Solved

Publi folder access in exchange server 2010 ?

Posted on 2015-02-09
15
80 Views
Last Modified: 2015-02-19
Hi people,

When my client or workstation Outlook accessing the Public folder in my mailbox server, does it go through the CAS server role or directly to the Mailbox server role ?

My Normal email access and Activesync is handled by NLB of the CAS/HT role.

Because I need to set the hardware load balancer access and I'm confused what to do.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
15 Comments
 
LVL 3

Assisted Solution

by:Sudhir Bidye
Sudhir Bidye earned 100 total points
ID: 40597896
Microsoft Outlook still connects directly to the Mailbox server to access Public Folder databases. If a client tries to connect to a Mailbox server for public folder access, the RPC Client Access service (MsExchangeRpc) answers the RPC endpoint. If the endpoint is on a server that has the Mailbox server role installed, the RPC Client Access service will only allow public folder logons and will provide a referral to a Client Access server or a Client Access server array. If the endpoint is on a Client Access server or Client Access server array, it will allow only Private folder logons and will provide a referral to a Mailbox server for public folder access.

Reference Article :
https://technet.microsoft.com/en-us/library/ee332317%28v=exchg.141%29.aspx

http://www.msexchange.org/articles-tutorials/exchange-server-2007/planning-architecture/uncovering-new-rpc-client-access-service-exchange-2010-part2.html
0
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 40597908
Your Answer :  Public folder request will go directly to mailbox .
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40598010
ok so in this case in the event of CAS/HT server role offline, the Public folder can still be accessed by the Outlook client ?
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40598011
I need to create a firewall rule for a static TCP port using a hardware load balancer, so in this case, do I need to specify the mailbox server IP address and port or do I still need to open firewall rule to the Mailbox server with the static TCP port ?
0
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 400 total points
ID: 40598293
Hey ITSystemEngineer,

No you do not need to open up your firewall to your mailbox servers. The hardware load balancer should only point to the CAS/HT servers for client access and mail flow.

Even though the client does go directly to the Mailbox server for Public Folders, it does talk to CAS first to determine which Mailbox Server it should talk to. So the CAS server still does an initial lookup for the client.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40598316
Ah I see, so where in tech net I can see and learn more about the way it works ? Is that mention somewhere in Technet ?

I need to learn more so that I fully understand the flow.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40598326
I have set the static tcp port on the HT/CAS for the email flow and also the Mailbox server for the Public Folder server.

And based on your explanation, in this case I just need to set or point the Hardware NLB to the HT/CAS array (NLB virtual IP address)
Is that correct ?
0
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 400 total points
ID: 40598460
Right. The NLB just needs to have the IPs of the CAS/HUB servers. I assume CAS/HUB are the same servers?

Looking for an article now.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40599423
Yes that's true i have two servers configure as HT/CAS and now IT is configured as NLB CASarray using Windows NLB. I'm now setting up another hardware load balancer infrintmof these two servers and wondering about the firewall rule to the mailbox servers for the public folder access.
0
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 400 total points
ID: 40599440
Right. You don't need to publish your mailbox servers through the firewall. Just your CAS/HUB servers. CAS will proxy these connections for an external user with Outlook Anywhere (RPC over HTTPS).

So are you ripping out Windows NLB and replacing it with the hardware load balancer? You don't need both. (You still need the CAS Array of course).
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40599524
yes, that's correct. I'm starting to decommission the WNLB and started using the hardware Load balancer (Riverbed SteelApp) for my HT/CASarray.

so In this case yes, I'll point:

port TCP/25
TCP/443 a
static TCP port for AddressBook, Exchange RPC and PublicFolder

from the Hardware Load Balancer to the HT/CAS array VIP.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40617936
Hi Gareth, is that the correct way to do it ?
0
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 400 total points
ID: 40618012
Yes, point 25 and 443 to your Hardware Load Balancer. The load balancer would they have the IPs (and all the Health Checks) for each CAS/HUB server.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40618021
ok, so no need to publish the Mailbox Server nodes to the Load balancer then ?
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40618801
Nope.
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question