Exchange Server 2013 CAS arrays

Exchange 2013 doesn't need to use CAS arrays any more, finally all those worries of tons of name space is gone away now. Now we can use just One* Name Space, Global Name Space. Look for "Deployment simplicity" section for more details on Global Name Space.

Client Access Server 2013 is a much simpler beast all round, which should make it easier to manage one of the truisms much beloved by those who pontificate about designing for Exchange is the necessity to follow “best practice.” There’s absolutely nothing wrong with this approach as best practice is defined to be a method or technique that has consistently shown better results than other methods. In other words, it’s an approach that works well, probably because others have tried different methods and failed.

But the important thing is not to become clogged in best practice and to understand that best practice evolves constantly in line with human experience and developments in the underlying technology.

Take CAS arrays for instance. Introduced with Exchange 2010, CAS arrays provided a method to group a set of CAS servers together in such a way that they could be addressed as a single entity (and had a single IP address and FQDN). Individual servers could join and leave the array over time and the array would keep functioning as long as a single server was active. All-in-all, it was a nice concept, even if a CAS array didn’t perform any load-balancing of incoming client connections. In this respect, you can ignore the statement in TechNet’s documentation of the New-ClientAccessArray cmdlet that says it creates “a load-balanced array of client access servers within a single Active Directory site.” That’s not true, but the vendors of load balancers were all too happy to fill that gap.

Best practice duly had to be formulated and it was proclaimed that you should always create a CAS array within a site and assign the CAS array object to the RpcClientAccessServer property of mailbox databases. The value of RpcClientAccessServer is given by the AutoDiscover process to Outlook clients to populate their profiles when created and provides a MAPI endpoint for connectivity within the site (remember, a CAS server or an array is limited to a site). CAS arrays do nothing for non-MAPI clients such as Outlook Web App (OWA) or Exchange Web Services (EWS).

Once provided with the FQDN of the CAS array, Outlook clients would attempt to connect to the CAS array rather than to an individual CAS when they attempted to open a mailbox, which solved the problem of providing continual access to the mailbox when an individual CAS was taken offline for some reason, such as applying a roll-up update. This alone is an excellent reason for the suggested best practice to be valid and worth respecting.

Roll forward to today and the advent of Exchange 2013. You now observe that the CAS is a tad different. The Exchange 2013 version of the CAS is a much simpler beast as it is purely an authentication (are you authorized to connect to Exchange?) and proxy/redirect (where do you need to go to find your mailbox?) server. No processing is performed of mailbox data by the CAS; all it does is to send on client requests to connect to the mailbox server that hosts the currently active copy of their mailboxes via HTTPS (no MAPI RPCs).


The RPC Client Access namespace, which was introduced in Exchange 2010 to handle the concept of RpcClientAccessServer described above is no more and Exchange no longer uses FQDNs of CAS servers or arrays to locate user mailboxes. Instead, CAS uses the unique GUID assigned to the mailbox. When an incoming client connection must be processed, CAS looks up Active Directory to find details of the mailbox via its GUID (including the database that hosts the mailbox) and Active Manager will tell CAS what mailbox server currently hosts the active copy of the database. Voila!
In passing, I note that the mailbox GUID can be shown to humans from time to time by Outlook when it configures a new profile. I hope that Microsoft finds some method to translate the GUID to something more user-friendly before Exchange 2013 finally ships as otherwise I think this will cause some extra support calls for help desks. Computers are good at translating GUIDs, humans are not.
There are many reasons why Microsoft has taken this route for Exchange 2013, but perhaps the most basic is to uncouple the functionality of CAS from mailbox servers so that both can function independently of each other in terms of geographic location (a CAS in one datacenter can service requests going to a mailbox server in another) and software versions (you won’t have to update CAS and mailbox servers with the same software in future). Overall, CAS 2013 is much, much simpler (another example is how the load balancing focus shifts from layer 7 to layer 4) and CAS 2013 is much more of a lightweight service than before, one that can be removed from service without causing much disruption to the overall infrastructure or client connections.
As for the RpcClientAccesServer property, and our best practice of deploying CAS arrays for Exchange 2010 – well, they’re pretty much dead and buried by the developments in Exchange 2013. The property still exists in Exchange 2013 but it’s an artefact of the past about which we no longer need to concern ourselves, once the migration to Exchange 2013 is complete.


Cheers,

18 Responses to Exchange Server 2013 CAS arrays

  1. Prashant says:

    Hi Gulab,

    I need to configure cas setting on my exch 2013.Please find the below details.

    1.Ipadd : 192.168.0.1 (ADS,DNS)
    2.Ipadd : 192.168.0.1 (Member of domain,exch2013)
    3.Ipadd : 192.168.0.2 (Member of domain,exch2013)
    4.Ipadd : 192.168.0.3 (Vip add of lb)

    I need to map 192.168.0.1 and 192.168.0.2 mailbox database to 192.168.0.3 (Vip add of lb)please help me out..

    Regards,
    Prashant

  2. Do you mean to say that, you want to point/associate/map the CAS server to mailbox databases?
    If yes than, there's command you can run to do that.

    And, yes, when you are deploying the servers, make sure you deploy CAS servers first and create the CAS Array.
    Later install the Mailbox Server.

  3. Prashant says:

    Hi Gulab,

    Please find below error.

    [PS] C:\Windows\system32>Set-MailboxDatabase "Database Name" -RpcClientAccessServer "vip.lb.cas.com"
    A parameter cannot be found that matches parameter name 'RpcClientAccessServer'.
    + CategoryInfo : InvalidArgument: (:) [Set-MailboxDatabase], ParameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Set-MailboxDatabase
    + PSComputerName : win1.lb.cas.com

    And also I am trying this below cmd.

    1.Get-ClientAccessArray
    2.New-ClientAccessArray -Fqdn vip.lb.cas.com-Site Default-First-Site-Name
    3.Get-MailboxDatabase | Set-MailboxDatabase -RpcClientAccessServer vip.lb.cas.com
    4. Set-MailboxDatabase cmdlet with –Identity ‘mailbox database name’

    vip.lb.cas.com - 192.168.0.3 (It is lb)





  4. Prashant says:

    Hi Gulab,

    I am trying below cmd .


    Get-ClientAccessArray
    New-ClientAccessArray -Fqdn exchange.domain.local -Site Default-First-Site-Name
    Get-MailboxDatabase | Set-MailboxDatabase -RpcClientAccessServer exchange.domain.local
    Set-MailboxDatabase cmdlet with –Identity ‘mailbox database name’.

    Please let me know..

    Regards,
    Prashant


  5. Did you already created the CAS Array? And if you already created it and after that you installed Mailbox Server than, you don't have to run any command, cause the array is already associated with the database.
    If not than yes you need to run the command.

  6. Prashant says:

    No I have't crated CAS Arrsy..When i am trying this cmd's i am getting error...saying that..


    Get-ClientAccessArray(Works fine)
    New-ClientAccessArray -Fqdn exchange.domain.local -Site Default-First-Site-Name(It is saying New-ClientAccessArray : The term ‘New-ClientAccessArray’ is not recognized as the name of a cmdlet, function, script
    file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct
    and try again.
    At line:1 char:1
    + New-ClientAccessArray -Fqdn vip.lb.cas.com -Site Default-First-Site-Name
    + ~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (New-ClientAccessArray:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException)

    Regards,
    Prashant

  7. New-ClientAccessArray -Fqdn exchange.domain.local -Site "Default-First-Site-Name" -Name "server.domain.com"

  8. Correction:
    New-ClientAccessArray -Fqdn exchange.domain.local -Site "Default-First-Site-Name" -Name "outlook.domain.com"

  9. Prashant says:

    Hi Gulab,

    Please find the my requirements.

    1.Ipadd : 192.168.1.1 (ADS,DNS)xyz.com
    2.Ipadd : 192.168.1.2 (Member of xyz.com,exch2013)
    3.Ipadd : 192.168.1.3 (Member of xyz.com,exch2013)
    4..Ipadd : 192.168.1.4 (Virtual IP address of load balancer)And i have created 'A' Record on 192.168.1.1.

    Now I am able login using exchange user account throw https://192.168.1.1/OWA And https://192.168.1.2/OWA..The same way i want'd to be in https://192.168.1.4/OWA..Please help out

  10. Prashant says:

    Hi Gulab,

    Please find below error.

    [PS] C:\Windows\system32>Set-MailboxDatabase "Database Name" -RpcClientAccessServer "vip.lb.cas.com"
    A parameter cannot be found that matches parameter name 'RpcClientAccessServer'.
    + CategoryInfo : InvalidArgument: (:) [Set-MailboxDatabase], ParameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Set-MailboxDatabase
    + PSComputerName : win1.lb.cas.com

  11. Prashant says:

    Name Server Recovery ReplicationType
    ---- ------ -------- ---------------
    Mailbox Database 1826349640 WIN1 False None
    Mailbox Database 1099750488 CAS False None


    [PS] C:\Windows\system32>New-ClientAccessArray -Fqdn win1.lb.cas.com -Site "Default-First-Site-Name" -Name "vip.lb.cas.c
    om
    >>
    >>
    [PS] C:\Windows\system32>New-ClientAccessArray -Fqdn win1.lb.cas.com -Site "Default-First-Site-Name" -Name "vip.lb.cas.c
    om"
    New-ClientAccessArray : The term 'New-ClientAccessArray' is not recognized as the name of a cmdlet, function, script
    file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct
    and try again.
    At line:1 char:1
    + New-ClientAccessArray -Fqdn win1.lb.cas.com -Site "Default-First-Site-Name" -Nam ...
    + ~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (New-ClientAccessArray:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

    [PS] C:\Windows\system32>New-ClientAccessArray -Fqdn vip.lb.cas.com -Site "Default-First-Site-Name" -Name "vip.lb.cas.co
    m"
    New-ClientAccessArray : The term 'New-ClientAccessArray' is not recognized as the name of a cmdlet, function, script
    file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct
    and try again.
    At line:1 char:1
    + New-ClientAccessArray -Fqdn vip.lb.cas.com -Site "Default-First-Site-Name" -Name ...
    + ~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (New-ClientAccessArray:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

    win1.lb.cas.com-Member of domain
    vip.lb.cas.com-vip.lb.cas.com(VIP Address)

    Regards,
    Prashant

  12. Which LB you are using? Is it KEMP or F5 or something else?
    Are you able to ping the IP 192.168.1.4
    You can refer Jaap's article on configuring the HLB
    http://www.jaapwesselius.com/2012/12/17/load-balancing-in-exchange-2013-2/

  13. Prashant says:

    Hi Gulab,

    I am able to ping FQDNS of 192.168.1.4..I am using barracuda lb.

    Regards,
    Prashant

  14. Just run this and provide the information it asks for:
    New-ClientAccessArray

    Let me know what is the result.

  15. Prashant says:

    [PS] C:\Windows\system32>New-ClientAccessArray
    New-ClientAccessArray : The term 'New-ClientAccessArray' is not recognized as the name of a cmdlet, function, script
    file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct
    and try again.
    At line:1 char:1
    + New-ClientAccessArray
    + ~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (New-ClientAccessArray:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

  16. Prashant says:

    Hi Gulab,

    I am able to ping FQDNS of 192.168.1.4..I am using barracuda lb.

    Regards,
    Prashant

  17. Prashant says:

    [PS] C:\Windows\system32>New-ClientAccessArray
    New-ClientAccessArray : The term 'New-ClientAccessArray' is not recognized as the name of a cmdlet, function, script
    file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct
    and try again.
    At line:1 char:1
    + New-ClientAccessArray
    + ~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (New-ClientAccessArray:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

  18. Prashant says:

    Hi Gualb,

    have u found anything.

    Regards,
    Prashant

Leave a Reply

EXCHANGE RANGER