DAG Configuration on Exchange 2016

 As I have already explained on my previous blog, that Email has become quite critical service within an organization. Service down of an email might bring the business down. Hence every organization would like to configure HA (High Availability) of Email Services. Since there has been restructure of an Architecture of Exchange server 2016, it has been different from the previous Exchange Servers.

In previous version of Exchange server, we use to configure 4 (Four) boxes for HA. Which consist of 2 (Two) CAS servers and 2(Two) Mailbox servers. For CAS Servers, we use to do Network Load Balancing using either Windows Network Load Balancer (cheap solution) or Hardware Load Balancer (Recommended Solution). And for the mailbox servers, we use to configure DAG (Database Availability Group) which internally does Failover cluster between the databases of mailbox servers.

Continue reading →

Import AD users on Exchange server

As of I remember, last time when we were on the blog of Exchange. We were up to the configuration of Virtual Directories for Exchange server. And we have already done work with import of bulk users on our Active Directory, Importing user on Active Directory will not create an Exchange mailbox on the Exchange server. Hence, we need to effort differently to create mailbox for use users on Active Directory. If it was Exchange Server 2010, we could have done it on GUI easily. But with the Exchange 2013 and Exchange 2016, those facilities are not available. Therefore, we need to trick to import those AD users on Exchange server to create mailboxes.

Continue reading →

Configure Azure RMS for Exchange Online /O365

On my previous blog, I have shared my knowledge regarding the security of the Organization with DLP on Document Fingerprints. As all of know how crucial email has been these days, even for any official approval or submission or information circulation we use email. If such critical information on email gets leaked, it might burn down all the organization. Hence, we need to have a proper security with emails. Here today, on this blog we will be configuring Azure RMS (Right Management Service) for Exchange Online / O365. The questions may be why do we need RMS for Exchange Online / O365 or how will RMS secure email on Exchange Online / O365. RMS is the functionality that allows user to protect sensitive emails by not allowing recipient to Forward, copy, print or take snapshot of that emails. Azure RMS can be configured for office products and On-Premises Exchange server too, wait until the blog comes for it. 🙂

Continue reading →

Windows Enforcement of SHA1 Certificates

Since last few months there has been yellow alert from Microsoft Team on the Enforcement of SHA1 Certificates. Not only Microsoft team but also the other certificate provider and browsers too. Although most of the public SSL has already using SHA2 or we say SHA256, still there might be some private certificate with SHA1. Hence this blog is for the knowledge of details on deprecation of SHA1 certificate. The Enforcement process has been started from Feb 2017. On February 14, 2017, Microsoft will release an update to Microsoft Edge and Internet Explorer 11 that will display an Invalid Certificate warning page alerting users that their connection is not secure. Though we do not recommend it, customers have the option to continue to the website.

Continue reading →

Configuring Exchange Certificate

Another important part of the exchange server is to configure the certificate. Certificate makes the web-based mail access secure as well authenticated and this part is quite recommended on the enterprise level, if we check from the Exchange 2013 all the console is browser based. To configure the certificate on the Exchange server it requires a public certificate with minimum One (1) Subject Alternative Name (SAN) to access mail through public (Internet). Number of SAN depends upon the no. of Domain we use.

Normally after the installation of the Exchange server, if we try to access the browser we see the error as of the below screenshot that has been taken. To avoid this screen, we need to have a public/private certificate. If we are using Private certificate that, this will not work if we try to access email on browser based through internet. But if we do have a pubic certificate, it will allow us secure connection for both public and private network.
Continue reading →

Exchange Server 2016 Architecture

Here in this blog we are discussing about the Architecture of the Current version of Exchange Server i.e. Exchange 2016, unlikely the older version of Exchange server, Exchange 2016 is quite different. As described on our previous blog, On Exchange 2016 Architecture has been modified and that Single BOX is accumulated with CAS, HUB Transport and Mailbox know as Mailbox Role and another Role is Edge Transport Role. So in Summary now we do have only Two major roles on Exchange 2016 and they are

Continue reading →

Exchange 2016 Installation Requirement

Microsoft Has released Exchange 2016 recently and we all are eager to see what’s new on Exchange 2016. But, before installing the Exchange 2016 there are few requirements that we need to know about it. Like Operating system, co-existence of system, supported client, .net framework etc. Here I will be elaborating what are the required system for the exchange system.

Continue reading →