in the Mailbox role for Exchange 2013 Preview:
- Evolution of Exchange 2010 DAG:
- Transaction log code has been refactored for fast failover with deep checkpoint on passive database copies.
- To support enhanced site resiliency, servers can be in different locations.
- Exchange 2013 Preview now hosts some Client Access components, the Transport components, and the Unified Messaging components.
- Exchange 2013 Preview Store has been re-written in managed code to improve performance in additional IO reduction and reliability.
- Each Exchange 2013 Preview database now runs under its own process.
- Smart Search has replaced the Exchange 2010 multi-mailbox search infrastructure.
For more information about the Client Access server role, Mailbox server role, and Mailbox components, see the following topics:
Mailbox and Client Access Servers
High Availability and Site Resilience
Messaging Policy and Compliance.
Exchange 2013 System Requirements.
Before you install Microsoft Exchange Server 2013 Preview, we recommend that you review this topic to ensure that your network, hardware, software, clients, and other elements meet the requirements for Exchange 2013 Preview. In addition, make sure you understand the coexistence scenarios that are supported for Exchange 2013 Preview and earlier versions of Exchange.
The following table lists the scenarios in which coexistence between Exchange 2013 Preview and earlier versions of Exchange are supported.
Coexistence of Exchange 2013 Preview and earlier versions of Exchange Server
Exchange version Exchange organization coexistence Exchange Server 2003 and earlier versions Not supported Exchange 2007 Not supported with Exchange 2013 Preview. Coexistence with Exchange 2007 will be supported in the release to manufacturing (RTM) version of Exchange 2013. Exchange 2010 Not supported with Exchange 2013 Preview. Coexistence with Exchange 2010 will be supported with Exchange 2013 RTM. Mixed Exchange 2010 and Exchange 2007 organization Not supported with Exchange 2013 Preview. Coexistence with Exchange 2007 and Exchange 2010 will be supported with Exchange 2013 RTM. The following table lists the requirements for the network and the directory servers in your Exchange 2013 Preview organization.
Network and directory server requirements for Exchange 2013 Preview
Component Requirement Schema master By default, the schema master runs on the first Windows Server 2012 or Windows Server 2008 R2 or Windows Server 2008 or Windows Server 2003 domain controller installed in a forest. The schema master must be running any of the following: - Windows Server 2012
- Windows Server 2008 R2 Standard or Enterprise
- Windows Server 2008 Standard or Enterprise (32-bit or 64-bit)
- Windows Server 2003 Standard Edition with Service Pack 2 (SP2) or later (32-bit or 64-bit)
- Windows Server 2003 Enterprise Edition with SP2 or later (32-bit or 64-bit)
Global catalog server In each Active Directory site where you plan to install Exchange 2013 Preview, you must have at least one global catalog server running any of the following: - Windows Server 2012
- Windows Server 2008 R2 Standard or Enterprise
- Windows Server 2008 R2 Datacenter RTM or later
- Windows Server 2008 Standard or Enterprise (32-bit or 64-bit)
- Windows Server 2008 Datacenter RTM or later
For more information about global catalog servers, see What is the Global Catalog.
Domain controller In each Active Directory site where you plan to install Exchange 2013 Preview, you must have at least one writeable domain controller running any of the following: - Windows Server 2012
- Windows Server 2008 R2 Standard or Enterprise SP1 or later
- Windows Server 2008 R2 Datacenter RTM or later
- Windows Server 2008 Standard or Enterprise SP1 or later (32-bit or 64-bit)
- Windows Server 2008 Datacenter RTM or later
Active Directory forest Active Directory must be at Windows Server 2003 forest functionality mode or higher. IPv6 Support IPv6 is supported only when IPv4 is also used; a pure IPv6 environment isn’t supported. Using IPv6 addresses and IP address ranges is supported only when both IPv6 and IPv4 are enabled on that computer, and the network supports both IP address versions. If Exchange 2013 Preview is deployed in this configuration, all server roles can send data to and receive data from devices, servers, and clients that use IPv6 addresses. Exchange 2013 Preview support is similar to support for Exchange Server 2007. The use of 64-bit Active Directory domain controllers increases directory service performance for Exchange 2013 Preview.
Note: In multi-domain environments, on Windows Server 2008 domain controllers that have the Active Directory language locale set to Japanese, your servers may not receive some attributes that are stored on an object during inbound replication. For more information, see Microsoft Knowledge Base article 949189, A Windows Server 2008 domain controller that is configured with the Japanese language locale may not apply updates to attributes on an object during inbound replication. For security and performance reasons, we recommend that you install Exchange 2013 Preview only on member servers and not on Active Directory directory servers. However, you can’t run DCPromo on a computer running Exchange 2013 Preview. After Exchange 2013 Preview is installed, changing its role from a member server to a directory server, or vice versa, isn’t supported.
The recommended hardware requirements for Exchange 2013 Preview servers vary depending on a number of factors including the server roles that are installed and the anticipated load that will be placed on the servers.
Hardware requirements for Exchange 2013 Preview
Component Requirement Notes Processor - x64 architecture-based computer with Intel processor that supports Intel 64 architecture (formerly known as Intel EM64T)
- AMD processor that supports the AMD64 platform
- Intel Itanium IA64 processors not supported
See the “Operating system” section later in this topic for supported operating systems. Memory Varies depending on Exchange features that are installed Detailed guidance is currently not available for Exchange 2013 Preview. Paging file size The page file size minimum and maximum must be set to physical RAM plus 10 MB The recommended page file size also accounts for the memory that’s needed to collect information if the operating system stops unexpectedly. On 64-bit operating systems, memory can be written as a dump file to the paging file. This file must reside on the boot volume of the server. For more information about the configuration options that are available for memory dump data, see Knowledge Base article 254649, Overview of memory dump file options for Windows Vista, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows XP, and Windows 2000.
Disk space - At least 1.2 GB on the drive on which you install Exchange
- An additional 500 MB of available disk space for each Unified Messaging (UM) language pack that you plan to install
- 200 MB of available disk space on the system drive
- A hard disk that stores the message queue database on an Edge Transport server or Hub Transport server with at least 500 MB of free space
The minimum space requirements detailed here don’t account for disk subsystem requirements for adequate performance. Drive DVD-ROM drive, local or network accessible None. Screen resolution 800 x 600 pixels or higher None. File format Disk partitions formatted as NTFS file systems, which applies to the following partitions: - System partition
- Partitions that store Exchange binary files
- Partitions containing transaction log files
- Partitions containing database files
- Partitions containing other Exchange files
None. The following table lists the supported operating systems for Exchange 2013 Preview.
Supported operating systems for Exchange 2013 Preview
Component Requirement Mailbox and Client Access server roles One of the following: - Windows Server 2012
- Windows Server 2008 R2 Standard with SP1
- Windows Server 2008 R2 Enterprise with SP1
- Windows Server 2008 R2 Datacenter RTM or later
Management tools One of the following: - Windows Server 2012
- Windows Server 2008 R2 Standard with SP1
- Windows Server 2008 R2 Enterprise with SP1
- Windows Server 2008 R2 Datacenter RTM or later
- 64-bit edition of Windows 8 Release Preview
- 64-bit edition of Windows 7 with SP1
Important: Exchange 2013 Preview doesn’t support being run on computers with the United States Federal Information Processing Standards (FIPS) compliant settings enabled. If you have FIPS enabled on computers running Windows Server 2008 R2 SP1, Exchange 2013 Preview will not function correctly. For more information, see Knowledge Base article 811833, The effects of enabling the “System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing” security setting in Windows XP and in later versions of Windows. Exchange 2013 Preview supports the following minimum versions of Microsoft Office Outlook and Microsoft Entourage for Mac:
- Outlook 2013 Preview
- Outlook 2010 SP1 with April 2012 Cumulative Update
- Outlook 2007 SP3 with July 2012 Cumulative Update
- Entourage 2008 for Mac, Web Services Edition
- Outlook for Mac 2011
Important: The information above provides the minimum versions required for a client to connect to Exchange. We strongly recommend that you install the latest available service packs and updates available so that your users receive the best possible experience when connecting to Exchange. Outlook clients earlier than Outlook 2007 are not supported. Email clients on Mac operating systems that require DAV, such as Entourage 2008 for Mac RTM and Entourage 2004, are not supported.
Outlook Web App supports several browsers on a variety of operating systems and devices. For detailed information, see Supported Browsers for Outlook Web App.
All Exchange 2013 Preview server roles are supported within a virtual machine, provided the virtual machine and hypervisor environment meet all of the system requirements for running Exchange 2013 Preview.
Microsoft supports Exchange 2013 Preview in production on hardware virtualization software only when all the following conditions are true:
- The hardware virtualization software is running one of the following:
- Windows Server 2012
- Windows Server 2008 R2 with Hyper-V technology
- Microsoft Hyper-V Server 2008 R2
- Any third-party hypervisor that has been validated under the Windows Server Virtualization Validation Program.
- The Exchange guest virtual machine:
- Is running Microsoft Exchange 2013 Preview.
- Is deployed on an operating system that is supported by Exchange 2013 Preview.
- The storage used by an Exchange virtual machine for Exchange data (for example, mailbox databases or Hub transport queues) can be any of the following:
- Virtual disks of a fixed size (for example, fixed virtual hard disks (VHDs) in a Hyper-V environment).
- Virtual disks store on block-level, direct attached storage (DAS) that is locally connected to the hypervisor machine.
- Block-level storage that is connected via storage area network (SAN) technology (could include fiber channel, fiber channel over Ethernet, or Internet SCSI (iSCSI)).
- SCSI pass-through storage.
- Internet SCSI (iSCSI) storage.
All storage used by an Exchange guest machine for storage of Exchange data must be block-level storage because Exchange 2013 Preview doesn’t support the use of network attached storage (NAS) volumes. Also, NAS storage that’s presented to the guest as block-level storage via the hypervisor isn’t supported. The following virtual disk requirements apply for volumes used to store Exchange data:
- Virtual disks that dynamically expand aren’t supported by Exchange.
- Virtual disks that use differencing or delta mechanisms (such as Hyper-V’s differencing VHDs or snapshots) aren’t supported.
- Only management software (for example, antivirus software, backup software, or virtual machine management software) can be deployed on the physical root machine. No other server-based applications (for example, Exchange, SQL Server, Active Directory, or SAP) should be installed on the root machine. The root machine must be dedicated to running guest virtual machines.
- Some hypervisors include features for taking snapshots of virtual machines. Virtual machine snapshots capture the state of a virtual machine while it’s running. This feature enables you to take multiple snapshots of a virtual machine and then revert the virtual machine to any of the previous states by applying a snapshot to the virtual machine. However, virtual machine snapshots aren’t application aware, and using them can have unintended and unexpected consequences for a server application that maintains state data, such as Exchange. As a result, making virtual machine snapshots of an Exchange guest virtual machine isn’t supported.
- Many hardware virtualization products allow you to specify the number of virtual processors that should be allocated to each guest virtual machine. The virtual processors located in the guest virtual machine share a fixed number of logical processors in the physical system. Exchange supports a virtual processor-to-logical processor ratio no greater than 2:1. For example, a dual processor system using quad core processors contains a total of 8 logical processors in the host system. On a system with this configuration, don’t allocate more than a total of 16 virtual processors to all guest virtual machines combined.
- When calculating the total number of virtual processors required by the root machine, you must also account for both I/O and operating system requirements. In most cases, the equivalent number of virtual processors required in the root operating system for a system hosting Exchange virtual machines is 2. This value should be used as a baseline for the root operating system virtual processor when calculating the overall ratio of physical cores to virtual processors. If performance monitoring of the root operating system indicates you’re consuming more processor utilization than the equivalent of 2 processors, you should reduce the count of virtual processors assigned to guest virtual machines accordingly and verify that the overall virtual processor-to-physical core ratio is no greater than 2:1.
- The operating system for an Exchange guest machine must use a disk that has a size equal to at least 15 GB plus the size of the virtual memory that’s allocated to the guest machine. This requirement is necessary to account for the operating system and paging file disk requirements. For example, if the guest machine is allocated 16 GB of memory, the minimum disk space needed for the guest operating system disk is 31 GB. In addition, it’s possible that guest virtual machines may be prevented from directly communicating with fibre channel or SCSI host bus adapters (HBAs) installed in the root machine. In this event, you must configure the adapters in the root machine’s operating system and present the LUNs to guest virtual machines as either a virtual disk or a pass-through disk. All Exchange 2013 Preview server roles may be combined with host-based failover clustering and migration technology. Exchange 2013 Preview virtual machines must be configured such that they will not save point-in-time state to disk and restore from that state when moved or taken offline. All planned or scheduled migration must take advantage of an online migration technology like Hyper-V Live Migration or VMware vMotion. Migration technology is supported by the hypervisor vendor; therefore, you must ensure that your hypervisor vendor has tested and supports migration of Exchange 2013 Preview virtual machines. Microsoft supports Hyper-V Live Migration of these virtual machines.
The following features and technologies are not supported for virtualized Exchange environment:
- Oversubscription or dynamic adjustment of memory allocated to Exchange 2013 Preview virtual machines.
- Virtual machine snapshots which capture the state of a running virtual machine and allow reverting to a previous state.
- Prepare Active Directory and Domains
Before you install Microsoft Exchange Server 2013 Preview on any servers in your organization, you must prepare Active Directory and domains.
- Estimated time to complete: 10-15 minutes (not including Active Directory replication) or more, depending on organization size and number of child domains
- The computers on which you plan to install Exchange 2013 Preview must meet the system requirements. For details, see Exchange 2013 System Requirements.
- Your domains and the domain controllers must meet the system requirements in “Network and directory servers” in Exchange 2013 System Requirements.
- In each domain in which you install Exchange 2013 Preview, you must have at least one domain controller running any of the following:
- Windows Server 2012
- Windows Server 2008 Standard or Enterprise (32-bit or 64-bit)
- Windows Server 2008 R2 Standard or Enterprise
- For multiple domain organizations running the following /Prepare* commands, we recommend the following:
- Run the /Prepare* commands from an Active Directory site with an Active Directory server from every domain.
- Run the first server role installation from an Active Directory site with a writeable global catalog server from every domain.
- Verify that replication of objects from the preceding actions is completed on the global catalog server in the Active Directory site before installing the first Exchange 2013 Preview server to that site.
- If you run the Exchange 2013 Preview Setup wizard with an account that has the permissions required (Schema Admins, Domain Admins, and Enterprise Admins) to prepare Active Directory and the domain, the wizard automatically prepares Active Directory and the domain. For more information, see Install Exchange 2013 Using the Setup Wizard. However, you must first install the Active Directory management tools on the computer prior to preparing the schema or domains. To do this, run one of the following commands.
- On Windows Server 2008 R2 SP1 computers, run the following command in a Windows PowerShell session:
Add-WindowsFeature RSAT-ADDS
- On Windows Server 2012 computers, run the following command in a Windows PowerShell session:
Install-WindowsFeature RSAT-ADDS
- On Windows Server 2008 R2 SP1 computers, run the following command in a Windows PowerShell session:
- You must specify the /IAcceptExchangeServerLicenseTerms parameter when you run setup.exe to accept the Exchange 2013 Preview license terms.
- For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard Shortcuts in Exchange 2013.
To track the progress of Active Directory replication, you can use the repadmin tool (repadmin.exe), which is installed as part of the Windows Server 2012 and Windows Server 2008 R2 Active Directory Domain Services Tools (RSAT-ADDS) feature. For more information about how to use repadmin, see Repadmin.
- From a Command Prompt window, run the following command. setup /PrepareSchema or setup /ps
Note: You can skip this step and prepare the schema as part of Step 2. Important: If you have multiple forests in your organization, make sure that you run your forest preparation from the correct Exchange forest. Setup preparation makes configuration changes to your forest, and it could configure a non-Exchange forest incorrectly. Note: It isn’t supported to use the LDIF Directory Exchange tool (LDIFDE) to manually import the Exchange 2013 Preview schema changes. You must use Setup to update the schema. This command performs the following tasks:
- Connects to the schema master and imports LDAP Data Interchange Format (LDIF) files to update the schema with Exchange 2013 Preview specific attributes. The LDIF files are copied to the Temp directory and then deleted after they are imported into the schema.
- Sets the schema version (ms-Exch-Schema-Verision-Pt) to 15132.
Note the following:
- To run this command, you must be a member of the Schema Admins group and the Enterprise Admins group.
- You must run this command on a 64-bit computer in the same domain and in the same Active Directory site as the schema master.
- If you use the /DomainController parameter with this command, you must specify the domain controller that is the schema master.
- After you run this command, you should wait for the changes to replicate across your Exchange organization before continuing to the next step. The amount of time this takes is dependent upon your Active Directory site topology.
- For more information, see Exchange Server Changes to the Active Directory Schema.
- From a Command Prompt window, run the following command. setup /PrepareAD [/OrganizationName:<organization name>] or setup /p [/on:<organization name>] This command performs the following tasks:
- If the Microsoft Exchange container doesn’t exist, this command creates it under CN=Services,CN=Configuration,DC=<root domain>.
- If no Exchange organization container exists under CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain >, you must specify an organization name using the /OrganizationName parameter. The organization container will be created with the name that you specify. The Exchange organization name can contain only the following characters: A through Z a through z 0 through 9 Space (not leading or trailing) Hyphen or dash The organization name can’t contain more than 64 characters. The organization name can’t be blank. If the organization name contains spaces, you must enclose the name in quotation marks (“).
- Verifies that the schema has been updated and that the organization is up to date by checking the objectVersion property in Active Directory. The objectVersion property is in the CN=<your organization>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<domain> container. The objectVersion value for Exchange 2013 Preview is 15448.
- If the containers don’t exist, creates the following containers and objects under CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain>, which are required for Exchange 2013 Preview: CN=Address Lists Container,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=AddressBook Mailbox Policies,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Addressing,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Administrative Groups,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Approval Applications,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Auth Configuration,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Client Access,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Connections,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=ELC Folders Container,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=ELC Mailbox Policies,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=ExchangeAssistance,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Global Settings,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Hybrid Configuration,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Mobile Mailbox Policies,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Monitoring Settings,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=OWA Mailbox Policies,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Provisioning Policy Container,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=RBAC,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Recipient Policies,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Remote Accounts Policies Container,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Retention Policies Container,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Retention Policy Tag Container,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=ServiceEndpoints,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=System Policies,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Team Mailbox Provisioning Policies,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Transport Settings,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=UM AutoAttendant,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=UM DialPlan,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=UM IPGateway,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=UM Mailbox Policies,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> CN=Workload Management Settings,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain>
- If it doesn’t exist, creates the default Accepted Domains entry, based on the forest root namespace, under CN=Transport Settings,CN=<Organization Name>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain>.
- Assigns specific permissions throughout the configuration partition.
- Imports the Rights.ldf file. This adds the extended rights required for Exchange to install into Active Directory.
- Creates the Microsoft Exchange Security Groups organizational unit (OU) in the root domain of the forest and assigns specific permissions on this OU.
- Creates the following management role groups within the Microsoft Exchange Security Groups OU: Compliance Management Delegated Setup Discovery Management Help Desk Hygiene Management Organization Management Public Folder Management Recipient Management Records Management Server Management UM Management View-Only Organization Management
- Adds the new universal security groups (USGs) that are within the Microsoft Exchange Security Groups OU to the otherWellKnownObjects attribute stored on the CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<root domain> container.
- Creates the Unified Messaging Voice Originator contact in the Microsoft Exchange System Objects container of the root domain.
- Prepares the local domain for Exchange 2013 Preview. For information about what tasks are completed to prepare a domain, see Step 3.
Note the following:
- To run this command, you must be a member of the Enterprise Admins group.
- The computer where you run this command must be able to contact all domains in the forest on port 389.
- You must run this command on a computer in the same domain and in the same Active Directory site as the schema master. Setup will make all configuration changes to the schema master to avoid conflicts because of replication latency.
- After you run this command, you should wait for the changes to replicate across your Exchange organization before continuing to the next step. The amount of time this takes is dependent upon your Active Directory site topology.
- To verify that this step completed successfully, make sure that there is a new OU in the root domain called Microsoft Exchange Security Groups. This OU should contain the following new Exchange USGs: Compliance Management Delegated Setup Discovery Management Exchange Servers Exchange Trusted Subsystem Exchange Windows Permissions ExchangeLegacyInterop Help Desk Hygiene Management Organization Management Public Folder Management Recipient Management Records Management Server Management UM Management View-Only Organization Management
- From a Command Prompt window, run one of the following commands:
- Run setup /PrepareDomain or setup /pd to prepare the local domain. You don’t need to run this in the domain where you ran Step 2. Running setup /PrepareAD prepares the local domain.
- Run setup /PrepareDomain:<FQDN of domain you want to prepare> to prepare a specific domain.
- Run setup /PrepareAllDomains or setup /pad to prepare all domains in your organization.
These commands perform the following tasks:
- If this is a new organization, creates the Microsoft Exchange System Objects container in the root domain partition in Active Directory and sets permissions on this container for the Exchange Servers, Exchange Organization Administrators, and Authenticated Users groups. This container is used to store public folder proxy objects and Exchange-related system objects, such as the mailbox database’s mailbox.
- Sets the objectVersion property in the Microsoft Exchange System Objects container under DC=<root domain>. This objectVersion property contains the version of domain preparation. The version for Exchange 2013 Preview is 13236.
- Creates a domain global group in the current domain called Exchange Install Domain Servers. The command places this group in the Microsoft Exchange System Objects container. It also adds the Exchange Install Domain Servers group to the Exchange Servers USG in the root domain.
Note: The Exchange Install Domain Servers group is used if you install Exchange 2013 Preview in a child domain that is an Active Directory site other than the root domain. The creation of this group allows you to avoid installation errors if group memberships haven’t replicated to the child domain. - Assigns permissions at the domain level for the Exchange Servers USG and the Organization Management USG.
Note the following:
- To run setup /PrepareAllDomains, you must be a member of the Enterprise Admins group.
- To run setup /PrepareDomain, if the domain that you’re preparing existed before you ran setup /PrepareAD, you must be a member of the Domain Admins group in the domain. If the domain that you’re preparing was created after you ran setup /PrepareAD, you must be a member of the Exchange Organization Administrators group, and you must be a member of the Domain Admins group in the domain.
- For domains in an Active Directory site other than the root domain, /PrepareDomain might fail with the following messages: “PrepareDomain for domain <YourDomain> has partially completed. Because of the Active Directory site configuration, you must wait at least 15 minutes for replication to occur, and run PrepareDomain for <YourDomain> again.” “Active Directory operation failed on <YourServer>. This error is not retriable. Additional information: The specified group type is invalid. Active Directory response: 00002141: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0 The server cannot handle directory requests.” If you see these messages, wait for or force Active Directory replication between this domain and the root domain, and then run /PrepareDomain again.
- You must run this command in every domain in which you will install Exchange 2013 Preview. You must also run this command in every domain that will contain mail-enabled users, even if the domain doesn’t have Exchange 2013 Preview installed.
To verify that this step completed successfully, confirm the following:
- You have a new global group in the Microsoft Exchange System Objects container called Exchange Install Domain Servers. (To view the Microsoft Exchange System Objects container in Active Directory Users and Computers, on the View menu, click Advanced Features.)
- The Exchange Install Domain Servers group is a member of the Exchange Servers USG in the root domain.
- On each domain controller in a domain in which you will install Exchange 2013 Preview, the Exchange Servers USG has permissions on the Domain Controller Security Policy\Local Policies\User Rights Assignment\Manage Auditing and Security Log policy.
Do the following to verify that Active Directory has been successfully prepared:
- In the Schema naming context, verify that the rangeUpper property on ms-Exch-Schema-Verision-Pt is set to 15132.
- In the Configuration naming context, verify that the objectVersion property in the CN=<your organization>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<domain> container is set to 15448.
- In the Default naming context, verify that the objectVersion property in the Microsoft Exchange System Objects container under DC=<root domain is set to 13236.
You can also check the Exchange setup log to verify that Active Directory preparation has completed successfully. For more information, see Verify an Exchange 2013 Installation.
Note: You won’t be able to use the Get-ExchangeServer cmdlet mentioned in the Verify an Exchange 2013 Installation topic until you’ve completed the installation of at least one Mailbox server role and one Client Access server role in an Active Directory site. Having problems? Ask for help in the Exchange Server forums. Visit the forums at: Exchange Server.
Exchange 2013 Installment Screenshot
Installer screen (no details, just screens for people who do not even try to install new era of Exchange)
you are done
Download Microsoft Exchange Server 2013 Preview- http://technet.microsoft.com/en-us/evalcenter/hh973395.aspx?wt.mc_id=TEC_116_1_4
Configure Mail Flow and Client Access.
After you’ve installed Microsoft Exchange Server 2013 Preview in your organization, you need to configure Exchange Server 2013 Preview for mail flow and client access. Without these additional steps, you won’t be able to send mail to the Internet, and external clients such as Microsoft Office Outlook and ActiveSync devices won’t be able to connect to your Exchange organization.
The steps in this topic assume a basic Exchange deployment with a single Active Directory site and a single simple mail transport protocol (SMTP) namespace.
Important: |
---|
This topic uses example values such as contoso.com, mail.contoso.com, and 172.16.10.11. Replace the example values with the FQDNs and IP addresses for your organization. |
For additional management tasks related to mail flow and clients and devices, see the following topics:
- Estimated time to complete this task: 35 minutes
- Procedures in this topic require specific permissions. See each procedure for its permissions information.
- Before you can perform the steps in this topic, you must have installed at least one Mailbox server role and at least one Client Access server role in an Active Directory site. You can install the server roles on the same computer or on separate computers.
- You’ll receive certificate warnings when you connect to the Exchange Administration Center (EAC) website until you configure a secure sockets layer (SSL) certificate on the Client Access server. You’ll be shown how to do this later in this topic.
- For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard Shortcuts in Exchange 2013.
Step 1: Create a Send connector
Step 2: Add additional accepted domains
Step 3: Configure the default email address policy
Step 4: Configure an SSL Certificate
Step 5: Configure external URLs
Step 6: Configure Outlook Anywhere authentication methods
Tip: |
---|
Having problems? Ask for help in the Exchange Server forums. Visit the forums at: Exchange Server |
Before you can send mail to the Internet, you need to create a Send connector on the Mailbox server. Do the following.
- Open the (EAC) by browsing to https://<fully qualified domain name (FQDN) of Client Access server>/ECP.
- Enter your username and password in Domain\user name and Password and then click sign in.
- Go to Mail Flow > Send Connectors. On the Send Connectors page, click +.
- In the new send connector wizard, specify a name for the Send connector and then select Internet. Click next.
- Verify that MX record associated with recipient domain is selected. Click next.
- Under Address space, click +. In the add domain window, make sure SMTP is selected in the Type field. In the Fully Qualified Domain Name (FQDN) field, enter *. Click save.
- Make sure Scoped send connector isn’t selected and then click next.
- Under Source server, click +. In the Select a server window, select a Mailbox server that will be used to send mail to the Internet via the Client Access server. After you’ve selected the server, click add and then click ok.
- Click finish.
Note: |
---|
A default inbound Receive connector is created when Exchange 2013 Preview is installed. This Receive connector accepts anonymous SMTP connections from external servers. You don’t need to do any additional configuration if this is the functionality you want. If you want to restrict inbound connections from external servers, modify the Default Frontend <Client Access server> Receive connector on the Client Access server. |
To verify that you have successfully created an outbound Send connector, do the following:
- In the EAC, verify the new Send connector appears in Mail Flow > Send Connectors.
- Open Outlook Web App and send an email message to an external recipient. If the recipient receives the message, you’ve successfully configured the Send connector.
By default, when you deploy a new Exchange 2013 Preview organization in an Active Directory forest, Exchange uses the domain name of the Active Directory domain where Setup /PrepareAD was run. If you want recipients to receive and send messages to and from another domain, you must add the domain as an accepted domain. This domain is also added as the primary SMTP address on the default email address policy in the next step.
Important: |
---|
A public Domain Name System (DNS) MX resource record is required for each SMTP domain for which you accept email from the Internet. Each MX record should resolve to the Internet-facing server that receives email for your organization. |
- Open the EAC by browsing to https://<FQDN of Client Access server>/ECP.
- Enter your username and password in Domain\user name and Password and then click sign in.
- Go to Mail Flow > Accepted Domains. On the Accepted Domains page, click +.
- In the new accepted domain wizard, specify a name for the accepted domain.
- In the Accepted domain field, specify the SMTP recipient domain you want to add. For example, contoso.com.
- Select Authoritative domain and then click save.
To verify that you have successfully created an accepted domain, do the following:
- In the EAC, verify the new accepted domain appears in Mail Flow > Accepted Domains.
If you added an accepted domain in the previous step and you want that domain to be added to every recipient in the organization, you need to update the default email address policy.
- Open the EAC by browsing to https://<FQDN of Client Access server>/ECP.
- Enter your username and password in Domain\user name and Password and then click sign in.
- Go to Mail Flow > Email Address Policies. On the Email Address Policies page, select Default Policy and then click the edit icon.
- On the Default Policy Email Address Policy page, click Email Address Format.
- Under Email address format, click the SMTP address you want to change and then click the edit icon.
- On the email address format page in the Email address parameters field, specify the SMTP recipient domain you want to apply to all recipients in the Exchange organization. This domain must match the accepted domain you added in the previous step. Click save.
- Click save
- In the Default Policy details pane, click Apply.
Note: |
---|
We recommend that you configure a user principal name (UPN) that matches the primary email address of each user. If you don’t provide a UPN that matches the email address of a user, the user will be required to manually provide their domain\username or UPN in addition to their email address. If their UPN matches their email address, Outlook Web App, ActiveSync, and Outlook, will automatically match their email address to their UPN. |
To verify that you have successfully configured the default EAP, do the following:
- In the EAC, go to Recipients > Mailboxes.
- Select a mailbox and then, in the recipient details pane, verify that the User mailbox field has been set to <alias>@<new accepted domain>.
- Optionally, create a new mailbox and verify the mailbox is given an email address with the new accepted domain by doing the following:
- Go to Recipients > Mailboxes and click +.
- On the new user mailbox page, provide the information required to create a new mailbox. Click save.
- Select the new mailbox and then, in the recipient details pane, verify that the User mailbox field has been set to <alias>@<new accepted domain>.
Some services, such as Outlook Anywhere and ActiveSync, require certificates to be configured on your Exchange 2013 Preview server. The following steps show you how to configure an SSL certificate from a third-party certificate authority (CA):
- Open the EAC by browsing to https://<FQDN of Client Access server>/ECP.
- Enter your username and password in Domain\user name and Password and then click sign in.
- Go to Servers > Certificates. On the Certificates page, make sure your Client Access server is selected in the Select server field, and then click +.
- In the new exchange certificate wizard, select Create a request for a certificate from a certification authority and then click next.
- Specify a name for this certificate and then click next.
- If you want to request a wildcard certificate, select Request a wild-card certificate and then specify the root domain of all subdomains in the Root domain field. If you don’t want to request a wildcard certificate and instead want to specify each domain you want to add to the certificate, leave this page blank. Click next.
- Click browse and specify an Exchange server to store the certificate on. The server you select should be the Internet-facing Client Access server. Click next.
- For each service in the list shown, specify the external or internal server names that users will use to connect to the Exchange server. For example, for Outlook Web App (when access from the Internet), you might specify owa.contoso.com. For OWA (when access from the Intranet), you might specify CAS02.corp.contoso.com. These domains will be used to create the SSL certificate request. Click next.
- Add any additional domains you want included on the SSL certificate. Click next.
- Provide information about your organization. This information will be included with the SSL certificate. Click next.
- Specify the network location where you want this certificate request to be saved. Click finish.
After you’ve saved the certificate request, submit the request to your certificate authority (CA). This can be an internal CA or a third-party CA, depending on your organization. Clients that connect to the Client Access server must trust the CA that you use. After you receive the certificate from the CA, complete the following steps:
- On the Server > Certificates page in the EAC, select the certificate request you created in the previous steps.
- In the certificate request details pane, click Complete under Status.
- On the complete pending request page, specify the path to the SSL certificate file and then click ok.
- Select the new certificate you just added, and then click the edit icon.
- On the certificate page, click Services.
- Select the services you want to assign to this certificate. At minimum, you should select SMTP and IIS. Click save.
- If you receive the warning Overwrite the existing default SMTP certificate?, click ok.
To verify that you have successfully added a new certificate, do the following:
- In the EAC, go to Servers > Certificates.
- Select the new certificate and then, in the certificate details pane, verify that the following are true:
- Status shows Valid
- Assigned to services shows IIS and SMTP
After you’ve chosen your external FQDNs and installed your certificate, you need to configure the external FQDNs on the Client Access server’s virtual directories and then configure your domain name service (DNS) records.
If you didn’t configure the external Client Access FQDN during setup, you’ll need to configure the external URL of each virtual directory on the Internet-facing Client Access server. If you did configure the external Client Access FQDN during setup, you can use the steps below to verify that the FQDN has been correctly set on each virtual directory or skip to the DNS record configuration below.
- Open the EAC by browsing to https://<FQDN of Client Access server>/ECP.
- Enter your username and password in Domain\user name and Password and then click sign in.
- Go to Servers > Virtual Directories.
- In the Select server field, select the Internet-facing Client Access server.
- For each virtual directory that’s shown (except the Autodiscover virtual directory), click the edit icon. In each virtual directory, do the following:
- Copy the value in the Internal URL field into the External URL field.
- In the External URL field, replace the internal FQDN of the Client Access server with the externally accessible FQDN. For example, if the internal FQDN of the Exchange Web Services (EWS) virtual directory is https://cas02.contoso.com/EWS/Exchange.asmx, set the External URL field to https://mail.contoso.com/EWS/Exchange.asmx.
- Click save.
- Repeat the above steps for each virtual directory shown in the list.
- Go to Servers > Servers, select the name of the Internet-facing Client Access server and then click the edit icon.
- Click Outlook Anywhere.
- In the Specify the external hostname field, specify the externally accessible FQDN of the Client Access server. For example, mail.contoso.com.
- Click save.
After you’ve configured the external URL on the Client Access server virtual directories, you need to configure DNS records for Autodiscover, Outlook Web App, and mail flow. The DNS records should point to the external IP address of your Internet-facing Client Access server and use the externally accessible FQDNs that you’ve configured on your Client Access server. The following are examples of recommended DNS records that you should create to enable mail flow and external client connectivity.
FQDN | DNS record type | Value |
---|---|---|
Contoso.com | MX | Mail.contoso.com |
Mail.contoso.com | A | 172.16.10.11 |
Owa.contoso.com | A | 172.16.10.11 |
Autodiscover.contoso.com | A | 172.16.10.11 |
To verify that you have successfully configured the external URL on the Client Access server virtual directories, do the following:
- In the EAC, go to Servers > Virtual Directories.
- In the Select server field, select the Internet-facing Client Access server.
- Select a virtual directory and then, in the virtual directory details pane, verify that the External URLfield is populated with the correct FQDN and service as shown below:
Virtual directory External URL value Autodiscover No external URL displayed ECP https://mail.contoso.com/ecp EWS https://mail.contoso.com/EWS/Exchange.asmx Microsoft-Server-ActiveSync https://mail.contoso.com/Microsoft-Server-ActiveSync OAB https://mail.contoso.com/OAB OWA https://mail.contoso.com/owa PowerShell http://mail.contoso.com/PowerShell
To verify that you have successfully configured DNS, do the following:
- Open a command prompt and run
nslookup.exe
. - In
nslookup
, look up the A record of each FQDN you created. Verify that the IP address that’s returned for each FQDN is correct. - In
nslookup
, typeset type=mx
and then look up the accepted domain you added in Step 1. Verify that the value returned matches the FQDN of the Client Access server.
In Exchange 2013 Preview, you need to configure the Internet Information Service (IIS) authentication methods that Outlook Anywhere uses for external clients.
- On the Client Access server, open the Exchange Management Shell.
- Add Basic as an available authentication method to the Outlook Anywhere virtual directory on the Internet-facing Client Access server:
Set-OutlookAnywhere "<Client Access server name>\RPC (Default Web Site)" -IISAuthenticationMethods Basic, Ntlm, Negotiate
- Repeat the above command for any other Internet-facing Client Access servers in the organization.
- Either restart the Microsoft Exchange Service Hostservice using the following commands on each server you modified in the previous step or wait 15 minutes for Exchange to update its configuration:
Net stop MSExchangeServiceHost
Net start MSExchangeServiceHost
To verify that you’ve properly set the IIS authentication methods on all Internet-facing Client Access servers, do the following:
- Open the Exchange Management Shell.
- Run the following command:
Get-OutlookAnywhere | Format-Table ServerName, IISAuthenticationMethods
Verify that for each Internet-facing Client Access server that’s returned that the IISAuthenticationMethods property is set to Basic, Ntlm, Negotiate
.
To verify that you have configured mail flow and external client access, do the following:
- In Outlook, on an ActiveSync device, or on both, create a new profile. Verify that Outlook or the mobile device successfully creates the new profile.
- In Outlook, or on the mobile device, send a new message to an external recipient. Verify the external recipient receives the message.
- In the external recipient’s mailbox, reply to the message you just sent from the Exchange mailbox. Verify the Exchange mailbox receives the message.
- Go to https://owa.contoso.com/owa and verify that there are no certificate warnings.
Verify an Exchange 2013 Installation
Topic Last Modified: 2012-07-06
After you install Microsoft Exchange Server 2013 Preview, we recommend that you verify the installation by running the Get-ExchangeServer cmdlet and by reviewing the setup log file. If the setup process fails or errors occur during installation, you can use the setup log file to track down the source of the problem.
To verify that Exchange 2013 Preview installed successfully, run the Get-ExchangeServer cmdlet in the Exchange Management Shell. A list is displayed of all Exchange 2013 Preview server roles that are installed on the specified server when this cmdlet is run.
For detailed syntax and parameter information, see Get-ExchangeServer.
You can also learn more about the installation and configuration of Exchange 2013 Preview by reviewing the setup log file created during the setup process.
During installation, Exchange Setup logs events in the Application log of Event Viewer on computers that are running Windows Server 2008 R2 with Service Pack 1 (SP1) and Windows Server 2012. Review the Application log, and make sure there are no warning or error messages related to Exchange setup. These log files contain a history of each action that the system takes during Exchange 2013 Preview setup and any errors that may have occurred. By default, the logging method is set to Verbose
. Information is available for each installed server role.
You can find the setup log file at <system drive>\ExchangeSetupLogs\ExchangeSetup.log. The <system drive> variable represents the root directory of the drive where the operating system is installed.
The setup log file tracks the progress of every task that is performed during the Exchange 2013 Preview installation and configuration. The file contains information about the status of the prerequisite and system readiness checks that are performed before installation starts, the application installation progress, and the configuration changes that are made to the system. Check this log file to verify that the server roles were installed as expected.
We recommend that you start your review of the setup log file by searching for any errors. If you find an entry that indicates that an error occurred, read the associated text to determine the cause of the error.
Courtsey microsoft websites.
http://technet.microsoft.com/en-us/library/jj218640(v=exchg.150)
http://technet.microsoft.com/en-us/library/bb125254(v=exchg.150)
http://technet.microsoft.com/en-us/library/bb124397(v=exchg.150)
http://technet.microsoft.com/en-us/library/bb124778(v=exchg.150)
http://technet.microsoft.com/en-us/library/bb125224(v=exchg.150)
http://technet.microsoft.com/en-us/library/jj150540(EXCHG.150).aspx#BKMK_Share
http://technet.microsoft.com/en-us/library/dd298026(EXCHG.150).aspx
http://postmaster.ge/blog/post/Did-you-try-it-Exchange-Server-2013-New-installer-is-Awesome!.aspx
http://blogs.technet.com/b/nawar/archive/2012/07/16/exchange-server-2013-what-s-new.aspx