Solved

Exchange 2003/2010 coexistence questions

Posted on 2011-03-17
2
961 Views
Last Modified: 2012-06-21
Hi,
We are running an Internet-facing Exchange 2003 SP2 on a Windows 2003 DC. We also have 2 new DCs running Windows 2008. We are planning on installing all Exchange 2010 roles on one of the new 2008 DC and run a coexistence environment for a few weeks. Our Exchange 2003 server name is server.contoso.internal. Our users run a mix of Outlook 2003 and Outlook 2010. Outlook is configured to connect to server.contoso.internal when on LAN and mail.contoso.com for Outlook Anywhere. Our internal DNS servers host 2 zones: contoso.com and contoso.internal. Both zones have A records for server.contoso.internal and mail.contoso.com pointing to the internal IP address of the Exchange 2003 server. The external DNS servers also have an A record for mail.contoso.com pointing to the public IP address of our Exchange 2003 server.
As I understand, in a coexistence environment, all clients will be connecting to the CAS 2010 first and be directed to the Exchange 2003 when the mailbox has not yet been migrated. I reviewed Microsoft's papers explaining the configuration of /externalCASSeverDomain, LegacyRoutingServer, OWAVirtualDirectory and installation the new SAN certificate. My questions are:
- How will Outlook clients know how to contact the new CAS2010 server when on the LAN? They are currently pointing to server.contoso.internal. Because server.contoso.internal is a DC, I cannot update the IP address of the A record and point it to the CAS2010 server. I also cannot rename the server from server.contoso.internal to legacy.contoso.internal. What am I missing?
- Although all servers are members of the domain, the clients are not. Their local credentials match the domain user credentials so authentication has been transparent with Exchange 2003. Any concern with Exchange 2010?
- We use a large number of address lists. I'd like to confirm we need to migrate the address lists before any mailbox is migrated for all users to have access to them.
- As I understand, the hub transport role is necessary for email to flow between 2003 and 2010. Does the installation of the hub transport role mean all Internet traffic has to flow through Exchange 2010 from that point on?
Thank you for your help.
P
0
Comment
Question by:PascalLavallee
2 Comments
 
LVL 26

Accepted Solution

by:
e_aravind earned 500 total points
ID: 35164299
Behavior of Outlook in domain Joined machines:
When a domain-connected client connects to the Active Directory directory service, the Exchange 2007 client authenticates to Active Directory and tries to locate the Autodiscover SCP objects that were created during Setup by using the user's credentials. In deployments that include multiple Client Access servers, an Autodiscover SCP record is created for each Client Access server. By using the user credentials, the Outlook 2007 client authenticates to Active Directory and searches for the Autodiscover SCP objects. After the client obtains and enumerates the instances of the Autodiscover service, the client connects to the first Client Access server in the enumerated and sorted list and obtains the profile information in the form of XML data that is needed to connect to the user's mailbox and available Microsoft Exchange features

Behavior of Outlook in non-domain joined Machines:
When Outlook 2007 is started on a client that is not domain-connected, it first tries to locate the Autodiscover service by looking up the SCP object in Active Directory. Because the client is unable to contact Active Directory, it tries to locate the Autodiscover service by using Domain Name System (DNS). In this scenario, the client will determine right side of the user’s e-mail address, that is, contoso.com, and check DNS by using two predefined URLs. For example, if your SMTP domain is contoso.com, Outlook will try the following two URLs to try to connect to the Autodiscover service:

https://contoso.com/autodiscover/autodiscover.xml
https://autodiscover.contoso.com/autodiscover/autodiscover.xml

Note: For Outlook to be able to locate the Autodiscover service by using DNS, there must be a host record in DNS for the Autodiscover service that maps the entry point, or public IP address, to the Client Access server where the Autodiscover service is hosted.

Related Article:
White Paper: Exchange 2007 Autodiscover Service
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx

===========================
In short:
In LAN, Outlook uses the SCP object and its DNS resolution to reach the CAS server

In Workgroup mode, Outlook will use the autodiscover.domain.com to reach the autodiscover URL

For the communication, the E2010 MBX servers will have the value called rpcclientaccessserver pointing to the correct CAS server.
0
 

Author Closing Comment

by:PascalLavallee
ID: 35176253
Thank you e_aravind. This is helpful
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now