码迷,mamicode.com
首页 > 其他好文 > 详细

Exchange Server 2010 全新部署篇九:CAS&HUB中客户端访问功能配置篇

时间:2016-07-15 17:29:49      阅读:184      评论:0      收藏:0      [点我收藏+]

标签:客户端   users   

1.创建CAS阵列

[PS] C:\Users\wangtingdong.admin\Desktop>New-ClientAccessArray -Fqdn Mail.DouBiOA.Ren -Name ‘Mail.DouBiOA.Ren‘ -Site ‘PEK1‘
Name                Site                 Fqdn                           Members
----                ----                 ----                           -------
Mail.DouBiOA.Ren    PEK1                 Mail.DouBiOA.Ren               {PEK1-CHS-01, PEK1-CHS-02}

技术分享

2.申请多主机头证书

New-ExchangeCertificate -SubjectName "c=CN,s=Beijing,o=DouBi,cn=Mail.DouBi.Ren" -DomainName Mail.DouBi.Ren,mail.DouBiOA.Ren,ex.DouBi.Ren,ex.DouBiOA.Ren,autodiscover.DouBi.Ren,autodiscover.DouBiOA.Ren, pop.DouBiOA.Ren,pop.DouBi.Ren,imap.DouBiOA.Ren,imap.DouBi.Ren,PEK1-CHS-01.DouBiOA.Ren,PEK1-CHS-02.DouBiOA.Ren,cas.DouBiOA.Ren -FriendlyName MailCert -GenerateRequest:$True -Keysize 2048 -PrivateKeyExportable $true | Set-Content -Path "D:\MailCert\MailCert.req”

技术分享

技术分享

技术分享

技术分享

导入证书

[PS] C:\Users\wangtingdong.admin\Desktop>Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path D:\MailCert\certnew.cer -Encoding byte -ReadCount 0)) -FriendlyName “MailCert"

技术分享

获取证书指纹

[PS] C:\Users\wangtingdong.admin\Desktop>Get-ExchangeCertificate

技术分享

为多主机头证书分配置服务

[PS] C:\Users\wangtingdong.admin\Desktop>Enable-ExchangeCertificate -Thumbprint BE73EEFBC8320A119A0F6C5A0029E99E95D0C87A -Services ‘IIS,IMAP,POP,SMTP‘ -Server ‘PEK1-CHS-01‘

技术分享

导入多主机头证书

技术分享

技术分享

技术分享
将多主机头证书导入至PEK1-CHS-02

技术分享

技术分享

技术分享

技术分享

技术分享

为PEK1-CHS-02绑定服务

[PS] C:\Users\wangtingdong.admin\Desktop>Enable-ExchangeCertificate -Thumbprint BE73EEFBC8320A119A0F6C5A0029E99E95D0C87A -Services ‘IIS,IMAP,POP,SMTP‘ -Server ‘PEK1-CHS-02‘

技术分享

测试证书生效结果:

技术分享技术分享

技术分享

技术分享

技术分享

技术分享

修改OWA登录验证方式,执行如下命令:

[PS] C:\Users\wangtingdong.admin\Desktop>Set-OwaVirtualDirectory -LogonFormat ‘UserName‘ -DefaultDomain ‘DouBiOA.Ren‘ -Identity ‘PEK1-CHS-01\owa (Default Web Site)’

以管理员方式运行CMD,执行如下命令:

技术分享
[PS] C:\Users\wangtingdong.admin\Desktop>Set-OwaVirtualDirectory -LogonFormat ‘UserName‘ -DefaultDomain ‘DouBiOA.Ren‘ -Identity ‘PEK1-CHS-02\owa (Default Web Site)’

修改OWAURL设置,执行如下命令:

Set-OwaVirtualDirectory -InternalUrl ‘https://mail.DouBiOA.Ren/owa‘ -ExternalUrl ‘https://mail.DouBi.Ren/owa‘ -Identity ‘PEK1-CHS-01\owa (Default Web Site)’

Set-OwaVirtualDirectory -InternalUrl ‘https://mail.DouBiOA.Ren/owa‘ -ExternalUrl ‘https://mail.DouBi.Ren/owa‘ -Identity ‘PEK1-CHS-02\owa (Default Web Site)’

修改autodiscover配置,命令如下:
Set-ActiveSyncVirtualDirectory -InternalUrl ‘https://mail.DouBIOA.Ren/Microsoft-Server-ActiveSync‘ -ExternalUrl ‘https://Mail.DouBi.Ren/Microsoft-Server-ActiveSync‘ -Identity ‘PEK1-CHS-01\Microsoft-Server-ActiveSync (Default Web Site)’

Set-ActiveSyncVirtualDirectory -InternalUrl ‘https://mail.DouBIOA.Ren/Microsoft-Server-ActiveSync‘ -ExternalUrl ‘https://Mail.DouBi.Ren/Microsoft-Server-ActiveSync‘ -Identity ‘PEK1-CHS-02\Microsoft-Server-ActiveSync (Default Web Site)’

启用outlookanywhere功能,命令如下:
enable-OutlookAnywhere -Server ‘PEK1-CHS-01‘ -ExternalHostname ‘mail.DouBi.Ren‘ -DefaultAuthenticationMethod ‘Basic‘ -SSLOffloading $false
enable-OutlookAnywhere -Server ‘PEK1-CHS-02‘ -ExternalHostname ‘mail.DouBi.Ren‘ -DefaultAuthenticationMethod ‘Basic‘ -SSLOffloading $false

修改OAB配置,命令如下:
Set-OabVirtualDirectory -InternalUrl ‘http://mail.DouBiOA.Ren/OAB‘ -ExternalUrl ‘http://mail.DouBi.Ren/OAB‘ -Identity ‘PEK1-CHS-01\OAB (Default Web Site)‘
Set-OabVirtualDirectory -InternalUrl ‘http://mail.DouBiOA.Ren/OAB‘ -ExternalUrl ‘http://mail.DouBi.Ren/OAB‘ -Identity ‘PEK1-CHS-02\OAB (Default Web Site)‘

分别在PEK1-CHS-01及PEK1-CHS-02上启动POP3服务

[PS] C:\Windows\system32>Start-service MSExchangePOP3

技术分享

分别在PEK1-CHS-01及PEK1-CHS-02上启动IMAP服务

[PS] C:\Windows\system32>Start-service MSExchangeIMAP4

技术分享

调整POP3身份验证为“纯文本登录”,命令如下:

[PS] C:\Windows\system32>Set-PopSettings -Server ‘PEK1-CHS-01‘ -LoginType ‘PlainTextLogin‘
[PS] C:\Windows\system32>Set-PopSettings -Server ‘PEK1-CHS-02‘ -LoginType ‘PlainTextLogin‘

调整IMAP4身份验证为“纯文本登录”,命令如下:
[PS] C:\Windows\system32>Set-ImapSettings -Server ‘PEK1-CHS-01‘ -LoginType ‘PlainTextLogin‘
[PS] C:\Windows\system32>Set-ImapSettings -Server ‘PEK1-CHS-02‘ -LoginType ‘PlainTextLogin‘

Exchange Server 2010 全新部署篇九:CAS&HUB中客户端访问功能配置篇

标签:客户端   users   

原文地址:http://tingdongwang.blog.51cto.com/1056852/1826706

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!