Cross-forest access to public folders Exchange 2013-2007

Similar Messages

• Creating public folders Exchange 2013 powershell

  Hello, we have exchange server 2013 with a lot of public folders 
  We use script to create this folders and to manage them.
  With upgrade to 2013 command New-PublicFolder was changed.
  parameter -server was deleted, and now we gaining error: 
   Creating Public Folder
  New-PublicFolder : Cannot find information about the local server XXX.XXXXXX.com in Active Directory. This may be related to a change in the server name.
  + New-PublicFolder -DomainController $dcserver -Name $grpn -Path '\Projects'
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  + CategoryInfo : NotSpecified: (:) [New-PublicFolder], LocalServerNotFoundException
    + FullyQualifiedErrorId : [Server=XXXXX,RequestId=XXXXXXXXXXXXXXX,TimeStamp=19.04.2014 3:55:21] 465E6BC6,Microsoft.Exchange.Managemen 
  t.MapiTasks.NewPublicFolder
  Now i found a solution but is it normal to use something like this :
  $exsession = New-PSSession -ConfigurationName Microsoft.Exchange –ConnectionUri "http://$mailserver/PowerShell/" -Authentication Kerberos
  Invoke-Command -Session $exsession {param($grpn,$pffn,$pfpn,$grpnpg,$dcserver) New-PublicFolder -DomainController $dcserver -Name $grpn -Path '\Projects'} -ArgumentList $grpn,$pffn,$pfpn,$grpnpg,$dcserver
  sleep 20
  Invoke-Command -Session $exsession {param($grpn,$pffn,$pfpn,$grpnpg,$dcserver) Enable-MailPublicFolder -DomainController $dcserver -Identity $pffn} -ArgumentList $grpn,$pffn,$pfpn,$grpnpg,$dcserver
  sleep 20
  Invoke-Command -Session $exsession {param($grpn,$pffn,$pfpn,$grpnpg,$dcserver) Add-PublicFolderClientPermission -DomainController $dcserver -User $grpnpg -AccessRights 'Author' -Identity $pffn} -ArgumentList $grpn,$pffn,$pfpn,$grpnpg,$dcserver
  sleep 20
  Invoke-Command -Session $exsession {param($grpn,$pffn,$pfpn,$grpnpg,$dcserver) remove-PublicFolderClientPermission -DomainController $dcserver -User "Default" -Identity $pffn -confirm:$false} -ArgumentList $grpn,$pffn,$pfpn,$grpnpg,$dcserver
  sleep 20
  Invoke-Command -Session $exsession {param($grpn,$pffn,$pfpn,$grpnpg,$dcserver) Add-PublicFolderClientPermission -DomainController $dcserver -User "Default" -AccessRights 'CreateItems' -Identity $pffn} -ArgumentList $grpn,$pffn,$pfpn,$grpnpg,$dcserver
  Invoke-Command -Session $exsession {param($grpn,$pffn,$pfpn,$grpnpg,$dcserver) Add-PublicFolderClientPermission -DomainController $dcserver -User "Anonymous" -AccessRights 'CreateItems' -Identity $pffn} -ArgumentList $grpn,$pffn,$pfpn,$grpnpg,$dcserver
  sleep 20
  Invoke-Command -Session $exsession {param($grpn,$pffn,$pfpn,$grpnpg,$dcserver) Set-MailPublicFolder -DomainController $dcserver -Identity $pffn -HiddenFromAddressListsEnabled $true} -ArgumentList $grpn,$pffn,$pfpn,$grpnpg,$dcserver
  sleep 20
  Invoke-Command -Session $exsession {param($grpn,$pffn,$pfpn,$grpnpg,$dcserver) Add-DistributionGroupMember -DomainController $dcserver -Identity $grpnpg -Member $pfpn} -ArgumentList $grpn,$pffn,$pfpn,$grpnpg,$dcserver
  sleep 20
  #Closing remote session
  Remove-PSSession $exsession
  is there any other solutions to do this operations?

  Hello, we have exchange server 2013 with a lot of public folders 
  We use script to create this folders and to manage them.
  With upgrade to 2013 command New-PublicFolder was changed.
  parameter -server was deleted, and now we gaining error: 
   Creating Public Folder
  New-PublicFolder : Cannot find information about the local server XXX.XXXXXX.com in Active Directory. This may be related to a change in the server name.
  + New-PublicFolder -DomainController $dcserver -Name $grpn -Path '\Projects'
  You can specify the parameter mailbox but that is optional.
  Example:
  New-PublicFolder -Name SomeName -Path \Projects -mailbox "PF Mailbox"
  ...and you have more examples in the Technet Article New-PublicFolder
  Martina Miskovic

• User Access to Public Folders Disappearing (Outlook 2013)

  I have one particular user who is losing access to public folders in Outlook 2013.  I have found that going to
  File > Account Settings > Account Settings > Email [TAB] > Repair... and then following through that dialog temporarily restores public folder access after restarting Outlook.  However, once Outlook is restarted
  for 30-60 seconds, the public folders disappear again. This is only happening for this one user.  They receive their public folder permissions via group membership.  Other group members report no such issue. I had another user with identical permissions
  log into the same workstation and they again had no issue.
  What could be causing this? This is a particularly bothersome problem since this user happens to be the office scheduler and the calendar they schedule on is public (which, thanks to reduced functionality in Exchange 2013, is no longer accessible in OWA).
  Tech specs: Exchange 2013 CU5 accessed from Outlook 2013 running on Windows 8.1 Update.  Outlook did not log any events during the time when public folders were dropped, nor are there any network connectivity issues being logged.
  Any ideas for resolving this?

  Hi,
  Please check the connection status for Outlook.
  Press the CTRL key and right-click the Outlook icon in the notification area, then select Connection Status.
  Please run the command get-mailbox administrator | fl defaul* to check the default public folder mailbox for this affected user.
  Do you have mail-enabled public folders? If you have mail-enabled public folders, you can check if this user can view public folders in OWA.
  If possible, please re-add the public folder permissions for this user to check result.
  Best regards,
  Belinda Ma
  TechNet Community Support

• RPC over HTTP trouble Exchange 2013/2007 coexistence, 2013 RPCProxy cannot ping GC.

  I currently have an Exchange 2013/2007 coexistence scenario which gives me trouble with the RPC over HTTP part with users with a 2007 mailbox. the MS RCA website performs 2 tests with the MAPI address book endpoints, once against a 2007 mailbox server and
  once a against a GC/DC, the last one fails. The logs are from our test domain, but the exact same happens in the production domain. running CU8 (recently upgraded, but problem was exactly the same with CU7)
  Testing the MAPI Address Book endpoint on the Exchange server.
  The address book endpoint was tested successfully.
  Additional Details
  Elapsed Time: 7872 ms.
  Test Steps
  Attempting to ping the MAPI Address Book endpoint with identity: exmb11.domain.test:6004.
  The endpoint was pinged successfully.
  Additional Details
  The endpoint responded in 156 ms.
  Elapsed Time: 4153 ms.
  Testing the MAPI Address Book endpoint on the Exchange server.
  An error occurred while testing the address book endpoint.
  Additional Details
  Elapsed Time: 3079 ms.
  Test Steps
  Attempting to ping the MAPI Address Book endpoint with identity: tdc01421.domain.test:6004.
  The attempt to ping the endpoint failed.
   <label for="testSelectWizard_ctl12_ctl06_ctl02_ctl09_ctl00_tmmArrow">Tell
  me more about this issue and how to resolve it</label>
  Additional Details
  The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
  Elapsed Time: 3079 ms.
  texmb11 = ex2007 mailbox
  texfr11 = ex2007 CAS
  tdc01421 = DC/GC
  texch31 = 2013 multirole
  other symptoms :
  Browser test
  https://texch31.domain.test/rpc/rpcproxy.dll?texmb11:6004
  --> 503 (which is correct)
  https://texch31.domain.test/rpc/rpcproxy.dll?tdc01421:6004
  --> 404.0 Not Found
  RPCPing
  rpcping -t ncacn_http -s texmb11 -o RpcProxy=texch31.domain.test -P "user,dom,*" -I "user,dom,*" -H 2 -u 9 -a connect -F 3 -v 3 -e 6004
  Success
  rpcping -t ncacn_http -s tdc01421 -o RpcProxy=texch31.domain.test -P "user,dom,*" -I "user,dom,*" -H 2 -u 9 -a connect -F 3 -v 3 -e 6004
  Fails!
  so the Ex2013 RPCProxy doesn't proxy to the DC/GC, but the RPCProxy to an ex2007 mailbox server works fine, so the authentication methods configured are correct i'd say..
  the same tests using the ex2007CAS server as RPC proxy all succeed!:
  MS RCA is all green
  https://texfr11.domain.test/rpc/rpcproxy.dll?texmb11:6004 
  --> 503
  https://texfr11.domain.test/rpc/rpcproxy.dll?tdc01421:6004 
  --> 503 
  rpcping -t ncacn_http -s texmb11 -o RpcProxy=texfr11.domain.test -P "user,dom,*" -I "user,dom,*" -H 2 -u 9 -a connect -F 3 -v 3 -e 6004
  Success
  rpcping -t ncacn_http -s tdc01421 -o RpcProxy=texfr11.domain.test -P "user,dom,*" -I "user,dom,*" -H 2 -u 9 -a connect -F 3 -v 3 -e 6004
  Success!!
  Logs
  all tries against the 2013 CAS server generate '404' log entries in several logs int the Logging directory, the most explicit being the one in Program Files\Microsoft\Exchange Server\V15\Logging\HttpProxy\RpcHttp : HttpProxy_xxxxxx.LOG
  2015-04-30T19:58:00.153Z,895cdf07-f2eb-4beb-b787-da02ba11b0c2,15,0,1076,0,,RpcHttp,webmail.domain.test,/rpc/rpcproxy.dll,,Basic,true,DOM\user,,,MSRPC,10.10.142.132,TEXCH31,404,,MailboxGuidWithDomainNotFound,RPC_IN_DATA,,,,,,,,,4,,,,1,,,0,,0,,0,0,,0,2,0,,,,,,,,,1,1,0,,1,,2,2,,?TDC01422.domain.test:6004,,BeginRequest=2015-04-30T19:58:00.153Z;CorrelationID=<empty>;ProxyState-Run=None;ProxyState-Complete=CalculateBackEnd;EndRequest=2015-04-30T19:58:00.153Z;,HttpProxyException=Microsoft.Exchange.HttpProxy.HttpProxyException:
  RPC server name passed in by client could not be resolved: TDC01422.domain.test    at Microsoft.Exchange.HttpProxy.RpcHttpProxyRequestHandler.ResolveToDefaultAnchorMailbox(String originalRpcServerName  String reason)    at
  Microsoft.Exchange.HttpProxy.RpcHttpProxyRequestHandler.ResolveAnchorMailbox()    at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InternalBeginCalculateTargetBackEnd(AnchorMailbox& anchorMailbox)    at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.<BeginCalculateTargetBackEnd>b__3b();
  the error suggests the name could not be resolved. but nslookup works fine. i can ping the tdc01421 correctly form texch31, it returns me the ipv4 address. i can telnet to port 6004 from texch31 server to tdc01421 giving me the correct 'ncacn_http' answer..
  i look at the 'ValidPorts' and ValidPorts_Autoconfig_Exchange reg keys and filled them with the same i have on the 2007cas servers (all ex servers, all dc/gc's, all of them with netbios & fqdn ports 6001,6002 & 6004..) but also no success.
  im out of ideas by now..

  Hello togehter, 
  if anyone is using the Interim Update (Hotfix) "Exchange2013-KB2997209_2997847-x64-en.msp" please be aware of the following bug in this hotfix: 
  NOTE: Another issue that we have seen only from some E2013 On-Premises customers who installed
  fixes for any of the above E2013 CU6 related issues is that “Using OWA, users cannot create new messages or reply to existing messages” – These are mostly installer issues where OWA files are not copying correctly in the new version directory. Ideally the
  content of these two folders, i.e. “V15\ClientAccess\Owa\prem\15.0.995.31” and “V15\ClientAccess\Owa\prem\15.0.995.29” should be identical, now if for any reason, they are not then it can break the OWA experience like described above. Take these steps if you
  run into related issues:
  -Backup the contents of “15.0.995.31” folder to a different folder/directory
  -Copy the files and folders from “15.0.995.29” to “15.0.995.31” folder – this should fix the issue …
  Best, 
  Martin

• Exchange 2013/2007 coexistence: The Name on the Security Certificate is Invalid or Does Not Match the Name of the Site.

  In the midst of Exchange 2013/2007 coexistence configuration. 
  Currently:
  Exchange 2007:
  2 CAS\HUB
  1 Mailbox server
  Exchange 2013 (2 sites):
  LA:
  1 CAS
  2 MBX servers
  MKE:
  1 CAS 
  2 MBX servers.
  We purchased a certificate from Digicert and added every SAN name we could think of including "legacy.companyname.com", just to be sure. Added certificate to Exchange 2013 CAS servers and 2007 CAS\HUB boxes. Configured virtual directories on Exchange
  2013 MKE-CAS01 but not on Exchange 2013 LA-CAS01. Configured virtual directories to on Exchange 2007 CAS\HUB to point to "legacy.companyname.com". 
  Mailboxes have not been moved yet. I just wanted to get the coexistence between Exchange 2013/2007 up first but some users (not all) receiving
  "The name of the security certificate is invalid or does not match the name of the site" for
  "LEGACY.COMPANYNAME.COM". I remember configuring the AUTODISCOVER virtual directory for Exchange 2007. Any ideas? Thank you.

  Hi,
  Please make sure that the certificate with "legacy.companyname.com" name is enabled for IIS service. We can check it by running the following command in Exchange server 2007:
  Get-ExchangeCertificate | FL
  Thanks,
  Winnie Liang
  TechNet Community Support

• Is it possible to access the Public Folders in Exchange 2013 during a migration from Exchange 2007 to verify the files are there?

  This is a migration from Exchange 2007 to Exchange 2013.  We're in the middle of migrating the Public Folders.  Is it possible to configure a database to point to the Exchange 2013 public folders so I can verify the data before the final cut?
   If so what are the steps to do that?  Thanks in advance.

  To my knowledge no.  It's an all or nothing thing with public folders.
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread

• Accounts made in o365 can't access legacy public folders - Migrated through 2010/2013 Hybrid can access

  We've added two 2013 hybrid servers to our existing 2010 environment.  Added the CAS role to all 2010 mailbox servers per ( https://technet.microsoft.com/en-us/library/dn249373%28v=exchg.150%29.aspx ) and currently have public folders (located on our
  2010 mailbox servers) working in Outlook client for users whose mailboxes have been migrated from on-prem 2010 to o365.  The problem is when we create a new user in o365, that user CAN see that we have public folders via Outlook client, but when we expand
  the public folder list a credential window pops up and will not accept any set of credentials (even those of working hybrid migrated accounts).
  We are following this method when creating new o365 accounts:
  1) Make a user in AD
  2) Dirsync the user
  3) License the user for exchange
  4) Run on on-prem mailbox server via Exchange Management Shell: Enable-RemoteMailbox "[email protected]" -RemoteRoutingAddress "[email protected]"
  5) In o365 Remote Exchange Powershell run: Get-Mailbox -identity "[email protected]" |fl Identity,ExchangeGUID
  6) Copy ExchangeGUID
  7) Back on on-prem mailbox server via Exchange Management Shell: Set-RemoteMailbox "[email protected]" -ExchangeGUID <paste GUID here>
  8) Dirsync the user again
  I've compared two Remote User Mailboxes, ones that were migrated via Hybrid, and ones that were created in o365 and the settings look identical outside of the attribute "RemoteRecipientType" is set to Migrated vs ProvisionMailbox.  I'm not
  sure what else the difference in these accounts could possibly be that would be causing this credential failure.
  Any thoughts would be appreciated.

  Hi,
  Please do the following steps to create an Exchange Online mailbox in your Hybrid environment:
  Method 1: Create a remote mailbox for an existing user.
  If you already have created a user in Active Directory, and the user has already been synced to online with license, we can give that user a mailbox in Exchange Online by using the Exchange Management Shell cmdlet Enable-RemoteMailbox on
  your on-premise Exchange server:
  Get-User “User1” | Enable-RemoteMailbox
  Then the mailbox is enabled with an Exchange Online mailbox. We can check the mailbox by running the following command in On-premise Exchange server:
  Get-RemoteMailbox “Test1” | FL *address*
  Method 2: Directly create a new remote mailbox.
  1. Create the remote mailbox in On-premise Exchange server by running:
  $Credentials = Get-Credential
  New-RemoteMailbox -Name "Test2" -Password $Credentials.Password -UserPrincipalName
  [email protected]
  2. Launch dirsync and assign a license to the newly created user with Office 365 account.
  Then Test2 can sign in, using his on premises credentials, and open his online mailbox.
  For more information about the remote mailbox, please refer to:
  http://blogs.technet.com/b/ilvancri/archive/2011/08/24/exchange-online-exchange-on-premises-shared-namespace-how-about-mail-routing.aspx
  Regards,
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Winnie Liang
  TechNet Community Support

• User Access to Public folders durring migration

  I built a test environment in preparation for a migration I am doing. I have a 2007 and 2013 set up.
  After I moved the test users from the 2007 exchange server to the 2013 server, they can no longer open the public folders still in the 2007 environment. The error is "the server mailbox cannot be opened because this address book entry is not
  a mail user.".
  The Public Folders will eventually be migrated, but I want to ensure users will still have access to them as they are migrated. What step am I missing?

  Hi IT2B,
  Is there any update after referring to these links?
  Best regards,
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Niko Cheng
  TechNet Community Support
  Won't be able to work on until tomorrow. I'll post my results.

• Users could not open Public Folders in Outlook 2007 SP3.

   
  Is anybody had this issue or probably know how to fix it?
  We have Exchange 2013 server and users workstations with XP SP3 and Office 2007 SP3 installed. Exchange has users’ mailboxes and public folders. Public folders work OK until last week. Issue probably happened after latest CU update for Exchange 2013 installation.
  Now users could not open Public Folders in their Outlook. The error is:
  "Cannot expand the folder. Your profile is not configured. (/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=[email protected])"
  And this "[email protected]" is public folder ContentMailboxGuid.
  And this error message appears when user click on Public Folders \All Public Folders in Outlook. So company public folders do not even appear in All Public Folders folder. Users have Owner permissions for all Public Folders and Root Public folders.
  Also one more error in Outlook about it:
  “Cannot display the folder. Microsoft Office Outlook cannot access the specified folder location.”
  One more issue is that previous Exchange 2007 server died (RAID died) so we had to delete it from AD and clean its records in ADSIEdit (CN=configuration,DC=.domainname,DC=.COM > CN=Services > CN=Microsoft Exchange > CN=Organization > CN= Administrative
  Groups > CN=(Groupname) > CN=Servers >) and install new server with Exchange 2013, and import all users mailboxes from backup. Public folders were not migrated from the old server because of its death. We create new public folders in Exchange and
  then manually import all folders from latest .pst backup using user Outlook.
   And it work OK more than a month till last week.
  Thanks,
  Andrey

  Hi Mavis,
  Thank you for your answer.
  I check permissions couple of times for both public folder and its root and both are granted for users as “Owner” and applied to public folder and its subfolders.
  This server has 2 mailbox stores and both are currently mounted.
  [PS] C:\Windows\system32>Get-MailboxDatabase -Status |fl name,mounted
  Name    : Mailbox Database 2104233799
  Mounted : True
  Name    : MBDB1
  Mounted : True
  But when I check homeMDB property for Microsoft System Attendant in ADSIEdit I found that it is empty.
  And it looks like System Attendant mailbox & service have been removed from Exchange 2013.
  http://howexchangeworks.com/2013/05/cannot-open-microsoft-system-attendant-mailbox-error-during-exchange-2013-mailbox-move.html
  and even from Exchange 2010.
  http://blogs.msdn.com/b/dvespa/archive/2009/10/06/say-so-long-to-the-system-attendant-mailbox.aspx
  Also I check arbitration mailboxes and all are looks to be in default database “Mailbox Database 2104233799” which is currently mounted.
  [PS] C:\Windows\system32>Get-Mailbox -Arbitration |fl name,data*
  Name     : FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042
  Database : Mailbox Database 2104233799
  Name     : SystemMailbox{1f05a927-77cc-4f5d-b5ca-667ea4256ff9}
  Database : Mailbox Database 2104233799
  Name     : SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}
  Database : Mailbox Database 2104233799
  Name     : SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}
  Database : Mailbox Database 2104233799
  Name     : Migration.8f3e7716-2011-43e4-96b1-aba62d229136
  Database : Mailbox Database 2104233799
  Thanks,
  Andrey

• Outlook 2007 - single profile connecting to Exchange 2013 / 2007 mailboxes

  Hi,
  I am in the early part of a migration from Exchange 2007 to Exchange 2013. So far I have 2013 installed and running in a DAG and just moved my own mailbox to the new server.
  I set up a new profile in Outlook 2007 which connects to my mailbox on Exchange 2013. The problem is that I need to add additional mailboxes to my profile which are still hosted on Exchange 2007, however this is not working.
  I thought at one stage I tested this and was able to get it work with a test mailbox also hosted on Exchange 2013.. but maybe I never did.
  Does anyone know if this is possible at all (single Outlook profile, primary mailbox hosted on Exchange 2013 and other mailboxes on Exchange 2007). Most of our users have an additional mailbox mapped in their profile so I hope there is some way around this.
  Thank you!

  Hi,
  It is possible to open a shared mailboxes on a legacy server.
  Your problem could be caused by:
  Not having one of the later CU installed (read CU4 or CU5)
  Incorrect authentication methods configured (see link below)
  Outlook is not at the latest patch level
  Users of Exchange Server 2013 can't open public folders or shared mailboxes on an Exchange 2010 or Exchange 2007 server
  http://support.microsoft.com/kb/2834139
  Martina Miskovic

• Exchange 2013 + 2007 OWA coexistance not redirecting properly (HTTP 400)

  Hello.  I am using this document to funnel our new Exchange 2013 external traffic through an IIS ARR reverse proxy, much like we already do for MIcrosoft
  Lync 2013 on this machine.  
  http://blogs.technet.com/b/exchange/archive/2013/08/02/part-2-reverse-proxy-for-exchange-server-2013-using-iis-arr.aspx
  I followed this guide to a T. especially the part on the page 2 that I linked above about creating the legacy.domain.com server farm and URL rewrite rule.  This
  IIS ARR proxy seems to work fine for Outlook Anywhere, ActiveSync, OWA if the user's mailbox is on the Exchange 2013 server, but it does not work if an OWA user logs in with a mailbox on 2007.
  When the user has a mailbox on 2007, after logging into OWA they get HTTP 400 error.  The URL bar in the browser is changed to https://legacy.domain.com/owa/auth/owaauth.dll
  The Exchange 2007 server IIS logs show this:
  70.x.x.x, -, 11/1/2014, 9:45:48, W3SVC1, MAIL, 10.1.1.3, 0, 523, 132, 400, 0, POST, /owa/auth/owaauth.dll, -,
  I can't figure out why this is happening.  DNS is correct.  legacy.domain.com points to the 2007 Exchange server.  webm.domain.com points to the
  Exchange 2013 server.
  Any ideas?

  Doing more testing, I almost think the Exchange 2007 server keeps redirecting.  So the HTTP 400 is because when you hit legacy.domain.com, it redirects
  to webm.domain.com which redirects back to legacy.domain.com and vice versa.
  I put a test.txt file in the Exchange 2007 owa virtual directory and I cannot access it in any browser.  I tried https://legacy.domain.com/owa/test.txt and
  It redirects me to https://webm.domain.com(Exchange 2013).  I can however go
  one level (or more) deep on the legacy server and get a file such as https://legacy.doamin.com/owa/8.3.342.1/themes/base/logon.css and
  in the browser I see the code (both externally AND internally, so I know DNS and firewall is working).
  I can't find anywhere on IIS 6.0 on the Exchange 2007 server where any kind of redirection is taking place though.  Virtual Directory properies for owa say
  "A directory located on this computer: "C:\Program Files\Microsoft\Exchange Server\ClientAccess\owa"  Enable default content page is checked with default.aspx but I looked at default.aspx in notepad and I don't see ANY code telling it to
  redirect.
  In Exchange 2007 management console OWA internal URL and External URL both sayhttps://legacy.domain.com/owa .
  I have no idea what is causing this redirection.  I did an iisreset and also recycled the OwaAppPool and no change.

• Exchange 2013 - 2007 coexistence legacy namespace issues

  Got an odd config here. Exchange 2007 CCR mode co-existing with split role 2013 servers over 2 Data Centers. Each DC has its own subnet so DAG has 2 IPs. New Certificate purchased with extra legacy namespace and loaded onto ISA and F5 as well as the
  exchange servers.
  I can send and receive from the Exchange 2013 servers. But I'm struggling to deploy the legacy namespace
  Here's where it gets ugly. The client wants to continue (short term) to put legacy.company.com through ISA2006 servers and 2013 traffic through F5 load balancers. On the f5 side the path goes through a firewall then an f5 to the mailgateway
  When we cut over to legacy (dns changes etc) OWA suffered intermittent Internal 500 errors. Active sync had to be pointed to webmail to work (we had it set blank as per Steve Goodmans recommendation) and Outlook Anywhere had no connectivity.
  Urls were set correctly
  Outlook Anywhere -> webmail.company.com
  Autodiscover -> webmail.company.com
  WebServices -> legacy.company.com
  OWA -> legacy.company.com
  OAB -> legacy.company.com
  UM -> legacy.company.com
  ActiveSync -> legacy.company.com
  This is our 4th attempt to get this working. We can only work in the small hours so we are all fairly tired. Pointers anyone?

  Hello,
  Do you mean when the user access mailbox from internet, the load balancing will not occur? If so, I recommend you check your configuration as the following article:
  http://technet.microsoft.com/en-us/library/aa997148.aspx .
  The user of ISA Server load balancing will eliminates the need for setting up the load balancing cluster on the exchange server CAS side.
  If I have any misunderstanding, please free let me know.
  Cara Chen
  TechNet Community Support

• Exchange 2013 - 2007 coexistence - activesync 2007 does not work correctly

  Exchange 2013 SP1.  On going Saga-  Last night we cut over to full co-existence with DNS changes for use of legacy namespace and had to roll back again. We had only two issues but one was considered a show stopper.
  The main issue was that Active Sync would not work correctly for 2007 users. It failed the exchange connectivity test and would only work on a device if the domain was entered - or if the legacy namespace was entered manually. That would have meant
  chaos for several thousand users so we rolled back. (It worked perfectly for 2013 users).
  The error given by the test was "foldersync failed" when I drilled down into the detail. It found autodiscover but failed after the initial handshake. (All other tests passed for 2007 and 2013 users)
  We tried:
  1. Populating both Autodisover internal and external urls with the legacy namespace
  2. Populating only the internal url and leaving the external blank (both 1 and 2 had the same result)
  3. Leaving both URLs blank to force 2013 to proxy to the 2007 cas (totally broke it- would not resolve at all)
  I don't know if this is related but SSO is failing for 2007 OWA - two prompts.
  Environment notes- all internal co-existence is working and the internal LTM F5's are working. Externally we use 2 GTM F5 to the LTM f5's to Ex2013. 2007 has SSL being passed through all the way to the CAS. Servers are split into CAS and MBX over 2 DC's.
  Everything else externally was working when we cut over.
  any and all help appreciated
  Tony

  Hi,
  Glad to know that you have found the solution.
  Thanks for your generous sharing.
  Have a nice day : )
  Thanks
  Mavis
  Mavis Huang
  TechNet Community Support

• OWA SSO issues in Exchange 2013 - 2007 co-existence

  This may not be possible. For a multitude of reasons the client needs OWA authentication of Windows Integrated and Basic. As a result I''ve got a double prompt for users still on 2007 for OWA externally.
  Do you have to use Forms Based Authentication to get SSO to work? Is it possible to enable FBA as well as basic and Windows auth?

  FBA is required on the source and destination, yes. You would need to enable that and not use Basic or Windows Auth.
  http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
  CAS2013 in Site1 will authenticate the user, do a service discovery, and determine that the mailbox is located within the local AD site on an Exchange 2007 Mailbox server.
  CAS2013 will initiate a single sign-on silent redirect (assumes FBA is enabled on source and target) to
  legacy.contoso.com. CAS2007 will then facilitate the request and retrieve the necessary data from the Exchange 2007 Mailbox server.
  Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• Exchange 2013 2007 co-existence Outlook Anywhere issues

  Sorted out all other issues (apart from a SSO issue- another thread) . Activesync, autodiscover etc all working- but Outlook Anywhere does not work for Exchange 2007 external mailboxes. It does work for 2013 mailboxes internally and externally-
  and 2007 mailboxes internally.
  Exchange 2013 SP1. Exchange 2007 Sp3 RU10. Legacy namespace is in use and on certificate. Outlook Anywhere IIS Authentication is set to Basic and NTLM on both 2007 and 2013 servers.  Outlook Anywhere external client authentication is set to Basic.
  Any sugestions what to look at next?

  Tony,
  I apologize for the stupid question, but was Outlook Anywhere working on Exchange 2007 before you started the upgrade?
  When you open command prompt on Exchange 2007 and ping the Exchange 2007 internal FQDN or NetBIOS name, do you get an IPv4 address or you get the IPv6 one?
  Step by Step Screencasts and Video Tutorials