Steps to provision a Single Exchange 2016 with PowerShell
- Prepare a Windows 2016 Standard Server with
- Servicing stack update
- 2018-11 Cumulative Update-KB4467691 – Download the latest Cumulative from Microsoft
- Unified Communications Managed API 4.0 Runtime
- Visual C++ Redistributable Packages x64
- Exchange 2016 CU9
- Enable PreRequisite
#Install PreRequisite
Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, `
RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, `
Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, `
Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, `
Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, `
Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS
#Restart Server
Restart-Computer
- Mount the Exchange 2016 ISO File as D Drive and start to extend AD Scheme, Prepare AD Domain and Install Exchange 2016
#prepare AD Schema
D:\setup.exe /ps /IAcceptExchangeServerLicenseTerms
#Prepare AD
D:\setup.exe /PrepareAD /OrganizationName:Aventis /IAcceptExchangeServerLicenseTerms
#Prepare Domain
D:\setup.exe /PrepareDomain /IAcceptExchangeServerLicenseTerms
#Install Exchange 2016
D:\Setup.exe /m:Install /Roles:Mailbox /IAcceptExchangeServerLicenseTerms
Restart-Computer
- Open PowerShell ISE in Exchange 2016 Server
#Connect to Exchange 2016 in PowerShell ISE
. 'C:\Program Files\Microsoft\Exchange Server\V15\bin\RemoteExchange.ps1'
Connect-ExchangeServer -auto
#Rename Default Mailbox Database
Get-MailboxDatabase | Set-MailboxDatabase -Name LOCAL
#New Accepted Domain
$AcceptedDomain = "Aventislab.com"
New-AcceptedDomain -DomainName $AcceptedDomain -DomainType Authoritative -Name $AcceptedDomain
Set-AcceptedDomain -Identity $AcceptedDomain -MakeDefault $true
#Change Default Email Policy to use Aventislab.com and update
Get-EmailAddressPolicy | Set-EmailAddressPolicy -EnabledPrimarySMTPAddressTemplate "SMTP:@Aventislab.com"
Get-EmailAddressPolicy | Update-EmailAddressPolicy
#New Send Connector with SmartHost
New-SendConnector -Name "SMTP Connector" -Internet -AddressSpaces * -SmartHosts "mail.smtp2go.com"
- Import Let’s Encrypt Wildcard SSL Certificate and change all the Virtual Directory Name
#Import PFX
$PFXPassword = ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force
Import-PfxCertificate -FilePath C:\temp\AventisLab.pfx -CertStoreLocation Cert:\LocalMachine\My -Password $PFXPassword
#Assign Wildcard Cert to Exchange IIS & SMTP Services
$Cert = Get-ExchangeCertificate | ? Subject -like "*.aventislab*"
Enable-ExchangeCertificate -Thumbprint $Cert.Thumbprint -Services IIS, SMTP -Force
#Change OWA, ECP, EWS, OAB, PowerShell, MAPI, ActiveSync and Outlook Anywhere
$URL = "https://mail.aventislab.com/"
$OWA = $URL + "owa"
$ECP = $URL + "ecp"
$EWS = $URL + "EWS/Exchange.asmx"
$OAB = $URL + "OAB"
$PowerShell = $URL + "Powershell"
$ActiveSync = $URL + "Microsoft-Server-ActiveSync"
$Mapi = $URL + "mapi"
$OutlookAnywhere = "mail.aventislab.com"
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InternalUrl $OWA -ExternalUrl $OWA -DefaultDomain "Aventislab.local" -LogonFormat Username
Get-ECPVirtualDirectory | Set-ECPVirtualDirectory -InternalUrl $ECP -ExternalUrl $ECP
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl $EWS -ExternalUrl $EWS
Get-OabVirtualDirectory | Set-OabVirtualDirectory -InternalUrl $OAB -ExternalUrl $OAB
Get-PowerShellVirtualDirectory | Set-PowerShellVirtualDirectory -InternalUrl $PowerShell -ExternalUrl $PowerShell
Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -InternalUrl $ActiveSync -ExternalUrl $ActiveSync
Get-MapiVirtualDirectory | Set-MapiVirtualDirectory -InternalUrl $Mapi -ExternalUrl $Mapi
Get-OutlookAnywhere | Set-OutlookAnywhere -InternalHostname $OutlookAnyWhere -ExternalHostname $OutlookAnyWhere -ExternalClientsRequireSsl $false `
-InternalClientsRequireSsl $false -DefaultAuthenticationMethod negotiate
- Reboot the Server and you should be able to
- Login to OWA via https://mail.aventislab.com
- Send and Receive Email with [email protected]