Product Documentation

How to Use Microsoft Exchange StyleBook in Business Enterprises

Mar 09, 2017

You can use the Microsoft Exchange 2016 StyleBook to deploy a NetScaler configuration that optimizes and secures a Microsoft Exchange 2016 enterprise application in your network. Microsoft Exchange 2016 is a key enterprise application for providing email, personal information management, and messaging services to your employees and other stakeholders.

Features Configured in NetScaler Instances

The Microsoft Exchange 2016 StyleBook enables and configures the following NetScaler features for Microsoft Exchange 2016 servers:

  • Load balancing - Basic load balancing that enables load balancing of multiple Exchange servers
  • Content switching - Content switching that enables single-IP access and redirection of queries to the correct load balancing virtual servers
  • Rewrite - Redirects users to secure pages
  • SSL offload - Offloads SSL processing to the NetScaler, therefore reducing the load on the Exchange server

The following figure diagrammatically represents the deployment of Exchange servers in the network:

localized image

Prerequisites

  • For certificate-based authentication, all addressable hosts that are part of the network setup must have resolvable domain names and not just IP addresses.
  • Ensure that the SIP ports are accessible in Microsoft Exchange 2016 server.

Configuring Microsoft Exchange StyleBook in Business Enterprises

Configure the Microsoft Exchange StyleBook in your business enterprise to deploy the NetScaler configuration.

To Configure Microsoft Exchange Application

          1. In NetScaler MAS, navigate to Applications > Configuration, and click Create New. The Choose StyleBook page displays all the StyleBooks that are available in your NetScaler MAS for your usage. Scroll down and select the Microsoft Exchange 2016 StyleBook. The StyleBook appears as a user interface form on which you can enter the values for all the parameters defined in this StyleBook.

          2.  Enter the details for the following parameters:

  • Exchange Application Name - Name of the Microsoft Exchange Application in your network
  • Exchange Content-Switching VIP - Virtual IP address on NetScaler that receives client requests for the Microsoft Exchange application
  • Exchange Server IPs - IP addresses of all the Exchange servers in the network. You can add multiple addresses by clicking the plus (+) icon. Usually, two Exchange servers are configured in the network.

          3.  In the Exchange Certificates section, upload the Exchange certificates to NetScaler MAS in the Exchange Certificates section. Enter the names of both the certificate and the key files and upload them by selecting them from the local storage. You can also provide a private key password to encrypt the key file.

Note: Ensure that the certificate files are of ".pem" or ".der" format. NetScaler MAS rejects files in any other format.

          4.  In the Exchange AD Authentication config section, configure the AD Settings by entering the data.

  • AD Authentication VIP - The virtual IP address used to create and configure the AD (LDAP) virtual server on a NetScaler appliance.
  • Active Directory Server IP - The IP address of your Active Directory domain controller.
  • Active Directory Base String - The LDAP Base String in Active Directory. For example, CN=Users,DC=CTXNSSFB,DC=COM.
  • AD Login Name - the attribute name in AD (LDAP) that designates the login name for accessing the external LDAP server. For example, "sAMAccountName."
  • AD group Attribute/Sub-Attribute Name - the LDAP group attribute and subattribute names configured on the LDAP server. For example, "memberOf" for the group attribute in LDAP and "cn" for the subattribute.
  • AD Authentication Domain - The AD/LDAP domain name. For example, ctxnssfb.com.

          5.  In the Target Instances section, select the NetScaler instance on which to deploy this Exchange configuration. Click Create to create the configuration file and execute the configuration on the selected NetScaler instance. 

Note: Citrix recommends that you first select Dry Run to check the configuration objects that are created on the target instance before executing the actual configuration on the instance. 

When the configuration has been created successfully, you can find that the StyleBook has created a content switching virtual server, five load balancing virtual servers, and one LDAP policy bound to one LDAP authentication virtual server. You can also find the corresponding service groups created and bound to the load balancing virtual servers.

Note: After creation of the configuration pack from the StyleBook, you must manually add the LDAP Bind domain name and the password. Log on to the NetScaler instance GUI, and navigate to Traffic Management > Content Switching > Virtual Servers. Select the Exchange content switching virtual server created by the StyleBook and click Edit. In the Authentication section, click the edit icon, and edit the Exchange authentication virtual server. Select the LDAP policy, click Edit, and in Connection Settings, enter the LDAP administrator Bind DN values configured on the LDAP server, and provide the administrator password.

You can also do this from the NetScaler CLI as shown in the following example:

Code Copy

set authentication ldapAction exch-ad-auth-action -ldapBindDn "CN=Administrator,CN=Users,DC=CTXNSSFB,DC=COM" -ldapBindDnPassword "usepass3"

Add a DNS record in NetScaler for your authentication domain after the creation of the StyleBook configuration, for example, by using the following CLI:

Code Copy

add dns addRec auth1.ctxnssfb.com 10.105.157.59