Home 

Dutch

 

Complete version Server 2016 and Exchange 2016

This article describes step-by-step how to install Server 2016 and Microsoft Exchange 2016  

How to fix the red dashboard after install exchange mail with KB 3206632


Server 2016

Register Domain Name. DNS forwarding
Preparations Exchange mailserver


Exchange mailserver

HTTP error 500


Create mail accounts for clients

Change domain name

Password does not work, reset (video)

Recovery point server 2016

Provide a C, D and E partition

C for OS Server 2016 (75gb)
D for Exchange (40gb)
E for the (other) software you are going to install. (100gb)

On E is the following software.




Folder Exchange with the unpacked ISO from Exchange
Map Exchange preprocessing with API 5 or higher and Framework NDP 452
Map Update KB3206632 for Exchange
Map Windows 10 with 32 and 64 bits
Map Drivers from the server
Map with ISO Office 2016
Map with tool to activate KMS (MAK) licenses for Office

Partition C and D must be empty and the ISO of Exchange must be copied from the E to the D.
Unpack that iso with 7zip
The filename of that folder needs to be Exchange.

Boot Dell Poweredge T410 from usb flash drive?
Install Server 2016 with USB or PXE server

There are 2 USB ports on the motherboard.
There you can insert a bootable USB stick.
Start the server and click on F11 and then choose Hard (USB drive)
But installing
from a PXE server is a bit faster.

For the server and the exchange mailserver you need to have a working domain (website) with associated email addresses.
If you still see komputerhulp in the text or on the images, it should be komp-u-ter-hulp.nl


Windows Server 2016 Installation

We are installing new Server 2016 OS and in the article, you can find step by step installation process.

We have minimum hardware requirement for install Server 2016.

You can find system requirements of Server 2016 in the link.

And you can find your hardware compatibility with Server 2016 here.

  Jump

 

Installation started now, this screen you can able to configure language, region and time, keyboard settings. We should configure correct settings here and then select “Next” for continue.  

  

You should select “Install Now” in coming screen.



  

We can choose the Server 2016 version on this menu. We need Server 2016 Standard with GUI so selected 
Server 2016 Standard (Desktop Experience).

Also, if you need to install Server 2016 without GUI you should select “Windows Server 2016 Standard” here. Further Windows Server 2016 has different edition: Datacenter, Standard and Essentials editions.

You can check here for Comparison of Standard and Datacenter editions of Windows Server 2016 Jump

And here detailed information about editions of Server 2016 Jump.

  

We can see the licence terms on this screen, select “I accept Licence Terms” then click Next to continue. Choose desktop version

  

Select “Custom: Install Windows only (advanced)” here because we will do a clean installation OS. But if you need an in-place upgrade you should select “Upgrade: Install and Keep files, settings and applications” here. This option suitable for supported OS, features, services and roles. But keep in mind you should not prefer in-place upgrade for critical roles like Active Directory Directory Services, etc.

We can select and configure disc information on this screen.
(You can set the installation disc, size, etc.) Use default settings here .
  Beschrijving:

You can see that the necessary files are copied and the installation process is running on this screen.

  

The installation process is done and rebooting.

Screen showing that the necessary settings were made before the server was started.

 


We can set a password for the local administrator account. You should configure a secure password for local admin.
 

  

On the login screen, we can login with “Administrator” account and related password.  

  

And finally, you can see new Server 2016 interface. It’s similar to old Server 2012 interface but there are a lot of new features coming with Server 2016.  

You should fully patch new Server 2016 before you add or configure roles, services  

After the installation of Server 2016, D and E may have been swapped.
Restore that at disk management
Type:  computer  and then click disk management.

Video card
Install the video card for the 2 screens (see the driver on E)

ISO Exchange on D
Delete all data on D.
Copy the ISO from Exchange to D (from E)
Unpack the ISO with 7zip
Change the name of the folder in Exchange

Password not expire
Can only be set when the active directory is working.

Configure network
Leave
only the Wan cable in (LAN cable out) so you can see what the right adapter is.
The LAN adapter will then show a red cross.
Change the name of that adapter to LAN
And the 2nd in WAN
Reconnect the cable.

Type CMD and click CMD.exe
Type:  ipconfig
View provided IP address
Stand on the working adapter

Enter fixed static IP
Go to settings
Ethernet adapter options
Change

Wan
On the internet adapter (not the LAN)
Properties






Automatically assign IP address

Lan

Click on the second adapter (LAN)
Connect the cable
Click on the adapter
Properties
Click on IPV4 and Properties
Type IP address

   


192.168.101.11255.
255.255.0
Leave line 3 and 5 empty

Go to services
Disable updates (temporary, turn on later)

Disable firewall
Type firewall and turn it off.

Disabling irritating messages Explorer
Server Manager
Local server.
Enchange security configuration
Click on on and set that to off.

Volume license (MAK)
Click top right on Manage
Ad rolls and feautures
Next, next
Server roles

And then tick Volume Activation Tools and do the same with Windows Deployment Services.

Do the same at Network Policy Services

Click through and then install.
Then click on the yellow flag above.
Configure Volume Activations tools.
You can ignore that, we don't have a KMS volume license key, but we will do the MAK Activation later.

Go to network and sharing center
Network discovery should be on.
If not, change that.
Check that again!
If it jumps back to off
Type in the search window: services.msc
There should be 3 services on automatic.
1)
Function Discovery resource
2) SSDP discovery
3) UpNp device hos

If you don't have internet, click on the Wan adapter



That may work, but it's actually not good.
It should be like this, but you can change it later when adding the clients
For now you have internet and you can continue.




Even if it looks like you don't have internet, open a browser.
It sometimes reacts rather slowly.

Verify that Server 2016 is activated
Click on the start button with your right mouse button and then on system.





The Multiple Activation Key (MAK) license has activated the software.
If not, you can still enter the product code.

Activate with a single license  
1 open CMD
2 type the following command:  slmgr /ipk
3 type behind /ipk with a space the product code xxxxx-xxxxx-xxxxx-xxxxx
4 press enter, note: you will not get a response from that CMD
5 when it works you will get a message that the product code is installed. 

Reboot!
And then check that 2016 is activated.

Disable auto lock function (screen saver)

  1. Right-click on the desktop and then click Personalize.
  2. Click 'Lock screen'.
  3. Click 'Screen timeout settings'.
  4. Choose Never


Roles & Features
Install one by one

1) Active Directory Domain Services




But that's not the only thing
There's quite a bit behind it.




You have to tick all that

Click on automatic restart after installation

Configure:
If the server does not restart automatically, do so yourself.

After the restart, click on that yellow triangle



Add a new forest: kompserver.nl

The following parts each need some time.
So please be patient before you can click or type anything
This is not work for nervous people.

 



DNS wil be automatically installed and configured
Ignore error message.
Click on show more.

Then it is indicated that this error message has to do with the presence of the active directory you just installed.



The NetBios domain name is automatically configured, just wait a moment

 


Just wait and you'll get the message that the server is going to restart

Go back to server roles

1) Click on DHCP
2) Click on Remote Access and then click on Routing

Reboot.
That could take a while. 
Click on that yellow triangle: Complete DHCP installation, or you will see the following immediately.





Click on the yellow triangle
Getting started Wizzard

That leads to nothing. Regardless of what you enter
Skip

Go to Tools and click on DHCP with your right mouse button.




Klick on ipv4


Click on ipv4 with your right mouse button
New scope


Scope name: DHCP
Discription leave blank

Start IP: 192.168.101.100
End IP:  192.168.101.150 
Length: 24
Subnet mask: 255.255.255.0


Leave empty

Router default gateway
Check if the IP is correct: 192.168.101.11
That' your router's ip address
Click Add

 

Parent domain: kompserver.nl


WINS servers: 
Leave Server name and ip blank. next



Yes activate scope, finish

Password never expires

See the instructions

Tools
Click on Routing and remote access (that red arrow) with your right mouse button
Configure...



Reboot the server

The Wan setting isn't right yet.
You probably don't have internet now
Click on the Wan adapter



At first it worked, but after DHCP it didn't.
It should be like this, change that and see if you have internet.




Even if it looks like you don't have internet, open a browser.
It sometimes reacts rather slowly.

No internet yet?
Check if those 3 services are still on automatic.
1)
Function Discovery resource
2) SSDP discovery
3) UpNp device hos


Password never expire.

Add client
On computer client 1 and 2
click start
click on control panel
click on user account
click on change
click on login options
Add password 

It can take a while before the clients have internet
Access can be fast, but 15 minutes is no exception.
If nothing happens, restart the server.

Add clients on server:
Tools: Active Directery Users and Computers
Click on that user image









Now create Ernie as a user.

Check if remote access is ticked on the server



 

If the clients have been added before then you have to remove them from the domain.

Click on This PC, Properties

Right click on Change settings




Klick on change (wijzigen)



Click on Domain and then type kompserver.nl
Do the same for Bert.
Restart the clients

Add: on client!
This PC
Right mouse button
Properties

Click left on advanced system settings

 


Click on Allow external connections.
Do the same at the server

Check the network adapter on the clients



Office 2016 standard on server
Install Office
After installation, restart Office setup again
Change product key
Type product code.
Click on Word
If it's okay, you'll see the activation screen.
Reboot the server

Excel doesn't work.
In the search window, type:  regedit
Go to File, find,
Type:  DontRefresh
Change Dword value from 1 to 0

Set service update to enable and get the (latest) updates.
  
Create an image of C.

(Step 1 of C)
Macrium-Reflect Free does not work on a server.
However, you can use the boot rescue CD to create an image and restore it.

Set up another domain name.
The following procedure applies if you need to change the domain name due to the change of the company name, a merger or other reason. 
Change Domain Name

Domain registration
DNS forwarding

You need a registered domain.
In this case kompserver.nl whose DNS must be forwarded to the IP address of the company.
A static address of the provider (isp)

In this case 83.86.73.21

It's about:

mail.kompserver.nl (Vimexx IP address)
mail (Ziggo incoming IP address)
pop (Ziggo incoming IP address)
smtp (Ziggo incoming IP address)

NS1 (Vimexx)
NS2 (Vimexx)
NS3 (Vimexx)

MX mail (10 mail.kompserver.nl)


 

 

0% loss

Below you see 2 servers because it is not recommended to configure Exchange and the company server on 1 machine
In order to configure the Mailflow the Wan needs to be connected directly to the Exchange server because the domain is forwarded to the DNS of that server.
Instead of connecting that server directly to the Exchange server it is sufficient to use a hub.

Disadvantage is that if the Exchange doesn't have a network the rest won't work either.
This can be solved by forcing the Ziggo IP address to the server.
Upgrading to Ziggo Business Pro gives 5 IP addresses so you can connect multiple servers to it.
This means that you also need to create a number of subdomains and then you need to activate LD-LDS (Lightweight Directory) as a role. But that has probably already happened because that's why you get a remark with the yellow flag that ADAM is not enumerated and that refers to the fact that you haven't created subdomains yet.
The following is a possible solution, but it means that the server has to work.
With restarting, the rest has no internet.    


   

Netwerk agemeen = Network general

You can also only use the Exchange with Server 2016 (on 1 machine) with a hub/switch.

 

If you forward Ziggo's IP address to the server, you can use the network as it is now.




Server 2016 can be installed on a server without forwarding.

The preparations for Exchange and Exchange itself.
Then you move the harddisk to the server with the forged DNS and configure the mailflow.

Forwarding the Ziggo Wan
to the DNS of the Exchange server.

Then you also have to forward port 25 by adding a rule in the menu of the PF Sense Firewall  or the router.

Check if Bert and Ernie are registered under the new domain name and those clients have internet.
If not, you need to reconfigure the old-add clients because of that changed domain name.



 

 

 

 

 

 

Preparations Exchange Mail Server


Create an Exchange folder on D
Put the Exchange ISO in there if it is not there.
Unpack the ISO with 7 zip in the folder
The name of the folder has to be Exchange

It is recommended to have a C (OS), a D (Exchange), and an E (Software).
On that E partition you will find all the already downloaded software you need.

If all of this is already there, you don't have to download anything and you can 

1
Install Media Foundation Feature
Launch Server Manager (ServerManager.exe), navigate to Manage → Add Roles and Features→ Next → Next → Features → Scroll Down → Select Media Foundation → Next → Install.

2
Install API 4 & API 6 or higherUnified
 Communications Managed API 4.5.2. Runtime.

3
 Install NET Framework 4.7.1

The Remote Tools Administration Pack.

4
Install Framework 3.5In
 PowerShell c:\administrator

Install-WindowsFeature Net-Framework-Core -source \\network\share\sxs

5
Install Visual Studio 2013 C++

6
Install update KB3206632
(takes about 45 minutes)


Open Windows PowerShell.  

Here it is assumed that you have the unpacked ISO in the Exchange folder on D!


The ADSI below has not (yet) proved necessary.
You can skip that. Continue
here

  1. Open Active Directory Service Interfaces (ADSI) Edit. To do this, click Start, click Run, type ADSIEdit.msc, and then click OK.
  2. After the ADSI Edit window is loaded, right-click ADSI Edit in the navigation pane, and then click Connect To.
  3. In the Connection Settings window, click Select a well known Naming Context in the Connection Point area, and then click Schema.
  4. Expand the Schema [DC.domain.com] node, and then click CN=Schema, CN=Configuartion,DC=domain,DC=com.

In the result pane, right-click CN= ms-Exch-Resource-Schema, click Property, and then change the value of the lDAPDisplayName attribute to msExchResourceSchema


 

 

Right mouse button on properties




Go to Display name and edit
CN= ms-Exch-Resource-Schema




Click on the start button at the bottom left and search for PowerShell, then click on Windows PowerShell.

We set the installation directory of Exchange to D under that name.

 

Open PowerShell and navigate to the folder where the installation files of Exchange 2016 are located.
cd
d:\exchange

This can take a while per command.

Enter the command below:
Install-WindowsFeature RSAT-ADDS



  
If you see >> press enter  

cd d:\exchange

To install the Features, run the cmdlet below.

 

Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, ADLDS, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS
  





D

You can use the Lightweigth Directory wizard if you have Ziggo Business Pro.
Then you get 4 extra IP addresses, with which you can also forward to the DNS of other servers with subdomain names.

cd d:\exchange

To perform the schedule update, run the cmdlet below:
Don't forget the point at the front


.\setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms
 

Active Directory Schema update is finished.

To make the Active Directory suitable for Exchange 2016 the cmdlet below needs to be executed. When the scheme update hasn't been executed yet it will still be executed in this step. In this step you will need to specify the Organization Name.

The Organization Name cannot be changed afterwards, so choose a name you are satisfied with until the end!

Run the cmdlet below.
You need to replace the command line name company between the brackets below for the organization name.

Copy that line to Notepad and change the company name to the desired one, then paste that line into PowerShell.

.setup.exe /PrepareAD /OrganizationName: "company name" /IA\cceptExchangeServerLicenseTerms


In this case

cd d:\exchange

Don't forget the point at the front

.\setup.exe /PrepareAD /OrganizationName:"kompserver" /IAcceptExchangeServerLicenseTerms



Preparing the Active Directory has succeeded.

All preparations for the Active Directory have now been completed. To be able to install Exchange 2016 a number of Features will be installed.  

 

Reboot the machine.
Then you'll see a warning
  

Installing the Exchange 2016 Mailbox Role in Power Shell

cd d:\exchange

Make sure you copy the first point of the following command line with it 

 

./Setup.exe /Mode:Install /IacceptExchangeServerLicenseTerms /Role:Mailbox /CustomerFeedbackEnabled:False /TargetDir:”D:\\Exchange\\” /DbfilePath: “D:\\ExchangeDb\\” /LogFolderPath:”D:\\logs\\”


 

If all goes well you can do the assignment below.

 

 
If you can login with administrator and password then the installation succeeded and you do not have to do the following with that setup
Continue here

The Exchange Server setup operation didn't complete
There may be a lack of space on the D.
 It has to be 25-40 gb
.

If you have enough space then you have to run setup from D again

Open setup.exe in the installation directory of Exchange 2016. 
So not the exchangeserver file but the setup.exe which is located at the bottom.


It can also take a long time before you get the following in view


Check Connect to the Internet and check for updates, then click Next. After that the updates will be downloaded, if no updates are available this will be indicated. Next the installation files will be copied to a temporary folder.

  • Click on Next to start the installation.


Of course we read the 'License Agreement' and of course we agree with it;) Click on Next

  • Select Use Recommended Settings and click next


 

 

If you get error messages in Readiness Check after this, restart your setup and choose  do'nt use recommended settings

 

  • In the next step, it is important to consider what choice you are going to make. A mailserver suffices with the Mailbox Role. 
    Select only this option and click on Next.

Edge Transport Role

The Edge Transport Role is an optional feature for added security and provides a secure email flow for inbound and outbound email traffic. This becomes important when the mail server is placed behind a DMZ. Unwanted programs and viruses are kept out. Although it's not as strong as other similar products like Exchange Online Protection, it's certainly worth considering if you want to add this functionality to your mailserver. 

 

  • If necessary, change the installation location of Exchange 2016. Consider placing Exchange 2016 on a C:\ drive and the Transport Queue and Database on another partition with more storage space and disk performance. For this I would like to refer you to an article from Microsoft: Change the location of the queue database. Click on Next.

 


If you have followed the initial steps of this tutorial, you will not be able to choose an Organization Name now, as we have already prepared this. If you didn't follow these steps you will have to choose an Organization Name in the next dialog box. Then click on Next.

If it has been prepared properly, you will
not see the image below.


 

Select No and then Next. If you are using your own anti-virus and/or spam software, this option can be disabled. This can also be changed afterwards

 

  • It checks whether the server meets the requirements. That is now the case, click on Install. The installation of Exchange 2016 will start, this may take a while depending on the speed of the server.

 

The warnings are not errors but relate to not being able to upgrade Exchange 2010 and 2013 because that installation isn't there.
You can ignore that

After the installation click Finish, restart the server and you can start using Exchange 2016.

At least if you don't get an error message from the internet page you want to access. 

It may be that you do get an error, and then you need to download and install a newer version, higher than API-5.0, (
ucma-runtime). Or even a lower version like API-4, but that will be in the text.
Then you have to restart the server after that installation.
And then things will change again with the reboot and you will have to reboot again after that.


How
to Resolve the HTTP 500 Error in Exchange Server 2016
The following has happened once and not anymore with more recent installations.
Below what to do when you will have to deal with this.

See the Video. But at that rate you'll be ready for server 2028 soon.

It boils down to the following:

Open Exchange, which is at the top of the start menu.

Wait a minute, and then that yellow script ends with: 
Verbose: connected to


Enter the following command lines.
The first one seems wrong, because it opens with ' but doesn't close with it.
But enter them one after the other without the numbers.


1  Remove-OwaVirtualDirectory 'win2\owa <Default Web Site>

2  Remove-OwaVirtualDirectory 'win2\owa <Default Web Site>'


3 Remove-OwaVirtualDirectory 'win2\owa <Default Web Site>'.

4 New-

5 New-OwaVirtualDirectory -WebSiteName 'Default Web Site

6 The last command is not visible because of the arrow but it is: exit


And then comes that yellow script that ends with:
Verbose: connected to kompserver.nl

Click on management shell






Reboot the server

 

Activate the software before continuing.

 

And then you have to update server 2016 (settings, update)
Reboot the server
Then update again.

Probably you will get a number of updates after that Search for updates again.
Reboot.


Go to the Administrative Center


 

 

You will get a screen where you have to log in.
Or open Explorer (no other browser) and paste that URL to validate your installation.

https://localhost/ecp

You should expect the output as shown in the following screenshot



This may take a while
Ignore the security warnings from Explorer


Continue


Click on Servers



Stand on that black bar

And then click on the pencil




Enter the product code



 

Restart
Look for updates, and restart again.

Create an image of C (step 2 of C)
And an image of D
(step 2 of D)

Create mail clients
Click on Tools at the top right
Active directory users and computers


Next you go to add the contacts
Go to tools, here you click on Active Directory Users And Computers
Here you go: compserver and click on the icon with a puppet and an asterisk.
You will be given the option to change your password when you first log in or continue to use the password you have entered.
Choose to continue using the password you entered.

 



Instead of komp-u-ter-hulp.nl you fill in kompserver




    
As soon as the contacts are added you go to the start:
Here you go to the folder exchange mail server
- Here you click on exchange administrative center
- Here you log in with your data.




You may receive a warning that the website is not secure but you click on more options and then continue anyway. This will take you to an email page where you can log in with the details you have given your contact person.

If you are logged in to Exchange mail server then go to Mail Flow




In Mail Flow you go to send connectors
-
Click on the plus
-Here you choose the option internal with the name kompserver
-
here you go through the menu for the rest.


 

Fill in by name: kompserver

Choose internet   

Ignore error message and click through

Then you go to Servers






Here you click on the pencil and create a server
In that menu you go to outlook anywhere

-   

The first line is: mail. komp-u-ter-hulp.nl kompserver.nl
The following line becomes kompserver.nl

-

        

 After this step you go in the folder server to virtual directories





 

On screen it must be compserver



Here you can limit the mail with attachments to at least 10MB
Explained
how to set it to less than 10 mb.

 

 

kompserver.nl



More about configuring external urls (info only)

Once this is done, you can go to the internet on the clients' PCs and enter the internal server: https://mail.kompserver.nl/owa.

You may receive a warning that the website is not secure but you click on more options and then continue anyway. This will take you to an email page where you can log in with the details you have given your contact person.

Now mail can be sent there again.
If you want to maximize the attachment of mail file to 2 MB type the following, in exchange management shell:
Set-TransportConfig -MaxSendSize 2MB -MaxReceiveSize 2mb  
 

p

 

If this went well and you would send an attachment larger than 2 MB with the mail, you will get this error message.


 

 

 

And the reason for that restriction includes the prevention of steganography

Running a website on the server is not recommended.
If someone manages to break through the website there is also access to the company data.
That's the first security that doesn't cost you a lot of effort.
You host that website externally or you create a subdomain
 with Lightweight Directory and run a separate web server on it.

Turn on the firewall