Legacy host name in DNS

you need to create a Legacy hostname in both internal and external DNS.

maybe i should be a little more specific.  If your internal domain name is contoso.local and your external is contoso.com your dns records should look like this:

legacy.contoso.com (external)
legacy.contoso.local (internal)

they need to  host (A) records.

<<<If your internal domain name is contoso.local and your external is contoso.com your dns records should look like this>>>

 "Internal " : do you mean Active Directory name space ??
"external": the name space registred on the internet ?

if so how are these records setup at the registrar DNS and or in our internal DNS ?

external means the space registered on the internet.  You would usually get a website that you can create the DNS records in.  Internally means your network that the outside world can't see.  If you are using Microsoft DNS, then you would just go into the DNS MMC snap-in, into the appropriate domain and add the record in there.

Here is a technet article on adding DNS records internally:

http://technet.microsoft.com/en-us/library/bb727018.aspx

Externally, it can differ greatly depending on the company you are using for your DNS, and in some cases they don't even supply a web page, but you have to email them or call them

let me put it this way:

let s say We have co-exiting exchange servers 2003 and 2010
our external clients (OWA,POP) they used to reach us using mail.mycompany.com to access their mailboxes in exchange 2003
now we have some mailboxes in exchange 2003 and some in exchange 2010.

there should be a legacy hostname configured in CAS servers as well a DNS record for the Legacy hostname, but how and where to configure it

also the :
Set-OWAVirtualDirectory "MAIL2010\OWA (Default Web Site)" -Exchange2003URL https://legacyname.company.com/exchange

is it run on both CAS servers or just one ?

OK.  Basically, the reason that you need the legacy hostname is that when someone attempts to log in to OWA for example (there are other reasons, this is just an example), and their mailbox is not on a 2010 server, they need to be forwarded to the 2003 server.  They will never actually type the legacy hostname in.  For this reason, the Legacy hostname needs to be accessible from both the internet and within your network.  Therefore, all you have to do is create the legacy hostname in internal and external DNS and then set up the firewall.  after this is done, you can run that command.  You only need to do this once.  Here is a technet article on the entire procedure:

http://technet.microsoft.com/en-us/library/ee332348.aspx

Something to remember about Exchange 2010 is that you can manage any server from anything that has the Exchange Management tools installed.  Therefore, you could basically run this command from a workstation if you really wanted to.

I guess there are 3 important DNS records to add when exch2003 and exch2010 co-exist:

mail.mycompany.com  is at the public DNS ( the registrar)
when internet clients (OWA,POP) connects to their mailboxes, they go to
mail.mycompany.com, that wil route them to the public IP on the firewall and since it s an SMTP connection on port 25 the NAT should forward the connection to CAS server. If the mailbox is in exchange 2010 then CAS will redirect the connection to exchange2010 otherwise the command we typed in CAS server:
Set-OWAVirtualDirectory "MAIL2010\OWA (Default Web Site)" -Exchange2003URL https://legacyname.company.com/exchange
will help CAS to forward the connection to exchange 2003 fron end server

legacyname.company.com should be added as A record in DNS and points to FE
autodiscover.comapny.com record should also be added for Outlook 2007 and later.

Hi,

You need at least 4 actually.  Mail.companyname.com and legacy.companyname.com in your external DNS.  Then you need mail.companyname.local and legacy.companyname.local in your internal DNS.  

Then on top of all that autodiscover records.

I am not sure legacy.companyname.com will be in external DNS.
because external users will type mail.mycompany.com to access their mailboxes. so what would legacy.mycompany.com help for ?


I don't think this legacy.companyname.local is useful  either,

if their mailboxes are on exchange 2003 servers, mail.companyname.com will simply forward them to legacy.companyname.com.  If it doesn't exist, it will fail.  Once set up, if you get someone to log on to OWA who has a mailbox in 2003, you will see that the URL changes to legacy.companyname.com

In the technet article above, you will see that Microsoft tell you to create an external legacy DNS record.  Therefore, you require seperate external ips for legacy server and exchange 2010 server.

<<if their mailboxes are on exchange 2003 servers, mail.companyname.com will simply forward them to legacy.companyname.com>>>
how does it know that their mailboxes are in exchange 2003 ???
Only CAS server will  know and forward them to FE

yes.  the cas server will know.  unfortunately, all it does is respond with the legacy hostname.  It is a simple forwarder, nothing more.  Therefore, when owa or whatever you are using then attempts to connect to the legacy hostname it will fail without it, even if you have set the DNS record correctly on the inside.

have you used exchange 2003    with exchange 2010?

let s wait for another EE to pitch in

yes.  I am an exchange consultant and have been since 2003.  I have done many migrations from 2003 to both 2007 and 2010 in very large implementations..  I am an MCITP in Exchange 2010 and Windows 2008.  I don't know what more to say about my qualifications.  I have shown you a technet article from Microsoft backing up what i have said.

http://technet.microsoft.com/en-us/library/ee332348.aspx
I will check the link and get back with you

what do internet users type in the address of the internet browser to access their mailboxes?

mail.company.com or legacy.company.com

I need kind of a path, that will be taken by a user that has a mailbox in exchange 2003 and a user that has a mailbox in exchange 2010 from the point they type the address on the internet browser.
I thought they all type: mail.company.com on the browser which is an MX record on the external DNS which point to an A record there in the same Extenal DNS that points to a public IP of our firwall which NAT it to inside CAS role and at this server level(CAS server) that determines if the mailbox is in exch2003 or 2010. if it is in 2003 it will forward it to FE.
so I have not seen why legacy.company.com can be in the public DNS

correct.  all they type is mail.company.com.  Everything else is done by the cas.  The user will not know that they are actually at legacy.company.com unless they look at the address bar, which will have changed to legacy.company.com.  This is why legacy.company.com is required.  Because the browser cannot go there if it cannot resolve it.  This is also why you need a seperate ip address for legacy and you need to open ports in the firewall for it and point them to the 2003 FE.  Hope that makes some sort of sense.

Basically, what it boils down to is that an external client (such as OWA) cannot resolve a name that is only internal.

where it is always not clear is why legacy.company.com dns record needs to be in public DNS(registrar), seeing that it is not used by owa users? how and when does it come into play other than using it on the internal dns?

i think you are trying to see the cas as a proxy to the 2003 FE, which it is not.  all it does is supply a forwarder.  therefore, when the owa receives the command to go to legacy instead, it will not be able to unless there is a public dns record for legacy.company.com.

The process is this:

1. User goes to mail.company.com and logs on.
2. Exchange 2010 realizes that the mailbox resides on 2003 server and so responds with legacy hostname.
3. Internet Explorer then attempts to connect to legacy.company.com
4. If a DNS record exists, it resolves and accesses the 2003 FE.  If it does not, it won't.

You cannot access an internal legacy record externally.

Let me comment your last answer:

<<1. User goes to mail.company.com and logs on.>>
it makes sense (A) record mail.company.com as well as MX record are in the public DNS on the internet

<<2. Exchange 2010 realizes that the mailbox resides on 2003 server and so responds with legacy hostname.>>>

OK --it comes first to our firewall that has for instance ports 80 and 443(SSL) open ---- then it will be Natted to CAS server

<<<3. Internet Explorer then attempts to connect to legacy.company.com>>>
here where the gray area is.
how does the internet explorer[the user] see the legacy.company.com ????
my answer is the CAS talks to Active Directory and will know that the user is in Exchange2003, then CAS through that was configured with this :Set-OWAVirtualDirectory <CAS2010>\OWA* -Exchange2003URL https://legacy.contoso.com/exchange 

will know where to forward the user OWA connection.
legacy.contoso.com should point to Exchange Front End if there are more than one exchange 2003
the FE also talks to AD and determines on which Exchange2003 server the user Mailbox is located


All this post was about the DNS record legacy.contoso.com.

I said it is pointless to have it in the public DNS, but in the local DNS pointing to the FE

it is explained here:
http://www.simple-talk.com/sysadmin/exchange/upgrade-exchange-2003-to-exchange-2010/

but did not find a link that can walk us through the path that is taken from the user typing the owa address on the browser all the way to user mailbox.
And knowing the path can help a lot in troubleshooting if an issue comes up.

ok.  The process is this: -

1.  mail.company.com is typed into the address bar, which gets you to the Exchange 2010 CAS.
2.  The user attempts to log on to the Exchange 2010 CAS from OWA
3.  The Exchange 2010 CAS basically says to your client "this mailbox is not on a 2010 server, therefore, you need to access this mailbox at legacy.company.com"
4.  OWA then attempts to connect to legacy.company.com instead of mail.company.com
5.  If there is a public DNS host record, it is able to resolve and it will then go into OWA (2003)
*NOTE: What this means for the user is that they will see the 2010 Outlook Web App logon screen, but once logged in, it will go to Exchange 2003's Outlook Web Access instead.
6.  User can now use Exchange 2003's Outlook Web Access as normal

This will then provide a seamless experience for your users

<<<3.  The Exchange 2010 CAS basically says to your client "this mailbox is not on a 2010 server, therefore, you need to access this mailbox at legacy.company.com"
4.  OWA then attempts to connect to legacy.company.com instead of mail.company.com  >>>

 
OWA will make a request for legacy.company.com to the Local DNS for legacy.company.com since it is already inside the network, or to the public DNS for legacy.company.com ???

if you are using OWA within the network, it will check the internal record.  If you are using OWA externally (at home for example) it will check the external record.

it is your client that will check the DNS not the CAS.  So, if you are using Internet Explorer on your home computer to access OWA, it will check the external DNS record since it has no way to check the internal record.  It is impossible for it to do so.  If you are inside the network, on a work computer, the DNS server that you are configured to use internally will have a record for legacy.company.local so it will resolve it internally.

so I will take your statement as true:
CAS will reject OWA request saying :" please go back to the public DNS and ask him for legacy.company.com"
"I will not forward your request neither to FE nor to our internal DNS "

Thanks maxsmith5k for putting up with me.
Thanks Ruben