Have a Question?
Provision Exchange 2013 Server with PowerShell
Tutorial on how to provision Exchange 2013 Server with PowerShell
Preparation of Windows 2012R2 Server
-
Install a fresh copy of Windows 2012R2 Server with latest patches
-
Download and install the following components for Exchange 2013 Server
-
Install required IIS Roles and reboot
Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, `
RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, `
RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, `
Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, `
Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, `
Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, `
Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS
Restart-Computer
- Download Cumulative Update 23 for Exchange Server 2013 and extract to C:\EX2013
Preparation of AD Schema and Domain
- Open CMD with Administrator Right and Extend AD Schema for Exchange 2013
C:\EX2013>setup.exe /ps /IAcceptExchangeServerLicenseTerms
Microsoft Exchange Server 2013 Cumulative Update 23 Unattended Setup
Copying Files...
File copy complete. Setup will now collect additional information needed for
installation.
Performing Microsoft Exchange Server Prerequisite Check
Prerequisite Analysis COMPLETED
Configuring Microsoft Exchange Server
Extending Active Directory schema COMPLETED
The Exchange Server setup operation completed successfully.
- Prepare AD Domain – Replace the /OrganizationName:AVENTIS with your own Name
C:\EX2013>setup.exe /PrepareAD /OrganizationName:Aventis /IAcceptExchangeServerLicenseTerms
Microsoft Exchange Server 2013 Cumulative Update 23 Unattended Setup
Copying Files...
File copy complete. Setup will now collect additional information needed for
installation.
Performing Microsoft Exchange Server Prerequisite Check
Prerequisite Analysis COMPLETED
Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareA
D'. No Exchange 2007 server roles have been detected in this topology. After thi
s operation, you will not be able to install any Exchange 2007 servers.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms
.exch.setupreadiness.NoE12ServerWarning.aspx
Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareA
D'. No Exchange 2010 server roles have been detected in this topology. After thi
s operation, you will not be able to install any Exchange 2010 servers.
For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms
.exch.setupreadiness.NoE14ServerWarning.aspx
Configuring Microsoft Exchange Server
Organization Preparation COMPLETED
The Exchange Server setup operation completed successfully.
- Prepare Domain
C:\EX2013>setup.exe /PrepareDomain /IAcceptExchangeServerLicenseTerms
Microsoft Exchange Server 2013 Cumulative Update 23 Unattended Setup
Copying Files...
File copy complete. Setup will now collect additional information needed for
installation.
Performing Microsoft Exchange Server Prerequisite Check
Prerequisite Analysis COMPLETED
Configuring Microsoft Exchange Server
Prepare Domain Progress COMPLETED
The Exchange Server setup operation completed successfully.
Provision Exchange 2013 Server with PowerShell
- Install Client Access Server (CAS), Hub Transports (HT) and Mailbox Role (MB) in Single Exchange 2013 Server
#Install Exchange 2013 CAS + MBX
C:\EX2013>Setup.exe /m:Install /Roles:ca,mb,ht /IAcceptExchangeServerLicenseTerms
<#
Welcome to Microsoft Exchange Server 2013 Cumulative Update 12 Unattended Setup
Copying Files...
File copy complete. Setup will now collect additional information needed for installation.
Languages
Management tools
Mailbox role: Transport service
Mailbox role: Client Access service
Mailbox role: Unified Messaging service
Mailbox role: Mailbox service
Client Access role: Front End Transport service
Client Access role: Client Access Front End service
Performing Microsoft Exchange Server Prerequisite Check
Configuring Prerequisites ... COMPLETED
Prerequisite Analysis ... COMPLETED
Configuring Microsoft Exchange Server
Preparing Setup ... COMPLETED
Stopping Services ... COMPLETED
Copying Exchange Files ... COMPLETED
Language Files ... COMPLETED
Restoring Services ... COMPLETED
Language Configuration ... COMPLETED
Exchange Management Tools ... COMPLETED
Mailbox role: Transport service ... COMPLETED
Mailbox role: Client Access service ... COMPLETED
Mailbox role: Unified Messaging service ... COMPLETED
Mailbox role: Mailbox service ... COMPLETED
Client Access role: Front End Transport service ... COMPLETED
Client Access role: Client Access Front End service ... COMPLETED
Finalizing Setup ... COMPLETED
The Exchange Server setup operation completed successfully.
Setup has made changes to operating system settings that require a reboot to take effect. Please reboot this server prior to placing it into production.
#
- Reboot to complete the installation
Basic Configuration
- Open Exchange Management Shell or PowerShell ISE on Exchange 2013 Server
#Connect to Exchange - PowerShell ISE - Exchange 2013 and above
. 'C:\Program Files\Microsoft\Exchange Server\V15\bin\RemoteExchange.ps1'
Connect-ExchangeServer -auto
- Change the default Mailbox Database name and move DB & Log to E:\
#Rename Mailbox Database
Set-MailboxDatabase (Get-MailboxDatabase).Name -Name "LOCAL"
#Move Database & Logs
Move-DatabasePath -Identity "LOCAL" -EdbFilePath "E:\Databases\LOCAL.edb" -LogFolderPath "E:\Logs"
- New Accepted Domain called AventisLab.com
#New Accepted Domain
New-AcceptedDomain -DomainName AventisLab.com -DomainType Authoritative -Name AventisLab.com | Set-AcceptedDomain -MakeDefault $true
- Update the existing Email Address Policy to assign @aventislab.com as default email address
#Email Policy
Get-EmailAddressPolicy | Set-EmailAddressPolicy -EnabledPrimarySMTPAddressTemplate "@aventislab.com"
- Create a new SMTP Connector to point to mail.smtp2go.com which is a free SMTP Gateway provider
#Send Connector
New-SendConnector -Internet -Name "SMTP Connector" -AddressSpaces * -SmartHosts "mail.smtp2go.com"
- Update the SPF & DKIM records in your public DNS Server by following smtp2go – Sender Domains
- Change OWA, ECP, OAB, EWS, ActiveSync, AutoDiscover & PowerShell Virtual Directory to https://mail.aventislab.com
$OWA_URL = "https://mail.aventislab.com/owa"
$ECP_URL = "https://mail.aventislab.com/ecp"
$EWS_URL = "https://mail.aventislab.com/EWS/Exchange.asmx"
$OAB_URL = "https://mail.aventislab.com/OAB"
$ACtiveSync_URL = "https://mail.aventislab.com/Microsoft-Server-ActiveSync"
$PowerShell_URL = "https://mail.aventislab.com/powershell"
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InternalUrl $OWA_URL -ExternalUrl $OWA_URL -DefaultDomain "lab.aventislab.com" -LogonFormat "UserName"
Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -InternalUrl $ECP_URL -ExternalUrl $ECP_URL
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl $EWS_URL -ExternalUrl $EWS_URL
Get-OabVirtualDirectory | Set-OabVirtualDirectory -InternalUrl $OAB_URL -ExternalUrl $OAB_URL
Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -InternalUrl $ACtiveSync_URL -ExternalUrl $ACtiveSync_URL
Get-PowerShellVirtualDirectory | Set-PowerShellVirtualDirectory -InternalUrl $PowerShell_URL -ExternalUrl $PowerShell_URL
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri "https://mail.aventislab.com//Autodiscover/Autodiscover.xml"
Get-ClientAccessServer | FL AutoDiscoverServiceInternalUri
-
Redirect the default site to OWA and Remove redirection for other virtual directories by following Simplify the Outlook Web App URL
-
Generate Generate Wildcard SSL Certificate from Let’s Encrypt and assign it for SMTP & IIS Services
$Thumbprint = Get-ExchangeCertificate | ? Subject -like "*aventislab.com*"
Enable-ExchangeCertificate -Thumbprint $Thumbprint.Thumbprint -Services SMTP, IIS
- Enable Outlook Anywhere
Get-OutlookAnywhere | Set-OutlookAnywhere -ExternalHostname "mail.aventislab.com" -ExternalClientAuthenticationMethod basic -ExternalClientsRequireSsl $true `
-InternalHostname "mail.aventislab.com" -InternalClientsRequireSsl $true
-
Provision some test AD Account with Mailbox enabled by following PowerShell to Provision User Account in AD
-
Allow inbound access for Port 443 & 25 in Cisco ASA Firewall
Define Network Object for Public IP called PIP-103.18.246.210
object network PIP-103.18.246.210
host 103.18.246.210
Define Network Object called HOST-10.10.10.181_HTTPS & HOST-10.10.10.181_SMTP, and Port Forwarding from Public IP (103.18.246.210) to Exchange Internal IP (10.10.10.181) for https (Port 443) & smtp (port 25)
object network HOST-10.10.10.181
host 10.10.10.181
object network HOST-10.10.10.181_HTTPS
host 10.10.10.181
nat (inside,outside) static PIP-103.18.246.210 service tcp https https
object network HOST-10.10.10.181_SMTP
host 10.10.10.181
nat (inside,outside) static PIP-103.18.246.210 service tcp smtp smtp
Define a Access List called outside_access_in to allow inbound access for Port 443 & 25 to HOST-10.10.10.181
access-list outside_access_in extended permit tcp any object HOST-10.10.10.181 eq https
access-list outside_access_in extended permit tcp any object HOST-10.10.10.181 eq smtp
Bind the Access List to outside interface
access-group outside_access_in in interface outside
You should be able to send & receive Email & accessing Web Mail from Internet now.