Exchange 2010 CAS Array setup and lab

Status
Not open for further replies.
T

toddyohn

We're working on setting up a second CAS/HT server to make our enviroment redundant. Can I create the CAS Array and vIP without interupting production mail flow on our first CAS/HT Server?

I would like to keep the DNS settings still pointed at our first mail server, and start the testing of a CAS Array without a maintenance window. Can anyone confirm if this is possible?
 
S

Sembee [MVP]

CAS array has no effect at all on message flow.

Separate in your mind the creation of the CAS array and the virtual IP address from NLB. You can create the NLB without CAS array and you can create a CAS array without the NLB.

I always create a CAS array as soon as the site is live, and give it a dedicated DNS address (usually outlook.example.local). This can then be pointing to one of the CAS servers IP address initially. Then if I introduce NLB later then the DNS is simply adjusted.
Note that with the CAS array, if you create it after clients have started using the server, they will not update with the new name unless you repair the profile. Therefore it is always best to configure the CAS array immediately.

Simon.

Simon Butler, Exchange MVP
Blog | Exchange Resources
 
T

toddyohn

Note that with the CAS array, if you create it after clients have started using the server, they will not update with the new name unless you repair the profile. Therefore it is always best to configure the CAS array immediately.
Can you elaborate on that? We're going to transition from a single server to a CAS array. So really the DNS itself will be transfered to the VIP. I'm confused what you mean by recreating the profile.
 
S

Sembee [MVP]

I didn't say recreate the profile, I said repair.

There isn't much more I can say. If you have clients already connected to the CAS server and you add a CAS array configuration, then Outlook will only use the new name when a new profile is created, a mailbox is moved between servers or repair profile is carried out in Outlook.

Simon.

Simon Butler, Exchange MVP
Blog | Exchange Resources
 
T

toddyohn

Ok, you're referring to the outlook profile. My mistake I thought you were talking about a profile on the exchange side and that confused me. So if we swap now we have to basically repair everyone's outlook profile, and make it point at the new CAS array?

Is there a benefit to a CAS array vs. just load balancing two servers?
 
S

Sembee [MVP]

You must have a CAS array if you want to load balance Outlook clients. If you don't, then the NLB will not be used.
Outlook connects to the CAS server and while you could point Outlook at the NLB IP address/host name it will simply be corrected to the actual name of the CAS server.

If the CAS server then fails, Outlook will not redirect to the other one. Outlook has to successfully connect to the Exchange server to redirect.
The CAS array does away with that issue, by in effect creating a virtual Exchange server that Outlook can connect to. As it is virtual and is actually just a DNS host name, you can then move it about as required, or use it with a NLB.

Simon.

Simon Butler, Exchange MVP
Blog | Exchange Resources
 
T

toddyohn

Excellent, this is good information to have. I think I'll go ahead and setup the CAS Array and leave DNS pointing to our primary server until we get the load balancer working properly, then we can swap DNS when we want the array to go live, and then repair any profiles affected.

From my understanding that should work. We'll just make up a new name for the CAS Array.
 
S

Sembee [MVP]

If you have deployed a CAS array before moving any mailboxes to the new Exchange server, then Outlook will be using the CAS array address. There will be no need to repair any Outlook profiles when you change the DNS to use the NLB, there just maybe a short period when the clients cannot connect.

Simon.

Simon Butler, Exchange MVP
Blog | Exchange Resources
 
B

Brian Day MCITP

We'll just make up a new name for the CAS Array.
Make sure it is a name that cannot resolve via DNS from external locations to prevent Outlook from a TCP timeout.Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided "AS IS" with no guarantees, no warranties, and they confer no rights.
 
M

MRR045

Sorry for lurking but I have similar situation. Only difference is we are using an F5. " Someone" told us we didn't need the array that the F5 would do the trick but as we found out that isn't true. I guess what is confusing me is the CAS Array DNS name creation. So if I understand this right I would create xcas.xyz.com and point that to the mail.xyz.com IP on the F5? - using the EMC. I also thought once you had DBs created then you wouldyou run the get-MailboxDatabase | Set-MailboxDatabase -RpcClientAccessServer mapi.contoso.local

I thought that would fix the client connections? If not then do I have to re-visit the clients and fix it on the client? Not to horrible since I only have moved 30 clients over. But have more waiting tommorow. :-(

Thanks for any input... again don't mean steal the thread but I am working exactly on the same thing...

MRR

MRR
 
B

Brian Day MCITP

" Someone" told us we didn't need the array that the F5 would do the trick but as we found out that isn't true. I guess what is confusing me is the CAS Array DNS name creation. So if I understand this right I would create xcas.xyz.com and point that to the mail.xyz.com IP on the F5? - using the EMC. I also thought once you had DBs created then you wouldyou run the get-MailboxDatabase | Set-MailboxDatabase -RpcClientAccessServer mapi.contoso.local

I thought that would fix the client connections? If not then do I have to re-visit the clients and fix it on the client? Not to horrible since I only have moved 30 clients over. But have more waiting tommorow. :-(

Thanks for any input... again don't mean steal the thread but I am working exactly on the same thing...

If you want to have high availability for CAS then you absolutely needed a CAS Array.

There are 3 basic steps you need to do for the CAS array to be functional and used by clients.
Configure a virtual IP on the load balancer that fronts the CAS servers (or create a VIP using WNLB). Use New-ClientAccessArray to create the array within the Exchange org. Create the A record in DNS pointing to the VIP of the LB created in step #1.

If you do all that before you create the mailbox databases then you're all set and client profiles will be configured to use the CAS Array. If you didn't those steps before the DBs were created then you need to use Set-MailboxDatabase -RpcClientAccessServer <CasArrayName> to fix the DBs to use the CAS Array. If any clients connected to the DBs before the CAS Array was configured, you'll need to do a profile repair within the clients so their sever name changes from a CAS FQDN to the CAS Array name.

Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided "AS IS" with no guarantees, no warranties, and they confer no rights.
 
M

MRR045

Thanks Brian that answers my question and fears. :) I will stop the migration today and do this first.

Regards,

MRR
 
T

toddyohn

All great stuff! I basically only need to repair the databases already created and the 2010 user's outlook profiles. As far as setting internal and external DNS entries under the OWA section of the CAS server config, what do I put there. Do I just leave internal blank or set it the same as external if we're using the same DNS name for internal and external? I'm confused because I'm planning to use the same DNS name for both servers and I'm wondering if that affects anything in the short term.
 
B

Brian Day MCITP

All great stuff! I basically only need to repair the databases already created and the 2010 user's outlook profiles. As far as setting internal and external DNS entries under the OWA section of the CAS server config, what do I put there. Do I just leave internal blank or set it the same as external if we're using the same DNS name for internal and external? I'm confused because I'm planning to use the same DNS name for both servers and I'm wondering if that affects anything in the short term.
In regards to the bolded part in the quote, that isn't a CAS Array setting. :) CAS Arrary (Get/Set/New/Remove-ClientAccessServerArray) is only for RPC access.

The OWA Virtual Directories are typically the FQDN of the CAS server for InternalURL and the DNS name you want users to know for OWA in the ExternalURL. THe InternalURL is used by CAS-to-CAS proxying, it isn't something users use if they're on the internal LAN during their day at work.

Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided "AS IS" with no guarantees, no warranties, and they confer no rights.
 
M

MRR045

>Create the A record in DNS pointing to the VIP of the LB created in step #1.

Question on that part, just for clarification and my lack of experience... We use BIND for DNS and it is authoritative so does the DNS need to be created on the BIND server and my AD DNS servers?

Regards,

MRR
 
B

Brian Day MCITP

>Create the A record in DNS pointing to the VIP of the LB created in step #1.

Question on that part, just for clarification and my lack of experience... We use BIND for DNS and it is authoritative so does the DNS need to be created on the BIND server and my AD DNS servers?
Whatever system is authorative for the DNS zone you're creating the name in.Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided "AS IS" with no guarantees, no warranties, and they confer no rights.
 
T

toddyohn

Ok I get why my question is two part now. In addition to setting up the CAS Array we're looking at load balancing OWA as well. I need to configure the external client access domain as well. I get what Sembee was saying now about the need to separate them out as they are two different things.

In a config with a CAS Array and load balanced config we'll need a SAN cert with the names of the OWA, CAS Array and autodiscover correct?

As far as external client access we can simply set the names, set the certs and then change the DNS to the load balanced name if I got this correct.

With the CAS Array we simply set the CAS Array for the databases, and then setup the two servers in the load balancer config, and then we're all set except for outlook profiles that were setup incorrectly that will now need to be repaired.

Anything I'm missing?
 
B

Brian Day MCITP

In a config with a CAS Array and load balanced config we'll need a SAN cert with the names of the OWA, CAS Array and autodiscover correct?

As far as external client access we can simply set the names, set the certs and then change the DNS to the load balanced name if I got this correct.

With the CAS Array we simply set the CAS Array for the databases, and then setup the two servers in the load balancer config, and then we're all set except for outlook profiles that were setup incorrectly that will now need to be repaired.

Anything I'm missing?

No, the CAS Array name doesn't need to be on the SAN cert unless you're using the same DNS FQDN the CAS Array has as one of the other virutal directory ExternalURL values. Think of it this way....

CAS Array = Outlook Profile Excahnge Server Name = MAPI/RPC = Non-SSL = No Certificate Necessary
Don't confuse " A bunch of CAS servers behind a load balancer" with the CAS Array object iteslef. Similar yes, but not the same. :)

Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided "AS IS" with no guarantees, no warranties, and they confer no rights.
 
T

toddyohn

We get cert errors if we connect to our mail server without a certificate now. When we create the CAS Array will it remove these errors?
 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
A Exchange 2010 CAS Failover from Internet Facing site to Non-Internet Facing Site - Certificate Issue Exchange Server Administration 3
S Exchange 2010 CAS/HT/Mailbox moved - best practice/steps for decommissioning 2007 Exchange Server Administration 3
M Fundamental CAS question for Exchange 2010 and 2007 Co-existence... Exchange Server Administration 7
D Exchange 2010 CAS at 2 different Sites Exchange Server Administration 2
S Do you need a CAS Server in Order to Use OWA in Exchange 2010 (E14)? Exchange Server Administration 9
M Proper way to install Exchange 2010 SP1 on a CAS Array Exchange Server Administration 3
S Any system impact if change exchange 2010 CAS/HUB and Mailbox server IP address Exchange Server Administration 1
B Exchange 2003 OWA/OA/AS over NAT and Exchange 2010 CAS Exchange Server Administration 4
B Re: Exchange 2007 and CAS from Exchange 2010 problem Exchange Server Administration 15
M Re: Exchange 2007 and CAS from Exchange 2010 problem Exchange Server Administration 2
I Exchange 2007 and CAS from Exchange 2010 problem Exchange Server Administration 4
T ActiveSync proxy problem from Exchange 2010 CAS to Exchange 2007 CAS Exchange Server Administration 5
K Exchange 2010 OWA redirection between 2 CAS Servers Exchange Server Administration 5
S exchange 2010 cas memory usage Exchange Server Administration 2
P Exchange 2010 SP1 Cross Site CAS connection disable Exchange Server Administration 2
H Outlook 2007 periodically disconnects from Exchange 2010 CAS - OWA works Using Outlook 4
S CAS array in Exchange 2010 Exchange Server Administration 1
G Exchange 2010 CAS Array Exchange Server Administration 4
S NLB exchange 2010 CAS Array Exchange Server Administration 4
J Exchange 2010 CAS Server OWA Redirection to Exchange 2003 Fail Exchange Server Administration 4
H Is possible to have exchange 2007 CAS point to the exchange 2010 CAS? Exchange Server Administration 2
K DR site resiliency design with Exchange 2010 - shared or different namespace for cas. Exchange Server Administration 1
B exchange 2010 cas - exchange 2003 frond end Exchange Server Administration 3
O Exchange 2010 Hub/CAS install Exchange Server Administration 2
S What to Use Instead a Hardware-based Load Balancer for an Exchange 2010 CAS Array Exchange Server Administration 21
7 Exchange 2010 sp1 mailbox, hub, cas roles and w3wp.exe / very slow Exchange Server Administration 6
S Exchange 2010 two datacenters two CAS array Exchange Server Administration 4
S Exchange 2010 CAS and MB role on same server, does OWA redirect to Exchange 2003 still work? Exchange Server Administration 5
A Does CAS-only server need Forefront security protection for Exchange 2010? Exchange Server Administration 4
S CAS access problem with new Outlook 2003 profile to Exchange 2010 Exchange Server Administration 1
A CAS Proxying with Active Sync when migrate from Exchange 2007 to 2010 Exchange Server Administration 1
T Exchange 2010 CAS Server not installed first Exchange Server Administration 2
S CAS array in exchange 2003 and exchange 2010 coexsit environment Exchange Server Administration 4
M Exchange 2010 Resource Forest RPC Distibution with Multiple CAS Exchange Server Administration 1
A Command to show users connected on Exchange 2010 CAS Exchange Server Administration 2
G coexistence between Exchange 2010 HUB/CAS with SP1 and Exchange 2010 mailbox rtm Exchange Server Administration 2
M CAS access and Mailbox servers with Exchange 2010 Exchange Server Administration 13
M Exchange 2010'you can't have 2 stand alone CAS servers' Exchange Server Administration 5
C Exchange 2010 Public CAS Comodo cert - the certificate status could not be determined because the revocation check failed Exchange Server Administration 2
B Problem installing exchange 2010 (CAS Role) Exchange Server Administration 16
M Exchange 2010 CAS to preexisting Exchange 2003 server Exchange Server Administration 3
D Exchange 2010 CAS Install Timeout due to aspnet_regiis.exe Exchange Server Administration 3
Z Active SynC Issue in Exchange 2010 on CAS Array Exchange Server Administration 4
S exchange 2010 Hub and Cas server error Exchange Server Administration 2
J Exchange 2010 CAS - Outlook connecting to phantom name Exchange Server Administration 2
C installation error when installing exchange 2010 cas/hub in exchange 2003 org Exchange Server Administration 10
J unable to telnet on port 25 on exchange 2010 CAS Exchange Server Administration 4
K user accounts 'check name' to wrong exchange 2010 CAS Exchange Server Administration 1
K Outlook client on Exchange 2010 changes cas array name to instance-<guid> Using Outlook 21
S Exchange 2010 MMC slow with multiple CAs servers Exchange Server Administration 6
Similar threads


















































Top