This article is for those looking for a detailed and clear guide on how to configure Exchange Server 2019.

We will consider the case when you already have two servers with the Windows Server 2019 operating system installed on them. In addition, one of the servers must have the Active Directory Domain Services role installed, and the second server must have Exchange Server 2019 installed.

For details on how to install Exchange Server 2019 on Windows Server 2019, you can read my guide “Install Exchange Server 2019 on Windows Server 2019”. To learn how to install Active Directory Domain Services on Windows Server 2019 with a GUI, you can read “Install Active Directory Domain Services on Windows Server 2019”.

Open the Exchange Admin Center control panel, which is located at the link https://heva-server-2/ecp, where heva-server-2 is the name of my Exchange server. Accordingly, you need to provide the name or IP address of your server.

To access the Exchange Admin Center Control Panel, you will need to provide a username and password for an account that has Exchange Administrator rights.

Configure Exchange Server 2019

Let’s create a mailbox database.

In the “Servers” section, select the “Databases” subsection and click on the “+” button.

Configure Exchange Server 2019

Next, you need to specify a name for the new database and select an Exchange server with the “Mailbox” role.

Specify the name of the database and click on the “Browse” button.

Configure Exchange Server 2019

Select the Exchange server with the “Mailbox” role and click on the “OK” button.

Configure Exchange Server 2019

Now you need to specify in which folder the mailbox database and its logs will be stored.

Please note that you need to first create folders on the server in which you plan to store the database and its logs. In addition, it is better to store the database on a disk specially allocated for this task.

Configure Exchange Server 2019

In the “Database file path” field, specify the folder where the database will be stored.

In the “Log folder path” field, specify the folder in which the database logs will be stored.

Check the “Mount this database” box and click on the “Save” button.

Configure Exchange Server 2019

Now you need to restart the Microsoft Exchange Information Store service on the Exchange server.

Click on the “OK” button.

Configure Exchange Server 2019

Open “Server Manager” on the server with Exchange Server 2019 installed, then click on the “Tools” button in the upper right corner of the screen and select “Services”.

Configure Exchange Server 2019

Right-click on the “Microsoft Exchange Information Store” service and select “Restart”.

Configure Exchange Server 2019

The service has restarted successfully and the new database is ready to go.

Further, in the “Servers” section, select the “Databases” subsection, and then select a new database and double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “Limits” section, you can configure the retention time for deleted mailboxes and letters.

Specify the required values and click on the “Save” button.

Configure Exchange Server 2019

Now let’s create a database for shared folders.

In the “Servers” section, select the “Databases” subsection and click on the “+” button.

Configure Exchange Server 2019

Specify a name for the shared folder database and click the Browse button.

Configure Exchange Server 2019

Select the Exchange server with the “Mailbox” role and click on the “OK” button.

Configure Exchange Server 2019

Now you need to specify in which folder the database for public folders and its logs will be stored. Please note that you need to first create folders on the server in which you plan to store the database and its logs. In addition, it is better to store the database on a disk specially allocated for this task.

Configure Exchange Server 2019

In the “Database file path” field, specify the folder where the database will be stored.

In the “Log folder path” field, specify the folder in which the database logs will be stored.

Check the “Mount this database” box and click on the “Save” button.

Configure Exchange Server 2019

Now you need to restart the Microsoft Exchange Information Store service on the Exchange server.

Click on the “OK” button.

Configure Exchange Server 2019

We return to the “Server Manager” on the server with Exchange Server 2019 installed, click on the “Tools” button in the upper right corner of the screen, and select “Services”.

Configure Exchange Server 2019

Right-click on the “Microsoft Exchange Information Store” service and select “Restart”.

Configure Exchange Server 2019

The service has restarted successfully and the new database is ready to go.

Configure Exchange Server 2019

Next, go to the “Public Folders” section.

In the “Public Folders” section, select the “Public Folder Mailboxes” subsection and click on the “+” button.

Configure Exchange Server 2019

Specify a name for the public folder mailbox and in the “Mailbox database” section click on the “Browse” button.

Configure Exchange Server 2019

Select the database for shared folders and click on the “OK” button.

Configure Exchange Server 2019

Nothing can be changed in the “Organization unit” section.

Click on the “Save” button.

Configure Exchange Server 2019

After the public folder mailbox is created, it appears under the Public Folder Mailboxes subsection.

Configure Exchange Server 2019

Now let’s add the trusted domain.

In the “Mail Flow” section, select the “Accepted Domains” subsection and click on the “+” button.

Configure Exchange Server 2019

In the “Name” and “Accepted Domain” fields, specify the domain that you want to add to the trusted ones, then select “Authoritative Domain: E-mail is delivered only to valid recipients in this Exchange organization”.

Click on the “Save” button.

Configure Exchange Server 2019

After the domain is added to the trusted ones, it will appear in the “Accepted Domains” section.

Configure Exchange Server 2019

Now you need to create a policy for generating mailing addresses.

In the “Mail Flow” section, select the “Email Address Policies” subsection and click on the “+” button.

Configure Exchange Server 2019

Next, you need to specify a name for the new policy and choose who it will be applied to, as well as determine how mail addresses will be generated in your organization.

In this tutorial, mailing addresses will be based on “Alias”.

Specify a name for the policy for generating postal addresses and click the “+” button.

Configure Exchange Server 2019

Specify the main domain and select “alias@contoso.com”.

Click on the “Save” button.

Configure Exchange Server 2019

Now let’s add a second domain so that users can receive mail using the second domain name as well.

Click on the “+” button.

Configure Exchange Server 2019

Specify the second domain and select “alias@contoso.com”.

Click the “Save” button.

Configure Exchange Server 2019

After you have determined how mail addresses will be formed in your organization, click on the “Save” button.

Configure Exchange Server 2019

Pay attention to the warning. In order for the policy to take effect, you must click on the “Apply” button in the “E-mail Address Policies” subsection.

Configure Exchange Server 2019

After the policy is added, it will appear in the “E-mail Address Policies” subsection with the “Unapplied” status.

To apply a policy, select it and click on the “Apply” button.

Configure Exchange Server 2019

Next, a warning will appear stating that applying the policy may take a long time and you will not be able to perform other tasks while the policy is being applied.

Click on the “Yes” button.

Configure Exchange Server 2019

The policy for generating postal addresses has been successfully applied.

Click on the “Close” button.

Configure Exchange Server 2019

After the policy is applied, it will appear in the “E-mail Address Policies” subsection with the “Applied” status.

Configure Exchange Server 2019

Now you need to create a send connector: to be able to send mail outside the organization.

In the “Mail Flow” section, select the “Send Connectors” subsection and click on the “+” button.

Configure Exchange Server 2019

Specify a name for the new Send Connector and select “Internet” in the “Type” section.

Click on the “Next” button.

Configure Exchange Server 2019

In this example, mail will be sent according to MX records.

Select “MX record associated with recipient domain” and click on the “Next” button.

Configure Exchange Server 2019

Next, you need to specify for which domains the new connector will work.

Click on the “+” button.

Configure Exchange Server 2019

In the “Full Qualified Domain Name (FQDN)” field, enter “*”. This way, the new Send Connector will handle all domains except yours.

Click on the “OK” button.

Configure Exchange Server 2019

After you have specified for which domains the new connector will work, click on the “Next” button.

Configure Exchange Server 2019

Next, you need to specify on which Exchange server the Send connector will be created.

Click on the “+” button.

Configure Exchange Server 2019

Select the Exchange server on which the Send Connector will be created and click on the “OK” button.

Configure Exchange Server 2019

Everything is ready to create a send connector.

Click on the “Finish” button.

Configure Exchange Server 2019

Next, in the “Mail Flow” section, select the “Send Connectors” subsection, then select a new send connector and double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “General” section of the “Maximum send message size (MB)” menu, you can configure the maximum size of mail attachments to be sent.

Configure Exchange Server 2019

Further, in the “Scoping” section, in the “Specify the FQDN this connector will provide in response to HELO or EHLO” field, specify the name by which your mail server is accessible from the Internet.

Click on the “Save” button.

Configure Exchange Server 2019

In the “Mail Flow” section, select the “Send Connectors” subsection. Then click on the “…” button and select “Organization transport settings”.

Configure Exchange Server 2019

In the “Limits” section, you can configure the maximum size of mail attachments for sending and receiving.

Specify the required values and click on the “Save” button.

Configure Exchange Server 2019

Now you need to provide your Exchange Server 2019 license key.

In the “Servers” section, select the “Servers” subsection and click on the “Edit” button.

Configure Exchange Server 2019

In the “General” section, specify the Exchange Server 2019 license key and click on the “Save” button.

Configure Exchange Server 2019

Now you need to configure DNS records for the domain. To do this, you need to open a web browser and go to the control panel for external DNS records for your domain.

This tutorial uses Amazon Route 53 to manage external DNS records for a domain.

Follow the link, specify, if necessary, the username and password of an account with administrator rights in Amazon Web Services, and click on the “Services” button in the upper left corner of the screen.

Next, in the “Networking & Content Delivery” section, select “Route 53”.

Configure Exchange Server 2019

Next, select “Hosted zones”.

Configure Exchange Server 2019

Select the domain for which you want to configure DNS records.

Configure Exchange Server 2019

Now you need to create several DNS records to access the Exchange services.

Click on the “Create Record Set” button to create a new DNS record.

Configure Exchange Server 2019

Specify “mail” in the “Name” field.

In the “Type” field, select “A - IPv4 address”.

In the “TTL” field, enter “300”.

In the “Value” field, indicate the IP address by which your mail server is accessible from the Internet and click on the “Create” button.

Configure Exchange Server 2019

Click on the “Create Record Set” button to create another DNS record.

In the “Name” field, enter “mx01”.

In the “Type” field, select “A - IPv4 address”.

In the “TTL” field, enter “300”.

In the “Value” field, indicate the IP address by which your mail server is accessible from the Internet and click on the “Create” button.

Configure Exchange Server 2019

Click on the “Create Record Set” button to create another DNS record.

Specify “autodiscover” in the “Name” field.

In the “Type” field, select “A - IPv4 address”.

In the “TTL” field, enter “300”.

In the “Value” field, indicate the IP address by which your mail server is accessible from the Internet and click on the “Create” button.

Configure Exchange Server 2019

Click on the “Create Record Set” button to create another DNS record.

Leave the “Name” field blank.

In the “Type” field, select “MX - Mail exchange”.

In the “TTL” field, enter “300”.

In the “Value” field, specify the priority “10”, then indicate the previously created A-record with the name “mx01” and click on the “Create” button.

Configure Exchange Server 2019

Next, you need to make a request to your ISP to create a PTR record for your external IP address, where your mail server is accessible from the Internet. This is necessary in order for your IP address to resolve to a name. In this example, the IP 188.244.46.91 is translated to the name mail.heyvaldemar.net.

Now you need to create an SPF (Sender Policy Framework). Thanks to SPF, you can check if the sender’s domain has been tampered with. SPF allows you to specify a list of servers capable of sending mail messages on behalf of your domain.

You can get parameters for SPF recording using the SPF Wizard.

SPF example: v=spf1 mx a ip4:188.244.46.91 include:heyvaldemar.com -all

Leave the “Name” field blank.

In the “Type” field, select “SPF - Sender Policy Framework”.

Please note that if there is no “SPF” record type in your control panel for external DNS records, then you need to select the “TXT” record type.

In the “TTL” field, enter “300”.

In the “Value” field, specify the SPF parameters obtained using the SPF Wizard and click on the “Create” button.

Configure Exchange Server 2019

DNS records for the domain have been configured successfully.

Configure Exchange Server 2019

Now you need to register the A-record on the internal DNS server.

Open “Server Manager” on the domain controller, then click on the “Tools” button in the upper right corner of the screen and select “DNS”.

Configure Exchange Server 2019

In the “Forward Lookup Zones” section, select the main domain and right-click on it, then select “New Host (A or AAAA)”.

Configure Exchange Server 2019

In the “Name (uses parent domain name if blank)” field, specify “Mail”.

In the “IP address” field, specify the IP address of the server on which Exchange Server 2019 is installed and click on the “Add Host” button.

Configure Exchange Server 2019

A record has been successfully added.

Click on the “OK” button.

Configure Exchange Server 2019

After the A-record is added, it will appear in the list with the rest of the records.

Configure Exchange Server 2019

For further configuration, you need a certification authority.

In this tutorial, the Active Directory Certificate Services role will be installed on a domain controller.

Go back to the “Server Manager” on the domain controller, then click on the “Manage” button in the upper right corner of the screen and select “Add Roles and Features”.

Configure Exchange Server 2019

Click on the “Next” button.

Configure Exchange Server 2019

Select the installation type “Role-based or feature-based installation” and click on the “Next” button.

Configure Exchange Server 2019

Next, select the server on which the role will be installed.

Click on the “Next” button.

Configure Exchange Server 2019

Select the Active Directory Certificate Services role.

Configure Exchange Server 2019

In the next step, the Role Installation Wizard will warn you that several components need to be installed to install the Active Directory Certificate Services role.

Click on the “Add Features” button.

Configure Exchange Server 2019

Click on the “Next” button.

Configure Exchange Server 2019

At the stage of adding components, we leave all the default values.

Click on the “Next” button.

Configure Exchange Server 2019

Next, the Role Installation Wizard invites you to learn more about the Active Directory Certificate Services role.

Click on the “Next” button.

Configure Exchange Server 2019

Now you need to select the required services.

We select “Certification Authority Web Enrollment”.

Configure Exchange Server 2019

In the next step, the Install Roles Wizard will warn you that several components need to be installed to install the Certification Authority Web Enrollment.

Click on the “Add Features” button.

Configure Exchange Server 2019

Next, select “Online Responder”.

Configure Exchange Server 2019

The Role Installation Wizard will warn you that several components need to be installed to install Online Responder.

Click on the “Add Features” button.

Configure Exchange Server 2019

After all the necessary services are selected, click on the “Next” button.

Configure Exchange Server 2019

In the next step, the “Role Installation Wizard” will warn you that the “Internet Information Services” webserver role will be additionally installed for the “Active Directory Certificate Services” role.

Configure Exchange Server 2019

At the stage of adding components, we leave all the default values.

Click on the “Next” button.

Configure Exchange Server 2019

In order to start the installation of the selected role, click on the “Install” button.

Configure Exchange Server 2019

The installation of the selected role and the components required for it has begun.

Configure Exchange Server 2019

Installation of the Active Directory Domain Services role is now complete.

Now you need to configure the role.

Click on the button “Configure Active Directory Certificate Services on the destination server”.

Configure Exchange Server 2019

Click on the “Next” button.

Configure Exchange Server 2019

Next, you need to select the services that you want to configure.

Select “Certification Authority”, “Certification Authority Web Enrollment” and “Online Responder” and click on the “Next” button.

Configure Exchange Server 2019

The server is a member of the domain, so select “Enterprise CA” and click on the “Next” button.

Configure Exchange Server 2019

There are no other servers with the Active Directory Certificate Services role in the domain, so select “Root CA” and click on the “Next” button.

Configure Exchange Server 2019

Next, you need to create a new private key.

Select “Create a new private key” and click on the “Next” button.

Configure Exchange Server 2019

Next, you can select the cryptography settings.

Leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2019

In the “Common name for this CA” field, specify the name for the new certification authority and click on the “Next” button.

Configure Exchange Server 2019

Now we select the validity period of the certificate and click on the “Next” button.

Configure Exchange Server 2019

Next, you can specify where the certificate database and its logs will be stored.

Leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2019

Everything is ready to configure the role.

Click on the “Configure” button.

Configure Exchange Server 2019

The Active Directory Certificate Services role is now configured.

Click on the “Close” button.

Configure Exchange Server 2019

Click on the “Close” button to close the role installation window.

Configure Exchange Server 2019

Now you need to enable the SAN (Subject Alternative Name) function on the CA server. This feature is useful when publishing the “Autodiscover” service.

On the keyboard, press the key combination “Win” and “x” and in the menu that opens, select “Windows PowerShell (Admin)”.

Configure Exchange Server 2019

We enable the SAN function using the command:

certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2

Configure Exchange Server 2019

Now you need to restart the “CertSvc” service.

Stop the “CertSvc” service using the command:

net stop certsvc

Configure Exchange Server 2019

We start the “CertSvc” service using the command:

net start certsvc

Configure Exchange Server 2019

Service “CertSvc” restarted successfully.

Configure Exchange Server 2019

Now let’s make a request to create a new Exchange certificate.

We return to the Exchange Admin Center control panel.

In the “Servers” section, select the “Certificates” subsection and click on the “+” button.

Configure Exchange Server 2019

Select “Create a request for a certificate from a certification authority” and click on the “Next” button.

Configure Exchange Server 2019

Specify a name for the new certificate and click on the “Next” button.

Configure Exchange Server 2019

Then leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2019

Now you need to specify the Exchange server where the certificate request will be stored.

Click on the “Browse” button.

Configure Exchange Server 2019

Select the Exchange server where the certificate request will be stored and click on the “OK” button.

Configure Exchange Server 2019

After the Exchange server is specified, click on the “Next” button.

Configure Exchange Server 2019

Now you need to specify the domain names that need to be included in the certificate for all types of access.

Select “Outlook Web App (when accessed from the Internet)” and click on the “Edit” button.

Configure Exchange Server 2019

Specify the name by which your mail server is accessible from the Internet for the “Outlook Web App” access type, and click on the “OK” button.

Configure Exchange Server 2019

Select OAB (when accessed from the Internet) “, and click on the” Edit “(Pencil) button.

Configure Exchange Server 2019

We indicate the name by which your mail server is accessible from the Internet for the access type “OAB”, and click on the “OK” button.

Configure Exchange Server 2019

Select “Exchange Web Services (when accessed from the Internet)”, and click on the “Edit” button.

Configure Exchange Server 2019

Specify the name by which your mail server is accessible from the Internet for the “Exchange Web Services” access type, and click on the “OK” button.

Configure Exchange Server 2019

Select “Exchange ActiveSync (when accessed from the Internet)” and click on the “Edit” button.

Configure Exchange Server 2019

Specify the name by which your mail server is accessible from the Internet for the “Exchange ActiveSync” access type, and click on the “OK” button.

Configure Exchange Server 2019

Select “POP” and click on the “Edit” button.

Configure Exchange Server 2019

We indicate the name by which your mail server is accessible from the Internet for the “POP” access type, and click on the “OK” button.

Configure Exchange Server 2019

Select “IMAP” and click on the “Edit” button.

Configure Exchange Server 2019

We indicate the name by which your mail server is accessible from the Internet for the type of access “IMAP”, and click on the “OK” button.

Configure Exchange Server 2019

Select “Outlook Anywhere” and click on the “Edit” button.

Configure Exchange Server 2019

Specify the name by which your mail server is accessible from the Internet for the “Outlook Anywhere” access type and click on the “OK” button.

Configure Exchange Server 2019

The domain names that must be included in the certificate for all types of access are indicated.

Click on the “Next” button.

Configure Exchange Server 2019

Below is a list of domains that will be included in the certificate.

Click on the “Next” button.

Configure Exchange Server 2019

Next, you must specify the name of the organization, department, and geographic location of the company.

This guide is based on an organization based in Los Angeles, USA.

We indicate the necessary information and click on the “Next” button.

Configure Exchange Server 2019

Now you need to specify the folder where the Exchange certificate request will be saved.

In this tutorial, the certificate request will be saved to the local “C” drive on the Exchange server.

Specify where the Exchange certificate request will be saved and click on the “Finish” button.

Configure Exchange Server 2019

After the certificate request is created, it will appear in the “Certificates” subsection with the “Pending request” status.

Configure Exchange Server 2019

Now you need to validate your Exchange certificate with a CA.

On the Exchange server, go to the link http://heva-server-1/certsrv, where heva-server-1 is the name of my certification authority server. Accordingly, you need to specify the name of your server.

We go under an account with administrator rights and click on the “OK” button.

Configure Exchange Server 2019

Now let’s add the address of the certification server to “Trusted sites”.

Click on the “Add” button.

Configure Exchange Server 2019

In the “Add this website to the zone” field, specify the address of the certification server and click on the “Add” button.

Configure Exchange Server 2019

Click on the “Close” button.

Configure Exchange Server 2019

Now select “Request a certificate”.

Configure Exchange Server 2019

Next, select “Advanced certificate request”.

Configure Exchange Server 2019

Now select “Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file”.

Configure Exchange Server 2019

Next, open “Explorer” and go to the local drive “C” where the Exchange certificate request was saved.

Click on the certificate request file twice with the left mouse button.

Configure Exchange Server 2019

Click on the “Try an app on this PC” button.

Configure Exchange Server 2019

Select “Notepad” and click on the “OK” button.

Configure Exchange Server 2019

Copy the contents of the request file.

Configure Exchange Server 2019

Next, insert the contents of the request file into the “Saved Request” field, then in the “Certificate Template” section, select “Web Server” and click on the “Submit” button.

Configure Exchange Server 2019

Select “DER encoded” and click on the “Download certificate” button.

Configure Exchange Server 2019

In the “Save” menu, select “Save as”.

Configure Exchange Server 2019

Assign a name and save the Exchange certificate to the Downloads folder.

Click on the “Save” button.

Configure Exchange Server 2019

Now you need to download the CA certificate.

Click on the “Home” button in the upper right corner of the screen.

Select “Download a CA certificate, certificate chain, or CRL”.

Configure Exchange Server 2019

In the “Encoding method” section, select “DER” and click on the “Download CA certificate” button.

Configure Exchange Server 2019

In the “Save” menu, select “Save as”.

Configure Exchange Server 2019

We assign a name and save the certificate of the certification authority in the “Downloads” folder.

Click on the “Save” button.

Configure Exchange Server 2019

To successfully validate your Exchange certificate request, you must import the CA certificate into the Trusted Root Certification Authorities on the Exchange server.

On the keyboard, press the key combination “Win” and “R”, then enter “certlm.msc” and click on the “OK” button.

Configure Exchange Server 2019

In the “Certificates (Local Computer)” section, select the “Trusted Root Certification Authorities” subsection, then right-click on the “Certificates” subsection and select “All Tasks”, then “Import”.

Configure Exchange Server 2019

Click on the “Next” button.

Configure Exchange Server 2019

Next, you need to specify the path to the certificate of the certification authority.

Click on the “Browse” button.

Configure Exchange Server 2019

Select the certificate of the certification authority and click on the “Open” button.

Configure Exchange Server 2019

After the path to the certificate of the certification authority is indicated, click on the “Next” button.

Configure Exchange Server 2019

Then leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2019

Everything is ready to import the certificate into the “Trusted Root Certification Authorities”.

Click on the “Finish” button.

Configure Exchange Server 2019

The CA certificate has been successfully imported.

Click on the “OK” button.

Configure Exchange Server 2019

We return to the Exchange Admin Center control panel.

In the “Servers” section, select the “Certificates” subsection. Then select the new Exchange certificate and click on the “Complete” button on the right.

Configure Exchange Server 2019

Next, you need to specify the path to the Exchange certificate.

Specify the path to the Exchange certificate and click on the “OK” button.

Configure Exchange Server 2019

After the certificate is confirmed, it will appear in the “Certificates” subsection with the “Valid” status.

Now you need to assign a new Exchange certificate for SMTP and IIS services.

Select a new certificate and double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “Services” section, check the boxes for “SMTP”, “IMAP”, “POP”, and “IIS”, then click on the “Save” button.

Configure Exchange Server 2019

Next, a warning will appear asking you to overwrite the existing certificate for SMTP.

Configure Exchange Server 2019

After the Exchange certificate is assigned to the services, the list of services in the “Assigned to services” field is updated.

Configure Exchange Server 2019

Now let’s take a look at the Outlook Web App settings.

In the “Servers” section, select the “Virtual Directories” subsection and select the “owa (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/owa”.

Configure Exchange Server 2019

Now let’s configure user authorization by login without having to specify a domain.

In the “Authentication” section in the “Use forms-based authentication” section, select “User name only”.

Next, you need to select the main domain, click on the “Browse” button.

Configure Exchange Server 2019

Select the main domain and click on the “OK” button.

Configure Exchange Server 2019

After the domain is specified, click on the “Save” button.

Configure Exchange Server 2019

Next, a warning will appear asking you to restart IIS.

IIS will restart later.

Click on the “OK” button.

Configure Exchange Server 2019

Now let’s write the address where your mail server is accessible from the Internet in the Exchange server configuration.

In the “Servers” section, select the “Virtual Directories” subsection and select the “ecp (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/ecp”.

Click on the “Save” button.

Configure Exchange Server 2019

In the “Servers” section, select the “Virtual Directories” subsection and select the “EWS (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/EWS/Exchange.asmx”.

Click on the “Save” button.

Configure Exchange Server 2019

In the “Servers” section, select the “Virtual Directories” subsection and select the “mapi (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/mapi”.

Click on the “Save” button.

Configure Exchange Server 2019

In the “Servers” section, select the “Virtual Directories” subsection and select the “Microsoft-Server-ActiveSync (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/Microsoft-Server-ActiveSync”.

Click on the “Save” button.

Configure Exchange Server 2019

In the “Servers” section, select the “Virtual Directories” subsection and select the “OAB (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/OAB”.

Click on the “Save” button.

Configure Exchange Server 2019

In the “Servers” section, select the “Virtual Directories” subsection and select the “PowerShell (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

Configure Exchange Server 2019

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/powershell”.

Click on the “Save” button.

Configure Exchange Server 2019

Now let’s configure the Outlook Anywhere service. This service is used to connect to the Exchange server via the Internet using “Outlook”.

In the “Servers” section, select the “Servers” subsection, select the Exchange server, and double-click on it with the left mouse button.

Configure Exchange Server 2019

Next, in the “Specify the external hostname such as contoso.com that users will use to connect to your organization” field, specify the name by which your mail server is accessible from the Internet. Then, in the “Specify the authentication method for external clients to use when connecting to your organization” menu, select “NTLM” and uncheck the “Allow SSL offloading” checkbox.

Click on the “Save” button.

Configure Exchange Server 2019

Now let’s restart IIS.

On the keyboard, press the key combination “Win” and “x” and in the menu that opens, select “Windows PowerShell (Admin)”.

Configure Exchange Server 2019

Restart IIS using the command:

iisreset /noforce

Configure Exchange Server 2019

IIS restarted successfully.

Configure Exchange Server 2019

Now let’s configure the ability to receive mail.

In the “Mail Flow” section, select the “Receive Connectors” subsection, select the “Default Frontend HEVA-SERVER-2” receive connector, where HEVA-SERVER-2 is the name of my Exchange server. Then click on it twice with the left mouse button.

Configure Exchange Server 2019

In the “General” section, in the “Maximum receive message size” field, you can configure the maximum allowable size of mail attachments for receiving.

Configure Exchange Server 2019

In the “Security” section, check for a checkmark on the “Anonymous users” item.

Click on the “Save” button.

Configure Exchange Server 2019

Now let’s create a new user with a mailbox.

In the “Recipients” section, select the “Mailboxes” subsection.

Configure Exchange Server 2019

Click on the “+” button and select “User mailbox”.

Configure Exchange Server 2019

Now we specify the alias, first, and the last name for the new user.

Then you need to select the organization unit in which you plan to create a new user.

Click on the “Browse” button.

Configure Exchange Server 2019

Select the OU in which you want to place the new user, and click on the “OK” button.

Configure Exchange Server 2019

In the “User logon name” field, specify the login for the new user.

Next, specify a strong password and click on the “More options” button.

Configure Exchange Server 2019

Now you need to select the database in which the mailbox will be created for the new user.

In the “Mailbox database” section, click on the “Browse” button.

Configure Exchange Server 2019

Select the mailbox database and click on the “OK” button.

Configure Exchange Server 2019

Everything is ready to create a user with a mailbox.

Click on the “Save” button.

Configure Exchange Server 2019

After the user with the mailbox is created, it will appear in the “Mailboxes” section.

Configure Exchange Server 2019

Now you need to import the Exchange certificate into Trusted Root Certification Authorities on all computers in the domain.

Go to the domain controller, create a folder and copy the Exchange certificate into it.

Configure Exchange Server 2019

In this tutorial, the certificate was copied to the “ExchangeCertificate” folder on the “C” drive.

Configure Exchange Server 2019

Go back to “Server Manager” on the domain controller, then click on the “Tools” button in the upper right corner of the screen and select “Group Policy Management”.

Configure Exchange Server 2019

Now let’s create a new Group Policy to import the certificate into Trusted Root Certification Authorities on all computers in the domain.

Right-click on the domain name and select “Create a GPO in this domain, and Link it here”.

Configure Exchange Server 2019

Specify a name for the new group policy and click on the “OK” button.

Configure Exchange Server 2019

Next, click on the new policy with the right mouse button and select “Edit”.

Configure Exchange Server 2019

In the Group Policy Editor, go to the “Computer Configuration” section, then to the “Windows Settings” subsection, then find the “Security Settings” section and select “Public Key Policies”, now right-click on “Trusted Root Certification Authorities” and select “ Import “.

Configure Exchange Server 2019

Click on the “Next” button.

Configure Exchange Server 2019

Next, you need to specify the path to the Exchange certificate.

Click on the “Browse” button.

Configure Exchange Server 2019

Go to the folder with the Exchange certificate and click on the “Open” button.

Configure Exchange Server 2019

After the path to the certificate is specified, click on the “Next” button.

Configure Exchange Server 2019

Then leave the settings unchanged and click on the “Next” button.

Configure Exchange Server 2019

Everything is ready to import the certificate into the “Trusted Root Certification Authorities” for all computers in the domain.

Click on the “Finish” button.

Configure Exchange Server 2019

The Exchange certificate has been successfully imported into Group Policy settings.

Click on the “OK” button.

Configure Exchange Server 2019

After the certificate is imported into Group Policy settings, it will appear in the “Trusted Root Certification Authorities” section.

The Exchange certificate will now be imported to all computers covered by this policy.

Configure Exchange Server 2019

My Services

💼 Take a look at my service catalog and find out how we can make your technological life better. Whether it’s increasing the efficiency of your IT infrastructure, advancing your career, or expanding your technological horizons — I’m here to help you achieve your goals. From DevOps transformations to building gaming computers — let’s make your technology unparalleled!

Refill the Author’s Coffee Supplies

💖 PayPal
🏆 Patreon
💎 GitHub
🥤 BuyMeaCoffee
🍪 Ko-fi

Vladimir Mikhalev
I’m Vladimir Mikhalev, the Docker Captain, but my friends can call me Valdemar.

DevOps Community

hey 👋 If you have questions about installation or configuration, then ask me and members of our community: