Hi,
We already have Exchange 2003 server under cluster environment. We don't have front end exchanger server separately.  Now the requirement is to segregate back and front end server from the existing environment.
Main purpose to configure front end exchange server is to configure RPC over HTTP proxy i. e. Outlook anywhere.
Now, my questions are:
1. What precautions need to be taken while installing/configuring front end server?
2. Do I need to change any settings in existing Exchange 2003 cluster mode server?
3. Do I need to make  changes in our Active Directory services?
If anything else needs to be considered, then please include those points also.
Thanks.
Exchange 2003 – RPC over HTTP
What's precaution need to be taken while installing/configuring front end server?
Â
Windows Server 2003Â SP1Â is needed to be run on every system.
Â
This will provide mail access. Updated RPC protocol is to be used on every client. For WinXP, patch for exchange server 2003 to be installed.  Encryption must be SSL (Secure Sockets Layer) and right client authentication is required for communication and access.
Client requests are landed on front end servers and then send back to appropriate back-end server.
Â
Take care of below points:
Â
• At least one front-end server is required to act as RPC proxy server.
Â
• One or more back-end servers and global catalog servers are also needed..
Â
• The roles of Front-end must be on a separate server.
Â
• Roles of back-end and global catalog can be on one server.
Â
• A front-end server is an ordinary Exchange server until it is configured as a front-end server.
Â
• A front-end server must not host any users or public folders.Â
Â
• Front-end server and back-end servers must be members of the same Exchange organization.
Â
• The cluster containing the front-end-server, back-end-server and the catalog-server must belong to the same group, domain.
Â
•  The SMTP must be configured on the front-end-server and the Microsoft Exchange Information Store service must be started accordingly and must mount at least one private information store because in most of the cases the SMTP service requires the store to perform a conversion.
Â
•  The outlook accounts of the clients must be configured, keeping in mind different scenarios of information stored.  And if the store is mounted then make sure that the user mailboxes are not homed on the information store of a front-end-processor.
Â
• If you configure SSL (Secure Socket Layer), then you must follow the complete steps before removing the stores or leave the private information intact.
Â
• When you deploy RPC over HTTP in a corporate environment, we must have several deployment strategies available for positioning your RPC proxy server and firewalls.
Â
• We must not remove the First Storage Group object in Exchange System Manager because the Microsoft Exchange Information Store service (and its related services) depends on the First Storage Group object.
Â
Exchange 2003 – RPC over HTTP
Do I need to change any setting in existing Exchange 2003 cluster mode server?
Yes, Â you will have to install the RPC over HTTP Proxy Windows component. And then configure the ports manually or leave them to the server to configure them automatically.
Answered By
sundar
0 points
N/A
#85418
Exchange 2003 – RPC over HTTP
1. Precautions to be taken while configuring/installing front end server.
 Â
If we choose this configuration,  the server changes from DAVEx process(to act as back-end server) to the Exprox process( as the front-end process). To make the changes take effect we need to reboot the server. Then using the following steps we can make front end, a genuine front end, by disabling other unnecessary services.
On the front end server we must have the following services running.
-
HTTP-service
-
SMTP-service
-
Exchange system Attendant
-
Exchange routing engine.
There should not be any public folders or mailboxes on your front end server. The best practice is to dismount and delete all databases on your server.
DMZ( placing server in perimeter network )we now have to configure appropriate ports on firewall to make our server run. On the intranet firewall (connects DMZ and internal network)we have to open the following ports.
For Exchange Communication
-
Port 80 for HTTP
-
Port 691 for Link state algorithm routing protocol
For active directory communication
-
Port 389 for LDAP (TCP and UDP)
-
Port 3268 for Global catalog server
-
Port 88 for Kerberos Authentication.
We can now configure the DS access  service for perimeter networks on your front end server. Also configuring front end server to connect to DC and GC by  editing properties in Exchange system manager.
2. Do I need to change any setting in existing exchange 2003 cluster mode server?
If you have installed Exchange Server 2003 before building and configuring the cluster, you must uninstall exchange server 2003, build and configure the cluster  and then reinstall it.Â
Do not install on Exchange Server 2003 on multiple nodes simultaneously. Â Install Terminal services so that administrators can use remote desktop to manage clusters.
3. Do I need to make  changes in Active Directory services.
Making changes to the Active Directory is advisable only rarely. Errors in the Active Directory schema changes can result in data loss and corruption. So before you attempt any manipulation of objects, be sure that you understand its effects and that you have deployed the change and observed its effects in a TESTÂ Â environment.
Coming to message queuing  changes, changes can be made in active directory  domain services, after making changes these are the following changes that do not take effect.
Diagnosis, resolution and verification.
