Need clarification of Exchange 2003 Front-end/Back-end setup

We have two existing Exchange 2003 servers (two sites, one domain) and are looking to setup a front-end server for OWA access.  What I got from previous posts is: install exchange, move your certificate to the new server(if you're using SSL), flip the front-end switch, make sure you're forwarding SSL, etc. through your router/firewall to the new server, done.  Is it that simple?  What else needs to be done so OWA access will route properly for the users?  Any other services need to moved or configured or is all of that taken care of with the front-end switch?

Thank you
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

There is very little that needs to be done. You can simply enable the option and that is it.
There are refinements to the server that can be carried out, but at a basic level nothing more needs to be done. Just make sure that the frontend server can see both backends correctly.

jforvilleAuthor Commented:
Thank you for your post Simon.  As far as the certificate goes for SSL, the 'first' exchange server was the OWA server running with SSL.  Is there anything special we need to do with that other than move it to the front-end server?  
Depends if the certificate was on a generic name or the server's real name.
If it was the server's real name then you are going to have problems as you would have to remove the original server before the SSL certificate will work correctly.
If the certificate is on a generic name that is simply mapped to the server in DNS then just move the certificate and update DNS.

Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

jforvilleAuthor Commented:

>you would have to remove the original server

I'm not sure if I follow, do you mean I would have to remove the original server certificate?
jforvilleAuthor Commented:
If I understand correclty, in IIS the certificate is issued to, the name of the server is myserver.mydomain.local.  So, the generic certificate name will be unchanged to the outside world despite being put on mynewserver.mydomain.local.  
If the certificate is on a generic name, then you can simply move the certificate and the DNS entry.
I always recommend that a generic name is used for just these sorts of occasions. You can setup the replacement server including the certificate and test it (ignoring the error from the certificate - but it is just a test). Then when you are ready, all you have to do is change your firewall for external traffic and a dns tweak for internal traffic. Doesn't work - switch back.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jforvilleAuthor Commented:
Great, thanks for all of the help!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.