Provision a Single Exchange 2016 with PowerShell

Steps to provision a Single Exchange 2016 with PowerShell

  1. Prepare a Windows 2016 Standard Server with
  1. Enable PreRequisite
#Install PreRequisite 
Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, `
    RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, `
    Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, `
    Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, `
    Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, `
    Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

#Restart Server
  1. Mount the Exchange 2016 ISO File as D Drive and start to extend AD Scheme, Prepare AD Domain and Install Exchange 2016
#prepare AD Schema 
D:\setup.exe /ps /IAcceptExchangeServerLicenseTerms

#Prepare AD 
D:\setup.exe /PrepareAD /OrganizationName:Aventis /IAcceptExchangeServerLicenseTerms

#Prepare Domain 
D:\setup.exe /PrepareDomain /IAcceptExchangeServerLicenseTerms

#Install Exchange 2016
D:\Setup.exe /m:Install /Roles:Mailbox /IAcceptExchangeServerLicenseTerms 

  1. Open PowerShell ISE in Exchange 2016 Server
#Connect to Exchange 2016 in PowerShell ISE
. 'C:\Program Files\Microsoft\Exchange Server\V15\bin\RemoteExchange.ps1'
Connect-ExchangeServer -auto

#Rename Default Mailbox Database
Get-MailboxDatabase | Set-MailboxDatabase -Name LOCAL

#New Accepted Domain
$AcceptedDomain = ""
New-AcceptedDomain -DomainName $AcceptedDomain -DomainType Authoritative -Name $AcceptedDomain
Set-AcceptedDomain -Identity $AcceptedDomain -MakeDefault $true

#Change Default Email Policy to use and update 
Get-EmailAddressPolicy | Set-EmailAddressPolicy -EnabledPrimarySMTPAddressTemplate "" 
Get-EmailAddressPolicy | Update-EmailAddressPolicy

#New Send Connector with SmartHost
New-SendConnector -Name "SMTP Connector" -Internet -AddressSpaces * -SmartHosts "" 
  1. Import Let’s Encrypt Wildcard SSL Certificate and change all the Virtual Directory Name
#Import PFX 
$PFXPassword = ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force
Import-PfxCertificate -FilePath C:\temp\AventisLab.pfx -CertStoreLocation Cert:\LocalMachine\My -Password $PFXPassword

#Assign Wildcard Cert to Exchange IIS & SMTP Services
$Cert = Get-ExchangeCertificate | ? Subject -like "*.aventislab*"
Enable-ExchangeCertificate -Thumbprint $Cert.Thumbprint -Services IIS, SMTP -Force

#Change OWA, ECP, EWS, OAB, PowerShell, MAPI, ActiveSync and Outlook Anywhere
$URL = ""
$OWA = $URL + "owa"
$ECP = $URL + "ecp"
$EWS = $URL + "EWS/Exchange.asmx"
$OAB = $URL + "OAB"
$PowerShell = $URL + "Powershell"
$ActiveSync = $URL + "Microsoft-Server-ActiveSync"
$Mapi = $URL + "mapi"
$OutlookAnywhere = ""

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InternalUrl $OWA -ExternalUrl $OWA -DefaultDomain "Aventislab.local" -LogonFormat Username
Get-ECPVirtualDirectory | Set-ECPVirtualDirectory -InternalUrl $ECP -ExternalUrl $ECP
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl $EWS -ExternalUrl $EWS
Get-OabVirtualDirectory | Set-OabVirtualDirectory -InternalUrl $OAB -ExternalUrl $OAB
Get-PowerShellVirtualDirectory | Set-PowerShellVirtualDirectory -InternalUrl $PowerShell -ExternalUrl $PowerShell
Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -InternalUrl $ActiveSync -ExternalUrl $ActiveSync
Get-MapiVirtualDirectory | Set-MapiVirtualDirectory -InternalUrl $Mapi -ExternalUrl $Mapi
Get-OutlookAnywhere | Set-OutlookAnywhere -InternalHostname $OutlookAnyWhere -ExternalHostname $OutlookAnyWhere -ExternalClientsRequireSsl $false `
-InternalClientsRequireSsl $false -DefaultAuthenticationMethod negotiate
  1. Reboot the Server and you should be able to
  • Login to OWA via
  • Send and Receive Email with

Leave a Comment