Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows Server 2003Windows 2000Windows NTSmall Business ServerVirtual ServerExchange ServerIISHost Integration ServerISA ServerSMSWSUSMOMWindows Media ServerSecurityCertification
Related Topics
SQL ServerMS WindowsMS OfficePC HardwareMore Topics ...
Windows Server Forum / Exchange Server / Design / June 2005

Tip: Looking for answers? Try searching our database.

OWA Design Question

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Eric Hammett - 21 Jun 2005 05:18 GMT
We currently run two Exchange 2003 Standard servers in diffrent physical
locations (location A and B) connected by a point to point T1, and have a
routing group setup so that all messages go through the location A where our
only MX record is pointing (smtp1.domain.com). My question is we want to
setup OWA with forms based authentication using SSL so users can access
thier mail remotely.

However I want all users to use the same DNS record
(https://smtp1.domain.com/exchange) for OWA however lets say a user has a
mailbox on the Exchange server at location B will that user still be able to
logon to thier appropriate mailbox? Or is this where a FE/BE scenario needs
to be deployed?
Reply to this Message
Al Mulnick - 21 Jun 2005 15:39 GMT
If you don't deploy a FE, then you can't abstract the BE server where they
get their mail.  What ends up happening is that if you setup a record to
resolve your BE server from smpt1.domain.com, then a user would contact that
BE server, login, and be redirected to
https://servername/exchange/user/inbox (or similar).

Because your firewall rules likely wouldn't allow that, nor would name
resolution likely work (unless you publish your internal DNS FQDNs for you
internal Exchange server names) so the communications would break.

You can verify this by doing this on your internal network.  Connect to
http://yourexchange_FQDN/Exchange where yourexchange_FQDN is your server in
RG A.  Login with a user-object that has a mailbox in RG B.  Note what
happens (you'll get redirected and your Exchange server FQDN in the URL bar
will change to the FQDN of the server in RG B.)

Best bet is to deploy at least one FE server and ISA to publish it.  You
could (and likely should) put the FE server in the trusted network and put
ISA on the DMZ or otherwise on the internet with TCP 443 traffic permitted
from it to your FE server and back.

Does that help?

> We currently run two Exchange 2003 Standard servers in diffrent physical
> locations (location A and B) connected by a point to point T1, and have a
[quoted text clipped - 8 lines]
> to logon to thier appropriate mailbox? Or is this where a FE/BE scenario
> needs to be deployed?
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.