Installing Exchange Server 2016
Below are steps to build an all-in-one Windows Server 2012 R2/2016 Domain Controller and Exchange Server 2016; handy for lab environments. For production, both the Domain Controller and Exchange roles should be on separate server.
Important: Install any available Windows Updates prior to commencing the installation. For Windows Server 2016, you will need Exchange Server CU3 or greater.
- Preparing Schema for Exchange Server:
Log in as Domain Admin and launch a PowerShell session with elevated privileges, change to the directory to the drive letter\path of the installation media. Then run the following command to prepare the Active Directory Schema:
- Prepare Active Directory for Exchange 2016:
Run the following command to prepare the Active Directory:
.\setup /PrepareAD /OrganizationName:Magrin /IAcceptExchangeServerLicenseTerms
Important: This will create the required Exchange containers in Active Directory. Please replace “Magrin” with the name of your organization.
- Prepare Domain for Exchange 2016:
Run the following command to prepare the domain:
- Install pre-requisites for Exchange Server 2016 mailbox and client access server roles:
Launch PowerShell with elevated privileges and run the following PowerShell cmdlet:
For Windows Server 2012/R2:
Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation
For Windows Server 2016:
Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS
This will add all necessary roles and features. Restart Windows when prompted.
For Windows Server 2012/R2 only, install .NET Framework 4.5
For both 2012/R2 and 2016, install the Unified Communications Managed API 4.0 Core Runtime 64-bit component
- Installing Exchange Server 2016:
Using either the RTM or a CU release of Exchange, run setup.exe and select the following options:
- Check for Updates, No > Next
- Introduction > Next
- License Agreement. Agree > Next
- Recommended Settings, Use recommended settings > Next
- Server Role Selection, 'Mailbox role' and 'Automatically install Windows Server roles...' > Next
- Installation Space and Location, modify if required > Next
- Malware Protection Settings, Disable malware scanning > No > Next
- Readiness Checks, read, acknowledge and accept > Install
- Setup Progress...
Restart Windows when the installer has finished. Create an MX record for the server in DNS and a Sender Policy Framework (SPF) TXT record. In my example, I am permitting my ISP’s smart host as a trusted sender:
Important: Verify that the host is using itself as a primary and only DNS (127.0.0.1). Leave the default gateway set to the router/modem.
- Access the Exchange Control Pane (ECP):
https://localhost/ecp/
Before you can receive incoming email, you will need to create a Receiving Connector under Exchange admin center > Mail Flow > receive connectors. Open the default and under 'scope' add the server IP address:25 > Save
- Enabling IMAPS and SMTP connectors:
Run the following cmdlets in Exchange PowerShell to create an IMAPS connector:
Set-ImapSettings -ExternalConnectionSettings {ex1.magrin.one:993:SSL} Set-ReceiveConnector -identity "ex1\Default Frontend ex1" -FQDN ex1.magrin.one -AdvertiseClientSettings $True -PermissionGroups exchangeusers Set-ReceiveConnector -identity "ex1\Default Frontend ex1" -FQDN ex1.magrin.one -AuthMechanism Tls, Integrated, BasicAuth, BasicAuthRequireTLS
Restart IIS service for the changes to take affect:
iisreset
Verify that the Exchange IMAP-based services have restarted and running.
Now create a send connector under ECP > mail flow > send connectors. For 'SMTP', use * if you are the primary SMTP or specify a smart host if you are routing though another upstream mail transfer agent (MTA).
To onboard users, add their accounts in AD and add them as mailbox users via ECP.
- Accessing Outlook Web Access (OWA):
Username: MAGRIN\user
Password: AD account password