Installing and Configuring the Basics of Exchange Server 2013 for a Brand-New Environment (part 8)

14. Preparing Your Environment for Exchange Server 2013

Before deploying Exchange Server 2013, there are several steps that must be done, and several more that are highly recommended.

Performing an Active Directory Health Check

This is a step that is highly recommended, especially if AD is not being set up from scratch (as it is in our scenario). The existing AD environment should be validated to ensure it is functioning correctly. Because Exchange Server relies so heavily on Active Directory, an extensive health check utilizing tools such as DCDiag, NetDiag, and Replication Monitor can help identify any underlying problems that will impact the installation or performance of Exchange Server. A combination of Windows Server 2003 and Windows Server 2008 support tools can be utilized for these tasks.

Granting the Appropriate Permissions

To install Exchange Server 2013, you must make sure the domain account you will be using is a member of the following groups: Domain Admins, Enterprise Admins, and Schema Admins.

To do so, perform the following steps:

1. On the domain controller, from the Start menu, select Administrative Tools, then Active Directory Users and Computers.

2. Right-click the domain and click Find. Enter the name of the account that you will be using to install Exchange Server 2013 and click Find Now.

3. Double-click the user account and select the Member Of tab.

4. Click Add. In the Enter the Object Names to Select field, type Enterprise Admins; Domain Admins; Schema Admins (separated by semicolons as shown). Click Check Names to ensure all group names are resolved, and then click OK. Ensure all three groups show in the Member Of section and click Apply. Click OK to exit the screen.

Installing the Base Operating System on Your Exchange Server

Exchange Server 2013 can be installed on Windows Server 2008 R2 Standard or Enterprise with SP1, Windows Server 2008 R2 Datacenter RTM or later, or Windows Server 2012 operating systems. Although either Standard or Enterprise can be used, the Enterprise version is required for some of the more advanced Exchange Server features such as DAGs.

Perform the following steps to deploy and join the Exchange server to the domain:

1. Install Windows Server 2008 R2 with Service Pack 1 on your Exchange server .

2. On the TCP/IPv4 settings of your new Exchange server configure your domain controller/DNS server as the preferred DNS server.

3. From the Initial Configuration Tasks screen, click Provide Computer Name and Domain.

4. On the Computer Name tab, click Change.

5. In the Member Of section, select the Domain option button and type the name of the domain you created. In our example, this is companyabc. Click OK to continue.

6. When prompted, enter the administrator name and password for your domain and click OK.

7. When prompted with “Welcome to the companyabc Domain,” click OK; then click OK again to acknowledge that the computer must be restarted. Close all open windows and, when prompted, click Restart Now.

8. After the computer restarts, from the logon screen, click Switch User; then click Other User and enter the domain administrator credentials in the following format: domain\administrator, where domain is the name of your domain, and administrator is the administrative account for that domain.

Preparing Internet Explorer to Accept ActiveX Downloads

The default security settings of Windows Server 2008 R2, combined with the default security settings of Internet Explorer 8.0, can result in some real challenges when attempting to download the prerequisite applications for Exchange Server. To ease the process, perform the following settings.

1. On the new Exchange server, log on with your domain administrative account.

2. Right-click the Internet Explorer icon and click Run as Administrator. Ensure you have Internet connectivity by bringing up an Internet website. If you do not, troubleshoot your network settings and resolve any issues before continuing.

3. In Internet Explorer, select Tools, and then Internet Options. Select the Security tab and then the Trusted Sites icon, and click Sites.

4. In the Add This Website to the Zone field, type https://connect.microsoft.com and click Add. Then type https://download.microsoft.com and click Add. When finished, click Close.

5. Click the Internet icon and click Custom Level. Under the ActiveX Controls and Plug-Ins section, change Download Signed ActiveX Controls to Prompt (Recommended).

6. Click OK and click Yes in response to the warning; then click OK again and exit Internet Explorer.

Installing Required Windows Roles and Features

There are several additional operating system components that are prerequisites for all Exchange Server 2013 roles. In addition, there are specific prerequisites that are required for each of the individual roles.

To determine what prerequisites are needed for each role, review the Exchange Server 2013 Prerequisites document on Microsoft TechNet.

The following components are required for a server that will contain the Client Access and Mailbox server roles:

• Web-Server

• Web-ISAPI-Ext

• Web-Metabase

• Web-Lgcy-Mgmt-Console

• Web-Basic-Auth

• Web-Digest-Auth

• Web-Windows-Auth

• Web-Dyn-Compression

• NET-HTTP-Activation

• RPC-over-HTTP-proxy

• Desktop-Experience

• NET-Framework

• RSAT-Clustering

• RSAT-Web-Server

• WAS-Process-Model

• Web-Asp-Net

• Web-Client-Auth

• Web-Dir-Browsing

• Web-Http-Errors

• Web-Http-Logging

• Web-Http-Redirect

• Web-Http-Tracing

• Web-ISAPI-Filter

• Web-Mgmt-Console

• Web-Mgmt-Service

• Web-Net-Ext

• Web-Request-Monitor

• Web-Stat-Compression

• Web-Static-Content

• Web-WMI

To install these roles, perform the following steps:

1. Log on with your domain administrator account. Run Windows PowerShell as an administrator.

2. Run the following command to load the Server Manager module:

Import-Module ServerManager

3. Run the following command to install the required roles and features:

Add-WindowsFeature Desktop-Experience, NET-Framework, NET-HTTP-Activation,
RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Web-Server, WAS-Process-Model,
Web-Asp-Net, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth,
Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging,
Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter,
Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service,
Web-Net-Ext, Web-Request-Monitor, Web-Server, Web-Stat-Compression,
Web-Static-Content, Web-Windows-Auth, Web-WMI

When complete, you should see Success: True.

4. Upon completion, close all open windows and restart the server.

Installing the Prerequisites

After installing the additional roles and features, there are some software applications that must be installed on the server before you can run the Exchange Setup Wizard. Except as noted in the following, these applications must be installed regardless of which server role you are going to install. Install the following applications in the order shown:

Installing Microsoft .NET Framework 4.5

Windows Server 2012 includes .NET Framework 4.5. Therefore, this section can be skipped for a Windows Server 2012 installation. To install .NET Framework 4.5, follow these steps:

1. Log on to the server with your domain administrative account.

2. Download the .NET Framework 4.5 directly through the Microsoft Download Center.

3. Navigate to the directory containing the downloaded file. Double-click the downloaded file to start the install. When prompted with “Do You Want to Run This File?” click Run.

4. Accept the license terms by clicking I Have Read and Accept the License Terms. Click Install to start the installation.

5. Click Finish when complete.

Installing Windows Management Framework 3.0 (KB2506143)

This section can be skipped for a Windows Server 2012 installation. To install Windows Management Framework 3.0, follow these steps:

1. Log on to the server with your domain administrative account.

2. Download the correct Windows Management Framework package for your operating system and architecture directly through the Microsoft Download Center.

3. Navigate to the directory containing the downloaded file. Double-click the downloaded file to start the install. When prompted with “Do You Want to Install the Following Windows Software Update?” click Yes.

4. Accept the license terms by clicking I Accept to start the installation.

5. Once completed, click Restart Now.

Installing Microsoft Unified Communications Managed API 4.0, Core Runtime 64-Bit

To install the Unified Communications Managed API 4.0, follow these steps:

1. Log on to the server with your domain administrative account.

2. Download the Microsoft Unified Communications Managed API 4.0, Core Runtime 64-bit directly through the Microsoft Download Center.

3. Navigate to the directory containing the downloaded file. Double-click the downloaded file to start the install. When prompted with “Do You Want to Run This File?” click Run.

4. From the Microsoft Unified Communications Managed API 4.0, Runtime Wizard, click Next.

5. Accept the license terms by clicking I Have Read and Accept the License Terms. Click Install to start the installation.

6. Click Finish when complete.

Installing the Microsoft Office 2010 Filter Pack 64-Bit

This section is required only for Exchange Server 2013 servers that will have the Mailbox server role installed. To install the Microsoft Office 2010 Filter Pack 64-Bit, follow these steps:

1. Log on to the server with your domain administrative account.

2. Download the Microsoft Office 2010 Filter Pack directly through the Microsoft Download Center.

3. Navigate to the directory containing the downloaded file. Double-click the downloaded file to start the install. When prompted with “Do You Want to Run This File?” click Run.

4. From the Welcome screen, click Next.

5. Accept the license terms by clicking I Accept the Terms in the Licensing Agreement. Click Next to start the installation.

6. When complete, click OK to exit the installation.

Installing Service Pack 1 for Microsoft Office Filter Pack 2010 (KB2460041) 64-Bit Edition

This section is required only for Exchange Server 2013 servers that will have the Mailbox server role installed. To install Service Pack 1, follow these steps:

1. Log on to the server with your domain administrative account.

2. Download the Service Pack 1 for Microsoft Office Filter Pack 2010 (KB2460041) directly through the Microsoft Download Center.

3. Navigate to the directory containing the downloaded file. Double-click the downloaded file to start the install. When prompted with “Do You Want to Run This File?” click Run.

4. From the Microsoft Software License Terms screen, click Click Here to Accept the Microsoft Software License Terms and click Continue.

5. When complete, click OK to exit the installation.

Installing Windows Identity Foundation (KB974405)

This section can be skipped for a Windows Server 2012 installation. To install Windows Identity Foundation, follow these steps:

1. Log on to the server with your domain administrative account.

2. Download Windows Identity Foundation directly through the Microsoft Download Center.

3. Navigate to the directory containing the downloaded file. Double-click the downloaded file to start the install.

4. When prompted with “Do You Want to Install the Following Windows Software Update?” click Yes.

5. Accept the license terms by clicking I Accept to start the installation.

6. When complete, click Close to exit the installation.

Installing the Hot Fix to Enable the Association Cookie/GUID That Is Used by RPC over HTTP (KB2619234)

This section can be skipped for a Windows Server 2012 installation. To install the hot fix, follow these steps:

1. Log on to the server with your domain administrative account.

2. Open Internet Explorer and go to www.support.microsoft.com. Search for KB2619234. Select the hot fix.

3. On the Microsoft Support page for the hot fix, click Hotfix Download Available. On the Terms and Conditions screen, click I Accept.

4. Click the Select box for the Windows 7/Windows Server 2008 R2 SP1, Fix381274. Enter your email, confirm your email, and type the characters shown in the Picture. Click Request Hotfix.

5. Navigate to your email, locate the email with the hot fix, and follow the instructions for downloading the hot fix.

6. Navigate to the directory containing the downloaded file. Double-click the downloaded file to start the install. When prompted with “Do You Want to Run This File?” click Run.

7. Click Continue on the Microsoft Self-Extractor screen. Select a folder where the files can be extracted and click OK. Click OK when the files are unzipped successfully.

8. Navigate to the folder where the file was extracted. Double-click the file to start the install. When prompted “Do You Want to Install the Following Windows Software Update?” click Yes.

9. Once completed, click Restart Now.

Installing Updates for Microsoft Security Advisory: Insecure Library Loading Could Allow Remote Code Execution (KB2533623)

This section can be skipped for a Windows Server 2012 installation. To install this hot fix, follow these steps:

1. Log on to the server with your domain administrative account.

2. Open Internet Explorer and go to www.support.microsoft.com. Search for KB2533623. Select Microsoft Security Advisory: Insecure Library Loading Could Allow Remote Code Execution.

3. On the Validation Required screen, click Continue.

4. Look for the Internet Explorer Information Bar. When prompted with “This Website Wants to Install the Following Add-On: ‘Windows Genuine Advantage’ from Microsoft Corporation,” click Install.

5. When prompted “Do You Want to Install this Software?” click Install.

6. On the hot fix download screen, click Download.

7. Save the file to a local folder.

8. Double-click the downloaded file to start the install. When prompted with “Do You Want to Install the Following Windows Software Update?” click Yes.

9. Once completed, click Restart Now.

Installing the Active Directory Services Remote Management Tools

These steps allow an administrator to perform the schema and domain preparation commands from your Windows Server 2008 server.

To install the Active Directory Services Remote Management Tools, follow these steps:

1. Log on with your domain administrator account. Open Windows PowerShell as an administrator.

2. Run the following command:

Add-WindowsFeature RSAT-ADDS

Upon completion, you see four warnings in yellow stating “You Must Restart This Server to Finish the Installation.”

3. After you have successfully installed the Role Administration Tools and the Active Directory Domain Services Tools, close all open windows and restart the server as instructed.