budgetblinds
asked on
Exchange 2003 OWA Referral through IIS to Exchange 2007 OWA
Okay, I've got a tricky one for you Experts. Background:
I have a front end Exchange 2003 Server running on Server 2003. It's running IIS serving up a forward facing, password protected website acting as a portal page for customers. When you login to this page (using Basic Auth), you have a link on the "Intranet" to connect to your Exchange OWA account sitting on the same box. Follow me so far?
We have recently introduced an Exchange 2007 on a 2008 SP2 server into the network, and are planning to migrate to it. Right now it's living as the backend server as we slowly migrate the customers mailboxes onto it.
So I have noticed that when I go to the "Intranet" internally (behind the network firewall) and login using a mailbox account that has been moved to the new Exchange server, when I click on the email link (which is really just www.mycompany.com/exhange) - it will refer me to the 2007 OWA. It asks me twice to reenter my user / pass, but then it gives me my OWA box. The logging in twice is fine, but the weird thing is that when I hit this same exact page externally (Outside the corporate firewall) it won't refer me to the new page. The page just come's up not found.
I have setup external DNS to reflect the correct names, and I can hit OWA on that same Exchange 2007 server fine if I use the direct link to it, but I would like to be able to have customers be redirected to the new OWA during the transition over. I believe this problem is related to DNS, but I can't be sure.
Does anyone have any ideas?
Thanks!
I have a front end Exchange 2003 Server running on Server 2003. It's running IIS serving up a forward facing, password protected website acting as a portal page for customers. When you login to this page (using Basic Auth), you have a link on the "Intranet" to connect to your Exchange OWA account sitting on the same box. Follow me so far?
We have recently introduced an Exchange 2007 on a 2008 SP2 server into the network, and are planning to migrate to it. Right now it's living as the backend server as we slowly migrate the customers mailboxes onto it.
So I have noticed that when I go to the "Intranet" internally (behind the network firewall) and login using a mailbox account that has been moved to the new Exchange server, when I click on the email link (which is really just www.mycompany.com/exhange) - it will refer me to the 2007 OWA. It asks me twice to reenter my user / pass, but then it gives me my OWA box. The logging in twice is fine, but the weird thing is that when I hit this same exact page externally (Outside the corporate firewall) it won't refer me to the new page. The page just come's up not found.
I have setup external DNS to reflect the correct names, and I can hit OWA on that same Exchange 2007 server fine if I use the direct link to it, but I would like to be able to have customers be redirected to the new OWA during the transition over. I believe this problem is related to DNS, but I can't be sure.
Does anyone have any ideas?
Thanks!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I don't know how it is working because it doesn't.
Exchange 2003 front end DOES not proxy for Exchange 2007 there is no way around this. The first server to be upgraded should always be the front end server.
Exchange 2003 front end DOES not proxy for Exchange 2007 there is no way around this. The first server to be upgraded should always be the front end server.
ASKER
Okay, maybe frontend is wrong term. It was the only Exchange box in the network until we introduced the 2007, so it holds all the mailboxes for the network. Like I said, IIS on the Exchange 2003 box which is hosting OWA - for whatever reason - IS referring over to the Exchange 2007 OWA client. Im just trying to figure out what the function is there. It is, however, not passing through Authentication, which I think maybe is the point you are trying to make.
OK, so what you need to do is introduce a temporary CAS server (just the CAS role) and forward port 443 to this instead of the 2003 server.
Do this and it will all start to work.
Do this and it will all start to work.
ASKER
Here is the issue with that: I have a 1300 customers that access this specific website on a daily basis, checking their email through OWA. If I introduce a CAS server, it will not refer back to the mailboxes that are still in the process of being moved that are still located on the Exchange 2003 box. Basically, I was hoping to avoid downtime with this by keeping the existing website as is, and if their mailbox had been moved already then when they login and click the link on the website it would refer them to another login for the Exchange 2007 OWA. It works internally, but externally.
The 2007 CAS will proxy for both Exchange 2007 and 2003 so no downtime will be required other than the few seconds it takes to switch port 443 from the 2003 server to the 2007 one.
Just make sure you have the CAS working with SSL certificate installed before you do the switch.
Just make sure you have the CAS working with SSL certificate installed before you do the switch.
ASKER
Sorry, but you are incorrect. 2007 will not proxy for 2003. When a mailbox is sitting on an Exchange 2003 box, a CAS server will not hand off OWA in anyway to the 2003 box. Proof:
"Outlook Web Access could not find a mailbox for MYCORP\myuser. If the problem continues, contact technical support for your organization and tell them the following: The mailbox may be stored on a Microsoft Exchange 2000 or Microsoft Exchange 2003 server, or the Active Directory user account was created recently and has not yet replicated to the Active Directory site where this Client Access server is hosted. "
This is when I got when I tried to go in reverse. If what you said was true, then it would have handed off to the Exchange 2003 box.
"Outlook Web Access could not find a mailbox for MYCORP\myuser. If the problem continues, contact technical support for your organization and tell them the following: The mailbox may be stored on a Microsoft Exchange 2000 or Microsoft Exchange 2003 server, or the Active Directory user account was created recently and has not yet replicated to the Active Directory site where this Client Access server is hosted. "
This is when I got when I tried to go in reverse. If what you said was true, then it would have handed off to the Exchange 2003 box.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It does have the Mailbox role on it, so that makes sense that it wouldn't forward it if it has that role on it.
I will bring up a CAS role server to see if that will resolve our problem. Thanks for your help and I will let you know.
I will bring up a CAS role server to see if that will resolve our problem. Thanks for your help and I will let you know.
ASKER
Thanks demazter. We now have our CAS proxying between our old 2003 Exchange & "new" 2007 Exchange.
ASKER