EXCHANGE 2010 HA Guide



centercenterAmmar Hasayenammarhasayen.eXCHANGE 2010 HA Guide8820090900Ammar Hasayenammarhasayen.eXCHANGE 2010 HA GuideContents TOC \o "1-3" \h \z \u 1.Introduction: PAGEREF _Toc367989478 \h 31.1 Quorum PAGEREF _Toc367989479 \h 31.2 DAG Networks PAGEREF _Toc367989480 \h 31.3 Active Manager PAGEREF _Toc367989481 \h 42.Datacenter Activation Coordination DAC PAGEREF _Toc367989482 \h 52.1 Introduction PAGEREF _Toc367989483 \h 52.2 How to get DAC OK status? PAGEREF _Toc367989484 \h 52.3 Restore-DatabaseAvailabilityGroup PAGEREF _Toc367989485 \h 52.4 Examples PAGEREF _Toc367989486 \h 63.Recovery Single Failed DAG member PAGEREF _Toc367989487 \h 64.Database Mobility PAGEREF _Toc367989488 \h 65.Outlook WebApp across Sites PAGEREF _Toc367989489 \h 75.1 Introduction PAGEREF _Toc367989490 \h 75.2 Scenario 1 PAGEREF _Toc367989491 \h 75.3 Scenario 2 PAGEREF _Toc367989492 \h 85.4 Scenario 3 PAGEREF _Toc367989493 \h 86.Datacenter Switch Over PAGEREF _Toc367989494 \h 86.1 Terminate the primary data center PAGEREF _Toc367989495 \h 86.2 Activating Mailbox Servers PAGEREF _Toc367989496 \h 96.4 Activating CAS Servers PAGEREF _Toc367989497 \h 116.5 Restoring Services in the Primary Datacenter PAGEREF _Toc367989498 \h 127.Autodiscover PAGEREF _Toc367989499 \h 137.1 When Autodiscover is triggered on Outlook PAGEREF _Toc367989500 \h 137.2 How to find the service PAGEREF _Toc367989501 \h 147.3 What Autodiscover needs PAGEREF _Toc367989502 \h 147.4 What Autodiscover process PAGEREF _Toc367989503 \h 147.5 What Autodiscover returns PAGEREF _Toc367989504 \h 148.How Outlook Connects PAGEREF _Toc367989505 \h 158.1 What information Outlook needs PAGEREF _Toc367989506 \h 158.2 Database linkage to CAS Arrays PAGEREF _Toc367989507 \h 15Scenario 1 PAGEREF _Toc367989508 \h 15Scenario 2 PAGEREF _Toc367989509 \h 15Scenario 3 PAGEREF _Toc367989510 \h 16Scenario 4 PAGEREF _Toc367989511 \h 17Introduction:This guide simply explains in a very easy way, all the technologies and procedures that you need to know to perform Exchange 2010 data center switch over, recovering DAG member or stretching DAG between sites.1.1 QuorumDefine as a mechanism to ensure that only one subset of members are functioning at any given time. It used to find majority.There is Quorum data that is configuration shared between all nodes.Exchange 2010 supports only two out four models of Quorums:Node Majority: for odd number of nodesFile share majority: for even number of nodesWitness is a file share (Witness.log) that represent a vote when there is need to break the tie. When we are one vote from losing the majority, the node that hold the cluster group (PAM) will lock the witness file share.The witness cluster file share is created when the DAG members become even and cluster will apply isalive controls to monitor it. If it fails, the cluster group is moved to another node and try to bring it online.(Exchange Subsystem) group should be member of the local administrator group on the witness server and the alternative witness server.1.2 DAG NetworksFor each subnet that the cluster discovers, a DAG network is created. Note also that heartbeat happens in all networks.Two types of DAG Networks:MAPI Network: You can have only one MAPI network.Default G and register in DNSReplication Network: (Over TCP 64327)You can have Zero or as many replication networks as you muchNo default G and no register in DNS It is important to note the following:DAG Network enumeration happens only when adding DAG members or can be triggered by running (Set-DatabaseAvailabilityGroup –DiscoverNetworks)If the MAPI network dies in a server, automatic switch over happens.If Replication network dies in a server, replication will happen over MAPI network.ISCIS network should be configured to be ignored from Cluster use.And also make sure that the replication cannot route to the MAPI network in any case, or cross heartbeat scenario will happen.1.3 Active ManagerLives inside (Microsoft Replication Service)The data about where the database is active now DOES NOT LIVE IN AD. Active Manager is the one who knows about it.Three Server types:Standalone ( for nodes not member of DAG)Standby (SAM)Monitor local resources and notify PAMGive information to Active Manager clients about where databases are activePrimary (PAM)The one who holds the cluster groupBest Copy Selection Active Manager Client exists in HUB and CAS to know where the active copy lives in order to deliver or access data. Datacenter Activation Coordination DAC2.1 IntroductionActive Manager handles DACDAC mode enables us to use three new commands: Stop-DatabaseAvailabilityGroup, Start-DatabaseAvailabilityGroup and Restore-DatabaseAvailabilityGroupDAG property that uses DACP protocol to handle split brain scenarios when DAG is stretches to more than one subnet.DAC when enabled, will be an extra application Quorum criteria that should be return OK.DAC split DAG members to one of two sets:Stopped DAG Members - Stop-DatabaseAvailabilityGroupStarted DAG Members - Start-DatabaseAvailabilityGroupOnly Started DAG Members will participate in DAC voting. Started servers are those candidate to bring their database copies online.Stopped DAG member is the status of Active Manager that prevents the databases to be mounted on the server and will exclude it from DAC voting.2.2 How to get DAC OK status?If all started DAG members can communicate to each otherIf not, if a DAG Started member can communicate with a node with DAC bit 1Note: In case of two DAG started members in the alternate datacenter exist, the boot time of the alternative witness share server can be used. If the witness boot time is before, DAC succeeded. Else, use Restore-DatabaseAvailabilityGroup . This only true for two member started DAG members.In all cases, if all DAG members are DAC 0, use Start-DatabaseAvailabilityGroup to reset the DAC bit to 1 even if the nodes are already started.2.3 Restore-DatabaseAvailabilityGroupEvicts DAG members marked as stopped from the cluster , thus created quorumAssign alternate witness share in case of even number of nodesIt has three parameters:Identity (required) : name of DAGActiveDirectorySite (Optional)AlternativeWitnessDirectory and AlternativeWitnessServer (Optional): those can be configured ahead on the DAG level.2.4 Examples Stop-DatabaseAvailabilityGroup -Identity DAG1 -MailboxServer E14EX2 Stop-DatabaseAvailabilityGroup -Identity DAG1 -ActiveDirectorySite RedmondStop-DatabaseAvailabilityGroup -Identity DAG1 -MailboxServer E14EX3 –ConfigurationOnlyRecovery Single Failed DAG memberDatabase copies on the failed server are marked as (ServiceShutdown)For a failed MBX1 server Remove database copies on the serverRemove-MailboxDatabaseCopy DB1\MBX1This command will generated warning because the server is offline but the info about the copy in AD will be deleted.Remove its configuration in DAGRemove-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer MBX1 –ConfigurationOnlyIt may happen that the server is not fully removed, so open the cluster console from any active mailbox server and evict the failed DAG member manuallyReset Computer Account in ADInstall a new Windows with same patches and service pack (IMPORTANT : SAME IP Addresses)Setup /m:RecoverServerAdd it to DAG Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer MBX1Add databases copies back to it.Database MobilityIf you have a server that fails but the SAN or disk database files are accessible, you can mount the DB on another server. This is called Database Mobility.Attach the database files to a drive on the new mailbox server.Use eseutil to check the health of the database Eseutil /MH database.edb |findstr “state:”If the database is dirty shutdown and log files are available, then perform soft recovery : From the folder that contains the log files, type :eseutil /r E00 /d G:\Data\databaseFolderPath Note: Replace E00 with log prefixFinally, create new DB on the new server, mark it as over writable, dismount it , switch files.Point the user to the new DB :Get-Mailbox -Database oldDB | Set-Mailbox –Database newDBOutlook clients will automatically pick up the new info.Outlook WebApp across Sites5.1 Introduction When CAS receives OWA requests:It checks to see if the request can be severed locally.If mailbox is not local, CAS retrieves target ExternalURL (if defined) and redirects or proxies if no OWA ExternalURLs are defined in the target Active Directory site.Below is additional Scenarios 5.2 Scenario 1Suppose that the primary site went down completely, and you changed the DNS entry for owa. to point to the CAS NLB in the secondary site. Now the primary site is back to normal and you changed the DNS entry for owa. to point to the primary CAS NLB in the main site.The client need to wait for the TTL for owa. to expire (usually set the TTL to 5 minutes), and also after the cache expires, the browser will still cache the DNS entry for another 20 minutes.So a loop will happen here as the browser will go to owa. which will go to the secondary CAS NLB because of the browser cache, and the secondary CAS array will send an OWA redirection message “Hey... You should be using for best performance.” Because the mailbox is active in the primary site now and the OWA ExternalURL for the primary CAS array is user may think “ODD, I just did log in at that site! Silly computer, let me log in again.”The second time he logs in to owa., he will probably still hit the secondary CAS array servers because of their browser cache still isn’t updated. The secondary CAS array servers are intelligent enough to see this 2nd logon attempt (via a web canary) and then know “OH… this user’s DNS cache is old. They don’t know we failed back to the other datacenter. Send him the FailbackURL for the primary CAS servers.The user is then prompted with a slightly different page with a “CONTINUE” button and it explains to them that the mailbox is in the process of being brought online in different datacenter. He clicks continue, which takes him to the FailbackURL. They log in again and this time is successfully in OWA.So the Secondary CAS array will detect if the primary CAS servers has the failbackURL configured, and if it is, it will redirect the client to it to end the loop. If there is no failbackURL configured, then the secondary CAS array will send an error page to the client indicating that he should close his browser and try again.5.3 Scenario 2If the CAS receive a request for OWA to a database, and he can see that the database legacyExchangeDN matches his local AD site, but the database is mounted in different site, the CAS will issues a redirect to the ExternalURL of the CAS server hosting the mounted database.5.4 Scenario 3NEW IN SP2 Cross-Site Silent RedirectionIf you configure the Set-OWAVirtualDirectory with CrossSiteRedirectType = Silent (default is manual), then all redirections become silent. In addition, if FBA or Integrated authentication is configured, a Single Sign On experience will occur.Datacenter Switch OverThe case of complete outage in primary data center (NYC) and restoring things back in secondary data center (LON)6.1 Terminate the primary data centerDAG Members in the primary data center must be marked as stopped. Stopped is the status of Active manager that prevents database copies to be mounted on them, and will exclude them from DACP voting. This can be done on the primary and the secondary sites :On the Primary side :If the mailbox servers in the primary are operational and there is a functioning DC in the primary site, use Stop-DatabaseAvailabilityGroup -Identity DAG1 -ActiveDirectorySite NYCIf the mailbox servers in the primary site are not operational but there is domain controller in the primary site, use this command for each primary MBX servers:Stop-DatabaseAvailabilityGroup -Identity DAG1 -MailboxServer E14EX3 –ConfigurationOnlyIf no DC nor mailbox servers are available in the parent side, then make sure that mailbox servers are shutdown always.If the primary mailbox server are online, make sure the cluster service is set to Disabled or do it yourself.On the Secondary side :We need to tell the secondary site which servers are available during the switch over. This can be done by using the Stop-DatabaseAvailabilityGroup command with the ConfigurationOnly.UM Servers If any Unified Messaging servers are in use in the failed datacenter, they must be disabled to prevent call routing to the failed datacenter. You can disable a Unified Messaging server by using the Disable-UMServer cmdlet (for example, Disable-UMServer UM01). Alternatively, if you are using a Voice over IP (VoIP) gateway, you can also remove the Unified Messaging server entries from the VoIP gateway, or change the DNS records for the failed servers to point to the IP address of the Unified Messaging servers in the second datacenter if your VoIP gateway is configured to route calls using DNS.6.2 Activating Mailbox ServersWhen the primary datacenter is down, the mailbox servers in the secondary site, will try to take ownership of the cluster group and will try to bring the primary Witness server online for couple of time before timing out and failing. This is when the cluster as a whole goes down because of majority issues. Database copies on primary datacenter mailbox servers appears as (Service Shutdown), where database copies on secondary datacenter mailbox servers appear as (Disconnected and Healthy)The Cluster service must be stopped on each DAG member in the primary datacenter (This can be one of two :If the Primary data center is down, then for sure objective completedIf the primary mailbox servers are online, make sure cluster service is stopped and the service is marked as disabled.Running Restore-DatabaseAvailabilityGroup which will do two things :Evict Stopped DAG members from clusterCreate alternative witness share if not created previously on the DAG levelRestore-DatabaseAvailabilityGroup -Identity DAG1 -ActiveDirectorySite LON - AlternateWitnessServer EXHUB1 -AlternateWitnessDirectory D:\DAG1You may need to run the command couple of time until the primary mailbox servers are evicted from the cluster.Note: the restore command can fail, just wait 5 minutes and run it again. Also you can make sure that the command is being executed on the right domain controller by running:Set-ADServerSettings –PreferredServer <Domain Controller in Failover Datacenter>Always and at any time, if you want to force the cluster model to refresh (i.e if you open the cluster console from the secondary mailbox server, alternative witness share should appear after you entered the Restore-DatabaseAvailabilityGroup command, if it didn’t reflect in the cluster console, just type Set-DatabaseAvailabilityGroup –Identity DAGName)You should make sure the Witness server and directory are up. Never lose them and avoid restarting them. Make sure Exchange Trusted Subsystem is member of the local administrator group on the Witness server and create a firewall rule on the Witness server if necessary to allow all traffic from the mailbox server to the Witness Server.At this moment, the secondary mailbox server(s) will try to assume the ownership of the cluster group and trying to get the secondary DAG IP online and will keep trying to bring the alternative Witness share online.Use Get-DatabaseAvailabilityGroup cmdlet to make sure the Stopped servers are those mailbox servers in the primary site while started servers are those in the secondary site only.If databases in the secondary site don’t mount automatically, remember to remove any activation blocks on the server level (Set-MailboxServer) or on the database level (Suspend Activation).If still databases didn’t mount correctly, use this command:Move-ActiveMailboxDatabase –Server FQDNofaServerinPrimarySite –ActivateOnServer FQDNofaServerinDRSiteThis command contains many Skip switches that can be handy.This is very important step as it is like taking ownership of those databases. You can also use :Move-ActiveMailboxDatabase DatabaseName –ActivateOnServer FQDNofaServerinDRSiteWe need to choose whether to remove the database copies existing in the primary site to allow log truncation or not. If we choose so, reseeding will be necessary once you fail back to the primary data center.Outlook Office clients will act as per the following :If the primary CAS servers are online, CAS servers in the primary site will issue a silent redirect message to outlook users. Outlook users will see a message that they need to restart their outlook.If the primary CAS servers are online, you can change the DNS name for the outlook anywhere name or just force autodiscover to work by repairing outlook profileOWA clients will do the following :If the primary CAS servers are online, silent redirection will happen with SOO since both OWA virtual directories has Integrated Authenticated on themIf the primary CAS servers are offline, DNS name for OWA primary should point to secondary and that’s it.If you restarted mailbox servers in the secondary site and/or the Witness server, the DAC bit will be sit to 0 and databases will be shown as Dismounted. If you try to mount them , an error that the replication services on the primary mailbox servers are not online. You may find a problem locating the Active manager also especially if you typed: Get-DatabaseAvailabilityGroup –Identity DAGName – Status.The solution will be forcing the DAC bit to be 1 by running the Start-DatabaseAvabilibityGroup –Server (Secondary Mailbox Servers) even if they are already started.6.4 Activating CAS ServersIf the primary datacenter has the following URLs internally and externallyMail.NYC. (Outlook Anywhere)OWA.NYC. (Outlook Web Access)EAS.NYC. (Exchange ActiveSync)And the secondary site has:Mail.LON.OWA.LON.EAS.LON.And suppose SCP for Autodiscover for CAS servers in the primary datacenter points to Mail.NYC. where SCP for CAS servers in the secondary datacenter points to Mail.LON.. Suppose also that the public autodiscover. points externally to primary datacenter publishing ruleDuring Data center Switchover:OWA : Change the IP address for OWA.NYC. to point to OWA.LON. in the internal and external DNS servers. This really depends if the primary data center will be off for long time.You can also chose not to change this DNS name if the primary CAS servers are online since they will do the redirection. EAS :Change the IP of EAS.NYC. to point to EAS.LON. in the internal or external DNS servers. You can also chose to tell the users to manually change this manually on their mobiles.Outlook Anywhere :Either manually let users to change their outlook proxy settings to Mail.LON.Automatic solution would be making sure Autodiscover service is reachable internally and externally so that outlook profile repair will do the trick and switch Mail.NYC. to Mail.LON.NOTE: VERY IMPORTANT: Don’t ever try to change the DNS name of Mail.NYC. to point to Mail.LON.. This will always fail as the subject name of the certificate in LON datacenter is mail.lon. while the proxy settings in user outlook profile is mail.nyc.6.5 Restoring Services in the Primary DatacenterPower on the primary mailbox servers. If you open the cluster console on them, you can see that they reflect that they are evicted from cluster. Database copies on them are marked as Failed and there is no way to mount them on primary servers.Note:Verify that Cluster service on the DAG members in the primary datacenter have a startup type of DISABLED. If they do not, either the Stop-DatabaseAvailabilityGroup command was not successful or the DAG members in the primary datacenter failed to receive eviction notification after network connectivity between datacenters was restored. Do not proceed until Cluster service cleanup has occurred and Cluster service has a startup type of DISABLED. You can optionally run the following command on the DAG members in the primary datacenter to forcibly cleanup the outdated cluster information: Cluster node /forcecleanup Run the Start-DatabaseavailabiltyGroup –Identity DAG1 –ActiveDirectorySite NYC command on them.Note that powering those servers in the primary site will not be risky as they are out of DAG configuration. The start-DatabaseAvailabilityGroup command will return them to the DAG again. Also remember that we have performed the Move-ActiveMailboxDatabase command during switchover to be servers in the secondary site. That’s why when you start-DatabaseAvailabilityGroup on primary servers, they will notice that the databases are active on secondary mailbox servers and will not try to do anything.After running this Start command, the primary mailbox servers will start appearing in the cluster console as cluster nodes functioning normally.Run Set-DatabaseAvailabilityGroup cmd without any parameter to make sure the right Quorum mode is being used. This command also will seed all changes on the passive copies.Database copies on the primary site will start seeding automatically and will turn healthy eventually.Leave the database to replicate over time and sync from Secondary datacenter to Primary. Then proceed to the below steps.Note that the DAG is using the alternative witness server. In order to use a witness server in the primary site, and if you still have the old witness server, then use Set-DatabaseAvailabilityGroup -Identity DAG1 command. If we want to assign new witness on the primary datacenter, then add the witness parameters to the previous command.Notice that the default cluster group is hosted on the secondary site which means that the Primary Active Manager PAM is located on the node who holds the default cluster group.To identify the PAM server, run: Get-DatabaseAvailabiliyGroup –Identity DAG1 –Status |FL *Primary*You can move the default cluster group to the primary mailbox server by running Cluster group “Cluster Group” /MoveTo:EX01. Dismount databases in the secondary datacenters and move the CAS URLs.After DNS is replicated and the cache is refreshed, use the Move-ActiveMailboxDatabase for the copies in the primary site.Mount database copies in the primary site.Outlook clients will find a message to indicate that the administrator has changed something and the outlook need to be restarted.Note : When mounting database copies on the primary site, sometimes you will face issues like database cannot mount because index problem. For this scenario, you can run :Update-MailboxDatabaseCopy DBName\FailedToMountServer –CatalogOnlyIf this didn’t work, use Move-ActiveMailboxDatabase “Database Name” -ActivateOnServer DestinataionServer SkipClientExperienceChecksNote that this command is powerful, look at this :Move-ActiveMailboxDatabase “Database Name” –ActivateOnServer –OptionsWhere Options can be:SkipActiveCopyChecksSkipClientExperienceChecksSkipHealthChecksSkipLagChecksAutodiscover7.1 When Autodiscover is triggered on OutlookWhen the Outlook profile is first createdWhen network changes occur on Outlook machineOnce every 15 minutesWhen the connection to Exchange failsWhen Outlook startsNevertheless, repairing Outlook profile is the most effective way to force complete reconfiguration of Outlook when Autodiscover gets new information.7.2 How to find the serviceDomain Joined:Any CAS server during the installation will create a SCP in AD. In a domain joined machines, Outlook will simply query AD (LDAP) for those SCPs and will choose any SCP randomly to connect to. In case all SCPs are not available, Outlook will try to access and if this fails, it will try the SRV method.You need to configure the value in SCP to read the NLB of the CAS array instead of the default server name by using:Set-ClientAccessServer CASServerName -AutoDiscoverServiceInternalUri Joined:For non-domain machines, Outlook will query AD for SCP and will fail, then it will query DNS for and then 7.3 What Autodiscover needsThe user email address and his credentials7.4 What Autodiscover processAutodiscover service will pass the information to the Outlook Provider information stored in AD. Those provider settings are categorized to three main categories:The WEB setting : Outlook WebApp ClientsThe EXCH setting : RCP Internal Client (Returns the InternalURLs for services)The EXPR setting : Outlook Anywhere Clients (Returns the ExternalURLs for services)7.5 What Autodiscover returnsAutodiscover will return a lot of information depending of the nature of the client (RPC or RPC over HTTPS). Mainly the Internal URL and External URLs for the following services will be returned:External and Internal URL for those servicesOWA Virtual DirectoryOAB Virtual DirectoryWeb Services Virtual DirectoryActiveSync Virtual DirectoryECP Virtual DirectoryUM SeetingsUser Display NameUser Home Server (database LegacyExchangeDN)Outlook Anywhere settingsHow Outlook Connects8.1 What information Outlook needsOutlook needs three piece of information to connect to a mailbox.Database NameHome Server (RPC Client Access Array Server attribute of the DB), aka. The database legacyExchangeDNLegacyDN of the mailboxThe rest of information are not that important and are return by Autodiscover.If profile is configured, outlook will try to resolve the Home Server in the outlook profile and connect to it using TCP. This represents the Client Access Server Array object which should not be resolving externally in all cases, (nor internally, only if you want to force Outlook Anywhere behavior)8.2 Database linkage to CAS ArraysFacts:Each database has a GUID and also has an important attribute called (legacyExchangeDN). LegancyExchangeDN is also referred to the RPCClientAccessServer for that database.The information about where the database is currently mounted is not stored in AD, instead each Active Manager server in each mailbox server in the DAG (SAM or PAM) knows about this info.When the database is created in a mailbox server, the legacyExchangeDN is set to the CAS Array FDQN if exists in the local site or default to the first CAS server installed on that site.This value doesn’t change if the database get mounted in different site unless that mailbox database copy is assigned an Activation Preference = 1.The value of the legacyExchangeDN of the database is what Autodiscover returns to outlook as the home server. Outlook is still not configured, will honor this value. If the outlook profile already exists and pointing to a CAS array, it will not honor the Autodiscover information about the change on legacyExchangeDN depending on different factors.Scenario 1It is important to remember that neither Outlook nor CAS care about the AD site in which the CAS server is located at.If the database get mounted to different site, and you change just the DNS record of the primary CAS array to point to the CAS array of the secondary site, everything works fine. This works for RPC Clients.Scenario 2RULE: The RPCClientAccessServer property of the database a.k.a the database legacyExchnageDN always points to the RPC CAS array that is in the same site as the copy of the mailbox database with the lowest activation preference (which equals 1).In the below figure, when the database get mounted on MBX-C, the RPCClientAccessServer property will stay CAS-Pri.. The outlook user will still point to cas.pri. and CAS Direct Connect over the WAN will happen from CAS-Pri to MBX-C. If CAS-Pri is inaccessible, the Outlook will get disconnected!Scenario 3The only time the system changes RPCClientAccessServer value on the database is when the administrator changes the ActivationPreference number on the activated database copy such that it now has the lowest value (meaning it becomes the preferred copy), as seen below.However, the Outlook clients with an existing Outlook profile would continue to use the old RPC endpoint rather than the new RPC endpoint (even though Autodiscover detected the change). This is because the old RPC endpoint does not return an ecWrongServer response to the client. The RPC endpoint accepts the connection; therefore, Outlook ignores the Autodiscover response because it has a working connection. In the event that the old RPC endpoint becomes inaccessible, Outlook 2007/2010 would update its settings. At any time you could force Outlook to use the new RPC endpoint by forcing a profile repair.You can also manually change the RPCClientAccessServer property of the database to point to the new array instead of changing its activation preference.The same happens when you move a mailbox to a database in different AD site. Outlook will continue to use the old and configured RPC CAS array unless that array become inaccessible or you trigger Outlook profile repair.Scenario 4After Exchange SP2 RU3, the following changes happen:By default, once you have installed SP2 RU3, when you move mailboxes between AD sites, all versions of Outlook will get prompted to restart and the Outlook profile’s RPC endpoint will be updated.Cross Site Database Access changes :This behavior depends on the value of DAG property called (AllowCrossSiteRPCClientAccess).If set to $true, then the behavior in Scenario 3 will occur. That is Outlook will stick to the original configured CAS array and cross WAN CAS direct connect will occur , unless you change the LegacyExchangeDN of the DB or change the ActivationPreference and the Outlook profile get repaired or the primary CAS array is not available.If the value of AllowCrossSiteRPCClientAccess is set to $false which is the default DAG property value, then the Outlook profile’s RPC endpoint will be updated to be the RPC Client Access Server array that is in the same AD site where the database is active and mounted. Note that the RPCClientAccessServer property is not updated as that defines the preferred site.Actually the CAS array log on the primary site will ask the Outlook to redirect to the CAS array in the secondary site although the LegacyExchangeDN of the database is still pointing to the primary CAS array. ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download