locked
Publish OWA Exchange 2007 to Exchange 2010 in TMG RRS feed

  • Question

  • Hi!

    I am doing a AD cross-forest migration. Currently I have TMG and Exchange 2007, and OWA is published through TMG.
    The rule that I have published in the TMG and the filed TO is: mail.abc.com
    This is working well.

    Now let's migrate users and mailboxes to another domain with Exchange 2010 and once migrated all users want they can still access the OWA (Exchange 2010) with the same name: mail.abc.com

    Would it be enough to make it work to publish OWA in TMG, changing the DNS to point mail.abc.com so that it points to new IP (CAS NLB Exchange 2010)?

    We want to make the change as transparent and fast as possible.

    I noticed that when doing Exchange Publishing in TMG, choose between Exchange 2007 and Exchange 2010. What is different? Can I run this same rule that you create for Exchange 2007, in 2010?

    Thank you very much.
    Wednesday, May 8, 2013 6:24 PM

Answers

All replies

  • I'm not 100% sure I understand your question, but I'll give this a shot.  The OWA 2007 rules in TMG are different than the OWA 2010 rules - which is why there are both options in the product.  You can change your DNS to point to the new servers and add a new rule that publishes the 2010 servers, but I don't recommend using the existing rule to publish the 2010 servers.  And you can disable the old rule to test the new one - no need to delete anything to see if what you have is gong to work.
    Wednesday, May 8, 2013 6:53 PM
  • Thanks for reply Willard,

    Ok, I can create a new publishing rule for OWA 2010, but I can use the same Web Listener for this new publication??

    Thanks

    Wednesday, May 8, 2013 7:34 PM
  • Hi

    >> Now let's migrate users and mailboxes to another domain

    Are you moving users to a different forest?  How are you configuring the authentication?  This is possible with LDAP authentication but you will need a separate listener and IP address.

    Cheers, Steve  

    Wednesday, May 8, 2013 7:42 PM
  • Thanks for reply Steve.

    Yes, users move to a new forest and a new domain.
    Configuring Authentication on the Web Listener is: Windows(ActiveDirectory).
    TMG is configured as one adapter. If I try to créate a new Web Listener, I get an error, because  IP conflicto with another Web Listener.

    Is the most correct solution TMG would migrate before the new forest and domain?
    Once TMG migrated to the new domain,configureOWA2010Publisingwith a new publishing rule and use the same WebListener?

    Thanks.

    Thursday, May 9, 2013 6:05 AM
  • Hi

    The best configuration is to have the TMG as a member of the domain you are publishing which simplifies the authentication config - you can use LDAP authentication though to publish for other domains.  You cannot use Windows AD authentication unless you have a trust between the forests and this can get a bit complicated.

    It is possible to add a second IP address to the single NIC in the TMG and add a listener with that IP.

    Steve

    Thursday, May 9, 2013 6:56 AM
  • Hi,

    As in any case we have to migrate to the new domain TMG. Steps we plan to take are:

    1. - Migrate the TMG Standalone Array to the new domain (I've seen, would have to make him a member of the new domain)
    2. - Create a new TMG publishing rule for OWA 2010, using the Web Listener that we already have (So avoid having to put another IP).
    3. - Change the domain users in the TMG to the rules.

    Between the two domains are relationships of trust and enable Sid History.

    You see it so right Steve?

    Thank you very much.

    Thursday, May 9, 2013 8:20 AM
  • That looks fine to me although I have never migrated a TMG - I always build a new array in the target forest.  You might want to post a question the in TMG forum to see if there are any issues with this approach: http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/threads

    Cheers, Steve

    Thursday, May 9, 2013 8:24 AM
  • Thanks Steve,

    Yesterday I posted in this fórum, but I dont have a reply yet.

    Thanks!!

    Thursday, May 9, 2013 8:55 AM