Académique Documents
Professionnel Documents
Culture Documents
Microsoft | Services
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. These materials are intended for distribution to and use only by Microsoft Premier Customers. Use or distribution of these materials by any other persons is prohibited without the express written permission of Microsoft Corporation. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
Microsoft, Active Directory, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Microsoft | Services
Objectives
After completing this lab, you will be able to: Configure a Client Access server array. Configure Exchange Server to use the Client Access server array for RPC client access.
Microsoft | Services
The first two tasks are network related, and are not related to the third task, which enables Microsoft Exchange Server 2010 to find and use the Client Access server array. The third task creates the array object in Active Directory Domain Services (AD DS) for the Autodiscover service to use when configuring new clients and for database creation to be associated with the Client Access server array. Only one Client Access server array can exist in each Active Directory site.
Scenario
You have two Client Access servers. You wish to combine them into one Client Access server array in an existing environment.
3. Repeat this step on the AD1HC2 server. 4. On AD1HC1, click Start, point to Administrative Tools, and then click Network Load Balancing Manager. 5. Select Cluster, and then click New. 6. In the Host entry, add AD1HC1 as the first Client Access server, and then click Next. 7. Click Next again.
Microsoft | Services 2008 Microsoft Corporation Microsoft Confidential
8. Select the IP address you wish to associate with the array. This is the same as the IP address and name you gave the array in your DNS entry 10.0.1.110. Click Add, and then click Next. 9. In the wizard, in Cluster Parameters, do the following, and then click Next. A. Specify the fully qualified domain name (FQDN) of the array in the Full Internet name text box: casarray.contoso.com B. Select Multicast. 10. In the Port Rules dialog box, accept the defaults, and then click Finish. In the Network Load Balancing Manager, you might see an hour glass by the name of the server you added, but after the server has been configured, you will see the server listed with no hour glass. 11. In the left pane of the Network Load Balancing Manager, click casarray.contoso.com, and then confirm that the status is Converged. 12. Right-click on the name of the cluster, and then select Add Host to Cluster. 13. Add the AD1HC2 server, and then accept all of the defaults. 14. You should see the two servers with a Converged status. It might take several minutes for the status to change. If the status does not change, ensure that you selected Multicast. To perform a simple test, try pinging the array name you used in DNS and as the name of the cluster in the Network Load Balancing Manager. You should see a response.
There is no return response if an array does not yet exist in your environment. If an array already exists, then someone created it and you only need to reconfigure it for the FQDN you created in your DNS entry and network load balancing configuration. 3. Execute the following cmdlet:
New-ClientAccessArray Fqdn casarray.contoso.com Site Site1
Microsoft | Services
The name of the Exchange administrative group may be different if you create the object in an environment with no previous Exchange Server versions. You can view the array object and verify its networkAddress attribute by using ADSIEdit. The networkAddress attribute corresponds to the FQDN.
From this point on, all newly created mailbox databases in this site will be associated with this array. The database creation process pulls the value of the networkAddress attribute from the array object in AD DS and assigns it to the databases RPCClientAccessServer attribute.
Microsoft | Services
Exercise 2: Configuring Exchange Server to Use the Client Access Server Array for RPC Client Access
In this exercise, you will configure existing mailbox databases so that they are associated with the Client Access server array you created in the previous exercise. By default, all mailbox databases are associated with a Client Access server, and the Microsoft Office Outlook client communicates directly with the Client Access server until you have updated the mailbox database so that it associates the Client Access server array. This step is required so that when a users mailbox is found in AD DS, Exchange Server 2010 knows what to send to the client to connect to the array. You can check which server a mailbox database is associated with the following cmdlet:
Get-MailboxDatabase | fl name,Rpc*
If you have more than one database, you see multiple listings and the RpcClientAccessServer value could be on different servers.
Scenario
To enable RPC client access to work properly, you must associate your mailbox database with the Client Access server array.
Associate the Client Access server array with existing mailbox databases
1. On AD1HC1, click Start, click Programs, click Microsoft Exchange Server 2010, and then click Exchange Management Shell. 2. Execute the following cmdlet to associate the mailbox database with the Client Access server array:
Set-MailboxDatabase MBXDB01 RpcClientAccessServer casarray.contoso.com
This cmdlet changes the legacyExchangeDN attribute of the mailbox database. To view this value, use ADSIEdit:
Microsoft | Services
After changing the value stored in this attribute, the client knows where the RPC endpoint is located. 3. On AD1DCMCLNT, use Office Outlook to log on to an Exchange Server 2010 mailbox to ensure connectivity. Use the Administrator user account with a password of Password1.
Question A:
View the profile and check whether the Exchange server entry is the Mailbox server or the Client Access server array. What does it point to? ____________________________________________________ ____________________________________________________
Microsoft | Services
Objectives
After completing this lab, you will be able to: Use the Certificate wizard to generate a certificate request. Submit a certificate request to the CA. Enable and verify a certificate.
Prerequisites
Ensure that the AD1DCMCLNT, AD1HC1, AD1HC2, AD2DCHCM, and AD3DCHCM virtual machines are running.
Microsoft | Services
10
Scenario
You need to provide a certificate requested for the IIS-related services on their Client Access server.
Outlook Web App is on the Intranet (mail.contoso.com) Outlook Web App is on the Internet (mail.contoso.com)
2008 Microsoft Corporation Microsoft Confidential
Exchange Web Services is enabled Outlook Anywhere is enabled (mail.contoso.com) Autodiscover used on the Internet (Long URL) (autodiscover.contoso.com)
9. In the Certificate Domains page, verify that mail.contoso.com is set as the common name, and then click Next. 10. In the Organization text box, type Contoso, and then in the Organization Unit text box, type Contoso. 11. Fill in the Country, City, and State text boxes as appropriate. 12. Click Browse, and then select Desktop. 13. Name the certificate request Contoso Certifcate Request.req. 14. Click Save, click Next, and then click New. After the request has been created, you are provided with instructions for the next steps. 15. Click Finish, and then minimize the Exchange Management Console.
12
9. In the Certificate Template dropdown box, select Web Server. 10. Click Submit, and then, if prompted, click Yes. 11. Click Based 64 encoded, and then click Download certificate. 12. Save the certificate to the desktop with the name certnew.cer.
Export the Contoso certificate from AD1HC1 and import it into AD1HC2
1. Click Export Exchange Certificate, click Browse, and then select c:\. 2. Save the certificate with the name Exported Contoso Certificate.pfx. 3. Enter the password Password1. 4. Click Export, and then click Finish.
Microsoft | Services
Enable IIS for the certificate that you have just imported on AD1HC2 using the same steps as you performed for the AD1HC1 server.
4. Verify the following: A. Certificate was issued to mail.contoso.com. B. Certificate was issued by contoso-AD1DCMCLNT-CA. 5. In the Details tab, click Subject Alternative Name, and then verify that mail.contoso.com, autodiscover.contoso.com, and legacy.contoso.com are listed.
Microsoft | Services
14
Question B:
What cmdlet and parameters did the Certificate wizard use to create your request? __________________________________________________ __________________________________________________ __________________________________________________ What cmdlet and parameters did the Certificate wizard use to complete the pending request? ____________________________________________________ ____________________________________________________ ____________________________________________________ What cmdlet and parameters did the Certificate wizard use to assign services to the certificate? ____________________________________________________ ____________________________________________________ ____________________________________________________ Is it possible to create a self-signed certificate by using the Certificate wizard, or do you have to use a cmdlet in the Exchange Management Shell? ____________________________________________________ ____________________________________________________ ____________________________________________________ After creating a certificate that includes a legacy URL, how would you install the certificate on an Exchange Server 2007 Client Access server? Describe the basic steps. ____________________________________________________ ____________________________________________________ ____________________________________________________ When using cmdlets to import or export certificates on Exchange Server 2010, which parameter do you have to use so that you can access a certificate file located on the local hard drive? ____________________________________________________ ____________________________________________________ ____________________________________________________ Why has accessing files changed? ____________________________________________________ ____________________________________________________ ____________________________________________________
Question C:
Question D:
Question E:
Question F:
Question G:
Question H:
Microsoft | Services
Objectives
After completing this lab, you will be able to:
Prerequisites
Ensure that the AD1DCMCLNT, AD1HC1, and AD1HC2 virtual machines are running.
Microsoft | Services
16
Enable all MailTips for the organization. Enable mailbox-based MailTips. Enable all MailTips for external recipients. Configure the minimum size after which the large audience MailTips will be displayed. Enable group metrics MailTips. Force an update of the group metrics.
Scenario
Contoso, Ltd, is required to provide informational guidance to users while the users are composing email messages. This guidance will be provided in the form of MailTips, which will test various conditions and provide additional guidance to users.
Configure the minimum size after which the large audience MailTip will be displayed
2. On AD1HC1, click Start, click Computer, and then navigate to C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\GroupMetrics. 3. Verify that the group metrics files were placed into the folder. 4. Close Windows Explorer.
Note: The mailbox server running OABGen generates the group metrics file every 24 hours by default. The files are then placed in a share called \\mailboxserver\GroupMetrics. The Exchange File Distribution service, running on Client Access CAS Server connects to this share and copies the Group Metrics information local the CAS Server. If you cannot see the updated Group Metrics File on the CAS Server AD1HC1, restart the Exchange Service Host service on the Mailbox Server AD1DCMCLNT, verify that the Group Metric Files were updated in \\ AD1DCMCLNT\GroupMetrics. Then run the command above again (Update-FileDistributionService).
Microsoft | Services
18
Restrict a user from sending to a mailbox. Test sending to a restricted mailbox. Set a quota on a mailbox. Test sending to a mailbox that is over quota. Test sending to an external recipient. Remove a quota on a mailbox.
Scenario
After enabling MailTips in your Exchange Server 2010 environment, you need to confirm that MailTips is working as expected.
Does a MailTips appear? ____________________________________________________ If yes, what message appeared? ____________________________________________________ Why did the message appear? ____________________________________________________ ____________________________________________________
3. Close the email, and then click No when prompted to save changes.
3. Ensure the quota was set for DAhsys mailbox. 4. On AD1DCMCLNT, at the prompt, execute the following cmdlet:
Restart-Service MSExchangeIS
Question L:
Note: You should see a MailTips. If you do not, send mail to DAhsy several times until a MailTips displays. Include an attachment to help fill the mailbox quota quicker.
Question M:
3. Close the email message, and then click No when prompted to save changes.
Question N:
Wait for the MailTips to appear indicating that the email includes external recipients. What does it say? ____________________________________________
2. Close the email, and then click No when prompted to save changes. 3. Exit Outlook Web App.
Microsoft | Services
20
Question O:
If you wanted to set a MailTips for a specific user or distribution group, what cmdlet and parameters would you run? ____________________________________________________ ____________________________________________________ ____________________________________________________
Microsoft | Services