继续使用命令设置Exchange Server 2013 的常规配置。
1.使用命令创建证书请求文件New-ExchangeCertificate -GenerateRequest -FriendlyName "Mail-Cert" -DomainName mail.msftlearn.com,autodiscover.msftlearn.com -PrivateKeyExportable $true -KeySize 2048 -RequestFile C:\mailcert.req
2.在IE浏览器中输入证书服务器IP地址/certsrv
3.输入有权限颁发证书的用户名及密码,确定
4.选择申请证书
5.选择高级证书申请
6.选择使用base64编码的CMC或PKCS#10文件提交
7.Copy 二进制的证书请求内容
8.粘贴到Base-64文本框中,证书模板选择Web服务器,提交
9.选择Base 64 编码,下载证书
10.保存证书位置
11.使用命令导入证书并分配服务Import-ExchangeCertificate -FileName C:\mailcert.cer | Enable-ExchangeCertificate -Services "iis,smtp,pop,imap"
12.选择全是
Exchange Server 2013 的基本配置已经完成。
以下是用到的Exchange PowerShell 脚本,请参考:
先决条件脚本
Install-WindowsFeature RSAT-ADDS
Import-Module ServerManager
Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS
Restart-Computer
D:
.\setup /PrepareSchema /IAcceptExchangeServerLicenseTerms
.\setup /Preparead /IAcceptExchangeServerLicenseTerms /OrganizationName:Msftlearn
.\setup /Preparealldomains /IAcceptExchangeServerLicenseTerms
Add-DnsServerResourceRecordA -ZoneName msftlearn.com -Name mail -IPv4Address 192.168.10.200
Add-DnsServerResourceRecordA -ZoneName msftlearn.com -Name autodiscover -IPv4Address 192.168.10.200
基本配置脚本
#加载Exchange 模块
Add-PSSnapin microsoft.exchange.*
#新建接受域
New-AcceptedDomain -Name msftlearn.com -DomainName msftlearn.com -DomainType Authoritative
#新建电子邮件地址策略
New-EmailAddressPolicy -Name EmailAddress -IncludedRecipients MailboxUsers -EnabledPrimarySMTPAddressTemplate %[email protected]
#应用电子邮件地址策略
Update-EmailAddressPolicy -Identity EmailAddress
#设置组织传输大小
Set-TransportConfig -MaxReceiveSize 30MB -MaxSendSize 30MB -MaxRecipientEnvelopeLimit 200
#设置接收连接器的大小限制
Get-ReceiveConnector | Set-ReceiveConnector -MaxMessageSize 30MB
#去掉匿名
Get-ReceiveConnector "Default Frontend SRV12-EX1301" | Set-ReceiveConnector -PermissionGroups ExchangeLegacyServers,ExchangeServers
#新建发送连接器
New-SendConnector -Name "To Internet" -Internet -MaxMessageSize 30MB -AddressSpaces * -SourceTransportServers "Srv12-ex1301.msftlearn.local"
#设置Exchange 服务器许可
Set-ExchangeServer -Identity Srv12-ex1301 -ProductKey XXXX-XXXX-XXXX-XXXX
#设置Outlook Anywhere
Get-OutlookAnywhere | Set-OutlookAnywhere -SSLOffloading $true -InternalHostname "mail.msftlearn.com" -ExternalClientsRequireSsl $true -ExternalHostname "mail.msftlearn.com" -InternalClientsRequireSsl $true -InternalClientAuthenticationMethod Basic -ExternalClientAuthenticationMethod Basic
#设置POP服务
Set-PopSettings -Server Srv12-ex1301 -LoginType PlainTextLogin
#设置pop服务为自动启动并运行pop服务
Set-Service MSExchangePop3 -StartupType Automatic
Set-Service MSExchangePOP3BE -StartupType Automatic
Start-Service MSExchangePop3*
#设置IMAP服务
Set-ImapSettings -Server Srv12-ex1301 -LoginType PlainTextLogin
#设置IMAP服务为自动启动并运行pop服务
Set-Service MSExchangeImap4 -StartupType Automatic
set-service MSExchangeIMAP4BE -StartupType Automatic
Start-Service MSExchangeImap4*
#新建数据库并设置脱机地址簿
New-MailboxDatabase -Name DB01 -Server Srv12-ex1301 -EdbFilePath C:\DB\DB01.edb -LogFolderPath C:\DB -OfflineAddressBook "Default Offline Address Book"
Mount-Database -Identity DB01
#设置虚拟目录
Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -InternalUrl https://mail.msftlearn.com/owa -ExternalUrl https://mail.msftlearn.com/owa -LogonFormat UserName -DefaultDomain msftlearn.local
Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -InternalUrl https://mail.msftlearn.com/ecp -ExternalUrl https://mail.msftlearn.com/ecp
Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -InternalUrl https://mail.msftlearn.com/Microsoft-Server-ActiveSync -ExternalUrl https://mail.msftlearn.com/Microsoft-Server-ActiveSync
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl https://mail.msftlearn.com/EWS/Exchange.asmx -ExternalUrl https://mail.msftlearn.com/EWS/Exchange.asmx
Get-OabVirtualDirectory | Set-OabVirtualDirectory -InternalUrl https://mail.msftlearn.com/oab -ExternalUrl https://mail.msftlearn.com/oab
Get-PowerShellVirtualDirectory | Set-PowerShellVirtualDirectory -InternalUrl http://mail.msftlearn.com/powershell -ExternalUrl https://mail.msftlearn.com/powershell
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://mail.msftlearn.local/Autodiscover/Autodiscover.xml
#申请证书
New-ExchangeCertificate -GenerateRequest -FriendlyName "Mail-Cert" -DomainName mail.msftlearn.com,autodiscover.msftlearn.com -PrivateKeyExportable $true -KeySize 2048 -RequestFile C:\mailcert.req
Import-ExchangeCertificate -FileName C:\mailcert.cer | Enable-ExchangeCertificate -Services "iis,smtp,pop,imap"