Reverse Proxy Planning for Exchange 2013

Similar Messages

• Wrong cert on reverse proxy setup for exchange

  i have arr setup, i have runt he setup command as per the recommended sheet
  ARRConfig config –cert “path
  to the certificate file” –hostnames “host
  names for Exchange Server”–targetserver
  “server name of Exchange Server”
  and this has worked and mail is accessable, the problem is that the cert is not matching for some reason
  so i have a cert for remote.domain.co.uk and i have one for mail.domain.co.uk, i used the mail cert for the reverse proxy, i see it bound to the site BUT when i access the remote site i get the remote.domain.co.uk cert as presented, its as if the mail one
  is being over ridden and i dont know were
  any advise?

  In the Exchange Shell can you run,
  Get-ExchangeCertificate | select CertificateDomains, Services | FL
  This should tell us if the cert is bound correctly on the Exchange Server.
  In the Essentials Server, in IIS, do you have a Exchange Proxy website created?
  Robert Pearman SBS MVP
  itauthority.co.uk |
  Title(Required)
  Facebook |
  Twitter |
  Linked in |
  Google+

• Best practices for buying a digital certificate for Exchange 2013

  Good dayfriends,
  Could you indicateme which are the bestpractices when buying
  a public digital certificatefor use onExchangeServer 2013.
  I'd be interested in knowing your opinion about
  using wildcardor SAN certificates.
  Likewise what are the best recommendations
  to include names and why they should or
  should not include the internal FQDN
  of my servers.
  Currently I have an infrastructure that has two
  MailBox servers,two CAS servers and an EDGE
  2010 server, but I'm planning update it to Exchange 2013.
  I searched what are the best
  practices according to Microsoft but
  have found little information.
  I would appreciate
  if you can post links like
  Microsoft KBs and other technical documents that
  discuss the above mentioned.
  Thanking your
  invaluable support.
  Greetings.

  Hi,
  Personal suggestion, we can use two namespaces for your Exchange 2013:
  Autodiscover.domain.com (Used for autodiscover service)
  Mail.domain.com (used for all Exchange services external and internal URLs)
  Please pointed mail.domain.com and autodiscover.domain.com to your internet facing CAS 2013.
  For more information about Digital Certificates and SSL in Exchange 2013, please refer to the
  Digital Certificates Best Practices part in the following technet article:
  http://technet.microsoft.com/en-us/library/dd351044%28v=exchg.141%29.aspx?lc=1033
  Additionally, here are some other scenarios about certificate planning in Exchange 2013:
  http://blogs.technet.com/b/exchange/archive/2014/03/19/certificate-planning-in-exchange-2013.aspx
  Regards,
  Winnie Liang
  TechNet Community Support

• Is Reverse Proxy required for Hybrid deployment

  Hi everyone,
  We plan to deploy a new infrastructure on prem attached to O365.
  The aim of this deployment is to create lync meeting on the on prem FE server which will be accessible by O365 Lync users. (FI: these meetings will be created on prem because the customer wants to cascade Lync conference with his Polycom video conferencing
  infrastructure).
  Some users are homed on-premises and some users are homed online, but the all users share the same SIP domain. Is Reverse Proxy on prem will be required for O365 users to join meetings created on the on-premise FE or the O365 architecture
  can handle it?
  The only functionality needed is meeting (not mobility). I saw this (https://social.technet.microsoft.com/Forums/en-US/cf4f63f9-355f-475b-8148-608633adfe86/is-reverse-proxy-necessary-for-lync-hybrid-deployment?forum=lyncdeploy) but the functionality asked
  are different.
  Many thanks for your help.
  Thomas

  You'll need a reverse proxy on premises to publish the external web services FQDN of your on-premises front end pool.  Meet will use this behind the scenes regardless of where it's pointing.  If you're hybrid, the DNS URLs should typically point
  to your on-premises deployment however anyway:
  https://technet.microsoft.com/en-us/library/jj205403%28v=ocs.15%29.aspx?f=255&MSPPError=-2147217396
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Configuring Lync Server 2013 to be a partner Application for Exchange 2013

  Hello Guys,
  I just want to share my experience while configuring Lync server 2013 to be a partner Application for exchange 2013 sever. 
  As mentioned on technet you need to run Configure-EnterprisePartnerApplication.ps1 script that ships with Exchange 2013. 
  But when I tried to run the script as described on the technet article, I found it always fails with " the accepted domain is not valid"
  I have checked my accepted domains many times and i found that there's no issues with my configured accepted domain. 
  So I started to review the script to find the issue and I found that the script was configured  as below 
  $acceptedDomains = Get-AcceptedDomain ;
    if ($acceptedDomains -eq $null)
      WriteError ("There is no accepted domain so user can not be created.")
    $acceptedDomain = $acceptedDomains[0].Name;
    if($UseDomainController -eq $true)
      $user = New-MailUser -Name $username -DomainController $DomainController -ExternalEmailAddress $username@$acceptedDomain;
  set-mailuser -Identity $user.Identity -HiddenFromAddressListsEnabled $true -DomainController $DomainController
    else
      $user = New-MailUser -Name $username -ExternalEmailAddress $username@$acceptedDomain;
  set-mailuser -Identity $user.Identity -HiddenFromAddressListsEnabled $true; 
  which is totally wrong as below: 
  firstly it makes $AcceptedDomain variable to equal the Name of the accepted domain. 
  Not all customers configure the name of the Accepted Domain to be the Domain Name.
  Secondly  it makes $AcceptedDomain variable to equal the name of the first Accepted Domain.
  The first domain may be not the default Accepted Domain. 
  So I have configured the script as below
  $acceptedDomains = Get-AcceptedDomain | ? {$_.Default -eq "True"}  ;
    if ($acceptedDomains -eq $null)
      WriteError ("There is no accepted domain so user can not be created.")
    $acceptedDomain = $acceptedDomains.DomainName;
    if($UseDomainController -eq $true)
      $user = New-MailUser -Name $username -DomainController $DomainController -ExternalEmailAddress $username@$acceptedDomain;
  set-mailuser -Identity $user.Identity -HiddenFromAddressListsEnabled $true -DomainController $DomainController
    else
      $user = New-MailUser -Name $username -ExternalEmailAddress $username@$acceptedDomain;
  set-mailuser -Identity $user.Identity -HiddenFromAddressListsEnabled $true; 
  I hope This help. 
  Thanks 
  Ahmed Fouad

  Hi,
  This is helpful, thanks for sharing.
  Best regards,
  Belinda Ma
  TechNet Community Support

• Is smb 3.0 already supported for exchange 2013

  Hello,
  We are looking to deploy exchange 2013. We have a netapp storage and vmware environment.
  I was wondering if smb 3.0 is already supported for exchange 2013. I read in a blog of 2012 that it wasn't supported at the time. We would like to use it instead of a iscsi lun.

  Hi,
  Based on my knowledge, it is still not supported for Exchange 2013 up to now.
  Here is an article for your reference, please refer to the "Exchange storage requirements" section.
  Exchange 2013 Virtualization
  http://technet.microsoft.com/en-us/library/jj619301.aspx#BKMK_Prereq
  Another related article for your reference.
  Exchange 2013 Storage Configuration Options
  http://technet.microsoft.com/en-us/library/ee832792(v=exchg.150).aspx
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• It is there an alternative to the Test-SystemHealth powershell cmdlet for Exchange 2013?

  Hello
  The Powershell cmdlet Test-SystemHealth, that was available on Exchange 2010, is no longer available on Exchange 2013.
  Test-SystemHealth cmdlet gathered data about the Microsoft Exchange system and analyzed the data according to best practices.
  Are there any alternatives to this for Exchange 2013?
  Thanks!

  Haven't really played with it too much, but check out Get-ServerHealth
  http://technet.microsoft.com/en-us/library/jj218703(v=exchg.150).aspx
  Looks to have replaced Test-SystemHealth.

• SP1 for Exchange 2013 install fails with ECP virtual directory issues and now transport service won't start and mail is unavailable

  SP1 for Exchange 2013 install failed on me with ECP virtual directory issues:
  Error:
  The following error was generated when "$error.Clear();
            $BEVdirIdentity = $RoleNetBIOSName + "\ecp (name)";
            $be = get-EcpVirtualDirectory -ShowMailboxVirtualDirectories -Identity $BEVdirIdentity -DomainController $RoleDomainController -ErrorAction SilentlyContinue;
            if ($be -eq $null)
            new-EcpVirtualDirectory -Role Mailbox -WebSiteName "name" -DomainController $RoleDomainController;
            set-EcpVirtualdirectory -Identity $BEVdirIdentity -FormsAuthentication:$false -WindowsAuthentication:$true;
            set-EcpVirtualdirectory -Identity $BEVdirIdentity -InternalUrl $null -ExternalUrl $null;
            . "$RoleInstallPath\Scripts\Update-AppPoolManagedFrameworkVersion.ps1" -AppPoolName:"MSExchangeECPAppPool" -Version:"v4.0";
          " was run: "The virtual directory 'ecp' already exists under 'server/name'.
  Parameter name: VirtualDirectoryName".
  Error:
  The following error was generated when "$error.Clear();
            $BEVdirIdentity = $RoleNetBIOSName + "\ECP (name)";
            $be = get-EcpVirtualDirectory -ShowMailboxVirtualDirectories -Identity $BEVdirIdentity -DomainController $RoleDomainController -ErrorAction SilentlyContinue;
            if ($be -eq $null)
            new-EcpVirtualDirectory -Role Mailbox -WebSiteName "name" -DomainController $RoleDomainController;
            set-EcpVirtualdirectory -Identity $BEVdirIdentity -FormsAuthentication:$false -WindowsAuthentication:$true;
            set-EcpVirtualdirectory -Identity $BEVdirIdentity -InternalUrl $null -ExternalUrl $null;
            . "$RoleInstallPath\Scripts\Update-AppPoolManagedFrameworkVersion.ps1" -AppPoolName:"MSExchangeECPAppPool" -Version:"v4.0";
          " was run: "The operation couldn't be performed because object 'server\ECP (name)' couldn't be found on 'DC0xx.domain.com'.".
  Error:
  The following error was generated when "$error.Clear();
            $BEVdirIdentity = $RoleNetBIOSName + "\ECP (name)";
            $be = get-EcpVirtualDirectory -ShowMailboxVirtualDirectories -Identity $BEVdirIdentity -DomainController $RoleDomainController -ErrorAction SilentlyContinue;
            if ($be -eq $null)
            new-EcpVirtualDirectory -Role Mailbox -WebSiteName "name" -DomainController $RoleDomainController;
            set-EcpVirtualdirectory -Identity $BEVdirIdentity -FormsAuthentication:$false -WindowsAuthentication:$true;
            set-EcpVirtualdirectory -Identity $BEVdirIdentity -InternalUrl $null -ExternalUrl $null;
            . "$RoleInstallPath\Scripts\Update-AppPoolManagedFrameworkVersion.ps1" -AppPoolName:"MSExchangeECPAppPool" -Version:"v4.0";
          " was run: "The operation couldn't be performed because object 'server\ECP (name)' couldn't be found on 'DC0xx.domain.com'.".
  !! And now transport service won't start and mail is unavailable !!
  Any help would be appreciated.
  I have removed the ecp site from default site and attempting to rerun SP1 now. I do not have high hopes. :(

  Hi,
  Thanks for your response.
  From the error description, you need to manually remove the ECP with IIS manager in both the Default Web Site and the Exchange Back End firstly. And then continue the upgrade to check the result.
  Hope this can be helpful to you.
  Best regards,
  Amy Wang
  TechNet Community Support

• Best Practice Analyzer for Exchange 2013

  Greetings,
  I have upgraded the messaging infrastructure from Exchange 2007 to Exchange 2013.
  I want to test the Health of the system through ExBPA for Exchange 2013.
  But i don't find any setup for Exchange 2013 like it was in 2010.
  I went through an article by Office365 community, according to which for In-premises Exchange also we need to have office 365 account (can use trial account also) to get the downloader file for ExBPA 2013.
  http://community.office365.com/en-us/w/deploy/office-365-best-practices-analyzer-for-exchange-server-2013.aspx
  But to run the setup the servers needs to be connected to internet.
  And, i don't want to expose my environment to internet in any condition.
  Somebody, please suggest me if there is any setup available so that i can install directly without exposing to internet.
  Thanks in advance.
  Best Regards,
  K2

  Welcome to Exchange 2013.
  Exchange Server 2013 doesn't come with ExBPA for health check. This might help
  http://exchangeserverpro.com/powershell-script-health-check-report-exchange-2010/
  Apart from that you can run these commands too
  Get-ServerHealth -Identity Exchange2013ServerName
  Test-ServiceHealth
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• EXMON "exchange server user monitor" for Exchange 2013?

  Hello,
  it Looks like EXMON is not supported for Exchange 2013. Is this correct or can i use it with Server 2012 R2 and Exchange 2013 (CU6++)  ?
  Is there any alternative to check high log growth rate to see which user is responsable for this?
  Thanks for Feedback.
  best,
  Martin

  Hi Martin,
  Yes, ExMon is not supported for exchange 2013.
  Except the suggestion above, here is an exclusive application for you reference, it could retrieve statistics for all or selected mailboxes in a specified database and server, it may give you some help:
  Exchange Server Mailbox Statistics Tool - v1.6.2
  The tool retrieves mailbox statistics which includes Folder Count, Total Items, Associated Items, Deleted Items, Total Items Size, Deleted Items Size, Oldest Item Date, Newest Item Date, Items Age, Mailbox Age and Quota details. It also includes an additional
  option named "Archive Statistics Planner" which will let you search mailboxes and provide statistics report with specific dates. 
  Best regards,
  Niko Cheng
  TechNet Community Support

• BPA for Exchange 2013 still in beta!?

  Exchange 2013 is over 2 years old.
  Is Microsoft ever going to release a BPA for their flagship messaging platform that's NOT in beta? 

  Hi,
  At present, there is only a beta of Best Practices Analyzer for Exchange 2013 available. If you want to get the latest information about it, please pay attention to the Exchange blog.
  For your convenience:
  http://blogs.technet.com/b/exchange/
  Hope this can be helpful to you.
  Best regards,
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Amy Wang
  TechNet Community Support

• PowerGUI Powerpack for Exchange 2013

  Is there a powerpack that can be added to the powerGUI script editor for scripting in exchange 2013?

  Hi,
  Based on my search, currently, there is no official document about
  PowerGUI Powerpack for Exchange 2013.
  However, we can connect to Exchange server using remote shell.
  For more details about this, please refer to the following article.
  https://technet.microsoft.com/en-us/library/dd335083(v=exchg.150).aspx
  Hope this is helpful to you.
  Best regards,
  Belinda Ma
  TechNet Community Support

• Transport agent for Exchange 2013

  Hello!
  I write transport agent for Exchange 2013 and I have two questions:
  1. How I can determine is AD OU of recipient different from OU of sender?
  2. How I can change routing of message from internal to external for such recipient.
  Thanks in advance

  1. You can't get that information from within a Transport Agent directly so you need to either use LDAP to lookup the sender (which from a performance point of view isn't a wonderful idea) or some form of cache etc.
  2. You can use a routing override to do this see
  http://blogs.technet.com/b/appssrv/archive/2009/08/26/how-to-control-routing-from-your-own-routing-agent.aspx for an example
  Cheers
  Glen

• Security Update for exchange 2013 SP1 (KB3040856) failed mid-way / power problem mailbox server disconnected

  While applying todays security update for exchange 2013 (KB3040856) there was a power issue (sad story) and the update was interrupted halfway through.  A bunch of service were left deactivated and I beleive I brought them back.
  At this point the exchange admin center brings me to the login and when I do login, I get an enable to display page msg after the login.
  I have an ActiveSync error log  "cannot access the mailbox because the mail box server is disconnected"  translated from french.
  I also have ASP.NET 4.0 error "MapiExceptionMdbOffline"
  What could be the next step in fixing this if it is at all possible ?  I am not an expert in cmdlet but can manage if pointed in the right direction.
  Any help would be greatly appreciated.
  Thank you.

  I ran update KB3040856, and it disabled all Exchange services, and a few others besides (IIS and filtering). I ran the test-servicehealth cmdlet and eventually got all the services set to automatic and all running.
  This is really a stupid thing for an update to do, what is going on? Exchange 2013 is trouble enough already, we really do not need this sort of agro.

• Enable legacy public folders for Exchange 2013 prior to migration?

  We're about ready to migrate to Exchange 2013 from 2010. We have a public folder database on 2010 that users can't see once migrated to 2013. If I run through the commands according to the technet article "Configure legacy public folders where user
  mailboxes are on Exchange 2013 servers" (https://technet.microsoft.com/en-us/library/dn690134(v=exchg.150).aspx), will users who's mailboxes are still on Exchange 2010 be able to see these public folders?

  I know they've made alot of changes recently in how legacy public folders are handled in Exchange 2013 (mostly CU7), but I haven't had to do anything more than just setting the proper public folder database on the Exchange 2013 databases.
  That being said, looking over the article you are not doing any moves, and it looks eerily similar to this blog post:
  http://blogs.technet.com/b/exchange/archive/2014/11/07/on-premises-legacy-public-folder-coexistence-for-exchange-2013-cumulative-update-7-and-beyond.aspx
  So I don't think this would hurt Public Folder access for your users in your legacy environment.
  Did you deploy CU7?  If so, then do what both articles say.  If not try using Set-MailboxDatabase -Identity <2013 db name> -PublicFolderDatabase <PF DB NAME>
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread