Mailscape MSexchange Banner 728x90 Update 02 03

Subscribe by Email

Your email:

Award Winning Exchange Monitoring & Reporting Tool

Mailscape 160x600 Animated

Browse by Tag

Follow ENow

Solutions Engine Blog

Current Articles | RSS Feed RSS Feed

Exchange 2013 OWA Coexistence with Exchange 2010

 

 

By: Krishna Kumar, MVP | 1/14/14

Outlook Web App (OWA) has been a mandatory requirement for every organization. When Exchange 2013 is introduced in an existing environment, it needs to be configured for OWA co-existence with legacy Exchange servers like Exchange 2010 or Exchange 2007. OWA co-existence configuration will provide a single namespace for users accessing OWA, regardless of where their mailbox is located. This document is for the administrator to configure OWA co-existence using single name space for both Exchange 2013 and legacy Exchange servers (Exchange 2010 and Exchange 2007)


Preparing for Coexistence:

  1. Exchange 2013 CAS and Mailbox role is installed on the internet facing the site with cumulative updates of 3 and more.

  2. Exchange 2010 servers are updated with service pack 3 and latest rollups.

  3. Create a new certificate using Exchange 2013 server and with SAN of existing OWA URL (e.g. Mail.domain.com), autodiscovery URL (e.g. Autodiscovery.domain.com) and legacy URL (eg. Legacy.domain.com) to point it to the legacy exchange server. Include additional URLs, if required.

  4. Prepare to configure internet firewall to point all OWA (mail.domain.com) web Internet traffic to the load balancer, if you have multiple Exchange 2013 CAS servers, else you can directly point to Exchange 2013, if you have one Exchange server. This is important because Exchange 2013 CAS server has a point of contact for all OWA requests, from both internal and external.

  5. Add legacy.domain.com DNS entry for both; internally and externally to point out to the legacy Exchange 2010 CAS servers and also open the internet firewall ports to point legacy.domain.com to exchange 2010 CAS servers.

  6. If you have TMG/UAG server in the DMZ, create an additional OWA rule for legacy.domain.com to point to the Exchange 2010 server. 

 

Configuring Exchange 2013 OWA Coexistence with Exchange 2010

  1. Install and configure the certificate on all internet facing Exchange 2013 CAS servers.

  2. Configure Exchange 2013 OWA virtual directory with external URL and Authentication settings. External URL has to be the one, which is in the SAN of the certificate and users use to connect from the Internet. Below settings with authentication configuration allows the users to connect, authenticate and access emails using Forms based authentication.


    Set-OwaVirtualDirectory -Identity "Exchange2013_CAS_Server_Name\OWA (Default Web Site)"     -InternalURLhttps://owa.domain.com/OWA-ExternalURL https://owa.domain.com/OWA -FormsAuthentication $True -BasicAuthentication $True
  1. Exchange control panel (ECP) virtual directory needs to match the OWA virtual directory settings in Exchange 2013 servers


    Set-ECPVirtualDirectory -Identity "Exchange2013_CAS_Server_Name\ECP (Default Web Site)"–InternalURLhttps://owa.domain.com/ECP -ExternalURLhttps://owa.domain.com/ECP -FormsAuthentication $True -BasicAuthentication $True
  1. Configure Exchange 2010 external URL with https://legacy.company.com/owa and configure internal URL to $null. We also need to make sure that authentication is also configured and it has to be the same as the Exchange 2013 OWA virtual directory.  Below is the reference cmdlet to configure external URL and forms based authentication on OWA virtual directory.


    Set-OwaVirtualDirectory -Identity "Exchange2010_CAS_Server_Name\OWA (Default Web Site)" -ExternalURL https://legacy.domain.com/owa -FormsAuthentication $True -BasicAuthentication $True.
  1. Similarly, Exchange 2010 Server ECP virtual directory needs to match its OWA virtual directory settings.


    Set-ECPVirtualDirectory -Identity "Exchange2010_CAS_Server_Name\ECP (Default Web Site)"           -InternalURLhttps://legacy.domain.com/ECP -ExternalURLhttps://legacy.domain.com/ECP                   -FormsAuthentication $True -BasicAuthentication $True
  1. Change internal DNS for mail.domin.com, to point to the internal load balancer (which points to Exchange 2013 CAS) or Exchange 2013 CAS server directly.


  1. Configure firewall to allow https://mail.domain.com/OWA traffic to point to Exchange 2013 server and also allow https://legacy.domain.com/OWA to point to Exchange 2010 servers or TMG


  1. If you have TMG, make necessary changes on the TMG OWA rules to point https://mail.domin.com traffic to Exchange 2013 CAS server and https://legacy.domain.com traffic to point to the Exchange 2010 CAS servers


When users access https://mail.domain.com/ from the internet, it connects to Exchange 2013 CAS. These CAS servers determine the mailbox location and if the mailbox is in Exchange 2013 mailbox server, then it just proxies the request to the appropriate mailbox server. Similarly, when the mailbox is on Exchange 2010 then it performs a silent redirection to Exchange 2010 mailbox, as we have configured the same OWA Legacy URL configuration and virtual directory authentication on both Exchange server and legacy exchange server.

Hope you have got some good understanding on preparing and configuring Exchange 2013 and legacy exchange CAS servers for co-existence mode in singe AD site. This configuration will also work, if your legacy system is Exchange 2007.

__________________

If you got this far, you are probably an Exchange Administrator and need to try out Mailscape

Mailscape is a unique and innovative Exchange management tool that combines all the key elements for Exchange monitoring, administration, and reporting in a single solution.

Take Mailscape for a TEST DRIVE!

 

 

Comments

As far as I know for For Exchange 2010 you don't need to configure a legacy namespace. It is only required in case of Exchange 2007
Posted @ Thursday, January 16, 2014 7:20 AM by PP
We need some alternative path to access Exchange 2010 OWA. Legacy name space allow us to access the Exchange 2010 OWA using the alterative path
Posted @ Saturday, January 18, 2014 6:21 AM by Krishna Kumar
Outlook web application has become a must for every corporate organization. Every organization are sending and receiving mails through outlook web application. So many customizations are happening in outlook. Outlook 2013 is the most latest and updated version. So, one should download it for getting more features and updates.
Posted @ Tuesday, February 11, 2014 2:06 AM by Michael Warne
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics