If you're planning to migrate to Exchange 2013, the first thing you should do is learn more about it. And what better way to learn about it than to set it up in your own test lab? Plus, a lab is essential if you plan to get qualified on the new MCSE: Messaging certification. Having your own Exchange 2013 test lab lets you become familiar with new features within the safety of a sandpit environment.
Sorting out questions about hardware and software
Before you build your
The smallest labs need at least 8 GB of RAM, a dual-core CPU and around 100 GB of space. It's now more common to be able to install 16 GB RAM into a laptop, which means you can easily use Windows 8 Hyper-V or VMware Workstation/Player for a portable lab to test Exchange.
If you're looking for a lab "server," check out fellow Exchange MVP Jeff Guillet's lab kit list. He built a low-cost powerhouse using Windows Server 2012, Hyper-V and SSD disks that's suitable for almost any lab testing. In this tip, I'll explain how to build a simple lab that requires the following downloads:
If you're licensing Windows Server separately for your lab, use your TechNet or MSDN subscription to download the Windows ISOs.
Obtaining a domain name and certificates for your Exchange lab
A good Exchange 2013 test lab allows you to connect clients and simulate real-world scenarios, so it's worth investing in a domain name for your lab. This will allow you to test with real clients, but you can test remote or mobile devices if you're building a home lab on a DSL or cable connection -- and provide external access using port-forwarding and test remote or mobile devices. If you purchase a domain registration through a company like DynDNS, you can purchase it with Dynamic DNS and SMTP relay services.
A good test lab will also make use of signed Secure Sockets Layer (SSL) certificates, ideally with subject alternative names. The key names for Exchange are often the HTTPS name -- such as mail.contoso.com -- and the Autodiscover name, e.g., Autodiscover.contoso.com. You can also use contoso.comfor the Autodiscover name, which may not be suitable for a commercial setting but is great for a test lab using a new domain.
StartSSL offers free, widely trusted SSL certificates to provide you with two names -- the HTTPS name and the domain name itself, which is perfect for our lab. You can visit this website to sign up for an SSL and use it when you request a certificate.
After signing up for the new domain, you'll create three new records: a common HTTPS name, the domain name and the mail exchanger, or MX, record for inbound email.
Installing Windows Server 2012 and updates
Our simple Exchange 2013 test lab will use a single Windows Server 2012 standard edition to host Active Directory (AD) and Exchange 2013. The base virtual machine we'll use for our lab meets the hardware requirements. After a basic install of Windows Server 2012, assign your lab server a static IP and appropriate name, and ensure the server has the latest Windows updates.
Setting up your Exchange lab's Active Directory
Before installing Exchange, you'll need a suitable AD environment within the lab. In this example, we combine the AD and Exchange servers, which isn't recommended in a production environment.
A word of warning: If you plan to test Address Book Policies, you'll need to split these roles. We'll use a split DNS approach to Exchange and use our domain name as our AD domain name, and set up our AD using the following cmdlets, replacing the DomainName value as appropriate.
Install-ADDSForest -DomainName lab01.exchangelabs.co.uk
Installing and testing Exchange 2013
After AD is up and running, extract the Exchange 2013 CU1 installer download (Exchange-x64.exe) to a convenient location, such as C:\Exchange2013, and then download Michel De Rooij's Exchange 2013 installation script.
Run the installer script and replace the Organization value as appropriate. Change the SourcePath to the location you've chosen to extract Exchange 2013. This will build an Exchange Server (Figure 5).
.\Install-Exchange2013 -Organization ExchangeLab -InstallMailbox -InstallCAS -SourcePath C:\Exchange2013 -AutoPilot -Credentials (Get-Credential)
Enable internal and external mail
With Exchange installed, you need to enable inbound and outbound mail. After buying your domain name, set up the MX record for your domain to point to the external IP address of the Exchange Server. If this is a home lab, this is your external IP. You'll need to forward port 25 to allow inbound mail from the Internet to reach the Exchange Server.
To enable outbound mail, create a simple Send Connector that routes all outbound mail using DNS lookup settings. If you're using a smart host service, such as the DynDNS service, then you'll need slight adjustments.
New-SendConnecter "Outbound" -AddressSpaces * -Internet
After configuring the Send Connector, log in to OWA as Administrator and test inbound and outbound mail flow (Figure 6).
Set up internal DNS entries and configure Exchange URLs
We created our primary External HTTPS name, which was in the form mail.contoso.com. As we plan on using the free StartSSL certificate authority, we didn't create an AutoDiscover domain record and opted to use just the domain name. Internally, we'll need to set up the same records. The domain name is already pointing at the Exchange server if our AD and Exchange server are combined, but we need to create our mail.contoso.com DNS server record (Figure 7) using the AD DNS management.
After creating the DNS record, use the following commands at the Exchange Management Shell to configure the Exchange URLs, replacing the $Name value with the matching DNS record:
$Name = "mail.lab01.exchangelabs.co.uk"
Get-OWAVirtualDirectory | Set-OWAVirtualDirectory -InternalURL "https://$($Name)/owa" -ExternalURL "https://$($Name)/owa"
Get-ECPVirtualDirectory | Set-ECPVirtualDirectory -InternalURL "https://$($Name)/ecp" -ExternalURL "https://$($Name)/ecp"
Get-OABVirtualDirectory | Set-OABVirtualDirectory -InternalURL "https://$($Name)/oab" -ExternalURL "https://$($Name)/oab"
Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -InternalURL "https://$($Name)/Microsoft-Server-ActiveSync" -ExternalURL "https://$($Name)/Microsoft-Server-ActiveSync"
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalURL "https://$($Name)/EWS/Exchange.asmx" -ExternalURL "https://$($Name)/EWS/Exchange.asmx"
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalURI "https://$($Name)/AutoDiscover/AutoDiscover.xml"
Get-OutlookAnywhere | Set-OutlookAnywhere -InternalHostname $Name -InternalClientsRequireSSL:$true
Request and apply SSL certificates
To create your SSL certificate request, navigate to the EAC (Exchange Admin Center) and choose Servers > Certificates after logging in. Select New Certificate and enter the primary name for Exchange services and your details as registered with StartSSL.
Open the resulting Certificate Request (.cer) file, and then revisit the StartSSL website to submit your certificate request. After receiving the resulting certificate, navigate back to the certificate request in the EAC and choose Complete Pending Request.
After uploading the .cer file, you should be able to Assign Services to the certificate within the same section of the EAC. After you choose IIS, you'll have a fully functioning Exchange 2013 test lab compatible with Office, Office 365 hybrid configuration, most major browsers and most mobile devices.
About the author:
Steve Goodman is an Exchange MVP and works as a technical architect for one of the UK's leading Microsoft Gold partners, Phoenix IT Group. Goodman has worked in the IT industry for 14 years and has worked extensively with Microsoft Exchange since version 5.5.
This was first published in July 2013