Is it possible to install Exchange 2010 CAS role to test before it becomes proxy for Exchange 2003 mailboxes?

We're running into a lot of questions on exactly the CAS redirects traffic.  Here's what I know:  It becomes a proxy for all 2003 Mailboxes during coexistence with Exchange 2010/2003.  External traffic is seamlessly pushed to the 2003 front-end and mailboxes FROM CAS.

How does it route internal traffic?

Also, is it possible to install CAS without it touching the 2003 environment and simply doing a DNS change to switch it over to our production environment?
Who is Participating?
Antonio VargasConnect With a Mentor Microsoft Senior Cloud ConsultantCommented:

"External traffic is seamlessly pushed to the 2003 front-end and mailboxes FROM CAS."

this is not exactlly true.. whats happens is. first you configure a parameter in cas 2010 named legacyexchangeurl that points to one external name for example

after that, and if you have for example TMG publishing the sites.. you need 2 publishing rules.. one for owa 2010 and the other for owa 2003. you will also need to dns external A records, for example and

now.. whats the external flow?
client types from a computer from the Internet--> TMG forwards the request to cas 2010--> cas 2010 detects that mailbox is on 2003 and forwards the request to outside link> tmg forwards the request to 2003 server--> client access 2003 mailbox

if must have forms based activated in 2003 server and from the client side he wont know that he is accessing

Internally this wont work.. if you access webmail internally:

-for 2003 you must type servername.domain.local/exchange
-for 2010 you must type the internalurl value configured on the cas servers for the owa virtual directory

you can install cas and the 2003 envoirement will continue to work to 2003 mailboxes. only when you start moving mailboxes to 2010 you need to set up the coexistence scenario for cas.

very important link:
please read this article of mine it will save me a lot of rewriting and if you have more question please do ask
liquid101Author Commented:

This is extremely helpful as far as internal/external users is concerned.


I love the article and I have printed a copy for reference, but my boss needs to know if we can actually get away with installing the CAS without redirecting traffic initially or if that happens no matter what.  With such a large organization, we really need to make sure we're good to go before jumping into this.

Essentially, we're scared that we are being forced to throw this into production without being able to test it first.  That being said, no, we're not currently able to replicate the environment in a sandbox to test.

We'd like to install the CAS, validate the install before applying the proxy to force it to the front-end.
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

no one will force you to put it in production

you can install your cas server and fix all the urls on it then bring in a test station and change on it the host file so it resolves the FQDNS entries to different ips than the one in the DNS and then, when all is working put it in production
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
yes you can install the Client Access Server and still have the 2003 envoirement functioning without problems.

I advise you to start thinking on a migration and coexistence plan, since you are on a big organization i assume that you will be using all exchange features to access mailboxes (owa, activesync, rpc over http)
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
get one url and assign it to 2010, for test purposes. also configure on 2010 the legacyurl as it is now, for example

publish a rule for owa 2010 using the name

test the access from outside using and seeing if your redirected to (use 2003 mailbox and i'm assuming that you have forms based on 2003. if you dont have you cant get double authentication but test anyway)

this tests that i recomended wont affect 2003 envoirement.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.