In part 10 of this mini-series, I’ll look at how to configure the virtual directories used by Exchange 2013. We’ll need to configure these to match the FQDNs we request on our SSL certificate.
It’s assumed that split-brain DNS will be setup for the configuration to work. The essenace of split-brain DNS is that your external domain name is also configured on your internal DNS servers, but the A records on the internal DNS server point to the internal IP address of the server whereas the domain name configured on your external DNS servers point to the external IP address of your server. So whether a client is internal or external the FQDN will always resolve to the correct IP address.
We’ll be configuring the following services:
- Exchange Admin Center (ecp)
- Outlook Web App (owa)
- Exchange Web Services (EWS)
- Active Sync
- Offline Address Book (OAB)
- Outlook Anywhere
Exchange Admin Center
- In the Exchange Admin Center go to servers, virtual directories.
- You can’t configure the Autodiscover URL via the Exchange Admin Center so we’ll skip this for the time being and come back to it later when we look at how to make the changes using the Exchange Management Shell. The rest we’ll work through in the order above.
- Highlight ecp (Default Web Site) and click edit. As you can see only the Internal URL exists at the moment.
- Change the Internal URL and External URL settings to https://mail.oxfordsbsguy.com/ecp, click save.A warning message will appear: You’ve changed the InternalURL or ExtenralURL of the ECP virtual directory. Please make the same changes to the OWA virtual directory in the same website.Click ok.
- As the warning message states, make the same change to the owa (Default Web Site). Highlight it and click edit. Set the Internal URL and External URL to https://mail.oxfordsbsguy.com/owa, click save.
- Highlight EWS (Default Web Site), click edit and make the same changes.
- Highlight Microsoft-Server-ActiveSync (Default Web Site), click edit and make the same changes.
- Highlight OAB (Default Web Site), click edit and make the same changes.
- Finally we have the Outlook Anywhere setting to configure. Select servers from the left hand menu and servers from the top menu. Highlight the OX-Exch1 server and click edit.
- Select Outlook Anywhere, and then change the external host name and internal host name parameters, Click save.Read the warning. If you are migrating from a previous version of Exchange then change the authentication method to NTLM until you have removed the previous Exchange server. Otherwise click ok.
- So the only setting remaining is Autodiscover. We’ll take a look at that in the next section – using the Exchange Management Shell.
Exchange Management Shell
To perform the same tasks in the Exchange Management Shell we’ll use the following cmdlets:
- First we’ll use Get-Command (GCM) to see a list of cmdlets relating to virtual directories. Type: gcm *virtualdirect* You can see highlighted the Get-xxxVirtualDirectory and Set-xxxVirtualDirectory cmdlets we’ll be using.
- But first we’ll configure the autodiscover URL using Get-ClientAccessServer.
Type: Get-ClientAccessServer | fl
You can see the AutoDiscoverServiceInternalUri is set to the internal FQDN. We need to change this.
- Type Set-ClientAccessServer -Identity Ox-Exch1 -AutoDiscoverServiceInternalUri https://autodiscover.oxfordsbsguy.com/Autodiscover/Autodiscover.xml
You can see the command below returns without an error, then I used Get-ClientAccessServer | fl Name, AutodiscoverServiceInternalUri -Autosize to confirm the setting.
Note: the i at the end of AutodiscoverServiceInternalUri not an l.
- Now let’s configure the ECP virtual directory. Type: Get-ECPVirtualDirectory | fl You can see the InternalUrl is set to the servername, and there is no ExternalUrl set at the moment.
- Type: Set-EcpVirtualDirectory -Identity “Ox-Exch1\ecp (Default Web Site)” -InternalUrl “https://mail.oxfordsbsguy.com/ecp” -ExternalUrl “https://mail.oxfordsbsguy.com/ecp” Notice the same warning we received before about making sure the OWA and ECP virtual directories are the same. After running the command I used Get-ECPVirtualDirectory to confirm the changes.
- Run through steps 4 and 5 for OWA, EWS, ActiveSync, and the OAB. Take care to make sure you get the correct virtual directory for each of the services.
- Finally we’ll configure Outlook Anywhere. Type: Get-OutlookAnyWhere to see the current settings.
- Type: Set-OutlookAnywhere -Identity “Ox-Exch1\Rpc (Default Web Site)” -ExternalHostname mail.oxfordsbsguy.com -ExternalClientsRequireSsl:$True -ExternalClientAuthenticationMethod Negotiate -InternalHostname mail.oxfordsbsguy.com -InternalClientsRequireSsl:$True -InternalClientAuthenticationMethod Negotiate The authentication method may vary depending on if you are migrating from a previous version of Exchange or if this is a new installation.
In this post I’ve looked at how to configure Exchaneg 2013 virtual directories using the Exchange Admin Console and Exchange Management Shell.
For the other articles in this series please go to:
- Exchange 2013 Cumulative Update installation tips and best practices
- How to install Exchange 2013 (SP1) on Windows Server 2012 R2
- Exchange 2013 Initial Configuration Settings
- Exchange 2013 Initial Configuration Settings: Setting SMTP accepted domains (Part 1)
- Exchange 2013 Initial Configuration Settings: Setting email address policies (Part 2)
- Exchange 2013 Initial Configuration Settings: Rename and move the default mailbox database and logs (Part 3)
- Exchange 2013 Initial Configuration Settings: Change mailbox size limits (Part 4)
- Exchange 2013 Initial Configuration Settings: Create a send connector (Part 5)
- Exchange 2013 Initial Configuration Settings: Set the offline address book (Part 6)
- Exchange 2013 Initial Configuration Settings: Enter the Product Key (Part 7)
- Exchange 2013 Initial Configuration Settings: How to configure a Postmaster address (Part 8)
- Exchange 2013 Initial Configuration Settings: How to change the FQDN on the default frontend receive connector (Part 9)
- Exchange 2013 Initial Configuration Settings: How to configure the virtial directories (Part 10)
- Create and apply an SSL certificate (work in progress)