This article is written for those who were searching for a detailed and simple for the understanding guide on how to configure Exchange Server 2019.

We will consider the case when you already have two servers with the Windows Server 2019 operating system installed on them. In addition, the Active Directory Domain Services role must be installed on one of the servers, and Exchange Server 2019 must be installed on the second server.

You can read more about how to install Exchange Server 2019 on Windows Server 2019 in my guide «Installing Exchange Server 2019 on Windows Server 2019». You can learn how to install Active Directory Domain Services on Windows Server 2019 with the GUI by reading «Installing Active Directory Domain Services on Windows Server 2019».

Open the Exchange Admin Center control panel, which is located at https://heva-server-2/ecp, where heva-server-2 is the name of my Exchange server. Accordingly, you need to specify the name or IP address of your server.

To access the Exchange Admin Center control panel, you will need to provide the user name and password of an account that has Exchange administrator rights.

Create a database for mailboxes.

In the “Servers” section, select the “Databases” subsection and click on the “+” button.

Next, you need to specify a name for the new database and select the Exchange server with the “Mailbox” role.

Specify the name of the database and click on the “Browse” button.

Select the Exchange server with the “Mailbox” role and click on the “OK” button.

Now you need to specify in which folder the mailbox database and its logs will be stored.

Please note that you need to first create folders on the server in which you plan to store the database and its logs. In addition, it is better to store the database on a disk specially allocated for this task.

In the “Database file path” field specify the folder in which the database will be stored.

In the “Log folder path” field specify the folder in which the logs of the database will be stored.

Check the box “Mount this database” and click on the “Save” button.

Now you need to restart the Microsoft Exchange Information Store service on the Exchange server.

Click on the “OK” button.

Open “Server Manager” on the server with Exchange Server 2019 installed, then click on the “Tools” button in the upper right corner of the screen and select “Services”.

Right-click on the “Microsoft Exchange Information Store” service and select “Restart”.

The service has successfully restarted and the new database is ready to go.

Next, in the “Servers” section, select the “Databases” subsection, and then select the new database and double-click on it with the left mouse button.

In the “Limits” section, you can configure the storage time of deleted mailboxes and letters.

Specify the necessary values and click on the “Save” button.

Now create a database for public folders.

In the “Servers” section, select the “Databases” subsection and click on the “+” button.

Specify a name for the public folder database and click the “Browse” button.

Select the Exchange server with the “Mailbox” role and click on the “OK” button.

Now you need to specify in which folder the database for public folders and its logs will be stored. Please note that you need to first create folders on the server in which you plan to store the database and its logs. In addition, it is better to store the database on a disk specially allocated for this task.

In the “Database file path” field specify the folder in which the database will be stored.

In the “Log folder path” field specify the folder in which the logs of the database will be stored.

Check the box “Mount this database” and click on the “Save” button.

Now you need to restart the Microsoft Exchange Information Store service on the Exchange server.

Click on the “OK” button.

Return to the “Server Manager” on the server with Exchange Server 2019 installed, click on the “Tools” button in the upper right corner of the screen and select “Services”.

Right-click on the “Microsoft Exchange Information Store” service and select “Restart”.

The service has successfully restarted and the new database is ready to go.

Next, go to the “Public Folders” section.

In the section “Public Folders” select the subsection “Public Folder Mailboxes” and click on the “+” button.

Specify a name for the public folder mailbox and in the “Mailbox database” section, click on the “Browse” button.

Select the database for public folders and click on the “OK” button.

In the “Organization unit” section, you can not change anything.

Click on the “Save” button.

After the public folder mailbox is created, it will appear in the “Public Folder Mailboxes” subsection.

Now add a trusted domain.

In the “Mail Flow” section, select the “Accepted Domains” subsection and click on the “+” button.

In the “Name” and “Accepted Domain” fields, specify the domain that you want to add to the trusted ones, then select “Authoritative Domain: E-mail is delivered only to valid recipients in this Exchange organization”.

Click on the “Save” button.

After the domain is added to the accepted domains, it will appear in the “Accepted Domains” section.

Now you need to create a policy for the formation of mailing addresses.

In the “Mail Flow” section, select the “Email Address Policies” subsection and click on the “+” button.

Next, you need to specify a name for the new policy and choose who it will be applied to, and also determine how mail addresses will be formed in your organization.

In this manual, mail addresses will be based on “Alias”.

Specify a name for the policy for the formation of mailing addresses and click the “+” button.

Specify the main domain and select “alias@contoso.com”.

Click on the “Save” button.

Now we’ll add a second domain so that users can receive mail by the second domain name.

Click on the “+” button.

Specify the second domain and select “alias@contoso.com”.

Click the “Save” button.

After you have determined how mail addresses will be formed in your organization, click on the “Save” button.

Pay attention to the warning. In order for the policy to take effect, you must click on the “Apply” button in the “E-mail Address Policies” subsection.

After the policy is added, it will appear in the “E-mail Address Policies” subsection with the status “Unapplied”.

To apply a policy, select it and click on the “Apply” button.

A warning will appear next that applying the policy may take a long time and you will not be able to perform other tasks while applying the policy.

Click on the “Yes” button.

The mail address policy has been successfully applied.

Click on the “Close” button.

After the policy is applied, it will appear in the “E-mail Address Policies” subsection with the status “Applied”.

Now you need to create a send connector: for the ability to send mail outside the organization.

In the “Mail Flow” section, select the “Send Connectors” subsection and click on the “+” button.

Specify a name for the new send connector and select the “Internet” in the “Type” section.

Click on the “Next” button.

In this example, mail will be sent according to MX records.

Select “MX record associated with recipient domain” and click on the “Next” button.

Next, you need to specify which domains the new connector will work.

Click on the “+” button.

In the field “Full Qualified Domain Name (FQDN)” specify “*”. Thus, the new send connector will process all domains except yours.

Click on the “OK” button.

After you have specified for which domains the new connector will work, click on the “Next” button.

Next, you need to specify on which Exchange server the send connector will be created.

Click on the “+” button.

Select the Exchange server on which the send connector will be created, and click on the “OK” button.

Everything is ready to create a send connector.

Click on the “Finish” button.

Next, in the “Mail Flow” section, select the “Send Connectors” subsection, then select the new send connector and double-click it with the left mouse button.

In the “General” section of the “Maximum send message size (MB)” menu, you can configure the maximum allowable size of mail attachments for sending.

Next, in the “Scoping” section, in the “Specify the FQDN this connector will provide in response to HELO or EHLO” field, specify the name by which your mail server is accessible from the Internet.

Click on the “Save” button.

In the “Mail Flow” section, select the “Send Connectors” subsection. Then click on the “…” button and select “Organization transport settings”.

In the “Limits” section, you can configure the maximum allowable size of mail attachments for sending and receiving.

Specify the necessary values and click on the “Save” button.

Now you need to specify the Exchange Server 2019 license key.

In the “Servers” section, select the “Servers” subsection and click on the “Edit” button (Pencil).

In the “General” section, specify the Exchange Server 2019 license key and click on the “Save” button.

Now you need to configure DNS records for the domain. To do this, open a web browser and go to the control panel of external DNS records for your domain.

This guide uses Amazon Route 53 to manage external DNS records for a domain.

Follow the link https://console.aws.amazon.com, specify, if necessary, the username and password of an account that has administrator rights in Amazon Web Services, and click on the “Services” button in the upper left corner of the screen.

Next, in the “Networking & Content Delivery” section, select “Route 53”.

Next, select “Hosted zones”.

Select the domain for which you want to configure DNS records.

Now you need to create several DNS records to access the Exchange services.

Click on the “Create Record Set” button to create a new DNS record.

In the “Name” field specify “mail”.

In the “Type” field, select “A – IPv4 address”.

In the “TTL” field specify “300”.

In the “Value” field, specify the IP address at which your mail server is accessible from the Internet and click on the “Create” button.

Click on the “Create Record Set” button to create another DNS record.

In the “Name” field specify “mx01”.

In the “Type” field, select “A – IPv4 address”.

In the “TTL” field specify “300”.

In the “Value” field, specify the IP address at which your mail server is accessible from the Internet and click on the “Create” button.

Click on the “Create Record Set” button to create another DNS record.

In the “Name” field specify “autodiscover”.

In the “Type” field, select “A – IPv4 address”.

In the “TTL” field specify “300”.

In the “Value” field, specify the IP address at which your mail server is accessible from the Internet and click on the “Create” button.

Click on the “Create Record Set” button to create another DNS record.

The “Name” field is left blank.

In the “Type” field, select “MX – Mail exchange”.

In the “TTL” field specify “300”.

In the “Value” field, specify the priority “10”, then specify the previously created A-record with the name “mx01” and click on the “Create” button.

Next, you need to request your Internet provider to create a PTR record for your external IP address, at which your mail server is accessible from the Internet. This is necessary so that your IP address is converted to a name. In this example, IP 188.244.46.91 was converted to the name mail.heyvaldemar.net.

Now you need to create SPF (Sender Policy Framework). Thanks to SPF, you can check if the sender’s domain has been tampered with. SPF allows you to specify a list of servers capable of sending email messages on behalf of your domain.

You can get the parameters for recording SPF using the «SPF Wizard».

SPF example: “v = spf1 mx a ip4: 188.244.46.91 include: heyvaldemar.com -all”

The “Name” field is left blank.

In the “Type” field, select “SPF – Sender Policy Framework”.

Please note that if there is no “SPF” record type in your control panel of external DNS records, then you need to select the “TXT” record type.

In the “TTL” field specify “300”.

In the “Value” field, specify the SPF parameters obtained using the «SPF Wizard» and click on the “Create” button.

DNS records for the domain are successfully configured.

Now you need to register the A-record on the internal DNS server.

Open “Server Manager” on the domain controller, then click on the “Tools” button in the upper right corner of the screen and select “DNS”.

In the “Forward Lookup Zones” section, select the main domain and right-click on it, then select “New Host (A or AAAA)”.

In the “Name (uses parent domain name if blank)” field, specify “Mail”.

In the “IP address” field, specify the IP address of the server on which Exchange Server 2019 is installed and click on the “Add Host” button.

A record successfully added.

Click on the “OK” button.

After the A-record is added, it will appear in the list with the rest of the records.

For further configuration, you need a certification authority.

In this guide, the Active Directory Certificate Services role will be installed on the domain controller.

Return to the “Server Manager” on the domain controller, then click on the “Manage” button in the upper right corner of the screen and select “Add Roles and Features”.

Click on the “Next” button.

Select the installation type “Role-based or feature-based installation” and click on the “Next” button.

Next, select the server on which the role will be installed.

Click on the “Next” button.

Select the Active Directory Certificate Services role.

In the next step, the Role Installation Wizard will warn you that you need to install several components to install the Active Directory Certificate Services role.

Click on the “Add Features” button.

Click on the “Next” button.

At the stage of adding components, leave all the default values.

Click on the “Next” button.

Next, the Role Installation Wizard invites you to learn more about the Active Directory Certificate Services role.

Click on the “Next” button.

Now you need to select the necessary services.

Select “Certification Authority Web Enrollment”.

In the next step, the Role Installation Wizard will warn you that you need to install several components to install the Certification Authority Web Enrollment.

Click on the “Add Features” button.

Next, select “Online Responder”.

The Role Installation Wizard will warn you that you need to install several components to install Online Responder.

Click on the “Add Features” button.

After all the necessary services are selected, click on the “Next” button.

At the next stage, the “Role Installation Wizard” will warn that the role of the “Active Directory Certificate Services” role will be additionally installed in the role of the webserver “Internet Information Services”.

At the stage of adding components, leave all the default values.

Click on the “Next” button.

In order to start the installation of the selected role, click on the “Install” button.

The installation of the selected role and the necessary components for it began.

The installation of the Active Directory Domain Services role is complete.

Now you need to configure the role.

Click on the “Configure Active Directory Certificate Services on the destination server” button.

Click on the “Next” button.

Next, you need to select the services that you need to configure.

Select “Certification Authority”, “Certification Authority Web Enrollment” and “Online Responder” and click on the “Next” button.

The server is a member of the domain, so select “Enterprise CA” and click on the “Next” button.

There are no other servers with the Active Directory Certificate Services role in the domain, so select “Root CA”, click on the “Next” button.

Next, you need to create a new private key.

Select “Create a new private key” and click on the “Next” button.

Next, you can select the cryptography settings.

Leave the settings unchanged and click on the “Next” button.

In the “Common name for this CA” field, specify the name for the new certification authority and click on the “Next” button.

Now select the certificate validity period and click on the “Next” button.

Then you can specify where the certificate database and its logs will be stored.

Leave the settings unchanged and click on the “Next” button.

Everything is ready to configure the role.

Click on the “Configure” button.

The configuration of the Active Directory Certificate Services role is now complete.

Click on the “Close” button.

Click on the “Close” button to close the role installation window.

Now you need to enable the SAN (Subject Alternative Name) function on the certificate authority server. This function is useful when publishing the Autodiscover service.

On the keyboard, press the key combination “Win” and “X” and select “Windows PowerShell (Admin)” in the menu that opens.

Enable the SAN function using the command:

certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2

Now you need to restart the CertSvc service.

Stop the CertSvc service using the command:

net stop certsvc

Start the CertSvc service using the command:

net start certsvc

CertSvc service successfully restarted.

Now make a request to create a new Exchange certificate.

Return to the control panel Exchange Admin Center.

In the “Servers” section, select the “Certificates” subsection and click on the “+” button.

Select “Create a request for a certificate from a certification authority” and click on the “Next” button.

Specify a name for the new certificate and click on the “Next” button.

Next, leave the settings unchanged and click on the “Next” button.

Now you need to specify the Exchange server on which the certificate request will be stored.

Click on the “Browse” button.

Select the Exchange server on which the certificate request will be stored, and click on the “OK” button.

After the Exchange server is specified, click on the “Next” button.

Now you need to specify the domain names that must be included in the certificate for all types of access.

Select “Outlook Web App (when accessed from the Internet)”, and click on the “Edit” button.

Specify the name by which your mail server is accessible from the Internet for the access type “Outlook Web App”, and click on the “OK” button.

Select OAB (when accessed from the Internet) “, and click on the” Edit “button (Pencil).

Specify the name by which your mail server is accessible from the Internet for the access type “OAB”, and click on the “OK” button.

Select “Exchange Web Services (when accessed from the Internet)”, and click on the “Edit” button.

Specify the name by which your mail server is accessible from the Internet for the access type “Exchange Web Services”, and click on the “OK” button.

Select “Exchange ActiveSync (when accessed from the Internet)”, and click on the “Edit” button.

Specify the name by which your mail server is accessible from the Internet for the access type “Exchange ActiveSync”, and click on the “OK” button.

Select “POP” and click on the “Edit” button (Pencil).

Specify the name by which your mail server is accessible from the Internet for the “POP” access type, and click on the “OK” button.

Select “IMAP” and click on the “Edit” button (Pencil).

Specify the name by which your mail server is accessible from the Internet for the access type “IMAP”, and click on the “OK” button.

Select “Outlook Anywhere” and click on the “Edit” button (Pencil).

Specify the name by which your mail server is accessible from the Internet for the access type “Outlook Anywhere” and click on the “OK” button.

The domain names that must be included in the certificate for all types of access are indicated.

Click on the “Next” button.

Next, a list of domains to be included in the certificate will be presented.

Click on the “Next” button.

Next, you must specify the name of the organization, department and geographical location of the company.

This guide covers an organization based in the United States, Los Angeles.

Specify the necessary information and click on the “Next” button.

Now you need to specify the folder where the Exchange certificate request will be saved.

In this guide, the certificate request will be saved to the local drive “C” on the Exchange server.

Specify where the request for the Exchange certificate will be saved, and click on the “Finish” button.

After the certificate request has been created, it will appear in the “Certificates” subsection with the status “Pending request”.

Now you need to confirm the Exchange certificate in the certification authority.

On the Exchange server, go to the link http://heva-server-1/certsrv, where heva-server-1 is the name of my certificate authority server. Accordingly, you need to specify the name of your server.

Log in under the account with administrator rights and click on the “OK” button.

Now add the address of the certification server to Trusted Sites.

Click on the “Add” button.

In the “Add this website to the zone” field, specify the address of the certification server and click on the “Add” button.

Click on the “Close” button.

Now select “Request a certificate”.

Next, select “Advanced certificate request”.

Now select “Submit a certificate request by using a base-64-encoded PKCS # 10 file, or submit a renewal request by using a base-64-encoded PKCS # 7 file”.

Next, open the “Explorer” and go to the local drive “C”, where the request for the Exchange certificate was saved.

Click on the certificate request file twice with the left mouse button.

Click on the “Try an app on this PC” button.

Select the “Notepad” and click on the “OK” button.

Copy the contents of the file.

Next, insert the contents of the file with request into the “Saved Request” field, then select “Web Server” in the “Certificate Template” section and click on the “Submit” button.

Select “DER encoded” and click on the “Download certificate” button.

In the “Save” menu, select “Save as”.

Assign a name and save the Exchange certificate in the “Downloads” folder.

Click on the “Save” button.

Now you need to download the certificate of the certification authority.

Click on the “Home” button in the upper right corner of the screen.

Select “Download a CA certificate, certificate chain, or CRL”.

In the “Encoding method” section, select “DER” and click on the “Download CA certificate” button.

In the “Save” menu, select “Save as”.

Assign a name and save the certificate of the certification authority to the “Downloads” folder.

Click on the “Save” button.

In order to successfully confirm the request for an Exchange certificate, you must import the certificate of the certification authority into “Trusted Root Certification Authorities” on the Exchange server.

On the keyboard, press the key combination “Win” and “R”, then enter “certlm.msc” and click on the “OK” button.

In the “Certificates (Local Computer)” section, select the “Trusted Root Certification Authorities” subsection, then right-click on the “Certificates” subsection and select “All Tasks”, then “Import”.

Click on the “Next” button.

Next, you must specify the path to the certificate of the certification authority.

Click on the “Browse” button.

Select the certificate of the certificate authority and click on the “Open” button.

After the path to the certificate of the certification authority is indicated, click on the “Next” button.

Next, leave the settings unchanged and click on the “Next” button.

Everything is ready to import the certificate into the Trusted Root Certification Authorities.

Click on the “Finish” button.

Certificate Authority Certificate successfully imported.

Click on the “OK” button.

Return to the control panel Exchange Admin Center.

In the “Servers” section, select the “Certificates” subsection. Then select the new Exchange certificate and click on the “Complete” button on the right.

Next, you must specify the path to the Exchange certificate.

Specify the path to the Exchange certificate and click on the “OK” button.

After the certificate is confirmed, it will appear in the “Certificates” subsection with the status “Valid”.

Now you need to assign a new Exchange certificate for SMTP and IIS.

Select a new certificate and double-click on it with the left mouse button.

In the “Services” section, check the “SMTP”, “IMAP”, “POP” and “IIS” checkboxes, then click on the “Save” button.

Next, a warning appears about the need to overwrite the existing certificate for SMTP.

After the Exchange certificate is assigned to services, it will update the list of services in the “Assigned to services” field.

Now let’s see the settings for Outlook Web App.

In the “Servers” section, select the “Virtual Directories” subsection and select the “owa (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/owa”.

Now configure user authentication by login without having to specify a domain.

In the “Authentication” section in the “Use forms-based authentication” section, select “User name only”.

Next, you need to select the main domain, click on the “Browse” button.

Select the main domain and click on the “OK” button.

After the domain is specified, click on the “Save” button.

Next, a warning appears about the need to restart IIS.

IIS will be restarted later.

Click on the “OK” button.

Now, will write the address at which your mail server is accessible from the Internet into the configuration of the Exchange server.

In the “Servers” section, select the “Virtual Directories” subsection and select the “ecp (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/ecp”.

Click on the “Save” button.

In the “Servers” section, select the “Virtual Directories” subsection and select the “EWS (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/EWS/Exchange.asmx”.

Click on the “Save” button.

In the “Servers” section, select the “Virtual Directories” subsection and select the “mapi (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/mapi”.

Click on the “Save” button.

In the “Servers” section, select the “Virtual Directories” subsection and select the Microsoft-Server-ActiveSync (Default Web Site) virtual folder, and then double-click on it with the left mouse button.

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/Microsoft-Server-ActiveSync”.

Click on the “Save” button.

In the “Servers” section, select the “Virtual Directories” subsection and select the “OAB (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/OAB”.

Click on the “Save” button.

In the “Servers” section, select the “Virtual Directories” subsection and select the “PowerShell (Default Web Site)” virtual folder, and then double-click on it with the left mouse button.

In the “General” section, in the “External URL” field, specify the name by which your mail server is accessible from the Internet, and also specify “/powershell”.

Нажимаем на кнопку “Save”.

Now set up the Outlook Anywhere service. This service is used to connect to the Exchange server via the Internet using “Outlook”.

In the “Servers” section, select the “Servers” subsection, select the Exchange server and double-click on it with the left mouse button.

Next, in the field “Specify the external hostname such as contoso.com that users will use to connect to your organization”, specify the name by which your mail server is accessible from the Internet. Then, in the “Specify the authentication method for external clients to use when connecting to your organization” menu, select “NTLM” and uncheck “Allow SSL offloading”.

Click on the “Save” button.

Now lets restart IIS.

On the keyboard, press the key combination “Win” and “X” and select “Windows PowerShell (Admin)” in the menu that opens.

Restart IIS with the command:

iisreset /noforce

IIS successfully restarted.

Now configure the ability to receive mail.

In the “Mail Flow” section, select the “Receive Connectors” subsection, select the “Default Frontend HEVA-SERVER-2” receive connector, where HEVA-SERVER-2 is the name of my Exchange server. Then double-click on it with the left mouse button.

In the “General” section, in the “Maximum receive message size” field, you can configure the maximum allowable size of mail attachments for receiving.

In the “Security” section, check for the presence of a checkmark in the “Anonymous users” item.

Click on the “Save” button.

Now create a new user with a mailbox.

In the “Recipients” section, select the “Mailboxes” subsection.

Click on the “+” button and select “User mailbox”.

Now specify an alias, first name and last name for the new user.

Then you need to select the organization unit in which you plan to create a new user.

Click on the “Browse” button.

Select the OU in which you want to place the new user, and click on the “OK” button.

In the field “User logon name”, specify the login for the new user.

Next, specify a strong password and click on the “More options” button.

Now you need to select the database in which the mailbox for the new user will be created.

In the “Mailbox database” section, click on the “Browse” button.

Select the database for the mailboxes and click on the “OK” button.

Everything is ready to create a user with a mailbox.

Click on the “Save” button.

After the user with the mailbox is created, he will appear in the “Mailboxes” section.

Now you need to import the Exchange certificate into Trusted Root Certification Authorities on all computers in the domain.

Go to the domain controller, create a folder and copy the Exchange certificate into it.

In this guide, the certificate was copied to the “ExchangeCertificate” folder on drive “C”.

Go back to “Server Manager” on the domain controller, then click on the “Tools” button in the upper right corner of the screen and select “Group Policy Management”.

Now create a new group policy for importing the certificate into the “Trusted Root Certification Authorities” on all computers in the domain.

Right-click on the domain name and select “Create a GPO in this domain, and Link it here”.

Specify a name for the new group policy and click on the “OK” button.

Next, click on the new policy with the right mouse button and select “Edit”.

In the Group Policy Editor, go to the “Computer Configuration” section, then to the “Windows Settings” section, then find the “Security Settings” section and select “Public Key Policies”, now right-click on “Trusted Root Certification Authorities” and select “Import “.

Click on the “Next” button.

Next, you must specify the path to the Exchange certificate.

Нажимаем на кнопку “Browse”.

Go to the folder with the Exchange certificate and click on the “Open” button.

After the path to the certificate is specified, click on the “Next” button.

Next, leave the settings unchanged and click on the “Next” button.

Everything is ready to import the certificate into the “Trusted Root Certification Authorities” for all computers in the domain.

Click on the “Finish” button.

An Exchange certificate has been successfully imported into Group Policy Settings.

Click on the “OK” button.

After the certificate is imported into Group Policy settings, it will appear in the “Trusted Root Certification Authorities” section.

Now, all computers that fall under this policy will import the Exchange certificate.

Author

Hi, I’m Vladimir Mikhalev, but my friends call me Valdemar. I have a lot of experience in the design and maintenance of various information systems. On my website, you will find detailed and clear guides for setting up IT solutions. Dive into the ocean, full of positive and technology! For cooperation: callvaldemar@gmail.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.