Solved

Questions about Exchange 2007 Site Affinity / Site Scope

Posted on 2010-09-01
16
1,155 Views
Last Modified: 2012-05-10
I am studying Exchange 2007 by reading a article from MS - "Technical Architecture of Exchange Server 2007", here is an article listed example talking about "Site Affinity" that I am having question about:

Consider a topology that includes one forest with three sites that have the following names:
•      US-contoso   A contoso site that is located in North America
•      Europe-contoso   A contoso site that is located in Europe
•      APAC-contoso   A contoso site that is located in Asia

3 AD Site links connect each other.
* EU to US by high speed connection
* EU to APAC by high speed connection
* US to APAC by low-speed connection

Following are the site scope cmdlets for setting up site affinity according to the site link condition
1): Set-ClientAccessServer -Identity "us-cas" -AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope "us-contoso”,”europe-contoso”

2): Set-ClientAccessServer -Identity "europe-cas" -AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml"

3): Set-ClientAccessServer -Identity "apac-cas" -AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope "apac-contoso”,”europe-contoso”

What I don't understand is why the AutodiscoverServiceInternalURL are all the same: AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml"?

and second question is that when I build a new CAS server, I run a cmdlet: get-clientaccessserver, it shows site name: Default-First-Site-Name", which is where the CAS server reside. Why shouldn't we just leave the default sitescope alone(let every CAS server use it's own local site as site scope), and let the autodiscover service to locate Exchange features in their local AD site to serve it's clients more efficently, why should we grab some remote ones from either EU or US to form a bigger sitescope? what is the point?

Thanks,
Jerry
0
Comment
Question by:JerryJay
  • 8
  • 5
  • 3
16 Comments
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33576527
Jerry
I think the issue here is all your autodiscoverinternalURI's point to the same cas server. (where is internal.contoso.com located ?)
Instead of that, you can separate DNS entries in each location (usinternal.contoso / euinternal.contoso / apacinternal.contoso) and round-robin the client requests.

Please take a look at this article here.
http://www.shudnow.net/2008/08/24/configuring-exchange2007-autodiscover-site-affinity/

thanks
0
 

Author Comment

by:JerryJay
ID: 33576686
many thanks for your quick replay, the article doesn't mention where the autodiscoverinternalURL points to, which is very confused.

you mention round-robin, if clients in US want to access their local resources, for example, why should they go the europe site for autodiscover service through round robin? shouldn't it get service from local quicker than cross the ocean? my quesion is : why we should have a bigger site scope than it's own?

Thanks,
Jerry
0
 

Author Comment

by:JerryJay
ID: 33576770
Sorry for this long, this is the complete paragraph talking about Site Affinity I mentioned above. just in case I missed something. I was trying to summarize this one.

Configuring the Autodiscover Service to Use Site Affinity for Internal Communication

If you manage a large, distributed organization that has Active Directory sites that are separated by low-bandwidth network connectivity, we recommend that you use site affinity for the Autodiscover service for intranet-based traffic. To use site affinity, you specify which Active Directory sites are preferred for clients to connect to a particular Autodiscover service instance. Specifying which Active Directory sites are preferred is also known as configuring site scope.

You configure site affinity by using the Set-ClientAccessServer cmdlet. This cmdlet lets you specify the preferred Active Directory sites for connecting to the Autodiscover service on a specific Client Access server. After you configure site affinity for the Autodiscover service, the client will connect to the Autodiscover service as you specified. For information on the Set-ClientAccessServer cmdlet, see Set-ClientAccessServer.

Consider a topology that includes one forest with three sites that have the following names:
•      US-contoso   A contoso site that is located in North America
•      Europe-contoso   A contoso site that is located in Europe
•      APAC-contoso   A contoso site that is located in Asia

In this example, the Autodiscover service is enabled on each site and each site includes user mailboxes. The US-contoso site is connected to the Europe-contoso site by using a high-speed connection. The US-contoso site is connected to the APAC-contoso site by using a low-speed connection. The APAC-contoso site is connected to the Europe-contoso site by using a high-speed connection.

Based on these connectivity factors, you might want to allow users in the US-contoso and Europe-contoso sites to use either the US-contoso or the Europe-contoso site, users in Europe-contoso site to use any site to access the Autodiscover service, and users in the APAC-contoso site to use the APAC-contoso or the Europe-contoso site. Finally, the Client Access servers can be reached by using a common internal namespace across all sites.

You can configure site scope for Client Access servers in the US-contoso site, setting them to prefer to use the US-contoso and Europe-contoso Active Directory sites to access the Autodiscover service by using the following command.

Set-ClientAccessServer -Identity "us-cas" -AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope "us-contoso”,”europe-contoso”

You do not have to specify the Active Directory sites to which your users should connect to access the Autodiscover service on Client Access servers in the Europe-contoso site because it connects well to other sites. The following command enables all users in the Europe-Contoso site to access any Client Access server to use the Autodiscover service:

Set-ClientAccessServer -Identity "europe-cas" -AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml"


Finally, you can configure site scope for the Autodiscover service on Client Access servers in the APAC-contoso site, setting them to prefer to use the APAC-contoso and Europe-contoso sites because they connect well to these sites. To do this, use the following command:

Set-ClientAccessServer -Identity "apac-cas" -AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope "apac-contoso”,”europe-contoso”

Therefore, if a client in the US-contoso site has a mailbox located in the Europe-contoso site and tries to locate the Autodiscover service, the client can select the service instance that has site=US-contoso or site=Europe-contoso.
If you do not specify site scope for the Autodiscover service, the client might return the autodiscoverInternalUri parameter for the APAC-contoso site because of the slow connection to the US-contoso site.

 Note:
If you do not configure a specific set of Active Directory sites for clients to use, Outlook 2007 will randomly select Client Access servers to use to access the Autodiscover service.

For more information about site affinity, see How to Configure Autodiscover to Use Site Affinity.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 28

Expert Comment

by:sunnyc7
ID: 33576814
My bad @ confusion.

I meant Site Affinity is used to configure SCP's to restricts Outlook Users to get their autodiscoverURI's from *within* their country and not go out of site.

usinternal is supposed to round robin the CAS servers *within* US - not round robin US and EU sites.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33576888
Based on these connectivity factors, you might want to allow users in the US-contoso and Europe-contoso sites to use either the US-contoso or the Europe-contoso site, users in Europe-contoso site to use any site to access the Autodiscover service, and users in the APAC-contoso site to use the APAC-contoso or the Europe-contoso site. Finally, the Client Access servers can be reached by using a common internal namespace across all sites.

>> I dont think this will work practically.
What that effectively says is - your US Outlook clients should get their autodiscover SCP's from EU CAS servers.
I was talking about round-robin'ing (That's a word ??) the CAS servers *within* US - not go out of the country.


Therefore, if a client in the US-contoso site has a mailbox located in the Europe-contoso site and tries to locate the Autodiscover service, the client can select the service instance that has site=US-contoso or site=Europe-contoso.
>> Fat Chance.
And again this depends on your Exchange design.
Unless someone is moving within the org from Germany to US - I dont see any sense in having the DE user sitting in US and getting their mailbox data from Europe.

This doesnt make sense to me.

Let me go through the document again. I hope you are referring to this:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B34FA7CC-8F13-4E21-AE87-EB824728DDD1&displaylang=en
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33577215
Jerry
Let me know what you think.

you can also click on request attention button and have this question relayed to other experts.

thanks
0
 

Author Comment

by:JerryJay
ID: 33585128
Thanks again Sunny,

">> I dont think this will work practically."

I agree with your point to limit the site scope to be within a same country, and setup a Internal dns to round robin the CAS servers to share the workload .

">>Fat chance"

In the above case, a user in US has a mailbox in EU, I agree with you that this can only be rare cases. by setting up sitescope to include us and eu in US CAS servers may cause, if i understand correctly, a large amount of SCP queries for autodiscover service to cross the border. and my understanding is that if the site selection that a user makes to query SCP for autodiscover is random, then 50% of chance that us mailbox users will go EU site for SCP query. am I correct?
0
 
LVL 28

Accepted Solution

by:
sunnyc7 earned 250 total points
ID: 33588779
Jerry
the reason I havent responded yet on this is, I havent been able to verify this from any other documentation yet.
I have also relayed this question to some other experts and hoping that they will drop in and assist.

---------
by setting up sitescope to include us and eu in US CAS servers may cause, if i understand correctly, a large amount of SCP queries for autodiscover service to cross the border.

>> This is correct. And this is the assumption for the thesis of round-robining CAS within the country -- and not US-
EU-APAC.

---------
if the site selection that a user makes to query SCP for autodiscover is random, then 50% of chance that us mailbox users will go EU site for SCP query.
>> Usually you should restrict site selection to the CAS in the geography. Otherwise everyone will be looking up everywhere else for site selection.

Like they mentioned below @ MSFT: I just disagree that Eurpope-Contoso should be in the site selection.

Set-ClientAccessServer -Identity "apac-cas" -AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope "apac-contoso”,”europe-contoso”

>> This should be
Set-ClientAccessServer -Identity "apac-cas" -AutodiscoverServiceInternalURI "https://internal.contoso.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope "apac-contoso”

thanks
0
 
LVL 32

Assisted Solution

by:endital1097
endital1097 earned 250 total points
ID: 33589183
when the outlook client queries for the autodiscover scp it will randomly select one to use
what you want to do is minimize the randomness (is that a word?)
by setting the AutodiscoverServiceSiteScope value you limit what clients connect to based on the AD Site where the machine is currently located

sorry @sunnyc7 i am going to disagree with you now
i would use three unique AutodiscoverServiceInternalURI values and here's why
while DNS should return results based on subnet (why @sunnyc7 is correct) someone could or may change the DNS server settings to prevent this
in that instance the AutodiscoverServiceInternalURI value that is returned could return a record from another site

if you use a unique AutodiscoverServiceInternalURI value for all CAS servers in an AD site and use the AutodiscoverServiceSiteScope you now limited the results of the scp query to only CAS servers in the correct site and now your DNS query results don't matter as much

you can use the same AutodiscoverServiceInternalURI value for all CAS servers but then you don't need to use the AutodiscoverServiceSiteScope because at that point you are relying on DNS
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33589346
Dude, thanks for bringing dns into the equation and clarifying this.

Jerry let us know if you will be able to test this and also let us know your thoughts
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33589465
sorry, it's just that you know how important dns is. microsoft always says you must ensure your dns is working. :)

let us know if you have any other questions jerry
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33589511
sorry again, but i think it is important to throw one last comment out there just to make sure everything is clear

if you do use the AutodiscoverServiceSiteScope for any CAS server, you must use it on all
otherwise you lose control of the randomness (i'm making it an official word if it isn't already)
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33590486
0
 

Author Comment

by:JerryJay
ID: 33594203
thanks endital1097 and sunnyc7 for bringing so many fresh ideas into the topic. very helpful. appreicate everything. I don't have any furtuer questions now.

Cheers,
Jerry
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33596176
glad to be of help Jerry.
If you dont have any more questions, you can close the case and allocate points.

thanks
0
 

Author Closing Comment

by:JerryJay
ID: 33601915
thank you of you, very helpful.

Jerry
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question