Add New User to AD for Exchange

  1. Tools > Active Directory Users and Computers img1

  2. Create New User exchange img2

  3. Password never expires img3

img4

  1. Users > exchange > Right click > Member of > Add Domain Admins, Schema Admins, Enterprise Admins> OK img5

img6

On Echange 2019 Server

  1. Add to DNS DC to server for me its 192.168.1.220

img7

  1. Dont forget disable dhcpv6 and join to domain

img8

img9

  1. Download and Install Net Framework 4.8
https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-8-offline-installer-for-windows-9d23f658-3b97-68ab-d013-aa3c3e7495e0

img10

  1. Download and Install Visual C++ Redistributable Package for Visual Studio 2012
https://www.microsoft.com/en-us/download/details.aspx?id=30679
  1. Download and Install Visual C++ Redistributable Package for Visual Studio 2013
https://support.microsoft.com/en-us/topic/update-for-visual-c-2013-redistributable-package-d8ccd6a5-4e26-c290-517b-8da6cfdf4f10

imgs11

  1. Download and Install Microsoft Unified Communications Managed API 4.0
https://www.microsoft.com/en-us/download/details.aspx?id=34992

imgs12

  1. Restart machine

Install components in Powershell

  1. Next step is to install the Remote Tools Administration Pack. Open Windows PowerShell and run below command.

img13

  1. Open Powershell with Administrator
Install-WindowsFeature Server-Media-Foundation, NET-Framework-45-Core, NET-Framework-45-ASPNET, NET-WCF-HTTP-Activation45, NET-WCF-Pipe-Activation45, NET-WCF-TCP-Activation45, NET-WCF-TCP-PortSharing45, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

img14

  1. Download and Install IIS URL Rewrite.
https://www.iis.net/downloads/microsoft/url-rewrite
  1. Install from disk go to f:\ iso file :
cd f:
.\Setup.EXE /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /PrepareSchema

img15

DC sync

if you have many DC servers you need sync

repadmin /syncall

img16

Back to Exchange Server

.\Setup.EXE /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /PrepareAD /OrganizationName:"dan"

img17

its my site domain 641514.cc for other domain add command :

.\Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /PrepareDomain:641514.cc

Back to DC

  1. you can see change: img18

  2. resync now

repadmin /syncall

img16

Install ISO

Back to Exchange Server and Install iso

now i can run setup.exe > Next : img19

img21

img22

img23

img24

img25

img26

img27

img28

img29

Error its OK (i dont have connect to internet) img30 Done img31

Now test if all ok img32

all ok “true” img33

On DC Add DNS Records

  1. DNS > Server > Forward Lookup Zones > dan.local > New Hosts (A or AAAA) > Add 192.168.1.169 (IP Exchange server) > Add Host img34

  2. Add autodiscover for Outlook img35

  3. DNS > Server > Forward Lookup Zones > dan.local > _tcp > Other New Records > SRV > Create Record img36

  4. Service: _autodiscover > Protocol: _tcp > Port 443 > Host mail.dan.local > Done img37

  5. Done img38

  6. Need Add MX record: img39

Login on Web Admin Exchange Center

  1. Open web browser and write
https://mail.dan.local/ecp

  1. login with exchange account: img40

  2. Set time: img41

  3. Now Need Create address mail policies: img42

  4. mailflow > email address policies > + img43

  5. Click on plus img44

  6. Select your fotmat and click on Save img45

  7. Give to police name local and click Save img46

  8. Warning say i need apply police img47

  9. Apply police img48

  10. Done img49

Move the DB to another disk

  1. First i need create folders DB after in folder LOGS, EDB img50

  2. First I need unmount database img51

  3. Dismount it img52

  4. Done img53

  5. Open Exchange Management Shell > write Get-MailboxDatabase img54

  6. Move database to disk d:

Move-DatabasePath -Identity DB -EdbFilePath d:\DB\EDB\db01.edb -LogFolderPath d:\DB\LOGS

img55

  1. Watch if all OK img56

  2. Now Mount and Done img57

Add User Mail to AD User

  1. recipients > + > Alies: test > Browser > Save img58

  2. Go to Outlook and send

https://mail.dan.local/owa

Test send messege to check if all ok img59

Sender Agent

Mail flow > + img60

create for sender for my local domain img61

choice mx record and next img62

press + and and choice smtp record img63

* for all domains img64

Next img65 Add server + img66

choice add dan.local and OK and Finish img67

Done! img68

External Domain

ecp my external name his 641514.cc img69

ews my external name his 641514.cc img70

mapi my external name his 641514.cc img71

Active Sync my external mame his 641514.cc img72

OAB my external mame his 641514.cc img73

owa my external mame his 641514.cc img74

  • ECP (Exchange Control Panel) — its web server for Administration Microsoft Exchange Server

  • EWS (Exchange Web Services) is a web service provided by Microsoft Exchange Server that allows applications to communicate with the Exchange server through a programmatic interface. EWS provides access to various Exchange features, including managing email, calendars, contacts, tasks, and other data.

  • MAPI (Messaging Application Programming Interface) is an application programming interface developed by Microsoft that allows client applications to exchange messages, interact with email, calendars, and other functions of servers such as Microsoft Exchange Server.

  • Exchange ActiveSync (EAS) is a synchronization protocol developed by Microsoft for accessing mail, calendars, contacts, tasks, and notes on mobile devices. It provides communication between a server (for example, Microsoft Exchange Server) and a client device (smartphone, tablet, or email client). EAS is the primary protocol for integrating Exchange with mobile devices.

  • OAB (Offline Address Book) is an offline address book used in Microsoft Exchange Server. OAB allows Microsoft Outlook users to work with their organization’s address book without connecting to a server. This is especially useful when you are not connected to the Internet or in situations where you want to minimize the load on the Exchange server.

  • OWA (Outlook Web App) is a web application developed by Microsoft for accessing mail, calendar, contacts and tasks through a browser. OWA is a component of Microsoft Exchange Server that allows users to experience business email and other Exchange features without installing a client application such as Microsoft Outlook.

DNS

Records IP
A @ 75.10.52.21
A ex 75.10.52.21
MX @ ex.641514.cc
TXT @ v=spf1 a mx ~all
TXT _dmarc v=DMARC1; p=none

Spf

v=spf1 ip:my_domain_ip mx ~all

dkim txt mail: domainkey mypublickey

dmarc

txt _dmarc v=DMARC1; p=quarantine; aspf=r; sp=none

pop3 imap

services > microsoft imap4 > autorun services > microsoft imap4 backend > autorun

services > microsoft pop3 > autorun services > microsoft pop3 backend > autorun

need create certificate

ecp > servers > certificate > ssl cetificate doble click and services and v on imap pop and save

Set-PopSettings -ExternalConnectionSettings “mail.641514.cc:995:SSL”, “mail.641514.cc:110:SSL” -X509CertificateName 641514.cc

Set-ImapSetting –ExternalConnectionSettings “mail.641514.cc:993:SSL”, “mail.641514.cc:143:SSL” -X509CertificateName 641514.cc

take x509 name from ecp certificate

restart pop3 and backend restart imap and backend

router open ports

443,80,995,110,25,993,143

mail flow > client frontend expc > scooping > FQDN : my external domain

Get-Exchangecertificate

copy thumpprint

ewrewrwererwewerwer

smtp

Get-Exchangecertificate -Trumbprint #$@$#@@#$#@#$EWFEW

$TLSCertName = “$($TLSCert.Issuer)$($TLSCert.Subject)”

Get-ReceiveConnector -Identity “Client Frontend*” | Set-ReceiveConnector -TlsCertificateName $TLSCertName

look cetificate Get-ReceiveConnector -Identity “Client Frontend*” | Format-List Name,Fqdn

check enable pop and imap on outlook

ecp > recipients > user > mailbox features > pop3 enabled

test

Test-ImapConnectivity -ClientAccessServer -Lightmode -MailboxCredential (Get-Credential)

Test-PopConnectivity -ClientAccessServer -Lightmode -MailboxCredential (Get-Credential)

https://testconnectivity.microsoft.com/

outlook for anywere

servers > servers > expc > outlook anywere > mydomain

import cetificate

import-ExchangeCertificate -server expc -Filedata ([System.IO.File]::ReadAllBytes(’\expc\Certs\certificate.pfx’))

or

import-ExchangeCertificate -server expc -Filedata ([System.IO.File]::ReadAllBytes(‘c:\Certs\certificate.pfx’))

aFTER

SERVERS> cerficates > cn=r3 > services and > x all smtp, pop imap

test mail

https://www.mail-tester.com/

Key for EX2019

YCQY7-BNTF6-R337H-69FGX-P39TY