切换到宽版
  • 15668阅读
  • 2回复

[排错]广州某公司Exchange2013安装与调试 [复制链接]

上一主题 下一主题
 

只看楼主 倒序阅读 0楼  发表于: 2013-08-22
小编这两天整理共享排错贴时发现,居然没有Exchange2013的case,小伙伴们也惊呆了。借着中元节的晚上不敢出门就在家更新一篇。
广州一同行前些天求助,说他们家的exchange2013安装失败了。报错如下:

我问他要exchangesetuplog,他贴给我
[08/13/2013
08:19:49.0162] [0] [ERROR] Setup encountered a problem while validating the
state of Active Directory: Active Directory 在
XXX.XXX.com 上的操作失败。为'XXX\Administrator'提供的凭据无效。

[08/13/2013
08:19:49.0255] [0] [ERROR] Active Directory operation failed on
XXX.XXX.com. The supplied credential for 'XXX\Administrator' is
invalid.

[08/13/2013
08:19:49.0255] [0] [ERROR] The supplied credential is invalid.

[08/13/2013
08:19:49.0271] [0] Setup will use the domain controller ''.

[08/13/2013
08:19:49.0271] [0] Setup will use the global catalog ''.

[08/13/2013
08:19:49.0333] [0] No Exchange configuration container was found for the
organization. Message: 'Active Directory 在
XXX.XXX.com 上的操作失败。为'XXX\Administrator'提供的凭据无效。'.

[08/13/2013
08:19:49.0349] [0] The following roles have been unpacked:

[08/13/2013
08:19:49.0364] [0] The following datacenter roles are unpacked:

[08/13/2013
08:19:49.0364] [0] The following roles are installed:

[08/13/2013
08:19:49.0380] [0] The local server does not have any Exchange files installed.

[08/13/2013
08:19:49.0411] [0] Server Name=KMMAIL

[08/13/2013
08:19:49.0489] [0] Setup will use the path 'D:\exchange2013\yj' for installing
Exchange.

[08/13/2013
08:19:49.0505] [0] The installation mode is set to: 'Install'.

[08/13/2013
08:19:50.0502] [0] Setting organization name to 'contoso'.

[08/13/2013
08:19:50.0502] [0] Active Directory Initialization status : 'False'.

[08/13/2013
08:19:50.0502] [0] Schema Update Required Status : 'False'.

[08/13/2013
08:19:50.0502] [0] Organization Configuration Update Required Status : 'False'.

[08/13/2013
08:19:50.0502] [0] Domain Configuration Update Required Status : 'False'.

[08/13/2013
08:19:50.0533] [0] Applying default role selection state

[08/13/2013
08:19:50.0643] [0] Setup is determining what organization-level operations to
perform.

[08/13/2013
08:19:50.0643] [0] The command-line option preparead has been specified.

[08/13/2013
08:19:50.0643] [0] Because the command-line option preparead was specified,
setup is adding the argument PrepareOrganization.

[08/13/2013
08:19:50.0643] [0] Because the command-line option preparead was specified,
setup is adding the argument PrepareDomain.

[08/13/2013
08:19:50.0643] [0] Because the value was specified, setup is setting the
argument OrganizationName to the value contoso.

[08/13/2013
08:19:50.0643] [0] Setup will run from path 'C:\Windows\Temp\ExchangeSetup'.

[08/13/2013
08:19:50.0658] [0] InstallModeDataHandler has 1 DataHandlers

[08/13/2013
08:19:50.0674] [0] RootDataHandler has 1 DataHandlers

[08/13/2013
08:19:50.0689] [0] Setup encountered a problem while validating the state of
Active Directory: Active Directory 在 XXX.XXX.com 上的操作失败。为'XXX\Administrator'提供的凭据无效。

如果不是登陆账户权限的问题,那就是域的问题了,DCDIAG的报错如下

这个错误经查是可以忽略的。。。
在查不出任何环境问题的情况下,我大胆地直接安装Exchange2013了。
这里似乎有个陷阱,按照exchange2013的安装向导直接安装就会出现如第一张图的报错。
必须先完成两个准备工作:

Import-Module ServerManager

Add-WindowsFeature Desktop-Experience, NET-Framework, NET-HTTP-Activation, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Web-Server, WAS-Process-Model, Web-Asp-Net, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, , Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI

相关资料:http://technet.microsoft.com/en-us/library/bb691354(v=exchg.150).aspx

装好之后,配一个send connector就可以外发邮件了。
该同行还有安装Exchange证书的请求。但系统又报错了:

考虑到之前同行说在Exchange服务器上安装证书服务器的时候系统崩溃了。我不大敢往邮件服务器上装CA角色。所以建议他起一台服务器做CA。甚至不用配置达到域功能级别,做个成员服务器就可以了。
他听取了我的建议。上图的报错是因为在申请证书时直接选择了在邮件服务器上生成exchange证书,然而Exchange subsystem的账号在共享的位置上又没有读写权限。
用成员服务器建立CA的好处是不用怕影响到其他应用。而且选择的服务器不用达到域的功能级别。
在Exchange服务器上生成证书请求后,发送到https://CASERVER/certsrv上,获取到证书,然后将其为IIS,smtp或者POP启用。这里插一句话,自签名的证书是不能用在Outlook Anywhere上面的(Outlook2010及以上版本),哪怕是手动在客户端安装根证书。

当然如果CA服务器不活,证书就会立马变成无效状态。

整个CASE解决下来没什么难点,说明Exchange的发展趋势是越来越简单化大众化。
Exchange中文站10周年献礼。Exchange2016中文视频教程热销中:edu.exchangecn.com/course/12
分享到

只看该作者 1楼  发表于: 2013-08-22

只看该作者 2楼  发表于: 2013-08-27
版大,我也有一个问题要分享。
我们一起妖怪哦。
快速回复
限60 字节
 
上一个 下一个