Client Connectivity in an
Exchange 2013 Coexistence Environment
Ambiguous URLs and their
effect on Exchange 2010 to Exchange 2013 Migrations
Install Exchange 2013 in an Existing
Exchange 2007 Organization
Exchange
2007 And 2013 Outlook Anywhere Co-Existence
Disabling IPv6 On
Exchange 2007
Before you install
Exchange 2013, you might need to disable IPv6 on some of your Exchange 2007
servers. Some connections between Exchange 2007 and Exchange 2013 don't work
correctly when IPv6 is enabled and an Exchange 2007 server has both the Mailbox and Client Access server
roles installed.
"Make sure that
when you enable Outlook Anywhere on the Client Access Server, choose NTLM for
IIS authentication."
Exchange
2010/2007 to 2013 Migration and Co-existence Guide
****************************************************************************
****************************************************************************
****************************************************************************
EXAMPLE
Exchange 2007
Ex2007.domain.com
Exchange 2007 SP3
RU10
192.168.100.10
Exchange 2013
Ex2013.domain.com
Exchange 2013 RU3
192.168.100.20
- Prior to Exchange 2013
|
Virtual Directory
|
Current 2007 Values (Prior to
Exchange 2013)
|
|
OWA
|
|
|
ECP
|
N/A
|
|
ActiveSync
|
|
|
Outlook Anywhere
|
externalHostName: webmail.domain.com
IISAuthenticationMethods: Basic
ClientAuthenticationMethods: Basic
|
|
Exchange Web Services
|
internalURL: https://webmail.domain.com/EWS/Exchange.asmx
externalURL:https://webmail.domain.com/EWS/Exchange.asmx |
|
AutoDiscover
|
AutoDiscoverServiceInternalURI:https://autodiscover.domain.com/Autodiscover/Autodiscover.xml
|
…and
DNS was configured as follows:
|
A Record
|
IP Address
|
|
webmail.domain.com
|
192.168.100.10
|
|
autodiscover.domain.com
|
192.168.100.10
|
- After:
|
Virtual Directory
|
2007
|
2013
|
|
OWA
|
internalURL:
externalURL:
|
|
|
ECP
|
N/A
|
internalURL:
externalURL:
|
|
ActiveSync
|
internalURL:
externalURL: $null
|
internalURL:
externalURL:
|
|
Outlook Anywhere
|
externalHostName:
webmail.domain.com
IISAuthenticationMethods:
Basic,NTML
ExternalClientAuthenticationMethods:
Basic
|
externalHostName:
webmail.domain.com
IISAuthenticationMethods:
Basic,NTML
ExternalClientAuthenticationMethods:
Basic
|
|
Exchange Web Services
|
internalURL:
externalURL:
|
internalURL:
externalURL:
|
|
AutoDiscover
|
AutoDiscoverServiceInternalURI:
|
AutoDiscoverServiceInternalURI:
|
…and
DNS will look like this:
|
A Record
|
IP Address
|
|
legacy.domain.com
|
192.168.100.10
|
|
webmail.domain.com
|
192.168.100.20
|
|
autodiscover.domain.com
|
192.168.100.20
|
OWA – (Redirect) Should be pretty
straight forward. When a user whose mailbox still resides on 2007, accesses OWA via
the 2013 CAS, they will be redirected back to 2007 via externalURL value:https://legacy.domain.com/owa
Set-OwaVirtualDirectory
–Identity “ex2013\owa (Default Web Site)” –InternalUrlhttps://webmail.domain.com/owa –ExternalURL https://webmail.domain.com/owa
Set-OwaVirtualDirectory
–Identity “ex2007\owa (Default Web Site)” –InternalUrlhttps://legacy.domain.com/owa –ExternalURL https://legacy.domain.com/owa
ActiveSync – (Proxy) I prefer to force ActiveSync to proxy from 2013 to 2007 as
some ActiveSync devices don’t
handle the redirect correctly. In order to force a proxy scenario, the externalURL value for 2007
is set to $null. The internalURL on 2007
should be configured with https://legacy.domain.com/Microsoft-Server-ActiveSync
Set-ActiveSyncVirtualDirectory
–Identity “Ex2013\Microsoft-Server-ActiveSync
(Default Web Site)” –InternalURL https://webmail.domain.com/Microsoft-Server-ActiveSync –ExternalURLhttps://webmail.domain.com/Microsoft-Server-ActiveSync
Set-ActiveSyncVirtualDirectory
–Identity “Ex2007\Microsoft-Server-ActiveSync
(Default Web Site)” –InternalURL https://legacy.domain.com/Microsoft-Server-ActiveSync –ExternalURL $null
Outlook Anywhere – (Proxy) All OA connections, both 2007
mailboxes and 2013 mailboxes will now connect via the 2013 CAS. 2013 will proxy connections back to 2007 for legacy mailboxes. The externalHostName for both 2013 and 2007 should be the same,
(webmail.domain.com). Exchange 2007 does not support “Negotiate” authentication (See image below). Therefore the externalClientAuthenticationMethods should be
configured to match whatever is configured for 2007, either Basic or NTLM. For OA to proxy from 2013 to 2007, the IISAuthenticationMethods on
2007 must be reconfigured to support both Basic and NTLM. By default, Exchange 2007 IISAuthenticationMethods is set to just
Basic. NTLM must be added for the proxy to work.
Set-OutlookAnywhere
–Identity “Ex2013\Rpc
(Default Web Site)” –InternalHostname
webmail.domain.com –ExternalHostName webmail.domain.com –ExternalClientAuthenticationMethod Basic –IISAuthenticationMethods Basic,NTLM
Set-OutlookAnywhere
–Identity “Ex2007\Rpc
(Default Web Site)” –IISAuthenticationMethods
Basic,NTLM
Exchange Web Services –
(AutoDiscover) Autodiscover is used to retrieve the EWS configuration for the
2007 users.
Set-WebServicesVirtualDirectory
–Identity “Ex2013\EWS (Default Web Site)” –InternalURLhttps://webmail.domain.com/EWS/Exchange.asmx –ExternalURLhttps://webmail.domain.com/EWS/Exchange.asmx
Set-WebServicesVirtualDirectory
–Identity “Ex2007\EWS (Default Web Site)” –InternalURLhttps://legacy.domain.com/EWS/Exchange.asmx –ExternalURLhttps://legacy.domain.com/EWS/Exchange.asmx
AutoDiscover – Both the 2007 and 2013 SCP locator can be configured to point to
the Autodiscover URLhttps://autodiscover.domain.com/Autodiscover/Autodiscover.xml. DNS must be updated
however so that the A record for Autodiscover.domain.com resolves to the 2013
CAS.
Set-ClientAccessServer
–Identity Ex2013 –AutoDiscoverServiceInternalUrihttps://autodiscover.domain.com/Autodiscover/Autodiscover.xml
ECP – Exchange 2007 did not have an ECP virtual
directory. Therefore, only the 2013 ECP virtual
directory needs to be configured.
Set-EcpVirtualDirectory
–Identity “Ex2013\ecp (Default Web Site)” –InternalURLhttps://webmail.domain.com/ecp –ExternalURL https://webmail.domain.com/ecp
