DAG Configuration on Exchange 2016

 As I have already explained on my previous blog, that Email has become quite critical service within an organization. Service down of an email might bring the business down. Hence every organization would like to configure HA (High Availability) of Email Services. Since there has been restructure of an Architecture of Exchange server 2016, it has been different from the previous Exchange Servers.

In previous version of Exchange server, we use to configure 4 (Four) boxes for HA. Which consist of 2 (Two) CAS servers and 2(Two) Mailbox servers. For CAS Servers, we use to do Network Load Balancing using either Windows Network Load Balancer (cheap solution) or Hardware Load Balancer (Recommended Solution). And for the mailbox servers, we use to configure DAG (Database Availability Group) which internally does Failover cluster between the databases of mailbox servers.

Continue reading →

Import AD users on Exchange server

As of I remember, last time when we were on the blog of Exchange. We were up to the configuration of Virtual Directories for Exchange server. And we have already done work with import of bulk users on our Active Directory, Importing user on Active Directory will not create an Exchange mailbox on the Exchange server. Hence, we need to effort differently to create mailbox for use users on Active Directory. If it was Exchange Server 2010, we could have done it on GUI easily. But with the Exchange 2013 and Exchange 2016, those facilities are not available. Therefore, we need to trick to import those AD users on Exchange server to create mailboxes.

Continue reading →

Document DLP with Exchange Server

Email has become the Business-Critical application on any of the enterprise. And to secure such infrastructure, there arises a challenge for everyone. If we go with the history of the Microsoft Exchange, since Exchange 2013 Microsoft has enhanced its security feature for the inflow and outflow of the emails. One of the feature for the security enhancement is Document Fingerprint which we will discuss over here today. We will walk-through with the implementation of Document fingerprint on this blog.

Continue reading →

[solved] OWA/ECP login loop on Exchange 2010/13/16

On Exchange server, configuring virtual directory might be pain sometime. A simple misconfiguration of Virtual directory might be the worst nightmare, because I have been there few days back. While configuring additional CAS server  after few changes done on the Virtual directory, my OWA/ECP page start to go on loop whenever I tried to get login. I was on dark what mistake I had made. So, I tried to list down what might the issue that is causing on looping of my OWA/ECP page. While listing down, I have found two things.

1. SSL Certificate.
2. Issue with configuration of Virtual Directory.

Continue reading →

Understanding Exchange Role Based Access Control (RBAC)

Role Based Access Control (RBAC) is one of the most useful feature on Exchange 2016 or Exchange Online. Although RBAC has been there since Exchange 2007, It has been more enhanced and flexible on Exchange 2016. In Exchange 2007, the server permissions model applied only to the administrators who managed the Exchange 2007 infrastructure. In Exchange 2016, RBAC now controls both the administrative tasks that can be performed and the extent to which users can now administer their own mailbox and distribution groups.

Continue reading →

Configuring Exchange Certificate

Another important part of the exchange server is to configure the certificate. Certificate makes the web-based mail access secure as well authenticated and this part is quite recommended on the enterprise level, if we check from the Exchange 2013 all the console is browser based. To configure the certificate on the Exchange server it requires a public certificate with minimum One (1) Subject Alternative Name (SAN) to access mail through public (Internet). Number of SAN depends upon the no. of Domain we use.

Normally after the installation of the Exchange server, if we try to access the browser we see the error as of the below screenshot that has been taken. To avoid this screen, we need to have a public/private certificate. If we are using Private certificate that, this will not work if we try to access email on browser based through internet. But if we do have a pubic certificate, it will allow us secure connection for both public and private network.
Continue reading →