Exchange Server 2007 CAS-CAS Proxying Guidelines..
Hello Folks,
I've seen a lot of posts about CAS-CAS Proxying in Exchange Server 2007. Then, I will go over some key points that we must not forget when we are deploying this kind of solution. These points can be seen below:
-
1 CAS Server in each site that has a MAILBOX server
-
Only in the CAS which will be published on the internet you must set up the externalURL attribute with your external name
-
All other "child" CAS servers must be set up with Integrated Authentication insted of forms authentication
-
ExternalURL in the child sites must be empty
Set-OwaVirtualDirectory <owa> -ExternalURL:$null
Ps.: If you enableExternalURL in child CAS Servers, then you will have Redirection feature not Proxy.
-
Make sure that you internalURL is appropriate. By default is the name of server, make sure that it makes sense (I wrote this one, because I saw a customer using external address into the internal address
)
-
make sure that RedirectToOptimalOWAServer is set to $True, you can use the following cmdlet: set-owavirtualdirectory "owa (default web site)" -RedirectToOptimalOWAServer $true
-
The same for Exchange Server 2003 back-end servers you must not enable forms authentication
-
If you are using ISA Server to publish the CAS Server (recommended) you must disable Forms in the "parent" CAS server, ISA server will take care of the Forms
-
Give some time for Active Directory Replication
Built in tools to help you in this kind of scenario:
- IIS logs are your friend, you can validate by them if everything is going well
- You can also validated using OWA session on the About section you can see if CAS Proxy-to-Proxy is working as well
I hope that it can help you in your CAS-CAS Proxying deployment.
Best Regards,
Anderson Patricio