This installation guide provides the deployment stages of an Exchange 2013 server:

1. Preparing Active Directory (if installing Exchange Server 2013 for the first time)
2. Installing the Exchange Server 2013 pre-requisites
3. Running Exchange Server 2013 setup

Requirements

• Coexistence is possible with Exchange 2007 Service Pack 3 (SP3) and later versions.
• Outlook clients earlier than Outlook 2007 are not supported.
• The functional level of your forest is at least Windows Server 2003, and that the schema master is running Windows Server 2003 with Service Pack 2 or later.
• The full installation option of Windows Server.
• Minimum Windows Server 2008 R2 Standard with SP1 + latest Windows updates.
• You must be a member of the Domain Admins, Schema Admins and the Enterprise Admins group.
  If you’re running Exchange 2013 Setup in your organization for the first time, the account you use must be a member of the Schema Admins and Enterprise Admins groups. These permissions are required because Active Directory is prepared for Exchange 2013 the first time Setup is run. After Active Directory is prepared, the account you use to install additional Exchange 2013 servers must be a member of the Organization Management management role group.

Preparing Active Directory

If this is the first time you install Microsoft Exchange Server 2013 in your organization, then you have first to prepare Active Directory and domains.

Tools needed for preparation

Install the necessary software on the member server that will be used to prepare Active Directory:

• Microsoft .NET Framework 4.5 (already included with Server 2012)
• Windows Management Framework 3.0 (already  included with Server 2012)
• Install Remote Server Administration Tools Pack
  In PowerShell run:

Windows Server 2012	Install-WindowsFeature RSAT-ADDS
Windows Server 2008 R2 SP1	Import-Module ServerManager Add-WindowsFeature RSAT-ADDS

 

Prepare the Active Directory Schema and AD

Preparation Steps	Command
Update the schema with Exchange   2013 specific attributes	setup.exe   /PrepareSchema /IacceptExchangeServerLicenseTermswait for the changes to replicate
Prepare the Active Directory   Topolgy	setup /IacceptExchangeServerLicenseTerms /PrepareAD [/OrganizationName:<”organization   name”>]If no Exchange organization   already exists, you must specify an organization name using the /OrganizationName   parameter.
Create the   Microsoft Exchange System Objects container	Run   setup /PrepareDomain /IAcceptExchangeServerLicenseTermsIf  you get error  messages, wait for or force Active Directory replication and then run /PrepareDomain again.

 

Install Exchange 2013 prerequisites

To install the required roles and feature, run the command below using PowerShell.
The prerequisites can also installed by the Exchange Setup wizard, but a reboot will be required during the setup wizard.

Windows Server 2012 prerequisites	Windows Server 2008 R2 SP1 prerequisites
Install-WindowsFeature   AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features,   RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface,   Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth,   Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression,   Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing,   Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console,   Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server,   Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI,   Windows-Identity-Foundation	Import-Module   ServerManager Add-WindowsFeature   Desktop-Experience, NET-Framework, NET-HTTP-Activation, RPC-over-HTTP-proxy,   RSAT-Clustering, RSAT-Web-Server, WAS-Process-Model, Web-Asp-Net,   Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing,   Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing,   Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase,   Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext, Web-Request-Monitor,   Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth,   Web-WMI
Upon running the above command Restart your server.
Install following software:   Microsoft   Unified Communications Managed API 4.0, Core Runtime 64-bit   Microsoft   Office 2010 Filter Pack 64 bit   Microsoft   Office 2010 Filter Pack SP1 64 bit	Install following software:   Microsoft   .NET Framework 4.5   Windows   Management Framework 3.0   Microsoft   Unified Communications Managed API 4.0, Core Runtime 64-bit   Microsoft   Office 2010 Filter Pack 64 bit   Microsoft   Office 2010 Filter Pack SP1 64 bit   Microsoft Knowledge Base article KB974405 (Windows Identity Foundation)   Knowledge Base article KB2619234 (Enable the Association Cookie/GUID that   is used by RPC over HTTP to also be used at the RPC layer in Windows 7 and in   Windows Server 2008 R2)   Knowledge Base   article KB2533623 (Insecure library loading could allow remote code   execution)
After installing the pre-requisites a restart of the server is   required. If you proceed without restarting then setup may be unable to   proceed when it detects the pending restart.

 

Exchange 2013 Installation

1. Run Exchange 2013 Setup with elevated privileges (Run as Administrator).
2. Follow instructions on screen, they speak themselves. Don’t use recommended settings.
3. If this is the first Exchange server in your organization, on the Exchange Organization page, type a name for your Exchange organization.
4. If you need to separate management of Active Directory security principals and Exchange configuration, select Apply Active Directory split permission security model to the Exchange organization.
5. Malware Protection Settings keep enabled.
6. On the Readiness Checks page, view the status to determine if the organization and server role prerequisite checks completed successfully.
   • If they haven’t completed successfully, you must resolve any reported errors before you can install Exchange 2013. You don’t need to exit Setup when resolving some of the prerequisite errors. After resolving a reported error, click back and then click Next to run the prerequisite check again.
   • If this is the not the first server you’re installing and there is no Send Connector defined for outbound email then you may see a warning, but you can still proceed with the server installation.
7. On the Server Role Selection page, choose whether you want to installMailbox role, Client Access role or both roles. You can add additional server roles later if you choose not to install them during this installation. An organization must have at least one Mailbox role and at least one Client Access server role installed.
8. Select Automatically install Windows Server roles and features that are required to install Exchange Server to have the Setup wizard install required Windows prerequisites.
9. Restart the server after Exchange 2013 setup has completed.

 

Exchange 2013 Configuration

After you’ve installed Microsoft Exchange Server 2013 in your organization, you need to configure Exchange Server 2013 for mail flow and client access. Without these additional steps, you won’t be able to send mail to the Internet and external clients such as Microsoft Office Outlook and ActiveSync devices won’t be able to connect to your Exchange organization.

Exchange Admin Center

The traditional Exchange Management Console is moved into a web based interface: Exchange Admin Center.

Open the (EAC) by browsing to: https://<FQDN of Client Access server>/ECP

Send connector

Before you can send mail to the Internet, you need to create a Send connector on the Mailbox server. Do the following.

1. Go to Mail flow > Send connectors. On the Send connectors page, click Add                                                                                                                                   .
2. In the New send connector wizard, specify a name for the Send      connector and then select Internet. Click Next.
3. Verify that MX record associated with recipient domain is selected. Click Next.
4. Under Address space, click Add. In the Add domain window, make sure SMTP is selected in the Type field. In the Fully Qualified Domain Name (FQDN) field, enter *. Click Save.
5. Make sure Scoped send connector isn’t selected and then click Next.
6. Under Source server, click Add. In the Select a server window, select a Mailbox server that will be used to send mail to the Internet via the Client Access server. After you’ve selected the server, click Add and then click OK.
7. Click Finish.

Receive connector

A default inbound Receive connector is created when Exchange 2013 is installed. This Receive connector accepts anonymous SMTP connections from external servers. You don’t need to do any additional configuration.

Accepted domains

By default, when you deploy a new Exchange 2013 organization in an Active Directory forest, Exchange uses the domain name of the Active Directory domain where Setup /PrepareAD was run. If you want recipients to receive and send messages to and from another domain, you must add the domain as an accepted domain. This domain is also added as the primary SMTP address on the default email address policy in the next step.

Important: A public Domain Name System (DNS) MX resource record is required for each SMTP domain for which you accept email from the Internet. Each MX record should resolve to the Internet-facing server that receives email for your organization.

1. Go to Mail flow > Accepted domains. On the Accepted domains page, click Add            .
2. In the New accepted domain wizard, specify a name for the accepted domain.
3. In the Accepted domain field, specify the SMTP recipient domain you want to add. For example, contoso.com.
4. Select Authoritative domain and then click Save.

Default email address policy

If you added an accepted domain in the previous step and you want that domain to be added to every recipient in the organization, you need to update the default email address policy.

1. Go to Mail flow > Email address policies. On the Email address policies page, select Default Policy and then click Edit.
2. On the Default Policy Email Address Policy page, click Email Address Format.
3. Under Email address format, click the SMTP address you want to change and then click Edit.
4. On the Email address format page in the Email address parameters field, specify the SMTP recipient domain you want to apply to all recipients in the Exchange organization. This domain must match the accepted domain you added in the previous step. Click Save.
5. Click Save
6. In the Default Policy details pane, click Apply.

Note We recommend that you configure a user principal name (UPN) that matches the primary email address of each user. If you don’t provide a UPN that matches the email address of a user, the user will be required to manually provide their domainuser name or UPN in addition to their email address. If their UPN matches their email address, Outlook Web App, ActiveSync, and Outlook will automatically match their email address to their UPN.

SSL certificate

Some services, such as Outlook Anywhere and ActiveSync, require certificates to be configured on your Exchange 2013 server. The following steps show you how to configure an SSL certificate from a third-party certificate authority (CA):

1. Go to Servers > Certificates. On the Certificates page, make sure your Client Access server is selected in the Select server field, and then click Add.
2. In the New Exchange certificate wizard, select Create a request for a certificate from a certification authority and then click Next.
3. Specify a name for this certificate and then click Next.
4. If you want to request a wildcard certificate, select Request a wild-card certificate and then specify the root domain of all subdomains in the Root domain field. If you don’t want to request a wildcard certificate and instead want to specify each domain you want to add to the certificate, leave this page blank. Click Next.
5. Click Browse and specify an Exchange server to store the certificate on. The server you select should be the Internet-facing Client Access server. Click Next.
6. For each service in the list shown, specify the external or internal  server names that users will use to connect to the Exchange server. For example, for Outlook Web App (when access from the Internet), you might specify owa.contoso.com. For OWA (when access from the Intranet), you might specify CAS02.corp.contoso.com. These  domains will be used to create the SSL certificate request. Click Next.
7. Add any additional domains you want included on the SSL certificate.      Click Next.
8. Provide information about your organization. This information will be      included with the SSL certificate. Click Next.
9. Specify the network location where you want this certificate request      to be saved. Click Finish.

After you’ve saved the certificate request, submit the request to your certificate authority (CA). This can be an internal CA or a third-party CA, depending on your organization. Clients that connect to the Client Access server must trust the CA that you use. After you receive the certificate from the CA, complete the following steps:

1. On the Server > Certificates page in the EAC, select the certificate request you created in the previous steps.
2. In the certificate request details pane, click Complete under Status.
3. On the complete pending request page, specify the path to the SSL      certificate file and then click OK.
4. Select the new certificate you just added, and then click Edit.
5. On the certificate page, click Services.
6. Select the services you want to assign to this certificate. At      minimum, you should select SMTP and IIS. Click Save.
7. If you receive the warning Overwrite the existing default SMTP certificate?, click OK.

External Client Access

After you’ve chosen your external domains and installed your certificate, you need to configure the external domains on the Client Access server’s virtual directories and then configure your domain name service (DNS) records. The steps below configure the same external domain on the external URL of each virtual directory. If you want to configure different external domains on one or more virtual directory external URLs, you need to configure the external URLs manually.

1. Go to Servers > Servers and then click Configure external access domain.
2. Under Select the Client Access servers to use with the external URL,      click Add
3. Select the Client Access servers you want to configure and then click Add.      After you’ve added all of the Client Access servers you want to configure,      click OK.
4. In Enter the domain name you will use with your external Client Access servers, type the external domain you want to apply. Click Save.
5. Go to Servers > Servers, select the name of the      Internet-facing Client Access server and then click Edit.
6. Click Outlook Anywhere.
7. In the Specify the external hostname field, specify the      externally accessible FQDN of the Client Access server. For example,      mail.contoso.com.
8. Click Save.

External URL

After you’ve configured the external URL on the Client Access server virtual directories, you need to configure DNS records for Autodiscover, Outlook Web App, and mail flow. The DNS records should point to the external IP address of your Internet-facing Client Access server and use the externally accessible FQDNs that you’ve configured on your Client Access server. The following are examples of recommended DNS records that you should create to enable mail flow and external client connectivity.

FQDN	DNS record type	Value
Contoso.com	MX	Mail.contoso.com
Mail.contoso.com	A	172.16.10.11
Owa.contoso.com	A	172.16.10.11
Autodiscover.contoso.com	A	172.16.10.11

http://technet.microsoft.com/en-us/library/bb124558.aspx