Exchange 2007 Client Access Coexistence with Exchange 2013

Monday, January 27, 2014

I do a lot of coexistence migrations for customers. The following guide explains how Exchange 2013 Client Access coexists with Exchange 2007 during a long-term migration.

Note: If you are migrating from Exchange 2010 please see my companion article.

Greg Taylor had a fabulous session on Microsoft Exchange Server 2013 Client Access Server Role at TechEd 2013. I highly encourage you to watch it. For reference I've noted the time in the presentation that relates to each Exchange protocol below.  So, off we go...

The Key to Enlightenment

All client access services should point to the Exchange 2013 Client Access Server role (CAS2013). CAS2013 redirects to for OWA and proxies everything else. Specific URLS are used if set, otherwise CAS2013 proxies.

Autodiscover (10:40)

Internal and external DNS must be configured to point to Exchange 2013 CAS.  MBX2013 delivers Exchange 2007 XML for the correct AD site.

Client à CAS2013 (proxyà MBX2013

Outlook Anywhere (OA) (19:17)

CAS 2007 must be enabled for Outlook Anywhere. If OA2007 authentication is already set to NTLM you're set, but if you're using Basic authentication:

CAS2007 - OA Client authentication: Basic / OA IIS authentication: Must include NTLM

  • Get-OutlookAnywhere -Server <server> | Set-OutlookAnywhere -ClientAuthenticationMethod Basic -IISAuthenticationMethods NTLM
CAS2013 - OA Client authentication: Basic / OA IIS authentication: Basic

  • Get-OutlookAnywhere -Server <server> | Set-OutlookAnywhere -ExternalClientAuthenticationMethod Basic -InternalClientAuthenticationMethod Basic -IISAuthenticationMethods Basic

Client à CAS2013 (proxy)à CAS2007 à MBX2007

Outlook Web App (OWA) (25:50)

Set CAS 2007 ExternalUrl to  Make sure that resolves to CAS2007 in internal and external DNS.

Client à CAS2013 (redirect)à CAS2007 (legacy.contoso.comà MBX2007

ActiveSync (33:15)

Convoluted path caused by limitations in CAS2007 code, but it works.

Client à CAS2013 (proxy)à MBX2013 (proxy)à CAS2007à MBX2007

Exchange Web Services (EWS) (36:15)

EWS settings always come from autodiscover.  If a mailbox is on 2007 has to get EWS from CAS2007. Set the CAS2007 InternalURL and ExternalURL to use

Client à CAS2007 (à MBX2007