Client accessing a specific server under a vip ACE Module

Hi All,
I have a need to allow QA/developers to check updated appliactions on a particluar server.
Is there any way on an ACE blade to allow a client to access a particular server under a vip?
The ACE is configured in Routed mode and the version is A2.3.4.
Any help or pdf's would be much appreciated.
Thanks.
Jack.

Hi,
Thanks for the response.
I have one more query, that I would appreciate some assistance with.
If I have an exisitng serverfarm with 6 rservers in it, is there any way to direct a specific client to a specific server.
I understand in one respect that if they are all inservice this may not be possible, but I thought I would ask the question anyway.
Thanks again for the assistance.
Jack

Similar Messages

  • Cannot access one specific server

    Hi!
    I'm using an eMac G4 to manage my website, very simple (Wordpress + images). I had no problems until last week, when my hosting company turned out some FTPs to prevent massive usage of other users. I tried to upload some files to my FTP and tried to send some emails with an associated account to that site but I couldn't. When my hosting company solved the problem I could access the FTP and download my email, but I could not upload anything nor send emails with attachments.
    I thought it was my Internet connection, but it wasn't as I could upload files with a PC connected to the same DSL. I can use it with no problems with any other computer but my eMac. Besides, it's the only FTP I'm having trouble too.
    I flushed my DNS and no changes. I introduced manually my DNS and no changes. I renewed my IP as I have dynamic IP and no changes. I checked if I got a firewall and no firewall. My hosting company doesn't know what to tell me and I don't know what to do.
    Any clue on what might be happening?

    Hi again!
    The problem remains. I upgraded to Tiger and I cannot upload files to ONLY ONE specific server. As the hosting company told me my IP address is not blocked from the server (and I have dynamic IP, so it doesn't matter), I pressume it is some kind of problem of my Network configuration. However, I don't know what to do.
    Could it be my OSX be blocking uploading information to one specific server? Is there any "black list" or something at any plist?
    It's really, really frustrating. Any ideas?

  • How to force the Lync Client to a specific server in the pool

    I am troubleshooting an issue and need my client to connect to a specific server in my enterprise pool.
    I have tried a host fie, I have deleted the EndpointConfiguration.CACHE file and I still cannot get my client to connect to the specific front end.
    Can anyone tell me how to do this?

    Using a host file should definitely work and I do this all the time for testing. 
    Are you using manual or automatic configuration? If it's manual then make sure that the name you specified resolves to the correct IP address by using PING.
    If you are using automatic, use NSLOOKUP to determine what hostname it's trying to connect to and repeat the above.
    This could either be sip.domain.com (as Edwin mentioned) or it could be the name of your Front End pool, depending on how it's configured.
    The other thing you might want to try if everything looks correct and if you modified your HOSTS file while Lync was open, is just to Exit and re-open the Lync client.
    If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer"
    Georg Thomas | Lync MVP
    Blog www.lynced.com.au | Twitter
    @georgathomas
    Lync Edge Port Check (Beta)
    This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • HOWTO: Poll Server farm stats on ACE module

    Hi All,
    We are currently working on providing network monitoring information of our server farms programmed on our ACE modules, what is the best OID's to use?

    Hi Rob,
    Unless there's something already out with the release of code 4.X and ACE 30 then I'd say the MIB that can help you here would be the .CISCO-ENHANCED-SLB-MIB
    Here is the info from the SNMP object navigator
    http://xrl.us/bk2vmo
    Here is the list of supported MIBs by the ACE module just for reference and download
    ftp://ftp.cisco.com/pub/mibs/supportlists/ace/ace-supportlist.html
    HTH
    Pablo

  • Can You Manage Wireless Clients Access To Specific Websites?

    Hi Team,
    I am looking to use management functions like the ones I have used in Linksys WiFi Routers, such as limiting or denying access to certain external websites. I have been unable to find this capability in the Time Capsule (1TB), I just bought.
    Can anyone shed some light on this area of enhanced management? Is this even possible?

    Hello gbelton10. Welcome to the Apple Discussion!
    Is this even possible?
    Sorry, but no. Unlike some other manufacturer's routers, the AirPort & Time Capsule do not provide this type of feature. One workaround is to use OpenDNS to filter the types of websites that can be accessed.

  • Ssh access into virtual context on the ACE module A(2.2)

    Hello,
    I tried to configure:
    Admin(conf)#context test
    Admin(conf-context)#ssh key rsa1 1024
    but this command ssh is not supported int this newest version. How can I configure the ssh access directly into virtual context on the ACE module??
    Thank you

    Here's a link on how to configure it.
    https://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/admin/guide/access.html#wp1049450
    Hope that helps.

  • How to configure RDS to let a specific RDS group access a specific RDS server (no VDI or farm) ?

    Hi there,
    We have one domain with 40 sites. On each site is a RODC, wich also has RDS. (RDS the old way, no broker installed)
    The RODC's are 2008R2 and 2012R2 servers.
    Everything works fine, however everyone can access all servers as a straight forward RDS user (no VDI).
    Everyone is in the build in group for remote user.
    I'd like to have people that work on ServerA  only are able to contact serverA  for RDS.
    B on B, C on C and so on ...  This for all 40 sites.
    I made a policy for each site allowing RDS_A to access server A and so on. Is this the right way to do it, or can I do it having less GPO's ?  I need 40 right now!!!  Linking the policy to the right OU, containing the specific server.
    Something is still wrong, because other people still can access serverA.
    I get into it, but maybe I'm doing it wrong, so please give me some advice :)
    Thanks,
    Ben.
    Ben van der Meer

    Hi Ben,
    Thank you for posting in Windows Server Forum.
    You can achieve this through group policy but you can do one thing. You can create one group for one server (Suppose group A for server A, B for B, so on). After creating that group add particular user to that group and apply the group policy setting on that
    group for particular group. 
    The group policy which can apply is “Allow users to connect remotely using Remote Desktop Services” under below mention path.
    Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections
    More information.
    http://technet.microsoft.com/en-us/library/ee791922(v=ws.10).aspx
    Hope it helps!
    Thanks.
    Dharmesh Solanki
    TechNet Community Support

  • Real Servers not connected to ACE VLAN and Real Servers are clients accessing the VIP

    Hi,
    I have a very strange set up and need some help to get my config working
    I have a ASA firewall with three VLANs
    VLAN 1 = Internet
    VLAN 2 = DMZ
    VLAN 3 = Goes to ACE
    On the ACE I have four VLANs
    VLAN 3 = Goes to ASA
    VALN 4 = Web Server Tier
    VALN 5 = DB Tier
    VALN 6 = VIPs
    Our Application team have asked us to create a New VIP on the ACE with real servers in DMZ (Server A and Server B)
    And they have told us that the cleints accessing the VIP will be Server A and Server B
    I have always created VIPs with real servers directly connected to the ACE but not connected elsewhere.
    I belive I have a big challenge of opening ports on the firewall etc to get this set up working. Also, should i use some sort of NAT / SNAT? 
    Could anyone guide me on this setup please?
    Raj

    Hi Raj,
    First of all it is possible to add servers in ACE which are HOP away from ACE interfaces. Here servers are HOP away but there VIP is part of ACE interface subnet. The only need is that servers return traffic towards client should be passed through ACE (so that ACE can manitain states and chage the source IP of the reply packet from server IP to VIP on which client has requested the connection).
    When servers are HOP away and ACE do not come in path between server and client then we have to to do SNAT for intial client request. This configuration will force the return traffic from server to ACE (as server will NAT IP as client IP).
    In your case DMZ-VIP which is created for two real servers A and B, will be accesses by these servers only. So it is a situation of server accessing there own VIP. For this scenario to work we have to have SNAT (no matter whether servers are directly connected or HOP away). So best solution here is VIP in VLAN 3, Rserevrs for this VIP in DMZ, and SNAT client request, using free IP in VLAN 3.
    Also you have to open ports on firewall for both "real server Probes" and actual application ports, moreover policies modification on firewall for allowing traffic from DMZ to ACE VIP, DMZ to NAT IP and there vice versa traffic.

  • Access Server through VIP (ACE 4710) but very slow

    Re:  Access Server through VIP (ACE 4710) but very slow
    Hi Shiva
    Kindly  Help .....Accessing the server very slow.., Plz check my real  configuration... this configuration is for application server and after  this i have to configure more serverfarm for different server like  webmail etc. in this ACE 4710. I have only one ACE 4710 .
    ACE Version A4(2.0) = is there supports Probe with this version.???  without probe server will work but very slow. And plz guide Nat-pool is required
    VIP :-- 172.16.15.8
    LB/Admin# sh run
    Generating configuration....
    no ft auto-sync startup-config
    logging enable
    logging host 172.29.91.112 udp/514
    resource-class RC1
      limit-resource all minimum 10.00 maximum unlimited
    boot system image:c4710ace-mz.A4_2_0.bin
    hostname LB
    interface gigabitEthernet 1/1
      description Management
      speed 1000M
      switchport access vlan 1000
      no shutdown
    interface gigabitEthernet 1/2
      description clientside
      switchport access vlan 30
      no shutdown
    interface gigabitEthernet 1/3
      description serverside
      switchport access vlan 31
      no shutdown
    interface gigabitEthernet 1/4
      no shutdown
    context Admin
      description Management
      member RC1
    access-list everyone line 8 extended permit ip any any
    access-list everyone line 16 extended permit icmp any any
    probe http probe1
      description health check
      interval 5
      passdetect interval 10
      request method head
      expect status 200 200
      open 1
    rserver redirect https_redirect
      description redirect traffic to https
      webhost-redirection / 302
      inservice
    rserver redirect maintenance_page
      description maintenance page displayed
      webhost-redirection /sry.html 301
      inservice
    rserver host web1
      ip address 192.168.10.3
      inservice
    rserver host web2
      ip address 192.168.10.4
      inservice
    rserver host web3
      ip address 192.168.10.5
      inservice
    serverfarm host http
      rserver web1
        inservice
      rserver web2
        inservice
      rserver web3
        inservice
    serverfarm redirect https_redirect_farm
      description Redirect traffic to https
    serverfarm redirect maintenance_farm
      description send user to maintenance page
    parameter-map type connection paramap_http
      description parameter connection tcp
      exceed-mss allow
    sticky ip-netmask 255.255.255.0 address source Sticky_http
      timeout activeconns
      serverfarm http
    class-map match-all REMOTE-ACCESS
    class-map type management match-any remote_access
      2 match protocol xml-https any
      3 match protocol icmp any
      4 match protocol telnet any
      5 match protocol ssh any
      6 match protocol http any
      7 match protocol https any
      8 match protocol snmp any
    class-map match-all slb-vip
      2 match virtual-address 172.16.15.8 tcp eq www
    policy-map type management first-match remote_access
      class class-default
        permit
    policy-map type management first-match remote_mgmt_allow_policy
      class remote_access
        permit
    policy-map type loadbalance first-match slb
      class class-default
        serverfarm http
    policy-map type inspect http all-match slb-vip-http
      class class-default
        permit
    policy-map multi-match client-vips
      class slb-vip
        loadbalance vip inservice
        loadbalance policy slb
        loadbalance vip icmp-reply active
        inspect http policy slb-vip-http
        connection advanced-options paramap_http
    interface vlan 30
      description "Client Side"
      ip address 172.16.15.24 255.255.255.0
      access-group input everyone
      service-policy input client-vips
      no shutdown
    interface vlan 31
      description "Server Side"
      ip address 192.168.10.1 255.255.255.0
      service-policy input remote_access
      no shutdown
    interface vlan 1000
      description managment
      ip address 172.29.91.110 255.255.255.0
      service-policy input remote_mgmt_allow_policy
      no shutdown
    ip route 0.0.0.0 0.0.0.0 172.16.15.1
    snmp-server contact "PHQ"
    snmp-server community phq group Network-Monitor
    snmp-server trap-source vlan 1000
    username admin password 5 $1$b2txbc5U$TA74D920oSdd2eOZ4hSFe/  role Admin domain
    default-domain
    username www password 5 $1$.GuWwQEK$r8Ub4OcE3l190d5GA4kvR.  role Admin domain de
    fault-domain
    username prem password 5 $1$8C7eRKrI$it3UV4URZ26X4S/Bh6OEr0  role Admin domain d
    efault-domain
    ssh key rsa 1024 force
    banner motd # "ro" #
    Regards,
    Prem

    Hi Shiva,
    plz guide i'm new with ACE LB, also find my n/w design for connected ace to server. but server accessing very very slow, but when i connect through my old server software LB (with two interface)then accessing very fast. I just replace my old serverLB(with two interface) to ACE4710 and connect the same scenario then why not server accessing smoothly with VIP .Reply soon only I connect ACE's two interface with switch.....
    Regards,
    Prem

  • Server 2012 R2 File Server - 2008 R2/Win7 Clients Access Denied. SMB 3 Encryption.

    I've setup a Server 2012 R2 File Server. When creating shares I selected to enable encryption.
    Now Windows 7 and 2008 R2 clients cannot access. Pretty clear that this is SMB 3 encryption the cause.
    OK. So can I enable these Windows 7 and 2008 R2 clients to access encrypted SMB 3 shares?
    I can find no answer or documentation on this.

    So can I enable these Windows 7 and 2008 R2 clients to access encrypted SMB 3 shares?
    No, you can't. These Windows 7 and 2008 R2 clients talking to Windows Server 2012 R2, they will negotiate to the lowest common protocol which would be SMB 2.1 enabling communication, while not taking advantage of the SMB 3.0 specific capabilities (encryption
    included).
    There's no built-in encryption inside SMB 2.1

  • Installation of Client Access role fails on Windows Server 2008 R2 (Execution of: "$error.Clear(); Install-ExchangeCertificate -services "IIS, POP, IMAP")

    Hello
    I am trying to install Exchange Server 2010 beta 1 onto a Windows Server 2008 R2 (build 7000) machine which has also been set up as a domain controller.
    However when attempting to install the Client Access role, setup fails with the error below.
    Does anyone know of a way to get around this please?
    I have already searched for this error and not found any similar threads.
    Also every time I press the code button on this forum it crashes the browser and I keep losing the message! (IE8 from within Server R2). Also the message box is very small, will not expand and keeps jumping to the top.
    Thanks
    Robin
    [code]
    Summary: 4 item(s). 1 succeeded, 1 failed.
    Elapsed time: 00:00:01
    Preparing Setup
    Completed
    Elapsed Time: 00:00:00
    Client Access Role
    Failed
    Error:
    The execution of: "$error.Clear(); Install-ExchangeCertificate -services "IIS, POP, IMAP" -DomainController $RoleDomainController", generated the following error: "Could not grant Network Service access to the certificate with thumbprint 2F320F5D5B5C6873E54C8AB57F604D8AFA31D18C because a cryptographic exception was thrown.".
    Could not grant Network Service access to the certificate with thumbprint 2F320F5D5B5C6873E54C8AB57F604D8AFA31D18C because a cryptographic exception was thrown.
    Access is denied.
    Elapsed Time: 00:00:01
    Mailbox Role
    Cancelled
    Finalizing Setup
    Cancelled
    [/code]
    Robin Wilson

    Hello
    Thanks for all the replies.
    I have since wiped the system and installed everything again and it all worked this time so not sure what was wrong last time. I did try to uninstall all Exchange components and then uninstall IIS and Application server, reboot and re-install but I received the same error still when it came to installing the client access role.
    Walter: I just attempted the standard installation which should have used the default self-signed certificate. Everything was a fresh install done at the same time on a freshly formatted PC.
    For info last time when it failed to work:
    - Installed Windows Server 2008 R2
    - Installed Domain Controller role using dcpromo. I set the forest and domain as Windows Server 2008 R2
    - Added a forest trust between main domain and test Exchange domain (set up as ex2010.local)
    - Installed IIS and Application Server role
    - Installed Hyper-v role
    - Installed Desktop Experience feature
    - Installed Exchange and recieved the error
    When it worked I set up the forest and domain in Windows Server 2008 mode (i.e. not R2), installed Exchange first and then set up the forest trust and then Hyper-v. It did say it failed to configure dns which was probably because it started trying to do automatic updates half way through the dcpromo! DNS seems to work ok though.
    I did notice this time that Hyper-v gave a warning about the virtual network adapter not being set up correctly and the local network did not work correctly although I could access the internet. Not sure if this could have been related to the cause of the problem previously. For now I have disabled the virtual network until I get time to try and get it working and so the mail will work in the meantime.
    I also noticed that Hyper-v added an extra 443 ssl binding to the default website so as it had 2 bindings on port 443 it refused to start. After deleting one it worked.
    I decided to install Exchange onto a domain controller as it is only a test and I wouldn't do it in a live environment. I am also short of test machines! It didn't give me any warnings about this actually, I think previous versions warn you that it is not recommended.
    Andreas and Chinthaka: I did not know about the requirement to run the domain at 2003 mode. The main domain is running in 2008 mode with Exchange 2007 so I assume this is just a temporary beta related requirement. It does seem to be working (second attempt) so far in a 2008 mode domain although I haven't had a chance to fully test it yet.
    Thanks
    Robin
    P.S. Sorry it's taken me a while to reply!
    Robin Wilson

  • Windows 7 pro client cannot access folders on server 2003 domain server

    I added a windows 7 64 bit client to a server 2003 32 bit domain 3 weeks ago and file sharing was working fine until today, 5/4/12. Now, when trying to access shared folders that reside on the server,
    I get the following "access denied" message:
    […folder…] is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
    The user name could not be found.
    Strangely enough...
    The windows 7 client
    can open shared folders that reside on the XP clients in the domain
    All the XP clients in the domain can access the server 2003 folders
    All the XP clients and the server 2003 machine can access shared folders and printers on the windows 7 client.
    The windows 7 client can ping the server 2003 machine and vice versa
    I can “see” the server in my network list, but when I click on it, I get the same “access denied” message listed above.
    So... the only problem is that the windows 7 client cannot access folders that reside on the windows server 2003 machine. There must be some sharing setting that got changed
    by a recent windows update.
    Here is what I have done/verified so far on the windows 7 client:
    In advanced sharing settings for Home/Work, Public and Domain profiles:
    network discovery is enabled
    file and print sharing is enabled
    use user accounts and passwords to connect to other computers is selected (I also tried allowing windows to manage homegroup connections instead, but the problem remained.)
    40 -56 bit encryption is enabled
    In “gpedit.msc” Local Policies/Security Settings:
    enabled the following policies:
    Network access: Allow anonymous SID/name translation
    Network access: Let Everyone permissions apply to anonymous users
    disabled the following policies:
    Network access: Restrict anonymous access to Named Pipes and Shares
    Network access: Do not allow anonymous enumeration of SAM accounts
    Network access: Do not allow anonymous enumeration of SAM accounts and shares
    What am I missing? Are there policies on the server that need to be adjusted?
    Please help! My business is crippled if I cannot access server files from this workstation. Thank you in advance.

    As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous
    steps should be helpful for many similar scenarios.  <o:p></o:p>
    If the issue still persists and you want to return to this question, please reply this post directly so we will be notified to follow it up. You
    can also choose to unmark the answer as you wish.  <o:p></o:p>
    In addition, we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar
    problems.  <o:p></o:p>
    Thanks!<o:p></o:p>
    Arnav Sharma | http://arnavsharma.net/ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
    the thread.

  • REMOTE DESKTOP SERVICES CLIENT ACCESS LICENSES FOR MICROSOFT WINDOWS SERVER 2012 STANDARD AND DATACENTER

    I am using a window 7 professional  service pack 1 and I purchase REMOTE DESKTOP SERVICES CLIENT ACCESS LICENSES FOR MICROSOFT WINDOWS SERVER 2012 STANDARD AND DATACENTER. but  the seller did not send me any installation CD or instruction
    on how to use it.
     Please how can I use it on my window 7 professional  service pack 1.
    Thank you.

    Though Bill is absolutely correct for most CALs, Remote Desktop Services does have its own special licensing server.  I haven't installed one on 2012, yet, but here is a step-by-step guide for 2008. 
    http://technet.microsoft.com/en-us/library/dd983943(v=ws.10).aspx
    Here is a lab guide for 2012 -
    http://technet.microsoft.com/en-us/library/jj134160.aspx
    But, the explanation of your environment begs the question - what are you trying to do?  You say you have a desktop OS and you are talking about Windows Server products.  In that light, your question does not make a lot of sense.
    . : | : . : | : . tim

  • The server principal "XYuser" is not able to access the database "Ydb" under the current security context

    SQL2005 on winserver 2003. I have a view in Xdb that accesses tables in 2 different databases (Xdb and Ydb) on the same server. I have mixed mode security. I have a SQL user (XYuser) that has read access to all tables and views on both databases, yet when I try to access the view using a C# windows application I get the following error:
    The server principal "XYuser" is not able to access the database "Ydb" under the current security context
    This same scenario works under SQL 2000. I looked through the postings and tried to set TRUSTWORTHY ON on both databases but that didn't help. I can access any other views or tables on the SQL 2005 server, just not the one that joins the tables cross databases. Any help is much appreciated... john

    This appears to be a Login/Database Mapping issue.  I was having this problem, but was able to resolve it as follows:
    Using the SQL Server management Studio:
    In the Object explorer, under the SERVER security folder (not the database security folder), expand Logins. 
    That is: ServerName -> Security -> Logins
    NOT: ServerName -> Databases -> DatabaseName -> Security -> Users
    Select the Login that is having the troubles.  Right click on the Login and select ‘Properties.’
    The ‘User Mapping’ page should list all databases on the server with a check mark on the databases that the Login has been mapped to.  When I was getting the error, the database in question was not checked (even though the Login was assigned as a User on the database itself).  Map the Login by checking the box next to the database name.  Set the default schema.  Then select the roles for the Login in the Database role membership list box.  I selected db_datareader and public.  After clicking OK to save the changes, the problem was resolved.
    In order to ‘Map’ the Login, the Login must not already be as User on the database, so you may have to go to the database security (ServerName -> Databases -> DatabaseName -> Security -> Users) and delete the Login from the list of database Users before mapping the Login to the database.

  • Error During install Exchange 2013 through Powershell on Server 2012 "Mailbox role: Client Access service"

    Dear all
    During install Exchange 2013 through Powershell on Server 2012 I got this error in Mailbox role: Client Access service :
    The following error was generated when "$error.Clear();
    $BEVdirIdentity = $RoleNetBIOSName + "\OWA (Exchange Back End)";
    new-OwaVirtualDirectory -Role Mailbox -WebSiteName "Exchange Back End" -DomainController $RoleDomainController
    set-OwaVirtualdirectory -Identity $BEVdirIdentity -FormsAuthentication:$false -WindowsAuthentication:$true;
    " was run: "An error occurred while creating the IIS virtual directory 'IIS://MONAMBX2.mona.local/W3SVC/2/ROOT/o
    wa' on 'MONAMBX2'.".
    The following error was generated when "$error.Clear();
    $BEVdirIdentity = $RoleNetBIOSName + "\OWA (Exchange Back End)";
    new-OwaVirtualDirectory -Role Mailbox -WebSiteName "Exchange Back End" -DomainController $RoleDomainController
    set-OwaVirtualdirectory -Identity $BEVdirIdentity -FormsAuthentication:$false -WindowsAuthentication:$true;
    " was run: "The operation couldn't be performed because object 'MONAMBX2\OWA (Exchange Back End)' couldn't be fo
    und on 'MonaDc1.mona.local'.".
    Any advice please !!

    I can't answer your question but I had a similar issue when I was trying to move our mailbox database off the C: drive.  Our environment still has an Exchange 2007 server in it and when I was trying to move the database on the 2013 server, I would get
    error messages saying the database does not exist.  It seemed like it was trying to move the database on the 2007 server from the similar error messages that I was getting.  To get around it, I deleted the database and created a new one on the drive
    where we wanted it.
    I discovered this when I was configuring the Antispam settings.  I deleted our 2007 settings, added them to the 2013 shell, the settings appeared on our 2007 server.  The shell on 2013 was making changes to 2007.
    I'm not sure if there is a "Get|Set or New" command that I/we should be using when this happens.  Or maybe my issues will be fixed if I just remove the Exchange 2007 server?  I'm not ready to do that yet because I can't configure the spam filtering
    on 2013 yet with its shell not being able to make the changes that we need.
    I don't know if your environment is in coexistence mode like mine.
    Hopefully someone else out there has an answer or can tell us when/how the shell can make the appropriate changes to the 2013 server.  Does this happen after the 2007 server is removed?

Maybe you are looking for