locked
Server 2012 R2 Essentials and Exchange RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I have a client (22 users) who is using SBS 2008. It is time to upgrade and I am planning on using Server 2012 R2 Essentials and Exchange 2013 SP1 on separate servers. I know we can add the Exchange server to the Essentials through the Essentials interface, but I have a question about OWA. The client has one static IP address. I want to point port 25 to the IP of the new Exchange server so incoming email is delivered there.  However, do I need a new static IP and a dedicated trusted certificate to do OWA or, by attaching the Exchange server through Essentials, will the Essentials Server automatically access OWA on the Exchange Server?

    I'm sure someone is going to say "Use Outlook 365."  The cost is more expensive than an Exchange server for this client.  So, we need to configure it this way.

    Any assistance is GREATLY appreciated.

    Stu

    Monday, June 8, 2015 5:43 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    I don't know what you mean by, "remoting into the Access Anywhere configuration".

    Exchange services can't have separate certificates unless you've created separate web sites for them, they all share the same certificate.  The usual minimum configuration is one name for OWA, ECP, OAB, Outlook Anywhere, ActiveSync and EWS; and another name for Autodiscover.  That would normally be a UCC certificate with two names, e.g., webmail.company.com and autodiscover.company.com.  But there are alternatives like a wildcard certificate, or using an SRV record for Autodiscover.

    With straight Exchange, you could put the Exchange 2013 server in front of the downlevel Exchange server and it would proxy or redirect the sessions and traffic to it.  However, I don't know enough about the limitations of Server Essentials to answer your question, so I recommend that you post this in what I believe is a more appropriate Forum:  https://social.technet.microsoft.com/Forums/en-US/home?forum=smallbusinessserver2011essentials&filter=alltypes&sort=lastpostdesc

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Wednesday, June 10, 2015 12:27 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    I wouldn't combine other applications with Exchange.  Consider using Hyper-V and running the products in separate VMs.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Monday, June 8, 2015 11:53 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    I am not combining the servers.  Essentials is one server and Exchange is on a separate Server 2012 machine.  It is the OWA that I have the question about.  In Essentials I can "attach" Exchange.  But can I do OWA by remoting into the Access Anywhere configuration or does OWA have to have it's own public IP and Certificate?

    Stu

    Tuesday, June 9, 2015 4:01 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I don't know what you mean by, "remoting into the Access Anywhere configuration".

    Exchange services can't have separate certificates unless you've created separate web sites for them, they all share the same certificate.  The usual minimum configuration is one name for OWA, ECP, OAB, Outlook Anywhere, ActiveSync and EWS; and another name for Autodiscover.  That would normally be a UCC certificate with two names, e.g., webmail.company.com and autodiscover.company.com.  But there are alternatives like a wildcard certificate, or using an SRV record for Autodiscover.

    With straight Exchange, you could put the Exchange 2013 server in front of the downlevel Exchange server and it would proxy or redirect the sessions and traffic to it.  However, I don't know enough about the limitations of Server Essentials to answer your question, so I recommend that you post this in what I believe is a more appropriate Forum:  https://social.technet.microsoft.com/Forums/en-US/home?forum=smallbusinessserver2011essentials&filter=alltypes&sort=lastpostdesc

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Wednesday, June 10, 2015 12:27 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi.

    Exchange 2013 SP1 not support Windows 2012 Essentials.

    Windows Server 2012 R2 Products and Editions Comparison

    Exchange 2013 system requirements

    MCITP, MCSE. Regards, Oleg

    Wednesday, June 10, 2015 12:39 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Based on my knowledge,Microsoft does not support installing Exchange Server on a server that is running Windows Server Essentials. https://technet.microsoft.com/en-us/library/jj200172.aspx?f=255&MSPPError=-2147217396

    We can install Exchange 2013 SP1 or later version on Windows Server 2012 R2 Standard or Datacenter version. For more information about supported operating systems for Exchange 2013, please refer to:https://technet.microsoft.com/en-us/library/aa996719%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396

    Best Regards,

    David 

    Wednesday, June 10, 2015 1:01 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    In each of the replies, you tell me that I cannot put exchange on essentials server.  I know that.  That is why I am putting it on a separate Sever 2012 R2 server.  The question I have is this -- going back in time to when Microsoft offered Small business server, we could get one certificate and point port 25 to the SBS server. Now, we have TWO servers.  We can add Exchange server to the Essential server (there are tons of instructions and videos out there explaining how), but the question I have is, "If I attach the Exchange server (which is a different server) to the Essentials server, can I set up the router and certificate to point to the Essentials server and have it forward the email and OWA to the new separate Exchange server, OR do I need to point OWA and port 25 to the NEW Separate Exchange server and have a separate certificate for the OWA on the new separate Exchange server?"

    Stu

    Wednesday, June 17, 2015 1:38 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    The problem is that in this forum few people do anything with Essentials and therefore aren't familiar with restrictions Essentials may place on connecting with other servers, which is why you might get a better response in an Essentials forum.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Friday, June 19, 2015 6:17 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    What you are talking about here is what a lot of people are going through, as going from SBS to the new 2012 with virtualized servers is a big jump, but virtualization is far more powerful and scalable and allows easier backup and fault troubleshooting options.

    You need two certificates:

    1. e.g. remote.domain.com (for Essentials Anywhere Access and Direct Access)

    2. e.g. mail.domain.com (if you use an SRV record through your domain hosts cpanel you can get away with a single name certificate as autodiscover is dealt with at external domain level (you will get a one-time warning as you connect outlook accounts to allow the redirect), otherwise you will need a UCC certificate with at least mail.domain.com & autodiscover.domain.com for Exchange & essentials DNS to deal with it (you won't get a redirect warning)). This is all so autodiscover works when you connect outlook accounts later.

    What you do is  is outlined below:

    https://technet.microsoft.com/en-us/library/jj200172.aspx

    So you install Windows Server 2012 R2 Standard (for eg) on your actual hardware box and only add the Hyper-V (and Windows Server Backup Role if you wish). This is your host. It is standalone and not part of the domain. 

    Then through Hyper V manager you create your two boxes (Essentials R2 (domain Controller) and Standard R2 with Exchange) then connect Exchange box to domain via usual methods via Hyper V VirtualSwitch.

    So in essence you have three boxes running (one real and two virtual) Trick is to give each virtual box half each of your processors (ie 4 each if 8 core) and plenty of RAM. Ups the performance a lot I have seen a lot of installs stuck in first gear because Admins forgot to assign more than one virtual processor to Vms. Like being stuck in first gear with a modern, multi core processor.

    ARR 3.0 (Application Request Routing) is then used to "place" the exchange certificate into the Essentials IIS (for the specific purpose of proxying the info to the Exchange box), therefore allowing an SSL security checkpoint for Exchange on the Essentials Server, which allows the mail to flow in and out of your other virtualized Windows Server 2012 R2 (Standard or Enterprise) with Exchange installed. This is where you use a single network adapter on your server as it all has to flow through port 443 and port 25.

    Then OWA works as normal (through mail.domain.com, but routed through the Essentials IIS via ARR proxy)

    You can then put direct access on the Essentials Server as well if you want (in addition to anywhere access which must be set up first to enable direct access):

    https://technet.microsoft.com/en-us/library/jj204618.aspx

    Its basically splitting the parts of the SBS box into separate parts via virtualization then it all joins to the Domain Controller (Essentials) to create similar functionality to what SBS used to (as i said tho with virtualization the sky is the limit SBS was very restricted because everything ran on the same OS)

    P.S The longest part of the above process (which is quite easy after you do it a few times) is, go figure, Windows Update. It takes ages as lot of updates for base RTMs of these Os's now even R2 .... :(












    • Proposed as answer by R2guy Monday, April 4, 2016 8:42 AM
    • Edited by R2guy Monday, April 4, 2016 9:32 AM
    Monday, April 4, 2016 8:39 AM