Microsoft Exchange StyleBook

Feb 26, 2018

You can use the Microsoft Exchange 2016 StyleBook to deploy a NetScaler configuration that optimizes and secures a Microsoft Exchange 2016 enterprise application in your network. Microsoft Exchange 2016 is a key enterprise application for providing email, personal information management, and messaging services to your employees and other stakeholders.

NetScaler features configured by using Microsoft Exchange StyleBook

The Microsoft Exchange 2016 StyleBook enables and configures the following NetScaler features for Microsoft Exchange 2016 servers:

  • Load balancing - Basic load balancing that enables load balancing of multiple Exchange servers

  • Content switching - Content switching that enables single-IP access and redirection of queries to the correct load balancing virtual servers

  • Rewrite - Redirects users to secure pages

  • SSL offload - Offloads SSL processing to the NetScaler, therefore reducing the load on the Exchange server

The following figure diagrammatically represents the deployment of Exchange servers in the network:

localized image


  • For certificate-based authentication, all addressable hosts that are part of the network setup must have resolvable domain names and not just IP addresses.
  • Ensure that the SIP ports are accessible in Microsoft Exchange 2016 server.

Configuring Microsoft Exchange StyleBook

Configure the Microsoft Exchange StyleBook in your business enterprise to deploy the NetScaler configuration.

Configure Microsoft Exchange application

  1. In NetScaler MAS, navigate to Applications > Configuration, and click Create New. The Choose StyleBook page displays all the StyleBooks that are available in your NetScaler MAS for your usage. Scroll down and select the Microsoft Exchange 2016 StyleBook. The StyleBook appears as a user interface form on which you can enter the values for all the parameters defined in this StyleBook.

  2. Enter the details for the following parameters:

    • Exchange Application Name - Name of the Microsoft Exchange Application in your network.

    • Exchange Content-Switching VIP - Virtual IP address on NetScaler that receives client requests for the Microsoft Exchange application

    • Exchange Server IPs - IP addresses of all the Exchange servers in the network. You can add multiple addresses by clicking the plus (+) icon. Usually, two Exchange servers are configured in the network.

  3. In the Exchange Certificates section, upload the Exchange certificates to NetScaler MAS in the Exchange Certificates section. Enter the names of both the certificate and the key files and upload them by selecting them from the local storage. You can also provide a private key password to encrypt the key file.

    Note: Ensure that the certificate files are of “.pem” or “.der” format. NetScaler MAS rejects files in any other format.

  4. In the Exchange AD Authentication config section, configure the AD Settings by entering the data.

    • AD Authentication Domain - The AD/LDAP domain name. For example,

    • AD Authentication VIP - The virtual IP address used to create and configure the AD (LDAP) virtual server on a NetScaler appliance.

    • Active Directory Server IP - The IP address of your Active Directory domain controller.

    • Active Directory Base String - The LDAP Base String in Active Directory. For example, CN=Users,DC=CTXNSSFB,DC=COM.

    • Active Directory LDAP Bind Distinguished Name (DN) - LDAP Bind Distinguished Name (DN) is used to bind this object to the LDAP server (AD). For example “cn=Administrator,cn=Users,dc=acme,dc=com”

    • Active Directory LDAP Bind Distinguished Name (DN) Password - LDAP Bind Distinguished Name (DN) is the password for AD Authentication

    • AD User Name Attribute - AD attribute for the username. The NetScaler uses the LDAP attribute to query external Active Directory Servers. For example, “sAMAccountName”

    • AD group Attribute/Sub-Attribute Name - the LDAP group attribute and subattribute names configured on the LDAP server. For example, “memberOf” for the group attribute in LDAP and “cn” for the subattribute.

  5. In the Target Instances section, select the NetScaler instance on which to deploy this Exchange configuration. Click Create to create the configuration file and execute the configuration on the selected NetScaler instance.


    You can also click the refresh icon to add recently discovered NetScaler instances in NetScaler MAS to the available list of instances in this window.

Citrix recommends that you first select Dry Run to check the configuration objects that are created on the target instance before executing the actual configuration on the instance.


Add a DNS record in NetScaler for your authentication domain. For example, to add a DNS record for an authentication domain called “,” you can use the following CLI command:

add dns addRec

When the configuration has been created successfully, you can find that the StyleBook has created a content switching virtual server, five load balancing virtual servers, and one LDAP policy bound to one LDAP authentication virtual server. You can also find corresponding service groups created and bound to the load balancing virtual servers.