Solved

DNS Records for exchange 2003/2010 coexistence

Posted on 2013-05-26
9
520 Views
Last Modified: 2013-06-19
I need to understand the records that must be included in internal / External DNS for Exchange 2003/2010 Coexistence  please explain why they are in the internal and/or in the external DNS

I have done a lot of reading, and they recommend having, mail.domain.com, legacy.domain.com,autodiscover.domain.com on the internal and external DNS, but they never explain how these records are touched ,for instance during the mail access/flow through OWA while users are inside or outside the network, or through outlook anywhere or through mobile devices

any expert out there that have configured DNS for exchange 2003 and exchange 2010 coexistence...please explain which records you put in the public and internal DNS, and why you needed these records and how they are touched during mail flow and access

Thank you
0
Comment
Question by:jskfan
  • 4
  • 4
9 Comments
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 334 total points
ID: 39199325
You have read the coexistance documentation?
http://technet.microsoft.com/en-us/library/aa998186(v=exchg.141).aspx
http://technet.microsoft.com/en-us/library/ee332348(v=exchg.141).aspx

The DNS records come in to play for anything that is using HTTPS traffic.
The main use of legacy.example.com is for OWA access. The clients hit the Exchange 2010 server and if their mailbox is on Exchange 2003 then they are redirected to the legacy address.

Autodiscover is used in the day to day operations of Exchange. It is how Outlook 2007 and higher configure themselves and then find the various bits of information such as free/busy.

The other host name is used for ActiveSync, Outlook Anywhere and OWA (Exchange 2010).

Simon.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 166 total points
ID: 39199723
basically, when running 2007/2010/2013 exchange alongside 2003, you need to allow the systems to tell the difference between them.

internally:

The 2010 server and the 2003 server's internal FQDN should resolve to their internal IP (eg mail.domain.local & mail2.domain.local)
Where possible the external FQDN of each server should also resolve to their internal IP address. (eg mail.domain.com & legacy.domain.com)
the external Autodiscover FQDN should also resolve to the internal IP of the 2010 server (eg autodiscover.domain.com)

Externally, you need 2 external IPs if you intend to run 2003/2010 together.
Each server should accept port 443 on their own external IP.

Externally, the primary FQDN & autodiscover records should point to the 2010 server's external IP
the legacy FQDN should point to the 2003's external IP.

You can replace 'legacy' 2003 FQDN with whatever you choose, as long as it is different to the FQDN used for the 2010 server.
0
 

Author Comment

by:jskfan
ID: 39248369
SORRY for the DELAY
when a user is inside the network and wants to use OWA,  they will type https://mail.domain.com, then type user name and password, they reach the CAS sever, which in turns looks for the user mailbox location, if it is in Exchange 2003 , it will redirect the request to legacy.domain.com as specified in the INTERNAL DNS record.
the legacy.domain.com record points to Front End exchange 2003 server...
Correct ??
===================================

if a user is outside the network and wants to use OWA, they will type :
https://mail.domain.com, then type user name and password, the request will be redirected to Public DNS then to the public IP of mail.domain.com, as the protocol is 25 (SMTP) the firewall will redirect the request to the internal IP address of CAS server, which in turns looks for the user mailbox location, IF IT IS IN EXCHANGE 2003, Would the request be redirected to the External IP address of Legacy.domain.com (located in the public DNS record ) OR to the Internal IP address of legacy.domain.com (located in the internal DNS record).??
If it will be redirected to the Internal DNS to resolve legacy.domain.com, it means that the external legacy.domain.com will never be used....
if it will be redirected to the external DNS  to resolve legacy.domain.com, it means that it does not make sense, while the request made it all the way to the internal network , then it should make sense to use the internal DNS to resolve the legacy.domain.com... inh stead of being redirected to the external DNS record legacy.domain.com

To my understanding the Legacy.domain.com in the public DNS, is of No Use....

please let me know if my confusion is not understood
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39248404
Internally they will get the internal IP address, externally they will get the external IP address.
There is no way that the external users will get the internal IP address of the legacy address because OWA just tells the client to go somewhere else. It is down to the client to resolve the address, not Exchange.

Simon.
0
How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

 

Author Comment

by:jskfan
ID: 39251178
Hi Sembee2:

Ok, Briefly :

 the external user will type https://mail.domain.com, then username and password,  the request will be redirected to the public IP address of the firewall, since it is an SMTP request, it will be NATted or redirected to the internal IP address of the CAS server, which in turns will look for the mailbox location in Exchange servers...
At this point if the mailbox is in Exchange 2003 server, will the CAS redirect the request to the IP address of Legacy.domain.com record located in the internal DNS server, which should be pointing to the Front End Server  OR to the IP address of Legacy.com record located in the public DNS server ?
it will make sense that it will be redirected to the internal IP address of the Legacy.com record located in the internal DNS pointing to the FE, since it is closer instead of redirecting it to the IP address of Legacy.com located in the public DNS, then coming back to the Front End Server
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39252954
Why would it use the internal IP address?

Client hits mail.example.com, which is the Exchange 2010 server. The user logs in. Exchange sees that the user is a legacy mailbox so redirects the user to legacy.example.com - this is basically a HTTP request. The client (browser) then does a regular lookup of legacy.example.com and goes to that IP address. If external then it will be a query against your external IP address. You just need to ensure that you are pointing the NAT for the external IP address for legacy.example.com to the Exchange 2003 platform.

Simon.
0
 

Author Comment

by:jskfan
ID: 39253124
<<Client hits mail.example.com, which is the Exchange 2010 server. The user logs in. Exchange sees that the user is a legacy mailbox so redirects the user to legacy.example.com - this is basically a HTTP request>>
Ok, that's when the user is inside the network and trying to use OWA. the legacy.example.com here should be pointing to FE

==========================================
<<If external then it will be a query against your external IP address. You just need to ensure that you are pointing the NAT for the external IP address for legacy.example.com to the Exchange 2003 platform. >>

The request will still have to make it to the CAS server inside the network in order for the CAS to determine if the mailbox is in the Exchange 2003 or not.
At this point if the user mailbox is in 2003, will the request be redirected to Legacy.example.com Internal or External IP address...

Did you get where the confusion is ?

Both internal and external OWA access have to reach CAS server inside the Network to determine if the Mailbox is in 2003 or 2010....if OWA is tried outside and CAS found that the mailbox is in 2003 why CAS would not redirected to the internal IP address of legacy.example.com instead to the external IP??/
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 334 total points
ID: 39253670
You are overcomplicating things.
There is no connection required to the legacy CAS to determine that it is - that information is stored within the domain which Exchange queries.
Furthermore there is no internal connection either. It is basically Exchange saying the mailbox isn't ehre, it is there, and telling the client - the browser - to go elsewhere.

Simon.
0
 

Author Closing Comment

by:jskfan
ID: 39259374
Thanks
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

Suggested Solutions

Outlook Free & Paid Tools
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now