Microsoft CAS Exchange 2007 Server | Advice installing Client Access Server Role

Guy Recommends

Beat spammers with anti-spam software for Exchange Server – GFI MailEssentials.
Download FREE trial

OpusFlow Exchange
Group Calendar

Exchange 2007 - Add the CAS Role (Client Access Server)

Exchange 2007 - CAS (Client Access Server Role) Exchange CAS Role Client Access Server

Remember that the CAS role handles all initial communication between clients and Microsoft Exchange. The purpose of this page is to help you add, (or install) the CAS Role in Exchange 2007. Steps and screenshots kindly supplied by Alain Laventure.

Topics for Exchange 2007 CAS Role

Introduction to Exchange CAS

CAS (Client Access Server) is an Exchange 2007 role which replaces the front-end server in Exchange 2003. It makes sense to get this role working before implementing the Mailbox, Hub, or Unified Messaging roles. The Exchange 2007 Client Access server can coexist in an Exchange Organization which still has Exchange 2003 or Exchange 2000 servers. Consequently your transition to from Exchange 2003 to Exchange 2007 will be both straightforward and flexible.

Whenever you have email clients that access an Exchange 2007 Mailbox Server, you should deploy the Client Access Server role in that site. As a result, clients such as Microsoft Outlook 2002 or later, OWA, IMAP4, POP3, or mobile devices, can access their mailboxes on an Exchange 2007 Server with the mailbox role.

The base procedure for installing Exchange 2007 is the same regardless of which Server Role(s) you wish to select. Once you have built your Exchange 2007 server you can add the CAS role via the Control Panel, Add or Remove Programs (if you did not select it during the setup).

While you could combine CAS with other roles, where possible, it is best to have a dedicated server for this role. Separating the CAS and Mailbox roles is especially important if you want to implement OWA, but some clients have Exchange 2007 mailboxes, while others clients still have Exchange 2003 mailboxes.

Deciding On Your CAS Placement

When your CAS is accessible from the Internet, you need to take extra precautions. The crucial decision is whether to locate the Client Access server on the internal network or the perimeter network. If you are undecided, or the decision is close, I would recommend locating the Client Access Server(s) on the internal network.

You must install the CAS role on a member server that has access to a global catalog server. Also remember that the CAS must be able to contact the Mailbox servers inside your Exchange organization. A ratio of 1 CAS : 4 Mailbox servers works well. However, small companies may want an extra CAS server for high availability. In the case of Exchange organizations with fewer than 500 mailboxes you probably need to combine CAS with other Exchange 2007 server roles, for example, Hub Transport.

Once installed, I would call for the Security Configuration Wizard and listen to its suggestions to lock down ports and disable services that your particular Client Access server deployment does not require. Only allow access through the external and internal firewall for the essential protocols. The best and simplest decision is to install and configure Microsoft Internet Security and Acceleration (ISA) Server 2006.

Adding The Actual Client Access Role

Assumptions: You have installed the underlying operating system, Windows Server 2008 (best), alternatively choose Windows Server 2003. If you are not ready to add the CAS role, then get a copy of the Microsoft Exchange Server Best Practices Analyzer Tool, and run a Readiness Check scan.

When you run the Exchange Server 2007 setup program, the Client Access Role is checked by default. However, if you did not install this role at first, you can return to setup's Roles menu via the Control Panel, Add or Remove Programs.

Other /roles: include 'UM' Unified Messaging, 'MB' Mailbox, 'HT' Hub Transport or 'ET' Edge Transport. Incidentally, once you master PowerShell configuration in this context, you may like to employ PowerShell cmdlets for other Exchange 2007 Server tasks.

Virtual Directories for OWA

Understanding the role of the Exchange 2007 virtual directories is the key to troubleshooting any problems with OWA 2007 or OWA 2003. It is also a reminder of the link between IIS web site in Exchange 2007 and the browser on the OWA client.

/owa. This virtual directory is for OWA 2007 clients. That is clients with a mailbox on the Exchange 2007 server.

/Exchange. This is a legacy virtual directory for clients whose mailboxes are on an Exchange 2003 (or 2000) server. As this is a virtual directory, we are talking about clients trying to use a browser to connect to their mailbox, hence OWA 2003 clients. If the mailbox were on an Exchange 2007 server, the client would be redirected via the /owa virtual directory. OWA Virtual Directories for Exchange CAS

OWA Virtual Directories for Exchange CAS

/Exchweb. Again this is for connecting to mailboxes on Exchange 2003. This virtual folder is used by some OWA applications.

To see these virtual directories, launch the Exchange Management Console. Click on the Server Configuration tab, and then select: Client Access. You should now see the Outlook Web Access tab near the middle of the screen.

Any problems with the installation, then check the \ExchangeSetupLogs folder, in particular examine the ExchangeSetup.log file. Also, remember the Eventlogs, both System and Application.

Troubleshooting Errors when Adding the CAS Role

Problem: CAS setup (or Add Role) fails with a Watson MultiValuedProperty error

Solution: Launch ADSI Edit, navigate to: Default Offline Address List. In particular, set the value of the MsExchVersion attribute to 4535486012416

Problem: You use the Exchange 2003 Exchange System Manager to Configure 2007

For example: You try to move the OAB generation role from Exchange 2003 to Exchange 2007. While you can do this, don't use the 2003 Exchange System Manager, instead use the native 2007 Exchange Management Console.

TrainSignal - Guy's recommended training videos for Exchange 2003

Exchange Server 2007 is a complex topic, do you need practical hands on training? As an MCT trainer, I can thoroughly recommend TrainSignal. In particular, I like the way that TrainSignal cover all learning methods, instructor lead, video and of course text material. You can either take one module, for example Exchange 2007 or go for a combination of modules. Learn more about Microsoft Exchange Server 2007 here

Summary - Install the Exchange CAS Role for Exchange 2007 Server

Actually, the CAS role for Exchange 2007 server is installed by default. However, it is easy to add CAS as a role if you omit to select this role on the initial installation. Two things you should remember about Exchange CAS, this role is needed for each site where you have Exchange 2007 Mailbox servers, and CAS is the gateway for OWA clients.

Although Outlook communicates directly with the Mailbox server, it uses the Client Access server role to connect to Exchange mailboxes when you are using Outlook Anywhere (formerly known as RPC over HTTP) and for services such as the Autodiscover service and the Availability service. The Client Access server role also enables users to use such Unified Messaging features as Play on Phone.

Credit and acknowledgement Alain Laventure provided the screenshots, the detailed steps and the background for this CAS article.

See more Microsoft Exchange Server 2007 topics:

Please write in if you see errors of any kind. Please report any factual mistakes, grammatical errors or broken links, I will be happy to not only to correct the fault, but also to give you credit.