none
exchange 2010 to exchange 2013

    Question

  • Hi,

    Can someone please help me out. I have exchange 2010 and nedd to go to 2013.

    We have a lot of outlook online users (mainly internal users who connects via SCP from AD). before the migration I have to change my outlook users to https as of this - http://blogs.technet.com/b/exchange/archive/2013/05/23/ambiguous-urls-and-their-effect-on-exchange-2010-to-exchange-2013-migrations.aspx

    the only differens is that I will perform that translation through gpo instead of Set-OutlookProvider, so that I can control the process. That was just a little background info - my question is:

    When I change the namespace to the new 2013 CAS servers (will use L4 HW LB here), then i know that CAS 2013 will proxy the requests to the CAS 2010 --- today I have 6 2010 CAS behind HW LB --- how will 2013 CAS proxy the user to the 2010 CAS ? specially how will it keep the Affiniy to the specific cas server all the way ?

    Important during COexistance

    /thanks

    Carsten


    Tuesday, October 15, 2013 12:30 PM

Answers

  • ok, made a test setup

    1 dc

    1 2013 mailbox server

    2 2013 CAS

    1 2010 mailbox server,hub

    2 2010 CAS

    4 rdp servers as outlook clients ( needed to test dns RR pr server)

    ---

    on outlook login with 2010 user:

    Seems like 2013 CAS get the request, queryes for 2010 cas servers, chooses one with some kind of LB algorithm, and then proxyes the request til that 2010 CAS. BUT it does that with the FQDN of the 2010 CAS and thus using the selfsigned exchange certificate. ( SSL connection was ok even if I did not install the "real certificate on the 2 2010 cas servers, and therefor it must be the selfsigned cert").

    Dont know if this is what exactly happens, but it works :-)

    also if I kill one of the 2010 CAS servers, 2013 CAS proxies to the next one after a short timeout (45 sek in my test)

    Thursday, October 17, 2013 1:10 PM

All replies

  • Hi Carsten,

    I would like to provide the following information to answer your questions.

    1. The Client Access server in Exchange 2013 authenticates client connections and, in most cases, will proxy a request to the Mailbox server that houses the currently active copy of the database that contains the user's mailbox. In some cases, the Client Access server might redirect the request to a more suitable Client Access server, either in a different location or running a more recent version of Exchange Server.

    2. Typically, a Client Access server takes the following action if it receives a request for a user whose mailbox is in an Active Directory site other than the one to which the Client Access server belongs: In this case, the server looks for the presence of an ExternalURL property on the relevant virtual directory on a Client Access server that's in the same Active Directory site as the user's mailbox.

    3. If the ExternalURL property exists, and the client type supports redirection (for example, Outlook Web App or Exchange ActiveSync), the Client Access server issues a redirect to that client. If no ExternalURL property exists, or if the client type doesn't support redirection (for example, POP3 or IMAP4), the Client Access server will try to proxy the connection to the target Active Directory site.

    What's more, here are some articles for your reference.

    Client Access Server

    Exchange 2013 Client Access Server Role

    Hope it helps.

    If there are any problems, please feel free to let me know.

    Best regards,
    Amy


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

    Wednesday, October 16, 2013 6:49 AM
  • Hi Amy,

    Thanks for your reply. I know that CAS 2013 proxies to the active mbx server role, but that is only for users on exchangne 2013 mbx servers. My question is for the users still on mbx 2010 servers. As I can understand, the 2013 CAS will proxy the request to a CAS 2010, but I cant figure out how it chooses which 2010 to proxy the request too, and how it then keeps affinity.

    /carsten

    Wednesday, October 16, 2013 7:22 AM
  • Hi Carsten,

    I'm sorry to tell you that there is no official articles explain how Exchange 2013 CAS server proxy the users' request to Exchange 2010 CAS.

    Based on my knowledge, Exchange 2013 CAS can achieve the proxy. First, the Exchange Server 2010's externalURL is null, but Exchange 2013 has its externalURL. Secondly, Exchange 2010's public domain convert to Exchange 2013's. When Exchange 2010's users have a request, they will choose Exchange 2013 CAS, then the CAS will proxy the request to a suitable Exchange 2010 CAS server.

    Hope it can help you.

    If you need further assistance, please feel free to let me know.

    Best regards,
    Amy


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

    Thursday, October 17, 2013 2:47 AM
  • Ok Amy thanks.

    I cant find anything either, but I think thats a bit strange, because it a central part of the migration and specially the coexisting scenario.

    Another thing about the proxying that is not documented is HOW will 2013 CAS load balance theese requests to CAS 2010 - say, if I have 1 2013 CAS and 3 2010 CAS in my setup, then how will 2013 CAS load balance those proxy requests among the 2010 servers? there must be some documented logic about that - MICROSOFT?

    Thanks

    Thursday, October 17, 2013 6:43 AM
  • Hi Carsten,

    I think that you need the legacy name.

    You need add an A register in DNS with the legacy name pointing to your 2010 CAS. (exem: legacy.contoso.com).

    Then you need a certificate with the name legacy.contoso.com in your 2010 CAS, may be a SAN certificate with the actual name (exem: mail.contoso.com) and the legacy name.

    Then in the DNS you have to change the IP of mail.contoso.com to point the 2013 CAS

    This is the way in the coexisting scenario for get that Exchange 2013 CAS proxy the emails to 2010 CAS if the mailbox is in 2010 Exchange Server.

    I hope this help you.

    Regards

    Thursday, October 17, 2013 7:30 AM
  • Hi,

    per design I don't need a leagcy name except for exchange 2007, but maybe if I use a "legacy" name and use that for outlook anywheres ExternalHostname, then I can control the load balancing from 2013 CAS through fx a HW load balancer.

    But still, Its not listed as a supported scenario, so I would still like someone from MS to confirm or point to some documentaion abount the proxy/load balancing mechanisms from the 2013 CAS.

    /anker

    Thursday, October 17, 2013 8:27 AM
  • ok, made a test setup

    1 dc

    1 2013 mailbox server

    2 2013 CAS

    1 2010 mailbox server,hub

    2 2010 CAS

    4 rdp servers as outlook clients ( needed to test dns RR pr server)

    ---

    on outlook login with 2010 user:

    Seems like 2013 CAS get the request, queryes for 2010 cas servers, chooses one with some kind of LB algorithm, and then proxyes the request til that 2010 CAS. BUT it does that with the FQDN of the 2010 CAS and thus using the selfsigned exchange certificate. ( SSL connection was ok even if I did not install the "real certificate on the 2 2010 cas servers, and therefor it must be the selfsigned cert").

    Dont know if this is what exactly happens, but it works :-)

    also if I kill one of the 2010 CAS servers, 2013 CAS proxies to the next one after a short timeout (45 sek in my test)

    Thursday, October 17, 2013 1:10 PM