Exchange 2010 install cli command switch question

Hi Experts,

I am preparing to install Exchange 2010 for the first time and was confused about one of the command line switches.  I am installing in Co-Exist mode.

Our current setup is an exchange 2003 server on the internal lan and an OWA frontend server on the DMZ.  I am trying to mimic this with the new install.

I am using the command:

setup.com /mode:install /roles:CA,HT,MB /EnableLegacyOutlook /LegacyRoutingServer:CurrentExchange2003Server.domain.com

I see there is also a switch /ExternalCASServerDomain.  What is this switch for?  I read on microsoft's site that it is to enable OWA via the internet, although it seems to assume that the CAS server is internet facing and that would not be the case in this instance as this is going to be the new internal mailbox server.  Is this switch only used on the CAS if it is on the DMZ and internet accessible?  

Will the current OWA server still function if this switch is left out?
jodonnellcbdAsked:
Who is Participating?
 
Glen KnightConnect With a Mentor Commented:
You do need the client access server and hub transport role in your network somewhere.  But if you are using a front end setup then I would make this the CAS and HT server.

Exchange servers other than edge transport are not supported in the DMZ.  With regards to the security allowing port 443 and 25 on to your private network is much more secure than all the ports exchange needs to be open from the DMZ to the private network so that it can communicate with the required services.
0
 
Glen KnightCommented:
No Exchange sever should be installed in the DMZ apart fromthe Edge Transport server.  The switch you are referring to is the external URL used for OWA/ActiveSync.

I have to ask though, why are you using the command line?  All of this can be done much easier through the GUI install.

Also if it's only going to be a mailbox server only install the mailbox role, the others are not required if you will be installing a separate CAS server.
0
 
jodonnellcbdAuthor Commented:
demazter,

I'm using the command line becuase it seems easier than clicking through the GUI.  Either way, I need to determine what this should be used for.  

So you are saying that the Hub Transport role and the CAS server role are not required even though I need this server to be communicating with the current exchange 2003 server?
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
Glen KnightCommented:
I think you need to plan your transition a bit more.

If you have an Exchange 2003 front end server this needs to be replaced with an Exchange 2010 Client Access server.  This should not be into DMZ.

If the server will just be a mailbox server then no it does not need the client access server or the hub transport role but you DO need an Exchange 2010 Hub Transport and CAS role somewhere inthe network but as above, this should be replacingthe front end server and can also be the hub transport server.
0
 
jodonnellcbdAuthor Commented:
I'm still not quite clear on something.  Thanks for being patient with me.

You are saying that I do need the Hub Transport and CAS server roles as I thought before, so I am planning on installing them along with the mailbox role on one physical server on my internal lan.  

If the front end server is not in the DMZ, then do you allow internet traffic into your private network?  If that's the case, the DMZ sounds much more secure as internet hosts can connect to the frontend server in the DMZ and only the frontend server will be allowed to contact the server holding the mail.  If you allow an internal CAS server to communicate with internet hosts, that would allow direct attacks on your server.
0
 
jodonnellcbdAuthor Commented:
Thanks!
0
All Courses

From novice to tech pro — start learning today.