Exchange Q & A: CAS array-server roles, client creation, load balancing, and more

Understanding server roles

Q: I plan to upgrade the environment from Microsoft Exchange 2007 to Exchange 2010. This implementation must be completely redundant at all levels. Since our organization has approximately 3,000 users, I plan to install Exchange on two computers at the beginning. Each computer has hub transmission (HT), Client Access Server (CAS), and mailbox (MB) server roles. These two computers are also members of the Database Availability Group (DAG), so the database will be copied between these servers.

By using the current Exchange environment, I know that if the HT and MB roles are on the same computer, the Microsoft Exchange mail submission service will always prefer the local HT server. It does not use other HT servers in the Active Directory site cyclically as the MB server without the HT server role.

If Exchange 2010 adopts this method, the problem may occur. It makes no sense to keep the transfer dump in the DAG member. If the member server is unavailable and the mailbox database fails to be transferred to another DAG Member, messages in the transfer dump cannot be resubmitted.

A: I understand your concerns. First, I want to assure you that the Exchange product group has considered this situation. The team made design changes early in the Exchange 2010 development phase. If the Exchange mail submission service detects that it is running in the mailbox server section of the DAG, it does not prefer the local HT server, but implements load balancing between other HT servers of the same Active Directory site. If it cannot find any other HT server, it will be rolled back to the local HT server.

The Exchange mail submission service running in the MB role is not the only content changed by developers. They also modified the HT role. If the server where the HT role is installed has a MB role and the server belongs to the DAG, the mail can be re-routed to other HT servers in the Active Directory site. The product group has made changes to this aspect to ensure high availability when the HT and MB roles coexist on the same server as the DAG member.

Client Access Design

Q: to redesign the Exchange 2010 solution, you must determine the number of client access server (CAS) arrays to be created. We will have two data centers, each of which has its own Active Directory site. Should we create an array for each site or multiple arrays?

Furthermore, we will use DAG to protect the mailbox database and distribute copies of each database across two sites. If you want to fail over or switch to another site of the connected user, do you need to manually reconfigure the DNS so that the client points to the CAS array of the other site?

A: The process of determining the number of CAS arrays should be relatively simple. You cannot create more than one CAS array for each Active Directory site. If you try to create multiple arrays, the error message shown in Figure 1 is displayed.

Figure 1 error message displayed when you try to create a second CAS array in an Active Directory site.

Because any CAS array in the environment can access the mailbox database, there is no need for multiple CAS arrays. Even if multiple CAS Arrays can be created, only the first array is used.

For your other questions, as long as at least one CAS server in Site 1's CAS array is available, you don't have to reconfigure DNS to make the client point to the array of another site after switching or failover. The CAS server in Site 1 communicates directly with the mailbox server through RPC as the user storage activity database in Site 1.

Create a client

Q: Are there any best practices for creating an Exchange 2010 CAS array on the Active Directory site?

A: We recommend that you create a CAS array before creating any mailbox database or moving any mailbox to the Exchange 2010 mailbox server on the site. The Exchange 2010 mailbox database has a feature named RpcClientAccessServer. If the CAS array is not found in the Active Directory site when you create a database, this feature is populated with the server FQDN of the Exchange 2010 CAS server in the Active Directory site. If you create a CAS array before creating any mailbox database, the FQDN of the CAS array is provided for this feature, as shown in figure 2.

Figure 2 RpcClientAccessServer features of the mailbox Database.

Why? Outlook clients, whether Outlook 2003, 2007, or 2010) will not automatically extract changes. If Outlook 2007 or 2010 is used, you can update the configuration file by making the old RPC endpoint unavailable or executing the configuration file repair. However, Outlook 2003 cannot change the endpoint or provide the configuration file repair function. In this way, you cannot manually change the configuration file by deleting the user name, adding the user name again, and then clicking "Check name. This method is not applicable to end users. Therefore, you must create a CAS array in advance.

CAS array load balancing

Q: We plan to use a hardware Load balancer instead of Windows NLB for CAS arrays. Therefore, we want to know if we can set a static port for the new Exchange 2010 RPC client to access the service. Suppliers of hardware Load balancer do not recommend using dynamic ports. If you can set static ports for this service, which specific ports are recommended?

A: Like in earlier versions, you can also set static ports for the rpc ca Service in Exchange 2010. You need to set a static port for the service and the Exchange Address Book Service, because Outlook communicates with these two services through MAPI. At the same time, public folders will still be connected to the mailbox server.

To set a static port for the rpc ca Service on the CAS server, open the Registry on each CAS server in the CAS array and Navigate to HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ services \ MSExchangeRPC. Create an item named ParametersSystem and create a REG_DWORD named TCP/IP Port under this item. The DWORD value should be the port number to be used, see Figure 3 ).

For static RPC ports, we recommend that you use ports not allocated or used in the enterprise network. Otherwise, there is no best practice. Microsoft IT selects to use TCP/IP port 7575 in the company's enterprise network. You should use the most suitable port.

To set a static port for the Exchange Address Book Service, open the file microsoft.exchange.addressbook.service.exe. config in notepad, which is located in C: \ Program Files \ Microsoft \ Exchange Server \ V14 \ Bin. Then, change the port value to the TCP/IP Port to be used. The rpc ca and Exchange address book services cannot use the same TCP/IP Port.

Figure 3 configure a static port for the rpc ca Service on the CAS server.

After configuring the port, You need to restart the Microsoft Exchange address book and Microsoft Exchange RPC client to access the service. To set a static port for a public folder connection, perform the same steps as the TCP/IP Port used to change the rpc ca Service. The only difference is that you must also perform these steps on the Exchange 2010 mailbox server, because the public folder connection needs to be performed on the rpc ca Service in the mailbox server role. After setting a port for a public folder connection, you need to restart the Microsoft Exchange RPC client to access the service on each mailbox server.

Outlook connection

Q: As far as I know, only Outlook 2007 and 2010 can connect to the RPC CA Service or CAS array. Is that true?

A: In the past, the Exchange 2010 document pointed out that the Outlook 2003 client cannot connect to the rpc ca Service or CAS array. This is a document error. The Outlook 2003 Client is fully supported. Make sure that you enable RPC encryption in the Outlook configuration file or disable RPC encryption on the CAS server. From a security perspective, Microsoft recommends that you enable RPC encryption in the Outlook configuration file. You can use group policies to perform this operation. For more information, see the Knowledge Base Article "connection problems between Outlook and Exchange 2010 mailboxes due to RPC encryption requirements ."

Use Windows NLB for Load Balancing

Q: Do the FQDN of WNLB need to match the FQDN of the CAS array when using Windows Network Load Balancing (WNLB) to balance the communication sent to the Exchange 2010 CAS array?

A: This is not required at all. For example, when using Windows NLB to balance the load of communications sent to CAS arrays, you can specify an FQDN for Windows NLB, for example, casarray01.contoso.com, and assign outlook.contoso.com to the CAS array. You can do this, which is fully supported. As long as the internal DNS record of the CAS array points to the virtual IP address of WNLB, it can work normally.

Original article: http://technet.microsoft.com/zh-cn/magazine/ff626260.aspx

Source: Microsoft TechNet Chinese site