Windows Exchange 2010

-
Exchange Server 2003
Front end + Back end
Front end(in DMZ Zone): receive user visit (HTTP, POP3, IMAP)
Back end(SQL Server Database): save email

Exchange Server 2010 Introduction
Use different key to upgrade from Standard to Enterprise

Five role
Storage Server: Email stoarge
Client Access Server: user visit
HUB Server: Email transfer
Edge Server: Receive and Send Internet Email, Anti junk email
UM Server: connect with Lync and phone


1. At least have three server: Stoarge + HUB + Client Access
2. Storage + Client Access + Hub + UM can install in one server while Edge in another one
3. Storage + Client Access + Hub + UM should in domain while Edge should in workgroup
4. UM Server deployment needs VOIP or PBX gateway

Database Storage 
Exchange Server 2003 standard without SP2: support 1 database, max size 16GB
Exchange Server 2003 standard with SP2: support 1 database, max size 72GB
Exchange Server 2003 enterprise without SP2: support 19 database, max size 16GB
Exchange Server 2003 enterprise with SP2: support 19 database, max size 72GB

Exchange Server 2007 standard: support 5 database, max size 2TB
Exchange Server 2007 enterprise: support 50 database, max size 2TB

Exchange Server 2010 standard: support 5 database, recommended size 2TB
Exchange Server 2010 enterprise: support 100 database, recommended size 2TB

High Available
Storage Server
Exchange Server 2003: Cluster

Exchange Server 2007: LCR(local continuous replication) / CCR(cluster continuous replication) / Cluster
LCR: one server, different local drive, manually switch
CCR: two server, different local drive, automatic switch

Exchange Server 2010: DAG
DAG
1. upgrade from CCR
2. support 16 server

Web access
1. OWA: Outlook Web App
2. ECP: Outlook Web App Control Panel

Exchange Server2010 Implementation
Requirements
1. Domain Environment
Domain function level: Windows Server 2000
Forest function level: Windows Server 2003

2. Application Requirement
OS: Windows Server 2008 SP2 X64 / R2 Standard / Enterprise

Exchange Storage server: need cluster --> Enterprise OS
Exchange CAS/HUB server: Standard OS

Powershell 2.0
.net framework 3.5
AD management tool
IIS
Filter pack 2.0
change "net.tcp port sharing service" to automatic start

Exchange Server 2010 Installation
1. Add Exchange server(Windows Server 2008 R2) into Domain
2. Use Domain Admin to login Exchange server
3. Install application requirements
Download Powershell script from Microsoft website
This example is for a server that will have the typical installation of the Client Access, Hub Transport, and Mailbox server roles.
Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,Web-Asp-Net,Web-Client-Auth,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Logging,Web-Http-Redirect,Web-Http-Tracing,Web-ISAPI-Filter,Web-Request-Monitor,Web-Static-Content,Web-WMI,RPC-Over-HTTP-Proxy -Restart

4. Insatll filter pack 2.0(Use for server with previous version): Download from microsoft website
5. Change "net.tcp port sharing service" from manual start to automatic start
6. Start to install exchange server 2010 SP2 
7. Choose the classical installation

Exchange Server 2010 Configuration
1. Go to AD server create three OU(HR, Sales, IT) and two User in every OU, set OU in User property / Organization
2, Go to Exchange server, create folder D:\ExchangeDB to save mail 
D:\ExchangeDB\HR
D:\ExchangeDB\Sales
D:\ExchangeDB\IT
3. Open Exchange Manager Console
4. Create mailbox database for three OU
5. Create user mail and specific the mailbox database
6. Use IE visit the outlook web app
https://<exchange server>/OWA

Exchange 2010 Client 
Client Access Methods
1. HTTPS
2. MAPI (need Outlook client)
3. POP3

MAPI Method outlook datafile is ost: system cache file
Manually create local outlook datafile is pst: save from server to local

MAPI methods, outlook and exchange connection using dynamic port. so client need to use VPN before outlook connect to exchange

POP3    110 port 
POP3S  995 port
SMTP    25 port
SMTPS  25 port (default)
             465 port (ISA/TMG)
             587 port (Exchange)

Outlook use POP3 connect to Exchange
A. Start exchange pop3 service in exchange server 
B. Go to Exchange Management Console / 服务器配置 / 客户端访问 / POP3 和 IMAP4, right click POP3 click property / 身份验证 choose the first item.
C. Go to Exchange Management Console / 服务器配置 / 集线器传输 / right click default <server> click property / 权限组 choose "匿名用户".
D. Re-start exchange pop3 service in exchange server 
E. Oulook use pop3 do setting

POP3 Method outlook datafile is pst

PST file size
Outloot XP: 2GB
Office 2003, 2007: 20GB
Office 2010: 50GB

OWA visit Exchange
Default only support SSL visit
Change IIS / ssl setting, also support normal visit

If you want to change OWA login page, change the file context in IIS. 
Related file save in C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa\14.2.247.5\themes\base
Related guide: customize the outlook owa in Microsoft website

Security choose:
1. Public computer: session timeout 5 mins
2. Private computer: session timeout 30 mins

Exchange Server 2010 Certificate Issue
1. Install CA
A. Install "Active Directory Certificate Service" role into DC server  
B. Choose the first two item "证书颁发机构" / “证书颁发机构Web注册”
C. Choose "Enterprise"

2. Exchange Server trust CA
A. Input url "http://<CA Server>/certsrv" into IE
B. Download CA ROOT certification
C. Install the certification in client

3. Apply certification for Exchange
A. Default Exchange server generate one self sign certificate
B. Input command: gpupdate /force
C. In Exchange management console \ 服务器配置
D. Choose exchange server, create Exchange Certificate 
E. Input the certificate name
F. Not use *.<domain name>
G. Choose the needed items such as OWA, 
H. Generate certificate req file, copy the context
I. Input url "http://<CA Server>/certsrv" into IE
J. Click "申请证书" / “高级证书申请” / "使用base64...."
K. Paste the context of the request file and template choose "Web服务器"
L. Download certificate file
M. In Exchange management console \ 服务器配置 
N. Right click exchange certificate which is not finish, click "完成配置请求"
O. Right click the certificate, click "服务分配给证书"
P. Choose the related service such as IMAP, POP, SMTP, IIS
Q. Client Verify the three methods (MAPI / HTTPS / POP3)
POP3
i. Exchange Server: change pop3 to security login
ii. Client pop3 create outlook account and choose POP3 security 995 and SMTP security 587

Comments

Post a Comment

Popular posts from this blog

Nginx Proxy & Load Balance & LNMP

-
Nginx Proxy Service E-commerce website Server 1: provide image request response (  apache / nginx ) Server 2: provide dynamic request response ( php-fpm / apache-php ) Server 3: provide static request response ( apache / nginx ) Server 4: provide data request response ( mysql ) It need one additional nginx server 1. Install nginx 2. proxy to specific server Example location / {      proxy_pass http://192.168.199.187:80/; } location /bbs/ {      proxy_pass http://192.168.199.187:80/bbs/; } location ~* \.(jpg|png|gif)$  {      proxy_pass http://172.16.100.7; } Enhance the log information and specific the hostname location / {      proxy_pass  http://192.168.199.187:80/;      proxy_set_header <parameter name>  $host;  (client requst the hostname )      proxy_set_header <parameter name> $remote_addr; ...
Read more

Snort+barnyard2+Snorby CentOS 6.5_64 Installation

-
#download packages: daq-2.0.2.tar.gz ImageMagicK-6.8.9-8.tar.gz oinkmaster-2.0.tar.gz ruby-1.9.3-p547.tar.gz snort-2.9.6.2.tar.gz snortrules-snapshot-2962.tar.gz MySQL-server-5.5.40-1.rhel5.x86_64.rpm MySQL-client-5.6.21-1.rhel5.x86_64.rpm MySQL-devel-5.6.21-1.rhel5.x86_64.rpm MySQL-shared-5.6.21-1.rhel5.x86_64.rpm epel-release-6-8.noarch.rpm barnyard2-2.1.13.tar.gz #install yum package rpm -ivh epel-release-6-8.noarch.rpm yum install gcc-c++ patch readline readline-devel zlib zlib-devel flex git yum install libyaml-devel libffi-devel openssl-devel make  yum install bzip2 autoconf automake libtool bison iconv-devel libxml2-devel libxslt  yum install gcc g++ build-essential libssl-devel libreadline5-devel zlib1g-devel linux-headers-generic libsqlite3-devel libxslt-devel curl-devel sqlite-devel yum --enablerepo=epel install jasper jasper-libs jasper-devel #Mysql install yum remove mysql mysql-libs rpm -ivh MySQL-server-5.5.40-1.rh...
Read more

ORACLE Error

-
Image
oracle official error explanation  http://docs.oracle.com/cd/E11882_01/server.112/e17766/toc.htm 从服务器下载ALERT日志文件,传输方式需要选择"ASCII" ORA-01078: failure in processing system parameters 发生场景:新建数据库第一次启动时 SQL> startup ORA-01078: failure in processing system parameters LRM-00109: could not open parameter file ‘/home/oracle/oracle/product/10.2.0/db_1/dbs/initorcl.ora’ 原因:oracle_sid没有配置正确 解决方案: 1. 修改oracle用户.bash_profile文件中ORACLE_SID后的内容; 2. 重新已oracle用户登录; ORA-01157: cannot identify/lock data file string - see DBWR trace file  Cause: The background process was either unable to find one of the data files or failed to lock it because the file was already in use. The database will prohibit access to this file but other files will be unaffected. However the first instance to open the database will need to access all online data files. Accompanying error from the operating system describes why the file could not be identified. Action: Have operating system make file ...
Read more