MsExchange Blog Spot Telnet25

August 22, 2013

How to Configure Exchange 2010 Self Certificate Part 3

Filed under: General — telnet25 @ 2:36 am
  • Now open your Exchange 2010 Server EMC
  • Go to Server Configuration , make right click
  • Select "new Exchange Certificate"

clip_image001

Give it a name like,

Exchange 2010 CR Request

clip_image002

Click next

clip_image003

Now on this page let me elaborate bit more, in our scenario we won’t have any access from internet so all configuration changes we will be doing are INTERNAL. That being said if this would be real time scenario the process would be the same as you would consider to use outside names to access these resources such as mail.YourCompnay.com or outlook.YourCompany.com

Internal Server names DO NOT NEED TO BE on the certificate normally , Unless you can think of some good reason.

We will use two name spaces

Mail.ztekzone.com and Webmail.ztekzone.com , in internal DNS servers we will add A records to point these resources

Any Exchange server we like. The purpose of having different name space is to keep control of internal mail related resources and segregate them from outside ( Different path, different HLB servers etc.)

clip_image004

clip_image005

The last option is Legacy , if you were to perform migration from legacy versions of Exchange servers this is what you would select here for the proper name space to be able to distinguish Exchange services and proxy them back to legacy servers in Co-Existence scenarios . ( you leave this blank if this is wont pertain to you)

clip_image006

Now on this page make sure your common name set it correctly

Fill out the blanks per your reference

clip_image007

clip_image008

clip_image009

clip_image010

Click Finish now you can see you have pending request

clip_image011

Here is our file

clip_image012

In Part 3 we will put all together

clip_image013

Here is OWA and SSL connection is established  with no  issues

clip_image014

Respectfully,

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

August 21, 2013

How to Configure Exchange 2010 Self Certificate Part 2

Filed under: General — telnet25 @ 7:49 pm
  • Now open your Exchange 2010 Server EMC
  • Go to Server Configuration , make right click
  • Select "new Exchange Certificate"

clip_image001

Give it a name like,  Exchange 2010 CR Request

clip_image002

Click next

clip_image003

Now on this page let me elaborate bit more, in our scenario we won’t have any access from internet so all configuration changes we will be doing are INTERNAL. That being said if this would be real time scenario the process would be the same as you would consider to use outside names to access these resources such as mail.YourCompany.com or outlook.YourCompany.com

Internal Server names DO NOT NEED TO BE on the certificate normally , Unless you can think of some other good reason.

We will use two name spaces

Mail.ztekzone.com and Webmail.ztekzone.com , in internal DNS servers we will add A records to point these resources

Any Exchange server we like. The purpose of having different name space is to keep control of internal mail related resources and segregate them from outside ( Different path, different HLB servers etc.)

clip_image004

clip_image005

The last option is Legacy , if you were to perform migration from legacy versions of Exchange servers this is what you would select here for the proper name space to be able to distinguish Exchange services and proxy them back to legacy servers in Co-Existence scenarios . ( you leave this blank if this is wont pertain to you)

clip_image006

Now on this page make sure your common name set it correctly

Fill out the blanks per your reference or needs.

clip_image007

clip_image008

clip_image009

clip_image010

Click Finish now you can see you have pending request

clip_image011

Here is our file

clip_image012

In Part 3 we will put all together

Respectfully,

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

How to Configure Exchange 2010 Self Certificate Part#1

Filed under: General — telnet25 @ 6:59 pm

We will configure Exchange 2010 Self Certificate to be used in our LAB , the LAB Environment we will be performing several tasks , including configuring your own certificate authority and creating CR from exchange 2010 servers are part of our goal on this article.

We will at the end install the local certificate and I will show you how to import that into your own laptops etc. to avoid seeing certificate is not trusted warning. The steps you would do are same if you were the AD engineer to manage internal CA authority for your internal usage.

  • Windows 2008 R2 Forest/Domain
  • DC1 ( Domain Controller, Certificate authority server)
  • E1 ( Exchange 2010 , Multi Role DAG member)
  • E2 ( Exchange 2010 , Multi Role DAG member)
  • Windows 7 Workstation ( Domain member)

Working Steps:

  1. Install Certificate authority on the Domain Controller for your domain

Open Server manager, by typing Servermanager.msc

Roles, add roles,

clip_image001

clip_image002

Select Active Directory Certificate Services

clip_image003

Click Next

When it is asked select add required roles and click next when you ready

clip_image004

Enterprise

clip_image005

Root CA

clip_image006

Create a new Private key

clip_image007

Click next ( don’t need to change anything here)

clip_image008

Click next

clip_image009

Click next ( 5 years is good enough normally adjust if you like )

clip_image010

Click next ( pay attention here where will have the databases) if this was production implementation you would certainly

Take a note of this directory

clip_image011

Next

clip_image012

Next

clip_image013

Finally Install

clip_image014

Now open IIS on the same ( server) click start and type "Inetmgr " hit enter.

clip_image015

Expand default website and locate directory called " CerSrv" on the right pane, click on "Browse"

clip_image016

Now you may want to add this into Bookmark of your browser

clip_image017

Part 2 we will generate certificate request from Exchange 2010 servers

Respectfully,

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

August 14, 2013

Exchange 2010 Create Database Script

Filed under: General — telnet25 @ 1:18 pm

If you like to create Exchange 2010 database here is real simple script will help you or your helpdesk to get the work done.

Simply run the script and fallow the directions, enjoy.

#========================================================================
# Created with: NotePad
# Created on:   8/1/2013 9:21 AM
# Created by:   Oz Casey Dedeal
# Organization: ZTEKzone
# Filename:     ZTEKzone_Create_MBDataBase_V2.ps1
#========================================================================

Write-Host `tZTEKzone Create DataBase Script.`n -Fore Red;start-Sleep -Seconds 1
Write-Host `t We will need to mount the DB after creating it.`n -Fore Yellow;start-Sleep -Seconds 1
Write-Host `t  You need to be assigned permissions before you can perform this procedure or procedures.`n -Fore Magenta;start-Sleep -Seconds 1
# This is Where we Provide More Details
$SName = read-host "Enter The Name for DB Server, like ( e1 ) "
$DBName = read-host "Enter The Name for Your Database, like ( db15 ) "
$EDbfp = read-host "Enter The DB Path , like ( E:\DatabaseFiles\MP1\ )"
$Lfp= read-host "Enter Log Path for Recovery , like ( E:\LogFiles\MP1\ )"

New-MailboxDatabase -Name $DBName -Server $SName -EdbFilePath "$EDbfp\$DBName\$DBName.edb" -LogFolderPath "$Lfp\$DBname.logs"

Write-Host `tI will mount the DB now .`n -Fore Yellow;start-Sleep -Seconds 2
Get-MailboxDatabase $DBName | Mount-Database
Write-Host `tHang on I am working on it.`n -Fore Yellow;start-Sleep -Seconds 3

# We are done
Write-Host `tI am done now.`n -Fore Red;start-Sleep -Seconds 1
Write-Host `tUse Get-Help -Examples.`n -Fore Yellow;start-Sleep -Seconds 1
Write-Host `tTo Learn More About PowerShell.`n -Fore Red;start-Sleep -Seconds 1
Write-Host `tUse Get-Help -get-MailBox -Examples.`n -Fore Yellow;start-Sleep -Seconds 1

Get-MailboxDatabase $DBName | Mount-Database

#Write-Host `tI am done now. I will list the databases and provide some information`n -Fore Red;start-Sleep -Seconds 4
#Get-MailboxDatabase -Status | select ServerName,Name,Mounted
Write-Host `tWe are done, we will exist now!!!.`n -Fore Yellow;start-Sleep -Seconds 1

Download the script from here

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
https://telnet25.wordpress.com/ (Blog)

 

Blog at WordPress.com.