You are on page 1of 49

Lab 1: Installing Exchange Server 2010

Exercise 1: Evaluating Requirements for an Exchange Server Installation


Task 1: Evaluate the Active Directory directory service requirements
1. 2. On NYC-DC1, click Start, right-click Computer, and then click Properties. On the System page, in the Windows edition section, verify that the domain controller operating system is compatible with Exchange Server 2010requirements. Close the System page. Click Start, point to Administrative Tools, and then click Active DirectoryUsers and Computers. Right-click Contoso.com, and then click Properties. In the Contoso.com Properties dialog box, verify that the domain and forestfunctional levels are compatible with the Exchange Server 2010 requirements. Click OK, and then close Active Directory Users and Computers. Click Start, and in the Search box, type adsiedit.msc, and then press ENTER. Right-click ADSI Edit, and then click Connect to.

3. 4. 5. 6.

7. 8. 9.

10. In the Connection Settings dialog box, in the Connection Point section, in the Select a well known Naming Context list, click Configuration, and thenclick OK. 11. In the left pane, expand Configuration[NYC-DC1.Contoso.com], and thenclick CN=Configuration,DC=Contoso,DC=com. 12. Expand CN=Services, and verify that the CN=Microsoft Exchange has notbeen created. 13. Close ADSI Edit.

Task 2: Evaluate the DNS requirements


1. 2. On NYC-SVR2, click Start, and, in the Search box, type cmd, and then press ENTER. At the command prompt, type IPConfig /all, and then press ENTER. Verify that the Domain Name System (DNS) server IP address for the Local AreaConnection 2 is 10.10.10.10. At the command prompt, type Ping NYC-DC1.contoso.com. Verify that youhave network connectivity with the domain controller. At the command prompt, type Nslookup, and then press ENTER. At the command prompt, type set type=all, and then press ENTER.

3.

4. 5.

6.

At the command prompt, type _ldap._tcp.dc._msdcs.Contoso.com, and thenpress ENTER. Verify that an SRV record is returned. Close the command prompt.

7.

Task 3: Evaluate the server requirements


1. 2. On NYC-SVR2, click Start and point to Administrative Tools, and click Server Manager. In the left pane, click Features. Verify that no Windows Server 2008 features are installed, including the Active Directory Domain Services (AD DS)management tools. In the left pane, click Roles. Verify that no Windows Server 2008 roles areinstalled. Click Start and point to Administrative Tools. Verify that Internet Information Services (IIS) Management is not listed. Click Start, click All Programs, click Accessories, click Windows PowerShell,and then click Windows PowerShell. At the PS prompt, type help about_windows_powershell, and then press ENTER. Verify that about_Windows_PowerShell_2.0 is listed. It is installedwith Windows PowerShell v2. Close Windows PowerShell. Click Start, and then click Control Panel.

3. 4. 5. 6.

7.

8. 9.

10. In the Control Panel, click Programs. 11. In the Programs window, click Programs and Features. Verify that MicrosoftFilter Pack 1.0 is installed. Close the Programs and Features window.

Results: After this exercise, you should have evaluated the requirements for Active Directory directory service, DNS, and servers

Exercise 2: Preparing for an Exchange Server 2010 Installation


Task 1: Install the Windows Server 2008 server roles and features
1. 2. On NYC-SVR2, in Server Manager, click Features, and then click Add Features. In the Select Features page, expand Remote Server Administration Tools, expand Role Administration Tools, expand AD DS and AD LDS Tools, expand AD DS Tools, and then select the AD DS Snap-Ins and Command-Line Tools check box. Expand .NET Framework 3.5.1 Features, and then select the .NETFramework 3.5.1 check box. Expand WCF Activation, select the HTTP Activation check box, and thenclick Add Required Role Services. Select the RPC over HTTP Proxy check box, and then click Add RequiredRole Services.

3. 4.

5.

6. 7. 8. 9.

Click Next. On the Web Server (IIS) page, click Next. On the Select Role Services page, under Security, select the DigestAuthentication check box. Under Performance, select the Dynamic Content Compression check box.

10. Under IIS 6 Management Compatibility, select the IIS 6 ManagementConsole check box. 11. Click Next, and then click Install. 12. Click Close. 13. Click Start, point to Administrative Tools, and click Services. 14. In the Services list, double-click Net.Tcp Port Sharing Service. 15. In the Net.TCP Port Sharing Service Properties dialog box, in the Startuptype drop down list, click Automatic, then click Apply. 16. Click Start, wait for the service to start, click OK, and then close the Servicesconsole.

Task 2: Prepare AD DS for Exchange Server 2010 installation


This task requires that the Exchange Server 2010 iso be attached to the NYC-SVR2 virtual machine as a DVD drive. Complete the following steps to attach it: 1. In the 10135A-NYC-SVR2 on localhost Virtual Machine Connection window, on the File menu, click Settings. Click DVD Drive, and then click Image File. Click Browse, and browse to C:\Program Files\Microsoft Learning\10135\Drives. Click EXCH201064.iso, and click Open. Click OK. On NYC-SVR2, click Close to close the AutoPlay dialog box. On NYC-SVR2, open a Command Prompt. Type D:\setup.com /PrepareAD /OrganizationName:Contoso, and thenpress ENTER. Close the command prompt window when the task is complete.

2. 3.

4. 5. 6. 7.

Results: After this exercise, you should have installed the Windows Server 2008 server roles and features, and prepared AD DS for an Exchange Server 2010 installation.

Exercise 3: Installing Exchange Server 2010


Task 1: Install Microsoft Exchange Server 2010
1. Click Start, click Run, type D:\setup.exe, and then click OK. Steps 1 and 2 are unavailable because they are already complete. If the components were not installed, Exchange Server provides links to download the necessary software. Click Step 3: Choose Exchange language option. Click Install only languages from the DVD. Click Step 4: Install Microsoft Exchange. The installation begins copyingfiles. Click Next to begin Exchange Server 2010 Setup. On the License Agreement page, click I accept the terms in the licenseagreement, and then click Next. On the Error Reporting page, click No to disable error reporting, and then click Next. You are disabling error reporting because your virtual machinedoes not have access to the Internet. On the Installation Type page, click Typical Exchange Server Installation,and then click Next. On the Client Settings page, click Yesto configure Exchange Server forOutlook 2003 or Entourage clients, and then click Next.

2. 3. 4. 5. 6. 7.

8. 9.

10. On the Configure Client Access server external domain page, click Next. 11. On the Customer Experience Improvement Program page, click I dont wish to join the program at this time, and click Next. A readiness check takes place to ensure that Exchange is ready to install on the server. This check takesseveral minutes to complete. 12. Click Install. The installation begins, and takes approximately 15-20 minutesto complete. 13. Click Finish. 14. Click Close and Yes to exit Exchange Server 2010 Setup. You are not obtaining the critical updates for Exchange Server 2010 because the virtualmachine does not have Internet connectivity.

Results: After this exercise, you should have installed Exchange Server 2010.

Lab 2: Verifying an Exchange Server 2010 Installation


Exercise 1: Verifying an Exchange Server 2010 Installation
Task 1: View the Exchange Server services
1. 2. On NYC-SVR2, click Start, point to Administrative Tools, and then click Services. Scroll down the list of services, and click the Microsoft Exchange ActiveDirectory Topology service. Review the service description. Review the status of the remaining Exchange Server services. Ensure that allservices that are set for automatic startup are running. Close Services.

3.

4.

Task 2: View the Exchange Server folders


1. 2. Click Start, and then click Computer. Browse to C:\Program Files\Microsoft\Exchange Server\V14. This list of folders includes ClientAccess, Mailbox, and TransportRoles. These three roleswere installed as part of the typical setup. Open TransportRoles. The Hub Transport server role uses these folders. Close Windows Explorer.

3. 4.

Task 3: Create a new user, and send a test message


1. If necessary, click Start, point to All Programs, click Microsoft Exchange Server 2010, and then click Exchange Management Console. In the left pane, click Microsoft Exchange On-Premises. Wait for the initialization to finish, and then click OK to acknowledge that the server isunlicensed. Click Recipient Configuration. Notice that a mailbox for the Administratorand a Discovery Search Mailbox are the only mailboxes created by default. Right-click Recipient Configuration, and then click New Mailbox. Wait forthe New Mailbox wizard to start. Click Next to accept the User Mailbox option. Click Next to accept the New user option. In the First name box, type TestUser.

2.

3.

4.

5. 6. 7.

8. 9.

In the User logon name box, type TestUser. In the Password and Confirm password boxes, type Pa$$w0rd.

10. Click Next. 11. On the Mailbox Settings page, in the Alias box, type TestUser, and then clickNext to accept the mailbox settings. 12. On the Archive Settings page, click Next. 13. Click New to create the new mailbox. 14. Click Finish. 15. Click Start, point to All Programs, and then click Internet Explorer. 16. In the Address bar, type https://NYC-SVR2/owa, and then press ENTER. 17. Click Continue to this website (not recommended) to proceed. 18. Log on as Contoso\TestUserwith a password of Pa$$w0rd. 19. Click OK to accept the default Outlook Web App settings. 20. Click New to create a new message. 21. Click Continue to this website (not recommended). 22. In the Tobox, type Administrator. 23. In the Subject box, type Test Message, and then click Send. 24. Close Internet Explorer. 25. Click Start, point to All Programs, and then click Internet Explorer. 26. In the Address bar, type https://NYC-SVR2/owa and press ENTER. 27. Click Continue to the website (not recommended) to proceed. 28. Log on as Contoso\Administrator with a password of Pa$$w0rd. 29. Click OK to accept the default Outlook Web App settings. 30. Double-click the message from TestUserto read it. Click Continue to thiswebsite (not recommended). 31. Close the message from TestUser. 32. Close Internet Explorer.

Task 4: Run the Exchange Server Best Practices Analyzer tool


1. 2. 3. In Exchange Management Console, in the left pane, clickToolbox. In the center pane, double-click Best Practices Analyzer. Click Do not check for updates on startup. You do this because your virtualmachine does not have Internet access. Click I dont want to join the program at this time. Click Go to the Welcome screen. Click Select options for a new scan. Click Connect to the Active Directory server. In the Enter an identifying label from this scan box, type Post-InstallationTest. Review the options, and then click Start scanning.

4. 5. 6. 7. 8. 9.

10. When the scan is complete, click the View a report of this Best Practices scanlink. 11. On the Critical Issues tab, click Unrecognized Exchange signature. This gives you the option to get information about how to fix the problem or hidethe message. 12. Click Tell me more about this issue and how to resolve it. This opens the Microsoft Exchange Server Best Practices Analyzer Help, and provides specificinformation about the warning and troubleshooting it. 13. Close Exchange Server Best Practices Analyzer Help. 14. Close the Exchange Server Best Practices Analyzer Tool.

Results: After this exercise, you should have verified the successful installation ofExchange Server 2010 by viewing the Exchange Server services and folders. Youshould also have created a new user and sent a test message to that user. Finally,you should have used the Exchange Server Best Practices Analyzer tool to viewinformation about any installation issues.

To prepare for the next module


When you finish the lab, revert the virtual machines back to their initial state. To do this, complete the following steps: 1. 2. 3. 4. 5. On the host computer, start Hyper-V Manager. Right-click the virtual machine name in the Virtual Machines list, and then clickRevert. In the Revert Virtual Machine dialog box, click Revert. In the Virtual Machines pane, click 10135A-VAN-DC1, and then in the Actions pane, click Start. To connect to the virtual machine for the next modules lab, click 10135AVAN-DC1, and then in the Actions pane, click Connect.

Important: Start the VAN-DC1 virtual machine first, and ensure that it is fully started before starting the other virtual machines.

6. 7.

Wait for VAN-DC1 to start, and then start VAN-EX1. Connect to the virtual machine. Wait for VAN-EX1 to start, and then start VAN-EX3. Connect to the virtual machine.

Lab 3: Configuring Mailbox Servers


Exercise 1: Configuring Mailbox Databases
Task 1: Create a new database for the Executive mailboxes
1. On VAN-EX1, click Start, click All Programs, click Microsoft Exchange Server 2010, and then click Exchange Management Console. In the Console Tree, expand Microsoft Exchange, expand Microsoft Exchange On-Premises, expand Organization Configuration, and then clickMailbox. In the Content pane, select the Database Management tab. In the Actions pane, click New Mailbox Database. In the New Mailbox Database Wizard, type Executive in the Mailboxdatabase name field, and then click Browse. In the Select Mailbox Server dialog box, select VAN-EX1, and then click OK. Click Next. In the Database file path field, type C:\Mailbox\Executive\Executive.edb. In the Log folder path field type C:\Mailbox\Executive.

2.

3. 4. 5.

6. 7. 8. 9.

10. Click Next. 11. Click New. 12. Click Finish.

Task 2: Configure the Executive mailbox database with appropriatelimits


1. In the Content pane, select the Database Management tab, right-click on the Executive database, and then click Properties. Click the Limits tab. Type 850000 for Issue warning at (KB). Uncheck Prohibit send at (KB). Type 1024000 for Prohibit send and receive at (KB). Click OK.

2. 3. 4. 5. 6.

Task 3: Move the existing Accounting database to a new location


1. 2. 3. In the Content pane, select the Database Management tab, and then select the Accounting database. In the Actions pane, click Move Database Path. In the Move Database Path Wizard, in the Database file path field, typeC:\Mailbox\Accounting\Accounting.edb. In the Log folder path field type C:\Mailbox\Accounting\. Click Move. Click Yes. Click Finish. Close the Exchange Management Console.

4. 5. 6. 7. 8.

Results: After this exercise, you should have created a new database, set the specified limits, and moved the existing Accounting database to a new folder.

Exercise 2: Configuring Public Folders


Task 1: Check Executives public folder statistics
1. On VAN-EX3, click Start, click All Programs, click Microsoft Exchange Server 2010, and then click Exchange Management Console. In the Console Tree, expand Microsoft Exchange, expand MicrosoftExchange On-Premises, and then click Toolbox. In the Content pane, double-click Public Folder Management Console. If you are not connected, then in the Actions pane, click Connect to a Server,and then in the Connect to Server dialog box, click Browse. In the Select Public Folder dialog box, select VAN-EX1, click OK, and thenclick Connect. In the Console Tree, expand Public Folders, and then select Default PublicFolders. In the Content pane, right-click Executives, and then choose Properties. On the General tab, note the Total Items and Size of the items in the publicfolder. Click OK.

2.

3. 4.

5. 6. 7. 8. 9.

10. Leave the Public Folder Management Console running.

Task 2: Create a public folder database on VAN-EX3


1. On VAN-EX3, in the Exchange Management Console, expand Organization Configuration, and then click Mailbox. In the Content pane, select the Database Management tab. In the Actions pane, click New Public Folder Database. On the New Public Folder Database page, type PF-VAN-EX3 in the PublicFolder database name field, and then click Browse. In the Select Mailbox Server dialog box, select VAN-EX3, and then click OK. Click Next. In to Database file path field, type C:\Mailbox\PF-VAN-EX3\PF-VAN-EX3.edb. In the Log folder path field, type C:\Mailbox\PF-VAN-EX3\, and then clickOK. Click Next.

2. 3. 4.

5. 6. 7. 8. 9.

10. Click New. 11. Click Finish.

Task 3: Add a replica of the Executives public folder on VAN-EX3


1. In the Console Tree for the Public Folder Management Console, expandPublic Folders, and then select Default Public Folders. In the Content pane, right-click Executives, and then choose Properties. Click the Replication tab. Under Replicate content to these public folder databases, click Add. Select PF-VAN-EX3, and then click OK.

2. 3. 4. 5.

Note: It can take up to 15 minutes for replication to complete.

Task 4: Verify replication between VAN-EX1 and VAN-EX3


1. Click Public Folders, in the Actions pane, click Connect to a Server, and thenin the Connect to Server dialog box, click Browse. In the Select Public Folder Servers dialog box, select VAN-EX3, click OK, andthen click Connect. In the Console Tree, expand Public Folders, and then select Default PublicFolders. In the Content pane, right-click Executives, and then choose Properties.

2. 3. 4.

5. 6. 7. 8.

On the General tab, note the Total Items and Size of the items in the publicfolder. Click OK. Close the Public Folder Management Console. Close the Exchange Management Console.

Results: After this exercise, you should have created a new public folder databaseon VAN-EX3 and added replicas for each public folder.

To prepare for the next module


When you finish the lab, revert the virtual machines back to their initial state. Todo this, complete the following steps: 1. 2. 3. 4. 5. On the host computer, start Hyper-V Manager. Right-click the virtual machine name in the Virtual Machines list, and thenclickRevert. In the Revert Virtual Machine dialog box, click Revert. In the Virtual Machines pane, click 10135A-VAN-DC1, and then in the Actionspane, click Start. To connect to the virtual machine for the next modules lab, click 10135AVAN-DC1, and then in the Actions pane, click Connect.

Important: Start the VAN-DC1 virtual machine first, and ensure that it is fullystarted before starting the other virtual machines.

6. 7.

Wait for VAN-DC1 to start, and then start VAN-EX1. Connect to the virtualmachine. Wait for VAN-EX1 to start, and then start VAN-CL1. Connect to the virtualmachine.

Lab 4: Managing Message Transport


Exercise 1: Configuring Internet Message Transport
To prepare for this lab
1. On VAN-EX2, click Start, right-click Network, and click Properties. 2. Click Change adapter settings. 3. Right-click Local Area Connection 2, and click Properties. 4. Click Internet Protocol Version 4 (TCP/IPv4) and click Properties. 5. Change the IP address to 10.10.11.21, and then click OK. Click Close. 6. Click the Start button, and then click Restart. In the Comment field, type Labrestart, and then click OK. 7. After the system is restarted, log on to VAN-EX2 as Adatum\Administrator,using the password Pa$$w0rd.
Note: These preparation steps move VAN-EX2 to a second site defined in AD DS.

Task 1: Configure a Send connector to the Internet


1. On VAN-EX1, click Start, point to All Programs, point to Microsoft ExchangeServer 2010, and then click Exchange Management Console. In Exchange Management Console, expand Microsoft Exchange On-Premises, expand Organization Configuration, and then click HubTransport. In the Hub Transport pane, click the Send Connectors tab. In the Actions pane, click New Send Connector. In the New Send Connector window, in the Name box, type Internet SendConnector. In the Select the intended use for this Send connector list, click Internet, andthen click Next. On the Address space page, click Add. In the Address field, type *, click OK, and then click Next. On the Network settings page, click Route mail through the following smarthosts, click Add, and then click Fully qualified domain name (FQDN).

2.

3. 4. 5. 6. 7. 8. 9.

10. In the Fully qualified domain name (FQDN) box, typevan-dc1.adatum.com, click OK, and then click Next. 11. On the Configure smart host authentication settings page, click Next. 12. On the Source Server page, ensure that VAN-EX1 is listed, and then clickNext. 13. On the New Connector page, click New, and then click Finish.

Task 2: Configure a Receive connector to accept Internet messages


1. In Exchange Management Console, expand Server Configuration, click HubTransport, and then in the Hub Transport pane, click VAN-EX1. In the Actions pane, click New Receive Connector. In the New Receive Connector window, in the Name box, type InternetReceive Connector. In the Select the intended use for this Receive connector list, click Custom,and then click Next. On the Local Network Settings page, click Next. On the Remote Network Settings page, click the red X to delete the entry, andthen click Add. In the Address or address range box, type 10.10.0.10, click OK, and thenclick Next. On the New Connector page, click New, and then click Finish. In the VAN-EX1 pane, double-click Internet Receive Connector.

2. 3. 4. 5. 6. 7. 8. 9.

10. In the Internet Receive Connector window, on the General tab, in theProtocol logging level list, click Verbose.
11.

On the Permission Groups tab, select the Anonymous userscheck box, andthen click OK.

Task 3: Enable anti-spam functionality on the Hub Transport server


1. In Exchange Management Console, expand Server Configuration, click HubTransport, and then click VAN-EX1 in the Hub Transport pane. In the VAN-EX1 pane, verify that only the Receive Connectors tab is available. Click Start, point to All Programs, point to Microsoft Exchange Server 2010,and then click Exchange Management Shell. At the PS prompt, type cd c:\Program Files\Microsoft\Exchange Server\v14\scripts and press ENTER. At the PS prompt, type .\install-AntispamAgents.ps1, and then press ENTER. Type Restart-Service MSExchangeTransport, and then press ENTER. Wait forthe Transport Service to finish restarting. In Exchange Management Console, expand Server Configuration, click HubTransport, click Refresh in Hub Transport Actions pane, and then click VANEX1in the Hub Transport pane. In the content pane, click the Anti-Spam tab. Expand Organization Configuration, click Hub Transport, and then click theAnti-spam tab.

2. 3.

4.

5. 6.

7.

8. 9.

Task 4: Verify that Internet message delivery works


1. On VAN-EX1, start Microsoft Internet Explorer, and connect tohttps://VANEX1.Adatum.com/OWA. Log on as Adatum\Wei with the password Pa$$w0rd. On the Microsoft Outlook Web App page, click OK. Create and send a new e-mail to Info@Internet.com with the subject TestMail to Internet. Close Internet Explorer. Switch to Exchange Management Console. On the left pane, expand Microsoft Exchange On-Premises, and then clickToolbox. In the Toolbox pane, double-click Queue Viewer. On the Queues tab, verify that the VAN-DC1.adatum.com queue has aMessage Count of 0.

2. 3. 4.

5. 6. 7. 8.

Note: If the VAN-DC1.adatum.com message queue is not empty, verify that theSimple Mail Transfer Protocol (SMTP) service is running on VAN-DC1.

9.

On VAN-DC1, click Start, point to All Programs, point to Accessories, andthen click Command Prompt.

10. At the command prompt, type telnet van-ex1 smtp, and then press ENTER. 11. Type helo, and press ENTER. 12. Type mail from:info@internet.com, and press ENTER.Response: 250 2.1.0 Sender OK 13. Type rcpt to:WeiYu@adatum.com, and press ENTER.Response: 250 2.1.5 Recipient OK 14. Type data, and press ENTER.Response: 354 Start mail input; end with <CRLF>.<CRLF> 15. Type Subject: Test from Internet, and press ENTER. 16. Press the PERIOD key, and then press ENTER. 17. Type Quit, and press ENTER. 18. On VAN-EX1, start Internet Explorer, and connect to https://VANEX1.adatum.com/OWA. 19. Log on as Adatum\Wei with the password Pa$$w0rd. 20. Verify that the mail with the subject Test from Internet mail has arrived inthe Junk E-Mail folder. Close Internet Explorer.
Results: After this exercise, you should have configured Internet message transportby configuring Send and Receive connectors, enabling anti-spam functionality, andverifying Internet message delivery.

Exercise 2: Troubleshooting Message Transport


Task 1: Check the routing log, and verify that mail delivery workscorrectly
1. 2. 3. 4. 5. 6. On VAN-EX1, in Exchange Management Console, click Toolbox. In the Toolbox pane, under Mail flow tools, double-click Routing Log Viewer. In the Routing Log Viewer window, select the File menu, and then click Openlog file. In the Open Routing Table Log File dialog box, click Browse server files. In the Open dialog box, select the latest RoutingConfig#... file, and then clickOpen. On the Active Directory Sites & Routing Groups tab, expand the ActiveDirectory sites until you see the Exchange Servers in their respective sites. Start Internet Explorer, and connect to https://VAN-EX1.adatum.com/OWA. Log on as Adatum\Wei with the password Pa$$w0rd. Create and send a new e-mail to Anna, with the subject Test Mail toVAN-EX2.

7. 8. 9.

10. On VAN-EX2, start Internet Explorer, and connect to https://VANEX2.adatum.com/OWA. 11. Log on as Adatum\Anna with the password Pa$$w0rd. 12. On the Microsoft Outlook Web App page, click OK. 13. Reply to the mail Test Mail to VAN-EX2 from Wei. 14. Switch back to VAN-EX1, and check the Inbox in Microsoft Outlook WebApp to see if the mail has arrived.

Task 2: Troubleshoot message transport


1. 2. On VAN-EX1, in Exchange Management Shell, typed: \labfiles\Lab05Prep1.ps1, and then press ENTER. On VAN-EX1, in Internet Explorer, create and send a new e-mail to Anna withthe subject Another Test Mail to VAN-EX2. Close Internet Explorer. Switch to VAN-EX2, and in Outlook Web App, check the Inbox to see if themail has arrived. Switch to VAN-EX1, and in Exchange Management Console, click Toolbox. In the Toolbox pane, under Mail flow tools, double-click Queue Viewer. On the Queues tab, double-click site2 to open the queue. Verify that the message that Wei sent to Anna is listed in the queue. Then clickthe Queues tab.

3. 4. 5. 6. 7.

8. 9.

On the Queues tab, click Site2, and scroll to the right to view the Last Errorcolumn. Read the Last Error message of that Queue.

10. Click Start, point to All Programs, point to Accessories, and then clickCommand Prompt. 11. At the command prompt, type telnet van-ex2 smtp, and press ENTER. Verifythat you receive a Connect failed error. 12. On VAN-EX2, open the Exchange Management Console. Expand MicrosoftExchange On-Premises, expand Server Configuration, click Hub Transport,and then click VAN-EX2 in the Hub Transport pane. 13. On the Receive Connectors tab, notice that only the Client VAN-EX2connector exists. This is the reason the server does not accept a port 25connection. 14. In the Actions pane, click New Receive Connector. 15. In the New Receive Connector window, in the Name box, type InternalVAN-EX2. 16. In the Select the intended use for this Receive connector list, click Internal,and then click Next. 17. On the Remote Network settings page, click Next. 18. On the New Connector page, click New, and then click Finish. 19. Switch to VAN-EX1, and in Exchange Management Console, click Toolbox. 20. In the Toolbox pane, under Mail flow tools, click Queue Viewer. 21. Right-click site2, and then click Retry to force an immediate retry of themessage delivery. Verify that the queue now has a message count of 0. 22. Switch to VAN-EX2, and check Annas Inbox in Outlook Web App to see thatthe message is now delivered.

Results: After this exercise, you should have verified routing logs, and used theother troubleshooting tools in Exchange Server to troubleshoot message transport.

Exercise 3: Troubleshooting Internet Message Delivery

Task 1: Send a message to the Internet, and track it


On VAN-EX2, open Outlook Web App, and from Annas mailbox, create andsend a new e-mail to Info@Internet.com with the subject Test Mail toInternet from VAN-EX2.

Task 2: Implement user-based message tracking to verify mail delivery


1. 2. 3. 4. 5. On VAN-EX2, in Outlook Web App, click Options to open the ExchangeControl Panel. On the left pane, click Organize E-Mail, and then click the Delivery Reportstab. Click Search. In the Search Results pane, select the message you sent to Info@Internet.com,and click Details. Verify that is the message was sent to a server outside the organization. CloseInternet Explorer.

Task 3: Troubleshoot Internet message delivery


1. 2. 3. 4. On VAN-EX1, in Exchange Management Shell, typed:\ labfiles\Lab05Prep2.ps1, and then press ENTER. On VAN-EX2, start Internet Explorer, and connect to https://VANEX2.adatum.com/owa. Log on as Adatum\Anna with the password Pa$$w0rd. Create and send a new e-mail to Info@Internet.com with the subject AnotherMail to Internet from VAN-EX2. On VAN-EX1, in Exchange Management Console, click Toolbox. In the Toolbox pane, under Mail flow tools, double-click Message Tracking.An Internet Explorer window opens with Outlook Web App running. Log on as adatum\administrator with the password Pa$$w0rd. If theChoose the language you want to use page appears, click OK. In the Select what to manage drop down list, click My Organization. ClickReporting. On the Delivery Reports tab, in the Mailbox to search field, click Browse,select Anna Lidmanin the Select Mailboxes to Search window, and then clickOK.

5. 6.

7.

8. 9.

10. Click Search. 11. In the Search Results window, select the message with the subject AnotherMail to Internet from VANEX2, and then click Details. 12. In the middle pane of the Delivery Report window, notice that the Status ofthe message is Pending. 13. Review the Delivery Report pane as it lists every route the message has takenin the Exchange Organization. At the end of the list, you will see the reasonwhy the message is pending.

14. Click Close in the Delivery Report pane. 15. In Exchange Management Console, click Toolbox. 16. In the Toolbox pane, under Mail flow tools, double-click Mail FlowTroubleshooter. 17. On the Updates and Customer Feedback page, click Do not check forupdates on startup and I dont want to join the program at this time. ClickGo to Welcome Screen. 18. On the Exchange Mail Flow Troubleshooter page, in the Enter anidentifying label for this analysis text box, type Internet Message DeliveryFailure. 19. Under What symptoms are you seeing?, click Messages are backing up inone or more queues on a server. Click Next. 20. On the Enter Server and User Information page, enter the followinginformation, and then click Next: Exchange Server Name: VAN-EX1 Global Catalog Server Name: VAN-DC1 21. On the Basic Server Information page, review the information, and then clickNext. 22. On the Initial Queue Analysis Results page, click the displayed item, reviewthe information, and then click Next. 23. On the Remote Delivery Queue(s) Initial Analysis Results page, review theinformation, scroll down, and then click Next. 24. On the DNS Availability Check Results, review the information, and thenclick Next. 25. On the DNS Record Analysis Results, review the information, and then clickNext. 26. On the Remote Delivery Queue(s) DNS Records Analysis Results, noticethat the wizard has identified a possible root cause, and then click Next. 27. On the Remote Delivery Queue(s) Connectivity Test Results page, reviewthe information, and then click Next. 28. On the Remote Delivery SMTP Instance Configuration Analysis Resultspage, click Next. 29. On the Remote SMTP Service Diagnosis Results page, click Next. 30. On the Remote Delivery Queue(s) Message Tracking Log Analysis Resultspage, click Next. 31. On the Remote Delivery Queue(s) SMTP Commands Analysis Results page,click Next. 32. On the Third-Party Application Analysis Results, click Next. 33. On the View results page, click the Root Causes tab, review the displayedinformation, and then close the Troubleshooting Assistant. 34. Switch to VAN-DC1, click Start, point to All Programs, point to Accessories,and then click Command Prompt.

35. At the command prompt, type nslookup, and then press ENTER. 36. Type set querytype=MX, and press ENTER. 37. Type internet.com, and press ENTER. The query will timeout, which indicatesthat the domain name cannot be resolved. This means that the host cannotdirectly resolve a Domain Name System (DNS) domain and has to use a smarthost to send a message to the internet. 38. On VAN-EX1, in Exchange Management Console, expand OrganizationConfiguration, and then click Hub Transport. 39. On the Send Connectors tab, double-click Internet Send Connector. 40. Click the Network tab, select Route mail through the following smart hosts,and then click Add. 41. In the Add smart host dialog box, in the Fully qualified domain name(FQDN) box, type vandc1.adatum.com, click OK, and then click OK again. 42. In Exchange Management Console, click Toolbox. 43. In the Toolbox pane, under Mail flow tools, double-click Queue Viewer. 44. Right-click internet.com, and then click Retry to force message delivery retry.

Results: After this exercise, you should have identified and resolved issues inInternet message delivery by using the Exchange Server troubleshooting tools suchas Message Tracking and Mail Flow Troubleshooter.

To prepare for the next module


When you finish the lab, revert the virtual machines back to their initial state. Todo this, complete the following steps: 1. 2. 3. 4. 5. On the host computer, start Hyper-V Manager. Right-click the virtual machine name in the Virtual Machines list, and thenclickRevert. In the Revert Virtual Machine dialog box, click Revert. In the Virtual Machines pane, click 10135A-VAN-DC1, and then in the Actionspane, click Start. To connect to the virtual machine for the next modules lab, click 10135AVAN-DC1, and then in the Actions pane, click Connect.

Important: Start the VAN-DC1 virtual machine first, and ensure that it is fullystarted before starting the other virtual machines.

6. 7.

Wait for VAN-DC1 to start, and then start VAN-EX1. Connect to the virtualmachine. Wait for VAN-EX1 to start, and then start VAN-SVR1. Connect to the virtualmachine.

Lab 5: Configuring Edge Transport Servers

Exercise 1: Configuring Edge Transport Servers


Task 1: Install the Edge Transport Server role
1. On VAN-SVR1, click Start, point to All Programs, point to Accessories, and then click Command Prompt. At the command prompt, type d:\Setup /mode:install /role:EdgeTransport, and then press ENTER. Wait for the installation to finish. The installation willtake approximately eight to 10 minutes. At the command prompt, type Exit, and press ENTER. Restart VAN-SVR1 and logon as Administrator, using the passwordPa$$w0rd. Click Start, point to All Programs, point to Microsoft Exchange Server 2010,and then click Exchange Management Console. In the Microsoft Exchange window, click OK. In Exchange Management Console, in the left pane, clickEdge Transport.

2.

3. 4. 5.

6. 7.

Task 2: Configure Edge Synchronization


1. On VAN-SVR1, click Start, point to All Programs, point to Microsoft Exchange Server 2010, and then click Exchange Management Shell. In Exchange Management Shell, at the command prompt, type New-EdgeSubscription -FileName c:\VAN-SVR1.xml, and then pressENTER. In the Confirm text box, enter Y, and then press ENTER. Click Start, and in the search box, type \\van-ex1\c$, and then press ENTER. Copy c:\VAN-SVR1.xml to the VAN-EX1\c$. Remember, that in real-world scenarios, it would be a security violation if you are able to copy the EdgeSubscription file directly from the Edge Transport server to the Hub Transport server. Normally, you would use a universal serial bus (USB) deviceor other means to copy the file. On VAN-EX1, click Start, point to All Programs, point to Microsoft ExchangeServer 2010, and then click Exchange Management Console. In Exchange Management Console, expand Microsoft Exchange On-Premises, expand Organization Configuration, and then click HubTransport. In the Hub Transport pane, click the Edge Subscriptions tab. In the Actions pane, click New Edge Subscription. In the New Edge Subscription window, beside Active Directory Site, click Browse. Select Default-FirstSite-Name as Active Directory Domain Servicessite, and then click OK.

2.

3. 4.

5.

6.

7. 8. 9.

10. Beside Subscription file, click Browse. Browse to the C:\ clickVAN-SVR1.XML click Open, and then click New. 11. On the Completion page, click Finish.

Task 3: Verify that EdgeSync is working and that Active DirectoryLightweight Directory Services contains data
1. On VAN-EX1, click Start, point to All Programs, point to Microsoft Exchange Server 2010, and then click Exchange Management Shell. In Exchange Management Shell, at the command prompt, typeStart-EdgeSynchronization, and then press ENTER. At the command prompt, type Test-EdgeSynchronization, and then pressENTER. Ensure that the result displayed includes SyncStatus: Normal, otherwise youneed to wait for another minute and run Test-EdgeSynchronizationagain. At the command prompt, type Get-User -Identity Wei | ft Name, GUID, andthen press ENTER. Write down the first eight characters of the globally unique identifier (GUID) in your notes. Switch to VAN-SVR1, click Start, point to All Programs, point to Accessories,and then click Command Prompt. At the command prompt, type LDP, and then press ENTER. In the LDP window, click Connection on the menu bar, and then clickConnect.

2.

3. 4.

5. 6. 7.

8. 9.

10. In the Connect window, type VAN-SVR1 in the Server box, type 50389 in thePort box, and then click OK. 11. Click Connection on the menu bar, and then click Bind. 12. In the Bind window, in the Bind type pane, click Bind as currently logged onuser, and then click OK. 13. Click View on the menu bar, and then click Tree. 14. In the Tree View dialog box, clear any entry in the BaseDNfield, and thenclick OK. 15. In the LDP window, in the left pane, double-click OU=MSExchangeGatewayto expand it. 16. Double-click CN=Recipients,OU=MSExchangeGateway. 17. By using the GUID you entered in previous steps, you can locate the recipient. It starts with CN=<GUID>. After you find it, double-click the recipient GUID,and review the data that is available for this recipient. Close LDP.

Task 4: Verify that Internet message delivery works

1.

On VAN-EX1, in Exchange Management Console, expand Organization Configuration, and then click Hub Transport. Click the Send Connectors tab. Double-click EdgeSync - Default-First-Site-Name to Internet. Click the Network tab, click Route mail through the following smart hosts,and then click Add. In the IP address field, type 10.10.0.10, and then click OK twice. In Exchange Management Shell, type Start-EdgeSynchronization, and then press ENTER. At the command prompt, type Exit, and then press ENTER. Start Windows Internet Explorer, and connect to https://VANEX1.adatum.com/owa. Log on as Adatum\Wei using the password Pa$$w0rd.

2. 3. 4. 5. 6. 7. 8. 9.

10. On the Microsoft Outlook Web App page, click OK. 11. Create and send a new e-mail to Info@Internet.com with the subject TestMail to Internet. 12. Verify that you do not get a non-delivery report message.

Results: After this exercise, you should have installed an Edge Transport server role,and configured Edge Synchronization between a Hub Transport and an EdgeTransport server.

Lab 6: Implementing Anti-Spam Solutions

Exercise 1: Configuring an Anti-Spam Solution on Edge Transport Servers


Task 1: Configure Domain Name System (DNS) for Internet messagedelivery
1. 2. 3. 4. On VAN-DC1, click Start, point to Administrative Tools, and click DNS. Expand Forward Lookup Zones, and then click Adatum.com. Right-click Adatum.com, and then click New Mail Exchanger (MX). In the New Resource Record dialog box, in the Fully qualified domain name(FQDN) of mail server box, type VAN-SVR1.Adatum.com. Click OK, and close DNS Manager.

5.

Task 2: Configure global SCL for junk mail delivery


1. On VAN-SVR1, click Start, point to All Programs, point to MicrosoftExchange Server 2010, and then click Exchange Management Console. In Exchange Management Console, click Edge Transport. In the Edge Transport pane, select VAN-SVR1, and then click the Anti-spamtab. In the Anti-spam pane, double-click Content Filtering. In the Content Filtering Properties window, click the Action tab. In the Action tab, clear the Reject messages that have an SCL rating greaterthan or equal to check box, and then click OK. On VAN-EX1, click Start, point to All Programs, point to Microsoft ExchangeServer 2010, and then click Exchange Management Shell. In Exchange Management Shell, type Set-OrganizationConfig -SCLJunkThreshold 6, and then press ENTER. At the PS prompt, type D:\labfiles\Lab6Prep.ps1, and then press ENTER.

2. 3. 4. 5. 6.

7.

8.

9.

This will send 11 messages with the following spam confidence level (SCL) ratings:

Mail sender Msg1@contoso.com Msg2@contoso.com Msg3@contoso.com Msg4@contoso.com Msg5@contoso.com Msg6@contoso.com Msg7@contoso.com Msg8@contoso.com Msg9@contoso.com Msg10@contoso.com Msg11@contoso.com

SCL level

7 8 7 7 8 6 8 7 6 6 8

10. On VAN-EX1, start Internet Explorer, and connect to https://VANEX1.adatum.com/OWA. 11. Log on as Adatum\Wei using the password Pa$$w0rd. 12. In the Mail pane, click Inbox. You should see three new messages in theInbox. If not, wait for another minute until they arrive. 13. In the Inbox pane, double-click the message from Msg10@contoso.com. 14. In the message window, click Message Details on the toolbar. 15. In the Message details window, identify the SCL level of this message bylooking for X-MS-ExchangeOrganization-SCL in the Internet Mail Headersbox. Then click Close to close Message Details. Close the message window. 16. In the Mail pane, click Junk E-Mail. You should see eight new messages in theJunk E-Mail folder that have been identified as junk mail as their SCL level wasmore than six. You can verify this by looking at the Message Details of themessages. 17. Delete all messages in the Inbox and Junk E-Mail folders.

Task 3: Configure content filtering to reject junk messages


1. On VAN-SVR1, click Start, point to All Programs, point to MicrosoftExchange Server 2010, and then click Exchange Management Console. In Exchange Management Console, click Edge Transport. In the Edge Transport pane, select VAN-SVR1, and then click the Anti-spamtab. In the Anti-spam pane, double-click Content Filtering. In the Content Filtering Properties window, click the Action tab. In the Action tab, select the Reject messages that have an SCL rating greaterthan or equal to check box, configure it to 7, and then click OK. On VAN-EX1, in Exchange Management Shell, type:D:\labfiles\Lab6Prep.ps1 and then press ENTER. This will send the 11messages again, but notice that the Content Filter agent rejects all messages asspam if

2. 3. 4. 5. 6. 7.

they have a SCL level of 7 or more. Thus, only three messages willreach Weis Inbox, and the other messages should not be delivered to theusers Junk E-Mail folder. 8. 9. On VAN-EX1, start Internet Explorer, and connect to https://VANEX1.adatum.com/OWA. Log on as Adatum\Wei using the password Pa$$w0rd.

10. In the Mail pane, click Inbox. Notice the three new messages in the Inbox. 11. To delete all messages in the Inbox, select them, and then click Delete.

Task 4: Configure an IP Allow List


1. 2. 3. 4. 5. On VAN-SVR1, in Exchange Management Console, click the Anti-spam tab. In the Anti-spam pane, double-click IP Allow List. In the IP Allow List Properties window, click the Allowed Addresses tab. On the Allowed Addresses tab, click Add. In Add Allowed IP Address window, type 10.10.0.10 in the Address oraddress range box, and then click OK. On the Allowed Address tab, click OK. On VAN-EX1, in Exchange Management Shell, type:D:\ labfiles\Lab6Prep.ps1, and then press ENTER. On VAN-EX1, start Internet Explorer, and connect to https://VAN-EX1/OWA. Log on as Adatum\Wei using the password Pa$$w0rd.

6. 7. 8. 9.

10. In the Mail pane, click Inbox. You should see 11 new messages in the Inbox. 11. Double-click one message, and review the Message Detail. The SCL ratingshould be -1. When the sending SMTP server is added to the IP Allow List,content filtering is not applied to the messages. 12. To delete all messages in the Inbox, select them, and then click Delete.

Task 5: Configure a Block List Provider


1. 2. 3. 4. 5. On VAN-SVR1, in Exchange Management Console, click the Anti-spam tab. In the Anti-spam pane, double-click IP Block List Providers. In the IP Block List Properties window, click the Providers tab. On the Providers tab, click Add. In the Add IP Block List Provider window, type Spamhausin the Providername box, type zen.spamhaus.org in the Lookup domain box, and then clickOK twice.

Results: After this exercise, you should have configured different SCL levels, andverified the behavior of junk mail in user mailboxes. You should also haveconfigured a Block List Provider.

To prepare for the next module


When you finish the lab, revert the virtual machines back to their initial state. Todo this, complete the following steps: 1. 2. 3. 4. 5. On the host computer, start Hyper-V Manager. Right-click the virtual machine name in the Virtual Machines list, and thenclickRevert. In the Revert Virtual Machine dialog box, click Revert. In the Virtual Machines pane, click 10135A-VAN-DC1, and then in the Actionspane, click Start. To connect to the virtual machine for the next modules lab, click 10135AVAN-DC1, and then in the Actions pane, click Connect.

Important: Start the VAN-DC1 virtual machine first, and ensure that it is fullystarted before starting the other virtual machines.

6. 7. 8.

Wait for VAN-DC1 to start, and then start VAN-EX1. Connect to the virtualmachine. Wait for VAN-EX1 to start, and then start VAN-EX2. Connect to the virtualmachine. Wait for VAN-EX2 to start, and then start VAN-EX3. Connect to the virtualmachine.

Lab 7: Configuring Client AccessServers for Outlook AnywhereAccess


Exercise 1: Configuring Client Access Servers
Task 1: Prepare the Windows Server 2008 CA to issue certificates withmultiple SANs
1. 2. On VAN-DC1, click Start, in the search box type cmd.exe, and then pressENTER. At the command prompt, type certutil -setreg policy\EditFlags+EDITF_ATTRIBUTESUBJECTALTNAME2, and then press ENTER. At the command prompt, type net stop certsvc& net start certsvc, and thenpress ENTER.

3.

Task 2: Configure an external client access domain for VAN-EX2


1. 2. On VAN-EX2, open the Exchange Management Console. Expand Microsoft Exchange On-Premises. In the left pane, expand ServerConfiguration, and then click Client Access. In the Actions pane, click Configure External Client Access Domain. On the Configure External Client Access Domain page, typemail.Adatum.com as the domain name, and then click Add. In the Select Client Access Server dialog box, click VAN-EX2, and then clickOK. Click Configure. In the Microsoft Exchange dialog box, click Yes, and thenclick Finish. In the results pane, click VAN-EX2, and then in the work pane, double-clickowa (Default Web Site). On the General tab, verify that the External URL field has been changed tohttps://mail.adatum.com/owa, and then click OK.

3. 4.

5. 6. 7. 8.

Task 3: Prepare a Server Certificate request for VAN-EX2


1. 2. 3. In the left pane, click Server Configuration. In the results pane, click VANEX2. In the Actions pane, click New Exchange Certificate to open the NewExchange Certificate Wizard. On the Introduction page, type Adatum Mail Certificate as the friendly namefor the certificate, and then click Next. On the Domain Scope page, click Next.

4.

5.

On the Exchange Configuration page, expand Client Access server (OutlookWeb App), and then select both the Outlook Web App is on the Intranet andOutlook Web App is on the Internet check boxes. Verify thatMail.adatum.com is displayed in the second text box. Expand Client Access server (Exchange ActiveSync), and then verify thatExchange Active Sync is enabled check box is selected. Expand Client Access server (Web Services, Outlook Anywhere, andAutodiscover). Enter mail.adatum.com as the external host name. Ensure that both the Autodiscover used on the Internet check box and theLong URL option are selected, and then click Next. In the Autodiscover URLto use field, delete all entries except for autodiscover.adatum.com, and thenclick Next. On the Certificate Domains page, click Next.

6.

7.

8.

9.

10. On the Organization and Location page, enter the following information: Organization: A Datum Organizational Unit: Messaging Country/region: Canada City/locality: Vancouver State/province: BC 11. Click Browse, type CertRequestas the File name, and then click Save. 12. Click Next, click New, and then click Finish.

Task 4: Request the certificate from the CA


1. 2. 3. 4. 5. Click the Folder icon in the task bar, and click Documents. Right-click CertRequest.req, and then click Open. In the Windows dialog box, click Select a program from a list of installedprograms, and then click OK. In the Open with dialog box, click Notepad, and then click OK. In the CertRequest.req Notepad window, click Ctrl+A to select all the text,and then click Ctrl+C to copy and save the text to the clipboard. CloseNotepad. Click Start, click All Programs, and then click Internet Explorer. Connect to https://van-dc1.adatum.com/certsrv. Log on as Administrator using a password of Pa$$w0rd. On the Welcome page, click Request a certificate.

6. 7. 8. 9.

10. On the Request a Certificate page, click advanced certificate request.

11. On the Advanced Certificate Request page, click Submit a certificate requestby using a base-64encoded CMC or PKCS#10 file, or submit a renewalrequest by using a base-64-encoded CMC or PKCS#7 file. 12. On the Submit a Certificate Request or Renewal Request page, click in theSaved Request field, and then press CTRL+V to paste the certificate requestinformation into the field. 13. In the Certificate Template drop-down list box, click Web Server, and thenclick Submit. Click Yes. 14. On the Certificate Issued page, click Download certificate. 15. In the File Download dialog box, click Save. 16. In the Save As dialog box, click Save. 17. In the Download complete dialog box, click Open. 18. In the Certificate dialog box, on the Details tab, click Subject AlternativeName. Verify that the certificate includes several Subject Alternative Names(SANs), and then click OK.

Task 5: Import and assign the IIS Exchange Service to the NewCertificate
1. 2. 3. 4. 5. 6. 7. 8. 9. In the Exchange Management console, click Server Configuration. Click ADatum Mail Certificate, and in the Actions pane, click CompletePending Request. On the Complete Pending Request page, click Browse. Under Favorites, click Downloads. Click certnew.cer and click Open. Click Complete, and then click Finish. In the Exchange Management console, click Server Configuration. In the results pane, click VAN-EX2. In the bottom pane, click Adatum MailCertificate. In the Actions pane, click Assign Services to Certificate.

10. On the Select Servers page, verify that VAN-EX2 is listed, and then click Next. 11. On the Select Services page, select the Internet Information Services checkbox, click Next, click Assign, and then click Finish.

Task 6: Verify Outlook connectivity to the Exchange Server


1. 2. On VAN-CL1, log on as Molly using the password Pa$$w0rd. Click Start, click All Programs, click Microsoft Office, and then clickMicrosoft Office Outlook 2007.

3. 4. 5. 6.

On the Outlook 2007 Startup page, click Next. On the E-Mail Accounts page, click Next. On the Auto Account Setup page, click Next. On the Configuring page, click Finish.

Note: If Microsoft Office Outlook cannot connect to the server, ensure that all ofthe Microsoft Exchange Server services on VAN-EX2 that are set to Automatic startare started. Start all services that have not started, and try connecting again.

7. 8. 9.

In the User Name dialog box, click OK. On the Privacy Options page, clear all check boxes, and then click Next. On the Sign up for Microsoft Update page, click I dont want to useMicrosoft Update, and then click Finish.

10. In the Microsoft Office Outlook dialog box, click No. 11. In Office Outlook, click Tools, and then click Account Settings. 12. Click MollyDempsey@adatum.com, and then click Change. 13. Verify that the user mailbox is located on VAN-EX2, click Cancel, and thenclick Close. 14. Close Outlook.

Exercise 2: Configuring Outlook Anywhere


Task 1: Configure a DNS record for Mail.Adatum.com
1. 2. 3. 4. On VAN-DC1, click Start, point to Administrative Tools, and then click DNS. In DNS Manager, in the left pane, expand Forward Lookup Zones, and thenexpand Adatum.com. Right-click Adatum.com, and then click New Host(A or AAAA). In the New Host dialog box, in the Name box, type mail. In the IP Addressbox, type 10.10.0.21, and then click Add Host. Click OK to close the prompt, and then click Done. Close DNS Manager.

5.

Task 2: Configure Outlook Anywhere on VAN-EX2


1. On VAN-EX2, click Start, point to Administrative Tools, and then clickServer Manager.

2. 3. 4. 5. 6.

Click Features. In the Features list, verify that the RPC over HTTP Proxyfeature is listed. On VAN-EX2, if required, open the Exchange Management Console. In the Exchange Management Console, expand Server Configuration, andthen click Client Access. Click VAN-EX2, and in the Actions pane, click Enable Outlook Anywhere. On the Enable Outlook Anywhere page, in the External host name field, typeMail.adatum.com. Under Client authentication method, click NTLMauthentication, and then click Enable. On the Completion page, click Finish. Close all open windows, and then restart VAN-EX2.

7. 8.

Task 3: Configure the Outlook profile to use Outlook Anywhere


1. 2. On VAN-CL1, ensure that you are logged on as Adatum\Molly. Click Start, and then click Control Panel. In the Search field, type Mail. RightclickMail, and then click Open. In the Mail Setup - Outlook dialog box, click E-mail Accounts. In the E-mail Accounts dialog box, click MollyDempsey@adatum.com, andthen click Change. On the Microsoft Exchange Settings page, click More Settings. In the Microsoft Exchange dialog box, on the Connection tab, select Connectto Microsoft Exchange using HTTP, and then click Exchange Proxy Settings. In the Microsoft Exchange Proxy Settings dialog box, complete the followinginformation: Use this URL (https://): mail.adatum.com Connect using SSL only: enable (default) On fast networks, connect using HTTP first, then connect using TCP/IP:enable On slow networks, connect using HTTP first, then connect using TCP/IP:enable (default) Proxy authentication setting: NTLM Authentication (default) Click OK, and then click OK again to close the Microsoft Exchange dialogbox. On the Microsoft Exchange Settings page, click Next.

3. 4. 5. 6.

7.

8. 9.

10. On the Change E-mail Account page, click Finish. 11. On the E-mail Accounts page, click Close, and then click Close again to closethe Mail Setup - Outlook dialog box.

Task 4: Verify the Outlook Anywhere connectivity


1. 2. Wait until VAN-EX2 finishes restarting, and then log on as Administratorusing the password Pa$$w0rd. On VAN-CL1, open Office Outlook 2007.

3. 4.

If an Outlook dialog box appears, click No. Verify that the Outlook connection indicator states Connected to MicrosoftExchange.

Note: If Outlook cannot connect to the server, ensure that all of the ExchangeServer services on VAN-EX2 that are set to Automatic start are started. Start allservices that have not started, and try connecting again.

5.

Press and hold CTRL, and then right-click the Office Outlook icon in theWindows 7 operating system notification area. You may need to click the uparrow in the Windows 7 notification area to view the Office Outlook icon. Click Connection Status. Confirm that the Conn column lists HTTPS as theconnection method. Click Close. Press and hold CTRL, and then click the Outlook icon in the Windows taskbar notification area. Click Test E-mail AutoConfiguration. In the Password field, type Pa$$w0rd.

6. 7. 8.

9.

10. Clear the Use Guessmartand Secure Guessmart Authentication checkboxes. 11. Click Test. View the information displayed on the Results tab. 12. Click the Log tab to view how the client completed Autodiscover. 13. Close the Test E-mail AutoConfigurationdialog box. 14. Close Microsoft Outlook, and then log off VAN-CL1.

To prepare for the next lab


Do not shut down the virtual machines or revert them to their initial statewhen you finish this lab. The virtual machines are required to complete thelast lab in this module.

Lab 8: Configuring Client AccessServers for Outlook Web App andExchange ActiveSync
Exercise 1: Configuring Outlook Web App
Task 1: Configure IIS to use the Internal CA certificate
1. On VAN-EX2, click Start, point to Administrative Tools, and then clickInternet Information Services (IIS) Manager. Expand VAN-EX2 (ADATUM\Administrator), expand Sites, expand DefaultWeb Site, and then click owa. In the center pane, and under IIS, double-click SSL Settings. Notice that SSL isrequired by default. Under Sites, click Default Web Site, and in the Actions pane, click Bindings. In the Site Bindings dialog box, click https, and then click Edit. In the SSL Certificate drop-down list, verify that Adatum Mail Certificate isselected Click OK, click Close, and then close the Internet Information Services (IIS)Manager.

2.

3. 4. 5. 6. 7.

Task 2: Configure Outlook Web App settings for all users


1. Click Start, point to All Programs, click Microsoft Exchange Server 2010,and then click Exchange Management Console. In the console tree, expand Microsoft Exchange On-Premises, expand ServerConfiguration, and then click Client Access. In the work pane, select VAN-EX2, and in the result pane, right-click owa(Default Web Site), and then click Properties. Click the Authentication tab, and verify that Use forms-based authenticationis selected. Under Logon Format, click User name only, and then click Browse. Click Adatum.com, and then click OK. Click the Segmentation tab, click Tasks, and then click Disable. Click Rules,and then click Disable. Click OK twice. Open the Exchange Management Shell. At the PS prompt, typeset-owavirtualdirectory owa (Default Web Site) ForceSaveFileTypes .doc,and then press ENTER. Type set-owavirtualdirectory owa (Default Web Site) GzipLevel Off, andthen press ENTER.

2.

3.

4. 5. 6. 7.

8.

9.

10. Type Set-OwaVirtualDirectory -identity Owa (Default Web Site) FilterWebBeaconsAndHtmlFormsForceFilter, and then press ENTER. 11. Type IISReset /noforce, and then press ENTER. If you get a message that theservice did not start, open the Services Microsoft Management Console(MMC), and start the World Wide Web Publishing Service. 12. Close the Exchange Management Shell.

Task 3: Configure an Outlook Web App Mailbox Policy for the BranchManagers
1. On VAN-EX2, in Exchange Management Console, expand OrganizationConfiguration, and then click Client Access. In the Actions pane, click New Outlook Web App Mailbox Policy. In the New Outlook Web App Mailbox Policy page, type Branch ManagersPolicy as the policy name. In the list of features, click Change Password, and then click Disable. Click New, and then click Finish. Right-click Branch Managers Policy, and then click Properties. On the Public Computer File Access tab, clear all check boxes. On the Private Computer File Access tab, clear all check boxes, and then clickOK. Under Recipient Configuration, click Mailbox.

2. 3. 4. 5. 6. 7. 8. 9.

10. Click the Organizational Unit column heading to sort the view byorganizational units (OU). 11. Select all the users in the Branch Managers OU, right-click, and then clickProperties. 12. On the Mailbox Features tab, click Outlook Web App, and then clickProperties. 13. Select the Outlook Web App mailbox policy check box, and then clickBrowse. 14. Click Branch Managers Policy, and then click OK four times.

Task 4: Verify the Outlook Web App configuration


1. 2. 3. On VAN-EX1, open Internet Explorer. In the address field, type https://mail.Adatum.com/owa, and then pressENTER. Log on to Outlook Web App as Adatum\Sharon using the passwordPa$$w0rd. Sharon is not in the Branch Managers OU. Click OK. Verify that the Tasks folder is not displayed in the user mailbox. On the Outlook Web App page, click Options.

4. 5.

6.

On the Organize E-Mail tab, verify that you cannot create a new Inbox rule.Close Microsoft Internet Explorer. Open Internet Explorer. In the address field, type https://mail.Adatum.com/owa, and then pressENTER. Log on to Outlook Web App as Adatum\Johnson using the passwordPa$$w0rd. Johnson is in the Branch Managers OU. Click OK.

7. 8. 9.

10. Verify that the Tasks folder is listed in the user mailbox. 11. On the Outlook Web App page, click Options. 12. In the left pane, click Settings. Notice that you do not have an option tochange passwords. Close Internet Explorer.

Exercise 2: Configuring Exchange ActiveSync


Task 1: Disable SSL for Exchange ActiveSync
1. On VAN-EX2, click Start, point to Administrative Tools, and then clickInternet Information Services (IIS) Manager. In Internet Information Services (IIS) Manager, expand VAN-EX2(ADATUM\administrator), expand Sites, expand Default Web Site, andthen click Microsoft-Server-ActiveSync. In the center pane, double-click SSL settings. Clear the Require SSL check box, and then click Apply. Close the InternetInformation Services (IIS) Manager.

2.

3. 4.

Task 2: Verify the Exchange ActiveSync virtual directory configuration


1. On VAN-EX2, in the Exchange Management Console, expand ServerConfiguration, and then click Client Access. In the result pane, click VAN-EX2, and in the work pane, click the ExchangeActiveSync tab. Right-click Microsoft-Server-ActiveSync, and then click Properties. Review the information on the General tab. Click the Authentication tab. Notice that Basic authentication is enabled. Thisis acceptable, because you typically would use SSL to secure the credentials intransit. Click OK.

2. 3. 4. 5.

6.

Task 3: Connect to the server using Exchange ActiveSync


1. 2. On VAN-CL1, log on as Adatum\Administrator. Click Start, point to All Programs, click Windows Mobile 6 SDK, clickStandalone Emulator Images, and under US English, click WM 6.1.4Professional. While the emulator is booting, in the WM 6.1.4 Professional window, clickFile, and then click Configure. On the Network tab, select the Enable NE2000 PCMIA network adapter andbind to check box, and then click OK. In Windows Mobile 6 Professional, click Start, and then click Settings. Click the Connections tab, and then double-click Network Cards. On the Configure Network Adapters page, under My network card connectsto, click The Internet, and then click NE2000 Compatible Ethernet Driver. Click Use specific IP address, and then enter the following settings: IP address: 10.10.0.51 Subnet mask: 255.255.0.0 Default gateway: 10.10.0.1 On the Name Servers tab, type 10.10.0.10 as the Domain Name System(DNS) server address, and then click OK twice. Close the Settings window.

3. 4.

5. 6. 7.

8.

9.

10. In Windows Mobile 6 Professional, click Start, click Programs, and then clickActiveSync. 11. Read the Microsoft ActiveSync information, and then click the set up yourdevice to sync with it link. 12. On the Enter Email Address page, in the Email address box, typeScottMacDonald@adatum.com, and then click Next. The device will attempt touse Autodiscover to configure the user settings. 13. On the User Information page, type Scott in the User Name field, typePa$$w0rd in the Password field, and Adatumin the Domain field, and thenclick Next. 14. On the Edit Server Settings page, in the Server Address field, type VANEX2.adatum.com. Clear the This server requires an encrypted (SSL)connection check box. In the ActiveSync message, click OK, and then clickNext. 15. In the Choose the data you wish to synchronize box, click Calendar, andthen click Settings. 16. In the Synchronize only the past list, click All, and in the upper-right corner,click OK. 17. In the Choose the data you wish to synchronize box, click E-mail, and thenclick Settings. 18. In the Download the past list, click All, and in the upper-right corner, clickOK. 19. Confirm that the Contacts, Calendar, E-mail, and Tasks check boxes areselected, and then click Finish. 20. In the ActiveSync dialog box, click OK. After synchronization is complete,click the X in the upper-right corner to close ActiveSync. Close the Programswindow.

21. On VAN-CL1, open Internet Explorer, and connect tohttps://mail.adatum.com/owa. 22. Log on as Adatum\Wei using the password Pa$$w0rd. Click OK. 23. Click New, and then in the Tofield, type Scott, and then press CTRL+K toresolve the name. 24. In the Subject line, type Test Message from Wei. 25. In the message body, type Testing mobile messaging, and then click Send. 26. On VAN-CL1, in Windows Mobile 6 Professional, wait for a minute and thennotice the animated Synchronization arrows indicating that the device issynchronizing automatically, triggered by the arrival of a message in Scottsmailbox. Wait for the Windows Mobile device to complete synchronization. 27. At the bottom of the Today screen, view the notification stating that a newmessage has arrived. Click View. 28. Open the message. Click Reply at the bottom of the message window. 29. In the message body, type Test Reply, and then click Send. 30. Wait until the device finishes synchronizing, and then, on VAN-EX1, inOutlook Web App, click the Check Messages icon or press F5 to refresh thescreen, and then confirm that the message from Scott was received. CloseInternet Explorer.

Task 4: Create a new Exchange ActiveSync mailbox policy


1. 2. 3. 4. 5. On VAN-EX2, if required, open the Exchange Management Console. In the console tree, expand Organization Configuration, and then clickClient Access. In the Actions pane, click New Exchange ActiveSync Mailbox Policy. In the Mailbox policy name box, type EAS Policy 1. Select the Allow non-provisionable devices check box. Confirm that theAllow attachments to be downloaded to device option is selected. Select the Require password check box. Select the Enable password recovery check box. This will enable users torecover their Windows Mobile password through the Exchange Control Panel(ECP). Click New to create the mobile mailbox policy. Read the completion summary, and then click Finish. Notice the ExchangeManagement Shell command that was used to create the new mobile mailboxpolicy.

6. 7.

8. 9.

10. Right-click EAS Policy 1, and then click Properties. Notice that the Generaltab has additional options. 11. Click the Password tab. Notice the additional password-option list that wasnot available when creating the mobile mailbox policy.

12. On the Sync Settings tab, review the configuration options. 13. On the Device tab, review the configuration options. 14. On the Device Applications tab, review the configuration options. Toimplement these settings, you must have an Enterprise Client Access Licensefor each mailbox. 15. On the Other tab, review the options for allowing or blocking specificapplications, and then click OK. 16. In the console tree, expand Recipient Configuration, and then click Mailbox. 17. In the result pane, right-click Scott MacDonald, and then click Properties. 18. Click the Mailbox Features tab, click Exchange ActiveSync, and then clickProperties. 19. In the Exchange ActiveSync Properties dialog box, click Browse. 20. Select EAS Policy 1, and then click OK. 21. Click OK twice to save and apply the changes.

Task 5: Validate the Exchange ActiveSync mailbox policy


1. 2. 3. On VAN-CL1, wait for ActiveSync to synchronize, or click Menu, and thenclick Send/Receive. In the Update Requireddialog box, click OK. In the Password and Confirm Password fields, type 12345, and then clickOK.

Task 6: Install a root CA on the mobile device


1. 2. 3. 4. On VAN-CL1, click Start, click All Programs, and then click InternetExplorer. Connect to http://van-dc1/certsrv. On the Welcome page, click Download a CA certificate, certificate change,or CRL. On the Download a CA certificate, certificate change, or CRL page, clickDownload CA certificate chain. In the File download dialog box, click Save. In the Save As dialog box, clickSave. Close Internet Explorer, and open it again. Connect to https://mail.adatum.com/owa. Log on asadatum\administrator. Create a new message, with Scott as the recipient. Type a subject of RootCertificate. Attach the certnew.p7b file from the Downloads folder.

5. 6. 7. 8.

9.

In Windows Mobile 6 Professional, wait for a minute, and then notice theanimated Synchronization arrows. These indicate that the device issynchronizing automatically, and that the arrival of a message in Scottsmailbox triggered the synchronization. Wait for the Windows Mobile device tocomplete synchronization.

10. At the bottom of the Today screen, view the notification stating that a newmessage has arrived. Click View. 11. In the message window, double-click certnew.p7b. 12. In the Certificate Installer dialog box, click OK. 13. On VAN-EX2, click Start, point to Administrative Tools, and then clickInternet Information Services (IIS) Manager. 14. In Internet Information Services (IIS) Manager, expand VAN-EX2(ADATUM\administrator), expand Sites, expand Default Web Site, andthen click Microsoft-Server-ActiveSync. 15. In the center pane, double-click SSL settings. 16. Select the Require SSL check box, and then click Apply. Close the InternetInformation Services (IIS) Manager. 17. On VAN-CL1, in the Windows Professional emulator, click Menu, click Tools,and then click Options. 18. Click Outlook E-mail, and then select the The server requires an encrypted(SSL) connection check box. 19. Click Nexttwo times, and then click Finish. 20. Click Menu, click Send\Receive, and verify that synchronization is successful.If prompted for the password, type Pa$$w0rd.

Task 7: Wipe the mobile device


1. 2. 3. 4. 5. 6. 7. 8. 9. On VAN-CL1, open Internet Explorer, and connect tohttps://van-ex1.adatum.com/ecp. Click Continue to the website (not recommended). Log on as Adatum\Scott using the password Pa$$w0rd. Click Phone. Notice the PocketPC listed in the Device list. On VAN-EX1, in the Exchange Management Console, under RecipientConfiguration, click Mailbox. In the result pane, click Scott Macdonald. In the action pane, click Refresh. In the action pane, click Manage Mobile Phone. On the Manage Mobile Phone page, click Perform a remote wipe to clearmobile phone data, and then click Clear.

10. In the Microsoft Exchange warning message, click Yes, and then click Finish. 11. In Windows Mobile 6 Professional, and wait for the device to synchronize. Youcan also force synchronization by opening Exchange ActiveSync, and thenclicking Sync. Confirm that the device is wiped. If the device goes blank, it isrebooting after performing the remote wipe. 12. On the Windows Mobile 6.1.4 Professional window, click File, and then clickExit.

To prepare for the next module


When you finish the lab, revert the virtual machines back to their initial state. Todo this, complete the following steps: 1. 2. 3. 4. 5. On the host computer, start Microsoft Hyper-V Manager. Right-click the virtual machine name in the Virtual Machines list, and thenclickRevert. In the Revert Virtual Machine dialog box, click Revert. In the Virtual Machines pane, click 10135A-VAN-DC1, and then in the Actionspane, click Start. To connect to the virtual machine for the next modules lab, click 10135AVAN-DC1, and then in the Actions pane, click Connect.

Important: Start the VAN-DC1 virtual machine first, and ensure that it is fullystarted before starting the other virtual machines.

6. 7.

Wait for VAN-DC1 to start, and then start VAN-EX1. Connect to the virtualmachine. Wait for VAN-EX1 to start, and then start VAN-EX2. Connect to the virtualmachine.

Lab 9: Implementing High Availability

Exercise 1: Deploying a DAG


Task 1: Create a DAG named DAG1 using the Exchange ManagementShell
1. On VAN-EX1, click Start, click All Programs, click Microsoft ExchangeServer 2010, and then click Exchange Management Shell. At the PS prompt, type New-DatabaseAvailabilityGroup Name DAG1 WitnessServer VAN-DC1 WitnessDirectory C:\FSWDAG1 -DatabaseAvailabilityGroupIPAddress 10.10.0.80, and then press ENTER. At the PS prompt, type Add-DatabaseAvailabilityGroupServer DAG1 MailboxServer VAN-EX1, and then press ENTER. On VAN-EX2, click Start, click All Programs, click Microsoft ExchangeServer 2010, and then click Exchange Management Console. In the Console Tree, expand Microsoft Exchange On-Premises, expandOrganization Configuration, and then click Mailbox. In the Results pane, click the Database Availability Groups tab. In the Work pane, on the Database Availability Groups tab, right-click DAG1,and then click Manage Database Availability Group Membership from thecontext menu. In the Manage Database Availability Group Membership Wizard, click Add. In the Select Mailbox Server dialog box, click VAN-EX2, and then click OK.

2.

3.

4.

5.

6. 7.

8. 9.

10. In the Manage Database Availability Group Membership Wizard, click Manageto complete the changes, wait for the installation to finish, and then clickFinish to close the wizard.

Task 2: Create a mailbox database copy of the Accounting database


1. On VAN-EX1, click Start, click All Programs, click Microsoft ExchangeServer 2010, and then click Exchange Management Console. In the Console Tree, expand Microsoft Exchange On-Premises, expandOrganization Configuration, and then click Mailbox. In the Results pane, click the Database Management tab. In the Results pane, click Accounting, and then in the Actions pane, click AddMailbox Database Copy. In the Add Mailbox Database Copy Wizard, click Browse to select the server towhich to add the copy. In the Select Mailbox Server dialog box, click VAN-EX2, and then click OK. In the Add Mailbox Database Copy Wizard, click Add to create the copy of theAccounting mailbox database.

2.

3. 4. 5. 6. 7.

8.

Review the results, and then click Finish.

Task 3: Verify successful completion of database copying


1. 2. 3. In the Results pane, click the Database Management tab, and then clickAccounting. In the bottom Work pane, view the Copy Status column for each databasecopy. Click the Accounting entry that has a Healthy copy status, right-click it, andthen choose Properties from the context menu. View the Status, Copy queue length, and Replay queue length on theGeneral tab, and then click on the Status tab. On the Status tab, view the Seeding, Latest available log time, Last inspectedlog time, Last copied log time, and Last replayed log time properties, andthen click OK.

4.

5.

Task 4: Suspend the Accounting database copy on VAN-EX2


1. 2. 3. In the Results pane, on the Database Management tab, click Accounting. In the bottom Work pane, view the Copy Status column for each databasecopy. Click the Accounting entry that has a Healthy copy status, right-click on it,and then choose Suspend Database Copy from the context menu. In the Suspend Mailbox Database Copy dialog box, type Software Updatesbeing applied, and then click Yes. In the bottom Work pane, view the Copy Status column for each databasecopy. The copy status will turn to Suspended.

4.

5.

Results: After this exercise, you should have created a DAG and a mailbox databasecopy of the Accounting database. The Accounting database copy on VAN-EX2should remain in a suspended state.

Exercise 2: Deploying Highly Available Hub Transport andClient Access Servers


Task 1: Create and configure a client access array forCASArray.adatum.com
On VAN-EX1, in the Exchange Management Shell, at the PS prompt, typeNew-ClientAccessArray FQDN casarray.adatum.com NameCASArray.adatum.com Site Default-First-Site-Name, and then pressENTER.

Task 2: Assign the client access array to the databases


1. 2. At the PS prompt, type Get-MailboxDatabase, and then press ENTER. At the Exchange Management Shell prompt, type Get-MailboxDatabase |Set-MailboxDatabase RpcClientAccessServer casarray.adatum.com, and thenpress ENTER.

Results: At the end of this exercise, you should have created a client access arrayand assigned it to the databases.

Exercise 3: Testing the High Availability Configuration


Task 1: Create a SMTP connector associated with VAN-EX1 andVAN-EX2
1. On VAN-EX2, click Start, click All Programs, click Microsoft ExchangeServer 2010, and then click Exchange Management Console. In the Console Tree, expand Microsoft Exchange On-Premises, expandOrganization Configuration, and then click on Hub Transport. Click the Send Connectors tab, and then in the Actions pane, click New SendConnector. In the Name box, type Internet Mail. In the Select the intended use for this Send connector drop-down menu,select Internet, and then click Next. On the Address space page, click Add. In the SMTP Address space dialog box, in the Address box, type *, click OK,and then click Next on the Address space page. On the Network Settings page, click Route mail through the following smarthosts, and then click Add. In the Add smart host dialog box, click Fully qualified domain name(FQDN).

2.

3. 4. 5.

6. 7.

8. 9.

10. In the Fully qualified domain name (FQDN) box, typevan-dc1.adatum.com, and then click OK. 11. On the Network settings page, click Next. 12. On the Configure smart host authenticates settings page, ensure Noneisselected, and then click Next. 13. On the Source server page, click Add. 14. On the Select Hub Transport or Subscribed Edge Transport Server dialogbox, hold the CTRL key, click VAN-EX1 and VAN-EX2, and then click OK. 15. On the Source server page, click Next. 16. Click New to create the connector, and then click Finish to close the wizard.

Task 2: Stop the SMTP server on VAN-DC1


1. On VAN-DC1, click Server Manager from the quick launch bar.

2. 3.

In the Console Tree, expand Configuration, and then click Services. In the Results pane, click Simple Mail Transfer Protocol (SMTP), and then inthe Actions pane, under Simple Mail Transfer Protocol (SMTP) click MoreActions, and then click Stop.

Task 3: Send an e-mail to an internal user and an external SMTPaddress


1. 2. 3. 4. 5. 6. 7. On VAN-EX1, open Windows Internet Explorer, and connect tohttps://VAN-X1.adatum.com/owa. Log on as Adatum\Jason with a password of Pa$$w0rd. Jasons mailbox is onVAN-EX3. Click OK. Click New to create a new e-mail message. In the To box, type terry@contoso.com; janedow@adatum.com;. In the Subject box, type Shadow Redundancy. In the message body, type Test email, and then click Send. Close Internet Explorer.

Task 4: Use Queue Viewer to locate the message in the queue


1. 2. 3. On VAN-EX2, in the Exchange Management Console, click Toolbox. In the Results pane, double-click Queue Viewer. On the Queues tab, locate the entry with van-dc1.adatum.com as the nexthop domain. If the message is not visible, then complete the following steps: a. Click Connect to Server in the Actions pane. b. On the Connect to Server dialog box, click Browse. c. On the Select Exchange Server dialog box, click VAN-EX1, click OK, andthen click Connect. d. On the Queues tab, locate the entry with the van-dc1.adatum.com as thenext hop domain. In the Actions pane, click Connect to Server. On the Connect to Server dialog box, click Browse. On the Select Exchange Server dialog box, click VAN-EX3, click OK, and thenclick Connect. Click the Queues tab, and then click Create Filter. In the first drop-down menu, select Delivery Type. In the second drop-down menu, select Equals.

4. 5. 6. 7. 8. 9.

10. In the third drop-down menu, select Shadow Redundancy. 11. Click Apply Filter.

12. Examine the shadow-redundancy queue contents. 13. Click on the Messages tab, and then click Create Filter. 14. In the first drop-down menu, select From Address. 15. In the second drop-down menu, select Equals. 16. In the third drop-down menu, type JasonCarlson@adatum.com. 17. Click Apply Filter. 18. Examine the message in the VAN-EX3\Shadow queue.

Task 5: Start SMTP service on VAN-DC1 to allow delivery of thequeued message


1. 2. On VAN-DC1, in Server Manager, expand Configuration, and then click onServices. In the Results pane, click Simple Mail Transport Protocol (SMTP), and thenin the Actions pane, under Simple Mail Transfer Protocol (SMTP), clickMore Actions, and then click Start.

Task 6: Verify that the messages were removed from the shadowredundancy queue
1. 2. 3. On VAN-EX2, in the Queue Viewer, verify that you are connected to VAN-EX3. Click the Queues tab, and verify that the Shadow Redundancy filter is stillbeing applied. Examine the contents of the shadow redundancy queue.

Note: You may need to wait a few minutes for the message to be removed from theShadow redundancy queue.

Task 7: Verify the copy status of the Accounting database, and resumethe database copy
1. On VAN-EX1, in the Exchange Management Console, locate the Console Tree,expand Organization Configuration, and then click Mailbox. In the Results pane, click the Database Management tab, and then clickAccounting. In the bottom Work pane, view the Copy Status column for each databasecopy, click the Accounting entry that has a Suspended copy status, right-clickon it, and then choose Properties from the context menu. View the Status, Copy queue length, and Replay queue length on theGeneral tab, and then click on the Status tab. On the Status tab, view the Seeding, Latest available log time, Last inspectedlog time, Last copied log time, and Last replayed log time properties, andthen click OK. Click the Accounting entry that has a Suspended copy status, right-click on it,and then choose Resume Database Copy from the context menu.

2. 3.

4.

5.

6.

7. 8.

On the Resume Mailbox Database Copy dialog box, click Yes. Wait until the copy status of the Accounting database copy on VAN-EX2 isHealthy. You may need to refresh the display.

Task 8: Perform a switchover on the Accounting database to make theVAN-EX2 copy active
1. In the bottom Work pane, view the Copy Status column for each databasecopy, click the Accounting entry that has a Healthy copy status, right-click onit, and then choose Activate Database Copy from the context menu. In the Activate Database Copy dialog box, verify Noneis selected, and thenclick OK.

2.

Task 9: Simulate a server failure


1. On VAN-EX1, in the Results pane, click the Database Management tab. Waituntil the Accounting database copy status for VAN-EX1 is Healthy. In Hyper-V Manager, select 10135A-VAN-EX2, and then click Revert in theActions pane. In the Revert Virtual Machine dialog box, click Revert. View the status of the Accounting database in the Results pane. The databasecopy on VAN-EX1 will change to a Mounted status, and the database copy onVAN-EX2 will have a ServiceDownstatus.

2.

3.

Results: After this exercise, you should have verified that the mailbox databasescould fail over and switch between DAG servers, and that Hub Transport shadowredundancy is working properly.

Lab 10: Enable Personal Archives and Retention Policies

Task 1: Enable Personal Archives for all mailboxes in MailboxDatabase 1


1. 2. 3. 4. 5. 6. In the Exchange Management Console, expand Recipient Configuration, and then click Mailbox. In the Mailbox Entire Forest pane, click Create Filter. Configure the filter as Database equals Mailbox Database 1, and then clickApply Filter. Select all visible mailboxes by using SHIFT+click. Right-click the selected mailboxes, and then click Enable Archive. In the warning window, click Yes.

Task 2: Review the default policy tags


1. In the Exchange Management Shell, type the following command, and then press ENTER: Get-RetentionPolicyTag

Question: Are any retention policy tags listed? If so, which ones? Answer: There are no retention policy tags listed. 2. In the Exchange Management Shell, type the following command, and then press ENTER: Get-RetentionPolicyTag IncludeSystemTags

Question: Are any retention policy tags listed? If so, which ones? Answer: Autogroup, personal tag, DeleteAndAllow recovery after 30 days. ModeratedRecipients, personal tag, DeleteAndAllow recovery after 5 days. Personal 1 Year move to archive, personal tag, MoveToArchive after 365days. Default 2 year move to archive, default/All, MoveToArchive after 730 days. Personal 5 year move to archive, personal tag, MoveToArchive after 1825days. Personal never move to archive, personal tag, MoveToArchive, retention isnot enabled.

Task 3: Create the Standard Mailbox Retention Policy


1. On VAN-EX1, in the Exchange Management Shell, type the followingcommand, and then press ENTER:New-RetentionPolicyTag Default 1 year archive Type All CommentArchive messages after 1 year RetentionEnabled $trueAgeLimitForRetention 365 RetentionActionMoveToArchive In the Exchange Management Shell, type the following command, and thenpress ENTER: New-RetentionPolicyTag DeletedItems 30 day removal TypeDeletedItems Comment Remove deleted items after 30 daysRetentionEnabled $true AgeLimitForRetention 30 RetentionActionDeleteAndAllowRecovery 3. In the Exchange Management Shell, type the following command, and thenpress ENTER: New-RetentionPolicy Standard Mailbox Retention Policy RetentionPolicyTagLinks Default 1 year archive, DeletedItems 30 day removal, Personal never move to archive

2.

Task 4: Apply the retention policy to the mailboxes in MailboxDatabase 1

1. 2.

On VAN-EX1, in the Exchange Management Shell, type the following command, and then press ENTER: Get-Mailbox Database Mailbox Database 1 | format-table Name,RetentionPolicy In the Exchange Management Shell, type the following command, and then press ENTER: Get-Mailbox Database Mailbox Database 1 | Set-Mailbox RetentionPolicy Standard Mailbox Retention Policy In the Exchange Management Shell, type the following command, and then press ENTER: Get-Mailbox Database Mailbox Database 1 | format-table Name,RetentionPolicy

3.

Results: After this exercise, you should have prevented messages classified asCompany Internal from being sent to the Internet, created a retention policy andapplied it to all of the mailboxes in Mailbox Database 1.

You might also like