?
Solved

Exchange 2010 SP1 OWA internal & external names

Posted on 2011-03-22
11
Medium Priority
?
1,015 Views
Last Modified: 2012-05-11
I'm in the process of planning my slow migration from Exchange 2003 to 2010 SP1 and want to keep thing as simple as possible for users. I have ready article that state you need to have both an internal and external name for our OWA site . Is it ok if I just use an external name only? I don't want confuse my user's?
0
Comment
Question by:compdigit44
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35192257
You need external name and separate external IP so both versions of Outlook Web Access will work.

We are talking about the Exchange2003LegacyURL here aren't we?
0
 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35192282
You won't confuse your users cause as far as they are concerned they hit owa.mydomain.com and if they are Exchange 2003 users then Exchange 2010 will log them into e2k3 OWA via legacy.mydomain.com and then pass the URL back to the user.
0
 
LVL 16

Expert Comment

by:Auric1983
ID: 35192288
Using a split DNS you can set it up so your internal DNS name and external DNS name for OWA are the same...
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 20

Author Comment

by:compdigit44
ID: 35192471
Ok, let me make sure I'm understanding thing correctly..

1)As I slowly migrate to Exchagen 2010 will both my 2003 and 2010 users be able to access there OWA's via the CAS server? What are the steps for setting this up

2) I have ready articles that state you should have and internal owa name and external owa name for 2010. For example internal = server.domain.local external = webmail.domain.com can I just have an external owa name to make things simple

3) On the certifcate requete what is the purpose of the Legacy server box? do I need to type in the full internal FQDN name of my 2003 server here?
0
 
LVL 16

Expert Comment

by:Auric1983
ID: 35192511
compdigit44,

1. You will need to move your legacy server to "legacy.domain.com" your new server will be webmail.domain.com or whatever name.

2. There are a number of services that have internal and external URL's, OWA being one of them.  That being said, using split DNS and a few configuration commands you can set it up so the URL's are the same so the user only  needs to know "webmail.domain.com" and not the server name.  

3. The legacy server on the cert is to do with the legacy server above (see #1)  Depending on how fast you do the migration you may not need this.

This is the guide I used when i migrated my site to 2010 this year...

http://milindn.files.wordpress.com/2010/01/rapid-transition-guide-from-exchange-2003-to-exchange-2010.pdf

0
 
LVL 20

Author Comment

by:compdigit44
ID: 35192604
I will review the link you sent - thanks

1) I'm unclear by what you mean by moving legancy.domain.com to webmail.domain.com???

2) under 2003 you had one OWA site in our case it is in the DMZ. Why under 2010 do you need both a internal and external owa name
0
 
LVL 16

Expert Comment

by:Auric1983
ID: 35192816
1. In order for your legacy clients to have OWA access you need to specify the legacy server name in this case legacy.domain.com, basically any instance of webmail.domain.com will get changed to legacy.domain.com.  You then update your 'webmail.domain.com' to point to your new server (needs another external IP)

2. In 2010, it is not supported to have the CAS role in the DMZ. see http://blogs.technet.com/b/exchange/archive/2009/10/21/3408587.aspx for more information.   The only roles that can be deployed in the DMZ are the Edge servers which require additional configuration & setup.  (They cannot be domain members etc.)

The way I did my migrations here

1. Setup & Configure new exchange server
2. Configure routing connector between the two (Ex 2003 was still doing mail delivery)
3. Moved users to Exchange 2010
4. Changed NAT rule on firewall so the external records for mail.domain.com owa.domain.com etc. all pointed to my new server
5. Removed Exchange 2003

How many users are you migrating?
0
 
LVL 20

Author Comment

by:compdigit44
ID: 35197682
The link you provide was very helpfuly. I still having a hard time understanding WHY in 2010 I need both and internal and external OWA URL

for example internal : https://server.domain.local  external https://webmail.domain.com

What ould happen if you left the internal OWA URL blank?

on the certificate request for the legacy host name: do I put in the internal domain name of my Exchange 2003 server ex2k3.domain.local???
0
 
LVL 16

Expert Comment

by:Auric1983
ID: 35200137
compdigit,

Long & short of it is, by default internal clients will refer to the server by it's internal name (unless told otherwise) The reason I say that is there are times when your internal FQDN cannot be added to a certificate.  For example if your internal FQDN was contoso.com and you didn't actually Own the contoso.com domain on the web a cert authority would not give you a cert for that, so split DNS is used.

In my environment, the split dns is setup so that "webmail.domain.com" resolves to the external address outside and the internal ip address inside, so I only need to tell my users one URL.

If you are using a SAN certificate you can just include both the legacy.domain.com and the ex2k3.domain.local request, but it's probably not required.

0
 
LVL 20

Author Comment

by:compdigit44
ID: 35200305
Ok I think I'm being to understand but in regards to OWA access I can just tell my users to new external OWA 2010 address and setup the proper internal DNS so they can access this site from the inside, I should be all set correct?
0
 
LVL 16

Accepted Solution

by:
Auric1983 earned 2000 total points
ID: 35200313
Exactly.

There are a couple powershell commands you need to execute to set the internal name to the external owa address, but you are 100% correct.

It's just na extra layer of confusion from MS is all :D
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question