none
2003 OWA and 2010 OWA in Coexistence RRS feed

  • Question

  • We are migrating from 2003 FE+BE to 2010 Cas/HT+Mbox.
    The external name of the OWA host is changing, not staying the same.
    2003 is currently published via UAG trunk and is working for OWA and mobile access at  "2003.domain.com", both internal and external
    2010 is currently working INTERNALLY and the OWA redirect to 2003 is also working internally with SSL, but has not been published via UAG, yet.
    Let's call the 2010 server 2010.domain.com ... its internal hostname is cas01.domain.com or cas01. Internal and external domain namespace is the same.

    Can I just setup a new trunk for the 2010 server and let UAG take care of the redirect for external OWA users?
    Users will be directed to thier new OWA/mobile address when their mailbox is moved, but just in case I'd like 2010 --> 2003 if they haven't been moved.

    These are the names on the 2010 SSL cert
    cas01
    cas01.domain.com
    2010.domain.com
    autodiscover.domain.com

    I've been through the UAG docs but migration docs seems to assume the external hostname for exchange/owa is staying the same.

    thanks!


    • Edited by Toby Ellis Tuesday, November 6, 2012 4:11 PM
    Tuesday, November 6, 2012 2:54 PM

Answers

  • Hi Toby,

    Defining 2 different trunks may cause you some problems, since UAG will ask a client getting redirected between the trunks to authenticate again, which will result in the user getting asked to input his credentials twice.

    To solve this, you can define an additional OWA application inside the same trunk currently publishing exchange 2003, and define the application host name as "2010" (this is something you couldn't define in OWA 2003 applications, only 2007+). As long as you also define the external URLs in the CAS to be the same as the UAG external addresses (meaning 2010.domain.com and 2003.domain.com), and naturally have the SSL certificate support both names, the OWA redirect should work exactly as it does internally.

    By the way - make sure your using UAG 2010 SP1 or later, since exchange co-existence is supported by UAG only starting SP1.

    Hope this helps!

    • Edited by David Bahat Monday, November 12, 2012 5:03 PM
    • Proposed as answer by David Bahat Thursday, November 15, 2012 5:03 AM
    • Marked as answer by Toby Ellis Friday, December 7, 2012 3:35 PM
    Sunday, November 11, 2012 6:25 PM

All replies

  • So I guess my question is ... Can I have two UAG trucks. One for 2003 (already existing) and one for 2010?  and will the redirect work for OWA the same as inside?

    Thursday, November 8, 2012 2:29 PM
  • Hi Toby,

    Defining 2 different trunks may cause you some problems, since UAG will ask a client getting redirected between the trunks to authenticate again, which will result in the user getting asked to input his credentials twice.

    To solve this, you can define an additional OWA application inside the same trunk currently publishing exchange 2003, and define the application host name as "2010" (this is something you couldn't define in OWA 2003 applications, only 2007+). As long as you also define the external URLs in the CAS to be the same as the UAG external addresses (meaning 2010.domain.com and 2003.domain.com), and naturally have the SSL certificate support both names, the OWA redirect should work exactly as it does internally.

    By the way - make sure your using UAG 2010 SP1 or later, since exchange co-existence is supported by UAG only starting SP1.

    Hope this helps!

    • Edited by David Bahat Monday, November 12, 2012 5:03 PM
    • Proposed as answer by David Bahat Thursday, November 15, 2012 5:03 AM
    • Marked as answer by Toby Ellis Friday, December 7, 2012 3:35 PM
    Sunday, November 11, 2012 6:25 PM
  • That's a big help and mostly the assumption I am working under. It's okay to have two different UAG trunks in my case since the external hostname (and internal) will change as a user's mailbox is moved and is accounted for in our communication plan. Internally they have a sharepoint portal most users access first, that links to owa internal. Most only use OWA. Since the redirect internally is seamless I think we are okay. I am inplementing tonight and I'll confirm the functionality of using two trunks with two hostnames.

    thanks!

    Wednesday, November 14, 2012 6:45 PM
  • Two trunks with two hostnames works as expected. The 2010 trunk will redirect OWA to the 2003 trunk but you do get the double login. If you are migrating to a new hostname for external access, dual trunks will work fine. If ytou are keeping the existing and migrating then follow the doc and use the "legacy" hostname.
    Friday, December 7, 2012 3:35 PM