permiss Get—MailboxPermission —User Set—PopSettings -LoginTupe Plaintex t login [PS] C:\Documents and Settings\Administrator> Và kiểm tra bằng lệnh Get-PopSettings Phải xác nhận
Trang 14 Ỉ
CHIA SẺ - KINH NGHIỆM - HỌC TẬP - THỦ THUẬT HARDWARE AND SOFTWARE
Part 38 - ISA Server - Server Publishing
Publish SMTP, POP3, OWA
Tại máy Exchange Server (PC02) do mặc định Exchange đã tắt các dịch vụ POP3 và IMAP4 rồi (Xem lại bài Internel Protocol trong Exchange Server) nén ta phai vào Services bật các dịch vụ này lên
Xâ, Gervices
+ » l|E1| # lì là | @ mị › mm <
lâu Services (Local) | Name /
| Microsoft Exchange Mailbox Assista
8s Microsoft Exchange Monitoring
reMicrosoft Exchange POP3
| Status | Startup Type | Log On As |
Started Automatic Local System
Manual Local System Automatic Local System
Provides P Started
By Microsoft Exchange Se 84 Microsoft Exchange ReplicatiomSer The Micros dexer Drivesinde Started Started Automatic Automatic Local System Local System
8s Microsoft Exchange ice Host Provides a.,, Started Automatic Local System 8s Microsoft mê ystem Attend Providesm Started Automatic Local System
Ry Microsoft Exch Transport The Micros Started Automatic Network 5
Tiép dén ban vao Exchange Management Console chon Server Configuration -> Hub Transport để cấu hình SMTP chứng thực theo cơ chế Basic
fj Exchange Management Console
File Action View Help
© 2 | &1|m | Ê|Bm
tà Microsoft Exchange fu: Hub Transport
[+)-{28e) Organization Configuration
g- a Server Configuration ` Create Filter
3 he i
cả a = CƠ hưng Mame ^ | Role | Version
| ERE Ze SERVER Hub Transport, Client Acce Version 8
| ‘9 Unified Messaging G
fH % Recipient Configuration
‘8 Toolbox
SERVER
Receive Connectors
Name “+ Status
#2 BI nàn an\ (4z Enahled
®”l Default SERVER Enabled
Tiếp theo ta phải cấu hình Service POP3 G6 ché dé PlainText bang cach chay Exchange Power Shell nhap |énh Set-PopSettings -LoginType PlainTextLogin
1 of 12
Trang 2§@ Machine: server | Scope: gccom
Welcome to the
Full list of cmdlets:
Only Exchange cmdlets:
Cmdlets for a specific
Get general help:
Get help for a cmdlet:
Show quick reference guide:
Exchange team blog:
Show full output for a cmd:
role:
Tip of the day
Do you want to
ions to? Type:
Get-Hailbox —ResultSize Unlimited
ry User> | Format-Table Identity,
Caution: This command enumerates
Exchange Management Shell?
e€-command t-excommand
know which mailboxes a specific Active Directory user has
AccessRights., all the mailboxes
—help role *UM* or *Mailbox*
or <cmdlet-name> —?
permiss
Get—MailboxPermission —User <fActive
Đenu
Directo
in your organization If you
have lots of mailboxes you may want to target specific mailboxes
CPS] C:\Documents and Settings\fAdministrator>Set—PopSettings -LoginTupe Plaintex
t login
[PS] C:\Documents and Settings\Administrator>
Và kiểm tra bằng lệnh
Get-PopSettings
Phải xác nhận rằng dòng Login Type là PlainTextLogin
tlogin
Name
MessageRetrievalSortOrder
UnencryptedOrTLSBindings
SSLBindings
2569Cert if icateName
PreAuthent icatedConnect ionT imeout
MaxConnections
MaxConnectionFromSingleIP
MaxConnectionsPerUser
MessageRetrievalMimeFormat
ProxyTarget Port
CalendarlItemRetrievalOption
OwaServerUrl
MinfAdminUersion
=|E| x|
PSI1I C:\Documents and Settings \Administrator>Set—PopSett ings —LoginT ype Plaintexf
[PS] C:z\Documents and Settings\Administrator>Get—PopSettings
li POP3
46
Descending
<a.0.0.8:995>
SEPUue#*.gccon.net£
Microsoft Exchange Server 2067 POP3 service
PlainTextLogin
(4 12 (1À Ni Lị,
66 - 61:68
2666
20080
16 BestBoduFormat
pi 8)
iCalendar
Trd lai may ISA Server (PC01) dé tao Rule Publish các dịch vụ SMTP và POP3
Bật chương trình ISA lên tiếp tục trong Firewall Policy tao mét Rule mdi bang cach chon New -> Mail Server
Publishing Rule
2 of 12
Trang 3
& Microsoft Internet Security and Acceleration Server 2006
File Action View Help
© 3 |&|m| @ | a
3) Microsoft Internet Securit II 2e 2013 T
¿1-8 Isa FY han MÁ &
Su cceieration Server 2006
~-EE] Monitoring SG TÊN
Firetall Polic›
oo) Virtual Private Refresh
38 Configuratior
Export
Import
Edit System Policy
| Action | Protocols | From | Listener Exchange Web Client Access Publishing Rule
Mail Server Publishing Rule
SharePoint Site Publishing Rule aig
Web Site Publishing Rule h Port
Non-Web Server Protocol Publishing Rule f8 _—
LY) Last Default rule & Deny Pa) All Traffic te, All Network
Dat tén cho Rule nay la Publish Mail
New Mail Server Publishing Rule Wizard
Welcome to the New Mail Server Publishing Rule Wizard
e*
This wizard helps you publish servers using SMTP, RPC, POP, IMAP and NNTP “
To publish client ya services, such as OWA, Outlook
RPC over HTT 4, or Exchange ActiveSync, use the
Exchange M lishing wizard
Od Mal Sever Publishing rule name:
blish Mail]
nam n ity &
s To continue, click Next,
< Back | Next > | Cancel
Chon tuy chon Client access: PRC, IMAP, POP3, SMTP
3 of 12
Trang 4
New Mail Server Publishing Rule Wizard xị
e
Select Access Type &
Select the type of access this mail server will —
o
(* Client access: RPC, IMAP, POP3, sie
Ẳ
rf Server-to-server communica SITP, NNTP
RS
Tong nay téi chi chon POP3 va SMTP G dang standard port ma thdi nghia la chi bat cac Port 110 và 25 mà thôi
New Mail Server Publishing Rule Wizard Kế
Select the services that you are publishing on this mail “8,
+
(standard port) G
(standard port) (sectite port)
(standard port} + {secure port)
{standard port) (secure port)
Trong màn hình Select Server nhập IP của máy chạy dich vu Mail Server trong nay chinh la may Exchange Server
New Mail Server Publishing Rule Wizard xi
Select Server
Specify the network IP address of the server you are p q
m<
Server IP address: c°
Lie We 2 a Oe |
+
`
ấ
Màn hình sau khi hoàn tất
4of12
Trang 5
& Microsoft Internet Security and Acceleration Server 2006 = = {Oo
File Action ‘View Help
[= Microsoft Internet Securit
=i-E@j 15a
— ‘{& Firewall Policy
~~) Virtual Private Ne
(438 Configuration
Iernet >ecuritv š
1
PIETAtio = tes
a3anOGAr2 Ze ie (i) Click here to learn about the Customer Experien¢@mprovement Program
Firewall Policy
| From } Listener | To
@ External J 172.16.2.1
mp 2 Publish Mail POPS Serve 3 Serve © External 2À 2
a
Bis
Or ^ | Name
(3)1 — PublishDN5
| Condition
a aN =IE= 0 san onlay L1 SMTP Server *External
@Ùl4 — Publish 5ecur @Q@allow Li nttes (gd Publish Port jw) www.accom.net 4% All Authentic
@iS Publish xát (ÀAlow [Ở HTTP (3d Publish Port \w) www.accom.net 4 All Authentic
=Z|!]6 Internal ¥SLocalHost @®allow {0} all outbound & Internal @ External & all Users
<ä-LocalHost «3-Internal
<b Local Host (f]Last Default rule © Deny [43 all Traffic Se All Network Se, All Networks ( 4 All Users
Từ máy Client bat Outlook [én va cau hinh Incoming mail, Outgoing mail la mail.gccom.net
E-mail Server Names
My incoming mail server is a | POP3 v | server ov”
<
a Incoming mail (POP3, IMAP or HTTP) server: =
An SMTP server is the server that is used for your outgoing e-mail
Outgoing mail (SMTP) server:
Xz
(mail qccom.net
s |
[ < Back | Next > ] { Cancel |
Check mail thu thay nhận rất tốt
Tiếp tục ta tạo một Rule mới để các máy có thể Check mail thông qua OWA cua Microsoft Office Outlook Tại máy ISA Server bật chương trình ISA lên tiếp tục trong Firew all Policy tạo một Rule mới bằng cách chọn New -> Exchange Web Client Access Publishing Rule
5 of12
Trang 6
File Action ‘View Help
3|&|m|l | a |@ @ s3
is Microsoft Internet Securit
Eig) 15a
~~] Monitoring
- SB Firewall Policy
eL) Virtual Private
$8 Configuration — Export
Import
Edit System Policy
Refresh
Action Protocols From / Listener
View : Mail Server Publishing Rule
"` SharePoint Site Publishing Rule
Help Web Site Publishing Rule
Non-Web Server Protocol Publishing Rule
Access Rule
t6 999996669994650606300096600000000990906898
@i5 Publish Port
Dat tén cho Rule nay la Publish OWA
New Exchange Publishing Rule Wizard x|
Welcome to the Ne change
Microsoft Internet Security & Publishing Rule 2 iB d
This wizard rey in Web client mail access on an Exchange ser server Farm Use this option to publish Microsoft ec Web Access, Outlook Mail Access,
®
Outlook ver HTTP, or Exchange Active Sync
ch
ange Publishing rule name:
| Publish OWA
To continue, click Next,
Chọn phiên ban Exchange tuocng Ung va click vao Outlook Web Access
6 of 12
Trang 7New Exchange Publishing Rule Wizard RE
Select Services
Select the services that you are publishing on this mail server,
Exchange version: |Exchange Server 2007 |
Web client mail services:
J” Outlook Anywhere (RPG/HTTP(s))
J Publish additional folders on the Ex@Mange Server for Outlook 2007 clients
1” Outlook Mobile Access
|” Exchange ActiveSync
< Back | Next > | Cancel |
Chọn tùy chon Publish a single Web site or load balancer
New Exchange Publishing Rule Wizard Kế
Publishing Type
Select if this rule will publish a single Web site or external load balancer, a Web
server farm, or multiple Web sites
Publish a single Web site or load balancer’
Use this option to publish 4 single Web site, or ta publish 4 load balancer in front of
several servers,
Help about publishing 4 single Web site of lgad balancer
™ Publish a server Farm of load balafcéd Web servers
Use this option to have 154)Server load balance requests between a server farm
(mirrored servers)
Help about publishing server Farms
Trong Server Connection Sercurity tdéi chon lua chon Use SSL to connect to the published Web server or server farm dé Publish dich vu HTTP cho OWA
7 of 12
Trang 8
New Exchange Publishing Rule Wizard E
Server Connection Security
Choose the type of connections IS4 Server will establish witti the published Web
server or server farm
Gà
© Use SSL to connect to the published Web serv rver +
https://
154 Server will connect to the publishe server or
server Farm using HTTPS frecomme
©
@ Use non-secured connecti ` the published
Web server or server Fat
ISA Server will ast the published Web server or
Internal site name bạn nhập Domain name của hệ thống (chính là Domain của DC Server)
New Exchange Publishing Rule Wizard xi
Internal Publishing Details &
Specify the internal name of the Exchange site or serveloh are publishing
The internal site name is the name of the Web si are publishing as it appears internally
Typically, this is the name internal users "SG eir browsers to reach the Web site
Internal site name: | mail
o the server hosting the published Web site unless its cified, For example, the computer name or IP address nnot resolve the internal site name
154 Server may not be able to c
computer name or IP address j
Nhập Domain name mà bạn mua từ nhà cung cấp dịch vụ vao 6 Public name trong Public Name Details
New Exchange Publishing Rule Wizard xi
Specify the public domain name (FQDN) or IP address u will type to reach the
Accept requests for: | This oom (type below): |
Only requests For this public name or IP 4 will be Forwarded to the published site
Public name: x§ [naiaccan.ne
+ Example: www.contoso,com
Trong man hinh Select Web Listener sé thay xuat hién 2 Web Listener |a Publish Port 80 & Publish Port 443
do trước đó chúng ta đã tạo rồi, click chon Publish Port 80
8 of 12
Trang 9
New Exchange Publishing Rule Wizard
Select Web Listener
The Web listener specifies the IP addresses and port on he ISA Server
computer listens for incoming Web requests
Web listener:
Edit |
New
Listener properties: —
Description x
Networks 4" |
Port(HTTP)
Authentication methods’ Basic
Chon tuy chon No delegation, and cliecnt cannot authenticate directly trong Authentication Delegation
New Exchange Publishing Rule Wizard M x|
ñuthentication Delegation
Authentication delegation is the method IS4 Server uses to enticate the
session it opens with the published site «®
+ Select the method used by 154 Server to authenticate lhe published Web server:
©
Bo delegation, and client cannot authenticate directly
: v
If the published Web server requests HT4P authentication, I54 Server will not pass the
authentication request to the u @ user will not be able to authenticate to the
published Web server, "S quest will be denied,
=>
Tương tự bạn tạo một Rule mới mang tên Publish Secure OWA dé Publish dich vu HTTPS cho OWA
Server Connection Sercurity: Use SSL to connect to the published Web server or server farm dé Publish dich
vu HTTPS cho OWA
Select Web Listener: Publish Port 443 dé Publish dich vu HTTPS cho OWA
Man hinh tao Rule Publish OWA & Publish Secure OWA sau khi hoan tat
9 of 12
Trang 10RE Microsoft Internet Security and äcceleration Server 2006 "= {Oo} File Action View Help
£ 2 |mjmm|@ 4 x@(@ $ + @ 3
(39 Microsoft Internet Securit pores 7
‘3 FF Monkoring Acceleration Server 2006 Firewall Policy
i Standard Edition
oA Firewall Policy
o> Virtual Private Ne
36 Configuration
Firewall Policy
1 Publish DNS Qallo NS Server @ External J 172.16.2.1
2 Publish Mail POP3 Server UR POP3 Server @ External dị z.16.2.2
Allow OE HTTPS (jd Publish Port \a) www.accom.net 4 All Authentica,
(ä]3 — Publish Mail SMTP =e w LAESMTP Server @ External (j 172.16.2.2
sử Ẵ Publish Secure Web
Publish Secure OWA “Tìm US HTTPS $F Publish Port lại mail.qgccom.net sj& All Authentica Publish OWA Y ñllnwu xi Publish Port lại mail.gccom.net ies All Authentica
@bÌ7 — PublishWeb @Qallow Ú) HTTP (gad Publish Port \w) www.accom.net 4 All Authentica,
=I|[?]8 — InternalV5 Local Host (` Alow t3 All Outbound «3- Internal @ External & All Users
<h Local Host = Internal
<j Local Host
L@] Last Default rule © Deny [23 all Traffic =e All Network Se, All Networks ( % All Users
Từ máy Client truy cập thử dịch vụ OWA sẽ thấy rất tốt
10 of 12
