Forskel mellem versioner af "Exchange 2010"
Freesoft (diskussion | bidrag) (→Shared hosting: Ny struktur) |
Freesoft (diskussion | bidrag) (→Shared hosting: Ny struktur) |
||
| Linje 53: | Linje 53: | ||
==== PowerShell ==== | ==== PowerShell ==== | ||
Active Directory Module for Windows PowerShell | Active Directory Module for Windows PowerShell | ||
| + | |||
| + | === Fjerne adresselister === | ||
| + | |||
| + | Exchange Mangement Console -> Organization Configuration -> Mailbox -> Address Lists | ||
| + | |||
| + | ==== Exchange Mangement Shell ==== | ||
| + | |||
| + | <pre> | ||
| + | remove-addresslist "All Contacts" | ||
| + | remove-addresslist "All Groups" | ||
| + | remove-addresslist "All Rooms" | ||
| + | remove-addresslist "All Users" | ||
| + | remove-addresslist "Public Folders" | ||
| + | </pre> | ||
| + | |||
| + | === Gemme adresse lister i AD === | ||
| + | |||
| + | $container = "CN=All Global Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=tekture,DC=hosting" | ||
| + | Add-ADPermission -Identity $container -User "Authenticated Users" -AccessRights ListObject | ||
| + | |||
| + | step 2 | ||
| + | |||
| + | $container = "CN=All Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=tekture,DC=hosting" | ||
| + | Add-ADPermission -Identity $container -User "Authenticated Users" -AccessRights ListObject | ||
| + | |||
| + | |||
| + | step 3 | ||
| + | |||
| + | |||
| + | $container = "CN=Offline Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=tekture,DC=hosting" | ||
| + | Add-ADPermission -Identity $container -User "Authenticated Users" -AccessRights ListObject | ||
| + | |||
=== Oprette grupper i AD === | === Oprette grupper i AD === | ||
| Linje 73: | Linje 105: | ||
== Oprette firma == | == Oprette firma == | ||
| − | == alternative UPN suffixes == | + | === alternative UPN suffixes === |
Tilføj UPN for de domæner der skal hostes, til brug under logon. | Tilføj UPN for de domæner der skal hostes, til brug under logon. | ||
http://theessentialexchange.com/blogs/michael/archive/2009/04/07/handling-the-userprincipalname-in-powershell.aspx | http://theessentialexchange.com/blogs/michael/archive/2009/04/07/handling-the-userprincipalname-in-powershell.aspx | ||
| − | |||
| − | |||
| − | === | + | === Ny kunde adresse liste === |
| − | + | ==== Exchange Shell ==== | |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | = | + | |
| − | + | ||
| − | === Exchange Shell === | + | |
Exchange Management Shell command completed: | Exchange Management Shell command completed: | ||
| Linje 101: | Linje 121: | ||
</pre> | </pre> | ||
| − | == Ny kunde Global Adresse liste == | + | === Ny kunde Global Adresse liste === |
Kan det ikke laves via GUI? | Kan det ikke laves via GUI? | ||
| − | === PowerShell === | + | ==== PowerShell ==== |
<pre> | <pre> | ||
| Linje 111: | Linje 131: | ||
</pre> | </pre> | ||
| − | == Ny kunde accepted mail domain == | + | === Ny kunde accepted mail domain === |
Organization Configuration<br /> | Organization Configuration<br /> | ||
| Linje 125: | Linje 145: | ||
Klik New. | Klik New. | ||
| − | === Exchange Shell === | + | ==== Exchange Shell ==== |
<pre> | <pre> | ||
new-AcceptedDomain -Name 'FirmaEt' -DomainName 'FirmaEt.dk' -DomainType 'Authoritative' | new-AcceptedDomain -Name 'FirmaEt' -DomainName 'FirmaEt.dk' -DomainType 'Authoritative' | ||
</pre> | </pre> | ||
| − | == E-mail Address policy == | + | === E-mail Address policy === |
| − | === Exchange Shell === | + | ==== Exchange Shell ==== |
<pre> | <pre> | ||
| Linje 138: | Linje 158: | ||
</pre> | </pre> | ||
| − | == Distribution Group == | + | === Distribution Group === |
<pre> | <pre> | ||
| Linje 161: | Linje 181: | ||
</pre> | </pre> | ||
| − | == Modifying Permissions for the Address Lists Containers == | + | === Modifying Permissions for the Address Lists Containers === |
Nu skal der ændres nogle ting i AD som Microsoft ikke anbefaler eller supportere. For at gøre det nemt, så læs fra [http://www.msexchange.org/articles_tutorials/exchange-server-2007/migration-deployment/shared-hosting-exchange-2007-part2.html "Modifying Permissions for the Address Lists Containers"]. | Nu skal der ændres nogle ting i AD som Microsoft ikke anbefaler eller supportere. For at gøre det nemt, så læs fra [http://www.msexchange.org/articles_tutorials/exchange-server-2007/migration-deployment/shared-hosting-exchange-2007-part2.html "Modifying Permissions for the Address Lists Containers"]. | ||
| Linje 168: | Linje 188: | ||
=== Storage styring === | === Storage styring === | ||
| − | == | + | == Læs mere == |
[http://www.msexchange.org/articles_tutorials/exchange-server-2007/migration-deployment/shared-hosting-exchange-2007-part1.html] | [http://www.msexchange.org/articles_tutorials/exchange-server-2007/migration-deployment/shared-hosting-exchange-2007-part1.html] | ||
[http://www.msexchange.org/articles_tutorials/exchange-server-2007/migration-deployment/shared-hosting-exchange-2007-part2.html] | [http://www.msexchange.org/articles_tutorials/exchange-server-2007/migration-deployment/shared-hosting-exchange-2007-part2.html] | ||
| Linje 174: | Linje 194: | ||
[http://forums.msexchange.org/m_1800522013/mpage_1/key_/tm.htm#1800523887 Most notably, on the second part, I didn't have to modify all the OWA stuff to hide the address lists...] | [http://forums.msexchange.org/m_1800522013/mpage_1/key_/tm.htm#1800523887 Most notably, on the second part, I didn't have to modify all the OWA stuff to hide the address lists...] | ||
| + | |||
| + | [http://www.kortekservices.com/lyle/] | ||
= Tak = | = Tak = | ||
Versionen fra 19. mar 2010, 13:23
Exchange 2010 Install on Server 2008 R2
How to Install Exchange Server 2010 Beta
Installing Exchange Server 2010 (Beta) (Part 1)
Enable Anti-Spam Functionality on a Hub Transport Server
Indholdsfortegnelse
Anti spam (Hub transport)
http://johanveldhuis.nl/?page_id=288&lang=en
set-recipientfilterconfig -RecipientValidationEnabled $true set-senderfilterconfig -BlockedSenders @() -BlockedDomains @() -BlockedDomainsAndSubdomains @() -BlankSenderBlockingEnabled $true set-contentfilterconfig -SCLRejectThreshold '5' -SCLDeleteThreshold '7' -SCLDeleteEnabled $true add-IPBlockListProvider -Name 'zen.spamhaus.org' -LookupDomain 'zen.spamhaus.org' -Enabled $true -BitmaskMatch $null -IPAddressesMatch @() -AnyMatch $true -Priority '1' -RejectionResponse '' add-IPBlockListProvider -Name 'dnsbl.sorbs.net' -LookupDomain 'dnsbl.sorbs.net' -Enabled $true -BitmaskMatch $null -IPAddressesMatch @() -AnyMatch $true -Priority '2' -RejectionResponse '' add-IPBlockListProvider -Name 'bl.spamcop.net' -LookupDomain 'bl.spamcop.net' -Enabled $true -BitmaskMatch $null -IPAddressesMatch @() -AnyMatch $true -Priority '3' -RejectionResponse '' add-IPBlockListProvider -Name 'dnsbl-1.uceprotect.net' -LookupDomain 'dnsbl-1.uceprotect.net' -Enabled $true -BitmaskMatch $null -IPAddressesMatch @() -AnyMatch $true -Priority '4' -RejectionResponse ''
Forudsætter Exchange 2010 er installeret på Windows 2008 R2 Server. Der bliver ikke forklaret hvorfor du skal gøre som vist, dette er kun som "vi" sætter det op og ved der virker. Hvis du vil læse lidt mere forklaring så tjek msexchange.org lidt længere nede.
Forberede Exchange til Hosting
Ændre dsHeuristics
Åben ADSIEdit
->
CN=Configuration
->
CN=Services
->
CN=Windows NT
->
CN=Directory Service.
->
Højre klik på CN=Directory Service vælg Properties.
->
Vælg attribute dsHeuristics
->
Ændret den til 001, hvis der står <not set>, ellers kun ændre det sidste tal til 1.
Klik OK og luk Properties.
PowerShell
Active Directory Module for Windows PowerShell
Fjerne adresselister
Exchange Mangement Console -> Organization Configuration -> Mailbox -> Address Lists
Exchange Mangement Shell
remove-addresslist "All Contacts" remove-addresslist "All Groups" remove-addresslist "All Rooms" remove-addresslist "All Users" remove-addresslist "Public Folders"
Gemme adresse lister i AD
$container = "CN=All Global Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=tekture,DC=hosting" Add-ADPermission -Identity $container -User "Authenticated Users" -AccessRights ListObject
step 2
$container = "CN=All Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=tekture,DC=hosting" Add-ADPermission -Identity $container -User "Authenticated Users" -AccessRights ListObject
step 3
$container = "CN=Offline Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=tekture,DC=hosting"
Add-ADPermission -Identity $container -User "Authenticated Users" -AccessRights ListObject
Oprette grupper i AD
I Active Directory Users and Computers, opret ny OU, "Hosting", under denne oprettes de forskellige kunder der skal køre på Exchangen.
Under Hosting OU laver du igen en OU, "FirmaEt", under denne laves igen 2 OU'er "Groups" og "Users" (Se billede).
Gentag dette for alle de kunder der skal køre på systemet.
PowerShell
New-ADOrganizationalUnit -Name Hosting -Path "DC=MyDomain,DC=local" New-ADOrganizationalUnit -Name FirmaEt -Path "OU=Hosting,DC=MyDomain,DC=local" New-ADOrganizationalUnit -Name Groups -Path "OU=FirmaEt,OU=Hosting,DC=MyDomain,DC=local" New-ADOrganizationalUnit -Name Users -Path "OU=FirmaEt,OU=Hosting,DC=MyDomain,DC=local"
Oprette firma
alternative UPN suffixes
Tilføj UPN for de domæner der skal hostes, til brug under logon.
Ny kunde adresse liste
Exchange Shell
Exchange Management Shell command completed:
new-AddressList -Name 'FirmaEt' -RecipientContainer 'MyDomain.local/Hosting/FirmaEt/Users' -IncludedRecipients 'MailboxUsers' -ConditionalCustomAttribute1 'FirmaEt' -Container '\' -DisplayName 'FirmaEt'
Ny kunde Global Adresse liste
Kan det ikke laves via GUI?
PowerShell
New-GlobalAddressList -Name "FirmaEt GAL" -ConditionalCustomAttribute1 "FirmaEt" -IncludedRecipients AllRecipients
Ny kunde accepted mail domain
Organization Configuration
->
Hub Transport
->
Klik på New accepted domain.
->
Skrive domæne navnet.
->
Vælg Authoritiative domain (den øverste).
->
Klik New.
Exchange Shell
new-AcceptedDomain -Name 'FirmaEt' -DomainName 'FirmaEt.dk' -DomainType 'Authoritative'
E-mail Address policy
Exchange Shell
new-EmailAddressPolicy -Name 'FirmaEt EAP' -IncludedRecipients 'MailboxUsers' -ConditionalCustomAttribute1 'FirmaEt' -Priority 'Lowest' -EnabledEmailAddressTemplates 'SMTP:%[email protected]'
Distribution Group
new-DistributionGroup -Name 'FirmaEt-mail' -Type 'Security' -OrganizationalUnit 'MyDomain.local/Hosting/FirmaEt/Groups' -SamAccountName 'FirmaEt-mail' -Alias 'FirmaEt-mail' Set-DistributionGroup -BypassSecurityGroupManagerCheck -CustomAttribute1 'FirmaEt' -Identity 'MyDomain.local/Hosting/FirmaEt/Groups/FirmaEt-mail'
Oprette brugere
New-Mailbox -Name 'Fornavn Efternavn' -Alias 'FE' -OrganizationalUnit 'MyDomain.local/Hosting/FirmaEt/Users' -UserPrincipalName '[email protected]' -SamAccountName 'FE.FirmaEt' -FirstName 'Fornavn' -Initials '' -LastName 'Efternavn' ***-Password 'System.Security.SecureString'*** -ResetPasswordOnNextLogon $false *** Mangler *** Set-Mailbox -CustomAttribute1 'FirmaEt' -Identity 'MyDomain.local/Hosting/FirmaEt/Users/Fornavn Efternavn' Add-DistributionGroupMember -Identity 'MyDomain.local/Hosting/FirmaEt/Groups/FirmaEt-mail' -Member 'MyDomain.local/Hosting/FirmaEt/Users/Fornavn Efternavn' -BypassSecurityGroupManagerCheck $user = ([ADSI]"LDAP://PDC.MyDomain.local/CN=Fornavn Efternavn,OU=Users,OU=FirmaEt,OU=Hosting,DC=MyDomain,DC=local").psbase; $user.Properties["msExchQueryBaseDN"].Value = "OU=FirmaEt,OU=Hosting,DC=MyDomain,DC=local"; $user.CommitChanges();
Modifying Permissions for the Address Lists Containers
Nu skal der ændres nogle ting i AD som Microsoft ikke anbefaler eller supportere. For at gøre det nemt, så læs fra "Modifying Permissions for the Address Lists Containers".
Ekstra
Storage styring
Læs mere
Tak
Tak til Martin B.
Mere info
Andre gode links
Exchange 2007: Distribution Group – User Unknown Bounceback
Catch-all for 2010 HUB only setup
