Exchange 2013: Users disconnected from outlook whenever second CAS server is shutdown.

Good Afternoon Experts,

We are migrating from an exchange Server 2007 infrastructure to exchange 2013.

Our 2013 setups consits of two mailbox servers and two separate CAS servers running exchange 2013 CU8 and Windows Server 2008 R2.  Whenever the active node is shut down  the databases fail over to the other server in the DAG. No issues with this.

The issue is that whenever I shut down the second CAS server, all users get disconnected from outlook. It will either say disconnected, limited connectivity or just "trying to reconnect" which it never does until I bring that second CAS server back online.

But Outlook Web stays connected just fine at all times.

I've compared the settings/roles/services between both CAS servers and everything is exactly the same.

I'm at wit's end and hoping for some answers from some of the more knowledgeable and experienced members of this community.


Thanks.
ILoveNEAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
Couple of things...
- Do you have your CAS / MBX roles on the same servers?
- What are you using as a Load Balancing solution?
- Do you have all of your Virtual Directories pointing to your Load Balancer and not directly to one of the CAS servers?
- Do you still have Exchange 2007 in your environment or is it completely removed?

With Exchange 2013 CAS uses stateless connections. Meaning, when CAS goes offline, if you are already connected to your mailbox it should stay connected. Exchange 2013 Connects directly to the mailbox (GUID) which means it no longer relies on CAS to keep the connection open.

This is the weird thing about this setup. Any mailboxes that try to connect after CAS is down will fail but anyone that are currnetly connected should not experience a disconnect.

Will.
0
ILoveNEAuthor Commented:
Hi Will, thanks for your reply.

-No I have the MailBox/Cas roles on different Servers.
- I am using WNLB as the load balancing solution, it is configured properly as far as I can tell. Again, I never lose connectivity from OWA only from the outlook client.
-The Cluster VIP is say x.x.x.104... I then created a DNS record webmail.mycompany.org to point to .104.. All of the virtual directories are pointing directly to webmail.mycompany.org or x.x.x.104
- I still have exchange 2007 in my environment as i need to make sure this works first before i can complete the migration.

If I am already connected to outlook,  it will disconnect me as soon as the second CAS server goes down. If I launch outlook after the CAS server is shutdown it will just stay at "trying to connect" and eventually show disconnect.
0
Will SzymkowskiSenior Solution ArchitectCommented:
Based on the information you have provided you have configuration issues based on best practices and what is recommended for a production environment.

-No I have the MailBox/Cas roles on different Servers.
In Exchange 2013 the server roles should be on the same server (not required but for best performance/reliability/cost effective)

I am using WNLB as the load balancing solution
WNLB is not recommended for Production Exchange Environments

There are also a lot of limitations and issues you can run into when you are using WNLB (see link below...)
https://technet.microsoft.com/en-us/library/jj898588(v=exchg.150).aspx

Because your users are not properly staying connected and they all point to the WNLB IP I would think there has to be a configuration issue/step you have missed. once a user has connected to Exchange 2013 mailbox CAS is no longer dependent/require until the user closes and re-opens Outlook.

You should be using a layer4 or layer7 hardware load balancer for load balancing CAS.

Will.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

ILoveNEAuthor Commented:
Hi Will,

The issue persists even if I don't point it to the load balancer but just leave each CAS server with their default configuration with each server pointing to their own virtual directory. Furthermore, for example if my configuration is just one exchange mailbox server and a single CAS server, it still doesn't connect. It's as if  it's just not seeing the CAS server at all.

Also as far as I know the reason that microsoft doesn't recommend WNLB is not because it wouldn't work but because there are better solutions outthere that would allow you to monitor for service down situations etc as WNBL relies especifically on IP so its a dumb load balancer.

DNS Round-Robin\Hardware load balancing is the recommended technology for CAS Load balancing on Exchange 2013 by microsoft and it doesn't work either.
0
Will SzymkowskiSenior Solution ArchitectCommented:
When your users are connected to Outlook can you run the Test Email Auto Configuration (hold crtl+right click outlook icon in the system tray). Check to make sure that they are connecting to the correct Virtual Directories.

WNLB is also flaky at best. Even in lab environments where i have used them they do not always work as they should and this is with minimal host/clients. I couldn't imaging even thinking of using WNLB in a production network.

Also do Connection Status as well and make sure that the user is connected to the mailbox (guid).

Will.
0
ILoveNEAuthor Commented:
This is the output of the Test Email AutoConfiguration when I shut that second CAS server down:

displayname: IloveNE
redirect URL: https://webmail2013.mycompany.org/autodiscover/autodiscover.xml

protocol: Exchange RPC
server: guid@mycompany.org
loginname: ILoveNE
availability Service URL: https://webmail2013.mycompany.org/ews/exchange.asmx
OOF URL: https://webmail2013.mycompany.org/EWS/Exchange.asmx
OAB URL: https://webmail2013.mycpmpany.org/oab/233d123d123423312343
unified Message Service URL: https://webmail2013.mycompany.org/ews/UM2007legacy.asmx
Auth Package: Unspecified

Protocol: Exchange http
Server: webmail2013.mycompany.org
login Name: ILoveNE
SSL: Yes
Mutual Authentication: Yes
availability Service URL: https://webmail2013.mycompany.org/ews/exchange.asmx
OOF URL: https://webmail2013.mycompany.org/EWS/Exchange.asmx
OAB URL: https://webmail2013.mycpmpany.org/oab/233d123d123423312343
unified Message Service URL: https://webmail2013.mycompany.org/ews/UM2007legacy.asmx
Auth Package: NTLM
Ceritificate Principal Name: msstd:webmail2013.mycompany.org

Then it just hangs...and the mailbox is disconnected under connection status
0
ILoveNEAuthor Commented:
If anyone has any more input I would appreciate any response please
0
Will SzymkowskiSenior Solution ArchitectCommented:
Ok so all of your URL's look good as well. When you do a Connection Status when the user is connected does it show mailbox GUID?

Also when you power off your second CAS server what does the NLB configuration show? Does it show that CAS 2 is offline?

it still doesn't connect. It's as if  it's just not seeing the CAS server at all.
Have you checked to make sure that nothing is blocking the server from communicating on the networ?

Will.
0
ILoveNEAuthor Commented:
Hi Will, thanks for your continuing responses.

-When the user is connected it does show his GUID
-When I power off the second CAS server and check the WNBL configuration; the second CAS server is no longer part of the cluster, it shows only one host: The first CAS server.
-There is nothing blocking the server from communicating with the network, firewall is off.
0
ILoveNEAuthor Commented:
Also, the issue only happens with the desktop client. Outlook web stays perfectly connected.
0
Will SzymkowskiSenior Solution ArchitectCommented:
Have you checked to make sure that all of the application pools on CAS1 are started and working properly? Exchange Outlook clients use Outlook Anywhere, but as i have stated mailboxes should not disconnect after then have made a connection to their mailbox. CAS is a stateless proxy and after the Outlook session is connected to the mailbox on the mailbox database CAS is no longer used.

Will.
0
ILoveNEAuthor Commented:
I'm not sure I understand what you mean by application pools on CAS1 are started and working properly. How do I check for that?
0
Will SzymkowskiSenior Solution ArchitectCommented:
These are the IIS application server pools on CAS1. If you say. OWA can connect fine but not the Outlook client check the app pools and IIS logs to see if there are any error messages.

Also have you checked the application event log on the CAS1 as well to see if there are any errors? Tried rebooting the CAS1 server?

Will.
0
ILoveNEAuthor Commented:
All of the applications pools are started, no errors in IIS.  I have rebooted CAS1 many times. I'm at my Wit's end here. Absolutely no idea what is going on
0
Will SzymkowskiSenior Solution ArchitectCommented:
Unless i can actually see the server for myself, not sure what else is going on with it. You have confirmed that all of the virtual directories also AUTODISCOVER are set with the appropriate URL's?

In the end a quicker resolution might be to spin up another CAS3 server add it to the cluster and see if that works for you.

If you are pointing directly to CAS1, bypassing the load balancer then you definitely have a configuration issue on CAS1.

Will.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.