Internal and External Virtual Directory for 2 EX2016 servers

Quick scenario breakdown

4 2010 exchange servers

Primary 2010 - A - Outlook Anywhere enabled

Offsite 2010 (B and C) - with internal replays to the primary A - outlook anywhere not enabled

DR exchange for failover -D - outlook anywhere not enabled

2 new Exchange 2016

Primary 1 exchange 2016 - outlook anywhere enabled

DR exchange 2016 for failover 2 - outlook anywhere enabled - different autodiscover name

We installed our new exchange with no problems and just moved the DNS OWA record from Primary A (ex2010) to Primary 1 (ex2016).  The next day, I get reports that exchange B and C (both 2010 with internal relays to Primary A) are not able to connect to exchange outside of our network. Quick work around for this was moving them to the new exchange 2016.

I go to install the DR exchange 2016 (2) and I get a .local cert error from hell. This thing was killing me for 2 weeks. Finally figured out that I need a cname to point from DRexchange2016.company.com to drexchange2016.company.local. Then I changed all the internal URL's from .local to .com. This fixed the issue.

I still get users externally trying to connect to the DRexchange2016.company.com, but the fix for this is just adding the external URL to all the virtual directory.

So what is the point of this long explanation. My question:

If I have Primary exchange A and Primary exchange 1 (2010 and 2016) pointing to the same Owa.company.com (cname is owa.company.com to saexchange2016.company.local). Can I point DRexchange2016.company.local to the owa.company.com in the virtual directory? Or do i have to make a new cname with a different path? If I do change it to the owa.company.com, do i have to reboot the server or just the iis?

Can I make EX2010 B and C external URL point to owa.company.com and leave outlook anywhere disabled?

Also, is there a way to turn off MAPI by server?  
I read this blog article, but didnt understand much of it: https://blogs.technet.microsoft.com/exchange/2015/10/26/client-connectivity-in-an-exchange-2016-coexistence-environment-with-exchange-2010/

Thanks for the help in advance.
Kenny PlacidoSr System AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MaheshArchitectCommented:
Mapi over http is new protocol started wiith exchange 2013 SP1 which eliminates RPC-HTTPS and exchange 2010 don't support it.
Exchange 2016 try to use mapi over http if client supports and if client did not supports (there are some patch work is required for outlook 2013, 2016 outlook natively supports it), it will fall back to RPC-HTTPS
long story short - no need to disable mapi-http protocol

owa.company.com should point to exchange 2016 boxes only and not 2010 boxes

how your DAG is configured?
do you have extended it to DR, in that case DR virtual directory URLs also should point to owa.company.com and in turn it should point to primary site 2016 servers only

final thing:
if outlook anywhere is not enabled on exchange 2010 CAS server (B and C) and if user mailbox remain in that location, how user will connect to that mailbox with outlook anywhere from external network?
basically you will need to enable Outlook Anywhere on your legacy Client Access servers and enable NTLM in addition to basic authentication for the IIS Authentication Method.
0
Kenny PlacidoSr System AdministratorAuthor Commented:
There are 2 DAGs setup. One for the old 2010 machines and 1 for the new 2016. They are separate. Could I still set the new DR 2016 exchange VD URLs to owa.company.com?

The users are unable to connect externally if they are B and C (CAS Server). I was thinking about enabling outlook anywhere on those servers. Do I point it to the same owa.company.com? I would have to do the same for the exchange 2010 VD URLs, correct?
0
MaheshArchitectCommented:
VD URLs should point to owa.company.com (primary site 2016 servers only)
In case of DR activation, URL will point to dr exchange server and that should be manual task
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Kenny PlacidoSr System AdministratorAuthor Commented:
For DR exchange server, I have it pointing to itself and set the internal VDs to do the same. So far, nothing has gone wrong with that.

As for site b and c (correct me if im wrong), I should enabled outlook anywhere and point the external url to owa.company.com with NTLM. THe external URL for the VD will be owa.company.com and the internal urls will siteb.company.com or sitec.company.com. True?
0
Kenny PlacidoSr System AdministratorAuthor Commented:
Setting all ex2016 to the same owa address worked. Also, enabling outlook anywhere on the old legacy B and C worked.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MaheshArchitectCommented:
if you accepted solution in my comments only, then why you want to close question this way, you can directly select my comment as answer....
0
Kenny PlacidoSr System AdministratorAuthor Commented:
s
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.