Geographically redundant cas array

Status
Not open for further replies.
J

jeremybnz

We're looking at putting in a second exchange 2010 server, we have one here in NZ and a new one will go in the US, both will be in a DAG, with about half the users external using outlook anywhere connecting to US server, other half internal only connecting the NZ server. We need OWA as well, and currently have outlook anywhere and OWA on the same FQDN with one server.

We plan to geographically load balance it so people in NZ can still use outlook anywhere / OWA connecting locally from home etc, which we can do with our dns provider, also provides failover if one site goes down etc...

The question is, how do we achieve this, maintaining the same FQDN for all the servers? I've read up on CAS arrays and they seem only really for internal clients to use, setting the FQDN to the external address seems like its not recommended.

I assume we install a certificate for the FQDN with also the servers names in it as well as part of the process? hmmm... struggling to find a definitive answer on this, so any help would be much apreciated!

Jeremy.
 
M

Mike Crowley [MVP]

You can only have a single CAS Array in a given Active Directory site. Furthermore, a CAS Array cannot “span” multiple Active Directory sites.

So unless you are using a stretched site across the pond (not recommended), you cannot use a single CAS array.

It sounds like you"d be best off with regional entry points (i.e. one for US another for NZ)

Mike Crowley
Check out My Blog!
 
M

Mike Crowley [MVP]

Exchange 2010 Organizational Models

This topic examines the following types of topology:
Consolidated Datacenter Model This model consists of a single physical site. All servers are located within the site, and there's a single namespace, for example, mail.contoso.com. Single Namespace with Proxy Sites This model consists of multiple physical sites. Only one site contains an Internet-facing Client Access server. The other sites aren't exposed to the Internet. There's only one namespace for the sites in this model, for example, mail.contoso.com. Single Namespace and Multiple Sites This model consists of multiple physical sites. Each site can have an Internet-facing Client Access server. Or, there may be only a single site that contains Internet-facing Client Access servers. There's only one namespace for the sites in this model, for example, mail.contoso.com. Regional Namespaces This model consists of multiple physical sites and multiple namespaces. For example, a site that's located in New York City would have the namespace mail.usa.contoso.com, a site that's located in Toronto would have the namespace mail.canada.contoso.com, and a site that's located in London would have the namespace mail.europe.contoso.com. Multiple Forests This model consists of multiple forests that have multiple namespaces. An organization that uses this model could be made up of two partner companies, for example, Contoso and ContosoOnline. Namespaces might include mail.usa.contoso.com, mail.europe.contoso.com, mail.asia.contosoonline.com, and mail.europe.contosoonline.com.
http://technet.microsoft.com/en-us/library/dd351198.aspx

Mike Crowley
Check out My Blog!
 
J

jeremybnz

Thanks Mike, the regional namespacing looks to be like what I'm trying to achieve, would you recommend the US site be in a seperate forest or could it stay in the same? we will have a local GC / DC for the US server :)
 
M

Mike Crowley [MVP]

The general rule is to keep as few domains and forests as possible. So, unless you have a reason not to, I"d make this a single domain in a single forest.

Use an Active Directory site for each physical location with low bandwidth and/or high latency connecting them.

Mike Crowley
Check out My Blog!
 
J

jeremybnz

Groovy, never setup a second AD site so will be fun, do the users need to exist in that site as well?

I assume both exchange servers should have seperate names and I set the rpcclientaccess setting on the appropriate db's to that servers fqdn for outlook anywhere, autodiscover will make the clients connect to the correct one?

Sorry about all the questions!!
 
M

Mike Crowley [MVP]

On a domain controller:
dssite.msc add the new site add subnets and associate them with the sites adjust the site link connector if you want the domian controllers in each site to talk more than every 3 hours.

Also understand a site is a boundary for Exchange. It requires DCs in it's local site. Also for every site you have a mailbox server, you need at least 1 HT and CAS (though they could all be on 1 box.)

Either way you go, you'll want a solid understanding of:
cas arrays dags sites namespaces load balancing dns

If you feel you're not a pro in any of those areas, you might want to find some help with the design.

PS, sites affect a whole lot in AD. A site object is fundamental to how AD works, so if you've got users in this forest, you'll want to plan before you change sites around...

Mike Crowley
Check out My Blog!
 
J

jeremybnz

Hmmm, definately not an AD pro, the site option looks like a good option tho', DC at second site and all roles on the exchange server so no problems there, will have to do some reading into sites, I assume I can do it without the second site setup then change it later?
 
J

jeremybnz

Setup of a second site looks fairly easy, move the associated serves into it, the users who will be connecting to it won't be joining machines to the domain if that makes any difference, only using outlook anywhere / owa, so users can stay in main site?
 
S

Steve Goodman

Setup of a second site looks fairly easy, move the associated serves into it, the users who will be connecting to it won't be joining machines to the domain if that makes any difference, only using outlook anywhere / owa, so users can stay in main site?
Yes, you are right. User accounts are not tied to a site and are replicated to all DCs in the domain.

You should note that you need Active Directory infrastructure (including Global Catalog(s)) in the second site.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
J

jeremybnz

Thanks Steve, I have a DC / GC box in second site, albeit on a different subnet, but it looks like I can assign multiple subnets to a site :)
 
J

jeremybnz

Righto, second site setup, exchange installed, assume autodiscover will redirect outlook anywhere clients to correct regional namespaced site?

So the idea is that in the DAG the NZ mailboxes are active on webmail-nz, US mailboxes active on webmail-us, copies on each other etc. I hope this is how it should work? I find the documentation a bit sparse in this regard.

Also is it possible to have OWA & Autodiscover setup on both machines for external access as the same FQDN? we can do geographically targetted dns to make life easier for clients :)
 
M

Mike Crowley [MVP]

Regarding the user redirection:

" Although the Client Access server's response can vary by protocol, when a Client Access server receives a request for a user whose mailbox is in an Active Directory site other than the one the Client Access server belongs to, it looks for the presence of an ExternalURL property on the relevant virtual directory on a Client Access server that's in the same Active Directory site as the user's mailbox. If the ExternalURL property exists, and the client type supports redirection (for example, Outlook Web App or Exchange ActiveSync), the Client Access server will issue a redirect to that client. "

src: http://technet.microsoft.com/en-us/library/bb310763.aspx

Mike Crowley
Check out My Blog!
 
Status
Not open for further replies.
Similar threads
Thread starter Title Forum Replies Date
L Outlook clients did not reconnect to Exchange when one CAS server in CAS array became unresponsive Exchange Server Administration 1
A Exchange 2010 CAS Failover from Internet Facing site to Non-Internet Facing Site - Certificate Issue Exchange Server Administration 3
C Watson Error on CAS Exchange Server Administration 1
S Exchange 2010 CAS/HT/Mailbox moved - best practice/steps for decommissioning 2007 Exchange Server Administration 3
S Load balance Autodiscover with multiple CAS servers. Exchange Server Administration 2
S Load balance Autodiscover with multiple CAS servers. Exchange Server Administration 3
M Fundamental CAS question for Exchange 2010 and 2007 Co-existence... Exchange Server Administration 7
M Exchange ActiveSync HTTP 500 Exchange CAS/HUB 2007 and Exchange 2003 BE & MBX CCR 2007 Using Outlook 1
B CAS Array and NLB Exchange Server Administration 3
S Exchange CAS server OAB directory not showing web.config file Exchange Server Administration 3
T RBAC Error on UM/CAS Servers Exchange Server Administration 2
R FQDN of Exchange CAS servers not in SSL cert Exchange Server Administration 2
D CAS Autodiscover using -rpcclientaccessserver Exchange Server Administration 5
D CAS Design Question Exchange Server Administration 4
D Exchange 2010 CAS at 2 different Sites Exchange Server Administration 2
T Cas server uninstall failed... Now how to reinstall? Exchange Server Administration 4
S Do you need a CAS Server in Order to Use OWA in Exchange 2010 (E14)? Exchange Server Administration 9
D CAS Array Question Exchange Server Administration 11
M Proper way to install Exchange 2010 SP1 on a CAS Array Exchange Server Administration 3
S Any system impact if change exchange 2010 CAS/HUB and Mailbox server IP address Exchange Server Administration 1
B Exchange 2003 OWA/OA/AS over NAT and Exchange 2010 CAS Exchange Server Administration 4
B Re: Exchange 2007 and CAS from Exchange 2010 problem Exchange Server Administration 15
M Re: Exchange 2007 and CAS from Exchange 2010 problem Exchange Server Administration 2
J Segmenting IMAP traffic from CAS Array Exchange Server Administration 8
I Exchange 2007 and CAS from Exchange 2010 problem Exchange Server Administration 4
T ActiveSync proxy problem from Exchange 2010 CAS to Exchange 2007 CAS Exchange Server Administration 5
M CAS Issue: OWA/Outlook remote users cannot login Exchange Server Administration 1
C CAS Proxy problem Exchange Server Administration 5
K Exchange 2010 OWA redirection between 2 CAS Servers Exchange Server Administration 5
S exchange 2010 cas memory usage Exchange Server Administration 2
P Exchange 2010 SP1 Cross Site CAS connection disable Exchange Server Administration 2
R Multiple CAS - Best practice with certificate request Exchange Server Administration 4
B CAS Array and Outlook 2003 clients Exchange Server Administration 5
H Outlook 2007 periodically disconnects from Exchange 2010 CAS - OWA works Using Outlook 4
S CAS array in Exchange 2010 Exchange Server Administration 1
G Exchange 2010 CAS Array Exchange Server Administration 4
C CAS Connections overview Exchange Server Administration 9
S CAS/MBX reboot best practices. Exchange Server Administration 7
D CAS Array Questions Exchange Server Administration 3
E error cas Exchange Server Administration 2
T Exchange 2010 CAS Array setup and lab Exchange Server Administration 18
S NLB exchange 2010 CAS Array Exchange Server Administration 4
B CAS certificate question Exchange Server Administration 3
S Access CAS Array Behind ISA 2006 Exchange Server Administration 6
F Error on CAS Exchange Server Administration 3
J Exchange 2010 CAS Server OWA Redirection to Exchange 2003 Fail Exchange Server Administration 4
C Introduce another CAS/HT server on the cas array on NLB Exchange Server Administration 7
H Is possible to have exchange 2007 CAS point to the exchange 2010 CAS? Exchange Server Administration 2
2 muliptle external domains to access one CAS server Exchange Server Administration 4
N Exchnage 2010 Hub Cas Edge Server Recovery Exchange Server Administration 3

Similar threads

Top