Exchange 2007 - CAS Overview & Autodiscover

Client Access Server Nitin Gupta [email_address]

Client Access Server
Exchange Autodiscover
Overview
Process
Question & Answers
Agenda

The topics / flow to be covered in this session is going to be very basic
Please feel free to interrupt in case something is not clear , every attempt would be made to answer your query immediately, else offline
Important

Exchange 2007 - Architecture
Overview / Understanding of
SMTP Protocol & Relay
DNS & associated records
PowerShell
Certificates / PKI
Good knowledge of Server Roles in MSX 2003
Prerequisites

Where CAS comes in…

Server roles allow an administrator to split the functions of an Exchange server and place each role, or a combination of roles, on different servers in the organization
This can be done for performance reasons, management reasons , or any other reason deemed necessary by the organization's policies
Various Server Roles
Edge Transport
Hub Transport
Client Access
Mailbox
Unified Messaging
Server Roles

Server Roles Perimeter Exchange 2007 Edge Server Intranet Exchange 2007 Server

Enterprise Network Other SMTP Servers PBX or VoIP I N T E R N E T Server Roles Hub Transport Routing Policy Applications: OWA, Outlook Anywhere Protocols: EAS, POP, IMAP, Outlook Anywhere Programmability: Web services, Web parts Client Access Edge Transport Routing Hygiene Mailbox Mailbox Public Folders Voice Messaging Unified Messaging Fax

CAS - Overview

Handles communications between clients and Microsoft Exchange.
Supports
Outlook 2007 and earlier versions,
Outlook Web Access,
Exchange ActiveSync
POP3 and IMAP4 protocols
Makes it possible to use Exchange 2007 features such as the offline address book, the Autodiscover service, and the Availability service
Must be installed in every Exchange 2007 organization
Enables users to use Unified Messaging features as Play on Phone
Overview

Outlook communicates directly with the Mailbox server,
Outlook still uses the Client Access server role to connect to Exchange mailboxes when using Outlook Anywhere (formerly known as RPC over HTTP) and for services such as
Autodiscover service
Availability service.
Overview - Note

Autodiscover
Uses a user's e-mail address and password to provide profile settings to Outlook 2007 clients and supported mobile devices
Enables Outlook 2007 clients to automatically connect to Microsoft Exchange and Exchange features, such as the Availability service or Unified Messaging, without having to manually configure their Outlook profile
POP3 & IMAP4
Supports POP3 and IMAP4 clients.
By default, POP3 and IMAP4 services are installed but are not enabled.
CAS – Features & Functionalities

Exchange ActiveSync
Helps synchronize data between mobile device and Exchange
Can synchronize e-mail, contacts, calendar information, and tasks
Devices that run Microsoft Windows Mobile® software, including Windows Mobile powered Pocket PC 2003 and Windows Mobile 5.0, are supported
Outlook Web Access
Helps access e-mail from a Web browser
Includes new features like smart meeting booking, enhanced reminders and notifications, integration with WSS and File share
Two versions of Outlook Web Access
Full-featured Outlook Web Access Premium client
Outlook Web Access Light client

Outlook Anywhere
The Outlook Anywhere feature for Microsoft Exchange Server 2007 lets Outlook 2007 and Outlook 2003 clients connect to their Microsoft Exchange servers over the Internet by using the RPC over HTTP Windows networking component.
Wraps remote procedure calls (RPC) with an HTTP layer, which allows the traffic to traverse network firewalls without requiring RPC ports to be opened
Availability Service
Improves free/busy data access for information workers by providing secure, consistent, and up-to-date free/busy data to computers that are running Outlook 2007

Autodiscover Service

Configures and maintains server settings for client with MOO 2007
Configures supported Mobile devices
Includes features like
Web-based Offline Address Book
Availability Service
Unified Messaging
No Autodiscover service - Earlier versions of Outlook
Exchange Autodiscover Service

Easier to configure Outlook 2007 as compared to manual work required in previous versions
Uses User’s Email Address or Domain Account
Information:
User’s display name
Connection settings for internal and external connectivity
Location of user’s Mailbox server
The URLs for features
Free/busy information,
Unified Messaging, and
Offline address book
Outlook Anywhere server settings
Outlook 2007 & Autodiscover

Virtual directory “Autodiscover” is created under Default Web site in IIS on installation of CAS role
This Virtual Directory handles requests from Outlook 2007 when:
A new Outlook profile is configured or updated
A client periodically checks MSX Web Services URLs
Underlying network connection changes
Service Connection Point (SCP) Active Directory object is created for each server where the CAS role is installed.
SCP object is used by clients to locate the Autodiscover service.
SCP record contains the serviceBindingInformation attribute that’s has FQDN of CAS
Ex: https://cas01.contoso.com/autodiscover/autodiscover.xml, where cas01.contoso.com is FQDN of CAS
Autodiscover Operation

The SCP object contains the authoritative list of Autodiscover service URLs for the forest
Most important attributes of an SCP are
Keywords : String value that identify a service
serviceDNSName : A or SRV record of
serviceDNSNameType : CAS server role
serviceBindingInformation : In-site and out-of-site lists of CAS
Client applications search the directory for keywords values to locate your SCP. When SCP is found, clients can read other attributes to retrieve service data.
SCP object is updated by using Set-ClientAccessServer cmdlet
SCP – Quick Overview

Require Exchange Administrator role to execute
Is used to set properties on specified CAS
To be for all Microsoft Exchange Server 2007 computers that have the Client Access server role
Set-ClientAccessServer Cmdlet Set-ClientAccessServer -Identity "CAS-01" -AutodiscoverServiceInternalURI "https://cas.mail.contoso.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope "Mail" Parameter Required Description Identity Required This parameter specifies an individual Client Access server. AutoDiscoverServiceInternalUri Optional This parameter specifies the internal URL of the Autodiscover service. AutoDiscoverSiteScope Optional This parameter specifies the site for which the Autodiscover service is authoritative. Clients that connect to the Autodiscover service by using the internal URL must belong to a site listed here. Confirm Optional This parameter causes the command to pause processing and requires that you acknowledge what the command will do before processing continues. The default value is $true. DomainController Optional This parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to the Active Directory directory service. Instance Optional This parameter specifies an instance of a Client Access server.

Domain-connected client connects and authenticates to Active Directory
Outlook 2007 sends a LDAP query to AD looking for all SCP objects.
Outlook sorts and enumerates the returned results based on the client's Active Directory site by using the keyword attribute of the SCP record.
2 Lists with SCP Records of in-site & out-of-site are returned
An array of Autodiscover URLs is generated by referencing the serviceBindingInformation attribute from in-site and out-of-site lists in sequence
Autodiscover – Domain Connected

Outlook tries to connect to each Autodiscover URL sequentially . If no URLs in in-site are unavailable, out-of-site URL are connected and sends an HTTP POST command to the Autodiscover service
The Autodiscover service queries AD to obtain the connection settings and URLs for the Exchange services.
The Autodiscover service returns an HTTP response with an XML file that includes the connection settings and URLs for the available Exchange services.
Outlook uses the appropriate configuration information and connection settings to connect to Exchange messaging environment.
How Autodiscover Works…. contd

How Autodiscover Works….

Non domain-connected client first tries to locate the Autodiscover service by looking up the SCP object in Active Directory
As client is unable to contact AD, it then locates the Autodiscover service by using Domain Name System (DNS)
Client will use domain part from user’s e-mail address and check DNS by using two predefined URLs.
Example:
If SMTP domain is contoso.com,
Outlook tries following URLs to connect to the Autodiscover service:
https://contoso.com/autodiscover/autodiscover.xml
https://autodiscover.contoso.com/autodiscover/autodiscover.xml
Non Domain Connected Client

Non Domain Connected Client

The XML file provides following information:
User’s display name
Connection settings for internal and external connectivity
Location of user’s Mailbox server
The URLs for features
Free/busy information,
Unified Messaging, and
Offline address book
Outlook Anywhere server settings
XML Contents…

For Distributed AD sites separated by low-bandwidth network connectivity.
Preferred AD sites for clients to connect Autodiscover service.
Process of specifying preferred AD sites - Configuring site scope .
Configure site affinity - Set-ClientAccessServer cmdlet.
Clients connect to the Autodiscover service instances as specified in Site Scopes.
Site Affinity @ Autodiscover

Topology
IN-CHN A EDS site located in Chennai (CHN-CAS)
IN-DEL A EDS site located in Delhi (DEL-CAS)
IN-BNG A EDS site located in Bangalore (BNG-CAS)
Configuration
Autodiscover service enabled on each site
Each site includes user mailboxes.
Users Autodiscover options
IN-DEL Users - Should use either IN-DEL or IN-CHN sites
IN-BNG Users - Should use either IN-BNG or IN-CHN sites
IN-BNG Users – No preference required
Site Affinity @ Example IN-CHN IN-DEL IN-BNG

Scope Configuration – IN-DEL
Set-ClientAccessServer -Identity “DEL-CAS" -AutodiscoverServiceInternalURI "https://internal.eds.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope “IN-DEL”,”IN-CHN ”
Scope Configuration – IN-BNG
Set-ClientAccessServer -Identity “BNG-CAS" -AutodiscoverServiceInternalURI "https://internal.eds.com/autodiscover/autodiscover.xml" -AutodiscoverServiceSiteScope “IN-BNG”,”IN-CHN”
Scope Configuration – IN-DEL
Set-ClientAccessServer -Identity “CHN-CAS" -AutodiscoverServiceInternalURI "https://internal.eds.com/autodiscover/autodiscover.xml"
Site Affinity @ Example IN-CHN IN-DEL IN-BNG

The connection settings that the Outlook client uses are translated into MAPI properties .
MAPI properties are stored in the user's profile located in the registry on their local computer.
The URLs for the available Exchange services are cached in the memory of the local computer.
There are two layers of Outlook 2007 that use the Autodiscover service:
The Outlook layer - begins operating when Outlook 2007 is opened to retrieve the user profile settings
The MAPI layer - begins operating when there are errors connecting to the Exchange server by using the MAPI protocol
Autodiscover @ Outlook 2007

Outlook 2007 automatically connects to the Autodiscover service under the following conditions:
Every time that the application starts
At intervals on a background thread
Any time that the client's connection to an Exchange server fail
User profile settings (by outlook layer) are refreshed every time that the Time to Live period is specified. Setting for TTL is 60 minutes or if an error occurs when Outlook tries to contact to server.
If Outlook does not connect to Autodiscover service, Outlook layer reconnects every 5 minutes because the URLs for the available Exchange services are cached in memory on the local computer.

MAPI layer connects to the Autodiscover when the user is using a low-bandwidth network connection or when the user tries to open their mailbox after a mailbox move.
The first failure detected by the MAPI layer results in an initial Autodiscover service request..
This initial Autodiscover service request is known as the free Autodiscover service request . If no other failures occur after the first failure, the MAPI layer will perform an Autodiscover service request every 6 hours to update the user's profile settings.
MAPI layer also connects to the Autodiscover service if the user creates a new Outlook profile.

How Autodiscover Works….

MAPI layer connects to the Autodiscover when the user is using a low-bandwidth network connection or when the user tries to open their mailbox after a mailbox move.
The first failure detected by the MAPI layer results in an initial Autodiscover service request..
This initial Autodiscover service request is known as the free Autodiscover service request . If no other failures occur after the first failure, the MAPI layer will perform an Autodiscover service request every 6 hours to update the user's profile settings.
MAPI layer also connects to the Autodiscover service if the user creates a new Outlook profile.

Thank You Nitin Gupta [email_address]

Exchange 2007 - CAS Overview & Autodiscover

by Nitin Gupts (gupnit) on Mar 28, 2009

Accessibility

Categories

Tags

Upload Details

Usage Rights

1 Embed 33

Statistics

Exchange 2007 - CAS Overview & Autodiscover — Presentation Transcript