Exchange 2013 to 2019 Upgrade

Exchange 2013 to 2019 Upgrade KB ID 0001808

Exchange 2013 to 2019 Upgrade

With Exchange 2013 going end of support (11 Apr 2023) you should be migrating away from it as soon as you can, (as it’s only supported on up to Server 2012 R2), so you should have migrated off it already! It’s been some time since Exchange had any ‘major’ redesigns, 2013 was version 15, 2016 was version 15.1, and 2019 is Version 15.2.

So the Exchange 2013 > 2019 Migration is pretty much the same as it was from 2013 > 2016, or even 2016 > 2019. 

  •  There should be NO Exchange 2010 servers in existence before deploying Exchange 2019. You would need to upgrade to 2013 (CU21 minimum)/2016 (CU 11 minimum) first.
  • There’s no Unified Comms Role with Exchange any more! If you need to upgrade look at Microsoft Teams.
  • Forest Functional Levels should be, (at least) Server 2012 R2.
  • WARNING: Memory recommendations are 128GB (Mailbox server) and 64GB (Edge Transport server). Make sure you have enough compute!
  • Edge Server Role is still supported.
  • Windows Server Core (2019/2022) is supported with Exchange 2019.
  • Windows Server Nano is NOT supported.
  • Windows Server 2019 (Standard or Datacenter) and Windows Server 2022 (Standard or Datacenter) Note: Exchange 2019 CU 12 minimum, are supported host Operating systems.
  • Outlook 2013 (and newer), and Outlook for mac 2016 (and newer) is supported.

Exchange 2013 to 2019 Upgrade: Solution

As with all Exchange migrations make sure your Active Directory Domain/DNS/Existing Exchange organisation is healthy before you start. Then upgrade the existing Exchange to the latest cumulative update.

Exchange 2013 to 2019 Upgrade Prerequisites

You will need your Server 2019 or Server 2022 server fully updated and added to your domain, then to add the required roles and services use the following Powershell commands;

Exchange 2013 to 2019 Upgrade: Adding Exchange Server Roles

[box]Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS[/box]

Note: Now Required on Server 2019: You will need to install .Net 4.8 (link)

For Server 2022: You DON’T need to do this, (it’s already installed).

You need to install the Microsoft Unified Communications API 4.0 (link)

 

You will also need to install Microsoft Visual C++ (link)

You will also now have to install the ‘IIS Rewrite Module’ (link)

Either download the Exchange 2019 install media, or insert the Exchange 2019 DVD, and launch setup.exe > Next > Next > Files will be copied over.

Don’t I need to extend the schema, forest or domain? The setup does all this for you, you don’t need to do this manually anymore, (yes you can manually do this before installing, if you want to, but unless your schema master is in a different root domain, or you’re not a schema admin, then I don’t see the point!)

Introduction Page > Next > At the EULA tick “I Accept…” > Next > Tick “Use Recommended settings” > Next.

Select ‘Mailbox role’, and ‘Automatically install Windows Server roles and features…” > Next > Select the install directory, Note: In production you probably DON’T want this on the Windows System drive > Next > Unless you have a reason to disable Malware scanning then select ‘No’ > Next.

Readiness Checks > Fix any Errors and heed any warnings > Install > The product will install, this will take a long time!

Finish > Reboot the server.

And there’s our new Exchange 2019 Server.

Exchange 2019 EnterProduct Key

Servers > Servers > Select the 2019 Exchange Server > Enter Product Key  > Save

At the warning click OK.

Note: You can also enter the product key using the PoweShellCommand Shell’, if you prefer.

[box]

Set-ExchangeServer {Host-name} -ProductKey 12345-12345-12345-12345-12345

[/box]

 

As directed Restart the ‘Microsoft Exchange Information Store‘ service.

[box]

Restart-Service MSExchangeIS

[/box]

Transfer Exchange Certificate to Exchange 2019

Note: The ability to Export, Import & Renew certificates and creation/completion of certificate requests has been removed from the Exchange Admin Center. These changes will affect all cumulative update (CU) releases of Microsoft Exchange Server 2019 (CU12 and later) and Microsoft Exchange Server 2016 (CU23 and later).

I will leave the older (GUI) method, below for completeness – but all modern Exchange builds will need you to Open the Exchange Management Shell and perform the certificate migration via PowerShell

Transfer Certificates (PowerShell)

On your C: drive create a new folder called CERT  > Open an Administrative Exchange Managment Shell window on the SOURCE Exchange server.

[box]

Get-ExchangeCertificate -Server {Server-Name}

[/box]

Identify the certificate you require (by Subject) > Copy the Thumbprint text > Replace the thumbprint in this text with your thumbprint, then execute the following two  commands.

[box]

$Cert = Export-ExchangeCertificate -Thumbprint 4896265B267C38D39314121C7C6550C6E4DD23AB -BinaryEncoded -Password (ConvertTo-SecureString -String 'PASSWORD' -AsPlainText -Force)

[System.IO.File]::WriteAllBytes('\\New-Server-Name\C$\CERT\CertEx.pfx', $Cert.FileData)

[/box]

Remeber you will need to enable the certificate for the correct services also e.g.

[box]

Get-ExchangeCertificate -Server {New-Server-Name}

COPY the THUMBPRINT

Enable-Exchange Certificate –Thumbprint {Thumb-Print} -Service IIS,SMTP

[/box]

Transfer Certificates (ExchangeAdmin Centre {Older build versions only})

I’m using a wildcard certificate so I want to export the cert form my Exchange 2013 server and import it onto my new Exchange 2019 Server. You will want to do the same if you have a certificate with your public domain name on it and this will be your ‘internet facing’ Exchange server. Servers > Certificates > Select the Exchange 2013 Server, in the drop down menu > Select The Certificate > Click the ellipsis (three dots) > Export Exchange Certificate > Supply a UNC path and password > OK.

Change the Dropdown to the Exchange 2019 Server > Click the ellipsis > Import Exchange Certificate > Supply the UNC path and password you used (above) > Next.

Add in the Exchange 2019 Server > Finish.

Exchange 2013 to 2019 Upgrade Exchange 2019 Assign Services to Certificate

Select the newly imported certificate> Edit > Services > Select the services > Save > Note: Here I’m selecting SMTP and IIS. (You can’t use a wildcard cert for IMAP,POP).

Exchange 2019 Changing the Exchange Web Services URLs

Exchange relies heavily on web based services, and it needs the URLs setting accordingly (remember for Outlook Anywhere/OWA etc you might need to change firewall settings or repoint load balancers WAP server etc to the NEW 2019 server (and let it proxy these connections to the older Exchange servers, while they still exist).

[box]

Get-WebServicesVirtualDirectory -Server EXCH-2019 | Set-WebServicesVirtualDirectory -InternalUrl https://mail.domainx.com/ews/exchange.asmx -ExternalURL https://mail.domainx.com/ews/exchange.asmx

Set-OWAVirtualDirectory -identity "EXCH-2019\owa (Default Web Site)" -InternalURL https://mail.domainx.com/owa -ExternalURL https://mail.domainx.com/owa

Get-OABVirtualDirectory -Server EXCH-2019 | Set-OABVirtualDirectory -InternalURL https://mail.domainx.com/OAB -ExternalURL https://mail.domainx.com/OAB

Get-ECPVirtualDirectory -Server EXCH-2019 | Set-ECPVirtualDirectory -InternalURL https://mail.domainx.com/ECP -ExternalURL https://mail.domainx.com/ECP

Get-MAPIVirtualDirectory -Server EXCH-2019 | Set-MAPIVirtualDirectory -InternalURL https://mail.domainx.com/MAPI -ExternalURL https://mail.domainx.com/MAPI -IISAuthenticationMethods NTLM,Negotiate

Get-ActiveSyncVirtualDirectory -Server EXCH-2019 | Set-ActiveSyncVirtualDirectory -InternalURL https://mail.domainx.com/Microsoft-Server-ActiveSync -ExternalURL https://mail.domainx.com/Microsoft-Server-ActiveSync

Set-OutlookAnywhere -identity "EXCH-2019\RPC (Default Web Site)" -ExternalHostname mail.domainx.com -InternalHostname mail.domainx.com -InternalClientsRequireSSL $true -ExternalClientsRequireSsl $true -ExternalClientAuthenticationMethod:NTLM

Set-ClientAccessService -Identity EXCH-2019 -AutoDiscoverServiceInternalUri https://mail.domainx.com/Autodiscover/Autodiscover.xml

[/box]

Exchange 2019 Rename Mailbox Database

Servers > Databases > Exchange always gives databases annoying names > Select the Database on the 2019 Exchange Server > Edit > Rename it  > Save.

Note: The path to the Database retains the original name (we will fix that in the next step).

 

Exchange 2013 to 2019 Upgrade: Move Mailbox Database

I’m pretty old school, I like my Exchange databases on their own drive/partition, and I like the logs on another drive/partition. To move both the Database and the Logs;

[box]

Move-DatabasePath -Identity Database-Name -EdbFilePath X:\Folder\Database\Database-Name.edb -LogFolderPath L:\Folder\Log-Folder\

[/box]

Add Exchange 2019 to the Send Connector

Mail Flow > Send Connectors > Select your mail SMTP connector(s) > Edit > Scoping > Source Server section > Add > Add in the new server > OK > Save.

Note: The Exchange server will now need to have TCP port 25 (SMTP) open outbound on your corporate firewall.

Hybrid (On-Prem) Exchange Migration Note

If your on-premise Exchange is part of an Office 365 Hybrid deployment you will need to add the new server to the ‘scope’ for that connector also!

Exchange 2013 to 2019 Upgrade: Decommission Exchange 2013

From this point forward we are going to start getting rid of our Exchange 2013 server, they can of course coexist, (if you wanted to wait a while).

For that reason I change the ‘mail flow’ on the firewall to point to the new Exchange server at this point, and the HTTP access for OWA, Outlook Anywhere,  and Phone/Tablet access.

Exchange 2013 to 2019 Upgrade Exchange 2013 Mailbox Migration

Yes you can do this in the Exchange Admin Center (GUI), but I prefer to do this in PowerShell. But if I don’t put this here, I’ll get emails! Recipients > Migration  > Add > Move to a different Database > Add in the mailboxes/users > Next.

Give the ‘Batch’ a name > Select to move Archive mailboxes (if you have them) > Select the destination (Exchange 2019) Database > Again if using archive mailboxes, select the target archive mailbox database > Set the bad Item limit to 99 > Next > Select Automatically Start > Select Automatically Finish > New. 

From this point, this is where I don’t like the EAC it takes AGES to update with progress! From the Exchange Shell you can get an up to date view of that is going on!

[box]

Get-MoveRequest | Get-MoveRequestStatistics

[/box]

For a better list of commands for moving user mailboxes, monitoring the migration, (and removing the move requests when you are finished). See the following article;

Exchange: PowerShell Commands

With ALL Mailboxes migraitons, DON’T FORGET that on sucessfull completion, you need to remove the move requests. (If somehting fails, or displays an error, don’t forget to search for that error (above) before going to Google!

Exchange 2013 to 2019 Upgrade: Migrating Exchange System Mailboxes

Before you start issue the following command;

[box]

Set-AdServerSettings -ViewEntireForest $true

[/box]

In addition to the user mailboxes there are a multitude of different ‘System mailboxes’ that might be hanging around, before we can get rid of the Exchange 2013 Database(s) we need to migrate those.

Firstly AuditLog Mailboxes

[box]

Get-Mailbox -AuditLog -Database "Mailbox-Database-2013"

[/box]

If there are any!

[box]

Get-Mailbox -AuditLog -Database "Mailbox-Database-2013" | New-MoveRequest -TargetDatabase "Mailbox-Database-2019"

[/box]

Then Arbitration Mailboxes

[box]

Get-Mailbox -AuditLog -Database "Mailbox-Database-2013" -Arbitration

[/box]

If there are any!

[box]

Get-Mailbox -AuditLog -Database "Mailbox-Database-2013" -Arbitration | New-MoveRequest -TargetDatabase "Mailbox-Database-2019"

[/box]

Then Monitoring Mailboxes

[box]

Get-Mailbox -Monitoring -Server "Mail-2013"

[/box]

If there are any!

[box]

Get-Mailbox -Monitoring -Server "Mail-2013" | New-MoveRequest -TargetDatabase "Mailbox-Database-2019"

[/box]

Make sure there are no archive mailboxes;

[box]

Get-Mailbox -Auditlog -Database “Database-Name” -Archive

[/box]

If there are, move them, (as above).

Also move any  Discovery mailboxes, and move them to 2019;

[box]

Get-Mailbox DiscoverySearchMailbox* | New-MoveRequest -TargetDatabase “Mailbox-Database-2019

[/box]

Exchange 2013 to 2019 Upgrade Migrating Public Folders 

Remember after Exchange 2013 these are just mailboxes! You can move them like any other mailbox 🙂

Delete Exchange 2016 Database(s)

When you are 100% sure there’s nothing left on the old database(s) remove them;

[box]

Get-MailboxDatabase -Identity "Mailbox-Database-2013" | Remove-MailboxDatabase

[/box]

Uninstall Exchange 2013

Your install directory may not be on the C: drive so change your path accordingly;

[box]

cd "C:\Program Files\Microsoft\Exchange Server\V15\Bin
setup.exe /mode:uninstall

[/box]

At this point make sure your backup/replication software is pointed to the new Exchange 2019 Server.

 

Note: If you are running an On-Premise Exchange in Hybrid mode, and post migration if you have any mail flow problems see the following article;

No Mail Flow On-Premise To/From Office 365

Related Articles, References, Credits, or External Links

Exchange 2019 Migration from Exchange 2016

Exchange 2019 / 2016 Manage Remotely via PowerShell

KB ID 0001465

Problem

Since Exchange 2013 we have been able to manage Exchange remotely through the Exchange Admin Center, but what if you want to use the Exchange Management Shell remotely?

Install Exchange Management Tools

This is not just the Management Shell, this will also install the Toolbox and additional help.

There are few prerequisites, but to install from a normal PowerShell prompt;

[box]

Enable-WindowsOptionalFeature -Online -FeatureName IIS-ManagementScriptingTools,IIS-ManagementScriptingTools,IIS-IIS6ManagementCompatibility,IIS-LegacySnapIn,IIS-ManagementConsole,IIS-Metabase,IIS-WebServerManagementTools,IIS-WebServerRole

./Setup.exe /Role:ManagementTools /IAcceptExchangeServerLicenseTerms

[/box]

Once Installed, You can launch the Shell itself, or you can add the Exchange PowerShell commandlets to a normal Powershell session, with the following command;

[box]

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn;

[/box]

For older versions of Exchange, the commands are slightly different;

  • Exchange 2010: Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010;
  • Exchange 2007 :Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin;

Connect to Exchange Remotely (via PowerShell)

It’s a Windows server after all, so you can bring up a remote session, first give it an account with some Exchange administrative privileges;

[box]

$UserCredential = Get-Credential

[/box]

Then connect the the Exchange Server;

[box]

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://Server-Name/PowerShell/ -Authentication Kerberos -Credential $UserCredential

Import-PSSession $Session -DisableNameChecking

[/box]

Note: As above, don’t forget to disconnect the session the you have finished.

[box]

Remove-PSSession $Session

[/box]

Related Articles, References, Credits, or External Links

NA

How To Install Exchange 2016 (Greenfield Site) – Part 1

KB ID 0001301 

Problem

As the title implies, this article assumes you do not already have Exchange of any flavour in your organisation. If you do and you simply want to migrate to Exchange 2016, then this is NOT the article you want, instead head to the following link;

Migration From Exchange 2010/2007 to Exchange 2016 (& 2013)

Solution

Now before you sit at the keyboard there are a few things to consider;

Media: At the time of writing the Exchange 2013 CU5 download is over 5GB in size, if the site you are deploying on has a slow internet connection then you might want to consider getting the media and all the prerequisite software copied to disk before you start.

AV Software: Does you current AV solution have a product supported for Exchange 2016? 

Backup: Does you current backup solution fully cover Exchange 2016?

Exchange 2016 Outlook Software Requirements

Only the following are supported for Exchange 2016;

  • Outlook 2010 (fully updated).
  • Outlook 2013 (full updated).
  • Outlook 2016 (fully updated).

Note: In previous versions it would state the service pack and specific updates that needed to be applied, now the requirement is ‘fully updated’.

Exchange 2016 Hardware Requirements

Obviously a 10 thousand mailbox server processing 1 thousand emails a day, will have very different requirements to a server with 10 mailboxes processing 50 emails a day!

CPU: x64 bit processor, See this post for the sizing

RAM: 8 GB (Minimum) for Mailbox servers 4GB (minimum for Edge Transport Servers).

HDD: 30GB for mail-stores, plus 500MB per language pack, and an additional 200MB free space on the system drive.

Exchange 2016 Operating System Requirements

  • Windows Server 2012 Standard or Data Center, (not Core editions).
  • Windows Server 2012 Standard or Data Center, (not Core editions).
  • Windows Server 2016 Standard or Data Center, (not Nano editions). Note: Requires Exchange 2016 Cu3 of greater for Mailbox AND Edge roles.*
  • Windows 10 (Management tools only).
  • Windows 8.1 (Management tools only).

*Although on the supported list, Microsoft have recommended that you DO NOT install the edge role on a 2016 Server.

Note: If you have not installed Windows Server before ensure you choose the desktop experience option when you install it.

Exchange 2019/2016/2013 Licensing

As with all Microsoft products you need to be licensed to install them, the server itself comes in two licensing flavours;

  • Standard : 1 to 5 Mailbox databases.
  • Enterprise: 1 to 100 Mailbox databases.

And to access the servers, each client will need a CAL (Client Access Licence). As with previous versions they have given them the same names to confuse everyone! You do not need an Enterprise CAL for Enterprise Exchange, for example. The enterprise CAL just gives you some more features.

  • Standard: The minimum required to access Exchange, (per database journaling/archiving).
  • Enterprise: Same as above but allows per user journaling/archiving, DLP (Data Loss Protection), IRM (Information rights management search facility), and IPC (Information Protection and Control).

Related Articles, References, Credits, or External Links

How To Install Exchange 2016 (Greenfield Site) – Part 2

Deploying Exchange 2013 (Greenfield Site)

Exchange 2010 (c/w SP1) Install – Greenfield Site

Install SCCM 2007 on Windows Server 2008 R2 – Step by Step

KB ID 0000297

Problem

I had to work out how to do this for a client, and as is my modus operandi, I’ll try and save you some of the pain I endured,

Products Used

System Center Configuration Manager 2007 SP2 Windows Server 2008 R2 SQL 2008 R2 (At time of writing neither officially supported or not supported on SCCM)

Note: I was originally going to use SQL 2005 – hence the reason the SQL servers name is SCCM-SQL2005, however I bit the bullet and used SQL 2008 R2 instead.

Solution

Step 1: SCCM Domain pre install work.

1. Create two groups in Active Directory.

a. sccm administrator group SCCM-ADMIN b. sql administrator group SQL-ADMIN

2. Add both groups to the Domain Admin’s group.

3. Create two new users: sccmadmin and sqladmin.

4. Add sccmadmin to SCCM-ADMIN group and add sqladmin to SQL-ADMIN group.

Step 2: SCCM Pre requisites

1. Add the IIS (Web Server Role).

2. Add the following IIS Role Services:

a. HTTP redirection. b. ASP.Net

c. Windows Authentication. d. IIS6 Metabase compatibility. e. IIS6 WMI compatibility.

3. Add the following “server Features”:

a. Background Intelligent Transfer Service. b. Remote Differential Compression.

4. If you are NOT running Windows Server 2008 R2 Download and install WebDav (already included in Windows Server 2008 R2). If you are running R2 skip to the next step.

5. Server Manager > Roles > Web Server (IIS) > Add Role Services > WebDAV Publishing > Next > Close.

6. To enable WebDav > Start > Administrative Tools > Internet Information Services (IIS) Manager > Expand {server name} > Sites > Default Web Site > WebDav Authoring Rules.

7. Select Enable WebDav (On the right hand side).

8. Select add authoring Rule > All Content > All Users > Permissions > Read > OK.

9. Select the rule you have just created > WebDav Settings.

10. Change “Allow Anonymous Properties Queries” to True > Change “Allow Custom Properties” to False > Change “Allow Property Query with Infinite Depth” to True > Change “Allow hidden files to be listed” to True > Apply.

11. WSUS needs to installed on the SCCM server – Note Server 2008 R2 needs (WSUS Server Update Services 3.0 SP2). If you try and install SP 1 you will see this error.

12. From the WSUS installation choose “Full server installation” > DO NOT accept the default “Use the existing IIS Default Web site” > Use “”Create a Windows Server Update Services 3.0 SP2 Web site” (Note: this will use port TCP 8530 by default).

Step 3: SCCM Install SQL Server.

1. From the SQL install media run setup.exe > Installation > “New Installation or add features to an existing Installation” > OK.

2. Enter product Key if applicable > Next > “I accept…” > Next > Install > Next > Next.

3. Tick Database Engine Services > Tick Management Tools (Basic and Complete) > Next.

4. Next > Accept the defaults > Next > Next.

5. On the Server configuration Page > Select “Use the same account for all SQL Server services > Select the User you created originally (sqladmin) > Set the SQL Server Agent and SQL Server Database Engine Startup type to “Automatic” > Next.

6. Accept “Windows Authentication” > Add in your SCCM-ADMIN group and SQL-ADMIN group > Next > Next > Next > Install.

7. When it’s completed click close.

Step 4: Prepare Active Directory for SCCM

1. Extend the schema > From the install media > SMSSETUP > BIN > 1386 > extadsch.exe

2. Check the above was successful by opening the c:extADsch.txt file it should say “”successfully extended the Active Directory Schema”.

3. We now need to create some active directory objects go to a domain controller > Start > Administrative tools > ADSI Edit > Action > connect to > leave everything on its defaults > OK.

4. Expand the Default naming context > Expand your domain name > Right click “system” > New > Object > Container > Next.

5. Call it “System Management” > Next > Finish > Close ADSI Edit.

6. Still on the domain controller > Start > dsa.msc {enter} > View > Advanced.

7. Expand “system” > Locate the container you created “System Management” > right click it and select properties > Security Tab > Add > Object Types > Tick Computers > OK.

8. Click Advanced > Find Now > Locate and add the SCCM-ADMIN group you created earlier > Also add the SCCM Server itself > OK.

9. Grant allow “Full Control” to both the SCCM admin group and the SCCMserver.

10. Now click advanced > Select the SCCM-ADMIN group > Edit.

11. Change the “Apply to” section from “This object only” to “This object and all descendant objects” > OK > Apply > OK.

12. Repeat the above for the SCCM-Server object.

Step 5: Install SCCM

1. Log on as the sccadmin user.

2. From within the SCCM setup media run splash.hta > Run the Pre requisite checker > Enter the SQL Server name > SCCM server name and the FQDN of the SCCM server > OK.

3. Note If you cannot talk to the SQL server then check that the Windows firewall is not blocking you (on the SQL server Start > run > firewall.cpl > Turn it off).

4. All being well it should say “All required pre requisite tests have completed successfully” > OK.

5. Re-run Splash.hta > This time choose > Install configuration Manager 2007 SP2 > Next > “Install Configuration Manager site Server > Next.

6. Tick “I accept these License terms > Next > Custom Install > Next > Primary Site > Next > Next > enter unlock code is applicable > Next > Accept/change the install directory > Next > Enter a Site code and friendly name > Next.

DO NOT ever try and change this code and don’t forget it!!

7. Change the Site mode to “Configuration Manager Mixed Mode” (Native mode requires certificate services and considerably more work). > Next.

8. Accept the defaults (everything except NAP) > Next.

9. Enter your SQL server name > Next > Next > Next > Next > Next.

10. Select a location to install the updates to > Next.

11. Updates will download this may take some time > when finished it should say it was successful > OK > Next.

12. It will run the pre requisite check again > when finished click begin install.

13. When finished click Next > Finish.

14.Now you need to send out the clients and configure SCCM, I’ll cover that in a later article.

Related Articles, References, Credits, or External Links

SCCM 2007 Initial Setup and Configuration

SCCM OSD Capture a Windows 7 Reference Machine

Deploying Exchange 2013

Part Two – Prerequisites for Windows Server 2008 R2

KB ID 0000717

Problem

Originally I was just going to write a ‘Prerequisite for Exchange 2013’ article, but the needs of Windows Server 2008 R2 are so much greater than those of Windows Server 2012, I split them up. With that in mind, Id suggest you use Window s server 2012 rather than 2008 R2. (It will be supported for longer).

But if you are determined read on.

Solution

Planning ‘Time spent on reconnaissance is seldom wasted’

If you are going to deploy Exchange 2013 within your organisation, then you either already have Exchange (or another mail server product), or it’s a ‘Greenfield Site’.

You already have Exchange

Coexistence with Exchange 2003 is not supported, before you consider bringing in Exchange 2013, you will need to migrate to Exchange 2010, (a migration to Exchange 2007 would also work, but Exchange 2010 would be more sensible). Exchange 2013 Server can coexist in the same Exchange environment with both Exchange 2007 and Exchange 2010.

Exchange 2003 to 2010 Transition “Swing Migration”

Make Sure you have the DVD or ISO file for Exchange 2013, you don’t want to download a 3.5GB File at a clients site through a slow ADSL Link! Also the prerequisite software is pretty big, get all that burned to disk, or on a USB Drive before you start.

Software Requirements

Well we are installing on Server 2008 R2 (Standard/Enterprise or Datacenter, though if you plan to deploy this server as part of a DAG Group, it needs to be Enterprise/Datacenter), so what else would you need to worry about? How about backup software? Does your current backup solution support Exchange 2013? Also check with your anti-virus/antispam vendor that 2013 wont be a problem. Do you have any mail archiving software, custom email signature software etc? Take a good look at the software packages in your existing mail system to make sure.

Outlook Client Access: Be aware your clients need to be using the following versions of Outlook BEFORE you migrate them.

  • Outlook 2013.
  • Outlook 2010 (With SP1 and this update).
  • Outlook 2007 (With SP3 and this update).
  • Outlook for Mac 2011.
  • Entourage 2008 for Mac, Web Services Edition.

Hardware Requirements

1. CPU: As you’re planning on deploying with Windows Server 2008 R2 you will already have a server with an x64 bit CPU to deploy Exchange 2013 on, though IA64 is NOT supported.

2. RAM: This is dependent on what roles the server will have, for a Client Access Server the recommendation is 4GB, for a Mailbox Server it’s 8GB. And if the server will hold both roles the figure remains at 8GB. Though if I were deploying an Exchange 2013 Server in anger I would start at 12GB for a small (less than 80 mailbox’s) deployment and work upwards.

3. Disk Space: The drive which will hold the Exchange program files needs 30GB free space (that seems like a lot!) then there are some smaller figures you need to add up,

500MB per Universal Massaging Pack Language you are going to deploy.
200MB free on the servers system (OS) drive.
500MB free on the drive that will house the message queue database.

If the server will be a Mailbox server then it will need sufficient room to store the mailbox/public folder databases.

4. DVDROM Drive: Actually this is not really a requirement, but I’m mentioning it because a few modern servers ship without DVDROM drives now. You don’t want to go to site with a disk and look like a clown! Exchange 2013 will deploy quite happily from an ISO image. (If in doubt use 7ZIP to extract the ISO to a folder, and take that with you).

Pre Deployment – Environment

1. The Windows 2008 R2 server should be at least SP1. (If in doubt, Windows Key+R > winver {enter}).

2. Your forest functional level should be at least Windows Server 2003. To see your forest functional level, Windows Key > Active Directory Domains and Trusts > Action > Raise Forest Functional Level.

3. The domain controller that is holding the Schema Master FSMO role in your domain, needs to be at least Windows Server 2003 SP2. To see which server is the schema master server, run the following command;

[box]netdom query /domain:YOURDOMAINNAME fsmo[/box]

Note: In this example, I’m on a standalone server, that’s also a domain controller (not recommended for production environments!). In a live environment you may need to plan in some downtime to update the schema master.

4. The server you are deploying on, must already be a member of your domain.

5. Run Windows Update, and make sure the server is fully up to date.

6. You will need to install both .Net 4.5 and Windows Management Framework 3.0 (That’s new WMI and Powershell 3 in case you were wondering), and Windows Management Framework 3.0. (Note: you need the Windows6.1-KB2506143-x64 version).

Note: These two pieces of software are needed on the server that will prepare the Active Directory, so they are not strictly prerequisites for Exchange 2013.

7. The Exchange 2013 Server needs the AD DS (RSAT) administration tools installing. To do that simply run the following command;

[box]Add-WindowsFeature RSAT-ADDS[/box]

Note: If you skipped step 6 then you will see the following error;

The term ‘Add-WindowsFeature’ is not recognized as the name of a cmdlet function, script file, or operable program.

Pre Deployment – Roles Required

Like previous versions of Exchange, you need to add certain roles to the server before you can install the product. Which roles you need, depend on whether you are deploying a server with the client access server role, or the mailbox server role (Note: if the server will hold BOTH roles, then the roles for mailbox server will cover both.)

Mailbox Server (Or Mailbox Server with Client Access Sever) – Roles Required

1. Issue the following PowerShell command;

[box]Import-Module ServerManager[/box]

2. Issue the following PowerShell command;

[box]Add-WindowsFeature Desktop-Experience, NET-Framework, NET-HTTP-Activation, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Web-Server, WAS-Process-Model, Web-Asp-Net, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI [/box]

2. After running this command you may need to reboot.

3. Once complete you need to install the Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit.

4. Then install the Microsoft Office 2010 Filter Pack 64 bit

5. Then install the Microsoft Office 2010 Filter Pack SP1 64 bit

Note: At time of writing there is no Office 2013 Filter pack. I suspect that when it is released, it will need installing instead of the Office 2010 version, (that’s what happened with Exchange 2010 anyway).

6. Then install the Windows Identity Foundation (KB974405). Note: Download Windows6.1-KB974405-x64.msu

7. Then install the Knowledge Base article KB2619234 (Enable the Association Cookie/GUID that is used by RPC over HTTP to also be used at the RPC layer in Windows 7 and in Windows Server 2008). Note: This update requires a reboot.

8. Then install the Knowledge Base article KB2533623 (Insecure library loading could allow remote code execution). If you are fully up to date you may find that this update will not be applicable to your system, and you will see the following popup.

Client Access Server Only – Roles Required

The only difference for a server running the Client Access Role is that .Net 4.5 and the WindowsManagement Framework are not requirements. However if you have been following all the steps you will already have them installed. And having them installed will cause you no problems. So, follow all the same steps, and install all the roles and software that is required for the ‘Mailbox/Combined Mailbox and Client Access Server’.

Related Articles, References, Credits, or External Links

Deploying Exchange 2013 – Part One – Prerequisites for Windows Server 2012

Deploying Exchange 2013 – Part Three – Deploying Exchange 2013 On a ‘Greenfield Site’

 

Deploying Exchange 2013

Part One – Prerequisites for Windows Server 2012

KB ID 0000716 

Problem

Originally I was just going to write a ‘Prerequisite for Exchange 2013’ article, but the needs of Windows Server 2008 R2 are so much greater, I split them up.

Solution

Planning ‘Time spent on reconnaissance is seldom wasted’

If you are going to deploy Exchange 2013 within your organisation, then you either already have Exchange (or another mail server product), or it’s a ‘Greenfield Site’.

You already have Exchange

Coexistence with Exchange 2003 is not supported, before you consider bringing in Exchange 2013, you will need to migrate to Exchange 2010, (a migration to Exchange 2007 would also work, but Exchange 2010 would be more sensible). Exchange 2013 Server can coexist in the same Exchange environment with both Exchange 2007 and Exchange 2010.

Exchange 2003 to 2010 Transition “Swing Migration”

Warning: Even at Exchange 2010 – You cannot upgrade to Exchange 2013 without Service Pack 3.

Make Sure you have the DVD or ISO file for Exchange 2013, you don’t want to download a 3.5GB File at a clients site through a slow ADSL Link! Also the prerequisite software is pretty big, get all that burned to disk, or on a USB Drive before you start.

Software Requirements

Well we are installing on Server 2012 (Standard or Datacenter) so what else would you need to worry about? How about backup software? Does your current backup solution support Exchange 2013? Also check with your anti-virus/antispam vendor that 2013 wont be a problem. Do you have any mail archiving software, custom email signature software etc? Take a good look at the software packages in your existing mail system to make sure.

Outlook Client Access: Be aware your clients need to be using the following versions of Outlook BEFORE you migrate them.

  • Outlook 2013.
  • Outlook 2010 (With SP1 and this update).
  • Outlook 2007 (With SP3 and this update).
  • Outlook for Mac 2011.
  • Entourage 2008 for Mac, Web Services Edition.

Hardware Requirements

1. CPU: As you’re planning on deploying with Windows Server 2012 you will already have a server with an x64 bit CPU to deploy Exchange 2013 on, though IA64 is NOT supported.

2. RAM: This is dependent on what roles the server will have, for a Client Access Server the recommendation is 4GB, for a Mailbox Server it’s 8GB. And if the server will hold both roles the figure remains at 8GB. Though if I were deploying an Exchange 2013 Server in anger I would start at 12GB for a small (less than 80 mailbox’s) deployment and work upwards.

3. Disk Space: The drive which will hold the Exchange program files needs 30GB free space (that seems like a lot!) then there are some smaller figures you need to add up,

500MB per Universal Massaging Pack Language you are going to deploy.
200MB free on the servers system (OS) drive.
500MB free on the drive that will house the message queue database.

If the server will be a Mailbox server then it will need sufficient room to store the mailbox/public folder databases.

4. DVDROM Drive: Actually this is not really a requirement, but I’m mentioning it because a few modern servers ship without DVDROM drives now. You don’t want to go to site with a disk and look like a clown! Exchange 2013 will deploy quite happily from an ISO image. (If in doubt use 7ZIP to extract the ISO to a folder, and take that with you).

Pre Deployment – Environment

1. The Windows 2012 server should be at least RTM, and should NOT be pre-release (If in doubt, Windows Key+R > winver {enter}). The build number should be at least 9200.

2. Your forest functional level should be at least Windows Server 2003. To see your forest functional level, Windows Key > Active Directory Domains and Trusts > Action > Raise Forest Functional Level.

3. The domain controller that is holding the Schema Master FSMO role in your domain, needs to be at least Windows Server 2003 SP2. To see which server is the schema master server, run the following command;

[box] netdom query /domain:YOURDOMAINNAME fsmo [/box]

Note: In this example, I’m on a standalone server, that’s also a domain controller (not recommended for production environments!). In a live environment you may need to plan in some downtime to update the schema master.

4. The server you are deploying on, must already be a member of your domain.

5. Run Windows Update, and make sure the server is fully up to date. You will find Windows Update in Server Manager > Local Server.

6. Windows Server 2012 comes pre installed with .Net 4.5 and Windows Management Framework 3.0 (That’s new WMI and Powershell 3 in case you were wondering). So there’s nothing to do for this step, I only mention it for completeness.

7. The Exchange 2013 Server needs the AD DS (RSAT) administration tools installing. To do that simply run the following command;

[box] Install-WindowsFeature RSAT-ADDS [/box]

Note: As previously stated, the server used in the example above is a domain controller, so it already had the tools installed, hence the NoChangeNeeded exit code.

Pre Deployment – Roles Required

Note: From THIS POINT FORWARD, all roles can now installed with the RTM release of Exchange 2012 during setup. The following will only need to be carried out if you are installing the pre-release version of Exchange 2013.

Like previous versions of Exchange, you need to add certain roles to the server before you can install the product. Which roles you need, depend on whether you are deploying a server with the client access server role, or the mailbox server role (Note: if the server will hold BOTH roles, then the roles for mailbox server will cover both.)

Client Access Server Only – Roles Required

1. Issue the following PowerShell command;

[box] Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation [/box]

2. After running this command you may need to reboot.

3. Once complete you need to install the Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit.

Mailbox Server (Or Mailbox Server with Client Access Sever) – Roles Required

1. Issue the following PowerShell command;

[box] Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation[/box]

2. After running this command you may need to reboot.

3. Once complete you need to install the Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit.

 

4. Download and Install the Microsoft Office 2010 Filter Pack 64 bit

5. Download an Install the Microsoft Office 2010 Filter Pack SP1 64 bit

Note: At time of writing there is no Office 2013 Filter pack. I suspect that when it is released, it will need installing instead of the Office 2010 version, (that’s what happened with Exchange 2010 anyway).

Related Articles, References, Credits, or External Links

Deploying Exchange 2013 – Part Two – Prerequisites for Windows Server 2008 R2

How To Install Exchange 2016 (Greenfield Site)

Exchange 2010 (c/w SP1) Install – Greenfield Site

(Installing on Server 2008 R2)

KB ID 0000416

Problem

Microsoft have not only slipstreamed the service pack into the install media, they have (Finally!) got the install routine to put in all the usual pre-requisites, roles, and features, that you had to do yourself before. (With the exception of the Microsoft 2010 filter pack, but even then you can do that after the install).

The procedure below was done on a single server in a test environment, to demonstrate the simplified procedure, it IS NOT good practice to install Exchange (any version) on a domain controller.

Solution

Before Site Visit

1. Have your install media downloaded and ready to go (Make sure you also have the unlock codes for Exchange – or you will have 119 days to licence it, post install).

2. Does your current anti virus solution support Exchange 2010? Do you need an upgrade?

3. Does your current backup software support Exchange 2010? Do you need to purchase extra remote agents or updates?

Before Deploying Exchange 2010

1. Depending on what documentation you read, some say that the global catalog server(s) in the current site need to be at least Server 2003 SP2. Other documentation says the schema master needs to be at least Server 2003 SP2. Let’s hedge our bets, and make sure that ALL the domain controllers are at least Server 2003 SP2 🙂

2. Your domain and forest functional levels need to be at Windows Server 2003.

3. Don’t forget – your server needs to be x64 bit (the video below was shot on a Server 2008 R2 server).

4. Make sure both the server you are installing on, and the Windows domain, are happy (get into the event viewers of your servers and have a good spring clean before deploying Exchange 2010).

5. Install the Office 2010 Filter Pack, and the Office 2010 Filter Pack Service Pack 1.

6. Install the roles required with the following PowerShell Commands;

[box]

Import-Module ServerManager

For Client Access, Hub Transport, and the Mailbox roles issue the following command;

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy,Web-WMI -Restart

For Client Access and Hub Transport server roles issue the following command;

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy,Web-WMI -Restart

For only the Mailbox role issue the following command;

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server -Restart

For only the Unified Messaging role issue the following command;

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Desktop-Experience -Restart

For only the Edge Transport role issue the following command;

Add-WindowsFeature NET-Framework,RSAT-ADDS,ADLDS -Restart

[/box]

7. Set the Net.Tcp Port Sharing Service for Automatic startup by running the following command;

[box]Set-Service NetTcpPortSharing -StartupType Automatic[/box]

Exchange 2010 (c/w SP1) Install – Greenfield Site

The single best thing Microsoft has done with the SP1 install media, is to include this tick box.

Related Articles, References, Credits, or External Links

How To Install Exchange 2016 (Greenfield Site)