Install Exchange CU3 on Windows Server 2016

1.Download Ex2016 CU3:

Exchange CU3:

Notable fixes and improvements are:

• Added: Support for Windows Server.

• Kb3154387:the DFS Health set is listed as "unhealthy" under an Exchange Server environment.

• Kb316916:data loss may occur during public folder migration to Exchange, Exchange, or Exchange Online.

• Kb3190887:upgrading Exchange server causes the server to go offline unexpectedly

Download:cumulative Update 3 for Exchange Server (KB3152589)
Download:exchange Server CU3 UM Language Packs
View:description of Cumulative Update 3 for Exchange Server 2016
View:blog post of the Exchange Team about CU3 for Exchange Server 2016

2.Install Windows Feature:

Install-windowsfeature net-framework-45-features, Rpc-over-http-proxy, rsat-clustering, Rsat-clustering-cmdinterface, Rsat-clustering-mgmt, Rsat-clustering-powershell,web-mgmt-console, Was-process-model, Web-asp-net45, Web-basic-auth,web-client-auth, Web-digest-auth, Web-Dir-Browsing, Web-dyn-compression,web-http-errors, Web-http-logging, Web-http-redirect, Web-http-tracing,web-isapi-ext, Web-isapi-filter, Web-lgcy-mgmt-console, Web-metabase,web-mgmt-console, Web-mgmt-service, Web-Net-Ext45, Web-request-monitor,web-server, Web-stat-compression, Web-static-content, WEB-WINDOWS-AUTH,WEB-WMI, Windows-identity-foundation,rsat-adds

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;border-left:0px;margin:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/88/13/wKiom1fo6Iqgm4a0AAAr0h0t_xY774.png "height="/>

3.Install Unified Communications Managed API 4.0 Runtime (UcmaRuntimeSetup.exe): http://www.microsoft.com/en-us/ download/details.aspx?id=34992

Start-bitstransfer-source http://download.microsoft.com/download/2/C/4/2C47A5C1-A1F3-4843-B9FE-84C0032C61EC/ Ucmaruntimesetup.exe-destination C:\temp\UcmaRuntimeSetup.exe

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;border-left:0px;margin:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/88/10/wKioL1fo6I2w4VjjAAAWNHftjXc372.png "height=" 135 "/>

c:\temp\ucmaruntimesetup.exe/q

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;border-left:0px;margin:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M00/88/13/wKiom1fo6I3wXDjZAAAHT6zhlEY560.png "height="/>

Install Exchange Server CU3:

1) Prepare AD

. \setup.exe/prepareschema/iacceptexchangeserverlicenseterms

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;border-left:0px;margin:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/88/13/wKiom1fo6I7itQecAAAuGvDiN94032.png "height="/>

. \setup.exe/preparead/organizationname: "SEN"/iacceptexchangeserverlicenseterms

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;border-left:0px;margin:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/88/10/wKioL1fo6I_jUVZfAABFNdPlHBw866.png "height=" 375 "/>

. \setup.exe/preparealldomains/iacceptexchangeserverlicenseterms

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;border-left:0px;margin:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/88/10/wKioL1fo6I_T6S_bAAAfeJhLBt4497.png "height=" 222 "/>

2) Install Ex2016 CU3:

. \setup.exe/mode:install/role:mailbox/installwindowscomponents/targetdir: "D:\ExchangeServer\V15"/mdbname: " MBDB001 "/dbfilepath:" D:\ExchangeServer\V15\Mailbox\MBDBFile\MBDB001.edb "/logfolderpath:" D:\ExchangeServer\V15\ Mailbox\mbdblog "/customerfeedbackenabled:false/iacceptexchangeserverlicenseterms

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;border-left:0px;margin:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/88/13/wKiom1fo6JDAb8kQAABfqIGDuNc283.png "height=" 533 "/>
. Post-Installation Tasks:

Set-exchangeserver–identity Sen-ex01-productkey *

1) Creating accepted domains

New-accepteddomain-name aplusnb-domainname aplusnb.cn-domaintype Authoritative

2) Enable User Mailbox:

Get-user-organizationalunit "Sen.hi.cn/sen" | Where-object {$_. Recipienttype–eq "User"} | Enable-mailbox | Get-mailbox | Select Name,windowsemailaddress,database

3) Creating an email address policy

New-emailaddresspolicy-name aplusnb-includedrecipients Allrecipients-conditionalcompany "APLUSNB"- Enabledemailaddresstemplates "SMTP: @aplusnb. CN"

Update-emailaddresspolicy-identity APLUSNB

Get-mailbox | Select Name,windowsemailaddress,emailaddresses,database

4) Configuring Connectors

1. Send Connector:

New-sendconnector-name "Send to Internet"-internet-addressspaces "*"-dnsroutingenabled: $TRUE- SourceTransportServers "SEN-EX01"

2.Configure ReceiveConnector:

Get-receiveconnector–server sen-ex01

Get-receiveconnector "Default sen-ex01" | Select Identity,permissiongroups

Get-receiveconnector "Default sen-ex01" | Set-receiveconnector-permissiongroups anonymoususers, Exchangeusers, ExchangeServers, Exchangelegacyservers

Get-receiveconnector

5) Configuring SSL certificates

$Data = New-exchangecertificate-friendlyname "Sen-ex01_certificate"-generaterequest-subjectname "C=CN, O=NOS, cn= mail.sen.hi.cn "-domainname mail.sen.hi.cn,autodiscover.sen.hi.cn,mail.aplusnb.cn,autodiscover.aplusnb.cn, Sen-ex01.sen.hi.cn,sen-ex01,localhost-privatekeyexportable $true

Set-content-path "\\Sen-Ex01\C$\SEN-Ex01CertRequest.req.txt"-value $Data

You can use the contents of the Exch01CertRequest.req.tx file to request an SSL certificate from a certificate authority ( CA), open Web:
Http://SEN-DC01/Certsrv to Request a SSL Certificate and save to \\SEN-Ex01\C$\SEN-Ex01certnew.cer

Import-exchangecertificate–server Exch01-filedata ([byte[]]$ (Get-content-path "\\SEN-Ex01\C$\SEN-Ex01certnew.cer") -encoding byte-readcount 0)) | Enable-exchangecertificate–server sen-ex01-services "IIS,POP,IMAP,SMTP"

6) Configuring Outlook Anywhere

Get-outlookanywhere–server sen-ex01 | Set-outlookanywhere-externalhostname Mail.sen.hi.cn-externalclientsrequiressl: $true- Externalclientauthenticationmethod:basic–internalhostname Sen-ex01.sen.hi.cn-internalclientsrequiressl: $true- Internalclientauthenticationmethod:basic

7) Enabling Mapihttp

Set-organizationconfig-mapihttpenabled $true

8) Set Exchange Web virtualdirectory externalurl:

Set-owavirtualdirectory-identity "OWA (Default Web site)"-logonformat username-defaultdomain "sen.hi.cn"

External Same as Internal:

$DomainName = "sen.hi.cn"

$hostname = "mail." + $DomainName

$owa = "https://" + $hostname + "/owa"

$ECP = "https://" + $hostname + "/ECP"

$mapi = "https://" + $hostname + "/mapi"

$powershell = "https://" + $hostname + "/powershell"

$activesync = "https://" + $hostname + "/microsoft-server-activesync"

$oab = "https://" + $hostname + "/oab"

$ews = "https://" + $hostname + "/ews/exchange.asmx"

Get-owavirtualdirectory | Set-owavirtualdirectory–externalurl $owa –internalurl $owa

Get-ecpvirtualdirectory | Set-ecpvirtualdirectory–externalurl $ECP –internalurl $ECP

Get-mapivirtualdirectory | Set-mapivirtualdirectory–externalurl $mapi –internalurl $mapi

Get-activesyncvirtualdirectory | Set-activesyncvirtualdirectory-externalurl $activesync –internalurl $activesync

Get-oabvirtualdirectory | Set-oabvirtualdirectory-externalurl $oab-internalurl $oab-requiressl: $true

Get-webservicesvirtualdirectory | Set-webservicesvirtualdirectory-externalurl $ews-internalurl $ews-basicauthentication: $True-Force

Get-powershellvirtualdirectory | Set-powershellvirtualdirectory–externalurl $powershell –internalurl $powershell-basicauthentication: $True

External not same as Internal:

$InDomainName = "sen.hi.cn"

$ExDomainName = "aplusnb.cn"

$InHostname = "sen-ex01." + $InDomainName

$ExHostname = "mail." + $ExDomainName

$InOwa = "https://" + $InHostname + "/owa"

$ExOwa = "https://" + $ExHostname + "/owa"

$INECP = "https://" + $InHostname + "/ECP"

$EXECP = "https://" + $ExHostname + "/ECP"

$InMapi = "https://" + $InHostname + "/mapi"

$ExMapi = "https://" + $ExHostname + "/mapi"

$InPowershell = "https://" + $InHostname + "/powershell"

$ExPowershell = "https://" + $ExHostname + "/powershell"

$InActivesync = "https://" + $InHostname + "/microsoft-server-activesync"

$ExActivesync = "https://" + $ExHostname + "/microsoft-server-activesync"

$InOab = "https://" + $InHostname + "/oab"

$ExOab = "https://" + $ExHostname + "/oab"

$InEws = "https://" + $InHostname + "/ews/exchange.asmx"

$ExEws = "https://" + $ExHostname + "/ews/exchange.asmx"

Get-owavirtualdirectory | Set-owavirtualdirectory–externalurl $ExOwa –internalurl $InOwa-logonformat username-defaultdomain $InDomainName

Get-ecpvirtualdirectory | Set-ecpvirtualdirectory–externalurl $EXECP –internalurl $INECP

Get-mapivirtualdirectory | Set-mapivirtualdirectory–externalurl $ExMapi –internalurl $InMapi

Get-activesyncvirtualdirectory | Set-activesyncvirtualdirectory-externalurl $ExActivesync –internalurl $InActivesync

Get-oabvirtualdirectory | Set-oabvirtualdirectory-externalurl $ExOab-internalurl $InOab-requiressl: $true

Get-webservicesvirtualdirectory | Set-webservicesvirtualdirectory-externalurl $ExEws-internalurl $InEws-basicauthentication: $True-Force

Get-powershellvirtualdirectory | Set-powershellvirtualdirectory–externalurl $ExPowershell –internalurl $InPowershell-basicauthentication: $True

9) Enable Mailbox Replication Service (MRS) MRSProxy:

Get-webservicesvirtualdirectory | FL server,mrs*

get-webservicesvirtualdirectory-adpropertiesonly | Where {$_. Mrsproxyenabled-ne $true} | Set-webservicesvirtualdirectory-mrsproxyenabled $true

Set-webservicesvirtualdirectory-identity exch01\ews (Default Web Site)-externalurl https://mail.sen.hi.cn/EWS/ Exchange.asmx-basicauthentication $true-internalurl Https://SEN-ex01.sen.hi.cn/EWS/Exchange.asmx

Publishing Exchange:
With a solid firewall solution where only the following ports is opened:
Port for SMTP
Port for HTTP
Port 443 for HTTPS
Port 587 for SMTP submission
Ports and 143 for POP3 and IMAP4
Ports 993 and 995 for secure POP3 and secure IMAP4.

This article is from "blog" blog, please be sure to keep this source http://ganzy.blog.51cto.com/91848/1856701

Install Exchange CU3 on Windows Server 2016