Installing Exchange Server 2016

Below are steps to build an all-in-one Windows Server 2012 R2/2016 Domain Controller and Exchange Server 2016; handy for lab environments. For production, both the Domain Controller and Exchange roles should be on separate server.

Important: Install any available Windows Updates prior to commencing the installation. For Windows Server 2016, you will need Exchange Server CU3 or greater.

  1. Preparing Schema for Exchange Server:

Log in as Domain Admin and launch a PowerShell session with elevated privileges, change to the directory to the drive letter\path of the installation media. Then run the following command to prepare the Active Directory Schema:

.\setup /prepareschema /IAcceptExchangeServerLicenseTerms
  1. Prepare Active Directory for Exchange 2016:

Run the following command to prepare the Active Directory:


.\setup /PrepareAD /OrganizationName:Magrin /IAcceptExchangeServerLicenseTerms

Important: This will create the required Exchange containers in Active Directory. Please replace “Magrin” with the name of your organization.

  1. Prepare Domain for Exchange 2016:

Run the following command to prepare the domain:
 

.\setup /PrepareDomain /IAcceptExchangeServerLicenseTerms
  1. Install pre-requisites for Exchange Server 2016 mailbox and client access server roles:

Launch PowerShell with elevated privileges and run the following PowerShell cmdlet:

For Windows Server 2012/R2:


Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation
 

For Windows Server 2016:


Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

This will add all necessary roles and features. Restart Windows when prompted.

For Windows Server 2012/R2 only, install .NET Framework 4.5

For both 2012/R2 and 2016, install the Unified Communications Managed API 4.0 Core Runtime 64-bit component

  1. Installing Exchange Server 2016:

Using either the RTM or a CU release of Exchange, run setup.exe and select the following options:

  • Check for Updates, No > Next
  • Introduction > Next
  • License Agreement. Agree > Next
  • Recommended Settings, Use recommended settings > Next
  • Server Role Selection, 'Mailbox role' and 'Automatically install Windows Server roles...' > Next
  • Installation Space and Location, modify if required > Next
  • Malware Protection Settings, Disable malware scanning > No > Next
  • Readiness Checks, read, acknowledge and accept > Install
  • Setup Progress...

Restart Windows when the installer has finished. Create an MX record for the server in DNS and a Sender Policy Framework (SPF) TXT record. In my example, I am permitting my ISP’s smart host as a trusted sender:

magrin.com. IN TXT "v=spf mx a include:myisp.com +all"

Important: Verify that the host is using itself as a primary and only DNS (127.0.0.1). Leave the default gateway set to the router/modem.

  1. Access the Exchange Control Pane (ECP):

https://localhost/ecp/

Before you can receive incoming email, you will need to create a Receiving Connector under Exchange admin center > Mail Flow > receive connectors. Open the default and under 'scope' add the server IP address:25 > Save

  1. Enabling IMAPS and SMTP connectors:

Run the following cmdlets in Exchange PowerShell to create an IMAPS connector:

 

Set-ImapSettings -ExternalConnectionSettings {ex1.magrin.one:993:SSL}
 
Set-ReceiveConnector -identity "ex1\Default Frontend ex1" -FQDN ex1.magrin.one -AdvertiseClientSettings $True -PermissionGroups exchangeusers
 
Set-ReceiveConnector -identity "ex1\Default Frontend ex1" -FQDN ex1.magrin.one -AuthMechanism Tls, Integrated, BasicAuth, BasicAuthRequireTLS

Restart IIS service for the changes to take affect: 


iisreset

Verify that the Exchange IMAP-based services have restarted and running.

Now create a send connector under ECP > mail flow > send connectors. For 'SMTP', use * if you are the primary SMTP or specify a smart host if you are routing though another upstream mail transfer agent (MTA).

To onboard users, add their accounts in AD and add them as mailbox users via ECP.

  1. Accessing Outlook Web Access (OWA):

https://localhost/owa

Username: MAGRIN\user
Password: AD account password