Install the Exchange 2010 Management Tools on Administrator workstation Command line ( win7 X64)

This article will help to configure Install the Exchange 2010 Management Tools on Administrator workstation windows 7 X64. We will not use GUI option , rather will accomplish the task from command line. Once you get use to install Exchange from command line you will notice , it is a lot easier (-:

First step is to install pre-requisite on the administrator workstation, here is the list

You can install the Exchange 2010 management tools on the following Windows operating systems:

• Windows 7
• Windows Vista with Service Pack 2 (SP2)
• Windows Server 2008 SP2
• Windows Server 2008 R2

On the administrator workstation

Click start type and hit enter.

appwiz.cpl

Click on Turn windows features on or off and make sure fallowing futures has been selected.

• 1. IIS 6 Management Compatibility
• 2. IIS Metabase and IIS 6 configuration compatibility
• 3. .Net Framework

After this close the window. Insert Exchange 2010 Sp3 install CD on your workstation or drill down to binaries

Open CMD with administrator privileges

Drill down to Exchange 2010 Sp3 binaries directory

Type fallowing

Setup.com /R:MT

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Install Active Directory Module Remote Server Administration Windows 7 & 8

We will configure and run PS scripts to manage Active Directory on Win 07 or Win 08 administrator machine and Our Active directory contains least one Win08 R2 domain controller.

Download install proper update for your management computer.

• Install KB28972 ( win08 X64)
• Install 7887 ( Win07 X64)

Remote Server Administration Tools > Role Administration Tools > AD DS and AD LDS Tools > Active Directory Module for Windows PowerShell

Now we would like to add the PS command into our Profile

Import-Module ActiveDirectory

Open your PS profile

If you do not have one create with this PS command

New-Item -path $profile -type file –force

Copy and paste this PS code in there and save it

$Shell = $Host.UI.RawUI $Shell.WindowTitle=”E15 PowerWay” $Shell.BackgroundColor=”Black” $Shell.ForegroundColor=”White” $size = $Shell.WindowSize $size.width=125 $size.height=50 $Shell.WindowSize = $size $size.width=110 $size.height=300 Import-Module ActiveDirectory Set-Location C:\admin\Scripts

Adjust the colors and the script folder location based on your preference.

Now we are ready to use AD Module to manage active directory. to see all available cmdlets by typing get-command

Resource:

http://technet.microsoft.com/en-us/library/ee617195.aspx

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Step-by-Step Guide for Configuring Windows Server 2012 Domain Controller into existing widows 2008 R2 Forest/Domain with PowerShell

Goal: we will promote our first Windows 2012 domain controller into existing Forest/Domain by using PowerShell installation option. .Please make sure you have tested your application as this will update the schema versions.

http://support.microsoft.com/kb/556086

Forest/Domain name	ZtekZone.com
Applications	Exchange 2010

Step#1

Install Windows 2012 Server and log in log on to server with administer privileges

Step#2

Open PS and rename the Server

Rename-Computer ComputerName

Step#3

Disable IPV6 ( easiest way to use GUI )

PS type

ncpa.cpl

Step#4

Configure Static IP Address ( change the IP address and SM to fit into your scenario)

New-NetIPAddress -IPAddress 10.10.10.101 -InterfaceAlias "Ethernet" -DefaultGateway 10.10.10.1 -AddressFamily IPv4 -PrefixLength 24

Step#5

Set DNS server on the TCP/IP 4 Interface

Add-Computer -DomainName ZtekZone.com

Step#6

You will need to reboot the Server at this point since we re-named the server

ShutDown –r –t 3

After reboot add the server into existing domain

Step#7

Add-Computer –DomainName ZtekZone.com

Step#8

ShutDown –r –t 3

Log back into the server, now server has been added to existing domain , A record for this server has been registered into DNS database, this is just cleaner way of getting ready to promote the server to be the domain controller.

Step#9

Get-windowsfeature AD-Domain-Services

Step#10

install-windowsfeature –Name AD-Domain-Services

Now on the Server C ( root) make folder called scripts and change the directory to there , you need to place the install script

In this directory and below is sample script. You can customize the PS script to fit into your scenario.

Save the script as PS script , give it any name you like, I named this one as…….

“Install_Win2012_domain_Controller.ps1”

Step#11

# You also make sure the site name is correct based on your scenario # You can change .dit & sysvol, and logs locations based on your install preference # Credits goes to blogs.technet.com/b/askpfeplat/ # archive/2012/09/06/introducing-the-first-windows-server-2012-domain-controller-part-2-of-2.aspx Import-Module ADDSDeployment Install-ADDSDomainController ` -NoGlobalCatalog:$false ` -CreateDnsDelegation:$false ` -CriticalReplicationOnly:$false ` -DatabasePath "C:\Windows\NTDS" ` -DomainName "ZtekZone.com" ` -InstallDns:$true ` -LogPath "C:\Windows\NTDS" ` -NoRebootOnCompletion:$false ` -SiteName "Site-1" ` -SysvolPath "C:\Windows\SYSVOL" ` -Force:$true # End

Step#12

Check the execution policy and set it to Remote sign

Set-ExecutionPolicy RemoteSigned –Force

Step#13

Now it is time to run the script

Install_Win2012_domain_Controller.ps1

Updating Schema

Server will reboot at this point log back in and open site and services

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Installing Exchange 2010 from command Line ( Unattended install )

 

If you are wanting to install Exchange 2010 server from command line here is nice and easy steps for you to get the work done.

Environment:

• Single Forest & Single Domain
• Windows 2008 R2 ( domain Joined )

Log into Exchange server ( candidate) open PowerShell with administrator privileges

sc.exe config NetTcpPortSharing start= auto

Step#1

Step#2

Open PS drill down to E210 install binaries ( this is either in the cd-room drive or in the folder, depending on your setup, in my case the install CD is inserted in CD room D:

From this directory move into scripts folder directory, this is inside the install CD

ServerManagerCMD -ip Exchange-typical.xml –restart

*** Ignore server manager depreciated etc.*** Note –restart will restart the server after install and server needs to have internet access for downloading files.

After server reboots and you get back on it open CMD on the server with administrator privileges

setup /m:install /r:h,c,m,t /TargetDir:"E:\Program Files\Microsoft\Exchange\V14" /Dbfilepath:E:\DatabaseFiles\DB1.edb /Logfolderpath:E:\Logs\DB1 /OrganizationName:ZtekZone

Now let me break this down for you guys

setup /m:install /r:h,c,m,t

This is basic setup it install , hub, cas , Mailbox Server roles and Exchange tools on the server but since we did not specify WHERE to install it will use the default directories where you running the command from ( most likely it will get installed on C drive of the server)

TargetDir:"E:\Program Files\Microsoft\Exchange\V14"

Now We are telling setup do not use the defaults install Exchange in E drive ( I have dedicated disk and labeled as E in my scenario, it will use above path

/Dbfilepath:E:\DatabaseFiles\DB1.edb

This is telling setup to install Database file in E drive and name as DB1.edb

/Logfolderpath:E:\Logs\DB1

This is telling setup put logs for DB1 into E drive under specified directory

/OrganizationName:ZtekZone

Finally this is telling setup to use this Org name since this is first install

If you are installing into existing environment you have to use this switch

/LegacyRoutingServer:ex2003.YourCompany.com

http://technet.microsoft.com/en-us/library/aa997281(v=exchg.141).aspx

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Prepare LAB to install Exchange 15 on your Laptop

will configure our laptop to run “LAB” environment and install Exchange 15 on it. The task will require Laptop with Windows 8 operation system and obviously decent CPU and memory , I have 8 GIG in my laptop and using build in Hyper-V.

• Install windows 2012 Server ( To be domain controller )
• Promote Windows 2012 to be first DC in the LAB forest/Domain
• Install Windows 2012 , join to LAB Forest/Domain as member server
• Install E15
• Install Windows 2008 Host machine to be client PC

The end goal is to connect host PC ( windows 8 in my case ) to VM host Server running on Hyper-V . Once I am able to establish TCP/IP communication I will use RDP from my host PC to connect to my Virtual hosts ( Windows 2012 etc.)

• Physical Host node ( Laptop)
• Virtual Guest node ( VM hosts )

STEP#1 Enable Hyper-V on Physical Host node

If you have not installed Hyper-V future yet go ahead and do it , Open PS and type control

• From control panel , turn Windows features on or off , tick the box says "hyper-V"

Step#2 – Create Internal Switch on Hyper-V Management console

• Open host PC , double click on Hyper-V management console

• Now we will Click on
• Virtual Switch manager

• Select "Internal"
• Click on "Create Virtual Switch"

Give it a name, I am using "internal Network Switch" here to make bit more sense and clear for those who might get confuse.

Remember the end goal is to have Physical host ( laptop) to put into same network as the Virtual guest so they can communicate as long as they have IP addresses from same network and connected to VM Switch.  (-:

Step#3 – Configure the NIC on the host machine ( Physical)

Now if you go to Network connections window on the host PC you will see this adapter "vEthernet (Internal Switch ) " you can re-name this if you like , remember this is the NIC connected to Hyper-V virtual Switch

Now we will configure Static IP on the Virtual NIC which is connected to Virtual Internal Switch in the Hyper-V

Configure Static IP Address on the Virtual NIC presented to physical host

Un-tick register this connection in DNS in advance settings

IP: 192.168.1.101 /24

Step#4 – Add a NIC on the Virtual guest machine and configure it

Now in my case I already have NIC configured for the Vm Host and I will add second NIC to communicate with Host PC NIC by using Hyper-V switch we have created earlier.

I will use fallowing Internal IP

IP: 192.168.1.100 /24

Step#5 Test the configuration and RDP Access

Ping from Host to client

Make sure RDP is allowed on the VM Host PC and try to access it and have fun with your LAB.

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Exchange 2013 Calculator

This has been a long waiting and finally here is the official calculator for Exchange 2013. Thanks for all the hard work put into getting the calculator done, for sure it is a “must” tool we could not leave without …..

Read more on Exchange team blog

http://blogs.technet.com/b/exchange/archive/2013/05/14/released-exchange-2013-server-role-requirements-calculator.aspx

 

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Exchange 2010 Configuring DAG NIC Settings Best Practices.

Here is general guidelines along with MS best practices how to configure NIC card settings when setting up Exchange 2010 DAG servers. Use this as reference for your deployments.

Exchange 2010–Mailbox DAG Network configurations for the purpose of this document we will call

• NIC1= Production (it has DGW configured)
• NIC2=Replication (it does not have DGW, Use NetSH to configure static persistent route)

NIC Binding order = Production NIC is listed first, Replication NIC is second other NIC if available in any order….

 

DAG Members (Network Adaptor Settings)	NIC1 = Production (MAPI Access, Outlook users )	NIC2 = Replication (Seeding and heartbeat purpose)
Client for Microsoft Networks	Enabled	Unchecked
QoS Packet Scheduler	Enabled (Optional )	Optional
File and Printer Sharing for Microsoft Networks	Enabled	Unchecked
Internet Protocol Version 6 (TCP/IP v6)	Enabled (Optional )	Optional
Internet Protocol Version 4 (TCP/IP v4)	Enabled	Enabled
Link-Layer Topology Discovery Mapper I/O Driver	Enabled	Enabled
Link-Layer Topology Discovery Responder	Enabled	Enabled
Register Connection in DNS	Enabled	Unchecked
Default Gateway	Enabled	Disabled (use static routes, with NetSH )
NIC Binding order, ( go to Network Connections, Advance, & Advance Settings , Press ALT key to see the advance settings, Make sure the **replication NIC** is listed on TOP	Listed First	Listed second

Replication NIC Card (Private network)

• · NIC BINDINGS
• · Go to Network Connections
• · Advance
• · Advance Settings
• · Make sure the replication NIC is listed on TOP

NetSH Interface ip show route

DGW = 10.80.3.1 in this example

netsh Interface ipv4 add route 10.80.3.102/32 "inside" 10.80.3.1 store=persistent

To delete any static route

netsh interface ipv4 delete route 10.0.0.0/8 "Internal" 10.0.0.5

See the Static route

netsh interface ip show route

Reset the Interface ( very powerful)

netsh interface tcp reset

 

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Exchange 2013 Sizing guidelines

It has been long time many of us have been waiting for E13 Calculator to design upcoming  messaging deployments and and finally here are the guidelines which will be feed into Official Exchange 2013 when it is available.

I am sure after reading the guidelines your head will spin up (-: you will quickly realize how much we have spoiled to given actual E210 calculator which does all these complicated calculation for us. IMO the calculator is the bible of design and sizing , not fallowing the output or the guidelines will lead to failure in the design.

I like to highlight some of the calculation details here and let you read the read rom Exchange team blog.

First of the most whatever you do you have to consider seriously Jet stressing your predicted design to make sure what is the actual IOPS etc. At the end of the day if the required IOPS are not there , failure will occur , same goes the required amount of memory and CPU per server.

Remember  you have to decide Scale up or Scale out

scaling up (deploying fewer larger servers) and scaling out (deploying a larger number of smaller servers)

The idea behind E15 is simplicity as it was in E2010 , so combining stateless ( CAS ) role MBX not only will make servers counts less to be deployed but also will produce more servers for available services.

• Large IOPS deduction in E15 , where did it came from , the short answer is the trade More memory and CPU resource.
• Exchange 2013 high checkpoint depth on the passive copy = 100MB
• IOPS for a passive copy is about 50 percent of the active copy IOPS in Exchange 2013.
• Exchange server ESE catch plays large part in the reduction of IOPS , in trade off to actual memory, new content indexing , Exchange services also are other tenants.

Turn off CPU Hyperthreading there are potential issues if enabled,

“While modern implementations of simultaneous multithreading (SMT), also known as hyperthreading, can absolutely improve CPU throughput for most applications, the benefits to Exchange 2013 do not outweigh the negative impacts. “

lets keep our fingers crossed Exchange team will make store calculator ready for us in near time, and lets remember their hard work and give them credits they deserve for making our lives easy.

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Internal Names will no longer be Trusted within the Certificates after November 1, 2015

If you are using internal non routable FQDN names such as Server1.smtp25.local, server2.smto25.local, etc.  with in your certificate they are set to be “ not trusted” after November 1 2015.  It means you have to abandon them from your certificate. If you have these none routable internal FQDN;s within your current certificate you may wish to look into how to get them out before November1, 2015.

See more

Subject Alternative Name DNS Name=email.Smtp25.org DNS Name=Server1.Smtp25.local ———> Set to be expired DNS Name=Server2.Smtp25.local———> Set to be expired

After November1, 2015 Certificates for Internal Names Will No Longer Be Trusted

In November 2011, the CA/Browser Forum (CA/B) adopted Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates that took effect on July 1, 2012. These requirements state:

“As of the Effective Date of these Requirements, prior to the issuance of a Certificate with a Subject Alternative Name (SAN) extension or Subject Common Name field containing a Reserved IP Address or Internal Server Name, the CA shall notify the Applicant that the use of such Certificates has been deprecated by the CA / Browser Forum and that the practice will be eliminated by October 2016. Also as of the Effective Date, the CA shall not issue a certificate with an Expiry Date later than 1 November 2015 with a SAN or Subject Common Name field containing a Reserved IP Address or Internal Server Name. As from 1 October 2016, CAs shall revoke all unexpired Certificates.”

https://www.cabforum.org/

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)

Install CU1 Exchange 2013

Here is the link and list of stuff you need to know before kicking off CU1 on Exchange 2013 servers. Nothing is major at first look,  the order to install updates has changed, since the business logic moved into MBX role this time we start from MBX role and go to CAS server,  if CAS is sitting on separate server in your environment.

I think most of deployments in E13 will be all in one and separation will less or not make much sense when rolling the dices.

• Upgrade your Exchange 2013 server roles in the required order. First, upgrade Mailbox servers and then upgrade Client Access servers.
• After you install a cumulative update, you must restart the computer so that changes can be made to the registry and operating system.

http://technet.microsoft.com/en-us/library/jj983803(v=exchg.150).aspx

Open CMD with administrator privileges on the E13 MBX server

run the fallowing command from CU1 binaries directory, the install will take time.

E:\Cu1>setup.exe /M:upgrade /IAcceptExchangeServerLicenseTerms

CU1

http://technet.microsoft.com/en-us/library/jj983803(v=exchg.150).aspx

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

http://smtp25.blogspot.com/
(Blog)

http://telnet25.wordpress.com/
(Blog)