To prepare base environment (Physical/Virtual), Windows OS use the following server readiness checklist;

Server Readiness Checklist

You can also try Exchange Deployment Assistant to explore deployment methodologies, basically this tool takes your requirements as input and generate a deployment guide which you have to follow through.

Deployment Assistant Tool

Use Exchange Server Capacity Calculator. This tool helps you to estimate the required infrastructure for Single Exchange Server or with High Availability.

Exchange Server Capacity Calculator

Before you begin verify the following environment prerequisites;

If you are going to deploy Exchange Server 2019 in existing Exchange Organization where already older version is installed then you need to plan coexistence properly.

  1. Supported Domain Controllers;

All domain controllers in the forest need to be running one of the following versions of Windows Server:

  • Windows Server 20221 Standard or Datacenter
  • Windows Server 2019 Standard or Datacenter
  • Windows Server 2016 Standard or Datacenter
  • Windows Server 2012 R2 Standard or Datacenter

2. Supported Active Directory Forest

The Active Directory forest functional level is Windows Server 2012 R2 or higher.

3. Supported dot Net Framework

Exchange 2019 version.NET Framework 4.8.NET Framework 4.7.2
CU4 to CU12Supported
CU2, CU3SupportedSupported
RTM, CU1Supported

4. Supported clients (with latest updates) in Exchange 2019

  • Microsoft 365 Apps for enterprise
  • Outlook 2021
  • Outlook 2019
  • Outlook 2016
  • Outlook 2013
  • Outlook for Mac for Office 365
  • Outlook 2016 for Mac

5. Make sure that Windows Server 2019 OS is fully updated.

6. Properly plan your SSL Certificate for your namespace.

Exchange 2019 Mailbox servers on Windows Server 2019 & Windows Server 2022

Install the following software:

a. .NET Framework 4.8

b. Visual C++ Redistributable Package for Visual Studio 2012

c. Visual C++ Redistributable Package for Visual Studio 2013

d. IIS URL Rewrite Module

e. Install Unified Communications Managed API 4.0

Desktop Experience Features;

Install-WindowsFeature Server-Media-Foundation, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

Installing .Net Framework 4.8

Installing Visual C++ 2012 and 2013

Installing UCMA Runtime 4.0

Installing Required Features

Install-WindowsFeature Server-Media-Foundation, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

Installing URL Rewrite Module

Preparing Active Directory for Installation of Exchange Server 2019

  1. Open up CMD as an Administrator and run the following commands;

Prepare Schema

Setup.exe /PS /IAcceptExchangeServerLicenseTerms_DiagnosticDataON


Setup.exe /PrepareAD /OrganizationName:"IBT11 LABS" /IAcceptExchangeServerLicenseTerms_DiagnosticDataON
Setup.exe /PrepareDomain /IAcceptExchangeServerLicenseTerms_DiagnosticDataON

Starting Installation of Mailbox Role

  1. Run Exchange Server Setup.exe to initiate installation

I’m using latest CU so skipping Updates

It’s recommended to use separate drive for installation

Post Installation Configuration Tasks for Mailbox Role

Once installation is completed perform the following tasks;

  1. Login to Exchange Admin Center (ECP)

2. Provisioning of License Key

3. Configure Internal/External DNS for Exchange Server 2019

4. Configuring Virtual Directories Internal/External

It will configure external url only, if you want internal and external namespace same then you have to change internal urls manually.

5. Configuring “Autodiscover” Virtual Directory

6. Add your public domain to the “Accepted Domains”

7. Configure “Send Connector”, If you have Antispam Email Gateway then select “Route mail through smart hosts” otherwise leave it default. Add Exchange Server to the connector, define domain scope and save it. Don’t forget to turn on logging for troubleshooting purposes.

8. If you already have a SSL Certificate then just import it and assign to the services otherwise generate a CSR certificate request from Exchange Server, take that CSR request file to Digicert , GoDaDDY etc and you will get Public SSL Certificate.

9. Create Mailbox Databases according to your requirements, keep in mind the limitation of Mailbox Database imposed by license, like if you have Standard Edition license then your Database can’t go over 1TB.

You can rename default Database and use it for user mailboxes.

10. If required configure “Offline Address Book” otherwise use default address book.

11. Configure Email Address Policy (if needed).

12. Configure IMAP4/POP3 for Clients.

13. Configure “Outlook Anywhere” for external access.

Tip ! Though Exchange Server 2019 do support Basic Authentication but you can disable it but keep in mind that your legacy clients won’t be able to authenticate.

Reference: https://techcommunity.microsoft.com/t5/exchange-team-blog/disabling-legacy-authentication-in-exchange-server-2019/ba-p/712048

Upgrade your legacy Outlook Clients which do not support TLS 1.0 and 1.1, TLS 1.3 is supported in Windows Server 2022.

Moreover you can do other things like;

  1. Hiding Internal IP Address from Routing Header
  2. Setting up SMTP Banner

Setting SMTP Banner

Set-ReceiveConnector -Identity "Default Frontend "EXCH01" -Banner "220 Welcome to IBT"

GET IN TOUCH

Need Help !