Exchange Server

How to configure an on-prem Exchange 2016 server using Windows Server 2016 as the host OS.

Step-by-step guide

Please follow the steps below in order. 

Note: You need a Windows Server 2016 version greater than 14393.576 (use winver to check this). If your system is not above 14393.576 you will need the KB3206632 security update or its replacement (KB3213522).

1. First, you will need to install the following software:

• .NET Framework 4.8

• Run the following commands in PowerShell.

Install-WindowsFeature RSAT-ADDS

Install-WindowsFeature NET-Framework-45-Features, Server-Media-Foundation, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

• Visual C++ Redistributable Package for Visual Studio 2012

• Visual C++ Redistributable Package for Visual Studio 2013

• Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit

2. Now you are ready to install the Exchange Mailbox on the system. You will need to download the latest version of the Exchange server from here. At the time of writing this the most recent version is Exchange 2016 CU19.

3. Once the ISO is downloaded, mount it and run the Setup.exe file located in the root directory.

4. Now you will run through the installer wizard. Use the below options to install the Exchange server.

• "Don't check for updates right now".

• "I accept the terms in the license agreement".

• "Use recommended settings".

• "Mailbox role" and "Automatically install Windows Server roles...".

• Use the default install location (C:\Program Files\Microsoft\Exchage Server).

• Set your organization as the organization name.

• "No" For disable malware scanning.

Once you have the Exchange server installed you will need to configure it to receive emails.

5. Open the Exchange admin pannel on the Exchange server (https://localhost/ecp).

• The standard user login page will be https://localhost/owa.
• If you want to adjust localhost to redirect to localhost/owa select the default site in IIS, then HTTP Redirect, then select redirect request. Enter /owa as the redirect then select only request to this directory.
• If you receive a 403 Error you will need to open the Default Site in IIS, click SSL Settings, and uncheck the box for Require SSL. Then hit apply.
• If you want to adjust the login format away from "Domain\User" you can go to Servers, virtual directories, then select owa and hit edit. Click authentication and change to username only and select the default domain.

6. Once logged into the admin panel select "mail flow" and then accepted domains. From there add a new entry for the root domain and set it as "Authoritative"

• We need to do this since our root forest in Active Directory should be a subdomain of our company domain and we want to receive emails from the root domain name.

7. Next select email address policies. Here we will create a new policy to set users' email addresses to be [email protected]. Create the new policy and set the email address format to match the previously mentioned format.

• Once you create the email address policy you must apply it for it to work.

8. Now that users have the correct email we will need to set up outbound email rules so they can send mail to people outside of their domain. To do this go to send connectors, create a new one with the following information.

• Name: "External Send" (This doesn't really matter it's just what I have it named as in the example.)

• Type: Internet (This part is important)

• Network Settings: MX record associated with recipient domain.

• Address Spaces:

• Type: SMTP

• FQDN: *

• Cost: 1

• Source Server: Hostname of the local server.

9. Now that we can send emails outbound we need to be able to receive emails. Ensure the following ports are open so the server can receive emails.

• 80/tcp

• 443/tcp

• 143/tcp

• 993/tcp

• 110/tcp

• 995/tcp

• 587/tcp

• 25/tcp

11. Now that the server is configured we must set up DNS records.

• You will need an MX record for your domain pointing to an A record that points to this Exchange server.

• Additionally, you can configure a SPF record by creating a txt record and putting this "v=spf1 ip4:YOUR_IP_HERE -all"

Your Exchange server should be properly configured now. You can use this link to test your server.