When you first install Exchange Server 2016 it is pre-configured with default URLs for the various HTTPS services such as OWA, ActiveSync, EWS, and others.
The default URLs contain the fully qualified domain name of the server. So for example if your server name is “ex2016srv1.lyncit.net” then the default URL for OWA will be “https://ex2016srv1.lyncit.net/owa“.
Problem with this approach is
1. Users cant remember the server FQDN
2. We cant load balance
3. Internal domain will not valid for external recprds like domain.local
The recommended practice is to change the URLs configured on your Exchange 2016 servers to aliases or generic host names such as “mail.domain.com” after you first install the server.
My lab setup
DC1.LYNCIT.NET - Domain controller
EX2016SRV1.LYNCIT.NET - Exchange 2016 server1
EX2016SRV2.LYNCIT.NET - Exchange 2016 server2
EX2016SRV3.LYNCIT.NET - Exchange 2016 server3
As i mentioned earlier all my URLs for the various services are configured with local server FQDN.
If you take EX2016SRV1,
OWA internal URL configured as - https://ex2016srv1.lyncit.net/owa
Outlook anywhere - ex2016srv1.lyncit.net
ECP - https://ex2016srv1.lyncit.net/ecp
OAB - https://ex2016srv1.lyncit.net/oab
EWS - https://ex2016srv1.lyncit.net/EWS/Exchange.asmx
MAPI - https://ex2016srv1.luncit.net/mapi
ActiveSync - https://ex2016srv1.lyncit.net/Microsoft-Server-ActiveSync
AutoDiscover - https://ex2016srv1.lyncit.net/Autodiscover/Autodiscover.xml
We can see the above information by using ther respective Get command.
For OWA its "Get-OWAVirtualDirectory".
In this article we are going to implement load balancing using single namespace method.
I planned to use "mail.lyncit.net" as a namespace for the services.
Create DNS record
First we have to create a DNS A record for "mail.lyncit.net" for each server IP. Its nothing but a DNS roundrobin method.
Assign namespace to virtual directories
We have to assign the namespace to all HTTPS services virtual directories using the respective "Set" command.
To set internal URL using powershell
Get-OwaVirtualDirectory -Server ex2016srv1.lyncit.net | Set-OwaVirtualDirectory -ExternalUrl $null -InternalUrl https://mail.lyncit.net/owa
Get-OabVirtualDirectory -Server ex2016srv1.lyncit.net | Set-OabVirtualDirectory -ExternalUrl $null -InternalUrl https://mail.lyncit.net/oab
Get-EcpVirtualDirectory -Server ex2016srv1.lyncit.net | Set-EcpVirtualDirectory -ExternalUrl $null -InternalUrl https://mail.lyncit.net/ecp
Get-mapiVirtualDirectory -Server ex2016srv1.lyncit.net | Set-mapiVirtualDirectory -ExternalUrl $null -InternalUrl https://mail.lyncit.net/mapi
Get-ActiveSyncVirtualDirectory -Server ex2016srv1.lyncit.net | Set-ActiveSyncVirtualDirectory -ExternalUrl $null -InternalUrl https://mail.lyncit.net/Microsoft-Server-ActiveSync
Get-WebServicesVirtualDirectory -Server ex2016srv1.lyncit.net | Set-WebServicesVirtualDirectory -ExternalUrl $null -InternalUrl https://mail.lyncit.net/EWS/Exchange.asmx
we have to do the above for all servers.
Create certificate
Since i have internal CA i am going to use self signed certificate option to assign the request to internal CA immediately and sign the certificate.
Click finish. It will sent the request to internal CA and if you have everything setup correctly, you will get a signed certificate and you can assign that to IIS.
We have to assign this certificate to IIS. we can also use this cert for SMTP, POP and IMAP.
Restart IIS on all three servers.
Verify the outlook connectivity
Before the change
Test outlook connection switch over
1. Ping mail.lyncit.net and check to which server IP its resolving
2. Down that server
3. Outlook will disconnect
No comments:
Post a Comment