In Exchange Server 2007 the Client Access Server role was introduced. The purpose of the CAS role was to handle client connections to mailboxes, such as those made by Outlook Web Access, Outlook Anywhere or ActiveSync clients.
However the Mailbox server was still responsible for direct MAPI connectivity, ie users connecting with Microsoft Outlook clients.
Exchange Server 2010 changed this by adding the RPC Client Access service to the Client Access Server role. This service handles MAPI connections for Outlook clients connecting to mailboxes (Public Folder connections are still made directly to the Mailbox server).
This new RPC Client Access service delivers several benefits to the organization:
- Connections to mailbox resources are made via a common path
- Connection throttling and other rules can be applied to mailbox connectivity
- The end user experience during Mailbox server failovers is improved
For organizations wanting high availability of the RPC Client Access service multiple Client Access servers can be deployed in an array. This can be configured either with Windows Network Load Balancing (NLB) or a hardware load balancer.
This tutorial will demonstrate the steps for deploying Exchange Server 2010 as a Client Access Server array using Windows NLB.
Client Access Server Array Pre-Requisites
Two or more Exchange Server 2010 Client Access Servers can be configured as a CAS array using NLB as long they are not also installed as Mailbox servers that are members of a Database Availability Group (DAG).
The reason is that DAG members utilize Windows Failover Clustering, which can’t co-exist with NLB.
To demonstrate the setup of a CAS array the following servers have been provisioned.
Server #1
- Operating System: Windows Server 2008 64-bit R2
- Name: EX3.exchangeserverpro.local
- Primary Interface: 192.168.0.34/24
- Secondary Interface: 192.168.0.36/24
Server #2
- Operating System: Windows Server 2008 64-bit R2
- Name: EX4.exchangeserverpro.local
- Primary Interface: 192.168.0.35/24
- Secondary Interface: 192.168.0.37/24
The IP address allocated to the NLB cluster will be 192.168.0.38.
Installing the Exchange Server 2010 Client Access Server Pre-Requisites
On each server, from an elevated Windows PowerShell prompt, run the following commands.
PS C:\> Import-Module ServerManager
Note: In my lab the servers are also Hub Transport servers, and so I installed both sets of pre-requisites. I also use the -Restart switch to automate the restart of the servers, however you can remove this if you wish to control when the servers are restarted.
For only the Client Access Server pre-requisites:
PS C:\> Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy -Restart
For the Client Access Server and Hub Transport Server pre-requisites:
Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy -Restart
After the servers are restarted run the following command, again from an elevated PowerShell window.
Set-Service NetTcpPortSharing -StartupType Automatic
Installing the Exchange Server 2010 Client Access Server Role
From an elevated command prompt run the following unattended setup command.
Note: Again, my lab servers are also Hub Transport servers.
For only the Client Access Server role with Management Tools:
C:\admin\Exchange Server 2010> setup /m:install /r:ca,mt
For both the Client Access and Hub Transport Server roles with Management Tools:
C:\admin\Exchange Server 2010> setup /m:install /r:ca,ht,mt
Installing Windows Network Load Balancing
On each of the servers, from an elevated PowerShell window run the following commands.
PS C:\> Import-Module servermanager
PS C:\> Add-WindowsFeature NLB
Creating the NLB Cluster
After both servers have been prepared the NLB cluster can be created. On the first server launch the Network Load Balancing Manager from Administrative Tools.
From the Cluster menu choose New.
Connect to the first server for the NLB cluster.
Choose the interface that is to be used for the cluster, and then click Next.
Accept the default Host parameters and click Next.
Click Add and enter an IPv4 address for the NLB cluster, then click OK.
Click Next to continue.
Enter a name for the cluster. In this example I’m using casarray.exchangeserverpro.local. Click Next to continue.
Although the port rules can be made more specific, in this example the default rule is acceptable. Click Finish to complete the creation of the NLB cluster.
At this stage you should have a single host NLB cluster that is successfully converged.
Right-click the cluster name and choose Add Host to Cluster.
Enter the name of the second server and click Connect. Choose the interface to be used for the cluster and click Next.
Accept the default Host Parameters and click Next.
There are no changed necessary to the port rules, so click Finish.
You should now have a dual host NLB cluster that is successfully converged.
Creating the Client Access Server Array
Now that the NLB cluster has been formed we can create the CAS array in Exchange Server 2010.
First, register a DNS record for the NLB cluster name.
Next, launch the Exchange Management Shell on one of the Exchange servers and run the following command.
[PS] C:\>New-ClientAccessArray -Name CASArray -Site "Default-First-Site-Name" -Fqdn casarray.exchangeserverpro.local
Name Site Fqdn Members
---- ---- ---- -------
CASArray Default-First-Sit... casarray.exchangeserverpro.... {EX3, EX4}
Substitute the Name, Site, and FQDN as appropriate for your environment.
Updating Existing Mailbox Databases
When the CAS array has been established any new mailbox databases created on servers in that Active Directory Site will be configured with the CAS array as their RpcClientAccessServer.
However any existing mailbox databases need to be manually updates so that those mailbox users begin connecting to the new CAS array.
You can see here that the existing mailbox database on server EX2 is still configured with a standalone Client Access server as its RpcClientAccessServer.
[PS] C:\>Get-MailboxDatabase -Server EX2 | fl name, rpc* Name : Mailbox Database 02 RpcClientAccessServer : EX3.exchangeserverpro.local
To update all databases on the server with the new RpcClientAccessServer run the following command.
[PS] C:\>Get-MailboxDatabase -Server EX2 | Set-MailboxDatabase -RpcClientAccessServer casarray.exchangeserverpro.local
The change can be seen by running the same command as earlier.
[PS] C:\>Get-MailboxDatabase -Server EX2 | fl name, rpc* Name : Mailbox Database 02 RpcClientAccessServer : casarray.exchangeserverpro.local
Note that any existing Outlook profiles will not automatically update from the single Client Access Server to the new CAS array name. Those clients will not automatically failover to an alternate member of the CAS array when there is a server failure. You will need to update those profiles for them to receive the high availability benefits of the CAS array. This is one reason that it is important to establish CAS arrays prior to migrating user mailboxes to Exchange Server 2010.
About Paul Cunningham
That’s an excellen walk-through, thanks! Just wanted to add that NLB needs some additional configuring, it’s not recommended to keep the default port rule in place. Maybe and idea for part two?
Hi Jetze, thanks for pointing that out. I do want to work a few of the NLB best practices into this article on the next revision, or perhaps as a part 2 as you suggest. I’ll include port rules.
Is there any point in creating a CAS array with a single CAS server? I know that sounds like a daft question, but if I intend on adding new CAS servers in the future in an NLB cluster, would it not make sense to set this up now?
Hi Matt, not daft at all. You’ll note in the article that I point out the recommended practice is to establish CAS arrays before migrating users to Exchange 2010. So even establishing one as a single-node NLB cluster will save you effort later on, because you can simply scale out the NLB cluster with more nodes as required without having to reconfigure any Outlook profiles.
Thanks for the excellent article.
What is the difference between the NLB you created and a Failover Cluster? Will the NLB array be able to give high availability and redundancy or does this just balance the traffic going to the CASs?
Im asking because I just got done upgrading to 2010 from 2007 and now the suits want high availability. I installed 2008 R2 Standard which doesnt give HA because there is no clustering service unless you go enterprise or datacenter. Id rather not have to install an enterprise r2 server and move everyone off the standard then format the standard to put enterprise on it.
Any thoughts would be awesome!
You want to use NLB clustering for the CAS role, basically because it is based on IIS and the config across your CAS servers will all be almost the same. Failover clustering should be used for services such as SQL or the Exchange mailbox role (when separated from the other roles).
An NLB cluster does give high availability and redundancy based on the fact that there is a ‘heartbeat’ between all servers in an NLB cluster that will recognise when a server dies and will take it out of the cluster. The more servers in the cluster, the more resilient the cluster will be. Up to 32 nodes are possible. It is also possible to balance the load either equally or based on the power of the servers in the cluster e.g. with 3 servers where 2 have dual core CPUs and the other has an equivalent speed quad core, you could give more priority to the quad core so it handles more requests based on its power (this is a simplistic explanation).
NLB clustering works well when the service being balanced is the same across the group e.g. web based, VPN. Failover clustering works where the backend data is on shared storage e.g. a SAN. Each cluster host would take ownership of the clustered resources (disks, files shares, IP addresses etc.) whilst it is the active node – if it goes down, the heartbeat dying tells the passive node to seize ownership of these resources.
Effectively two different technologies for different situations. Failover clustering doesnt allow you share the load. Hope this helps.
Thanks for the reply. I read this post this morning and it prompted me to get more info on it.
As you can tell from the post, I have a complete setup using 2008 R2 standard and Exchange 2010 functioning very well but now have a need for high availability. Will this NLB cluster work for what im trying to do? I do NOT have the databases (mailbox and pub folders) on a shared resource so I would have to move the to a SAN to build a failover cluster. This post hints at the fact that I can build two separate servers with local resources and put them into a NLB cluster and it will work like a failover cluster….
Hi DJ, this post describes building a highly available CAS (Client Access Server) Array using Windows NLB.
HA for the Mailbox Server role is provided by the Database Availability Group (DAG) feature of Exchange Server 2010, which uses an underlying Failover Cluster (Exchange sets it all up automatically when you configure the DAG).
If you want HA of all Exchange Server 2010 roles you would normally start with a pair of CAS + HT servers in an NLB cluster, and a pair of MB servers in a DAG (4 servers total). That is the most basic HA configuration for Exchange Server 2010.
Note that DAGs don’t require shared storage resources unlike some of the clustering modes in previous versions of Exchange Server. Each DAG member maintains its own replica of the database(s), so it is in fact better to have separate storage for each DAG member.
I’m planning a walk-through article on setting up a DAG sometime in the next few weeks so if you are sitll stuck maybe that will help.
Please read my previous post. You should use a failover cluster for the mailbox role. For Exchange 2010, read about Database Availability Groups (DAGs). An NLB cluster is used to cluster services where the data\config is the same but separate on each server (think of a fancy round robin with bells and whistles).
If you had two mailbox servers in an NLB cluster, the mailbox databases on each would be different so you wouldn’t be balancing them.
Hi,
It is not clustering NLB/Failover related but Related to Client Access server question please answer.
I have 2 Exchange 2010 server EX1(Roles–>MB,CA,HUB and UM) and EX2 (Roles–> MB and HUB)
My CA URL is EX1.DOMAIN.COM
Exchange 2003server still there in the organisation
My question is see I am able to connect to mailboxes residing on EX1 using CA URL mentioned above.
But for mail boxes residing on EX2 the URL is not working means its not at all login in using same above URL
What modification I have to do on CA or DNS i want single name space for this.
I read your CA array config above so confused here
please help
You need to use a cert with multiple Subject Alternate Names (SAN) to take all your servers and the relvant services (e.g. Autodiscovery) in to account. I know some people who simply use a wildcard cert (myself included in one case) but as this thread explains:
http://www.petri.co.il/forums/showthread.php?t=43634
there are prerequisites to using a wildcard cert.
should i first migrate user mailbox 2003 to 2010 and then configure cas array,
i configured cas array and then migrate mailbox but migrated mailboxes don’t see the cas array name.profile is still trying to connect legacy exchnane.
ıs there a way to automatite this
Please could you help to provide me with a step by step guide to setting up and configuring ADDS on windows server 2008 and Exchange server 2010 on different Hardwares.
Thank you in advance
When you create an NLB and add the CAS/HUB roles to it, are there any special settings you need to do to prevent the hubs from load balancing to themselves for internal communication?
The NLB doesn’t handle Hub Transport traffic so you shouldn’t need to do anything special at all.
Hi Paul,
just to clarify, do you mean that normal hub transport to hub transport traffic is not dealt with my NLB? In an environment with no Edge Transport servers, the Hub transport servers can use NLB for incoming email from the Internet.
There is no need to load balance internal HT traffic. Incoming internet mail is a different story. You could load balance that if you like or just use two equal cost MX records (if you have enough public IP space to do it).
What is the recommended procedure to run maintenance on a 2 box CAS/HUB configuration? Do you just drainstop the one box, apply a rollup/update and re-add it to the NLB? Great article, by the way.
Hi Marc, it just so happens I’ve written an article about that here:
http://exchangeserverpro.com/how-to-install-updates-on-exchange-server-2010-cas-arrays
Hi Paul,
A very useful article; I managed to set up CAS for internal use. However I could not get it working for external access, using OWA. To make it simple, in a test environment, I set up a single node CAS. When NATting to the actual CAS, I can connect to the server from the outside; however, when I NAT to the CAS Array IP (NLB), I cannot connect. in both situations, I can connect to my CAS from computers on the LAN. I read a number of articles regarding this problem. they talk about unicast and multicast, VMs & Physical machines, static ARP, etc… I did all theses combinations, except for static ARPing. the result is the same. i get the same result for VM servers too. I use Win Server 2008 R2, Exch 2010 SP1 & router Dreytek Vigor 2820. Many thanks for your help in advance.
Hi,
I am trying to setup a CAS array. I am struggling after step 2.6
I created the NLB cluster on a host (Host1) which is my DC, Hub transport and CAS.
When I try to join Host 2 which is an additional DC in the same domain, CAS and Hub transport, that machine hangs. The modes I selected are affinity = single and multicast.
Could it be possible that the change of MAC addresses is causing this state in the addition of a host?
I tried restarting the Host2. It comes up and I could ping the fqdn of the Cas Array.
However in the NLB on Host 1 I see the error “NLB not bound” for Host2′s entry. How could I solve this?
Nice article. One thing that is missing is that you need to enable IP forwarding on the NLB NIC (Server 2008 R2 disables this by default). The command is this: netsh interface ipv4 set int “NIC2-NLB” forwarding=enabled
Hi Paul,
First of all I would like to thank you for your excellent walk through and providing useful articles like this.
I have done all the steps as given above in my lab. I have six virtual machines in which I have configured AD and DNS on one machine and CAS1 (Exchange 2010) , CAS2, Mailbox1 (for CAS1), Mailbox2 (for CAS2) and CASARRAY on another machines. And they all are in the same domain. I have added CAS1 and CAS2 in the nlb and gave ip address of CASARRAY as cluster IP. The status for CAS1 and CAS2 is showing “converged” in NLB. I have run command for creating new cas array and assigned mailbox to this cas array. But I am unable to open “OWA” page from cluster ip. Either it is opened by ip address of CAS1 or CAS2 but not through cluster’s ip.
So kindly give some comments about above to resolve the issue.
Thanks and Regards,
Avinash
When you say “unable to open…” what do you mean? Is there an error message?
No it’s not an error message. The page is giving error like try again. Means it does not have any service like OWA, i guess.
OWA can work through an NLB cluster just fine. If its working when you hit the CAS directly then start troubleshooting.
Is DNS for the CAS array name working properly? Ping, nslookup, etc
Is there an IE proxy setting causing a problem? Sometimes you need to set exceptions in IE’s proxy settings or your ISA server so clients go directly to the URL.
Is the port rule configure correctly on the NLB?
Can you see the access attempts in the IIS logs on the CAS servers?
Yes, DNS for the CAS array is working good. I have also tried it without any proxy. I have set the port rule as on default settings.
Did you enable IP forwarding on the NLB NIC (Server 2008 R2 disables this by default). The command is this: netsh interface ipv4 set int “NIC2-NLB” forwarding=enabled, where “NIC2-NLB” would be the name of the NIC used for NLB. I mentioned this in a previous comment.
Nice Work and very helpful to the New Exchange 2010 Administrators who willing to learn. Keep it up me8…
Hi Paul,
nice article. Having one question, I am having right now exchange 2007 environment, CAS array is there.
we are planning to transition to 2010 full redundant setup with DAG and CAS array, now what is the process of introducing a new CAS 2010 array. as you know you cant create two CAS array in the same site, how can we solve this issue?
Nazmi, the Client Access Server Array is new to Exchange 2010. What do you mean when you say you’re running an Exchange 2007 CAS array?
you are right,
working more hours daily sometimes lead to selly question:)
please delete my post
Hi Paul,
I have a question for you about NLB & Cas Array. I Have 1 HT server, 2 CAS&Mailbox server. I created NLB for 2 CAS&Mailbox server & Create DAG. After they successful created, my client in outlook 2003/2007 cannot discover the server for Cas Array, I try to ping the hostname & ip for Cas Array, but not resolved(RTO). And then i try ping my IP/hostname Cas Array from my one cas&mailbox server is resolved.
I try to discuss about they problem with my network tim, but they say my IP Cas Array must be have an Ip gateway to resolved this issue. Because the ip from server with the client is diffrent segmentation. I say my network tim about Cas Array don’t have an IP Gateway, when I set the NLB, I just can set the IP and Subnetmask. My Question is, can’t NLB/Cas Array used at the diffrent Ip segmentation??
1 HT Server= Ip. 10.60.1.3
1 CAS&Mailbox Server(have 2 NIC)= Ip. 10.60.1.4—>Replication Ip. 10.10.10.1
1 CAS&Mailbox Server(Have 2 NIC)= Ip. 10.60.1.5 —>Replication Ip. 10.10.10.2
CasArray/NLB = Ip. 10.60.1.6
DAG Ip. 10.60.1.7
Ip Gateway. 10.60.1.1
PC Client Ip scope. 10.64.1.15 – 10.64.1.85(DHCP)
PC Client Ip scope. 10.65.1.15 – 10.64.1.85(DHCP)
Thank’s
Hi Satriyo, NLB and DAGs aren’t compatible. If you want your Mailbox servers to be in a DAG then they can’t also be in an NLB cluster. The two features just don’t work together.
In your situation the options are to separate the CAS and Mailbox roles, or use a Hardware Load Balancer for the CAS Array instead of NLB.
Paul… Thank you for the great article, it is most helpful. We had to rebuild our CAS/HUB servers and mistakenly forgot to recreate the CAS Array during our initial migration. So, my understanding is first make a new CAS Array, stamp the existing databases to use the new CAS array then update the Outlook clients so that they may make use of the HA now available. My question is: After I create the CAS Array and update the databases will my existing clients (which are all directed to only one of the CAS servers) still function? If so, I can update at my leisure, by doing a profile repair, a “check name” on the profile or by migrating everyone to a new database that has the CAS Array as default. Is my thinking correct?
Hi DP, yes clients that are still pointing directly at a CAS instead of the CAS Array will still work, they’ll just have no HA benefit. Your plan to update profiles is fine.
Hi,
we’re going to set up Exchange 2010 next year and we plan to cluster it. Let’s say we use NLB for a CAS Array and use DAG on a total of 4 servers.
DAG features “lagged” databases, is it even possible to use this feature in a CAS Array? It isnt, right? Because some clients would be redirected to the lagged database!? How many Exchange servers would you need to cluster the Mailbox AND use lagged databases?
Thanks 4 help
Hi Benjamin, though you can install the CAS and Mailbox roles together on servers a server can be a member of an NLB-based CAS Array or a DAG but not both at once.
If you want to the CAS/MB roles to co-exist in a DAG you’d need to use a hardware load balancer for the CAS Array.
Anyway, to answer the other part of your question, a CAS (whether in an array or standalone) will connect the user to their mailbox on the active database copy only, never on a passive replica (whether that passive replica is lagged or not).
If you want to use lagged copies I recommend having at least three replicas of each database, so that would be a minimum of three MB servers in the DAG.
Hi Paul, I have found your article very useful. Thank you.
Can you explain to me what happens if the CAS server which has the NLB configuration on it goes down? Does this stop the CAS array from working? Would it be better to have NLB on a totally different server all together?
Many thanks,
Karl.
If there are two or more NLB cluster members then it can survive one server going down, the other server(s) continue to serve requests sent to the NLB virtual IP.
If you want to separate your load balancing from your CAS servers you’d need to look at hardware load balancers.
Hi Paul,
I have question about the CAS HT server, I have 2 Exchange 2010 servers that has CAS,HT and Mailbox installed on 2 separate servers.
The 2 Exchange servers are members in a DAG group and that works fine.
I simulated a test when one node dies for a exampel, that is my Exchange01 the first server that was installed, i changed the dns records and ip on the second backup Exchange server “EXCHANGE02″, but when I start up the EMC and go to server config -> Client Acceess, and point on the Exchange02 it says “The task wasn`t able to connect to IIS on the server “Exchange01.itsthlm.local”" Make sure that the server exists and can be reached from this computer. RPC-servern is not reachable. It was running the command “Get-OwaVirtuallDirectory”.
When I access the https://localhost/owa on the second server “EXCHANGE02″ i can login and send mails but not receive. The mails that recevies are stuck in the mail queue on the “EXCHANGE02″.
I have test with several commands like Set-RpcClientAccess, Set-OwaVirtuallDirectory etc etc and point it on the EXCHANGE02 but the same error in EMC could not contact the “EXCHANGE01″ but that server is dead….
Do I have missed a powershell to take over the whole CAS and point it on the Exchange02??
I want to set EXCHANGE02 as a primary CAS server what powershell command is that?
Best Regards
Michael Szymanski
Hi Michael…
Ok first, understand that you can’t run an NLB cluster on the same servers that are also DAG members. I assume you realise that, I just want to be clear. So by the sounds of it you are not running a CAS Array of any kind (whether using NLB or a hardware load balancer).
This article is about CAS Arrays. It sounds to me like you’re trying to create a DR solution without using a CAS array, which is going to be far more complex and less reliable, as you’ve discovered.
Second, you’ve changed the IP address of your second Exchange server? There should be no need to do that. I don’t understand why you’ve done that.
Third, yes you’ll often get errors like that in the EMC when one of your servers is down.
Fourth, whether your mail can send/receive is more to do with your Hub Transport roles and whether they are working properly, and whether your incoming SMTP from the internet is set up correctly in your firewall and DNS etc.
Finally, I think you need to go back to the start and work out your DR strategy a little more. I don’t know enough about your environment or what you’re planning to achieve to give much more detail at this point.
Hi Paul,
What about if my Outlook machines belong to a different CAS array? Will they be automatically update to the new CAS array? I’m in the migration process of Exchange 2007—>Exchange 2010. Client already had CAS array in Ex2007. I’ve created a different CAS array name for the 2010. During mailbox migration I’m wondering about the impact of CAS array name change for the end users.
Thanks,
Susantha
Hi Susantha, Exchange 2007 did not have CAS Arrays as a feature. Are you referring to something else?
So when I create the CASArray name would this be a different fqdn then I use for OWA ie mail.company.com if so do I need to have the CASArray name on my SAN certificate for when my outlook users connect?
Great article Paul. What are the pros and cons of NLB versus a hardware load balancer for a CAS array?
Hi Jeff, this would be a good video to watch if you want to learn more (and I mean *lots* more) about load balancing for Exchange:
http://channel9.msdn.com/Events/TechEd/Australia/Tech-Ed-Australia-2011/EXL304
Dear Paul thank you for you article
but when i run the command
Get-MailboxDatabase -Server EX2 | Set-MailboxDatabase -RpcClientAccessServer casarray.exchangeserverpro.local
the error of casarray.domain not found
i did all the steps as you mentioned
The RPCClientAccessServer you specify needs to be a valid Exchange server or CAS array object for the command to be successful.
Has anyone noticed in this config (using dual NICs) that you get an event log error 4319 that says A duplicate name has been detected on the TCP network. Now, I’m pretty sure that unchecking “File and Print Sharing for Microsoft Networks” on the NLB NIC will solve my problem but I haven’t done that just yet (waiting until after we close for the day). Is there a different solution?
Hi Corbett, that should work fine.
Paul;
Thanks for the article. I am getting ready to implement a CAS array with a hardware load balancer. My question actually has to do with our Edge Transport servers. Are their any changes that need to be made on the Edge Transport servers when dealing with a CAS Array. I am not sure if you answered this question anywhere above (at least I didn’t see it if you did).
Regards.
The Edge and Client Access roles don’t relate to each other. The Edge will send mail to the Hub Transports in the site it is subscribed to.
Hi Paul
I have used your article to set up a CAS Array.
It all works fine, NLB and the Array. there is only a few test users on the Exchange 2010 system and no connectors, until now.
Problem is that we have a Exchange 2003 server that is a “all-in one” (The old one). and the system is
the main Exchange server for all the users. and now after I have setup Connectors and try to test the mail flow, I can see that the 2010 system can’t send to the 2003 system, and the opposite way.
Also when try to accessing the Legacy mailbox users in the 2010 Management console, I receive a error, telling that the system can’t see the mailbox server (2003).
I have tried to re run all the settings and have searched the web for a solution.
Do you have any ideas?
Right now I am removing the CAS Array.
Regards Preben Madsen
great article! setting up a cas array using vmware vm’s any suggestions as far as unicast or multicast?
and if so what considerations to take in the vswitches?
I’ve followed you article and have been running our CAS array for 6 months in production without any issues. We have four Exchange servers; two CAS/HT servers (NLB) and two MBX servers (DAG). All four servers are virtual using 2008 Hyper-V R2.
We recently tried to move one CAS/HT server to a Cisco UCS system and found that our CAS array even though appeared to be functional, was not. Our Cisco vendor stated that Unicast cannot be used and we need to use Multicast mode instead. I imagine that I need to break down the WNLB and recreate choosing Multicast but since Unicast is the recommendation for WNLB, what are the issues that I might see with Multicast?
With Multicast, do I still use two NIC’s on the CAS/HT or change it to just one NIC?
Hi Paul,,
Great Article, we used your article as basis for our NLB implementation, however, i have a question in mind.
we got a problem in our first setup upon implementing NLB. Please take a look below.
Previous Setup:
2 CAS,HT Servers
2 MB Servers— DAG
now in the setup above, we encountered an issue because after we are done configuring NLB on the 2 servers which has the role of CAS/HUB, our DAG got crazy.. ^_^ i mean it cannot replicate on its database copy and cannot failover seamlessly.
my question is that is it Possible to configure NLB on servers having CAS/HUB Roles at the same time?
Our resolution is to separate all roles. see current setup below.
2 CAS Servers–NLB
2 HUB Servers
2 MB Server -DAG
NLB and DAG works perfectly but our HUB is not automatically redundant.
Your thoughts would be a great help.
Hi Pual
my environment is like below
1. 2 MB server – DAG
2. 2 CAS server – CAS/HUB
But just like know few things
First, NLB and CAS array is necessary to have High Availiblity in CAS/HT server
Second, I already done the migration of our users it will be around 350 users would like to setup CAS array is there any harm does it require any restart of CAS servers
Third, I would like my DAG whether it works fine or not without any downtime is there any steps can I perform
Your help in this regard would be great help
Hi Ehsan,
1) A CAS array with either NLB or a hardware load balancer is required for CAS high availability. HT high availability can be achieved by simply installing more than one HT in a site, no need to load balance that traffic as Exchange does it automatically.
2) No harm, however you will need to look at updating the profiles on the existing users as they will still point directly to one CAS not the new CAS array.
3) I don’t understand the third question, sorry.
Hi Paul,
I have an existing client access array for exchange 2007. I have now installed 2 exchange 2010 CAS servers (Same AD site.Same forest, same subnet where the exchange 2007 cas/ht/mbx servers reside). When I run the get-clientaccessarray cmdlet on Exchange 2010, I get a blank response. I checked and the CAS array with the FQDN of prod-mailbox.xyz.com does exist for this AD site. So here’s my question, when the clients mailboxes are moved to the new exchange 2010 database, the outlook user profile will still point to the existing cas array (prod-mailbox.xyz.com) yet, the mailbox will not be there.
The existing exchange 2010 mailbox servers and databases are pointing the localhostname.server.name for CAS. How can I create or these servers to the existing CAS array or can’t I?
What will happen? I hope I didn’t’ ramble on too much, but this is a huge concern.
Thanks in advance for your response.
Tash
There is no CAS array in Exchange 2007. prod-mailbox.xyz.com may just be a friendly DNS record that points to your Exchange 2007 mailbox servers in your enviroment.
Client Outlook profiles will be redirected to the new CAS array once there mailbox is moved to Exchange 2010 providing the CAS array is set on all the DB.
Aha. I’ll have to start digging into the existing record, wherever the exchange 2010 system is seeing that from.
Thanks Paul !
I understand that you can create an array with just one CAS, which is what I’ve done. I also understand that I can add another CAS to the existing array, which is what I plan to do. The question is, what is the cmdlet to add the new Cient Access Server to the existing CAS array?
Hi Doug, think of the Client Access Server array itself as a pointer. It associates an AD Site with a DNS name for RPC client access, which resolves to an IP address.
If you establish a single-server CAS Array in the site (which Microsoft does now recommend as best practice) you are pointing your DNS record at that server’s IP address.
When you later wish to scale out to multiple CA servers for high availability, you install them into the site and then establish a new load balanced IP address (using either Windows NLB or a hardware load balancer), and then update your DNS record to point to that new IP address.
The load balancer (or NLB if you choose) then handles the distribution of client traffic across all of the CA servers in the “array”, not Exchange itself.
Hope that helps.
Hello Doug,
After a Client Access server array is defined within an Active Directory site, all Client Access servers within that Active Directory site are automatically part of the Client Access server array.
http://technet.microsoft.com/en-us/library/ee332317.aspx
Hi Pete, correct, and then in addition to that the FQDN of the CAS Array itself needs to point to an IP that will load balance the traffic across all available CA servers.
OK. I think I’m catching on. So, the array name, or FQDN, is really an rpc client access pointer for mailbox databases. When another CAS is added to the AD site, I need to configure it’s IP on the NLB as another server that the array VIP points to. That all makes sense.
So, I setup CAS02. Configure it’s IP on the NLB for ARRAY01 VIP to point to. Then, it will be part of the load balanced array and direct Outlook clients to their proper mailbox database. Am I on the right track?
Would the new CAS02 server then show up as CAS Array member server when the Get-ClientAccessArray cmdlet is run?
Thanks for the quick responses guys, by the way. I really appreicate it.
Hi Doug,
Yes as soon as the new CAS is in that site, it will appear in the Get-ClientAccessArray output as a member for that site’s CAS Array object. It will do that whether it is a member of an NLB or not.
And yes, if you’ve already got an NLB VIP you’ll need to add that new CAS to the NLB before it can participate in the load-balanced client traffic.
Hi Paul:
We have a 3 server DAG with a 2 server CAS Array using NLB. The 3 DAG servers also have the CAS role installed and we have run into issues where clients have connected to a particular DAG node for free/busy lookup. For example, if we put DAG001 into maintenance mode, it will not have any active mailboxes so you’d think that rebooting that node wouldn’t cause any issues. It turns out that if we were to reboot that node in the middle of the day, users who have connected to it for free/busy lookup will get an error.
Does it makes sense to remove the CAS role from all 3 DAG nodes? Would there be any configuration files that we need to edit after we do that, or will Autodiscover and such take care of redirecting clients to the 2 CAS NLB nodes only? Thank you.
Yeah the issue is that you’re rebooting your Client Access server (that co-exists with the Mailbox server role on that node), that clients are connecting to for Availability service lookups. Makes sense that would cause issues.
What I recommend you look at is pointing your EWS URLs at a DNS name that resolves to your load-balanced IP address(es). There is an article here on TechNet that described this:
http://technet.microsoft.com/en-us/library/aa997237.aspx
Paul: Thank you for your reply. That seems like it will work and we can leave the CAS role installed on the DAG MB servers. I really appreciate how you take the time to reply to the comments that your visitors post. I don’t know where you find the time to do it, but it’s very helpful.