❗❗❗ HELP THE UKRAINIAN ARMY ❗❗❗ Make a contribution to charity fund "COME BACK ALIVE" - savelife.in.ua/en/donate-en/ 👉 Hetman RAID Recovery - hetmanrecovery.com/raid-data-recovery-software 👉 How to Recover a Windows Exchange Server Database - hetmanrecovery.com/recovery_news/how-to-restore-a-windows-exchange-server-database.htm
Thank you for taking the time to create this video, it's extremely well done and presented. I did have one question, at the 13:15 mark in the video, shouldn't the IP for DNS end in .160? That was the IP used at the beginning of the video. If not, where is it pointing towards? - Thanks
Hello dear Hetman Software, So by now, I have installed and configured Exchange Server 2019 on my second machine (Server 2019 which is not a domain controller in my domain.) Originally I had installed Exchange Server 2019 on my Domain Controller (by accident) because I didn't know it's best practice is to install the Exchange Server on a second server until I discovered this awesome video channel. A few things I share and would like to ask you about, please. For this practice I am doing, I didn't somehow end up needing to Uninstall my Exchange Server 2019 from the original Domain Controller. I simply ignored all the setup I had done on that DC server and moved on to my second server (which is part of my domain) and installed a new copy of Exchange Server 2019 following your first two video lessons. I am now able to successfully send emails from the Outlook Application on that second server 2019, to my original Domain Controller Server 2019. So the emails are making it across. My question is... how is it that even though I did not have to setup any autodiscover Type A records, that these two different machines are able to communicate between each other? I ask because I had been under the impression that if an autodiscover record is not setup, then the different email user accounts on my Exchange 2019 server (which are obviously configured into Outlook Application on the different machines) .... that they would not be able to "Talk" (Send/Receive) emails? So how is it that only by simply completing the steps in your second video (where you show all that MX record and Send Connector stuff)... that these two machines can communicate emails between one another? Thank you!
Hello, Thank you for reaching out to us with your question. I’m glad to hear that you found our video channel helpful in setting up your Exchange Server 2019. Regarding your question about communication between the two machines without setting up autodiscover records, it’s important to understand how Exchange Server works. Autodiscover is a feature in Exchange Server that helps clients automatically configure their email accounts. It allows clients to discover the correct server settings without manual configuration. In your case, since you have manually configured the email accounts in the Outlook application on both machines, the autodiscover feature is not necessary for communication between the two machines. The Outlook application is already aware of the server settings and can directly communicate with the Exchange Server. The MX record and Send Connector settings you mentioned in our second video are related to email delivery between different email servers, not specifically for communication between client machines. These settings ensure that emails sent from one server (in this case, your second server) are properly delivered to the recipient’s server (in this case, your original Domain Controller server). So, in summary, the communication between your two machines is possible because you have manually configured the email accounts in the Outlook application, and the Exchange Server is properly set up to handle email delivery between servers. I hope this clarifies your question. If you have any further inquiries, please feel free to ask.
@@HetmanRecovery Thank you so much I think you're most kind and correct in your guidance to me. In setting up outlook program on the two machines, I simply provided the username and password for the particular user that I was configuring. However I don't recall any other additional manual steps required to identify / designate any servers. So I was quite amazed that the outlook programs were able to send email to the Exchange Server and ultimately have the recipient outlook client on the target machine (email account) easily receive (download) the email from the exchange server.
Great video I have created a Lab using Oracle Virtual Box. I have one Domain Controller (Server 2019) with several nodes that can connect. In a virtual environment, downloads can take a long time / be slow. So I have only installed my Exchange Server on the Domain Controller Server itself. My Exchange server has been installed successfully on the Domain Controller. My question for now is: Do we have to install the Exchange Server on a different (separate) Windows Server machine in order for Outlook and emails to work from all nodes on my domain? Or can I do (as I have done) and have both the Active Directory Domain Services and Exchange Server running on the same Server, and it would still be able to work (as long as I go through all those other setups that you show on the exchange control panel)? Thank you for anyone who can answer this simple question for now.
Yes, it is recommended to install Exchange Server on a separate Windows Server machine rather than running it on the same server as Active Directory Domain Services. This is because Exchange Server is a resource-intensive application that requires significant system resources to function properly. Running it on a dedicated server ensures optimal performance and stability. By separating Exchange Server from the domain controller, you can also distribute the workload and minimize the impact of any potential issues or failures. Additionally, it allows for better scalability and flexibility in managing your email infrastructure. While it is technically possible to run Exchange Server on the same server as Active Directory Domain Services, it is not recommended for production environments. It may work for small or test environments, but it can lead to performance issues and potential conflicts between the two services. Therefore, it is best practice to have a separate server for Exchange Server to ensure reliable and efficient email functionality for all nodes on your domain.
Thank you! Good video. I missed a couple steps on my set-up... good to see a thorough install. How do I add a non-AD domain to my Exchange server (SPN) with autodiscover. I have multiple domains that I would like to host on exchange but not within my AD. Thanks!
while installing i have getting this error "You need to accept the license terms to install Microsoft Exchange Server 2019. To read the license agreement"
after mounting the exchange server iso, then in power shell after entering my drive in my case letter E:\ when I executed the first command line to accept the license terms, I get an observation that it is not recognized " "and I can't move forward because of it, what will be the problem?"
If you're encountering an issue where PowerShell is not recognizing a command when attempting to accept the license terms after mounting the Exchange Server ISO, there could be a few potential reasons for this problem: Typo or Syntax Error: Double-check the command you're entering to ensure there are no typos or syntax errors. Even a small mistake can cause PowerShell to not recognize the command. Incorrect Path or Drive Letter: Ensure that you've correctly navigated to the directory where the Exchange Server setup files are located. If you've mounted the ISO to drive E:, make sure you're in the correct directory within that drive. Missing or Corrupted Files: If the Exchange Server ISO is incomplete or corrupted, it might lead to issues with executing commands from within it. Try re-downloading the ISO file and mounting it again to see if the issue persists. Execution Policy: PowerShell might be configured with a restricted execution policy that prevents running scripts or commands. You can check the current execution policy by running the command Get-ExecutionPolicy. If it's set to "Restricted", you can temporarily change it to allow script execution by running Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass. However, exercise caution with this option, especially if you're not sure about the source of the script or command. Permissions: Ensure that you have the necessary permissions to execute commands and access files in the directory where the Exchange Server setup files are located. Path Environment Variable: Check if the path to PowerShell is correctly set in the environment variables. If not, you may need to specify the full path to PowerShell or navigate to the correct directory manually. If you've checked all of the above and are still encountering issues, providing the specific command you're trying to execute along with any error messages you're receiving would help in diagnosing the problem further.
Hello, It seems like you're asking about adding MX (Mail Exchanger) and AAAA (IPv6 Address) records to your Active Directory (AD) controller and Exchange (presumably Microsoft Exchange) DNS. These records are typically associated with email and network configurations. Here's some guidance on these records: MX Records (Mail Exchanger): MX records are DNS records used to specify the mail servers responsible for receiving email on behalf of your domain. MX records are not typically added directly to an Active Directory controller; instead, you'd configure them in your DNS server settings, which could be a separate DNS server or integrated with Active Directory, depending on your setup. If you're using Microsoft Exchange, you'd configure MX records in your DNS to direct email traffic to your Exchange server. AAAA Records (IPv6 Address): AAAA records are used to map a domain name to an IPv6 address. Like MX records, AAAA records are generally configured in your DNS server. If you have IPv6 enabled on your network, you can create AAAA records to associate domain names with IPv6 addresses. For both MX and AAAA records, you typically need to access your DNS server's management interface (which could be on the Active Directory controller or a separate DNS server) to create or modify these records. The exact process may vary depending on your DNS server software, so it's a good idea to consult the documentation for your specific DNS server or service provider for detailed instructions. If you have a more specific question or need further assistance, please provide additional details about your setup or requirements, and I'd be happy to offer more targeted guidance.
Great Video... Though I have some questions: You don't need to setup DNS Server on DC? If you do, how to setup / what configuration to use, do Exchange also need DNS Server installed on it's own? Also I can see in your "Diagram" you show IIS on it's own Server... How to setup, so it work / link perfect with Exchance 2019? Last Certificates... How to do this correct using 3 Servers DC / Exchange / IIS, and is it possible to automatic update Certificates using Win-ACME / Certbot - How?
@@HetmanRecovery Okey, can I ask you to try it out, just like you have shown on the Diagram in this Video? Think I'm not the only one who would like to know how.
Hi I've configured the server same as you guided I've started receiving emails but my mails are not being received by others and emails are not bouncing back they are in my sent section
Hello! It's great to hear that you've successfully configured your email server and are able to send emails. However, if others are not receiving your emails and you're not receiving bounce-back messages, there could be several potential reasons for this issue. Here are some steps you can take to troubleshoot the problem: Check Spam/Junk Folders: Ask the recipients to check their spam or junk folders. Sometimes, legitimate emails might be marked as spam by email filters. DNS Configuration: Ensure that your domain's DNS records are properly configured, including MX (Mail Exchanger) records. Improper DNS configuration can lead to email delivery issues. SPF/DKIM/DMARC: Make sure you have set up SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) records correctly. These authentication mechanisms help prevent email spoofing and improve deliverability. IP Reputation: Check if your email server's IP address is not listed on any email blacklists. Blacklisted IPs can cause delivery issues. You can use online tools to check your IP reputation. Sender's Reputation: If you're sending a large number of emails, your sender's reputation might impact deliverability. Gradually ramp up your email sending volume to avoid being flagged as spam. Recipient Server Issues: The problem might not be on your end. The recipient's email server could be experiencing issues. They should check their server logs for any error messages. Message Content: Avoid using trigger words or content that might be flagged as spam by email filters. Ensure your emails have relevant content and avoid excessive use of links or attachments. Server Configuration: Double-check your server's configuration, including email ports (SMTP and IMAP/POP3) and SSL/TLS settings. Contact Email Provider: If the issue persists, you might want to contact your email service provider or server administrator for assistance. Test with Different Recipients: Send test emails to multiple email addresses on different email providers to see if the issue is specific to certain recipients. Remember, email delivery issues can be complex and may require some investigation and adjustment. If you've followed these steps and are still experiencing problems, it's a good idea to seek assistance from an expert who can analyze your server's configuration and troubleshoot the issue more thoroughly.
It seems like you are encountering an issue with PowerShell displaying “NoChangeNeed” when entering the first command line. This message typically indicates that the system does not require any changes based on the command you entered. To troubleshoot this issue, you can try the following steps: Check the syntax of the command you entered to ensure it is correct. Verify that you have the necessary permissions to execute the command. Restart the PowerShell session and try entering the command again. Check for any system updates or changes that may have affected the command’s functionality. If the issue persists, please provide more details about the specific command you are trying to run in PowerShell so that I can assist you further.
If you can send mail locally but not externally, it suggests that the issue might be related to your network configuration or your email server's settings. Here are some steps you can take to troubleshoot the problem: Check your email server's configuration: Ensure that your email server is properly configured to allow outgoing mail. Double-check settings such as SMTP authentication, outbound port configurations, and any restrictions that might be in place. Verify port forwarding: Double-check your port forwarding settings to ensure that they are correctly configured to forward outgoing email traffic (typically SMTP traffic, port 25) to your email server. Confirm external network access: Make sure that your network allows outgoing connections on the SMTP port (usually port 25). You can use online tools or commands like Telnet to test whether you can establish a connection to external mail servers on port 25. Check for IP blacklisting: Sometimes, your IP address might be blacklisted by spam filters or other security measures, which can prevent your outgoing emails from being delivered. You can use online services to check if your IP address is blacklisted and take steps to remove it from any blacklists. Review logs: Check the logs on your email server to see if there are any error messages or indications of why outgoing emails are not being sent successfully. This can provide valuable insights into what might be going wrong. Test with a different email client or service: Try sending emails using a different email client or service to see if the issue is specific to your current setup. This can help determine whether the problem lies with your email server or with your network configuration. Consult with your ISP: If you're still unable to send outgoing mail after checking all the above steps, consider contacting your Internet Service Provider (ISP) to see if they have any restrictions or recommendations for configuring outgoing email traffic. By systematically checking these steps, you should be able to identify and resolve the issue preventing you from sending mail externally.
In Exchange Server 2019, enterprise key management plays a critical role in securing and managing cryptographic keys used for encrypting sensitive data such as emails, attachments, and other communication within the organization. Here's a breakdown of the roles you mentioned: Enterprise Key Admin (EKA): The Enterprise Key Admin is responsible for managing the overall key infrastructure within the organization. Their primary responsibilities include creating, revoking, and managing encryption keys used by various services and applications, including Exchange Server. They ensure the security and integrity of cryptographic keys, implementing policies and procedures for key management. EKAs typically have elevated privileges within the key management system to perform key-related tasks efficiently and securely. Enterprise Key (EK): The Enterprise Key, also known as the root key or master key, is a critical cryptographic key used to encrypt other keys within the organization's key management hierarchy. It's typically generated and managed by the Enterprise Key Admin. The EK is used to protect other keys, such as Data Encryption Keys (DEKs) used for encrypting data at rest or in transit. Protecting the integrity and confidentiality of the Enterprise Key is paramount for ensuring the security of the entire key management infrastructure. Schema Admins: Schema Admins are a role within Active Directory (AD) that have permissions to modify the schema of the directory. In the context of Exchange Server, Schema Admins are responsible for making schema changes required for deploying and managing Exchange Server. They have the authority to extend the AD schema to incorporate Exchange-specific attributes and classes necessary for Exchange Server functionality. Schema changes are critical and require careful planning and coordination to ensure compatibility and stability across the AD environment. In summary, the Enterprise Key Admin and Enterprise Key are pivotal components of an organization's key management infrastructure, responsible for managing cryptographic keys used to secure sensitive data. Schema Admins, on the other hand, play a crucial role in modifying the Active Directory schema to support Exchange Server deployment and functionality.
Sir i have installed and configured exchange server as you have shown, my internal emails are working fine, inbound emails from external domains are also being received but outbound emails to external domains are not being sent. i checked queues they are stuck in queue with error code 10060. please help how to solve this issue thanks
It looks like you're encountering a connectivity issue with outbound emails from your Exchange Server. The error code 10060 typically indicates a timeout when trying to establish a connection. Here are some steps you can take to troubleshoot and resolve this issue: Check Internet Connectivity: Ensure that your Exchange Server has a proper internet connection. Check if the server can access external domains and that there are no firewall rules or network issues blocking outbound traffic. Check DNS Settings: Verify that your DNS settings are configured correctly on the Exchange Server. The server should be able to resolve external domain names. You can use the nslookup command to test DNS resolution. bash Copy code nslookup external-domain.com Ensure that the DNS server configured on your Exchange Server is functional and can resolve external domain names. Check Firewall Settings: Ensure that your firewall allows outbound traffic on the necessary ports. Exchange Server typically uses SMTP (TCP port 25) for sending emails. Check if the firewall is blocking outbound traffic on port 25. Check Send Connector Configuration: Verify the configuration of your Send Connector in Exchange. Ensure that it is set up correctly to send emails to external domains. You can check this in the Exchange Management Console (EMC) or Exchange Admin Center (EAC), depending on your Exchange Server version. Check Smart Host Configuration: If you are using a smart host for outbound emails, ensure that the smart host is configured correctly in your Send Connector settings. Double-check the smart host's configuration for any issues. Check Anti-virus or Security Software: Some anti-virus or security software on the Exchange Server might interfere with outbound email traffic. Temporarily disable or configure the software to allow SMTP traffic. Check Exchange Server Logs: Examine the Exchange Server logs for any error messages or warnings related to outbound email delivery. This can provide more specific information about the nature of the problem. Telnet Test: Use the Telnet command to test connectivity to an external mail server on port 25. This can help diagnose whether there's a network connectivity issue. bash Copy code telnet external-mail-server.com 25 If the connection fails, it can help identify network or firewall issues. SMTP Diagnostics: Use SMTP diagnostics tools to troubleshoot the SMTP communication between your Exchange Server and external mail servers. These tools can provide more detailed information about the communication process. Consult Microsoft Support: If the issue persists and you are unable to identify the root cause, consider reaching out to Microsoft Support for assistance. They can provide more in-depth support tailored to your specific Exchange Server environment. Remember to make changes cautiously and back up configurations before making significant adjustments to your Exchange Server settings.
Yes, you can get a list of all commands used to install and configure Exchange Server 2019, including the commands used in the Exchange Management Shell. To get a list of all commands, use the Get-Command command in the Exchange Management Shell. This command returns a list of all commands available in the current management shell. To get more detailed information about a particular command, use the Get-Help command, for example: Get-Help New-Mailbox This command will return detailed information on the New-Mailbox cmdlet including syntax, description and parameters. You can also find a complete guide on how to install and configure Exchange Server 2019 on Microsoft Docs website. It provides detailed instructions and command descriptions for installing and configuring Exchange Server 2019.
sir.. we need to learn how to config. attachment size limit for users + more limit for VIP users. how to do that?? as we have many places to set message size. from connectors, org.tranpr + rules + user's properties. so which one is correct???
Configuring attachment size limits for different user groups, such as regular users and VIP users, can be achieved through various settings in different systems. The correct approach depends on the specific email system or messaging platform you are using. Since you mentioned connectors, org.transpr, rules, and user properties, I'll provide a general guideline on how to handle this in a common email system like Microsoft Exchange. Please note that the exact steps may vary based on the version of your email system or other messaging platforms. Transport Rules (org.transpr): Transport rules allow you to apply conditions and actions to email messages as they pass through your email system. You can set attachment size limits based on sender, recipient, or any other criteria. a. Log in to your email system as an administrator or someone with appropriate permissions. b. Access the Transport Rules section. In Microsoft Exchange, this can typically be found in the Exchange Management Console (EMC) or Exchange Admin Center (EAC). c. Create a new transport rule or modify an existing one that is applicable to all users (regular users). d. Set the condition to match all regular users or set any other criteria that define regular users. e. Define the action to limit attachment size for regular users. You can choose to reject messages with large attachments, drop attachments above a certain size, or generate a delivery report for large attachments. f. Similarly, create another transport rule for VIP users with a different attachment size limit. User Properties: Some email systems allow you to set individual user properties that can override the default settings for specific users, giving them a different attachment size limit. a. Locate the user properties section in your email system. In Microsoft Exchange, this can often be done through Active Directory Users and Computers. b. Find the user account for a VIP user, and modify their properties to set a different attachment size limit specifically for that user. Connectors: Connectors in email systems enable communication with external entities like partners or cloud-based services. Depending on your setup, you may be able to define attachment size limits for messages passing through specific connectors. a. Access the connectors settings in your email system and identify the relevant connector(s). b. Adjust the settings to apply attachment size limits as needed. Please keep in mind that the specific terminology and location of these settings may vary depending on your email system or messaging platform. If you're using a different platform, consult its documentation or seek support from your IT team or email system provider. Before implementing any changes, it's essential to communicate with your users, especially VIP users, about the new attachment size limits and ensure they understand the reasons for any changes to avoid any confusion or frustration
Yes, you can configure Microsoft Exchange Server to connect to a public domain hosted by GoDaddy. Here are the general steps to achieve this: Purchase a Domain: If you haven't already, purchase a domain through GoDaddy or any other domain registrar. Configure DNS Settings: Log in to your GoDaddy account and navigate to the DNS management section. Update the DNS records to point to your Exchange Server's public IP address. At a minimum, you'll need to configure the following DNS records: MX Record: This record should point to the public IP address or hostname of your Exchange Server. It specifies the mail server responsible for receiving emails. A Record (or CNAME Record): Create an A record (or CNAME record) to map the hostname of your mail server to its public IP address. Autodiscover Record (Optional): If you want to enable Autodiscover for easy configuration of email clients, create an Autodiscover DNS record pointing to your server. SSL Certificate: Obtain and install an SSL certificate for your Exchange Server to ensure secure communication. You can either purchase an SSL certificate from a Certificate Authority or use a free certificate from Let's Encrypt. Exchange Server Configuration: Configure your Exchange Server with the appropriate settings. This includes setting up accepted domains, configuring email addresses, and specifying the connection settings. Open the Exchange Management Console or Exchange Admin Center. Configure the email address policies for your domain. Set up Send and Receive Connectors. Configure the Outlook Anywhere settings if you want to enable external access for Outlook clients. Firewall Configuration: Ensure that your firewall allows traffic on the necessary ports for Exchange Server. For example, SMTP traffic usually occurs over port 25, and secure connections may use ports 465 (SMTPS) or 587 (Submission). Testing: Test your configuration by sending and receiving emails both internally and externally. Use tools like the Microsoft Remote Connectivity Analyzer to check the health of your Exchange deployment. Keep in mind that the exact steps may vary based on the version of Exchange Server you are using (e.g., Exchange Server 2010, 2013, 2016, 2019). Always refer to the documentation specific to your Exchange Server version for detailed and accurate instructions.
If port 25 is blocked on the Cloud VM, this may result in sending mail not working. To fix this problem you need to do the following: Make sure that your Cloud provider allows sending mail using port 25. Some cloud providers block port 25 by default to prevent sending spam. If your ISP allows mail on port 25, check the firewall settings on your Cloud VM to ensure that port 25 is allowed for outbound traffic. If port 25 is blocked by the firewall, try configuring to send mail on a different port. Some providers, such as Google Cloud Platform and Amazon Web Services, recommend using port 587 instead of port 25. If sending mail on a different port doesn't work, ask your cloud provider for more help in setting up and allowing mail to be sent on port 25 or another port. I hope this helps you solve the problem with sending email on Cloud VM.
Error: The following error was generated when "$error.Clear(); $dllFile = join-path $RoleInstallPath "bin\ExSMIME.dll"; $regsvr = join-path (join-path $env:SystemRoot system32) regsvr32.exe; start-SetupProcess -Name:"$regsvr" -Args:"/s `"$dllFile`"" -Timeout:120000; " was executed: "Microsoft.Exchange.Configuration.Tasks.TaskException: Process execution failed with exit code 5. at Microsoft.Exchange.Management.Tasks.RunProcessBase.InternalProcessRecord() at Microsoft.Exchange.Configuration.Tasks.Task.b__91_1() at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)". i received this error on step 7, can you help me?
The error you encountered, specifically the "exit code 5," indicates that there was an access denied error when trying to register the ExSMIME.dll file using regsvr32.exe. This can occur due to insufficient permissions or the process not being able to access the required files or directories.
❗❗❗ HELP THE UKRAINIAN ARMY ❗❗❗ Make a contribution to charity fund "COME BACK ALIVE" - savelife.in.ua/en/donate-en/
👉 Hetman RAID Recovery - hetmanrecovery.com/raid-data-recovery-software
👉 How to Recover a Windows Exchange Server Database - hetmanrecovery.com/recovery_news/how-to-restore-a-windows-exchange-server-database.htm
I saw so many videos but the way you teach is excellent.
Glad our video was useful to you)
無法用英文描述,你的video是最強的,最棒的,最完整的!
我們很高興我們的影片對您有用)
Thank you for taking the time to create this video, it's extremely well done and presented. I did have one question, at the 13:15 mark in the video, shouldn't the IP for DNS end in .160? That was the IP used at the beginning of the video. If not, where is it pointing towards? - Thanks
Thank you, great video easy to follow and installed with no issuse what so ever...PERFECT
Glad our video was useful to you)
@@HetmanRecovery
You're an awesome person 👉👌
Great videos and helpful replies
Much appreciate you teaching us your skills
Excellent instructions...really enjoyed...👏👏👏👏👏
We are glad that our video was useful for you)
9:56 what does that mean? i am following your guide, what is it that you said? my english is bad sorry.
use subtitles and then you can use chatgpt or google translate to trenaslate into your language
Hello dear Hetman Software,
So by now, I have installed and configured Exchange Server 2019 on my second machine (Server 2019 which is not a domain controller in my domain.) Originally I had installed Exchange Server 2019 on my Domain Controller (by accident) because I didn't know it's best practice is to install the Exchange Server on a second server until I discovered this awesome video channel.
A few things I share and would like to ask you about, please.
For this practice I am doing, I didn't somehow end up needing to Uninstall my Exchange Server 2019 from the original Domain Controller. I simply ignored all the setup I had done on that DC server and moved on to my second server (which is part of my domain) and installed a new copy of Exchange Server 2019 following your first two video lessons.
I am now able to successfully send emails from the Outlook Application on that second server 2019, to my original Domain Controller Server 2019. So the emails are making it across.
My question is... how is it that even though I did not have to setup any autodiscover Type A records, that these two different machines are able to communicate between each other? I ask because I had been under the impression that if an autodiscover record is not setup, then the different email user accounts on my Exchange 2019 server (which are obviously configured into Outlook Application on the different machines) .... that they would not be able to "Talk" (Send/Receive) emails?
So how is it that only by simply completing the steps in your second video (where you show all that MX record and Send Connector stuff)... that these two machines can communicate emails between one another?
Thank you!
Hello,
Thank you for reaching out to us with your question. I’m glad to hear that you found our video channel helpful in setting up your Exchange Server 2019.
Regarding your question about communication between the two machines without setting up autodiscover records, it’s important to understand how Exchange Server works. Autodiscover is a feature in Exchange Server that helps clients automatically configure their email accounts. It allows clients to discover the correct server settings without manual configuration.
In your case, since you have manually configured the email accounts in the Outlook application on both machines, the autodiscover feature is not necessary for communication between the two machines. The Outlook application is already aware of the server settings and can directly communicate with the Exchange Server.
The MX record and Send Connector settings you mentioned in our second video are related to email delivery between different email servers, not specifically for communication between client machines. These settings ensure that emails sent from one server (in this case, your second server) are properly delivered to the recipient’s server (in this case, your original Domain Controller server).
So, in summary, the communication between your two machines is possible because you have manually configured the email accounts in the Outlook application, and the Exchange Server is properly set up to handle email delivery between servers.
I hope this clarifies your question. If you have any further inquiries, please feel free to ask.
@@HetmanRecovery
Thank you so much
I think you're most kind and correct in your guidance to me.
In setting up outlook program on the two machines, I simply provided the username and password for the particular user that I was configuring. However I don't recall any other additional manual steps required to identify / designate any servers. So I was quite amazed that the outlook programs were able to send email to the Exchange Server and ultimately have the recipient outlook client on the target machine (email account) easily receive (download) the email from the exchange server.
thx for supporting Ukraine🤝
GLORY TO UKRAINE!!!
Great video
I have created a Lab using Oracle Virtual Box. I have one Domain Controller (Server 2019) with several nodes that can connect.
In a virtual environment, downloads can take a long time / be slow.
So I have only installed my Exchange Server on the Domain Controller Server itself.
My Exchange server has been installed successfully on the Domain Controller.
My question for now is: Do we have to install the Exchange Server on a different (separate) Windows Server machine in order for Outlook and emails to work from all nodes on my domain? Or can I do (as I have done) and have both the Active Directory Domain Services and Exchange Server running on the same Server, and it would still be able to work (as long as I go through all those other setups that you show on the exchange control panel)?
Thank you for anyone who can answer this simple question for now.
Yes, it is recommended to install Exchange Server on a separate Windows Server machine rather than running it on the same server as Active Directory Domain Services. This is because Exchange Server is a resource-intensive application that requires significant system resources to function properly. Running it on a dedicated server ensures optimal performance and stability.
By separating Exchange Server from the domain controller, you can also distribute the workload and minimize the impact of any potential issues or failures. Additionally, it allows for better scalability and flexibility in managing your email infrastructure.
While it is technically possible to run Exchange Server on the same server as Active Directory Domain Services, it is not recommended for production environments. It may work for small or test environments, but it can lead to performance issues and potential conflicts between the two services.
Therefore, it is best practice to have a separate server for Exchange Server to ensure reliable and efficient email functionality for all nodes on your domain.
@@HetmanRecovery Thank you!
Thank you! Good video. I missed a couple steps on my set-up... good to see a thorough install. How do I add a non-AD domain to my Exchange server (SPN) with autodiscover. I have multiple domains that I would like to host on exchange but not within my AD. Thanks!
Glad you found our video useful)
There were many options, when we can select o365 options, please explain, Thank you❤
I don't quite understand you, please clarify the question.
while installing i have getting this error "You need to accept the license terms to install Microsoft Exchange Server 2019. To read the license agreement"
this is not a mistake. It is enough to accept the license agreement
after mounting the exchange server iso, then in power shell after entering my drive in my case letter E:\ when I executed the first command line to accept the license terms, I get an observation that it is not recognized " "and I can't move forward because of it, what will be the problem?"
If you're encountering an issue where PowerShell is not recognizing a command when attempting to accept the license terms after mounting the Exchange Server ISO, there could be a few potential reasons for this problem:
Typo or Syntax Error: Double-check the command you're entering to ensure there are no typos or syntax errors. Even a small mistake can cause PowerShell to not recognize the command.
Incorrect Path or Drive Letter: Ensure that you've correctly navigated to the directory where the Exchange Server setup files are located. If you've mounted the ISO to drive E:, make sure you're in the correct directory within that drive.
Missing or Corrupted Files: If the Exchange Server ISO is incomplete or corrupted, it might lead to issues with executing commands from within it. Try re-downloading the ISO file and mounting it again to see if the issue persists.
Execution Policy: PowerShell might be configured with a restricted execution policy that prevents running scripts or commands. You can check the current execution policy by running the command Get-ExecutionPolicy. If it's set to "Restricted", you can temporarily change it to allow script execution by running Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass. However, exercise caution with this option, especially if you're not sure about the source of the script or command.
Permissions: Ensure that you have the necessary permissions to execute commands and access files in the directory where the Exchange Server setup files are located.
Path Environment Variable: Check if the path to PowerShell is correctly set in the environment variables. If not, you may need to specify the full path to PowerShell or navigate to the correct directory manually.
If you've checked all of the above and are still encountering issues, providing the specific command you're trying to execute along with any error messages you're receiving would help in diagnosing the problem further.
Hello Sir,
don't need to input some mx(and AAA) record in to AD controler and exch. DNS??
Tnx!
Hello,
It seems like you're asking about adding MX (Mail Exchanger) and AAAA (IPv6 Address) records to your Active Directory (AD) controller and Exchange (presumably Microsoft Exchange) DNS. These records are typically associated with email and network configurations. Here's some guidance on these records:
MX Records (Mail Exchanger): MX records are DNS records used to specify the mail servers responsible for receiving email on behalf of your domain. MX records are not typically added directly to an Active Directory controller; instead, you'd configure them in your DNS server settings, which could be a separate DNS server or integrated with Active Directory, depending on your setup. If you're using Microsoft Exchange, you'd configure MX records in your DNS to direct email traffic to your Exchange server.
AAAA Records (IPv6 Address): AAAA records are used to map a domain name to an IPv6 address. Like MX records, AAAA records are generally configured in your DNS server. If you have IPv6 enabled on your network, you can create AAAA records to associate domain names with IPv6 addresses.
For both MX and AAAA records, you typically need to access your DNS server's management interface (which could be on the Active Directory controller or a separate DNS server) to create or modify these records. The exact process may vary depending on your DNS server software, so it's a good idea to consult the documentation for your specific DNS server or service provider for detailed instructions.
If you have a more specific question or need further assistance, please provide additional details about your setup or requirements, and I'd be happy to offer more targeted guidance.
@@HetmanRecovery yes, thank you
Great Video... Though I have some questions:
You don't need to setup DNS Server on DC? If you do, how to setup / what configuration to use, do Exchange also need DNS Server installed on it's own?
Also I can see in your "Diagram" you show IIS on it's own Server... How to setup, so it work / link perfect with Exchance 2019?
Last Certificates... How to do this correct using 3 Servers DC / Exchange / IIS, and is it possible to automatic update Certificates using Win-ACME / Certbot - How?
not ready to answer you right away. It is necessary to try
@@HetmanRecovery Okey, can I ask you to try it out, just like you have shown on the Diagram in this Video? Think I'm not the only one who would like to know how.
Hi
I've configured the server same as you guided
I've started receiving emails
but my mails are not being received by others
and emails are not bouncing back
they are in my sent section
Hello! It's great to hear that you've successfully configured your email server and are able to send emails. However, if others are not receiving your emails and you're not receiving bounce-back messages, there could be several potential reasons for this issue. Here are some steps you can take to troubleshoot the problem:
Check Spam/Junk Folders: Ask the recipients to check their spam or junk folders. Sometimes, legitimate emails might be marked as spam by email filters.
DNS Configuration: Ensure that your domain's DNS records are properly configured, including MX (Mail Exchanger) records. Improper DNS configuration can lead to email delivery issues.
SPF/DKIM/DMARC: Make sure you have set up SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) records correctly. These authentication mechanisms help prevent email spoofing and improve deliverability.
IP Reputation: Check if your email server's IP address is not listed on any email blacklists. Blacklisted IPs can cause delivery issues. You can use online tools to check your IP reputation.
Sender's Reputation: If you're sending a large number of emails, your sender's reputation might impact deliverability. Gradually ramp up your email sending volume to avoid being flagged as spam.
Recipient Server Issues: The problem might not be on your end. The recipient's email server could be experiencing issues. They should check their server logs for any error messages.
Message Content: Avoid using trigger words or content that might be flagged as spam by email filters. Ensure your emails have relevant content and avoid excessive use of links or attachments.
Server Configuration: Double-check your server's configuration, including email ports (SMTP and IMAP/POP3) and SSL/TLS settings.
Contact Email Provider: If the issue persists, you might want to contact your email service provider or server administrator for assistance.
Test with Different Recipients: Send test emails to multiple email addresses on different email providers to see if the issue is specific to certain recipients.
Remember, email delivery issues can be complex and may require some investigation and adjustment. If you've followed these steps and are still experiencing problems, it's a good idea to seek assistance from an expert who can analyze your server's configuration and troubleshoot the issue more thoroughly.
Nice vid💯
Thank you very much, we are glad that our video was useful for you)
Well explained Thank you very much. Would like to ask some questions How can I reach you?
Why does it say "NoChangeNeed" when entering the first command line of powershell???
Do you have any solution?
It seems like you are encountering an issue with PowerShell displaying “NoChangeNeed” when entering the first command line. This message typically indicates that the system does not require any changes based on the command you entered.
To troubleshoot this issue, you can try the following steps:
Check the syntax of the command you entered to ensure it is correct.
Verify that you have the necessary permissions to execute the command.
Restart the PowerShell session and try entering the command again.
Check for any system updates or changes that may have affected the command’s functionality.
If the issue persists, please provide more details about the specific command you are trying to run in PowerShell so that I can assist you further.
Hmm, I can send mail locally, but I cannot send mail out? I configured port forwarding, and disabled the windows firewall completely.
If you can send mail locally but not externally, it suggests that the issue might be related to your network configuration or your email server's settings. Here are some steps you can take to troubleshoot the problem:
Check your email server's configuration: Ensure that your email server is properly configured to allow outgoing mail. Double-check settings such as SMTP authentication, outbound port configurations, and any restrictions that might be in place.
Verify port forwarding: Double-check your port forwarding settings to ensure that they are correctly configured to forward outgoing email traffic (typically SMTP traffic, port 25) to your email server.
Confirm external network access: Make sure that your network allows outgoing connections on the SMTP port (usually port 25). You can use online tools or commands like Telnet to test whether you can establish a connection to external mail servers on port 25.
Check for IP blacklisting: Sometimes, your IP address might be blacklisted by spam filters or other security measures, which can prevent your outgoing emails from being delivered. You can use online services to check if your IP address is blacklisted and take steps to remove it from any blacklists.
Review logs: Check the logs on your email server to see if there are any error messages or indications of why outgoing emails are not being sent successfully. This can provide valuable insights into what might be going wrong.
Test with a different email client or service: Try sending emails using a different email client or service to see if the issue is specific to your current setup. This can help determine whether the problem lies with your email server or with your network configuration.
Consult with your ISP: If you're still unable to send outgoing mail after checking all the above steps, consider contacting your Internet Service Provider (ISP) to see if they have any restrictions or recommendations for configuring outgoing email traffic.
By systematically checking these steps, you should be able to identify and resolve the issue preventing you from sending mail externally.
what's the aim of enterprise key admin and enterprise key, and scheme admins?
In Exchange Server 2019, enterprise key management plays a critical role in securing and managing cryptographic keys used for encrypting sensitive data such as emails, attachments, and other communication within the organization. Here's a breakdown of the roles you mentioned:
Enterprise Key Admin (EKA):
The Enterprise Key Admin is responsible for managing the overall key infrastructure within the organization.
Their primary responsibilities include creating, revoking, and managing encryption keys used by various services and applications, including Exchange Server.
They ensure the security and integrity of cryptographic keys, implementing policies and procedures for key management.
EKAs typically have elevated privileges within the key management system to perform key-related tasks efficiently and securely.
Enterprise Key (EK):
The Enterprise Key, also known as the root key or master key, is a critical cryptographic key used to encrypt other keys within the organization's key management hierarchy.
It's typically generated and managed by the Enterprise Key Admin.
The EK is used to protect other keys, such as Data Encryption Keys (DEKs) used for encrypting data at rest or in transit.
Protecting the integrity and confidentiality of the Enterprise Key is paramount for ensuring the security of the entire key management infrastructure.
Schema Admins:
Schema Admins are a role within Active Directory (AD) that have permissions to modify the schema of the directory.
In the context of Exchange Server, Schema Admins are responsible for making schema changes required for deploying and managing Exchange Server.
They have the authority to extend the AD schema to incorporate Exchange-specific attributes and classes necessary for Exchange Server functionality.
Schema changes are critical and require careful planning and coordination to ensure compatibility and stability across the AD environment.
In summary, the Enterprise Key Admin and Enterprise Key are pivotal components of an organization's key management infrastructure, responsible for managing cryptographic keys used to secure sensitive data. Schema Admins, on the other hand, play a crucial role in modifying the Active Directory schema to support Exchange Server deployment and functionality.
@HetmanRecovery so every users in domain should be a member enterprise key and scheme admins
No just your Exchange admin account needs it.@@Toufique-00
Sir i have installed and configured exchange server as you have shown, my internal emails are working fine, inbound emails from external domains are also being received but outbound emails to external domains are not being sent. i checked queues they are stuck in queue with error code 10060. please help how to solve this issue thanks
It looks like you're encountering a connectivity issue with outbound emails from your Exchange Server. The error code 10060 typically indicates a timeout when trying to establish a connection. Here are some steps you can take to troubleshoot and resolve this issue:
Check Internet Connectivity:
Ensure that your Exchange Server has a proper internet connection. Check if the server can access external domains and that there are no firewall rules or network issues blocking outbound traffic.
Check DNS Settings:
Verify that your DNS settings are configured correctly on the Exchange Server. The server should be able to resolve external domain names. You can use the nslookup command to test DNS resolution.
bash
Copy code
nslookup external-domain.com
Ensure that the DNS server configured on your Exchange Server is functional and can resolve external domain names.
Check Firewall Settings:
Ensure that your firewall allows outbound traffic on the necessary ports. Exchange Server typically uses SMTP (TCP port 25) for sending emails. Check if the firewall is blocking outbound traffic on port 25.
Check Send Connector Configuration:
Verify the configuration of your Send Connector in Exchange. Ensure that it is set up correctly to send emails to external domains. You can check this in the Exchange Management Console (EMC) or Exchange Admin Center (EAC), depending on your Exchange Server version.
Check Smart Host Configuration:
If you are using a smart host for outbound emails, ensure that the smart host is configured correctly in your Send Connector settings. Double-check the smart host's configuration for any issues.
Check Anti-virus or Security Software:
Some anti-virus or security software on the Exchange Server might interfere with outbound email traffic. Temporarily disable or configure the software to allow SMTP traffic.
Check Exchange Server Logs:
Examine the Exchange Server logs for any error messages or warnings related to outbound email delivery. This can provide more specific information about the nature of the problem.
Telnet Test:
Use the Telnet command to test connectivity to an external mail server on port 25. This can help diagnose whether there's a network connectivity issue.
bash
Copy code
telnet external-mail-server.com 25
If the connection fails, it can help identify network or firewall issues.
SMTP Diagnostics:
Use SMTP diagnostics tools to troubleshoot the SMTP communication between your Exchange Server and external mail servers. These tools can provide more detailed information about the communication process.
Consult Microsoft Support:
If the issue persists and you are unable to identify the root cause, consider reaching out to Microsoft Support for assistance. They can provide more in-depth support tailored to your specific Exchange Server environment.
Remember to make changes cautiously and back up configurations before making significant adjustments to your Exchange Server settings.
@@HetmanRecoverythank you for these great suggestions. i will try to troubleshoot the issue and update you ASAP for further advice.. thanks again.
Can I a get the list of all commands used to Install and Configure Exchange Server 2019??? including those used on exchange management shell
Yes, you can get a list of all commands used to install and configure Exchange Server 2019, including the commands used in the Exchange Management Shell.
To get a list of all commands, use the Get-Command command in the Exchange Management Shell. This command returns a list of all commands available in the current management shell.
To get more detailed information about a particular command, use the Get-Help command, for example:
Get-Help New-Mailbox
This command will return detailed information on the New-Mailbox cmdlet including syntax, description and parameters.
You can also find a complete guide on how to install and configure Exchange Server 2019 on Microsoft Docs website. It provides detailed instructions and command descriptions for installing and configuring Exchange Server 2019.
sir.. we need to learn how to config. attachment size limit for users + more limit for VIP users. how to do that?? as we have many places to set message size. from connectors, org.tranpr + rules + user's properties. so which one is correct???
Configuring attachment size limits for different user groups, such as regular users and VIP users, can be achieved through various settings in different systems. The correct approach depends on the specific email system or messaging platform you are using. Since you mentioned connectors, org.transpr, rules, and user properties, I'll provide a general guideline on how to handle this in a common email system like Microsoft Exchange. Please note that the exact steps may vary based on the version of your email system or other messaging platforms.
Transport Rules (org.transpr):
Transport rules allow you to apply conditions and actions to email messages as they pass through your email system. You can set attachment size limits based on sender, recipient, or any other criteria.
a. Log in to your email system as an administrator or someone with appropriate permissions.
b. Access the Transport Rules section. In Microsoft Exchange, this can typically be found in the Exchange Management Console (EMC) or Exchange Admin Center (EAC).
c. Create a new transport rule or modify an existing one that is applicable to all users (regular users).
d. Set the condition to match all regular users or set any other criteria that define regular users.
e. Define the action to limit attachment size for regular users. You can choose to reject messages with large attachments, drop attachments above a certain size, or generate a delivery report for large attachments.
f. Similarly, create another transport rule for VIP users with a different attachment size limit.
User Properties:
Some email systems allow you to set individual user properties that can override the default settings for specific users, giving them a different attachment size limit.
a. Locate the user properties section in your email system. In Microsoft Exchange, this can often be done through Active Directory Users and Computers.
b. Find the user account for a VIP user, and modify their properties to set a different attachment size limit specifically for that user.
Connectors:
Connectors in email systems enable communication with external entities like partners or cloud-based services. Depending on your setup, you may be able to define attachment size limits for messages passing through specific connectors.
a. Access the connectors settings in your email system and identify the relevant connector(s).
b. Adjust the settings to apply attachment size limits as needed.
Please keep in mind that the specific terminology and location of these settings may vary depending on your email system or messaging platform. If you're using a different platform, consult its documentation or seek support from your IT team or email system provider.
Before implementing any changes, it's essential to communicate with your users, especially VIP users, about the new attachment size limits and ensure they understand the reasons for any changes to avoid any confusion or frustration
@@HetmanRecovery we are using exchange server 2016.
Thank you sir.i will make extensive tests on my lab for this.
can you have exchange server connect to public domain from godaddy ?
Yes, you can configure Microsoft Exchange Server to connect to a public domain hosted by GoDaddy. Here are the general steps to achieve this:
Purchase a Domain:
If you haven't already, purchase a domain through GoDaddy or any other domain registrar.
Configure DNS Settings:
Log in to your GoDaddy account and navigate to the DNS management section. Update the DNS records to point to your Exchange Server's public IP address. At a minimum, you'll need to configure the following DNS records:
MX Record: This record should point to the public IP address or hostname of your Exchange Server. It specifies the mail server responsible for receiving emails.
A Record (or CNAME Record): Create an A record (or CNAME record) to map the hostname of your mail server to its public IP address.
Autodiscover Record (Optional): If you want to enable Autodiscover for easy configuration of email clients, create an Autodiscover DNS record pointing to your server.
SSL Certificate:
Obtain and install an SSL certificate for your Exchange Server to ensure secure communication. You can either purchase an SSL certificate from a Certificate Authority or use a free certificate from Let's Encrypt.
Exchange Server Configuration:
Configure your Exchange Server with the appropriate settings. This includes setting up accepted domains, configuring email addresses, and specifying the connection settings.
Open the Exchange Management Console or Exchange Admin Center.
Configure the email address policies for your domain.
Set up Send and Receive Connectors.
Configure the Outlook Anywhere settings if you want to enable external access for Outlook clients.
Firewall Configuration:
Ensure that your firewall allows traffic on the necessary ports for Exchange Server. For example, SMTP traffic usually occurs over port 25, and secure connections may use ports 465 (SMTPS) or 587 (Submission).
Testing:
Test your configuration by sending and receiving emails both internally and externally. Use tools like the Microsoft Remote Connectivity Analyzer to check the health of your Exchange deployment.
Keep in mind that the exact steps may vary based on the version of Exchange Server you are using (e.g., Exchange Server 2010, 2013, 2016, 2019). Always refer to the documentation specific to your Exchange Server version for detailed and accurate instructions.
Hi On Cloud VM port 25 is blocked Out Bound email is not working how to fix it?
If port 25 is blocked on the Cloud VM, this may result in sending mail not working. To fix this problem you need to do the following:
Make sure that your Cloud provider allows sending mail using port 25. Some cloud providers block port 25 by default to prevent sending spam.
If your ISP allows mail on port 25, check the firewall settings on your Cloud VM to ensure that port 25 is allowed for outbound traffic.
If port 25 is blocked by the firewall, try configuring to send mail on a different port. Some providers, such as Google Cloud Platform and Amazon Web Services, recommend using port 587 instead of port 25.
If sending mail on a different port doesn't work, ask your cloud provider for more help in setting up and allowing mail to be sent on port 25 or another port.
I hope this helps you solve the problem with sending email on Cloud VM.
hi thanks for your great video. by following video i have configuration. im able to receive mail but not able to send mail please help me...
Thank u
We're glad we could help you )
Hello
Hello!
Error:
The following error was generated when "$error.Clear();
$dllFile = join-path $RoleInstallPath "bin\ExSMIME.dll";
$regsvr = join-path (join-path $env:SystemRoot system32) regsvr32.exe;
start-SetupProcess -Name:"$regsvr" -Args:"/s `"$dllFile`"" -Timeout:120000;
" was executed: "Microsoft.Exchange.Configuration.Tasks.TaskException: Process execution failed with exit code 5.
at Microsoft.Exchange.Management.Tasks.RunProcessBase.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.b__91_1()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".
i received this error on step 7, can you help me?
The error you encountered, specifically the "exit code 5," indicates that there was an access denied error when trying to register the ExSMIME.dll file using regsvr32.exe. This can occur due to insufficient permissions or the process not being able to access the required files or directories.