Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 819
  • Last Modified:

Windows Sbs server, using hosted exchange on same domain - how to bypass local network?

I have an issue with a network that users Windows SBS 2008. They used to use Exchange locally, but they recently moved to Hosted exchange from another provider.

The main issue is that connected PC's and Mac's still often revert back to trying to use the local server.

To give the problems some context lets say the domain is called:

example.com

In this case also on the SBS server, the domain is also called example.com (rather then say example.local as used to be recommended).

Some specific issues are that when you look on Outlook 2010 under "File", and then  under "Account Settings" this normally shows the web URL to get web access to your email.
On this network on computer connected to the domain, they tend to show the old server rather then the new hosted exchange URL.

Also more annoyingly, if a user has been set to have access to another users mailbox, when they close and open Outlook, they have to add that users mailbox again.

Occasionally it request the user enters a password, because it has attempted to connect to the local mailbox rather then the remote one.

Also the Apple Mac's on this network cannot connect to hosted exchange unless their DNS is manually set to Google DNS (or some other external provider).

Before we implemented a conditional forwarder, we were unable to ping autodiscover.example.com. It would not give any results. Once we put a conditional forwarder in we were able to fix this


The auto discover record (i.e. autodiscover.example.com) has been setup as required (which is a cname for a record such as autodiscover.hostedexchangeprovider.com) by hosted exchange provider and outside the SBS network all works fine. There is only issues with computers connected to the domain.

Actions we have taken so far are
      • Disable Outlook webaccess on the local server - this helped.
      • Implemented a Conditional forwarder on the network so that autodiscover.hostedexchangeprovider.com uses Google DNS. - this helped improve things a lot - but not perfect.


A complex problem for a good expert. Any help appreciated.
0
afflik1923
Asked:
afflik1923
  • 4
  • 2
  • 2
  • +1
3 Solutions
 
sirakovCommented:
If I understand correctly the users are now in a new exchange organization called the same way as your SBS domain. Basically you try to use Outlook Anywhere from inside your domain.
Because outlook client will always try to query for SCP in AD inside a domain and If my assumption are correct you can for example >Modify the registry on clients machines to use a custom autodiscover.xml
What I will do is to set an invalid SCP and this way forcing Outlook to go looking for an external DNS A record for autodiscover.example.com
To see what is set now :
get-clientaccessserver | fl *uri
To remove the address:
Set-ClientAccessServer  -AutoDiscoverServiceInternalUri $null

To improve performance you could also force clients to connect always using HTTP on slow or fast network
0
 
SteveCommented:
Hi afflik1923,

This is a difficult one, as you are trying to override many of the built in features of your SBS server, made much more difficult by having your internal domain the same as the one you're trying to override.

Some points to discuss:
a) Sorting your DNS so your systems accept the external email system.
b) Stopping your exhange system overriding the DNS settings

DNS:
Set some A records for your new system
mail = <external IP of hosted systems> (example)
autodiscover = <external IP of hosted systems>

This should be sufficient for most systems but we can look at more involved options if necessary.

Exchange:
Exchange 2007 will try to override all your hard work so yo may have to disable all its services during testig to make sure you are happy its working. In practice, most of the automated systems are done via webservices in IIS, so you may have to disable the exchange folders on your server. (EWS, autodiscover etc)
Try disabling IIS and exchange services for testing and then turn required services back on one at a time to see which cause you a problem.
0
 
afflik1923Author Commented:
going to try this weekend.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I realize that this question is quite old, but since it hasn't been answered i thought i would at least provide the solution.

There is actually official documentation on this subject:
http://technet.microsoft.com/en-us/library/dd727997(v=ws.10)

Jeff
TechSoEasy
0
 
afflik1923Author Commented:
OK thanks. I will review this new link. Sorry for the delay.
0
 
SteveCommented:
take care if you plan to use an SBS box without exchange on. SBS is a difficult beast to tame and many of the wizards stop working when exchange is removed. Also, most service packs and updates will encounter errors.

Ive worked with such 'amended' SBS boxes before and i've seen many inexperinced techies struggle to make it work when exchange is removed......

Id recommend researching it before removing exchange to make sure you are happy it wont have any adverse effects.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
That used to be true for SBS 2003 but is no longer the case.  The fact is that if you buy SBS and don't plan on using Exchange you are just wasting money on unused licensing.  This is why there is now SBS 2011 Essentials which does not include Exchange.

However, many folks have an SBS and want to move to using a cloud-based email such as Office 365, and removing Exchange is the correct thing to do in that case.

The document I provided above is provided by Microsoft.  Everything still works after removal of Exchange as long as you follow those steps.

I would definitely recommend against removing Exchange on an SBS 2003 though.

Jeff
TechSoEasy
0
 
afflik1923Author Commented:
In the end this became less of a problem for our client. It may be somethign that is revisited but at present in the end we did not have to go through with the changes.

But the input was very useful.
0
 
afflik1923Author Commented:
Many thanks.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 4
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now