Configuring Exchange 2013

Welcome to my Second part of my 4 part How-To. The configuration portion.

I hope the first part wasn't too much of a challenge. It should be pretty straight forward. it just requires a few reboots (Too many in my opinion). Assuming you have completed the first part and everything works fine, let's proceed with the configuration part.

Here is what we will configure in this portion:

• Database Availability Group (DAG)
• Client Access Server High Availability

Please remember, that there are A LOT of configurations to do. I am only covering the essential parts so you can know how to create a redundant/High Availability infrastructure. the rest is up to you to configure depending on what your company/client requires.

Configuring Database Availability Group (DAG)

Database availability group essentially is a failover cluster that exchange creates to have a redundancy of its mailboxes database. If one database fails, a copy will come online.

The difference between Failover cluster and DAG is that it's not the same database that comes online at another host but a secondary copy of that database located elsewhere, that comes online. When you have multiple mailbox databases (Information Stores), it's to distribute the traffic and not to provide redundancy.

A DAG, just like a cluster, needs a quorum if the number of mailboxes are even. however, it can only be a file witness. It can be any server that has the appropriate permissions (that we will cover).Creating and configuring DAG. For those who aren't sure what a Quorum is, it's basically a tie-breaker. a cluster needs OVER 50% to stay up. if you have an even number of nodes, a tie breaker is needed for majority.

Before configuring the DAG, it's better and easier to pre-create the Computer Name Object (CNO) in Active Directory and give it the proper permissions prior to adding the MX server into the DAG. Here are the steps:

• Open Active Directory Users and Computers.
• Navigate to the OU or Container desired and Create a new Computer Name Object (CNO).
• Right-Click and go to Properties.
• In the security tab add the group Exchange Trusted Subsystems and assign it "Full Control". Press "OK".
• Right-Click the CNO and click on "Disable Account".

Now that we pre-defined the DAG name, please do the following:

• Log onto the EAC (Exchange Administrator Console). Please ensure you have Domain Admin rights.
• on the left pane, navigate to "Servers".
• Click on the "Database Availability Group" tab, then click on the "+" icon.
• A pop-up window will appear. Please fill in the following information:*
• DAG Name (this will be the hostname).
• Witness Server name.
• Witness share.
• Add the IP of the DAG.
• Click "Save".

* Please note that you can only write the DAG Name and the corresponding IPv4 and exchange will search for a server with a Client Access Role to configure as a witness. however if you wish to customize the DAG parameters, you can enter the information you desire and to ensure that the target machine has the "Exchange Trusted Subsystems" added in the same manner we just covered above. Once the DAG is created, you will see it added to the interface with the Witness server declared. now it's time to add the mailbox servers into the DAG.

• Select the newly declared DAG. After selecting it, a new set of icons will appear above the DAG name.
• Select the 5^th icon from the left. a pop up window with the title "Manage Database Availability Group Membership".
• Click on the "+" to add the member servers. another pop up window will appear. Select the servers listed and click "Add", then "OK", then "Save".
• Please note that a new pop-up will appear with the progress bar. Do not press stop. let it finish even if it generates an error. it could have possible complications.

To configure the failover for each Exchange Mailbox Database, you need to create a copy. That copy will offer the redundancy that we seek. To create Mailbox Database Copy do the following:

• Navigate to the Servers > Database section.
• Click on the "..." icon and select "Add Database Copy".
• Click on the "Browse" button and select an available Mailbox Server and click "OK"(If you have only 2 mailbox servers, you will have 1 choice)
• Click "Save".
• Repeat the same steps for any other Mailbox Database you have.

Voila! you have DAG all configured. Now that you have High Availability configured on the Mailbox Database level, you need to configure the Front-End Client side for High Availability. Since the front end is more IIS/Web front, it's a Network Load Balancing (NLB) type of High Availability.

For a quick and basic NLB configuration, please do the following:

• In the DNS server, create a Host (A) record for the desired CAS URL.
• Create a new MX record pointing to the newly created Host (A) record.
• Install the "Network Load Balancing" feature on your front end servers.
• Inside the NLB, declare the IP you assigned to the Host (A) record in the DNS
• Assign the Front-End Client Access servers to the NLB.
• If you have a single Network Card, use the multicast option instead of unicast.

To configure CAS, you need to do the following steps:

• From the EAC, navigate to Server Virtual Directories.
• Click on the 2^nd icon from the left (Configure External Access Domain).
• Click on the "+" icon and add the front end servers containing the "Client Access" role. Click "OK".
• Enter the URL desired in the Text box below. Click "Save".
• Select the ECP virtual directory of a client access server and select the "pencil" icon to edit it's properties.
• Modify in the Internal URL of ECP to match the external URL listed.
• Repeat the same procedure for all other ECP servers and for all the OWA virtual directories as well.
• Once you confirmed that your CAS is working properly, you should adjust all the available URLs in your virtual directories as well. It’s better to ensure high availability of all servers and all directories.
  (AutoDiscover can be done only via PowerShell. The GUI can’t edit the configuration).

At this point, you have the NLB set up, the MX and host records available. if you'd like to ensure the URL works, log out of the existing session, and open a web browser and type the following URLs

• ECP: https://%CAS-Host%.domain.com/ecp
• OWA: https://%CAS-Host%.domain.com/owa

On the next part we will continue a little bit of configuration such as Archiving mailbox Database, AutoDiscovery, creating Mailboxes and Connectors. We will also do some testing to ensure that everything done so far actually works properly.

Now On to page 3! Testing (and a few more configurations).

Daniel Moscovici