• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 91
  • Last Modified:

Publi folder access in exchange server 2010 ?

Hi people,

When my client or workstation Outlook accessing the Public folder in my mailbox server, does it go through the CAS server role or directly to the Mailbox server role ?

My Normal email access and Activesync is handled by NLB of the CAS/HT role.

Because I need to set the hardware load balancer access and I'm confused what to do.
0
Senior IT System Engineer
Asked:
Senior IT System Engineer
5 Solutions
 
Sudhir BidyeCommented:
Microsoft Outlook still connects directly to the Mailbox server to access Public Folder databases. If a client tries to connect to a Mailbox server for public folder access, the RPC Client Access service (MsExchangeRpc) answers the RPC endpoint. If the endpoint is on a server that has the Mailbox server role installed, the RPC Client Access service will only allow public folder logons and will provide a referral to a Client Access server or a Client Access server array. If the endpoint is on a Client Access server or Client Access server array, it will allow only Private folder logons and will provide a referral to a Mailbox server for public folder access.

Reference Article :
https://technet.microsoft.com/en-us/library/ee332317%28v=exchg.141%29.aspx

http://www.msexchange.org/articles-tutorials/exchange-server-2007/planning-architecture/uncovering-new-rpc-client-access-service-exchange-2010-part2.html
0
 
dsnegi_25decCommented:
Your Answer :  Public folder request will go directly to mailbox .
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
ok so in this case in the event of CAS/HT server role offline, the Public folder can still be accessed by the Outlook client ?
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
Senior IT System EngineerIT ProfessionalAuthor Commented:
I need to create a firewall rule for a static TCP port using a hardware load balancer, so in this case, do I need to specify the mailbox server IP address and port or do I still need to open firewall rule to the Mailbox server with the static TCP port ?
0
 
Gareth GudgerCommented:
Hey ITSystemEngineer,

No you do not need to open up your firewall to your mailbox servers. The hardware load balancer should only point to the CAS/HT servers for client access and mail flow.

Even though the client does go directly to the Mailbox server for Public Folders, it does talk to CAS first to determine which Mailbox Server it should talk to. So the CAS server still does an initial lookup for the client.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Ah I see, so where in tech net I can see and learn more about the way it works ? Is that mention somewhere in Technet ?

I need to learn more so that I fully understand the flow.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
I have set the static tcp port on the HT/CAS for the email flow and also the Mailbox server for the Public Folder server.

And based on your explanation, in this case I just need to set or point the Hardware NLB to the HT/CAS array (NLB virtual IP address)
Is that correct ?
0
 
Gareth GudgerCommented:
Right. The NLB just needs to have the IPs of the CAS/HUB servers. I assume CAS/HUB are the same servers?

Looking for an article now.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Yes that's true i have two servers configure as HT/CAS and now IT is configured as NLB CASarray using Windows NLB. I'm now setting up another hardware load balancer infrintmof these two servers and wondering about the firewall rule to the mailbox servers for the public folder access.
0
 
Gareth GudgerCommented:
Right. You don't need to publish your mailbox servers through the firewall. Just your CAS/HUB servers. CAS will proxy these connections for an external user with Outlook Anywhere (RPC over HTTPS).

So are you ripping out Windows NLB and replacing it with the hardware load balancer? You don't need both. (You still need the CAS Array of course).
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
yes, that's correct. I'm starting to decommission the WNLB and started using the hardware Load balancer (Riverbed SteelApp) for my HT/CASarray.

so In this case yes, I'll point:

port TCP/25
TCP/443 a
static TCP port for AddressBook, Exchange RPC and PublicFolder

from the Hardware Load Balancer to the HT/CAS array VIP.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Hi Gareth, is that the correct way to do it ?
0
 
Gareth GudgerCommented:
Yes, point 25 and 443 to your Hardware Load Balancer. The load balancer would they have the IPs (and all the Health Checks) for each CAS/HUB server.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
ok, so no need to publish the Mailbox Server nodes to the Load balancer then ?
0
 
Gareth GudgerCommented:
Nope.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now