Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Exchange 2010 install cli command switch question

Posted on 2010-11-10
6
710 Views
Last Modified: 2012-05-10
Hi Experts,

I am preparing to install Exchange 2010 for the first time and was confused about one of the command line switches.  I am installing in Co-Exist mode.

Our current setup is an exchange 2003 server on the internal lan and an OWA frontend server on the DMZ.  I am trying to mimic this with the new install.

I am using the command:

setup.com /mode:install /roles:CA,HT,MB /EnableLegacyOutlook /LegacyRoutingServer:CurrentExchange2003Server.domain.com

I see there is also a switch /ExternalCASServerDomain.  What is this switch for?  I read on microsoft's site that it is to enable OWA via the internet, although it seems to assume that the CAS server is internet facing and that would not be the case in this instance as this is going to be the new internal mailbox server.  Is this switch only used on the CAS if it is on the DMZ and internet accessible?  

Will the current OWA server still function if this switch is left out?
0
Comment
Question by:jodonnellcbd
  • 3
  • 3
6 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34104108
No Exchange sever should be installed in the DMZ apart fromthe Edge Transport server.  The switch you are referring to is the external URL used for OWA/ActiveSync.

I have to ask though, why are you using the command line?  All of this can be done much easier through the GUI install.

Also if it's only going to be a mailbox server only install the mailbox role, the others are not required if you will be installing a separate CAS server.
0
 

Author Comment

by:jodonnellcbd
ID: 34105156
demazter,

I'm using the command line becuase it seems easier than clicking through the GUI.  Either way, I need to determine what this should be used for.  

So you are saying that the Hub Transport role and the CAS server role are not required even though I need this server to be communicating with the current exchange 2003 server?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34105241
I think you need to plan your transition a bit more.

If you have an Exchange 2003 front end server this needs to be replaced with an Exchange 2010 Client Access server.  This should not be into DMZ.

If the server will just be a mailbox server then no it does not need the client access server or the hub transport role but you DO need an Exchange 2010 Hub Transport and CAS role somewhere inthe network but as above, this should be replacingthe front end server and can also be the hub transport server.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:jodonnellcbd
ID: 34105640
I'm still not quite clear on something.  Thanks for being patient with me.

You are saying that I do need the Hub Transport and CAS server roles as I thought before, so I am planning on installing them along with the mailbox role on one physical server on my internal lan.  

If the front end server is not in the DMZ, then do you allow internet traffic into your private network?  If that's the case, the DMZ sounds much more secure as internet hosts can connect to the frontend server in the DMZ and only the frontend server will be allowed to contact the server holding the mail.  If you allow an internal CAS server to communicate with internet hosts, that would allow direct attacks on your server.
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 34105883
You do need the client access server and hub transport role in your network somewhere.  But if you are using a front end setup then I would make this the CAS and HT server.

Exchange servers other than edge transport are not supported in the DMZ.  With regards to the security allowing port 443 and 25 on to your private network is much more secure than all the ports exchange needs to be open from the DMZ to the private network so that it can communicate with the required services.
0
 

Author Closing Comment

by:jodonnellcbd
ID: 34217594
Thanks!
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question