Complex OWA Proxy Scenario
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin-top:0in;margin-right:0in;margin-bottom:10.0pt;margin-left:0in;line-height:115%;font-size:11.0pt;font-family:'Calibri','sans-serif';}
a:link, span.MsoHyperlink
{color:blue;text-decoration:underline;text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;text-decoration:underline;text-underline:single;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{margin-top:0in;margin-right:0in;margin-bottom:10.0pt;margin-left:.5in;line-height:115%;font-size:11.0pt;font-family:'Calibri','sans-serif';}
p.MsoListParagraphCxSpFirst, li.MsoListParagraphCxSpFirst, div.MsoListParagraphCxSpFirst
{margin-top:0in;margin-right:0in;margin-bottom:0in;margin-left:.5in;margin-bottom:.0001pt;line-height:115%;font-size:11.0pt;font-family:'Calibri','sans-serif';}
p.MsoListParagraphCxSpMiddle, li.MsoListParagraphCxSpMiddle, div.MsoListParagraphCxSpMiddle
{margin-top:0in;margin-right:0in;margin-bottom:0in;margin-left:.5in;margin-bottom:.0001pt;line-height:115%;font-size:11.0pt;font-family:'Calibri','sans-serif';}
p.MsoListParagraphCxSpLast, li.MsoListParagraphCxSpLast, div.MsoListParagraphCxSpLast
{margin-top:0in;margin-right:0in;margin-bottom:10.0pt;margin-left:.5in;line-height:115%;font-size:11.0pt;font-family:'Calibri','sans-serif';}
.MsoChpDefault
{;}
.MsoPapDefault
{margin-bottom:10.0pt;line-height:115%;}
@page Section1
{size:8.5in 11.0in;margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
Ive got what I believe is a pretty complex OWA proxy question, so while I appreciate any help, please read carefully so you understand the exact scenario! Having said that, thanks in advance!!
Weve got two physical locations with ridiculously high bandwidth between them, so please dont mention anything about bandwidth performance implications
Each AD defined site has two dedicated Client Access servers. There are a total of 4 dedicated Client Access servers in the Org. Both of these sites need to play a part in servicing external OWA requests. We expect OWA to be used very heavily.
We are using a 2008-based multi-site Clustered Mailbox Server for our back-end" environment.
Our external OWA address is https://exch.domain.com/owa. Our internal DNS namespace is also domain.com and were successfully leveraging a split-DNS configuration.
Ok, so now here is the complex part:
We are using a 3rd party (Cisco) load balancer to evenly balance inbound port 443 sessions across all 4 servers, which as I mentioned are in two different sites.
When traffic comes in to a CAS in the wrong site it needs to proxy the connection properly. According to this flowchart, is this impossible? The last diamond says Does Best CAS have ExternalURL set?, and if so, return a link for redirection (not proxy). Do I understand this right? In our environment, we have no internal users and all Client Access servers will need to handle external traffic.
Ive already read the below links but they seem inconsistent and/or incomplete:
http://msexchangeteam.com/archive/2007/10/12/447266.aspx
http://msexchangeteam.com/archive/2007/09/10/446957.aspx
http://msexchangeteam.com/archive/2007/09/04/446918.aspx
http://technet.microsoft.com/en-us/library/bb310763.aspx
http://technet.microsoft.com/en-us/library/cc671173.aspx
http://technet.microsoft.com/en-us/library/bb885049.aspx
http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=3314750
How should the InternalURL and ExternalURL values be set on each Client Access server to facilitate my above mentioned requirements? I'd also like to know about any Outlook Anywhere and Autodiscover implications.
December 3rd, 2008 11:09pm
I've just come across this link:
http://technet.microsoft.com/en-us/library/cc164344.aspx#SingleMultiple
(If that didnt bring you to the right area look the section called Single Namespace with Multiple Sites. Im not suggesting to read the whole thing )
efinitions */
@font-face
{font-family:Wingdings;panose-1:5 0 0 0 0 0 0 0 0 0;}
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;margin-bottom:.0001pt;font-size:11.0pt;font-family:'Calibri','sans-serif';}
span.EmailStyle15
{font-family:'Calibri','sans-serif';color:#1F497D;}
.MsoChpDefault
{font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
Im amusedthat they suggest against this model no less than 3 times, but it implies you just have to clear the externalurl attribute? Its frusturating this is one of many articles that touches on the issue but fails to elaborate.
Free Windows Admin Tool Kit Click here and download it now
December 3rd, 2008 11:19pm
Hi Mike,
I think this should be possible but you'd need to have windows integrated authentication on owa virtual directory for all CAS servers. Remember this means no FBA screen, so you can use maybe an ISA server if FBA is required. none of the virtualdirectories should have an external url specified. P.S check this article by Brad Hughes about loadbalancing best practices for CAS
http://blogs.msdn.com/brad_hughes/archive/2007/09/10/cas-load-balancing-certificates-autodiscover-and-webservices.aspx
and
http://blogs.msdn.com/brad_hughes/archive/2007/10/29/cas-load-balancing-best-practices-part-2.aspx
Notein regard to Affinity settingsOWA and EWS are "stateful" applications. Because of this, they must maintain the connection with the same CAS throughout a users session.
December 4th, 2008 4:18am
Thanks a lot! I had just come to this conclusion on my own as well, and testing so far indicates its working properly...There are a lot of articles that discuss this concept in fragments, and talk about non-default behaviors but nothing explains the defaults and all of the elements in a single thought. Maybe I'll write something up...PS: I'll read those posts on the content switch, i think thats my final challenge. I don't quite understand it yet, but here is an article that talks about it too, but more the merrier!
Free Windows Admin Tool Kit Click here and download it now
December 4th, 2008 8:25pm
Hi Mike,
I have the exact same requirement and have scoured thru information but still find that information is incomplete. There seems to be not enough information with regards to setting up a single namespace in a multi site scenario. I have two internet
facing CAS servers on different sites with an ISA server located on each site. What is the best way to configure ISA and CAS servers on both sites? Which services will be available or not available on this configuration e.g. Activesync, autodiscover
if the main goal of the design is to have single namespace and yet be able to failover on each site?
Thanks
December 20th, 2010 3:05am
Hi Mike,
I have the exact same requirement and have scoured thru information but still find that information is incomplete. There seems to be not enough information with regards to setting up a single namespace in a multi site scenario. I have two internet
facing CAS servers on different sites with an ISA server located on each site. What is the best way to configure ISA and CAS servers on both sites? Which services will be available or not available on this configuration e.g. Activesync, autodiscover
if the main goal of the design is to have single namespace and yet be able to failover on each site?
Thanks
Free Windows Admin Tool Kit Click here and download it now
December 20th, 2010 11:02am