search
Categories
Sponsors
VirtualMetric Hyper-V Monitoring, Hyper-V Reporting
Archive
Blogroll

Badges
MCSE
Community

Cozumpark Bilisim Portali
Hosted Exchange 2010 Setup Guide – Part 5
Posted in Exchange Server | 32 Comments | 36,612 views | 01/09/2010 21:30

Last parts of guide, I configured Exchange server roles. We have 2 Mailbox + CAS Servers and 2 Hub Transport servers. I made load balanced CAS servers and Hub Transport server with Citrix Netscaler Hardware Load Balancer. Now this part I’ll configure CAS arrays, IMAP, POP and SMTP services. Also I’ll show you configuration of Forefront Protection 2010 for Exchange Server.

First of all, go to EXCAS01 and create a new CAS array.

New-ClientAccessArray -Fqdn "exchange.radore.com.tr" -Site "Default-First-Site-Name"

See Client Access Array:

Get-ClientAccessArray | fl *

Assign DAG databases to new Client Access Array:

Get-MailboxDatabase | Set-MailboxDatabase -RPCClientAccessServer “exchange.radore.com.tr”

Okay, we created our CAS array and assigned a database to it. Now we should configure POP and IMAP settings for client access.

Go to EXCAS01 and set Pop settings:

Set-PopSettings -LoginType PlainTextLogin
Set-PopSettings -ExternalConnectionSettings 'exchange.radore.com.tr:995:SSL','exchange.radore.com.tr:110:TLS'

See POP settings:

Get-POPSettings | fl *

Set IMAP settings:

Set-ImapSettings -LoginType PlainTextLogin
Set-ImapSettings -ExternalConnectionSettings 'exchange.radore.com.tr:993:SSL','exchange.radore.com.tr:143:TLS'

See IMAP settings:

We use PlainTextLogin because you can’t get Authenticated with SecureLogin in Hosted Exchange environment. So you should use PlainTextLogin. But don’t worry, we use Citrix Netscaler to secure connection.

Also we should configure Outlook access. First install RPC over HTTP:

ServerManagerCmd -i RPC-over-HTTP-proxy

Then configure Outlook Anywhere:

Enable-OutlookAnywhere -ExternalHostname exchange.radore.com.tr -DefaultAuthenticationMethod:Basic -SSLOffloading $False

You can see your Outlook Anywhere configuration:

Get-OutlookAnywhere | fl *

You should change Autodiscover External URL:

Set-AutodiscoverVirtualDirectory -Identity 'autodiscover (default Web site)' -ExternalURL 'https://exchange.radore.com.tr/autodiscover' -InternalURL 'https://exchange.radore.com.tr/autodiscover' -BasicAuthentication $true

Change OAB virtual directory external URL:

Set-OABVirtualDirectory -Identity "EXCAS01\OAB (Default Web Site)" -ExternalUrl 'https://exchange.radore.com.tr/OAB' -InternalURL 'https://exchange.radore.com.tr/OAB' -BasicAuthentication $true

Change Web services virtual directory external URL:

Set-WebServicesVirtualDirectory -Identity "EXCAS01\EWS (default Web site)" -BasicAuthentication $true -ExternalUrl 'https://exchange.radore.com.tr/EWS/exchange.asmx' -InternalUrl 'https://exchange.radore.com.tr/EWS/exchange.asmx'

We finished changes on POP, IMAP and Outlook Anywhere. Don’t forget to do same steps on EXCAS02. Now it’s time to configure SMTP. Now go back to EXGW01 and EXGW02.

Configure EXGW01 Receive Connector for Outlook Authentication:

Get-ReceiveConnector 'EXGW01\EXGW01 SMTP' | Set-ReceiveConnector -PermissionGroups 'AnonymousUsers','ExchangeUsers','ExchangeServers'

Also configure Inbound SMTP Array for Outlook Authentication:

Get-ReceiveConnector 'EXGW01\Inbound SMTP Array' | Set-ReceiveConnector -PermissionGroups 'AnonymousUsers','ExchangeUsers','ExchangeServers'

Configure Encryption on Receive Connectors:

Get-ReceiveConnector 'EXGW01\EXGW01 SMTP' | Set-ReceiveConnector -AuthMechanism 'Tls','Integrated','BasicAuth'
Get-ReceiveConnector 'EXGW01\Inbound SMTP Array' | Set-ReceiveConnector -AuthMechanism 'Tls','Integrated','BasicAuth'

Also you should change binded ip address of Inbound SMTP Array.
But first you should remove old ones:

Get-ReceiveConnector 'EXGW01\Default *' | Remove-ReceiveConnector
Get-ReceiveConnector 'EXGW02\Default *' | Remove-ReceiveConnector
Get-ReceiveConnector 'EXGW01\Client *' | Remove-ReceiveConnector
Get-ReceiveConnector 'EXGW02\Client *' | Remove-ReceiveConnector

Now see the Receive Connectors:

Get-ReceiveConnector | fl *

Get-ReceiveConnector 'EXGW01\Inbound SMTP Array' | Set-ReceiveConnector -Bindings '0.0.0.0:25','0.0.0.0:587'

Do same thing for EXGW02:

Get-ReceiveConnector 'EXGW02\Inbound SMTP Array' | Set-ReceiveConnector -Bindings '0.0.0.0:25','0.0.0.0:587'

Now lets check again:

Get-ReceiveConnector | fl *

Go back to Citrix Netscaler and configure services for IMAP, POP and RPC:

Also configure virtual servers:

Be sure to choose SOURCEIP for load balancing. After this, you can start to test POP3 and IMAP connection via Outlook. You shouldn’t choose any encryption method like TLS or SSL because of Hosted Exchange AD structure. Now I’ll show you how to configure Forefront Protection 2010. I installed Forefront on EXGW01 and EXGW02.

Enable connection filtering:

Enable DNSBL checking:

Enable SenderID and leave “Stamp header” option:

Enable Sender Filter:

Enable Receipent Filtering:

Enable Backscatter:

Enable Content Filter:

Configure SCL:

You can leave default other options and services of Forefront Protection. I finished this part. Next part, I’ll show you how to create organizations and users. But if you did exact same steps with me, that means you have a fully working Hosted Exchange 2010.


Comments (32)

Yusuf Ozturk » Hosted Exchange 2010 Setup Guide – Part 4

September 3rd, 2010
22:49:12

[…] Please continue with Part 2: http://www.yusufozturk.info/exchange-server/hosted-exchange-2010-setup-guide-part-5.html […]


Klaus

September 10th, 2010
12:43:57

Hi Yusuf,

thanks for the good explanation and guide. do you know where i can find the part of creating customers and adresslists etc. ? as you mentioned at the end of part 2 it will follow in part 3.

regards,
Klaus


Manny

September 27th, 2010
17:45:23

Yusuf,
This guide was great. Thanks. Do you have a link to the next part you mentioned on creating organizations and users?


admin

September 28th, 2010
23:40:43

Hello Manny and Klaus,

Thank you for your feedbacks. I’ll post them in a week. There are so much details to write :)


Kaj

October 3rd, 2010
03:51:03

Hello Yusuf,

Great guide, thanks for the effort of making it! I learned a lot by reading it.

And thanks in advance for the next part of creating OU’s and users.

Greetings,
Kaj


admin

October 3rd, 2010
20:34:02

Thank you so much Kaj :)

Part 6 will be about “How to backup with DPM 2010” and “Forefront 2010 TMG Configuration”.

Then at the Part 7, I’ll talk about how to create organizations, plans etc.

I’m working on screenshots right now.


Tamer

October 5th, 2010
15:16:55

Slm Yusuf,

Nice doc! msgr var mi sende? Bazen konusuruz.

Tamer


Donnie

October 13th, 2010
22:04:00

Great job. Any update on part 6 and 7?


Donnie

October 14th, 2010
06:16:07

Also what about setting up Forefront Online Protection for Exchange?


Donnie

October 14th, 2010
06:17:38

And installing Update Rollup 1 for Exchange Server 2010


admin

October 15th, 2010
15:23:35

Thank you Donnie.
The problem is, I left my job. I am transfered by another hosting company. I have to build hosted exchange environment again. That’s why I couldn’t write next parts. But I want to finish articles.


admin

October 15th, 2010
15:27:40

Also to update rollup 1, you should be careful. Because of DAG configuration, you can’t update rollup with windows update. The best way is, install rollup update before DAG configuration. Then install DAG. But if you made so far, you should check technet articles about how to install rollup updates on DAG.


admin

October 15th, 2010
15:31:29

Also because of there is no public folders support, we should install Sharepoint. I’m planing to write about it too, because it’s important. Customers need something like public folders. Also to share their calender, they will need sharepoint.


Donnie

October 19th, 2010
17:11:16

Send me a email. I Have a demo environment setup with your writeup that you can use to finsish writing this.


James

November 1st, 2010
17:55:37

Awesome stuff!!! Any updates??? We are dieing to see what’s next. Cheers.


Ashik

November 3rd, 2010
12:09:45

Any update on part 6 and 7.


Jason

November 3rd, 2010
13:46:15

Thanks so much for this guide! You’re awesome!!!


Ahmed

November 24th, 2010
19:08:58

Thank you very much about the wonderful explanation


Alex

May 13th, 2011
13:23:07

I have installed Exchange in hosting mode as you write there, but now it’s not working with windows xp with any versions of Microsoft outlook (can’t connect to resolve account name and pass). It’s good working with windows 7 and passed all tests from testexchangeconnectivity.com. Any ideas about this?


Alex

May 13th, 2011
13:28:30

And problem is in the netscaler – all good working when publish directly either of the two exchange servers


admin

May 16th, 2011
07:10:54

Hi Alex,

I didn’t understand well. If you don’t use Citrix or if you just add one server to the Virtual Servers Pool, then you can connect via Windows XP?

I haven’t tested it with Windows XP. Your XP has latest updates like CredSSP fix etc.?

Yusuf


Alex

May 18th, 2011
11:16:44

XP sp3 with latest updates. If I publish netscaler through ISA its good working on Win 7 but not working on Win XP. But if I publish directly one of two exchange servers (with CAS role & Outlook anywhere enabled) its working fine with both operating systems


John Benson

May 19th, 2011
11:58:39

Great articles, but am desperate for parts 6 & 7. Is there any way you could complete these please? Thanks :-)


Ahmed el-hoseny

May 23rd, 2011
15:32:37

thank u Yusuf for your big effort we wait more


Jatinderr Kumar

June 25th, 2011
12:19:57

DearYusuf,
i followed your stpes.. how can i check Outlook anywhere working and secondly what kind of ssl certificate do i need for other tenants to work, that said we have tenants with total different FQDN not the sub domains.. some registered with us some they own the registration.
Please help
and this doc is really GREAT>>>>>>>>>>>>>>


admin

June 30th, 2011
23:22:37

Hi,

Hosted Exchange 2010 SP1 Configuration Tool is released. You can check it.

http://www.yusufozturk.info/exchange-server/hosted-exchange-2010-sp1-configuration-tool.html

Consider this as a part 6 :) Sorry for that guys.

Yusuf.


bp

October 24th, 2011
09:01:43

I’ve got a test environment with 1 CAS, 2 MB, 2 DCs (both GC) and 2 Hubs. Outlook anywhere can’t connect to port 6004 NSPI interface on the MB servers.

netstat -an |Select-String 600 reveals that only port 6001 is listening on the MB servers, no port 6004. However on both GCs port 6004 is listening.

Anything special that needs to be done to get the MB servers listening on 6004? Or is it a configuration problem that they are looking at MB servers for NSPI, should they be going to the DCs instead?


admin

October 24th, 2011
09:21:24

Hi BP,

Yes, you need GC servers to make it work. Is there any firewall between MB and DC servers? If MB and DC can’t talk properly, then Outlook Anywhere will fail. If you do same steps as articles, then there won’t be any configuration problem.

Yusuf.


bp

October 24th, 2011
09:56:52

Basically it turned out to be the old ID10T error, I was trying to manually configure an Outlook profile where I manually specified the mailbox server as “Exchange Server” with CAS only as the proxy server. I was doing this becuase that is how I had done it in 2007, and I hadn’t bothered to set up Autodiscover with a redirect. Once I got that set up, everything worked fine (since I had followed your articles, thanks for that), and I realized in Ex2010 the CAS is the one that is used for everything in Outlook.

Thanks for the quick response too! :D Keep up the good work!


Artiq

May 9th, 2012
13:20:46

in my environment i have deployed same but i am using TMG2010 owa pulishing sussess but RPC over HTTP not working & yahoo, msn & other internet doamin not working


Artiq

May 23rd, 2012
16:12:21

Thanks for providing very good guide.
everything is working fine, can you please tell me about how i receive emails for Organizations?

Refards
Artiq


Alex Bolla

June 14th, 2012
15:23:36

Hello Yusuf,
I am looking for info on how to add organizations to my hosted Exchange 2010 that has already been setup w/ the /hosting switch. Can you point me in the right direction?



Leave a Reply