Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
cas array failover, user and password prompt is it "normal"
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
cas array failover, user and password prompt is it &quo... - 3.Aug.2011 6:01:05 PM
|
|
|
turbomcp
Posts: 21
Joined: 27.Jul.2006
Status: offline
|
Hi guys and girls
i have a question regrading this article:
http://www.msexchange.org/articles_tutorials/exchange-server-2010/management-administration/planning-deploying-testing-exchange-2010-site-resilient-solution-sized-medium-organization-part11.html
i am specificly talking about a situation where the mailbox is connected to server4 and cas server 3 and server3 goes down(lets say for patching)
and the users gets prompt for username and password(because he is redirected to another cas server)
i have isolated the "known" outlook anywhere prompts when switing databases so it has nothing to do with this thing(by switching to ntlm)
i have noticed the same behaivour(using same load balancers) in my lab setup and i am wondering : is that normal? does it act diffrently with other load balancers?
Thanks in advance
< Message edited by turbomcp -- 3.Aug.2011 6:03:23 PM >
|
|
|
|
RE: cas array failover, user and password prompt is it ... - 5.Aug.2011 11:26:39 AM
|
|
|
travis.sheldon
Posts: 359
Joined: 16.Sep.2010
Status: offline
|
The rough answer is 'yes' it is normal behavior..but it all depends on your setup.
Because CAS3 was holding your authentication token, once it goes down, essential you're unauthenticated when you fail over to CAS4.
However, if you're using an NTLM connection with cached credentials or you're local to the lan, it should automatically authenticate with CAS4 without prompting.
I use pulse/piranha on CentOS as my load balancers and I frequently shut off CAS servers throughout the week and I dont get complaints about password reprompts. All of my users are external to the network and accessing it through public interfaces.
If for instance you're doing cookie authentication, then it's an entirely different ballgame.
|
|
|
|
|
RE: cas array failover, user and password prompt is it ... - 5.Aug.2011 5:00:49 PM
|
|
|
turbomcp
Posts: 21
Joined: 27.Jul.2006
Status: offline
|
Thanks
i have noticed afew things after testing many diffrent configurations
but switching to ntlm solves the prompt for user/pass even when switching db's.
but didnt solve my issues with switching cas
what solved it(and again thats my setup)
was to switch oa using the set-outlookprovider to *.domain.com
after doing this i dont get any prompts anymore no matter what client and what config(cached,online,oa)2003-2010
i am using kerberos,wildcard and ssl acceleration
i will post full info later if i have time
< Message edited by turbomcp -- 5.Aug.2011 5:02:44 PM >
|
|
|
|
|
RE: cas array failover, user and password prompt is it ... - 6.Sep.2011 12:58:38 PM
|
|
|
moto822
Posts: 2
Joined: 28.Aug.2011
Status: offline
|
hey TurboMCP,
I am working on testing this exact senerio, I currently cannot get around the prompt. I am in the process of enabling Kerberos instead of NTLM to see if I can get around it. Any info you are doing would be great.
Moto
|
|
|
|
|
RE: cas array failover, user and password prompt is it ... - 1.Apr.2012 12:35:13 AM
|
|
|
themaster1700
Posts: 6
Joined: 1.Apr.2012
Status: offline
|
Our setup for Exchange 2010/Outlook 2010
2 X CAS
2 X Hubs
2 X DBS
2 Kemp load balancers
All virtulised on VMware
Everything works great except that the CAS array will not fail over on taking either Cas server down, any client connected to the CAS server I reboot instantly gets prompted for a username and password, I read lots of docs and it looked like the Kerberos authentication with shared computer account was supposed to fix this, but in our case it does not. We are testing in connected and cached mode, different VLans but seems to make no difference.
Any help/suggestions welcome
< Message edited by themaster1700 -- 1.Apr.2012 5:39:16 AM >
|
|
|
|
|
RE: cas array failover, user and password prompt is it ... - 13.Apr.2012 4:49:10 PM
|
|
|
themaster1700
Posts: 6
Joined: 1.Apr.2012
Status: offline
|
Think I fixed this, I removed all http from the SPN and it now works will test more next week but looks better.
|
|
|
|
|
RE: cas array failover, user and password prompt is it ... - 3.Jun.2012 4:02:36 PM
|
|
|
themaster1700
Posts: 6
Joined: 1.Apr.2012
Status: offline
|
Spent about 3-4 days on this with Microsoft, turns out CAS failover is not supposed to happen for a failed server even though 1 version of Outlook will fail over, "this is be design", thats what I got back from the MS Exchange design team
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
