After a small Howto for Exchange 2019 installation instructions for the initial configuration now follow. The basic configuration is almost identical to the configuration of an Exchange 2016 server. So if you have already worked with Exchange 2013/2016, you will quickly find your way around here.
If Exchange 2019 has been installed on Server 2019 Core, the steps described here can be carried out in the Exchange Management Shell directly on the Exchange Server. The Exchange Management Shell can be started on Server Core with the "LaunchEMS" command.
For this HowTo, Exchange 2019 was installed on a Windows Server 2019 with a graphical user interface, but this HowTo for basic configuration also applies to an installation on Server Core.
After installing Exchange, I got into the habit of first renaming the database and moving it to its destination, this is done via shell with the following commands:
Get-MailboxDatabase -Server LABEX1 | Set-MailboxDatabase -Name MBXDB01 Move-DatabasePath MBXDB01 -EdbFilePath c:\MBXDB01\MBXDB01.edb -LogFolderPath c:\MBXDB01
The domains for which Exchange is responsible can now be specified. All domains that are to be used to receive or send e-mails in the future are specified as accepted domains. For this example, I have only added the domain "frankysweb.de":
An e-mail address policy can be configured so that users automatically receive a corresponding e-mail address. The address policy can be created according to the company's specifications. For this example, I have used the alias (corresponds to the user name):
Once the address policy has been created, the new policy still needs to be applied:
A send connector is required so that emails can be sent to the Internet. There must be at least one send connector with the address space "*"; all mails for which Exchange is not responsible are sent via this connector. For this example, I am creating the send connector "Route-to-Internet":
Depending on the environment, the way in which Exchange should forward the mails must be selected. This can either be based on the MX records of the domains or via a smart host (provider, SPAM filter, etc.):
The address space of the connector is now specified here. As this connector should send all mails for which Exchange is not responsible to a smart host, the address space "*" is specified here:
The last step is to enter the Exchange server (or servers) that use the connector:
The send connector has now been created. Finally, the properties of the connector must be opened again and the HELO / EHLO host name can now be configured in the properties of the send connector:
Last but not least is the configuration of the virtual directories. The URLs to be used by the clients are defined here. The defined URLs are also distributed directly to the clients via Autodiscover. The virtual directories therefore contain the URLs that are later used by the clients / users to access Exchange. All configured host names must also be present on the certificate, otherwise certificate warnings will be issued.
The following small script can be used so that all URLs can be configured identically in one step. In the script, only the first 4 lines need to be adapted to your own environment. The recommendation is to leave the internal ($internalhostname) and external hostname ($externalhostname) the same.
I recommend leaving the autodiscover hostname ($autodiscoverhostname) at autodiscover.domain.tld.
However, it would also work to configure all 3 names on the same hostname. In this case, however, the host of the domain must allow DNS SRV entries to be set, which is unfortunately not always the case.
Note: All specified names must also be configured for the certificate.
The following script can be executed after changing the first 4 lines in the Exchange Management Shell:
$servername = "LABEX1" $internalhostname = "outlook.frankysweblab.de" $externalhostname = "outlook.frankysweblab.de" $autodiscoverhostname = "autodiscover.frankysweblab.de" $owainturl = "https://" + "$internalhostname" + "/owa" $owaexturl = "https://" + "$externalhostname" + "/owa" $ecpinturl = "https://" + "$internalhostname" + "/ecp" $ecpexturl = "https://" + "$externalhostname" + "/ecp" $ewsinturl = "https://" + "$internalhostname" + "/EWS/Exchange.asmx" $ewsexturl = "https://" + "$externalhostname" + "/EWS/Exchange.asmx" $easinturl = "https://" + "$internalhostname" + "/Microsoft-Server-ActiveSync" $easexturl = "https://" + "$externalhostname" + "/Microsoft-Server-ActiveSync" $oabinturl = "https://" + "$internalhostname" + "/OAB" $oabexturl = "https://" + "$externalhostname" + "/OAB" $mapiinturl = "https://" + "$internalhostname" + "/mapi" $mapiexturl = "https://" + "$externalhostname" + "/mapi" $aduri = "https://" + "$autodiscoverhostname" + "/Autodiscover/Autodiscover.xml" Get-OwaVirtualDirectory -Server $servername | Set-OwaVirtualDirectory -internalurl $owainturl -externalurl $owaexturl -Confirm:$false Get-EcpVirtualDirectory -server $servername | Set-EcpVirtualDirectory -internalurl $ecpinturl -externalurl $ecpexturl -Confirm:$false Get-WebServicesVirtualDirectory -server $servername | Set-WebServicesVirtualDirectory -internalurl $ewsinturl -externalurl $ewsexturl -Confirm:$false Get-ActiveSyncVirtualDirectory -Server $servername | Set-ActiveSyncVirtualDirectory -internalurl $easinturl -externalurl $easexturl -Confirm:$false Get-OabVirtualDirectory -Server $servername | Set-OabVirtualDirectory -internalurl $oabinturl -externalurl $oabexturl -Confirm:$false Get-MapiVirtualDirectory -Server $servername | Set-MapiVirtualDirectory -externalurl $mapiexturl -internalurl $mapiinturl -Confirm:$false Get-OutlookAnywhere -Server $servername | Set-OutlookAnywhere -externalhostname $externalhostname -internalhostname $internalhostname -ExternalClientsRequireSsl:$true -InternalClientsRequireSsl:$true -ExternalClientAuthenticationMethod 'Negotiate' -Confirm:$false Get-ClientAccessService $servername | Set-ClientAccessService -AutoDiscoverServiceInternalUri $aduri -Confirm:$false Get-OwaVirtualDirectory -Server $servername | fl server,externalurl,internalurl Get-EcpVirtualDirectory -server $servername | fl server,externalurl,internalurl Get-WebServicesVirtualDirectory -server $servername | fl server,externalurl,internalurl Get-ActiveSyncVirtualDirectory -Server $servername | fl server,externalurl,internalurl Get-OabVirtualDirectory -Server $servername | fl server,externalurl,internalurl Get-MapiVirtualDirectory -Server $servername | fl server,externalurl,internalurl Get-OutlookAnywhere -Server $servername | fl servername,ExternalHostname,InternalHostname Get-ClientAccessService $servername | fl name,AutoDiscoverServiceInternalUri
The script can either be copied to a PS1 file or executed directly on the EMS:
The above script configures all virtual directories according to the default settings. If required, the settings can now be adjusted:
Now only the certificate needs to be configured. The certificate is created in the same way as for Exchange 2013/2016. According to this example, the certificate must contain the names "outlook.frankysweb.de" and "autodiscover.frankysweb.de". The process is described in detail here:
- Exchange 2013: Create certificate request for public CA
- Exchange 2013: SAN certificate and internal certification authority (CA)
For the Exchange 2019 RTM version, please also note this article:
I have published a white paper on the topic of Exchange Autodiscover here, which also applies to Exchange 2019: