If you’re planning on migrating to Exchange 2013 or 2016 the first thing you should do is learn more about it. And what better way than to set it up in your own lab. If you’re planning on getting qualified on the new MCSE : Messaging qualifications and lab is essential, and having your own test lab gives you the ability to get to know the new features in Exchange within the safety of a sandpit environment.
If this seems daunting, don’t worry. We’ll explain over the next few slides just how easy it is to get your own, personal lab up and running.
Sorting out the hardware and software
Before you build your Exchange lab, you’ll need to make sure you have the right hardware available to run the software.
For the smallest of labs, this means you need at least 8GB of RAM, a dual-core CPU and around 100GB of space. Fortunately it’s now more common to be able to install 16GB RAM into a laptop, which means you can easily – using Windows 8’s Hyper-V or VMware Workstation/Player have a portable lab to test Exchange wherever you go.
If you’re looking for a lab ‘server’ check out fellow Exchange MVP Jeff Guillet’s lab kit list here. By using Windows Server 2012, Hyper-V and SSD disks he’s built a low cost powerhouse suitable for almost any lab testing you might desire.
The simple lab we’ll build will require the following downloads:
Either use the links to download them here, or if you are licensing Windows Server separately for you lab use your TechNet or MSDN subscription to download the Windows ISOs.
Domains and Certificates
A good little test lab will allow you to connect a range of clients and simulate real-world scenarios, therefore it’s worth investing a couple of quid in a domain name for your lab. Not only will this allow you to test with real clients, but if you’re building a home lab on a DSL or Cable connection, you can provide external access using port-forwarding and test remote or mobile devices, For a one year domain registration, you can expect to pay around £10, or via a company such as DynDNS, you can purchase DNS registration with Dynamic DNS and SMTP relay services.
A good test lab will also make use of signed SSL certificates, ideally with subject alternative names. The key names for Exchange are often the HTTPS name such as mail.contoso.com and the AutoDiscover name, for example AutoDiscover.contoso.com.
However for the AutoDiscover name you can also use the plain contoso.com – and while often that’s unsuitable for a commercial setting it is great for your test lab using a new domain. Why? Because StartSSL offer free, widely trusted SSL certificates which provide you with two names – the first being the HTTPS name and the second being the domain name itself. Perfect for our lab. You can sign up for StartSSL here, and then use it later on when we request a certificate.
After signing up for your new domain, we’ll create three new records.
- The first will be our common HTTPS name
- The second will be the domain name itself
- and the third will be the MX (mail exchanger) record for inbound email, as shown above.
Install Windows Server 2012 and updates
Our simple test lab will use a single Windows 2012 standard edition server, host both Active Directory and Exchange 2013. The base Virtual Machine we’ll use for our lab meets the requirements mentioned on the previous pages – two virtual CPU cores, 8GB RAM and a 100GB virtual hard disk. After a basic install of Windows 2012, assign your lab server a static IP and appropriate name, then ensure the server has all the latest Windows Updates.
Setting up your lab’s Active Directory
Before installing Exchange, we’ll need a suitable AD environment within our lab. In this example, we’ll do something we wouldn’t recommend in production and combine the AD and Exchange Servers. A word of warning – if you plan to test Address Book Policies, then you’ll definitely need to split these roles. We’ll use a split-DNS approach to Exchange and use our domain name purchased above as our AD domain name and set up our AD using the following cmdlets, replacing the DomainName value as appropriate:
Install-ADDSForest -DomainName lab01.exchangelabs.co.uk
With our AD up and running, we’re almost good to go. Extract the Exchange 2013 CU1 installer download, Exchange-x64.exe to a convenient location, such as C:\Exchange2013, then download Michel De Rooij’s Exchange 2013 Install Script.
Run Michel’s installer script replacing the Organization value as appropriate and change the SourcePath to the location you’ve chosen to extract Exchange 2013 to.
.\Install-Exchange2013 -Organization ExchangeLab -InstallMailbox -InstallCAS -SourcePath C:\Exchange2013 -AutoPilot -Credentials (Get-Credential)
After a while you’ll be presented with a freshly built Exchange Server.
Enable internal and external mail
With Exchange installed we now need to enable inbound and outbound mail. After buying our domain name we set up the MX record for our domain to point to the external IP address of the Exchange Server – if a home lab, then your external IP. If you have not already, you’ll need to forward port 25 to allow inbound mail from the Internet to reach the Exchange Server.
To enable outbound mail, we’ll create a simple Send Connector that routes all outbound mail using DNS lookup settings. If you’re using a smart host service such as the DynDNS service mentioned earlier, then you’ll need to adjust this slightly.
New-SendConnecter “Outbound” -AddressSpaces * -Internet
After configuring the send connector, log in to OWA as Administrator and test inbound and outbound mail flow.
Set up internal DNS entries and configure Exchange URLs
We created our primary External HTTPS name earlier in the article, which was in the form mail.contoso.com. As we plan on using the free StartSSL certificate authority then we didn’t create an AutoDiscover domain record but opted to use just the domain name. Internally we’ll need to set up the same records. If our AD and Exchange server is combined, then the domain name is already pointing at the Exchange server, but we need to create our mail.contoso.com DNS record using the AD DNS management.
After creating the DNS record, as shown above, use the following commands at the Exchange Management Shell to configure the Exchange URLs, replacing the $Name value with matching he DNS record:
$Name = “mail.lab01.exchangelabs.co.uk”
Get-OWAVirtualDirectory | Set-OWAVirtualDirectory -InternalURL “https://$($Name)/owa” -ExternalURL “https://$($Name)/owa”
Get-ECPVirtualDirectory | Set-ECPVirtualDirectory -InternalURL “https://$($Name)/ecp” -ExternalURL “https://$($Name)/ecp”
Get-OABVirtualDirectory | Set-OABVirtualDirectory -InternalURL “https://$($Name)/oab” -ExternalURL “https://$($Name)/oab”
Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -InternalURL “https://$($Name)/Microsoft-Server-ActiveSync” -ExternalURL “https://$($Name)/Microsoft-Server-ActiveSync”
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalURL “https://$($Name)/EWS/Exchange.asmx” -ExternalURL “https://$($Name)/EWS/Exchange.asmx”
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalURI “https://$($Name)/AutoDiscover/AutoDiscover.xml”
Get-OutlookAnywhere | Set-OutlookAnywhere -InternalHostname $Name -InternalClientsRequireSSL:$true
Request and apply SSL certificates
To create your SSL certificate request, navigate to the EAC at https://localhost/ecp and after login, choose Servers>Certificates. Select New Certificate and enter the primary name for Exchange services, as shown above, along with your details as registered with StartSSL.
Open the resulting Certificate Request (.cer) file, and then re-visit the StartSSL website to submit your certificate request. After receiving the resulting certificate, navigate back to the certificate request in the EAC, and choose Complete Pending Request.
After uploading the .cer file you should now be able to Assign Services to the certificate within the same section of the EAC. When doing so, choose IIS, after which you’ll have a fully functioning Exchange test lab compatible with Office, most major browsers, Office 365 Hybrid configuration and most mobile devices.