TMG with 2010/2013 Coexistence gives dual prompts (TMG and OWA prompt)
2 X 2010 CAS', Load balanced pool
4X 2013 Mutilrole (will take the place of the 2010's in the load balanced pool)
Currently we use TMG to publish owa externally. From TMG, the traffic goes to a load balancer, and to the 2010 CAS's from there. TMG is doing pre authentication.
However, if I take the 2010 CAS' out of the load balanced pool and enable the 2013 in the load balanced pool, users start getting dual prompts - one at the TMG, and then the 2013 OWA login (no mailboxes on 2013 yet, so have only tested with mailbox still
on 2010).
I have been through both of the following articles - however, basic auth. is not an option on the exchange side, as then internal users get prompted for windows credentials. Has anyone in coexistence been able to get this working without basic auth
(currently use Basic, Windows Auth, and NTLM)?
http://blogs.technet.com/b/exchange/archive/2012/11/21/publishing-exchange-server-2013-using-tmg.aspx
http://www.isaserver.org/articles-tutorials/configuration-general/publishing-exchange-2013-outlook-web-app-forefront-threat-management-gateway-tmg-2010.html
TAG
Hi,
As document mentioned, Forefront TMG cannot perform authentication delegation therefore we need change FBA to basic authentication in Exchange 2013.
However if you don’t want use basic authentication, we can try to disable pre-authentication on the TMG server by new web listener and select the "Do not require SSL secured connections with clients.".
Also, I find an similar thread about your question. For your reference:
https://social.technet.microsoft.com/Forums/office/en-US/a4ef2a73-bfee-4fb2-b3c2-c166c11cada7/tmg-owa-double-login-prompts?forum=Forefrontedgegeneral
Thanks
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Allen Wang
TechNet Community Support
Similar Messages
-
Outlook client requirements and Exchange 2010/2013 coexistence
Good morning!
A question regarding Exchange 2010/2013 coexistence and the Outlook client requirement. I am upgrading and about to install Exhange 2013 into an existing Exchange 2010 Org. The current 2010 Org is patched to SP-3 and Outlook Anywhere is currently disabled.
I have Outlook clients that do not yet meet the minimun requirements for 2013 (Outlook 2007/2010). When I install my first 2013 server will it effect the current downlevel clients? The mailboxes are still in 2010 so my thoughts were since the Office upgrade
including Outlook has not yet taken place I didn't want to wait for them to at least get 2013 into the Org. The 2013 server should effect the clients until I configure the CAS on 2013 and only when they are at the proper version, is this correct? Does Outlook
Anywhere need to be first enabled and configured on the 2010 CAS before I attempt the confgiuration on the 2013 CAS? I just dont want to install 2013 and have Outlook connectivity issues right out of the gate...
Thanks in advance!Outlook 2007 and 2010 are supported for Exchange 2013, you just need to push out the latest patches.
http://technet.microsoft.com/en-us/library/aa996719(v=exchg.150).aspx
If you configure the URLs properly in Exchange 2013 to URLs that point to the Exchange 2010 servers, your clients shouldn't try to talk to the Exchange 2013 server.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." -
Exchange 2010/2013 coexistence published in TMG 2010
Environment:
Two Windows 2008 R2, Exchange 2010 SP3 servers, currently holding all mailboxes
Two Windows 2012 R2, Exchange 2013 SP1 servers, setup in progress
Two Windows 2008 R2, TMG 2010, V7.0.9193.540 publishing both Exchange 2010 servers.
Scenario:
I need to continue having Exchange 2010 setup in TMG as is as the mailbox migration to 2013 will take weeks if not months and I have a project requirement to have Exchange Database Availability Group (DAG) functionality for all mailboxes throughout the project,
so 4 servers are an absolute must. So I need to add Exchange 2013 in TMG and not just replace the 2010 setup with the 2013 setup and I cannot run one 2010 and one 2013 server.
Questions:
1. I currently only have 2 public IP addresses available to SMTP, mapped to the external interfaces of TMG, to allow my environment to be able receive emails on 4 Exchange servers (two 2010 and two 2013) I need to have 4 public IP addresses, is that correct?
2. Does anyone have a good general guide/blog for doing this (setting up Exchange 2013 in TMG in a coexistance scenario)?
This is nice, but doesn't really approach it from a coexistance scenario:
http://blogs.technet.com/b/exchange/archive/2012/11/21/publishing-exchange-server-2013-using-tmg.aspx
Thanks!Hi Trana,
In TMG you can use single IP address to publish multiple Web address and below are the options which you can explore.
Hope your OWA ECP etc are Https
You need a SSL certificate which has all the URL SAN entry of both old and new Exchange server.
Create a listener and select the IP address (Say public IP address 195.219.x.x)
Link the SSL certificate
Public DNS entry
A record , Single IP
195.219.x.x
Point to
Owa1.exchange1.com - Old Server
195.219.x.x
Point to
ECP1.exchange1.com - Old Server
195.219.x.x
Point to
ECP2.exchange2.com - New Server
195.219.x.x
Point to
Owa2.exchange2.com - New Server
Create a Web publishing rule as below
Old server Exchange 1
Owa1.exchange1.com
ECP1.exchange1.com
One Web publishing Rule with all the URL added on it and link the Rule with the listener we created
Point the Web publishing to Exchange1.com server which is old
New server Exchange 2
Web publishing Rule with all the URL added on it and link the Rule with the listener we created
Point the Web publishing to Exchange2.com server which is New
ECP2.exchange2.com
Owa2.exchange2.com -
Exchange Server 2013 OAB Web Distribution Configuration in Exchange 2010 & 2013 Coexistence.
Hi,
We have OAB Issue for Exchange 2010 Users in our Organization.
We have Exchange 2010 and Exchange 2013 Coexistence.While Checking in Exchange Server 2010 Server OAB properties in Org Configuration--> Mailbox-->OAB Properties -->Distribution we are not seeing any CAS servers and Its Grayed Out.
Please let us know How to add Exchange 2010 CAS in Exchange 2013 Web distribution.They made alot changes with the OAB in Exchange 2013, and it doesn't really function in the same manner as it did in 2010. It might be best to take a look at the following blog posts from the Exchange Team, they should give you a better understanding
on how it works and how to manage it going forward.
http://blogs.technet.com/b/exchange/archive/2012/10/26/oab-in-exchange-server-2013.aspx
http://blogs.technet.com/b/exchange/archive/2013/01/14/managing-oab-in-exchange-server-2013.aspx
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread -
Exchange 2010 - 2013 Coexistence Issues
I am migrating from Exchange 2010 to Exchange 2013, the Exchange 2013 is built in a different Geo-location site with its dedicated domain controllers in the new site. I have confirmed the mail flow between Exchange 2010 and 2013 mailboxes. I am able to discover
Exchange 2010 servers from 2013 environment via Get-ExchangeServer shell command. However, I am not to discover Exchange 2013 servers from 2010 environment.
I need to configure Outlook Anywhere and Service Connection Point (Autodiscover) on Exchange 2010 to accept connections from Exchange 2013 servers.
Any suggestions would be much appreciated, thanks!Hi ,
Please have a look in to the below mentioned blog after reading that blog i came to know few things .
I am not sure ,i thought exchange 2013 servers will not be displayed in exchange 2010 management shell.
Better and advisable method is to configure your exchange 2010 and 2013 servers via EAC or Shell in exchange 2013.
http://exchangeserverpro.com/exchange-server-2010-2013-migration-managing-co-existence-environment/
Taken from the above blog :
You can’t use the Exchange 2010 EMC to manage Exchange 2013 objects and servers. While customers upgrade to Exchange 2013, we encourage them to use the EAC to:
Manage Exchange 2013 mailboxes, servers, and corresponding services.
View and update Exchange 2010 mailboxes and properties.
View and update Exchange 2007 mailboxes and properties.
We encourage customers to use Exchange 2010 EMC to create Exchange 2010 mailboxes.
We encourage customers to use Exchange 2007 EMC to create Exchange 2007 mailboxes.
Customers can continue to perform management tasks using the Exchange Management Shell and script tasks.
Regards
S.Nithyanandham
Thanks S.Nithyanandham -
Dear All,
I have an issue with deleting circulated spam emails in my environment through search-mailbox
We have Exchange 2010 & 2013 CU5 environment
I followed the search and destroy document for exchange 2010
http://windowsitpro.com/exchange-server-2010/search-destroy-email-content-exchange-2010
Added the user to Discovery Management group
Created a new role group as below
New-RoleGroup "Mailbox Import-Export Management" -Roles "Mailbox Import Export"
Add-RoleGroupMember "Mailbox Import-Export Management" -Member Administrator
I ran the below commands
Search-Mailbox -Identity "[email protected]" -SearchQuery "Subject:'report'" -TargetMailbox "Administrator" -TargetFolder "Filter" -LogOnly -LogLevel Full
The above command gets completed successfully and sends the log report however im unable to see any attachments
Similarly the deletecontent also gets completed successfully and logs result. But it does not delete the infected emails
Search-Mailbox -Identity "[email protected]" -SearchQuery "Subject:'report'" -TargetMailbox "administrator" -TargetFolder "filter" -deletecontent -LogLevel Full
Any idea why it is not fetching the infected emails in zip file and why it is not deleting but it is able to log in the target folder
Any help much appreciated
Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish (MVP)Hi All
I managed to find the solution. Below command helped me in solving the issue
get-mailbox -ResultSize unlimited -IgnoreDefaultScope | search-mailbox -SearchQuery ‘Subject:"virus infected"’ -LogOnly -TargetMailbox administrator -TargetFolder filter -LogLevel Full
get-mailbox -ResultSize unlimited -IgnoreDefaultScope | search-mailbox -SearchQuery ‘Subject:"virus infected"’ -TargetMailbox administrator -TargetFolder filter -deletecontent -LogLevel Full
Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish
(MVP) -
Hi
Exchange 2010 users are NOT able to connect to their mailboxes when they go through exchange 2013 OWA address. We get a message that says following ---> "Something went wrong"
Following is our URL. The address is pointing to 2013 CAS loadbalancer VIP. Outlook anywhere is working fine. What is going on?
Important: All my exchange 2010 / 2013 URIs are the same as suggested by Microsoft (Owa, ecp, activesync, ews, autodiscover): --> mail.domain.com/XXXHello Rawa,
Can you log on Exchange 2010 OWA using its localhost address?
Please make sure the intenralurl value is set to Exchange 2010’s local host name and set the Externalurl to Null.
http://technet.microsoft.com/en-us/library/bb310763(v=exchg.141).aspx
Thanks,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Simon Wu
TechNet Community Support -
Hi All,
We are planning to maintain the contents in SQL / Oracle. Could you please suggest anyone which is best for SharePoint 2010 / 2013 Search. How to configure the search for external content source?
Thanks & Regards,
PrakashThis link explains supported and non supported scenarios to use Oracle for BCS
http://social.technet.microsoft.com/Forums/sharepoint/en-US/453a3a05-bc50-45d0-8be8-cbb4e7fe7027/oracle-db-as-external-content-type-in-sharepoint-2013
And here is more on it
http://msdn.microsoft.com/en-us/library/ff464424%28office.14%29.aspx
And here how you can connect Oracle to SharePoint for BCS functionality
http://lightningtools.com/bcs/business-connectivity-services-in-sharepoint-2013-and-oracle-using-meta-man/
Overall it seems SQL doenn't require any special arrangement to connect BCS to SharePoint.
Regards,
Pratik Vyas | SharePoint Consultant |
http://sharepointpratik.blogspot.com
Posting is provided AS IS with no warranties, and confers no rights
Please remember to click Mark As Answer if a post solves your problem or
Vote As Helpful if it was useful. -
Missed Call Notification in Exchange 2010/2013 coexistence mode
Dear all,
Context:
Lync 2013 Enterprise Voice, Exchange 2010 and Exchange 2013 in coexistence mode
Waiting complete migration, some users are always on exchange 2010
UM role is installed on both exchange server
The exchange servers UM are attached to only one UM Dial Plan
Scenario :
A call to a lync user. The caller hang-up before user announcement
Problem: Missed call notification doesn't work for user on Exchange 2010 (it's work fine for user on Exchange 2013)
Voice Messaging works fine
Troubleshooting / SIP Traces:
SIP Info is always send to Exchange 2013 even if user is on exchange 2010
SIP Info sent from Lync FE to Exchange 2013 UM :
TL_INFO(TF_PROTOCOL) [0]6330.3AE8::02/12/2015-12:25:23.575.015c018e (S4,SipMessage.DataLoggingHelper:sipmessage.cs(774))[1718622663]
>>>>>>>>>>>>Outgoing SipMessage c=[<SipTlsConnection_13ECA29>], 192.168.5.110:49786->192.168.5.203:5061
INFO sip:outlook.mydomain.com:5061;ms-fe=exchange2013-UM.mydomain.localdomain;transport=Tls SIP/2.0
FROM: <sip:A410AA79-D874-4e56-9B46-709BDD0EB850>;epid=8C75BE2D95;tag=35c2d8a65a
TO: <sip:exchange2013-UM.mydomain.localdomain;opaque=app:rtcevent;transport=tls>;epid=C4C2F4F6BA;tag=ac126413f
CSEQ: 43 INFO
CALL-ID: 535a07e2-8e82-4d13-8e03-bf43ad97602d
MAX-FORWARDS: 70
VIA: SIP/2.0/TLS 192.168.5.110:49786;branch=z9hG4bKd66442be
CONTACT: <sip:LyncFE-2013.mydomain.localdomain;transport=Tls>
CONTENT-LENGTH: 454
USER-AGENT: RTCC/5.0.0.0 Inbound Routing (Microsoft Lync Server 2013 5.0.8308.726)
CONTENT-TYPE: application/ms-rtc-usernotification+xml
- <UserNotification>
<User>sip:[email protected]</User>
<EumProxyAddress>EUM:[email protected];phone-context=UMDialPlan.mydomain.localdomain</EumProxyAddress>
<Time>2015-02-12 12:25:23Z</Time>
<Template>RtcDefault</Template>
+ <Event type="missed">
</UserNotification>
------------EndOfOutgoing SipMessage
Answer from Exchange 2013 UM
TL_INFO(TF_PROTOCOL) [1]6330.2DF4::02/12/2015-12:25:23.642.015c2481 (S4,SipMessage.DataLoggingHelper:sipmessage.cs(774))[1718622663]
<<<<<<<<<<<<Incoming SipMessage c=[<SipTlsConnection_13ECA29>], 192.168.5.110:49786<-192.168.5.203:5061
SIP/2.0 200 OK
FROM: <sip:A410AA79-D874-4e56-9B46-709BDD0EB850>;tag=35c2d8a65a;epid=8C75BE2D95
TO: <sip:exchange2013-UM.mydomain.localdomain;opaque=app:rtcevent;transport=tls>;tag=ac126413f;epid=C4C2F4F6BA
CSEQ: 43 INFO
CALL-ID: 535a07e2-8e82-4d13-8e03-bf43ad97602d
VIA: SIP/2.0/TLS 192.168.5.110:49786;branch=z9hG4bKd66442be
CONTENT-LENGTH: 0
SUPPORTED: ms-dialog-route-set-update
SERVER: RTCC/5.0.0.0 MSExchangeUM/15.00.0995.028
ms-diagnostics-public: 15642;reason="Lync SIP INFO notifications are not supported for legacy users. User: EUM:[email protected];phone-context=UMDialPlan.mydomain.localdomain"
------------EndOfIncoming SipMessage
Gerald CheminantHi,
This behavior is by design. Exchange 2010 server is not going to accept any SIP messages from Exchange 2013 server because it is not listed as UM IP Gateway. Therefore, even if Exchange 2013 redirected the SIP INFO packet to Exchange 2010, it will fail.
During migration\coexistance scenario, this feature (Missed call notifications from Lync server) will not work for legacy users whose mailbox is still in Exchange 2010.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Exchange 2010 & 2013 coexistence mail flow between servers
Hi Everyone,
I have an exchange 2010 server which I am trying to move away from. I have installed 2013 and it seems to be working well. I have successfully moved a mailbox over to 2013 without any issues.
The problem i have at the moment is that a user who has their mailbox on the 2010 server can send to the user on the 2013 server. However the 2013 user cannot reply.
Any ideas?Yes, some issues with client connectivity are related to Outlook.
Exchange Blog:
www.ntweekly.com
MCSA, MCSE, MCITP:SA, MCITP:EA, MCITP:Enterprise Messaging Administrator 2010,MCTS:Virtualization -
Hi, good day
Im going to have a little presentation before I finished my OJT and the topic that was given to is cloud computing. One of the task I need to do is to set up an application where in it can run and access real time on the "cloud". Now my prob is
I already have windows azure account, made my database, BUT don't know how to connect it to my Visual Studio 2010/2013 (which is more preferable?), and if I ever connect it when my Windows Form is made can it run on the cloud also, how? Please help. Thank
you so much.
PS: I will be discussing this with people who doesn't know much about computing can you send me tips what to discuss? Double Thank You. :)Thank you for the help.. Another thing can I run my Windows Form App also on the cloud? Like if I present is it possible that the application that I will be doing can be uploaded and accessed on the cloud by the audience and can be used by many at the
same time? Can you tell me how? Or give me a source how to do it? I downloaded the azure tools but I don't how to use it. I checked and tried activating and fixing my IIS and enabling support for ASP but still nothing, when I try to do cloudservice it says
"get azure tools" even though I already have it installed in my laptop, and when I try to right click and upload the project to azure I don't see the usual option 'Upload to Microsoft Azure'. My app is a simple phonebook app with add, edit, delete and search
function. Thanks again.. -
Reconcilin​g 9720 with Outlook 2013
Hi,
Anyone got any help they can offer with reconciling my blackberry with Outlook 2013. Upgraded Outlook from 2003 and now it wont reconcile??? Any help greatly appreciated as it is becoming increasingly annoying, so much so, I am thinking of getting rid of my Blackberry!!!Hi and Welcome to the Community!
At present, there is nothing you can do...refer:
http://us.blackberry.com/software/desktop/desktop-pc/system-requirements.html
Article ID: KB12268 Synchronization support for BlackBerry Desktop Software for Windows
Quite simply, you have updated Outlook beyond what is presently supported by the Desktop Software.
Good luck!
Occam's Razor nearly always applies when troubleshooting technology issues!
If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
Join our BBM Channels
BSCF General Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code -
OWA problem Exchange 2013 coexistence with 2010
Hi all,
I am in the midst of a migration from a single Exchange 2010 server to a two-server Exchange 2013 environment (both servers are CAS and MBX with DAG). Everything seems to work fine. I can access OWA on 2013 for mailboxes already moved to 2013, I use ActiveSync
successfully but I cannot for the life of me figure out how to enable OWA 2010 proxying through 2013. I have checked many websites, forums etc. for it, I changed Authentication Methods back and forth and did everything I can think of but still... when trying
to access OWA with a mailbox that is still on 2010 it fails with the following error:
something went wrong
A problem occurred while you were trying to use your mailbox.
X-OWA-Error: Microsoft.Exchange.Data.Storage.NotSupportedWithServerVersionException
X-OWA-Version: 15.0.913.21
X-FEServer: <name of 2013 server>
X-BEServer: <name of 2013 server>
Maybe I should add that the new 2013 servers are installed in a completely different AD site which is connected through VPN to the 2010 site. In the new site I also have a loadbalancer in front of the 2013 servers.
Actually I am still not sure if I need a different address in Exchange 2013 for OA, OWA and so on then in Exchange 2010. If I understood correctly there is no need for a legacy namespace anymore so I used the same URL for OA, OWA ... in both environments.
This seems to be in conflict with the requirement that the OA URL in Exchange 2010 should point to the 2013 URL?!?
Any help is greatly appreciated!
Best regards
DanielHi,
How do you configure your Exchange virtual directories in Exchange 2010 and Exchange 2013? Please run the following command to provide detailed information about it:
Get-OwaVirtualDirectory | Select Identity,name,Internalurl,ExternalUrl,*auth*
According to your description, I noticed that it is set the same URL for OWA using. If the ExternalUrl
for OWA 2010 is configured in your coexistence environment, please remove it. Then when external Users access OWA 2010, they can use OWA 2013 URL and be automatically proxy to Exchange 2010 and access their mailboxes.
Regards,
Winnie Liang
TechNet Community Support -
External emails not received after shutdown of Exchange 2010 in coexistence with Exchange 2013
I have exchange 2013 and exchange 2010 in coexistence mode. All mailboxes have been moved to Exchange 2013 and firewall/spamfilters already pointed to Exchange 2013 CAS server. I can receive/send from and to external addresses, however when I shutted down
the Exchange 2010 all incoming external mails were not received. What could be the cause?Start by re-checking how the device that takes the traffic from the external MX IP to internal is configured.
Sniff the traffic to ensure that it is hitting 2013 directly.
Cheers,
Rhoderick
Microsoft Senior Exchange PFE
Blog:
http://blogs.technet.com/rmilne
Twitter: LinkedIn:
Facebook:
XING:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
I need a mixed clustering environment that coexist 2007 CCR cluter with 2010 DAG or 2013 DAG.
Is there any step-by-step article I can refer to?Hi,
Do you want to know how to migrate CCR to DAG?
If you want to migrate from CCR to DAG, there are two available ways to achieve this.
One is to bring the new hardware, the other is to break and format the existing Exchange 2007 CCR Cluster to use the hardware.
Bring the new hardware, you need to install new server and configure Exchange 2010 DAG, then move mailbox from Exchange 2007 to Exchange 2010.
Breaking the existing Exchange 2007 CCR Cluster, you need to decommission your passive Exchange Server 2007 SP2 Node first, re-install Exchange 2010 server role on this server, and then configure Exchange 2010 DAG using this server. After that, you
can migrate mailboxes from Exchange 2007 to Exchange 2010, remove the last Exchange 2007 server. Then add seond server to existing DAG.
Hope this is helpful to you.
Best regards,
Belinda Ma
TechNet Community Support
Maybe you are looking for
-
Images on iPhone don't make the jump to iCloud using Photostream
This has more than likely been raised before, but I need to know why some images just will not get pushed from my iPhone to iCloud via Photostream. The last couple of days I have been out & about and on each day I have taken approx 35 photos. When I
-
I know that we can resize the IFrame based on the height of the Content. Now the problem I have is that I am using a URL iView and want the height of the IFrame to be auto adjusted based on the content shown in the IFrame. To achieve this I need to c
-
Strange waveform update problem:Urgent!!
I got a very strange problem with my waveform chart display, it can only display 2 plots on one waveform chart. I need to display 4 plots on one waveform chart at the same time, please give me some good ideas how to do this. The waveform chart refere
-
Hi there, I'm attempting to put a checkbox inside of a hbox, which I then place in a vbox, which is then placed on a panel. Currently the checkbox is in the center of the hbox, I would like it aligned left ... how can I accomplish this? Thanks in adv
-
Muse 2014.2.1 svg place isn't correct
Hi, I've just updated to 2014.2.1 & opened my project to find all my sgv's have moved. I then tried to replace them but the svg's are now not placing correctly - they look like they need to be cropped & and if i try and round the edges they seem to m