Solved

Exchange 2010 install cli command switch question

Posted on 2010-11-10
6
707 Views
Last Modified: 2012-05-10
Hi Experts,

I am preparing to install Exchange 2010 for the first time and was confused about one of the command line switches.  I am installing in Co-Exist mode.

Our current setup is an exchange 2003 server on the internal lan and an OWA frontend server on the DMZ.  I am trying to mimic this with the new install.

I am using the command:

setup.com /mode:install /roles:CA,HT,MB /EnableLegacyOutlook /LegacyRoutingServer:CurrentExchange2003Server.domain.com

I see there is also a switch /ExternalCASServerDomain.  What is this switch for?  I read on microsoft's site that it is to enable OWA via the internet, although it seems to assume that the CAS server is internet facing and that would not be the case in this instance as this is going to be the new internal mailbox server.  Is this switch only used on the CAS if it is on the DMZ and internet accessible?  

Will the current OWA server still function if this switch is left out?
0
Comment
Question by:jodonnellcbd
  • 3
  • 3
6 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34104108
No Exchange sever should be installed in the DMZ apart fromthe Edge Transport server.  The switch you are referring to is the external URL used for OWA/ActiveSync.

I have to ask though, why are you using the command line?  All of this can be done much easier through the GUI install.

Also if it's only going to be a mailbox server only install the mailbox role, the others are not required if you will be installing a separate CAS server.
0
 

Author Comment

by:jodonnellcbd
ID: 34105156
demazter,

I'm using the command line becuase it seems easier than clicking through the GUI.  Either way, I need to determine what this should be used for.  

So you are saying that the Hub Transport role and the CAS server role are not required even though I need this server to be communicating with the current exchange 2003 server?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34105241
I think you need to plan your transition a bit more.

If you have an Exchange 2003 front end server this needs to be replaced with an Exchange 2010 Client Access server.  This should not be into DMZ.

If the server will just be a mailbox server then no it does not need the client access server or the hub transport role but you DO need an Exchange 2010 Hub Transport and CAS role somewhere inthe network but as above, this should be replacingthe front end server and can also be the hub transport server.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:jodonnellcbd
ID: 34105640
I'm still not quite clear on something.  Thanks for being patient with me.

You are saying that I do need the Hub Transport and CAS server roles as I thought before, so I am planning on installing them along with the mailbox role on one physical server on my internal lan.  

If the front end server is not in the DMZ, then do you allow internet traffic into your private network?  If that's the case, the DMZ sounds much more secure as internet hosts can connect to the frontend server in the DMZ and only the frontend server will be allowed to contact the server holding the mail.  If you allow an internal CAS server to communicate with internet hosts, that would allow direct attacks on your server.
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 34105883
You do need the client access server and hub transport role in your network somewhere.  But if you are using a front end setup then I would make this the CAS and HT server.

Exchange servers other than edge transport are not supported in the DMZ.  With regards to the security allowing port 443 and 25 on to your private network is much more secure than all the ports exchange needs to be open from the DMZ to the private network so that it can communicate with the required services.
0
 

Author Closing Comment

by:jodonnellcbd
ID: 34217594
Thanks!
0

Featured Post

Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now