Monday, January 27, 2014

Exchange 2013 Client Access Coexistence with Exchange 2007


I do a lot of coexistence migrations for customers. The following guide explains how Exchange 2013 Client Access coexists with Exchange 2007 during a long-term migration.

Note: If you are migrating from Exchange 2010 please see my companion article.

Greg Taylor had a fabulous session on Microsoft Exchange Server 2013 Client Access Server Role at TechEd 2013. I highly encourage you to watch it. For reference I've noted the time in the presentation that relates to each Exchange protocol below.  So, off we go...

The Key to Enlightenment

All client access services should point to the Exchange 2013 Client Access Server role (CAS2013). CAS2013 redirects to legacy.contoso.com for OWA and proxies everything else. Specific URLS are used if set, otherwise CAS2013 proxies.




Autodiscover (10:40)

Internal and external DNS must be configured to point to Exchange 2013 CAS.  MBX2013 delivers Exchange 2007 XML for the correct AD site.

Client à CAS2013 (proxyà MBX2013



Outlook Anywhere (OA) (19:17)

CAS 2007 must be enabled for Outlook Anywhere. If OA2007 authentication is already set to NTLM you're set, but if you're using Basic authentication:

CAS2007 - OA Client authentication: Basic / OA IIS authentication: Must include NTLM

  • Get-OutlookAnywhere -Server <server> | Set-OutlookAnywhere -ExternalClientAuthenticationMethod Basic -InternalClientAuthenticationMethod Basic -IISAuthenticationMethods NTLM
CAS2013 - OA Client authentication: Basic / OA IIS authentication: Basic

  • Get-OutlookAnywhere -Server <server> | Set-OutlookAnywhere -ExternalClientAuthenticationMethod Basic -InternalClientAuthenticationMethod Basic -IISAuthenticationMethods Basic

Client à CAS2013 (proxy)à CAS2007 à MBX2007



Outlook Web App (OWA) (25:50)

Set CAS 2007 ExternalUrl to legacy.contoso.com.  Make sure that legacy.contoso.com resolves to CAS2007 in internal and external DNS.

Client à CAS2013 (redirect)à CAS2007 (legacy.contoso.comà MBX2007



ActiveSync (33:15)

Convoluted path caused by limitations in CAS2007 code, but it works.

Client à CAS2013 (proxy)à MBX2013 (proxy)à CAS2007à MBX2007



Exchange Web Services (EWS) (36:15)

EWS settings always come from autodiscover.  If a mailbox is on 2007 has to get EWS from CAS2007. Set the CAS2007 InternalURL and ExternalURL to use https://legacy.contoso.com/EWS/Exchange.asmx

Client à CAS2007 (legacy.contoso.com)à MBX2007



5:05 PM