Shulou(Shulou.com)06/02 Report--

This blog article enters the third part of the Exchange server 2016 installation and deployment series: the Edge Transport server installation and Edge subscription function configuration of Exchange server 2016. This article takes the edge server as an example to demonstrate the installation, which will act as the mailbox Edge Transport server role of Exchange server 2016. I hope to correct the imperfections of this article in the comments section. Thank you very much.

Brief introduction of Edge Transport Server

The Edge Transport server handles all inbound and outbound Internet mail flows for your Exchange organization by providing mail relay and smart hosting services. Agents running on the Edge Transport server provide additional mail protection and security layers. These agents can provide spam precautions and apply transport rules to control mail flow. All of these features work together to help minimize the threat of exposing internal Exchange to Internet.

Because the Edge Transport server is installed in the perimeter network, it is never a member of your organization's internal Active Directory forest and cannot access Active Directory information. However, the Edge Transport server requires data that resides in Active Directory, such as connector information for mail flows and recipient information for anti-spam recipient lookup tasks. This data will be synchronized to the Edge Transport server through the Microsoft Exchange EdgeSync service (EdgeSync). EdgeSync is a set of processes running on Exchange 2016 Mailbox servers to establish one-way replication of recipient and configuration information from Active Directory to Active Directory lightweight Directory Services (AD LDS) instances on the Edge Transport server. EdgeSync replicates only the information that the Edge Transport server needs to perform anti-spam configuration tasks and enable end-to-end mail flow. EdgeSync performs planned updates to keep the information in AD LDS up to date.

Multiple Edge Transport servers can be installed in the perimeter network. Deploying multiple Edge Transport servers provides redundancy and failover for your inbound mail flow. By defining multiple MX records with the same priority value for your mail domain, you can load balance your organization's SMTP traffic between Edge Transport servers. You can use cloned configuration scripts to achieve configuration consistency across multiple Edge Transport servers.

Computer preparation

1. Define the computer name as edge, the trust area ip 172.16.10.95, and the DMZ area ip 172.16.200.95

2. Add the changed computer to the DNS suffix domain

3. Create a new edge server DNS record in the DNS server server.itwish.cn

Exchange 2016 prerequisites

Windows Server 2012 R2 prerequisites for Edge Transport server role

Open Windows PowerShell.

Run the following command to install the necessary Windows components.

Install-WindowsFeature ADLDS

.net Framework 4.6.2 installation

Exchange 2016 Edge Transport Server role installation

Log in to the computer edge where you want to install the Exchange 2016 Edge Transport server role.

Navigate to the disk location of the Exchange 2016 installation files.

At the command prompt, run the command applicable to the organization.

Setup.exe / mode:Install / role:EdgeTransport / TargetDir: "C:\ ExchangeServer" / IAcceptExchangeServerLicenseTerms

Where role specifies the installation role and TargetDir specifies the installation directory

Restart the computer to complete the Exchange Edge Transport role installation

Edge subscription

Before subscribing Edge Transport servers to your Exchange organization, you need to ensure that your infrastructure and Mailbox servers are ready for EdgeSync synchronization. To prepare EdgeSync, you need to:

When the license Edge Transport server creates an Edge subscription, it captures the license information for the Edge Transport server. After the license key is applied on the Edge Transport server, you need to subscribe the subscribed Edge Transport server to the Exchange organization. If you apply the license key on the Edge Transport server after performing the Edge subscription process, the license information in the Exchange organization is not updated and you need to re-subscribe to the Edge Transport server.

Verify that the required port has the following ports open in the firewall for use by subscribed Edge Transport servers:

The SMTP port 25/TCP must be open for inbound and outbound mail flows between the Internet and the Edge Transport server and between the Edge Transport server and the internal Exchange organization.

Secure LDAP non-standard port 50636/TCP is used to synchronize directories from the Mailbox server to the AD LDS on the Edge Transport server. This port is a necessary condition for successful EdgeSync synchronization.

Verify that the DNS hostname resolution from the Edge Transport server to the Mailbox server and from the Mailbox server to the Edge Transport server is successful.

Configure the following transport settings to propagate to the Edge Transport server

The internal SMTP server uses the InternalSMTPServers parameter on Set-TransportConfig cmdlet to specify a list of the sender ID on the Edge Transport server and the IP address or IP address range of the internal SMTP server to be ignored by the connection filtering agent.

Accept domain configuration ownership authority domain, internal relay domain, and external relay domain.

The remote domain configures the settings of the default remote domain object (for recipients in all remote domains) and configures the recipient's remote domain object in a specific remote domain as needed.

On the Edge Transport server, create and export an Edge subscription file

1. Log in to the Edge Transport server edge as an administrator

2. Open the Microsoft Exchange Shell management interface and enter the following command to create and export edge subscription files.

New-EdgeSubscription-FileName "C:\ EdgeSubscription.xml"

On the Mailbox server, import the Edge subscription file

1. Log in to the mailbox role server exch01.itwish.cn as an administrator.

2. Import the edge subscription file EdgeSubscription.xml generated by the edge server to the local disk.

3. Open the Microsoft Exchange Shell management interface and enter the following command to create and export edge subscription files.

New-EdgeSubscription-FileData ([byte [] $(Get-Content-Path "C:\ Data\ EdgeSubscription.xml"-Encoding Byte-ReadCount 0))-Site "Default-First-Site-Name"

4. Automatic edge subscription will create the following send connectors:

A send connector, named EdgeSync-inbound to;, that is configured to relay messages from the Edge Transport server to the Exchange organization.

A send connector, named EdgeSync-to Internet;, is configured to relay messages from the Exchange organization to the Internet.

5. Running Start-EdgeSynchronization on the Mailbox server forces Edge subscription synchronization and starts EdgeSync immediately.

6. Test edge subscription status

At this point, the Edge Transport server role and Edge subscription feature are installed.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.