 Hello everybody! Watch this video to find out how to install and configure Exchange Server 2019. Into this video, we'll explore installation and configuration of Exchange Server 2019, its active domain, and how to configure it for a full-fledged operation involving MIPI protocol, and we'll find out how to create a certificate. In our channel and blog, you will find solutions to any problem, from installing an operating system or configuring it to fixing possible bugs and errors or optimizing mobile gadgets. Our specialists will answer any questions you ask in your comments under the videos or articles. Alright, to organize a mail server, we will need one server for installation of active directory domain services and another for installation of Exchange Server. So what is active directory domain services? Active directory AD is a directory service developed by Microsoft for Windows domain networks. It is included into most operating systems of the Windows Server family. A server running an active directory domain service role is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain-type network assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, active directory checks the submitted username and password and determines whether the user is a system administrator or normal user. Also, it allows management and storage of information, provides authentication and authorization mechanisms and establishes a framework to deploy other related services. This service is a mandatory requirement for operation of an Exchange Server. Microsoft Exchange Server is a software product for email, calendaring, contact, scheduling and collaboration. The main functions of Microsoft Exchange include as follows – processing and sending emails, shared access to calendars and tasks, support for mobile devices and web access, integration with voicemail systems, support for instant messaging systems and so on. Before installing and configuring Exchange Server, you should check its requirements. I will give you the link in the description. All you need is two computers with Windows Server operating system. I'll show the configuration steps with the example of two machines with Windows Server 2019 and cumulative update 12 for Exchange Server 2019. Exchange deployment always begins with preparation of Active Directory domain services. The matter is that Exchange Server is very dependent on Active Directory. The directory services are where both the product information and user account settings are stored. Owing to the replication mechanism within Active Directory, all Exchange infrastructure has a unified configuration. This allows servers to interact with each other immediately out of the box. In the end, a computer with Exchange Server on board should be connected to a domain, and this connection requires you to configure the internal Active Directory domain. So let's work with the first server. To have the entire system work properly before installing the Active Domain service role, we need to assign a specific name to this computer and set a static IP address. Right-click on the Start button and select System. And then rename this PC. In my case, it's going to be Active Domain PC, ADPC. When the name is ready, click Next. After that, the system will notify you that renaming the computers requires a restart. So restart the server. Now it's time to configure network settings. Right-click on the Start menu or press the key shortcut Windows plus X on your keyboard and choose Network Connections, Change adapter options. After that, right-click on the Add the Net adapter, Properties, and open IP version for a protocol settings. Check the option, use the following IP address and give a free IP address. This setting suggests that you know the options of your network, so fill in the subnet mask and the default gateway data. In the field Prefer DNS server, give the IP address of this server since the DNS server role will be installed there along with the Active Directory Domain Services role. After that, click OK and close. Initial server configuration is over. Now you can begin the installation of Active Directory Domain Services role. Open the Start menu and run Server Manager. In the window that opens, look up to the right and click Manage, Add roles and features. In the next window, click Next. Leave installation type as it is, role based or feature based installation and click Next. Select your server and check the box next to Active Directory Domain Services. The installation wizard warns you that the following components need to be installed. Click Add features and then Next. Leave all the components as they are and click Next. After viewing extra information about Domain Services, click Next again. Finally, click Install to begin this process. Wait until the installation is over. Now you need to promote this server so that it becomes a domain controller. Click Promote this server to a domain controller. In this video tutorial, I add a new forest, as this is an installation from the scratch. Check the option Add a new forest and give the root domain name. At the next stage, you are suggested to select the functional level of the new forest and root domain. If you are adding a new forest and planning to use server based on Windows Server 2019 operating system, you shouldn't change these options. Add a password for DSRM, which stands for Directory Service Restore Mode, and click Next. As a result, the configuration wizard will warn you that a delegation for this DNS server cannot be created, but you should just ignore it and click Next. Don't change the net-bias domain name. Next. At the next stage, you can modify database directory paths, if necessary. After that, you will see the summary of service settings. Click Next. Finally, the configuration wizard will check if all prerequisites are observed, and will show you a report. This message, all prerequisite checks are passed successfully, means that your configuration meets all the necessary requirements. Click Install to begin the installation and wait until the server is promoted to domain controller level. In the end, you will see this warning. Hit Close to a stunt. At this stage, the server is promoted to domain controller level. Finally, at the domain server, you should add an Active Directory account with the rights for enterprise admins, schema admins, and domain admins. To do it, sign in as domain administrator and open Server Manager. Open the Tools menu, Active Directory Users and Computers. In the window that opens, go to the folder with your domain name and then to the Users folder. Click on this icon. Create a new user. Here, fill in the following fields. Click Name, Login, and then click Next. Then set a password for this account and uncheck this option. Click Next and Finish. Now you need to add rights for this account. Open the account by double-clicking on it, jump to the tab Member of and click Add. Add the rights for enterprise admins, type the name, check names, enterprise admins, OK. Add, type the name, check names, OK. Add, domain admins, OK. Apply and OK. Now the Active Directory Domain Services server is configured and we can move on to install Exchange Server. This installation suggests that you have already configured your network, open the necessary port for normal operation of mail services, and so on. As I said before, at the beginning of this video, you need to have two servers with Windows Server operating system installed. One of the servers should be assigned the Active Directory Domain Services role. Download an ISO image of the latest version of Exchange Server 2019 from the Microsoft website. The other server where Exchange is going to be installed should be included into the domain and some additional software should be installed. Visit the Microsoft website to find detailed information about them and download the required components by following the link in the description. So, install the following items. Visual C++ 2012, C++ 2013, Unified Communications Manager API, UR ALRI right module, and Net Framework. After Net Framework is installed, the operating system will ask you to restart the server. Choose to restart later because we need to install a few other components. Start PowerShell as administrator. To begin with, install remote administration tools to prepare Active Directory for installation of Exchange. Do it with the following command. After that, add required components for Link Server or Skype for Business Server. Here is the command that you need for installation. Now install the extra components required for operation of the Exchange Server by running this command. Restart the computer after the installation of all components. Now you need to include the Exchange Server into the domain. Add DNS and change the server name. For this purpose, press the key shortcut Windows plus X. Choose Network Connections, Change Adapter Options, right-click on the adapter and select Properties. Open IP version 4 and set DNS. As the DNS server, we will use the Active Domain server. So type its IP address here and click OK. After that, open System, System Info, Remote Settings. Jump to the tab Computer Name and click Change. Change the computer's name and include it into the domain by checking this box and entering the domain address. After that, you need to specify the login and password for the Active Directory account which belongs to these groups – Enterprise Admins, Schema Admins and Domain Admins. Exchange Server is now connected to the domain. The operating system will ask you to close all programs and restart. To begin the installation of Exchange Server, after the restart you need to sign in with the account that belongs to these groups – Enterprise Admins, Schema Admins and Domain Admins. After that, you should mount the ISO image of Exchange Server which you have downloaded earlier. Open the disk containing the file, right-click on it and select Mount. After that, start PowerShell as administrator and go to the mounted disk by specifying the disk letter. Now extend the scheme for exchange with this command. After that, prepare containers, objects, other Active Directory components and create Exchange Organization by using the following command. Remember that there is the organization name at the end of the command. In my case, this is Hetman Software, but in your case it will be the name you have chosen. Now let's prepare the domain for installation of Exchange Server by using another command. Finally, now you can begin the installation of Exchange Server 2019. Open the mounted disk containing Exchange Server installation files and run the file setup.exe. In the window that opens at the first stage of the installation, you can check for updates, click Next. After that, Exchange Server Installation Wizard offers you to view the information concerning Exchange Server 2019. Click Next. Accept the license agreement and click Next again. At the next step, if you don't want the server to send error reports to Microsoft automatically, choose Don't Use Recommended Settings and click Next. Then select the following roles – Mailbox role and check the option Automatically Install Windows Server roles and features that are required to install Exchange Server and click Next. In the window to select Installation Directory, don't change anything, just click Next. Configure malware protection settings – Next. After that, the process will begin to check if everything is ready for installation. When it's complete, make sure the preparation of the organization and the server role have been checked successfully. Otherwise, the only button displayed on this page will be the Retry button. Fix the detected errors and repeat the installation. If you did everything according to this tutorial, there shouldn't be any errors at all. And instead of the Retry button, you will see the Install button. So click on it to finally start the installation. Wait until this process is complete. After the installation is over, it's recommended to restart the computer. I will do it a bit later. For checking, tick the box next to Launch Exchange Administration Center after finishing Exchange Setup and click Finish. For server management, you will use a kind of control panel – Exchange Administration Center – and it's available by following this link, where EXPC is the name of the Exchange Server. Accordingly, you need to give the name of IP address of your Exchange Server in the address bar. To have the Exchange Administration Center displayed correctly, you should add the Exchange Server address to trusted-size zone in Internet Explorer. Click on the Add button. In the field, add this website to the zone, specifying the address of your Exchange Server and click the Add button. Now the Exchange Server address is added to the trusted-size zone. Click on the Close button. To access this control panel, give the active directory domain or username or the name of a user having Exchange Administrator rights, type the password and click Sign In. This will open Exchange Center panel. To make sure that Exchange has been installed successfully, run the following commands in Exchange Management Shell. Click on Start. Microsoft Exchange Server 2019 – Exchange Management Shell. Use the following commands. This command brings up the list of names, active directory websites, exchange roles of the server and so on. The second command will display additional information about the server. The server has passed the test successfully, so now you can start configuring Exchange. Alright, so we have configured two servers – Active Domain Directory and Exchange Server. In order to have email circulate, you need to create users, add a network connector, add data on external virtual folders, configure external DNS, create a certificate, set up the Autodesk Cover feature and so on. To be able to send and receive emails and create clients, you have to complete basic configuration for Exchange Server. This is a must-have step after you have installed this product. And now, let's find out how to create a mailbox for a new user. In the Exchange control panel, open the Recipients tab and jump to Mailboxes. After that, click on the plus icon and choose User mailbox. Fill in the user data. Select the organizational unit where to include this user by clicking on Browse – User – OK. In the field User Logon Name, give the login the mailbox name. After that, set the password and click on More Options. In the section Mailbox Database, click Browse, and choose the database where the new mailbox should be created. Finally, click Save to finish. After the user with the mailbox is created, it will appear in the Mailboxes tab. Now you can use these credentials to login to your mailbox. Another important option for proper work of the mail service is Network Ports. Mail clients need these ports to access mailboxes and other services in the Exchange Server. If you have firewalls or network devices that can limit or modify internal network traffic, you should set up certain rules that allow free and unrestricted interaction between the servers. To configure the network with the NAT technology, you need to forward the ports used by specific services on the router. If your mails don't circulate or you encounter an error related to network ports, check the firewall or configure your router properly. Let's continue with the server setup. The first important option is an Accepted Domain. An Accepted Domain is a domain used by an Exchange Organization to send and receive mail traffic. By default, there is only one Accepted Domain available immediately after the deployment. If necessary, you can add one more domain or configure the existing domain for your specific purposes. After that, you need to add a send connector. In Exchange-related infrastructure, connectors are required to handle incoming and outgoing mail flow on Exchange servers and also between services in the transport pipeline on the local Exchange server. To enable the mail infrastructure to interact with external systems by SMTP protocol, we need to create a new send connector. Open the Mail Flow tab and then jump to the Send Connectors tab. Click on the plus icon to add a connector. There are several connector types available – internal, internet and partner. To send an email outside of the organization via the internet, you'll need an internet connector. Give a name for the new send connector and check the internet option. In the next page, specify how to send email, either with an MX record or through a dedicated smart host. An MX record is a type of DNS record that redirects email using SMTP protocol. In our example, mail will be sent with the use of such records, so choose MX and click Next. Now, you should specify for which domain the new connectors will work. Click on the plus icon and type an asterisk instead of domain name. This means that the new send connector will handle all domains except yours. Save. Next. After that, specify on which server the send connector should be created. Click on the plus icon and choose your exchange server. Then hit OK and finish to create the connector. At this stage, you should configure DNS records for the domain. To do it, open a web browser and go to the Control Panel to manage external DNS records for your domain. I'll show it with the example of Cloud Flare Service. Here, choose the domain for which DNS records need to be configured. Then create the following – MX record, mail, SPF, auto discover, and so on. After DNS is added, you can go back to further server configuration steps. The basic configuration for exchange server doesn't end with adding an accepted domain and setting up connectors. One more thing is to set correct URL addresses to connect clients. For starters, let's add an external URL for Outlook. Open the Service section, jump to the Service tab and choose Edit. Go to the settings Outlook Anywhere and set an external domain. Now let's type the address by which your mail server is available from the Internet to the exchange server configuration. To do it, open the tab Virtual Directories and then click on the Arrange symbol to add an external domain. Add your server by clicking on the plus icon. In this field, type your external domain and click Save. After that, the external domain will appear in the settings of each virtual folder. By default, Exchange Server uses an API protocol for mail services. For this mail protocol, the current settings you have changed will suffice. The external domain you have set up by which exchange infrastructure will be available is required to issue SSL certificates. SSL certificates are very important for operation of the exchange server. They ensure protected exchange of data between clients and components of the mail infrastructure. By default, Exchange Server is configured to use a Transport Layer Security, TLS protocol with self-signed certificates. However, this configuration is not always correct for connecting Outlook clients. As a solution, it is recommended to use PKI or Public Key Infrastructure. Using with Exchange Server 2019 cumulative update 12 and Exchange Server 2016 cumulative update 23, Microsoft removed the Certificate Import-Export parameter as well as the new Exchange Certificate Request parameter. To prevent misuse of UNC paths via attackers, Microsoft removed the parameters that take UNC paths as inputs from the Exchange Server PowerShell commandlets and the Exchange Administration Center. That is why you won't find that functionality in these updates. To add and import a new certificate, Microsoft suggests using the following commandlets. There are numerous certification centers, both commercial and free. In this example, I'm using the following free service, Let's Encrypt, which lets you create a certificate for three months. You also can use a well-known service as SSL.com. This resource offers public digital certificates, cloud signature services and PKI enterprise solutions. I won't be showing the process of requesting an issued certificate, so let's suppose you have one. To import a certificate into Exchange, you should start Exchange Management Shell and run this command. Or specify your server name here and give the path to your certificate in the end. After the import operation, you will see the new certificate on your Exchange Server Control Panel. After that, you should specify the services to use this certificate. Open the certificate by double-clicking on it, go to the section Services, and check the ones you need. Then click Save to finish the processes. Alright, so we have configured the mail server, and now it's time to check if the mail circulates properly. Open the mail app in Windows and add an account. Choose Advanced Setup, Exchange Active Sync. As you can see, it requires username, domain address, server name and account name, in addition to email address and password. Since I added the DNS record for Autodeskover service to the Control Panel, I'll show you how to use it, and do it without entering these settings. Autodeskover is the service that automatically sets up mail clients such as Outlook. This is an obligatory requirement to ensure proper access and uninterrupted operation of the hosted Exchange service. The Autodeskover feature reduces to a minimum the user actions required to set up and deployment, and provides users with access to Exchange functionality. For EWS, which stands for Exchange Web Services Clients, the Autodeskover feature is typically used to find the URL address of the EWS endpoint. Autodeskover uses the CNAME DNS record for your domain, and I have previously added this record. Now you only have to type the email address and password in Outlook, and all other settings will be added automatically. Now, the basic configuration for Exchange Server 2019 is over. If you have any questions concerning Exchange Server, post your comments to let us know, and we may cover them in our next video. And that is all. Hopefully, this video was useful. Remember to click the Like button and subscribe to our channel. Thank you for watching and good luck.