Deploying Exchange 2013 SP1 step by step – Part3

In Part2 we requested and installed the wildcard certificate on the first server – exch1.testcompany.com. In Part3 we’ll pace through the setting up a new Autodiscover site and configuring various virtual directories.

Let’s open IIS and create a new site the Autodiscover service will use. 301

Notice that Autodiscover.TestCompany.com must use the same wildcard certificate – TestCompany-WildCard. We also need to add the new A-record to DNS.

302

Next, enable Directory Browsing and set authentication methods:

304

305

Then create the autodiscover virtual directory in EMS

New-AutodiscoverVirtualDirectory -WebSiteName “Autodiscover.TestCompany.com” -WindowsAuthentication $true

and configure Client Access Server:

Set-ClientAccessServer -Identity Exch1 -AutoDiscoverServiceInternalUri   https://Autodiscover.TestCompany/Autodiscover/Autodiscover.xml307

Use Get-AutodiscoverVirtualDirectory and to Get-ClientAccessServer | FL AutoDiscoverServiceInternalUri check the settings:310-1

The easiest way to configure external hostnames is to use the wizard:

312

314

As I decided to use the same external and internal hostnames for Exchange services I must either manually enter ‘mail.testcompany.com’ instead of “exch1.testcompany.com” in EAC or type the corresponding commands in EMS for each virtual directory, for example:

Get-OwaVirtualDirectory -Server Exch1 | Set-OwaVirtualDirectory -InternalURL https://mail.testcompany.com/owa -ExternalURL https://mail.testcompany.com/owa 321-2

After configuring virtual directories let’s set up Outlook Anywhere (servers – Exch1/Properties) and reset IIS.

352 322

Now we can test connection to Exchange server using Outlook 2013 SP1 internally and externally.

1) I run Outlook 2013SP1 on a client computer in the TestCompany.com domain.

OUT-INT1

OUT-INT2

If we right-click the Outlook system tray icon while holding Ctrl key we can check the connection by clicking “Connection status”.

OUT-INT4

2) Before I run Outlook in other domain to simulate external connection I need to install my internal CA’s (from the TestCompany.com domain) root certificate to the client computer in that domain, otherwise Outlook will complain on untrusted certificate.

341

342

After installing this certificate to the “Trusted Root Certification Authorities” certificate store I can run Outlook to test connection externally.

361

362

363

Look! We’ve got a certificate error in spite of installing root CA’s certificate – why? As we can see this certificate arrived from DC.TestCompany.com, NOT from the Autodiscover.TestCompany.com – this is because Outlook first tries to connect to https:/domain.com and only after that to https://autodiscover.domain.com. Upon completion of the first connection attempt to a https://domain.com Outlook realises it is NOT an autodiscover site (as we used autodiscover.testcompany.com when setting up autodiscover) and makes another connection to autodiscover.testcompany.com, – we’ll check it a bit later.

364

Again, hold CTRL and right-click Outlook system tray icon, but this time let’s click “Test E-Mail Autoconfiguration”, enter e-mail address, password and run the test.

391

The Log tab will show what sites and with what results Autodiscover service were using while connecting to TestCompany.com domain.

392

Summary

In Part3 of the series of articles on deploying Exchange 2013SP1 we configured Exchange-specific virtual directories, set up and tested autodiscover service. In Part4 we’ll continue to fine-tune the server by configuring the most important settings.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: