Exchange
2007 - Add the CAS Role (Client Access Server)
Exchange 2007 - CAS (Client Access Server Role)
Remember that the CAS role handles all initial communication between clients and
Microsoft Exchange.
The purpose of this page is to help you add, (or install) the CAS Role in Exchange 2007. Steps and screenshots kindly supplied
by Alain Laventure.
CAS (Client Access
Server) is an Exchange 2007 role which replaces the front-end server in Exchange 2003.
It makes sense
to get this role working before implementing the Mailbox, Hub, or Unified Messaging roles. The Exchange 2007 Client Access server can coexist in an Exchange
Organization which still has Exchange 2003 or
Exchange 2000 servers. Consequently your transition to from Exchange
2003 to Exchange 2007 will be both straightforward and flexible.
Whenever you have email clients that
access an Exchange 2007 Mailbox Server, you should deploy the Client Access
Server role in that site. As a result, clients such as Microsoft Outlook 2002 or
later, OWA, IMAP4, POP3, or mobile devices, can access their mailboxes on an
Exchange 2007 Server with the mailbox role.
The base procedure for installing Exchange 2007 is the same regardless
of which Server Role(s) you wish to select. Once you have built your
Exchange 2007 server you can add the CAS role via the Control Panel, Add or
Remove Programs (if you did not select it during the setup).
While you could combine CAS with other roles, where possible, it is best to have
a dedicated server for this role. Separating the CAS and Mailbox roles is especially
important if you want to implement OWA, but
some clients have Exchange 2007 mailboxes, while others clients still have Exchange 2003
mailboxes.
When your CAS is accessible from the Internet, you
need to take
extra precautions. The crucial decision is whether to locate the Client Access server on the internal
network or the perimeter network. If you are undecided, or the
decision is close, I would recommend locating the Client Access Server(s) on
the internal network.
You must install the CAS
role on a member server that has access to a
global catalog server. Also remember that the CAS must be able to
contact the Mailbox servers inside your Exchange
organization. A ratio of 1 CAS : 4 Mailbox servers works well.
However, small companies may want an extra CAS server for high availability.
In the case of Exchange organizations with fewer than 500 mailboxes you
probably need to combine CAS with other Exchange 2007 server roles, for
example, Hub Transport.
Once installed, I would call for the Security Configuration Wizard and
listen to its suggestions to lock down ports
and disable services that your particular Client Access server deployment does not
require. Only allow
access through the external and internal firewall for the essential
protocols. The best and simplest decision is to install and configure Microsoft
Internet Security and Acceleration (ISA) Server 2006.
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
SolarWinds'
Network Performance Monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
What I like best is the way NPM suggests solutions to network
problems. Its
also has the ability to monitor the health of individual VMware
virtual machines. If you are interested in troubleshooting, and creating
network maps, then I recommend that you try NPM now.
Assumptions: You have installed the underlying operating system, Windows Server 2008
(best),
alternatively choose Windows Server 2003. If you are not ready to add the CAS role, then
get a copy of the Microsoft Exchange Server Best Practices Analyzer Tool, and
run a Readiness Check scan.
When you run the Exchange Server 2007 setup program, the Client Access
Role is checked by default. However, if you did not install this role
at first, you can return to setup's Roles menu via the Control Panel, Add or
Remove Programs.
PowerShell Command-line
You may prefer to use PowerShell cmdlets to manage the Roles of your
server.
Other /roles: include 'UM' Unified Messaging, 'MB' Mailbox, 'HT' Hub
Transport or 'ET' Edge Transport. Incidentally, once you master
PowerShell configuration in this context, you may like to employ PowerShell
cmdlets for other Exchange 2007 Server tasks.
Guy Recommends:
The SolarWinds Exchange Monitor
Here is a
free tool to monitor your Exchange Server. Download and
install the utility, then inspect your mail queues, monitor the Exchange
server's memory, confirm there is enough disk space and check the CPU
utilization.
This is the real deal - there is no catch. SolarWinds provides this
fully-functioning freebie, as part of their commitment to supporting
the network management community.
Understanding the role of the Exchange 2007 virtual directories is the
key to troubleshooting any problems with OWA 2007 or OWA 2003. It is
also a reminder of the link between IIS web site in Exchange 2007 and the
browser on the OWA client.
/owa. This virtual directory is for OWA 2007 clients. That is
clients with a mailbox on the Exchange 2007 server.
/Exchange. This is a legacy virtual directory for clients whose mailboxes
are on an Exchange
2003 (or 2000) server. As this is a virtual directory, we are talking
about clients trying to use a browser to connect to their mailbox, hence OWA
2003 clients. If the mailbox were on an Exchange 2007 server, the
client would be redirected via the /owa virtual directory.
/Exchweb. Again this is for connecting to mailboxes on Exchange
2003. This virtual folder is used by some OWA applications.
/Public. This is for public folders access.
Check the Virtual Directories
To see these virtual directories, launch the Exchange Management Console.
Click on the Server Configuration tab, and then select: Client Access.
You should now see the Outlook Web Access tab near the middle of the screen.
Any problems with the installation, then check the \ExchangeSetupLogs folder, in particular examine
the ExchangeSetup.log file. Also, remember the Eventlogs, both System
and Application.
Troubleshooting Errors when Adding the CAS Role
Problem: CAS setup (or Add Role) fails with a Watson
MultiValuedProperty error
Solution: Launch ADSI Edit, navigate to: Default Offline Address List.
In particular, set the value of the MsExchVersion attribute to 4535486012416
Problem: You use the Exchange 2003 Exchange System Manager to
Configure 2007
For example: You try to move the OAB generation role from Exchange 2003 to
Exchange 2007. While you can do this, don't use the 2003 Exchange
System Manager, instead use the native 2007 Exchange Management Console.
Guy Recommends: SolarWinds' Free Bulk Mailbox Import Tool
Import users from a spreadsheet, complete with their mailbox. Just provide a list of the
users with the fields in the
top row, and save as .csv file. Then launch this FREE utility, match
your Exchange fields with AD's
attributes, click and import the users. Optionally, you can
provide the name of the OU where the new mailboxes will be born.
There are also two bonus tools in the free download, and all 3 have been approved by Microsoft:
Bulk-import new users and mailboxes into Active Directory.
Actually, the CAS role for Exchange 2007 server is installed by default.
However, it is easy to add CAS as a role if you omit to select this role on the
initial installation. Two things you should remember about Exchange CAS, this role
is needed for each site where you have Exchange 2007 Mailbox servers, and CAS is
the gateway for OWA clients.
Although Outlook communicates directly with the Mailbox
server, it uses the Client Access server role to connect to Exchange
mailboxes when you are using Outlook Anywhere (formerly known as RPC over
HTTP) and for services such as the Autodiscover service and the Availability
service. The Client Access server role also enables users to use such
Unified Messaging features as Play on Phone.
Credit and acknowledgement
Alain Laventure provided the screenshots, the detailed steps and the
background for this CAS article.
If you like this page then please share it with your friends
Here is a
free tool to monitor your Exchange Server.
Download the utility, then inspect your mail queues, monitor Exchange server's
memory, confirm there is enough disk space and check the CPU utilization.
