Microsoft Exchange Design Discussions
 
Outlook
(1)
Activesync
(1)
Mailboxes
(1)
Subnet
(1)
Havent
(1)
Imap
(1)
Cert
(1)
Thng
(1)

Two exchange servers, one domain, no FE, OWA and SSL

Asked By gjl_support
03-Nov-09 01:00 PM
Reply
We have two exchange 2003 sp2 boxes, A and B. A is set as the master and B is
set as the secondary. Outlook email is working fine for both servers. For all
users that have their mailbox setup on serverA, they are able to access their
email just fine from owa both internally and externally. For users that have
their mailbox residing on serverB, they are not able to access owa from
anywhere. When serverB users go to https://serverA/exchange, they get page
cannot be displayed. However, when they are internal and they access
http://serverB/exchange (not https), then owa comes up just fine, but I want
them to use ssl. I compared the two and noticed that there is no ssl cert
configured for serverB and there is one for serverA.  I dont have any extra
hardware to implement an FE.

Here are my thoughts for allowing serverB users to access OWA:

1.  I assume I will need to create a new MX for serverB, point it to the
gateway of the subnet where serverB resides and then create a NAT rule to
redirect it to the internal IP of serverB?

2.  Create an SSL cert for serverB and give the users with mailboxes on
serverB the correct OWA address?

Ive never worked with multiple exchange servers in a single domain so please
pardon my ignorance.  Thank you.


Thanks!

What's this master and secondary thng?

Mark Arnold [MVP] replied to gjl_support
03-Nov-09 01:07 PM
Reply
What's this master and secondary thng? There is no such thing in
Exchange 2003 (or 2007 for that matter)

No. No MX record.

Mark Arnold [MVP] replied to gjl_support
03-Nov-09 01:11 PM
Reply
No. No MX record. Deliver all mail to the current MX record and it
will sort it out from there. Create an MX if you want but it will be
additional work for you.

You do need an A record for the other server though.

Yup.  A new certificate.

To chime in,Don't worry about adding an extra MX record, unless you see value

Oliver Moazzezi [MVP] replied to Mark Arnold [MVP]
09-Nov-09 12:23 PM
Reply
To chime in,

Don't worry about adding an extra MX record, unless you see value in doing
so incase Server A goes down.

If you cannot implement an Exchange 2003 FE, which would proxy all OWA
requests (as well as pop/imap/activesync) to both backends. You will have to
have two OWA urls.

One for ServerA
One for ServerB.

The Certificate will be unique to each.

Oliver
Sorry, it is Master and Member. Server A is the Master, Server B is a Member.
gjl_support replied to Mark Arnold [MVP]
12-Nov-09 01:08 PM
Reply
Sorry, it is Master and Member.  Server A is the Master, Server B is a Member.
So I create a new OWA URL, and then what?
gjl_support replied to Oliver Moazzezi [MVP]
12-Nov-09 01:12 PM
Reply
So I create a new OWA URL, and then what?  Is there a good site that has
instructions on how to create a second owa url or is it just like creating
the first one?  And how do I associate that second owa url to server B?  Is
it through the ssl cert that I will create for it?

Sorry, Im more of a network guy, havent done much designing with Exchange yet.
You create the Exchange the same as you would have done the first.
Mark Arnold [MVP] replied to gjl_support
12-Nov-09 01:25 PM
Reply
You create the Exchange the same as you would have done the first. You
create a certificate the same way, all that is going to happen is that
it will have a different name.
Nothing changes.
Post Question To EggHeadCafe