Exchange配置

Exchange2019安装前准备:

1.安装.net4.8
2.安装vcredist
3.安装UcmaRuntime
4.安装rewrite_amd64_zh-CN

5.准备DAG IP,设置心跳网卡网段

 

安装功能组件
5.Install-WindowsFeature Server-Media-Foundation, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

在exchange服务器上运行以下命令扩展ad架构
Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF
Setup.exe /PrepareAD /OrganizationName:“test19” /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF
Setup.exe /PrepareAD /OrganizationName:“yixin” /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF

 

运行setup.exe开始安装ex()自动安装windows功能

 

PowerShell导入导出证书,分配给服务

#查看当前有效证书
Get-ExchangeCertificate | where {$_.Status -eq "Valid"} | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,NotBefore,NotAfter,Services
#根据上一步结果导出在用的证书
$cer_print = '56F6563BA880279'

Export-ExchangeCertificate -Thumbprint $cer_print -FileName "d:\operations\tools\cer_test19.pfx" -BinaryEncoded -Password (ConvertTo-SecureString -String 'aa.com' -AsPlainText -Force)
#导入上一步导出的证书
Import-ExchangeCertificate -FileName "\\ex1901\d$\operations\tools\cer_taoche.pfx" -Password (ConvertTo-SecureString -String 'aa.com' -AsPlainText -Force)
#查看当前有效证书
Get-ExchangeCertificate | where {$_.Status -eq "Valid"} | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,NotBefore,NotAfter,Services

#将证书分配给服务
Enable-ExchangeCertificate -Thumbprint $cer_print -Services POP,IMAP,IIS,SMTP

 

配置虚拟目录:

1.配置Outlook anywhere
   ecp-服务器-服务器属性-outlook anywhere,配置内外部域名
或者命令如下:
$uri_anywhere = "mail.test19.com"
$domain_name = "test19.com"
$Server_name = $env:computername

Set-OutlookAnywhere -identity ($Server_name+'\Rpc (Default Web Site)')  -ExternalHostname $uri_anywhere -InternalHostname $uri_anywhere -InternalClientsRequireSsl $true -ExternalClientsRequireSsl $true -SSLOffloading $false -ExternalClientAuthenticationMethod Basic
get-OutlookAnyWhere |select server,ExternalHostname ,InternalHostname,InternalClientsRequireSsl,ExternalClientsRequireSsl,SSLOffloading,ExternalClientAuthenticationMethod |ft -wrap -autosize

2.配置SCP

$uri_discover = 'https://autodiscover.' + $domain_name + '/Autodiscover/Autodiscover.xml'
Set-ClientAccessServer -Identity $server_name -AutodiscoverServiceInternalURI  $uri_discover
Get-ClientAccessServer |select server,AutodiscoverServiceInternalURI |ft -wrap -autosize

   
3.配置虚拟目录
    ECP-服务器-虚拟目录-Type:OWA-认证方式

$FQDN = $uri_anywhere
Get-OWAVirtualDirectory -Server $Server_name | Set-OWAVirtualDirectory -InternalURL “https://$($FQDN)/owa” -ExternalURL “https://$($FQDN)/owa”
Get-ECPVirtualDirectory -Server $Server_name | Set-ECPVirtualDirectory -InternalURL “https://$($FQDN)/ecp” -ExternalURL   “https://$($FQDN)/ecp”
Get-OABVirtualDirectory -Server $Server_name | Set-OABVirtualDirectory -InternalURL “https://$($FQDN)/oab” -ExternalURL   “https://$($FQDN)/oab”
Get-ActiveSyncVirtualDirectory -Server $Server_name | Set-ActiveSyncVirtualDirectory -InternalURL “https://$($FQDN)/Microsoft-Server-ActiveSync” -ExternalURL “https://$($FQDN)/Microsoft-Server-ActiveSync”
Get-WebServicesVirtualDirectory -Server $Server_name | Set-WebServicesVirtualDirectory -InternalURL “https://$($FQDN)/EWS/Exchange.asmx” -ExternalURL “https://$($FQDN)/EWS/Exchange.asmx”
Get-MapiVirtualDirectory -Server $Server_name | Set-MapiVirtualDirectory -InternalURL “https://$($FQDN)/mapi” -ExternalURL https://$($FQDN)/mapi

重启iis服务:iisreset


检查以上设置:
Get-OWAVirtualDirectory |select server,InternalURL,ExternalURL |ft -wrap -autosize
Get-ECPVirtualDirectory |select server,InternalURL,ExternalURL |ft -wrap -autosize
Get-OABVirtualDirectory |select server,InternalURL,ExternalURL |ft -wrap -autosize
Get-ActiveSyncVirtualDirectory |select server,InternalURL,ExternalURL |ft -wrap -autosize
Get-WebServicesVirtualDirectory |select server,InternalURL,ExternalURL |ft -wrap -autosize
Get-MapiVirtualDirectory |select server,InternalURL,ExternalURL |ft -wrap -autosize
#Get-powershellVirtualDirectory |select server,InternalURL,ExternalURL |ft -wrap -autosize

 

 

新建DAG:

1.将Exchange Trusted Subsystem组加入AD本地Administrators组
2.新建DAG组,指定见证服务器(DC服务器FQDN),见证目录(见证目录 C:\DAGFileShareWitnesses 无需提前创建),DAG IP同Excange服务器
3.将ex服务器加入DAG组
    如遇如下报错,可尝试手动安装故障转移群集组件,安装的时候,该组件实际已安装完成待重启,重启后重新添加成员服务器成功

 

修改见证服务器:

先在新见证服务器上新建目录,然后再在ECP直接修改为新的见证服务器和目录即可

 设置DAG网络:

选择“手动配置数据库可用性组网络”,指定DAG IP

编辑DAG网络 MapiDagNetwork,禁用复制,只保留DAG网段

新建DAG复制网络 ReplicationDagNetwork,启用复制,使用心跳网段

设置数据库副本

posted on 2022-02-23 15:16  momingliu11  阅读(671)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2024 momingliu11
Powered by .NET 8.0 on Kubernetes