Menu  Search

Michael Firsov
Windows Audit

Advertisements

REPORT THIS AD

Deploying Exchange 2013 SP1 step by step – Part5

After setting up the most common settings in Part4 we can eventually start building CAS/Mailbox fault tolerance.

Before we proceed to installing the second Exchange Server let’s add the two DNS A-records to the primary zone:

mail.testcomapny.com 20.1.1.12
autodiscover.testcompany.com 20.1.1.12

– this will provide the easiest form of the CAS fault tolerance: using DNS round-robin the hosts mail.testcompany.com
and autodiscover.testcompany.com will be resolved either to 20.1.1.11 or to 20.1.1.12.
Now I will install the second server – Exch2 – as decribed in Part1  and log on to the ECP once the installation is
complete:

Most settings (for example, OWA policy) this newly installed server will get automatically as it’s been added to the
existing Exchange organization, but as mentioned in Part4,  there’re some settings that are unique for each server (unti-
malware engine, smtp banner, set logging …) so we must repeat the process of Exch2 customization as described in
Part4.

Get-OwaVirtualDirectory |Set-OwaVirtualDirectory  -LogonPageLightSelectionEnabled $True

Get-OwaVirtualDirectory |Set-OwaVirtualDirectory -LogonPagePublicPrivateSelectionEnabled $True

REPORT THIS AD

Get-OwaVirtualDirectory | Set-OwaVirtualdirectory -LogonFormat UserName -DefaultDomain “TestCompany.com”

(Scripts folder)  .\Update-MalwareFilteringServer.ps1 -Identity Exch2

After that the OWA logon page on Exch2 will look as follows:

As you see this page looks exactly as the one on Exch1 except for the certificate warning: we must install and assign to
SMTP and IIS the same wildcard certificate as used on Exch1:
The wildcard certificate must also be applied in IIS:

Again, configure external domain on Exch2 (after that all virtual directories’ external host name should be set to
mail.testcompany.com), set the domain name in the Internal URL fields to mail.testcomany.com for all virtual
directories…
and set Outlook Anyware external name to mail.testcompany.com (please see Part4).
As one of the goals of installing the second server, amongst others, is to provide redundancy of the mail flow I’ll add
Exch2 as a source server to the existing Send connector:
Next let’s again create a new autodiscover site for the new server – please run the following command after creating
the Autodiscover site in IIS (please see Part3 for the detailed instructions):

New-AutodiscoverVirtualDirectory -WebSiteName “Autodiscover.TestCompany.com” -WindowsAuthentication $true

Get-AutodiscoverVirtualDirectory

and configure Client Access Server:

Set-ClientAccessServer -Identity Exch2 -AutoDiscoverServiceInternalUri  

https://Autodiscover.TestCompany.com/Autodiscover/Autodiscover.xml

Get-ClientAccessServer |fl *autodiscover*
Now it’s time to create a DAG and add DAG members – servers Exch1 and Exch2 – to the DAG1, but before we can do
that we must add Exchange Trusted Subsystem universal security group (USG) to the local Administrators group on
the witness server – in my case it’ll be the domain controller – DC.

Now let’s open ECP and navigate to Servers-database availability groups:

The next step is to create a database copy – I will create a copy for the TestCompany database:
Now let’s activate the passive db copy on server Exch2 – this process is called “switchover”:
And the last step: testing CAS/DAG fault tolerance.

I will open the logon OWA page twice – the first time mail.testcompany.com will be resolved to 20.1.1.11, the second -
to 20.1.1.12 and will send a message from Administrator to User3:
To make mail.testcomany.com resolve to another ip I’ll get use of ipconfig /flushdns:
Summary:

In Part5 we installed the second multirole Exchange server, configured some server specific settings, built and and
tested fault tolerance for CAS and Mailbox roles. This part concludes the series of articles on deploying Exchange
Server 2013 SP1.

Advertisements

REPORT THIS AD
Share this:

 Twitter  Facebook

Like
Be the first to like this.

Leave a Reply
Your email address will not be published. Required fields are marked *

Comment

Name

*
Email

*
Website

Post Comment

Notify me of new comments via email.

Ankit on November 17, 2016 at 00:56

Hi,

We have recently installed and configured exchange 2016 servers in an existing 2010 environment. We are in the
process of migration from Exchange 2010 to 2016.
 We have updated all the URLs on our old exchange 2010 servers and given it a common name. We have
configured exchange 2016 servers with the same URLs.
Exchange 2016 acts as a proxy for 2010.

We migrated few mailboxes to 2016 for testing. We are experiencing issues with employees whose mailbox is on
Exchange 2016 and are using outlook 2010. It takes too long to connect to the exchange server and freezes at
times.
On checking the connection status, we see it is trying to connect to the exchange 2010 server-

server name: old URL name of exchange 2010 server-

protocol: RPC/TCP
status: connecting
type: public folder

We checked the public folder, it is empty.

This issue is only with outlook 2010. Outlook 2013 and 2016 works fine.

Is this because of incompatibility of outlook 2010 with exchange 2016 or we missed some configuration?

Can you please share your thoughts on this.

Thanks.

 Reply

Michael Firsov on November 17, 2016 at 12:33

Hi Ankit,
Outlook 2010 is supported with Exchange 2016 in case KB2965295 is installed (on a client) as stated here:
Exchange 2016 system requirements
I’d try to remove the empty public folder (if installing KB2965295 would not help) cos one of the main
differences between Exch2010 and Exch2016 is the absence of Public Folder database in 2016 – maybe if
you migrate all needed public folders to public mailboxes (I mean Public folders that reside inside Public
mailboxes) in Exch2016 Outlook 2010 could connect more easily…
Please post any questions here should you have any.

 Reply

Hamid Tabatabaei on September 12, 2017 at 15:35

Thank you. Really useful!

 Reply

Michael Firsov on September 12, 2017 at 17:12

Thank you very much for you words, Hamid – you’re always welcome!