Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
OWA > Multiple AD Sites > Simplified URL > and Proxy
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
OWA > Multiple AD Sites > Simplified URL > and... - 24.Jun.2008 1:16:42 PM
|
|
|
jimigisme
Posts: 7
Joined: 24.Apr.2007
Status: offline
|
Setup:
Site 1:
Server 1EX 2K7 CAS HUBT (Internet facing)
Server 2 EX 2K7 MAILBOX
Server 3 EX 2K3 - MAILBOX
Site 2:
Server 4 EX 2K7 MAILBOX CAS HUBT (non internet facing)
Server 5 EX 2K3 MAILBOX
I am trying to setup CAS PROXYING from the Internet facing CAS box in site 1 to the Internal CAS BOX in site 2 and the EX2K3 boxes.
I have setup the simplified OWA URL by following this article:
http://technet.microsoft.com/en-us/library/aa998359(EXCHG.80).aspx I have the Home directory on both servers set to /Exchange and the custom 403;4 Error page set to the SSLRedirect.htm.
Here is the issue:
I can connect to server 1 (internet facing) I can access mailboxes on Server 2 and Server 3.
But when the proxy from Server 1 to Server 4 happens the redirect takes me to the Internal URL for OWA, which is set to https://server name.domain.com. Being that this is not a internet facing server and I dont have or want a External DNS entry for https://servername.domain.com the URL is dead.
I dont want to have my users enter the long url of OWA and Exchange, so how do I resolve the proxy abilities in the situation?
Thank you
|
|
|
|
|
RE: OWA > Multiple AD Sites > Simplified URL >... - 24.Jun.2008 1:37:24 PM
|
|
|
npatang
Posts: 83
Joined: 17.Oct.2005
Status: offline
|
This is wht my understanding is Proxy.
To access Exchange 2007 server mailboxes on Site 2 we just need the integrated Authentication on OWA VDIR on Server 1 and server 4, it use kerberos for proxying. For proxying make sure that on Server 4 we don't have the external URL set on OWA VDIR.
To access Exchange 2003 mailbox on Site 2 .. server 1 should direct communicate with server 5 port 80.. make sure that SL should not be enalbe on exchange VDIR on server 1 and server 5.
You don't have to make any DNS entry for internal FQDN as when your request will be proxy from server 1 to server 4 the URL on the IE will not change.. ( make sure that external URL is not set ).. Internal URL is transparenr for users.... who are on internet.
let me know if this make some sense to you...
_____________________________
Thanks
Npatang
|
|
|
|
|
RE: OWA > Multiple AD Sites > Simplified URL >... - 24.Jun.2008 1:43:07 PM
|
|
|
jimigisme
Posts: 7
Joined: 24.Apr.2007
Status: offline
|
You are correct, those permissions are set and the external URL on the internal CAS server is not set.
The problem here is the simplified name requires a custom redirect, this SSLredirect.htm requires a url embeded. This url is set to the same address as the internal URL on the non-internet facing CAS box. Sooooo, IE does not retain the appropriate address while doing the proxy, it acutally changes to the internal name of the non internet facing CAS box, therfore it cannot be reached.
|
|
|
|
|
RE: OWA > Multiple AD Sites > Simplified URL >... - 24.Jun.2008 1:48:09 PM
|
|
|
npatang
Posts: 83
Joined: 17.Oct.2005
Status: offline
|
Is there is any specific reason we have enable SSL redirection..
_____________________________
Thanks
Npatang
|
|
|
|
|
RE: OWA > Multiple AD Sites > Simplified URL >... - 24.Jun.2008 3:01:37 PM
|
|
|
npatang
Posts: 83
Joined: 17.Oct.2005
Status: offline
|
A Simple rule of redirection is : To whatever URL you are redirecting from HTTP to HTTPS it should be resolvable from internet.. bcz while redirecting the OWA URL changes in the IE..
_____________________________
Thanks
Npatang
|
|
|
|
|
RE: OWA > Multiple AD Sites > Simplified URL >... - 24.Jun.2008 3:15:33 PM
|
|
|
jimigisme
Posts: 7
Joined: 24.Apr.2007
Status: offline
|
Yes I understand redirection.
The issue here is combining the proxy functionality of CAS in two AD sites + using the simplified OWA URL method.
When you combine these two, you end up sending users to the internal URL of the server in the second AD site.
CAS proxy is built to provide you with the ability to have one internet facing CAS box, this works fine as long as you dont use the simplified OWA URL Method, I am trying to figure out how to combine those two things.
Is this clear?
|
|
|
|
|
RE: OWA > Multiple AD Sites > Simplified URL >... - 24.Jun.2008 4:12:57 PM
|
|
|
npatang
Posts: 83
Joined: 17.Oct.2005
Status: offline
|
Simplified URl has to be done on the internet facing CAS.. no need to do it on the non internet CAS.... and the url entered in it has to be the external URL not the internal URL.
_____________________________
Thanks
Npatang
|
|
|
|
|
RE: OWA > Multiple AD Sites > Simplified URL >... - 24.Jun.2008 4:30:14 PM
|
|
|
jimigisme
Posts: 7
Joined: 24.Apr.2007
Status: offline
|
I tried setting it up where the non-internet facing CAS box is not using the simplified URI - that does not work. The site is not available.
According to the KB - The non-internet facing CAS box should not have an External address setting.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
