Solved

Exchange 2003/2010 coexistence questions

Posted on 2011-03-17
2
963 Views
Last Modified: 2012-06-21
Hi,
We are running an Internet-facing Exchange 2003 SP2 on a Windows 2003 DC. We also have 2 new DCs running Windows 2008. We are planning on installing all Exchange 2010 roles on one of the new 2008 DC and run a coexistence environment for a few weeks. Our Exchange 2003 server name is server.contoso.internal. Our users run a mix of Outlook 2003 and Outlook 2010. Outlook is configured to connect to server.contoso.internal when on LAN and mail.contoso.com for Outlook Anywhere. Our internal DNS servers host 2 zones: contoso.com and contoso.internal. Both zones have A records for server.contoso.internal and mail.contoso.com pointing to the internal IP address of the Exchange 2003 server. The external DNS servers also have an A record for mail.contoso.com pointing to the public IP address of our Exchange 2003 server.
As I understand, in a coexistence environment, all clients will be connecting to the CAS 2010 first and be directed to the Exchange 2003 when the mailbox has not yet been migrated. I reviewed Microsoft's papers explaining the configuration of /externalCASSeverDomain, LegacyRoutingServer, OWAVirtualDirectory and installation the new SAN certificate. My questions are:
- How will Outlook clients know how to contact the new CAS2010 server when on the LAN? They are currently pointing to server.contoso.internal. Because server.contoso.internal is a DC, I cannot update the IP address of the A record and point it to the CAS2010 server. I also cannot rename the server from server.contoso.internal to legacy.contoso.internal. What am I missing?
- Although all servers are members of the domain, the clients are not. Their local credentials match the domain user credentials so authentication has been transparent with Exchange 2003. Any concern with Exchange 2010?
- We use a large number of address lists. I'd like to confirm we need to migrate the address lists before any mailbox is migrated for all users to have access to them.
- As I understand, the hub transport role is necessary for email to flow between 2003 and 2010. Does the installation of the hub transport role mean all Internet traffic has to flow through Exchange 2010 from that point on?
Thank you for your help.
P
0
Comment
Question by:PascalLavallee
2 Comments
 
LVL 26

Accepted Solution

by:
e_aravind earned 500 total points
ID: 35164299
Behavior of Outlook in domain Joined machines:
When a domain-connected client connects to the Active Directory directory service, the Exchange 2007 client authenticates to Active Directory and tries to locate the Autodiscover SCP objects that were created during Setup by using the user's credentials. In deployments that include multiple Client Access servers, an Autodiscover SCP record is created for each Client Access server. By using the user credentials, the Outlook 2007 client authenticates to Active Directory and searches for the Autodiscover SCP objects. After the client obtains and enumerates the instances of the Autodiscover service, the client connects to the first Client Access server in the enumerated and sorted list and obtains the profile information in the form of XML data that is needed to connect to the user's mailbox and available Microsoft Exchange features

Behavior of Outlook in non-domain joined Machines:
When Outlook 2007 is started on a client that is not domain-connected, it first tries to locate the Autodiscover service by looking up the SCP object in Active Directory. Because the client is unable to contact Active Directory, it tries to locate the Autodiscover service by using Domain Name System (DNS). In this scenario, the client will determine right side of the user’s e-mail address, that is, contoso.com, and check DNS by using two predefined URLs. For example, if your SMTP domain is contoso.com, Outlook will try the following two URLs to try to connect to the Autodiscover service:

https://contoso.com/autodiscover/autodiscover.xml 
https://autodiscover.contoso.com/autodiscover/autodiscover.xml

Note: For Outlook to be able to locate the Autodiscover service by using DNS, there must be a host record in DNS for the Autodiscover service that maps the entry point, or public IP address, to the Client Access server where the Autodiscover service is hosted.

Related Article:
White Paper: Exchange 2007 Autodiscover Service
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx 

===========================
In short:
In LAN, Outlook uses the SCP object and its DNS resolution to reach the CAS server

In Workgroup mode, Outlook will use the autodiscover.domain.com to reach the autodiscover URL

For the communication, the E2010 MBX servers will have the value called rpcclientaccessserver pointing to the correct CAS server.
0
 

Author Closing Comment

by:PascalLavallee
ID: 35176253
Thank you e_aravind. This is helpful
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Finding original email is quite difficult due to their duplicates. From this article, you will come to know why multiple duplicates of same emails appear and how to delete duplicate emails from Outlook securely and instantly while vital emails remai…
In this step by step procedure, you will come to know the details of creating an Outlook meeting in 2007, 2010, 2013 & 2016.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question