Designing Client Access During Coexistence with Exchange Server 2003

The Client Access server role is the first Exchange Server 2010 role that you will deploy in your Exchange Server 2003 organization during an upgrade to Exchange Server 2010. In Exchange Server 2003, an Exchange front-end server provides similar functionality to that provided by the Client Access server role in Exchange Server 2010. During your upgrade, the Exchange Server 2010 Client Access server role can coexist with Exchange Server 2003 servers, but there are certain dependencies and requirements for this coexistence.

Consider the following factors when designing your Client Access server upgrades.

  • The location of a user’s mailbox determines what version of Office Outlook Web Access a user experiences. For example, if the user’s mailbox is located on an Exchange Server 2003 back-end server and the Client Access server is running Exchange 2010, the user will see the Exchange Server 2003 version of Office Outlook Web Access.
  • Similarly, the version of Exchange ActiveSync that clients use also depends on the server version that hosts the user’s mailbox.
  • When you upgrade an Exchange Server 2003 organization, an Exchange Server 2003 front-end server is required to support the upgrade. For each Exchange Server 2010 Client Access server, you can only configure one Office Outlook Web Access 2003 URL for redirection. You can accomplish this with a single Exchange 2003 front-end server or a load balanced array of Exchange 2003 front-end servers.

To successfully complete the upgrade of the Client Access server role to Exchange Server 2010, perform the following steps.

  • Create legacy host names, and associate them with your Exchange Server 2003 environment. If your Exchange Server 2003 and Exchange Server 2010 organizations coexist, you must create a set of legacy host names that are associated with your Exchange Server 2003 infrastructure. You must configure legacy host names to be published to the Internet and associated with the virtual directories of the various services you have on Exchange 2003, such as Exchange ActiveSync, Office Outlook Web Access, POP3, and IMAP4 if:
  1. You have a significant number of mailboxes to move from Exchange Server 2003 to Exchange Server 2010.
  2. You do not wish to move all mailboxes at once, and you have users who access Office Outlook Web Access from the Internet.
  • After you have configured and associated a legacy host name with your Exchange 2003 infrastructure and you have associated your existing host name with your Exchange 2010 infrastructure, users will experience a seamless transition. Exchange 2010 redirects users from the Exchange 2010 Client Access server to the Exchange 2003 front-end server. Users will not need to learn a new URL to access Office Outlook Web Access or reconfigure their Exchange ActiveSync devices. POP3, IMAP4, and Outlook Anywhere users can also continue to access their mailboxes without interruption.
  • Obtain an appropriate certificate. Install the certificate on the Exchange Server 2010 Client Access server role. Obtain a certificate that either supports Subject Alternative Names or obtains a wildcard certificate.
  • Configure external DNS and firewall/reverse proxy. Reconfigure your external DNS settings and the publishing rules for your reverse proxy infrastructure to have your legacy namespace of point to your Exchange 2010 Client Access server or Client Access server array.
  • Configure the Exchange2003URL value on your Exchange Server 2010 Client Access server role. The Exchange2003URL parameter specifies the Outlook Web App URL for Exchange 2003 mailboxes. The URL must include the Outlook Web App virtual directory name even if you are using a redirect to simplify the URL specified by the Exchange2003URL parameter.

Enable External Access to New Exchange Virtual Directories

To implement coexistence, you must configure all clients to connect to the Exchange Server 2010 Client Access server. If you have been using an external URL—such as https://mail.domain.com—to connect to an Exchange Server 2003 front-end server, you should modify the DNS or firewall configuration to forward connections to the Exchange Server 2010 Client Access server’s URL. The following list shows how clients connect to the Exchange Server 2010 Client Access server.

  • When an Outlook Web App client connects to the Client Access server and the user mailbox is located on an Exchange Server 2003 back-end server, the client is redirected to the Exchange Server 2003 URL configured on the Client Access server. For example, if the client connects to the Exchange Server 2010 Client Access server using the URL https://mail.domain.com, the request might be redirected to https://legacy.domain.com; the client then communicates with the Exchange Server 2003 front-end server to access the user mailbox.
  • When an Outlook Web App client connects to the Client Access server and the user mailbox is located on an Exchange Server 2010 Mailbox server, the Client Access server communicates with the Mailbox server to provide access to the user mailbox.
  • When an Exchange ActiveSync client connects to the Client Access server and the user mailbox is located on an Exchange Server 2003 back-end server, the Client Access server connects to the Exchange Server 2003 server using Hypertext Transfer Protocol (HTTP) and provides access to the user mailbox.
  • When an Exchange ActiveSync client connects to the Client Access server and the user mailbox is located on an Exchange Server 2010 Mailbox server, the Client Access server connects to the Mailbox server using remote procedure call (RPC) and provides access to the user mailbox.
  • When an Outlook Anywhere client connects to the Client Access server and the user mailbox is located on an Exchange Server 2003 back-end server, the RPC proxy service on the Client Access server connects to the back-end server using RPC.
  • When an Outlook Anywhere client connects to the Client Access server and the user mailbox is located on an Exchange Server 2010 Mailbox server, the RPC proxy service on the Client Access server connects to the Mailbox server using RPC.

Maintaining Free/Busy Information

Exchange Server 2003 and Outlook 2003 or earlier clients require system public folders to provide access to free/busy information and to enable offline clients to download their offline address book. Exchange Server 2010 and Office Outlook 2007 or later clients do not use public folders to provide this functionality. As you upgrade your Exchange Server organization, you need to ensure that all messaging clients continue to have access to the services they require.

Exchange Server 2003 collects free/busy information from all mailboxes and stores in the SCHEDULE+ FREE BUSY system public folder. In Exchange Server 2010, the Availability service collects availability information from Exchange Server 2010 Mailbox servers and from the Exchange Server 2003 system public folders.

Office Outlook 2003 or earlier clients require the system public folders to access the free/busy information, while Office Outlook 2007 or later clients can use the availability service on a Client Access server to access this information.

If your organization includes Office Outlook 2003 clients, you need to retain the SCHEDULE+ FREE BUSY system public folder for these clients. When you install the first Exchange Server 2010 Mailbox server in an organization that includes Exchange Server 2003 servers, you configure a public folder database on the server. You then can replicate the SCHEDULE+ FREE BUSY system public folder to the Exchange Server 2010 server.

Maintaining Access to Offline Address Book

Another difference between Exchange Server 2003 and Exchange Server 2010 is the method that they use to distribute offline address book to Office Outlook 2007 clients. In Exchange Server 2003, a public folder stores the offline address book, and clients must connect to the folder to download it. Office Outlook 2007 clients connecting to an Exchange Server 2007 Client Access server use a Web service to download the offline address book.

Offline address book Web publishing integrates seamlessly with the offline address book in previous Exchange Server versions. Office Outlook 2007 downloads the offline address book from the Web service, and all other clients download the offline address book from the system folder.

In an Exchange Server 2003 organization, one of the Exchange servers performs daily updates of the offline address book. When you deploy an Exchange Server 2010 Mailbox server in your organization, you can use the Exchange Server 2010 management tools to move this role to a server running Exchange Server 2010. You also need to configure the offline address book so that it is distributed through the Exchange Web service.

If your organization includes Office Outlook 2003 clients, you need to ensure that you create a replica on the Exchange Server 2010 mailbox server of the system folders for the offline address book.

Maintaining Public Folder Availability

Another issue that may arise in a coexistence scenario is public folder access. You must consider how users access public folders and provide access between Active Directory sites when designing the access solution for public folders.

In Exchange Server 2010, public folders are accessible only to users with an Office Outlook client using MAPI. Outlook Web App. Public folder contents for users with Exchange Server 2010 mailboxes are only accessible through Outlook Web App if a replica of the public folder is located on an Exchange 2010 Mailbox server. Previous versions of Exchange Server provided the access of public folders to MAPI, Outlook Web Access, Internet Message Access Protocol version 4 (IMAP4), and NNTP clients. If you have users who access public folders using these clients, maintain a replica of the public folders on an Exchange 2003 server.

For IMAP4 and NNTP clients, provide access to the public folder through an Exchange Server 2003 front-end server. You can also provide access by allowing the clients to connect directly to the Exchange Server 2003 back-end server that hosts the public folder.

Another consideration when designing a coexistence strategy for public folders is providing access to public folder replicas between Active Directory sites. When you install a server running Exchange Server 2003, the default configuration includes a public folder store. When you install an Exchange Server 2010 Mailbox server, it does not configure a public folder database by default.

If users require access to public folders in an Active Directory site that does not contain any Exchange Server 2003 servers, then configure at least one of the site’s Mailbox servers with a public folder database. When you configure this database, the server participates in public folder hierarchy replication so that all users can view the Active Directory sites’ public folder hierarchy. If you do not configure this database, the client must connect to a server with a different site’s public folder database to view the hierarchy.

After adding the public folder database to the Exchange 2010 server, you can replicate any public folder between servers running Exchange Server 2003 and the Exchange Server 2010 Mailbox server.

Exchange Server 2010 by default enables public folder referrals between Active Directory sites for MAPI clients. It also enables public folder referrals across the routing-group connector that is created by default when you install the organization’s first Hub Transport server. You can enable or disable public folder referrals across the connectors as you create additional routing group connectors.

Client Access Server Capacity

In Exchange Server 2010, all clients connect to an Exchange Server 2010 Client Access server—including MAPI clients—when the user mailboxes are moved to Exchange Server 2010. Consequently, you must plan to increase Client Access server capacity over the capacity provided for Exchange Server 2003 front-end servers.

In previous versions of Exchange Server, the recommended deployment ratio was one front-end server processor core for every four back-end server processor cores. In Exchange Server 2010, the recommended ratio of Exchange Server Client Access servers to Mailbox servers is 3:4.

Advertisements
This entry was posted in Exchange Servers. Bookmark the permalink.

6 Responses to Designing Client Access During Coexistence with Exchange Server 2003

  1. Hemant Chavan says:

    Hay Charles, Good Work dude. Keep going

  2. billybob says:

    Hi Charles,

    You mention the legacy hostname needs publishing to the internet and external dns records for legacy.contoso.com need to be created but once the client connects to mail.contoso.com does it not just forward this request onto the front end server internally? or does it pass the legacy name back to the client which it resolves again to the 2003 front end server?

    Thanks

    • When the user enters the URL mail.contoso.com and the mailbox is on 2k3 BE server & since you have FE/BE topology definitely the legacy.contoso.com is pointed internally to FE server which then forwards request to BE server to access the mailbox.

      Some organization rarely still want to point the legacy.contoso.com directly to FE from externally to access 2k3 mailboxes reason because of the co-existence and large no. of mailboxes which increase migration period / phase wise migration during that they can communicate department/location etc. wise to end user to access the new URL mail.contoso.com

  3. Michel says:

    Hi Charles,
    Good work , i found the legacy hostname a little confusing : my mx record for Exchange 2007 is mail.mydomain.com so when configuring the legacy hostname will change to legacy.mydomain.com ? and the exchange 2010 will be mail.mydomain.com and i need to add a second mx record ( legacy.mydomain.com ) or what ? and what’s the idea behind the legacy hostname ?

    • @Michel – Legacy and having MX setup are two different things.

      You don’t really need to add second MX record for legacy…it will anyway deliver to Exchange 2007 HUB servers and then 2010 (make sure SMTP port is open between HUB servers) . (considering currently you have setup mx.domain.com from externally(Internet DNS domain) to your company FW -> Antispam(if any) -> 2007 HUB servers)

      Legacy.domain.com is setup on Exchange 2007 CAS servers and mail.domain.com is configured for Exchange 2010, hence when user whose mailbox is in Exchange 2007 hits mail.domain.com, the 2010 CAS servers redirects the request to legacy.domain.com.

      Also have a look here since you are talking about co-existence between Exchange 2007 – 2010 – https://charlesgate86.wordpress.com/2011/11/15/designing-client-access-during-coexistence-with-exchange-server-2007/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s