Announcement

Collapse
No announcement yet.

Single exchange to front/back end exchange ..

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Single exchange to front/back end exchange ..

    Hello All ..

    Planning to take our current Exchange server running RPC over HTTPS with no problems and making a front end/back end environment. Its also the PDC, so I'd love to hear that back-end is where it goes.

    So the questions..

    1. Should the already existing server become front or back end?

    2. Does RPC over HTTPS need to be enabled on both?

    3. Will ActiveSync still work? If so, with which svr (front or back)

    4. Where does the certificate go? fron and back end?

    5. Can I apply a wildcard to the front-end and a name based webmail.domain.com to the back end? (this would depend on answers of 3 & 4)

    Thats about it for now.. Looking forward to a great thread..


    ..LBS
    Last edited by LBSources; 7th June 2007, 19:10.

  • #2
    Re: Single exchange to front/back end exchange ..

    It's also a PDC, are you running this on NT4.0?
    1 1 was a racehorse.
    2 2 was 1 2.
    1 1 1 1 race 1 day,
    2 2 1 1 2

    Comment


    • #3
      Re: Single exchange to front/back end exchange ..

      Sorry I didnt include the OS .. Its Windows 2003 R2 SP1 Standard..

      Comment


      • #4
        Re: Single exchange to front/back end exchange ..

        I've not ever setup RPC over HTTP so I'll only be able to answer half your questions, I hope it helps!

        1. Should the already existing server become front or back end?
        Your choice. If your new server is going to be better spec'd, I'd use that as the back end Mailbox Server. Move all mailboxes to the new server, and then make the old one the front end.

        2. Does RPC over HTTPS need to be enabled on both?
        Don't know!

        3. Will ActiveSync still work? If so, with which svr (front or back)
        Yep. ActiveSync should be configured so that it comes in via the f\e.

        4. Where does the certificate go? fron and back end?
        Over to someone else for confirmation, but I would think as your communications will be via the f\e, with communications proxied to the b\e, that the cert must go on the front end.

        5. Can I apply a wildcard to the front-end and a name based webmail.domain.com to the back end? (this would depend on answers of 3 & 4)
        Not quite sure what you mean here. You would normally arrange external DNS so that webmail.domain.com points to the IP address of your front end server.

        robbyb

        Comment


        • #5
          Re: Single exchange to front/back end exchange ..

          Originally posted by robbyb View Post
          Your choice. If your new server is going to be better spec'd, I'd use that as the back end Mailbox Server. Move all mailboxes to the new server, and then make the old one the front end.
          Ok .. The specs will be more or less the same. The question though following is how do I tell the OLD Exchange server about the new one? or is it not necessary and just running the exchange f/e install for the front end is enough ..

          Originally posted by robbyb View Post
          Yep. ActiveSync should be configured so that it comes in via the f\e.
          Ok ..

          Originally posted by robbyb View Post
          Over to someone else for confirmation, but I would think as your communications will be via the f\e, with communications proxied to the b\e, that the cert must go on the front end.
          Ok ..

          Originally posted by robbyb View Post
          Not quite sure what you mean here. You would normally arrange external DNS so that webmail.domain.com points to the IP address of your front end server.
          I guess what I should have asked was if a cert is necessary on the b/e. I'll explain why .. Activesync will not work with a wildcard vertificate, hence why i mentioned using a named.domain.com cert for the b/e, but seeing that activesync works with the f/e I'll have a decision to make.

          Robby thanks for all your help thus far.. Much appreciated!

          Anyone else? or anyone else have experience with this?

          LB

          Comment


          • #6
            Re: Single exchange to front/back end exchange ..

            You are welcome.

            Originally Posted by robbyb
            Your choice. If your new server is going to be better spec'd, I'd use that as the back end Mailbox Server. Move all mailboxes to the new server, and then make the old one the front end.

            Ok .. The specs will be more or less the same. The question though following is how do I tell the OLD Exchange server about the new one? or is it not necessary and just running the exchange f/e install for the front end is enough ..
            You won't need to 'tell' the old Exchange server about the new one as such. As long as you run the install, and then at the approp bit in the install, choose to join an existing organization, they'll know about each other.

            After that, it's just a tick box within ESM on your chosen server and it is then a front end! Being a front end is more about 'positioning' the server. Like whether it's in a DMZ or not, or perhaps your firewall is configured so that mail is sent to the f\e first...

            robbyb

            Comment


            • #7
              Re: Single exchange to front/back end exchange ..

              Originally posted by robbyb View Post
              You are welcome.



              You won't need to 'tell' the old Exchange server about the new one as such. As long as you run the install, and then at the approp bit in the install, choose to join an existing organization, they'll know about each other.

              After that, it's just a tick box within ESM on your chosen server and it is then a front end! Being a front end is more about 'positioning' the server. Like whether it's in a DMZ or not, or perhaps your firewall is configured so that mail is sent to the f\e first...

              robbyb
              I understand.. Hey thanks!

              Comment


              • #8
                Re: Single exchange to front/back end exchange ..

                Having Exchange on a domain controller is your first problem. You need to remove that. If you are buying new hardware I would take the opportunity to buy something that can act as a backend server, swing the data across so Exchange can be removed from the original server, then remove Exchange, DCPROMO the machine out, drop from a domain and wipe it.
                Rebuild as Exchange 2003 and make it a frontend.

                If you want to use Exchange ActiveSync then you cannot use a wildcard SSL certificate as Windows Mobile doesn't support them, unless you are going to use 100% Windows Mobile 6 devices.

                RPC over HTTPS is only enabled on the frontend server, not the backend. The registry changes have to be undone, but the GUI is designed for FE/BE.

                Before setting the frontend server as a frontend, ensure that it has the same patches as the backend. When updating the servers in the future, the frontend must always be done first.

                Simon.
                --
                Simon Butler
                Exchange MVP

                Blog: http://blog.sembee.co.uk/
                More Exchange Content: http://exchange.sembee.info/
                Exchange Resources List: http://exbpa.com/
                In the UK? Hire me: http://www.sembee.co.uk/

                Sembee is a registered trademark, used here with permission.

                Comment


                • #9
                  Re: Single exchange to front/back end exchange ..

                  Originally posted by Sembee View Post
                  Having Exchange on a domain controller is your first problem. You need to remove that. If you are buying new hardware I would take the opportunity to buy something that can act as a backend server, swing the data across so Exchange can be removed from the original server, then remove Exchange, DCPROMO the machine out, drop from a domain and wipe it.
                  Rebuild as Exchange 2003 and make it a frontend.

                  If you want to use Exchange ActiveSync then you cannot use a wildcard SSL certificate as Windows Mobile doesn't support them, unless you are going to use 100% Windows Mobile 6 devices.

                  RPC over HTTPS is only enabled on the frontend server, not the backend. The registry changes have to be undone, but the GUI is designed for FE/BE.

                  Before setting the frontend server as a frontend, ensure that it has the same patches as the backend. When updating the servers in the future, the frontend must always be done first.

                  Simon.
                  Simon thanks for all of your help, suggestions and recommendations..

                  I think I'm set ..

                  LB

                  Comment

                  Working...
                  X