Windows Server
Windows Server AD:
What is Active directory Service?
Active Directory provides the means to manage the identities and relationships that make up your organization's network. Integrated with Windows Server, Active Directory gives you out-of-the-box functionality needed to centrally configure and administer system, user, and application settings.
Active Directory Schema
Windows 2000 and Windows Server 2003 Active Directory uses a database
set of rules called "Schema". The Schema is defines as the formal
definition of all object classes, and the attributes that make up those
object classes, that can be stored in the directory. As mentioned
earlier, the Active Directory database includes a default Schema, which
defines many object classes, such as users, groups, computers, domains,
organizational units, and so on. These objects are also known as
"Classes". The Active Directory Schema can be dynamically extensible,
meaning that you can modify the schema by defining new object types and
their attributes and by defining new attributes for existing objects.
You can do this either with the Schema Manager snap-in tool included
with Windows 2000/2003 Server, or programmatically.
Microsoft Lync 2010 Installation
Install fresh copy of windows 2008 R2 standard or Enterprise edition.
After installation apply the windows update.
After complete the update restart the server.
Assign the machine name for the server and add the machin to domain(example: fqs.com).
Install the Active Directory Certificate Services in ADS server.
Now we need to install some pre-request component in the the domain added server for before LYNC installation.
Add RSAT (only AD DS and AD LDS Tools are required) from within features in Server Manager (used for performing remote schema updates etc.) this will also prompt you to add the .NET Framework 3.5 feature, you must accept this.
Add IIS, this is made easier by running this command line:
Command:
ServerManagerCmd.exe -Install Web-Server Web-Http-Redirect Web-Scripting-Tools
Web-Windows-Auth Web-Client-Auth Web-Asp-Net Web-Log-Libraries Web-Http-Tracing
Web-Basic-Auth
Open the command prompt and run the command
Finally, install Silverlight from here (required to execute the Lync Server UI
or Lync Server Control Panel)
Following Steps to install the Lync 2010 Server.
Insert Lync2010 server setup DVD or mount the ISO files in the server.
click the setup.exe file to install
The first thing you’ll see upon execution is a prompt asking you to install Microsoft Visual C++ 2008 Redistributable, click yes to install.
A few minutes later the following dialogue will appear. Given my single partition setup, I choose to accept the default installation directory.
Now you will be presented with a familiar looking wizard that will guide
you through the install process. In my case I have already completed the Active Directory preparation steps and provided you are logged in with a Domain Admin or equivalent account and your AD is in good shape this should complete without a hitch (it did in my case!). As per the installation steps, once this is completed add your chosen admin account to the newly created CSAdministrator group.
Head back to the main deployment wizard screen and select the option to
Prepare first Standard Edition Server (top right hand option). This will
install a copy of SQL 2008 Express, Lync Server core installation files
and create an RTC database – let this take its course and once complete
you’ll be presented with the following dialogue.
Next we need to create or deploy topology.
Click Start --> All Programs --> Microsoft Lync2010--> Select
Lync Server topology builder
Next install the Topology Builder via the main deployment screen, when this completes you gain a green tick to signify a successful install. Now the fun stuff, we need to define our topology by launching the topology builder via the start menu, as explained earlier Lync offers a difference in architecture to OCS 2007 and the Central Management Store (CMS) is no exception. The CMS is a SQL database where you publish your chosen topology, this takes away the dependency for Lync to require the AD for configuration purposes and is required to complete the installation.
Upon launching the Topology Builder we are presented with three options, choose New Topology (see below).
A dialogue will ask you to choose a save file/location, I’m going to accept the default location and call the file MyTopology.tbxml. Next you are asked for your primary SIP domain, I’ll be using my test AD domain for this Jacobs.local (see below).
You may notice that should you choose to input anything with invalid formatting, you’ll be asked to correct the problem and a RED square box will identify the bad string. Click next, I didn’t choose to add any additional SIP domains. Next give your site a name, I’ll use MyLab (see below).
Next site details, mine are below.
And with this completed you are prompted to open the New Front End Wizard, leave this checked. Here you’ll need to define the New Front End pool.
First of all we need to input the pool’s FQDN, in my case it will be lync.jacobs.local (Lync is the name of my server). I’ll also be opting for the Standard Edition Server Topology (they’ll be no high availability and an additional SQL Express instance, this will host the user and application store and will be installed automatically upon publishing the policy).
We are now going to select the features required and therefore destined to be collocated, I’ll be installing Conferencing (without Dial-in, I’m not going for PSTN voice integration for this lab setup), Enterprise Voice and Call Admission Control.
I’ll choose to collocate the Mediation Server (it will be redundant for now, given my choice to hang fire on voice integration).
Given my single server approach and lack of any need to archive, monitor or federate within my lab, I’ll choose to not select any additional server roles within the next screen.
I don’t need to define my SQL store as my Standard Edition will perform the SQL Express installation automatically.
Now we’ll need to create a file share, create it locally and ensure the account you are currently using to run the topology builder has read/write access to this folder. I’ll call my folder and share name “LyncShare”.
The next screen will ask you for an external URL, if you have a public facing FQDN for this server, it goes here. On the next screen (specify PSTN gateways, click finish, if you, like me are not configuring PSTN integration). You will now be taken back to the main topology builder screen, where you can view a detailed summary of your chosen setup. Click edit properties on the top right (below New Central Site) as you will need to add a few final tweaks.
First, you need to add an administrative URL, in my case https://admin.jacobs.local and select the front end server to install your CMS on (all things being equal you should have one option here, your previously specified pool FQDN).
You are all set to publish your topology! To do so select this option from the right hand side of the main topology builder screen.
If you followed the guide correctly validation should succeed, click next on the publish topology wizard.
Accept the front end pool default by clicking next.
Next the Central Management Store is created. When the wizard completes a text based to-do list can be presented with remaining tasks, you’ll need to create three DNS A records for the simple URLs specified – these should be directed to the IP address of your Lync Server (I won’t cover this). I will cover the final install step – the server components install.
To finish your server installation you need to head back to the Lync Server Deployment Wizard, now accessible via the start menu. Choose Install or Update Lync Server System to continue.
Choose step 1 to install a local CMS and choose the option to retrieve directly from the CMS.
Upon completion, click finish.
Choose step 2 to install Lync Server Components.
You may be asked to restart, should this occur click finish and manually restart your server. After logging back in re-execute the deployment wizard and click step 2 from within Install or Update Lync Server System for the second time, it will automatically resume from where it left off. With this complete, click finish.
Step 3 is where certificates are requested and assigned to the server and both internal/external web services. Click request (see below).
The following dialogue will be presented, choose to send the request immediately to an online certificate authority (this will submit via AD Certificate Services).
Select your local CA via the detected server list, click next until you see the option to specify a friendly name, I’ll use Lync.
Choose friendly organisation names, country, state/city and click next. You now need to configure and accept subject alternate names (SAN) – this is where a single certificate can handle multiple common names or domain names. In my case I’ll accept my locally configured SIP domain. You can add additional names where you have a public facing FQDN, click finish to execute certificate commands. The assign the requested certificates (see below).
Upon completion the following screen will be presented.
Gentlemen start your services, or just click step 4! If you want to verify everything went A okay there is an option to launch services.msc. Looking good!
Let’s launch the Lync Server Control Panel via the start menu and enable a test user, provided you installed Silverlight and you’re A records resolve – in my case, admin.jacobs.local you should be asked to authenticate with your CSAdministrator admin details.
Within top actions enable a user for Lync Server. (see below)
Finally you will need to create a SRV DNS record for your new Lync Server, without this your Lync client will be unable to locate the server location. To create, access your DNS manager and right click the Forward Lookup Zone for your SIP FQDN. Then click other new records and Service Location (SRV), complete using your own server settings as per the illustration below.
All things being equal you should now be able to install and login with your Lync client by using the corresponding sign-in address, give yourself a pat on the back!
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Next install the Topology Builder via the main deployment screen, when this completes you gain a green tick to signify a successful install. Now the fun stuff, we need to define our topology by launching the topology builder via the start menu, as explained earlier Lync offers a difference in architecture to OCS 2007 and the Central Management Store (CMS) is no exception. The CMS is a SQL database where you publish your chosen topology, this takes away the dependency for Lync to require the AD for configuration purposes and is required to complete the installation.
Upon launching the Topology Builder we are presented with three options, choose New Topology (see below).
A dialogue will ask you to choose a save file/location, I’m going to accept the default location and call the file MyTopology.tbxml. Next you are asked for your primary SIP domain, I’ll be using my test AD domain for this Jacobs.local (see below).
You may notice that should you choose to input anything with invalid formatting, you’ll be asked to correct the problem and a RED square box will identify the bad string. Click next, I didn’t choose to add any additional SIP domains. Next give your site a name, I’ll use MyLab (see below).
Next site details, mine are below.
And with this completed you are prompted to open the New Front End Wizard, leave this checked. Here you’ll need to define the New Front End pool.
First of all we need to input the pool’s FQDN, in my case it will be lync.jacobs.local (Lync is the name of my server). I’ll also be opting for the Standard Edition Server Topology (they’ll be no high availability and an additional SQL Express instance, this will host the user and application store and will be installed automatically upon publishing the policy).
We are now going to select the features required and therefore destined to be collocated, I’ll be installing Conferencing (without Dial-in, I’m not going for PSTN voice integration for this lab setup), Enterprise Voice and Call Admission Control.
I’ll choose to collocate the Mediation Server (it will be redundant for now, given my choice to hang fire on voice integration).
Given my single server approach and lack of any need to archive, monitor or federate within my lab, I’ll choose to not select any additional server roles within the next screen.
I don’t need to define my SQL store as my Standard Edition will perform the SQL Express installation automatically.
Now we’ll need to create a file share, create it locally and ensure the account you are currently using to run the topology builder has read/write access to this folder. I’ll call my folder and share name “LyncShare”.
The next screen will ask you for an external URL, if you have a public facing FQDN for this server, it goes here. On the next screen (specify PSTN gateways, click finish, if you, like me are not configuring PSTN integration). You will now be taken back to the main topology builder screen, where you can view a detailed summary of your chosen setup. Click edit properties on the top right (below New Central Site) as you will need to add a few final tweaks.
First, you need to add an administrative URL, in my case https://admin.jacobs.local and select the front end server to install your CMS on (all things being equal you should have one option here, your previously specified pool FQDN).
You are all set to publish your topology! To do so select this option from the right hand side of the main topology builder screen.
If you followed the guide correctly validation should succeed, click next on the publish topology wizard.
Accept the front end pool default by clicking next.
Next the Central Management Store is created. When the wizard completes a text based to-do list can be presented with remaining tasks, you’ll need to create three DNS A records for the simple URLs specified – these should be directed to the IP address of your Lync Server (I won’t cover this). I will cover the final install step – the server components install.
To finish your server installation you need to head back to the Lync Server Deployment Wizard, now accessible via the start menu. Choose Install or Update Lync Server System to continue.
Choose step 1 to install a local CMS and choose the option to retrieve directly from the CMS.
Upon completion, click finish.
Choose step 2 to install Lync Server Components.
You may be asked to restart, should this occur click finish and manually restart your server. After logging back in re-execute the deployment wizard and click step 2 from within Install or Update Lync Server System for the second time, it will automatically resume from where it left off. With this complete, click finish.
Step 3 is where certificates are requested and assigned to the server and both internal/external web services. Click request (see below).
The following dialogue will be presented, choose to send the request immediately to an online certificate authority (this will submit via AD Certificate Services).
Select your local CA via the detected server list, click next until you see the option to specify a friendly name, I’ll use Lync.
Choose friendly organisation names, country, state/city and click next. You now need to configure and accept subject alternate names (SAN) – this is where a single certificate can handle multiple common names or domain names. In my case I’ll accept my locally configured SIP domain. You can add additional names where you have a public facing FQDN, click finish to execute certificate commands. The assign the requested certificates (see below).
Upon completion the following screen will be presented.
Gentlemen start your services, or just click step 4! If you want to verify everything went A okay there is an option to launch services.msc. Looking good!
Let’s launch the Lync Server Control Panel via the start menu and enable a test user, provided you installed Silverlight and you’re A records resolve – in my case, admin.jacobs.local you should be asked to authenticate with your CSAdministrator admin details.
Within top actions enable a user for Lync Server. (see below)
Finally you will need to create a SRV DNS record for your new Lync Server, without this your Lync client will be unable to locate the server location. To create, access your DNS manager and right click the Forward Lookup Zone for your SIP FQDN. Then click other new records and Service Location (SRV), complete using your own server settings as per the illustration below.
All things being equal you should now be able to install and login with your Lync client by using the corresponding sign-in address, give yourself a pat on the back!
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Microsoft Exchange 2010 Installation
System Requirements
First, you need to make sure that your Active Directory (AD) environment and your Exchange server meet the minimum requirements:
- AD forest functional level is Windows Server 2003 (or higher)
- AD Schema Master is running Windows Server 2003 w/SP1 or later
- Full installation of Windows Server 2008 w/SP2 or later OR Windows Server 2008 R2 for the Exchange server itself
Exchange server is joined to the domain (except for the Edge Transport server role)
Prerequisites
We are going to install Exchange 201 Server in windows server 2008 R2.
Before installing Exchange we need to install some Windows components.
- Install the 2007 Office System Converter: Microsoft Filter Pack
- Add the appropriate Windows components/features
- Open PowerShell via the icon on the task bar or Start >> All Programs >> Accessories >> Windows PowerShell >> Windows PowerShell. Be sure that PowerShell opened with an account that has rights to install Windows components/features.
- Run the following command:
Import-Module ServerManager - For a typical install with the Client Access, Hub Transport, and Mailbox roles run the following command:
Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy -Restart. For a full matrix of the required Windows components with regards to the Exchange server roles see: http://technet.microsoft.com/en-us/library/bb691354.aspx#WS08R2
- If your Exchange server will have the Client Access Server role set the Net.Tcp Port Sharing Service to start automatically
- Open PowerShell via the icon on the task bar or Start >> All Programs >> Accessories >> Windows PowerShell >> Windows PowerShell. Be sure that PowerShell opened with an account that has rights to modify service startup settings.
- Run the following command:
Set-Service NetTcpPortSharing -StartupType AutomaticExchange 2010 Installation
Now we're ready to run the Exchange 2010 installer. We'll go through a typical installation that includes the Client Access, Hub Transport, and Mailbox roles. This is what you will want to install if you are only going to be running one Exchange server. If you scale out your Exchange architecture with multiple servers then you will want to familiarize yourself with the Exchange server roles for a proper deployment. - Logon to the desktop of your soon to be Exchange server with a Domain Admin account.
- Run setup from the Exchange 2010 media.
- Click on "Step 3: Choose Exchange language option" and choose one of the options (Install only languages from the DVD will be fine in most cases).
- Click on "Step 4: Install Microsoft Exchange."
- Click Next at the Introduction page.
- Accept the license terms and click Next.
- Make a selection on the Error Reporting page and click Next.
- Stick with the default "Typical Exchange Server Installation" and click Next.
- Choose a name for your Exchange Organization and click Next.
- Make a selection on the Client Settings page and click Next.
- If you want your Exchange server to be available externally then choose a domain name such as mail.myorganization.com, click Next.
- Make a selection on the Customer Experience Improvement Program page and click Next.
- If all the prerequisites are there then you can click Install.
- Grab a cup of coffee or take a walk while the installation process does its thing.
- When the installation has finished go back to the Exchange installation page click on "Step 5: Get critical updates for Microsoft Exchange."
- Install Microsoft Update (if necessary) so that Windows update will check for non-OS updates, and verify that there are no Exchange updates
Posts Installation Steps
Now that you have Exchange 2010 installed, you will need to do some basic configuration in the Exchange Management console to get mail flowing to/from your server.- Open the Exchange Management Console via Start >> All Programs >> Microsoft Exchange Server 2010 >> Exchange Management Console
- Expand Microsoft Exchange On-Premises so you can see: Organization Configuration, Server Configuration, Recipient Configuration, and Toolbox
- Under Organization Configuration >> Hub Transport >> Accepted Domains add a new Accepted Domain for the domain you wish to use for email addresses. For example, your AD domain will be listed by default (i.e. ad.myorganization.com). You will probably want to add "myorganization.com" as an Authoritative Domain.
- Under Organization Configuration >> Hub Transport >> Send Connectors >> New Send Connector ... >> Pick a name such as "MyOrganization Internet Send Connector" >> change the drop down to "Internet" >> Next >> Add ... >> enter "*" in the Address field and check the box to include all subdomains >> OK >> Next. Now, if you want your Exchange server to route mail directly, then click Next on the Network setting page, but if you want to route your email through an upstream provider then select "Route mail through the following smart hosts" and Add ... a mail gateway such as smtp.comcast.net. Click Next >> Next >> Next >> New
- Under Server Configuration >> Hub Transport >> Right-click Default *** >> Properties >> Permission Groups tab, check the box for Anonymous users. This will allow your Exchange server to accept incoming mail delivery from remote mail servers.
- Under Recipient Configuration >> Mailbox, create mailboxes for your existing AD users (or create a new user & mailbox)
- New Mailbox ... >> select User Mailbox >> Next >> Existing users >> Add ... >> select an existing AD account >> OK >> Next >> specify an alias (e.g. the AD user name) >> Next >> New
- If you want to use an SSL certificate for Outlook Web App, IMAP, POP, etc. click on Server Configuration and import or create the certificate
Mail Routing Configuration
Now the final piece you need to configure to receive mail is your external DNS records. The method for configuring your DNS records will depend on whether you host your own DNS or have a provider that hosts it for you. Either way you will need to create an "A" record that points mail.myorganization.com to the IP address of your mail server, and an "MX" record that points myorganization.com to mail.myorganization.com. You will also want to make sure that port 25 is open both inbound and outbound to your Exchange server.
Conclusion
That's it! You should now be able to browse to https://mail.myorganization.com/owa (or https://localhost/owa from the server) and logon via the Web interface to send and receive mail!
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Thank u so much for your wonderful blog really it was useful..
ReplyDeleteWonderful Post!!! Thanks for sharing this great blog with us.
ReplyDeleteWhy DevOps?
Why use DevOps?