Exchange Server Forums

Second OWA virtual directory using integrated windows authentication on CAS servers in NLB.

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [Microsoft Exchange 2010] >> Installation >> Second OWA virtual directory using integrated windows authentication on CAS servers in NLB.

Page: [1]

Message

<< Older Topic Newer Topic >>

Second OWA virtual directory using integrated windows a... - 7.Feb.2012 6:18:35 AM

mmexchange

Posts: 3
Joined: 6.Feb.2012
Status: offline

Currently we have an Exchange 2010 environment as follows: 2 MBX servers, 2 CAS servers in a Windows NLB and 2 HTS servers all in the production site. We also have a DR site with 1 MBX, 1 CAS and 1 HTS. My aim is to provide pass through/single sign on authentication for internal users accessing OWA whilst maintaining FBA for external users. Currently the OWA virtual directory is set for FBA.

My aim is to leave the settings on the default site that contains the OWA virtual directory as they are and create a second site in IIS with a second OWA virtual directory and configure this for Integrated Windows Authentication. I believe I will have to add a second ip to the existing NICs on the CAS servers and create the associated DNS record. Then, bind the new IP address to the new web site I have created. I will set the binding type to http rather than https with the physical path to a location on the inetpub directory.
Next add the virtual directory for OWA in powershell by:
New-OWAVirtualDirectory �Name NONFBA �WebSiteName NONFBA �InternalUrl http://internalmyemail.mylab.ad/owa At this point the virtual directory is created with default settings using FBA. I will change this to use Integrated Windows Authentication only. Then run iisreset /noforce.
In theory I think this would work. The problem I have is that the two CAS boxes are in an NLB. So currently the A record for internal mail via OWA resolves to the virtual ip address of the CAS array. So my question is how do I configure a second web site with an additional OWA virtual directory for integrated windows authentication for two CAS servers in an NLB? Also, will there be any impact on autodiscovery?

Post #: 1

Featured Links*

RE: Second OWA virtual directory using integrated windo... - 7.Feb.2012 10:39:01 AM

Gulab

Posts: 646
Joined: 31.Jul.2008
From: India
Status: offline

I curious to know, why would you do that?

_____________________________

Gulab Prasad,
Technology Consultant
Exchange Ranger
Check out CodeTwo�s tools for Exchange admins

(in reply to mmexchange)

Post #: 2

RE: Second OWA virtual directory using integrated windo... - 7.Feb.2012 12:01:17 PM

mmexchange

Posts: 3
Joined: 6.Feb.2012
Status: offline

This way we can have FBA for users outside the LAN. For users who are on the LAN and already authenticated on the domain they will not have to put in their credentials again through the FBA page.

(in reply to Gulab)

Post #: 3

Page: [1]	<< Older Topic Newer Topic >>

All Forums >> [Microsoft Exchange 2010] >> Installation >> Second OWA virtual directory using integrated windows authentication on CAS servers in NLB.

Page: [1]