Link to home
Create AccountLog in
Avatar of c-iscen
c-iscen

asked on

owa namespace design on exchnage2010

We have 2 AD site with the following Exchange 2010 configuration. I need to clarify couple of things based on the linked article.
http://www.msexchange.org/articles_tutorials/exchange-server-2010/high-availability-recovery/designing-site-resilient-exchange-2010-solution-part2.html

My questions are for namespace configuration...

1-as an internal owa url which address should I use? cas, server itself or external namespace
2-should I set/change autodiscoverinternalurl to external or primary cas array -cas1.?
3-does internal owa url change cause any end user interruption?


site1 (active/primary site)
owa internal : server1.xyz.com
owa external :webmail.xyz.com
cas array name : cas1.xyz.com
autodiscoverinternalurl: server1.xyz.com

site2 (passive site)
owa internal : server2.xyz.com
owa external :webmail.site2.xyz.com
cas array name : cas2.xyz.com
autodiscoverinternalurl: server2.xyz.com

regards,
Avatar of Exchange_Geek
Exchange_Geek
Flag of India image

1-as an internal owa url which address should I use? cas, server itself or external namespace
Internal should always point to your CAS Array that'll point to your Load balancer.
In your case
Site1: cas1.xyz.com AND
Site2: cas2.xyz.com


2-should I set/change autodiscoverinternalurl to external or primary cas array -cas1.?
It should point to your CAS Array.

3-does internal owa url change cause any end user interruption?
It wouldn't and shouldn't change cause of any interruption.

Regards,
Exchange_Geek
ASKER CERTIFIED SOLUTION
Avatar of Simon Butler (Sembee)
Simon Butler (Sembee)
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
@Simon: I've got setups where we have CAS Array working absolutely fine for over 50k mailboxes where in webmail and RPC points to CAS Array working on F5 Load Balancers.

It totally depends on your Load Balancers to be able to route your traffic CAS Array, as you know is nothing but an AD Object owning a DNS entry that's it.

Split DNS obviously makes sense, else you'll end up in a chaos where internal users starts connecting over the internet and that's a chaotic situation.

AND I can't believe writing this to you. :) :) :)

Regards,
Exchange_Geek
I don't see why you have that configuration with the CAS Array, as that goes against Microsoft's advice. You shouldn't use the CAS Array address (the host name) for anything else. It shouldn't be in the SSL certificate or anything. I have seen it cause problems with Outlook Anywhere for example.

http://blogs.technet.com/b/exchange/archive/2012/03/23/demystifying-the-cas-array-object-part-1.aspx

With the forthcoming changes to the SSL certificate guidelines, meaning internal names cannot be on the SSL certificate, that means you would have to use an external URL if you wanted to use the CAS Array on the SSL certificate. For some SSL providers that means the array address would need to resolve externally, again going against advice.

And finally I don't see why you wouldn't use different names for different services. As there is no cost involved (because it isn't on the SSL certificate) it makes troubleshooting easier because you have a seperate name space.
For very large deployments I wouldn't be using the same namespace for different protocols for this very reason. There could be a time when I want to send ActiveSync to server 1, RPC CAS to server 2 and EWS to server 3. With the same namespace I cannot do that with most load balancers.

Simon.
I need to backup Simon on this one

CAS array name doesn't need to be in the SSL certificate and specially should not be resolvable from the internet it is thus very important to have a webmail url, webmaildr url, autodiscover url and a cas array fqdn at least
Avatar of c-iscen
c-iscen

ASKER

@Simon: what you are suggesting is :using webmail.xyz.com and webmail.site2.xyz.com as external and internal url on each site. please correct me If I'm wrong.

Regarding to autodiscoverinternalurl, could it be better to use webmail.xyz.com/auto....xml for both site as the author specified on the link?

regards,
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account