If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.
Course Of The Month
7 days, 7 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Exchange 2010 Toplogy for Infrastructure with multiple AD Sites
Posted on 2012-04-10
I am doing an upgrade for a network that has 8 branch offices. Four of those offices have Exchange 2003 servers currently; all mail flows into one server and then is routed to the appropriate mailbox. We are upgrading to Exchange 2010 and I was wondering if anyone had suggestions for the topology to implement. From what I have been reading it looks like at each of the four locations I will want to install the CAS, Hub Transport, and Mailbox role. My question is since what would be the best way to set this up so I only have to purchase one SSL cert for OWA. Should I set up a proxy for the CAS? Since each location will have mailboxes I am assuming the proxy would then route them to their mailbox. Is the rest done via connectors as far as email flow - the emails will come into one location and then be dispersed. Is there a best practice way to do this? Any suggestions would be grealty appreciated. Thanks.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
If you do not need High Availability (DAG clustering), I think you really do not have to worry much. Assume that one of your office(main) will publish the OWA for you to the internet(internet facing server).
Ensure that you already have AD sites/subnets created for each office where you plan to install Exchange 2010
Install single server with all roles in each office
Publish the main office server to internet as internet facing CAS server(Or use TMG as reverse proxy).
The email flow will take care by AD site connectors, you do not have to create any extra connectors(except the internet Send Connector). It is not so easy to explain the complete steps :(
CAS to CAS proxy will be taken care by exchange 2010 itself.
When it comes to the SSL, you just need to buy for internet publishing URL including the CAS server names FQDNs as SAN(Subject Alt Names). Normally many third party CAs offer additional 4 SAN names with one Unified Communications Certificate.
There are many more to look at when designing(including CAS array, DAG etc), but this will help you to start with...
Ensure that you already have AD sites/subnets created for each office where you plan to install Exchange 2010
Install single server with all roles in each office
Publish the main office server to internet as internet facing CAS server(Or use TMG as reverse proxy).
The email flow will take care by AD site connectors, you do not have to create any extra connectors(except the internet Send Connector). It is not so easy to explain the complete steps :(
CAS to CAS proxy will be taken care by exchange 2010 itself.
When it comes to the SSL, you just need to buy for internet publishing URL including the CAS server names FQDNs as SAN(Subject Alt Names). Normally many third party CAs offer additional 4 SAN names with one Unified Communications Certificate.
There are many more to look at when designing(including CAS array, DAG etc), but this will help you to start with...
Active 4 days ago
Thanks. I have installed two exchange servers; one configured with the CAS internet facing. I am having problems finding out how to configure the CAS proxy. I have OWA enabled on the internet facing CAS. I have also enabled OWA on the second CAS and configured integrated authentication. Can someone please point me in the right direction to get this configured? Thank you.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online.
The email signature template has been downloaded from:
www.mail-signatures…
Suggested Courses
Course of the Month7 days, 7 hours left to enroll
729 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.