Client Access Server Name Spaces – MS Exchange

Below is my practical production setup experience for Exchange in an organization based on the below Client Access Server names space models.

There are around 5 toplogies how you can deploy Client Access Server considering the name space depending on the exsiting/new setup of any organization. I have designed, implemented, configured and been managing 3 out of those 5 topoligies till date.

Consolidated Data-center model:

  • Fewer DNS records to manage with multiple namespace model
  • Fewer certificates to manage (single name space cert. that supports SAN)
  • mail.domain.com,autodiscover.domain.com
  • This model doesn’t support multiple datacenter
  • If the internet links of that datacenter are slow/fluctuates/high latency or high usage, the end users in those regions will experience poor performance.

Scenario for Eg:
Exchange 2010 installed on server having all the roles in one location(datacenter) in same site.
CAS is the internet facing server for all client connections.(POP,IMAP,OWA,EAS,Autodiscover)
mail.domain.com, autodiscover.domain.com (SAN ceritificate)
All users connects to this CAS server internal as well as from internet.

Single name space with proxy sites :

  • Fewer DNS records to manage.
  • Fewer certificates to manage by using single certificate that supports SAN
  • Because of proxying WAN cost will increase and poor performance won’t be optimal.
  • POP3 & IMAP4 connections can’t be proxied between sites.

Scenario for Eg:
Exchange 2010 installed on server having all the roles in Site ‘A’ which is internet facing server for all client connections & site ‘B’ is non-internet facing site having CAS servers. (POP,IMAP,OWA,EAS & Autodiscover)
mail.domain.com, autodiscover.domain.com (SAN ceritificate)
When a user ‘X’ trys to access his webmail from site ‘A’ which is internet facing site but his mailbox is on the mailbox server on site ‘B’ then the request is been proxied between CAS server on both the sites.

Regional Namespaces (Multiple sites):

The multiple sites that uses different namespaces for each site is known as regional name space model

  • Here you need to manage multiple DNS records
  • Multiple certificates needs to be obtained, configured and managed.
  • Managing secuirty is complex as each site would be having one CAS internet facing which requires ISA or other firewall.
  • Each users must connect to their regional name space which may result in additional helpdesk calls & training.
  • This name space model is recommended for any topologies that involves multiple AD sites that have their own internet connectivity.

Scenario for Eg:
Exchange 2010 installed on server having all the roles in Site ‘A’ which is internet facing site for all client connections & site ‘B’ is also internet facing site having CAS servers. (POP,IMAP,OWA,EAS & Autodiscover)
usmail.domain.com(site A), indiamail.domain.com(site B),autodiscover.domain.com (SAN ceritificate)
When a user ‘X’ trys to access his webmail from site ‘A’ which is internet facing site has to use his URL usmail.domain.com & when users ‘Y’ of site ‘B’ which is again an internet facing site has to use URL as indiamail.domain.com, this is because both the users have their mailbox to their corresponding site location mailbox server.

For more detailing about the name spaces models consider refering to the Technet : You would be surprised to know i never referred to technet before implementing the above scenarios but now regret and recommend to all those who wants to think of implementing the same.

Advertisements
This entry was posted in Exchange Servers. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s