Installation of Exchange 2016 with DAG

1- Prepare for Installation of Exchange 2016

Friday, July 31, 2015

10:53 AM

Install-WindowsFeature RSAT-ADDS

From <https://technet.microsoft.com/en-us/library/bb691354{308b10a016e19a1cd6a208cbc3961927e16fc6766a4020d3c4ef54ea17925f0f}28v=exchg.160{308b10a016e19a1cd6a208cbc3961927e16fc6766a4020d3c4ef54ea17925f0f}29.aspx?f=255&MSPPError=-2147217396>

clip_image001[5]

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

From <https://technet.microsoft.com/en-us/library/bb691354{308b10a016e19a1cd6a208cbc3961927e16fc6766a4020d3c4ef54ea17925f0f}28v=exchg.160{308b10a016e19a1cd6a208cbc3961927e16fc6766a4020d3c4ef54ea17925f0f}29.aspx?f=255&MSPPError=-2147217396>

Windows 2016 (Windows Server)

Install-WindowsFeature Net-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

clip_image002[4]

1- (Extending Schema)

Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

From <https://technet.microsoft.com/en-us/library/bb125224(v=exchg.160).aspx#Step1>

clip_image003[4]

  1. (Preparing AD)

Setup.exe /PrepareAD /OrganizationName:”<organization name>” /IAcceptExchangeServerLicenseTerms

From <https://technet.microsoft.com/en-us/library/bb125224(v=exchg.160).aspx#Step1>

Setup.exe /PrepareAD /OrganizationName:TEST /IAcceptExchangeServerLicenseTerms

clip_image004[4]

  1. Prepare one domain in the forest or all domains

Setup.exe /PrepareDomain:<FQDN of the domain you want to prepare> /IAcceptExchangeServerLicenseTerms

From <https://technet.microsoft.com/en-us/library/bb125224(v=exchg.160).aspx#Step1>

clip_image005[4]

To prepare all domains run the following cmd

Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms

From <https://technet.microsoft.com/en-us/library/bb125224(v=exchg.160).aspx#Step1>

How do you know this worked?

Once you’ve done all the steps above, you can check to make sure everything’s gone smoothly. To do so, you’ll use a tool called Active Directory Service Interfaces Editor (ADSI Edit). ADSI Edit is included as part of the Active Directory Domain Services Tools feature in Windows Server 2012 R2 and Windows Server 2012. If you want to know more about it, check out ADSI Edit (adsiedit.msc).

clip_image006[4]

Warning:

Never change values in ADSI Edit unless you’re told to do so by Microsoft support. Changing values in ADSI Edit can cause irreparable harm to your Exchange organization and Active Directory.

After Exchange extends your Active Directory schema and prepares Active Directory for Exchange, several properties are updated to show that preparation is complete. Use the information in the following list to make sure these properties have the right values. Each property needs to match the value in the table below for the release of Exchange 2016 that you’re installing.

  • In the Schema naming context, verify that the rangeUpper property on ms-Exch-Schema-Verision-Pt is set to the value shown for your version of Exchange 2013 in the Exchange 2016 Active Directory versions table.
  • In the Configuration naming context, verify that the objectVersion property in the CN=<your organization>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<domain> container is set to the value shown for your version of Exchange 2016 in theExchange 2016 Active Directory versions table.
  • In the Default naming context, verify that the objectVersion property in the Microsoft Exchange System Objects container under DC=<root domain is set to the value shown for your version of Exchange 2016 in the Exchange 2016 Active Directory versions table.

From <https://technet.microsoft.com/en-us/library/bb125224(v=exchg.160).aspx#Step1>

Software Prerequisites

clip_image007[4]

clip_image008[4]

clip_image009[4]

clip_image010[4]

clip_image011[4]

 

clip_image001[7]

clip_image002[6]

clip_image003[6]

clip_image004[6]

clip_image005[6]

clip_image006

clip_image007[6]

clip_image008[6]

clip_image009[6]

clip_image010[6]

clip_image011[6]

 

Creating DAG

 

Since this is a LAB and I only have 2 nodes (DAG must have an odd number for Failover), so I am going to use the DC server as my FSW (Which is highly not recommended for Production Environment).

In order for the FSW on DC to work, you will have to add your DC to the Exchange Trusted Subsystem group

clip_image001[9]

Here I added the DC as a member of the group

clip_image002[8]

Normally file server feature is already added to the server by default, but to make sure I’ll run the following command

clip_image003[8]

It’s already there

Now I’ll go back to Exchange servers and add a second NIC for Replication..

I usually rename each NIC so I know which is which, the default NIC belongs to the MAPI traffic and the other one is the replication NIC.

clip_image004[8]

I will configure the Replication NICs on both exchange servers to disable the “Register this connection’s addresses in DNS”

clip_image005[8]

clip_image006[4]

Checking ping between Exchange servers on the Replication NIC

clip_image007[8]

Now I will create the NGO Object (Computer Object) in the Active directory for the DAG

clip_image008[8]

clip_image009[8]

I will disable the object

clip_image010[8]

Double click on the DAG object and go to Security tab and add Exchange servers

clip_image011[8]

Now configure the security for the Exchange members to full

clip_image012

Apply and close…

Now on the DC I will create the FSW’s folder and give it full permission to the Trusted Subsystem group and exchange servers

clip_image013

clip_image014

Click apply and go back to EAC and I’ll start configuring the DAG

clip_image015

Microsoft says that one of the enhancements that have been added to Exchange 2016 is that DatabaseAvailabilityGroupIpAddresses is no longer required when creating a DAG. By default, the failover cluster will be created without an administrative access point, as this is the recommended best practice.

From <http://blogs.technet.com/b/exchange/archive/2015/05/05/exchange-server-2016-architecture.aspx>

So in this case we won’t need to assign any IP address to the DAG…

clip_image016

I’ll click on save and see what happens

clip_image017

Navigating to the administrators group on AD, The Exchange subsystem group is not added so I’ll add it.

clip_image018

clip_image019

Now I will add Exchange servers as members to the DAG

clip_image020

clip_image021

clip_image022

error

A server-side database availability group administrative operation failed. Error The operation failed. CreateCluster errors may result from incorrectly configured static addresses. Error: Windows Failover Clustering isn’t installed on ‘EXCH2K16.test.com’.. [Server: EXCH2K16.test.com]

error

A server-side database availability group administrative operation failed. Error The operation failed. CreateCluster errors may result from incorrectly configured static addresses. Error: Windows Failover Clustering isn’t installed on ‘EXCH2k1602.test.com’.. [Server: EXCH2k1602.test.com]

clip_image023

Error occurs due to firewall being enabled on the DC (Where the FSW is )

clip_image024

I disabled the firewall and gave full permission to the Exchange trusted system to the DAG object

clip_image025

After that I signed out of Exchange servers, signed back in.. Deleted DAG and recreated it… that didn’t work either

Tried using Exchange management shell but it didn’t work too

clip_image026

clip_image027

Checking the log coming in the description, I find out the log is complaining about not finding DAG while trying to resolve it.

clip_image028

Also the log says that it has installed Failover cluste rbut still the cluster can’t find FQDN called DAG.

So I will have to configure DAG in the dns and give it an IP of my first Exchange server

clip_image029

clip_image030

Checking DAG resolving from Exchange server

clip_image031

As the log says, restart is required after installing failover cluster so I’ll restart Exchange servers and then retry to add Exchange servers to the dag.

After restarting the server, It seems that things are working

clip_image032

clip_image033

The second server gave the following error

The Microsoft Exchange Replication service does not appear to be running on “EXCH2k1602”. Make sure that the server is operating, and that the services can be queried remotely.

Apparently the error is correct, After restarting the server it turned out that most of the second Exchange server’s services were not working.. To be honest I didn’t ask myself why did not the services started since I am using a preview version of Exchange 2016.

clip_image034

Interestingly while checking services, I noticed new services e.g. (DAG Management, Compliance Audit, Notifications broker)

After starting the services, now I tried to add the second server again to the DAG.

clip_image035

clip_image036

So eventually, DAG doesn’t need an IP address but still a DNS value needs to be created for the NCO object and needs to have an IP assigned to it which will be the Exchange server IP address..

clip_image037

Next: I will add a database copy and see how it’s improved and do I need to restart the IS service as in Exchange 2013.

clip_image038

clip_image039

I will leave all the default values and add the second server for the database to be copied on. Unlike Exchange 2013 in most of the times the database would fail first and gives an error .. In 2016 it starts directly seeding the database to the second Exchange server that’s member of the DAG.

clip_image040

clip_image041

clip_image042

On the second Server where the database has been copied to, I checked the Logs and Fastsearch was throwing errors as usual since database logs are not copied … as soon as the database logs finished copying the fastsearch will return ok and the database will appear as Healthy in EAC.

clip_image043

Fastsearch finally reported that indexing started on the newly copied DB.

clip_image044

The database copy should now report healthy in the EAC.

clip_image045

I will add the second database to the DAG and then create a new test mailbox and publish the Exchange server online to check the rest of the functionalities.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.