Solved

Problem on Exchange 2013 Transitioning

Posted on 2014-02-19
7
269 Views
Last Modified: 2014-02-20
Hi Experts,

We are on transitioning from Exchange 2010 to Exchange 2013, on Exchange 2010  we have two HT/CAS Servers (combine role) and two MB Servers while on Exchange 2013 we also have two CAS and two MB Server. The rpc client access is mail.domain.local of Exchange 2010 while I created NLB on two Exchange 2013 CAS with name mail01.domain.local.  When we migrated the users from Exchange 2010 Mailbox Database to Exchange 2013 Database users can access easily on OWA and all mail flow are OK,but on the outlook configuration we can configure the user if we use mail01.domain.local, name will be resolve if we use the old FQDN of client access array mail.domain.local but when we open the Outlook an error is always occurred (See attachement).

Exchange 2013 Outlook 2010 Problem
Hope can you help me on this.

Thanks,
0
Comment
Question by:junyap
  • 4
  • 3
7 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39869989
First - did you test Outlook before implementing WNLB?
If not, then undo WNLB and test it again. Furthermore the Microsoft Exchange team do not recommend the use of WNLB.

Next - Outlook should not be configured manually, you MUST allow Autodiscover to do it. That is because on Exchange 2013 the server name in Outlook is unique for every user. This is due to the change in the architecture of Exchange 2013.

Therefore the first thing I would be looking at is whether Autodiscover is working correctly.

Simon.
0
 
LVL 1

Author Comment

by:junyap
ID: 39870074
Hi Simon,

I have not tested the outlook before I implement the WNLB. I just used it since I do not have hardware load balancer.  For the autodiscover should I point it on my two CAS Server?  Also I found something on the databases of Exchange 2013 that they inherited the fqdn of client access array of my exchange 2010, Can this be related to the problem? Hope that can you also provide link on better transition to Exchange 2013.

Thanks,
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39870480
"I have not tested the outlook before I implement the WNLB."

That was a mistake, because you the problem of WNLB (which is a very poor tool) getting in way. I would undo WNLB completely.

Personally I wouldn't have deployed the separate CAS role servers. Instead of the additional licences those involve, I would have used the money for hardware load balancers. Much better solution all round.

Exchange 2013 doesn't use the CAS Array setting at all, so while they may have inherited, they shouldn't be using it. Exchange 2013 only connects via Outlook Anywhere, so you have to test there, along with Autodiscover.

Have you tested Autodiscover to see if it works?
Do you have a trusted SSL certificate in place?

Simon.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 1

Author Comment

by:junyap
ID: 39870868
Hi Simon,

Yes I have SSL for autodiscover but it is still pointed on the legacy server. Do you recommend that I should combine the roles instead of having two CAS and MB server
0
 
LVL 1

Author Comment

by:junyap
ID: 39872489
Hi Simon,

I already removed the two CAS Servers and install the role to MB. For now I still cannot connect to Outlook, it appearing the certificate but the name resolve was the local name of the MB server (MBX02.domain.local)  which is far different from our SSL name (mail.domain.com). Should I request that the server has certificate?

Thanks,
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39873022
No, you just need to change all of the URLs within Exchange to use the name on your trusted SSL certificate and then configure a SPLIT DNS system so that the external name resolves internally.

http://semb.ee/splitdns

Simon.
0
 
LVL 1

Author Comment

by:junyap
ID: 39873279
Hi Simon,

You are correct before your comment I read this article
http://exchangeserverpro.com/avoiding-exchange-2013-server-names-ssl-certificates/

Which solve my problem on configuring outlook. I created my external domain (domain.com) inside my internal DNS to resolve the name inside the SSL.

Thanks,
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Read this checklist to learn more about the 15 things you should never include in an email signature.
The viewer will learn how to  create a slide that will launch other presentations in Microsoft PowerPoint. In the finished slide, each item launches a new PowerPoint presentation and when each is finished it automatically comes back to this slide: …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question