Post-deployment steps - AWS Launch Wizard

Post-deployment steps

The following are the recommended post-deployment steps for Exchange Server on AWS.

(Optional) Run Windows Updates

To help ensure that the deployed servers' operating systems and installed applications have the latest Microsoft updates, run Windows Update on each server.

Install Windows Updates on your RD Gateways using public IP addresses

To install Windows updates on the RD Gateways with their public IP addresses:

  1. Identify the public IP addresses for the RD Gateways, from the Amazon EC2 console.

  2. Use the public IP of the RD Gateway to connect to the instance.

  3. On the taskbar, open the Start menu, and choose Settings.

  4. In the Settings application, choose Update & Security

  5. Choose Check for updates.

  6. Install any updates, and restart if necessary.

Install Windows Updates on your Exchange Servers by connecting through an RD Gateway or bastion host

To install Windows updates on the Exchange servers by connecting from within a public resource such as an RD Gateway or bastion host:

  1. Identify the public IP addresses for the public resource, and also the private IP addresses of the Exchange servers, from the Amazon EC2 console.

  2. Use the public IP of the public resource to connect to the instance.

  3. From within the RDP connection to the public resource, use the Exchange server's private IP addresses when creating subsequent RDP connections.

    Note

    You will use the nested RDP session within the public resource to the Exchange servers for the remaining steps.

  4. On the taskbar, open the Start menu, and choose Settings.

  5. In the Settings application, choose Update & Security

  6. Choose Check for updates.

  7. Install any updates, and restart if necessary.

Create database copies

Launch Wizard for Exchange Server creates a database availability groups (DAG) and adds the Exchange nodes to the DAG. As part of the Exchange Server installation, each Exchange node contains a mailbox database. The first node contains a database called DB1, and the second node contains a database called DB2.

As part of configuring high availability for the mailbox roles, you can add mailbox database copies on the other Exchange nodes. Alternatively, you can create entirely new databases and only then create additional copies.

Add-MailboxDatabaseCopy -Identity DB1 –MailboxServer ExchangeNode2 -ActivationPreference 2 Add-MailboxDatabaseCopy -Identity DB2 –MailboxServer ExchangeNode1 -ActivationPreference 2

(Optional) Creating a DNS entry for the load balancer

If you chose to deploy a load balancer, these steps guide you through creating a DNS entry so that traffic can be distributed to your Exchange nodes.

To create a DNS entry for a load balancer
  1. If you chose to deploy a load balancer, it will have an endpoint address such as elb.amazonaws.com.

  2. To use the load balancer with your Exchange namespace, create a CNAME record in Active Directory that points to the load balancer.

  3. Before proceeding, go to the Amazon EC2 console and, under Load balancer, select the load balancer that Launch Wizard created.

  4. Copy the value listed under the DNS name as shown in the following image:

    An image of the load balancer DNS name.
  5. To create the DNS record, connect using Remote Desktop to one of the domain controllers using domain credentials, and open the DNS console by going to the Start menu and typing DNS.

  6. In the DNS console, navigate to the Active Directory zone, open the context (right-click) menu on the zone, and select New Alias (CNAME), as shown in the following image:

    An image of creating a CNAME record - part 1.
  7. For Alias Name, specify an entry such as mail, and for fully qualified domain name (FQDN) for target host, paste the value of the load balancer endpoint. The following image shows example entries:

    An image of creating a CNAME record - part 2.
  8. Verify that the DNS entry is resolved successfully by using a computer that should be able to resolve the entry with your Active Directory domain name. On the taskbar of such a resource, open the Start menu, and type cmd. In the command line window, use the name of the CNAME record you created in place of mail, and your Active Directory domain name in place of example.com:

    nslookup mail.example.com
  9. Check that the record resolves to the load balancer DNS record, such as in the following image:

    An image of verifying the CNAME DNS record resolution.