question

GeorgeGaprindashvili-0372 avatar image
0 Votes"
GeorgeGaprindashvili-0372 asked GeorgeGaprindashvili-0372 commented

Multiple on-premises Exchange 2016 server Outlook connection best practices.

We have two Exchange 2016 servers in single domain single site. Servers are part of DAG for fault tolerance.
One which has active DAG member is the one router forwards external clients to.
about 125 domain computers are on site with Outlook 2019.

For testing we put without connection (unplugged cat5) secondary computer.
immediately some internal clients lost connection to server.

External clients were just fine.

DAG was OK because witness server is present same site.

what we do wrong?

Should I change SCP so that internal clients only look to DAG primary member?

please help

office-exchange-server-connectivity
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

3 Answers

AndyDavid avatar image
0 Votes"
AndyDavid answered GeorgeGaprindashvili-0372 commented

The way you make that work is to set the SCP the same on all the Exchange Servers. You also set all the Exchange Virtual directories for client access to the same URLs
Then you have that URL point to the load balancer endpoint.

Any decent load balancer can do this , software or hardware.

Round Robin DNS is not application aware - unlike a load balancer.

· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GeorgeGaprindashvili-0372 avatar image GeorgeGaprindashvili-0372 ·

So it all gets down to manipulating SCP the way it points to load balancer!

I got it would like to know-how
Thanks!

0 Votes 0 ·
GeorgeGaprindashvili-0372 avatar image GeorgeGaprindashvili-0372 ·

is this good way to manipulate SCP? to point load balancer?

https://community.spiceworks.com/topic/2272911-changing-scp-in-exchange-2016

0 Votes 0 ·
AndyDavid avatar image
0 Votes"
AndyDavid answered GeorgeGaprindashvili-0372 commented

If you have a DAG, it means you also have multiple client access connections ( One for each server)
What you need to is to load balance those client connections to both servers using a real load balancer or DNS Round Robin if using a load balancer is not possible:

https://docs.microsoft.com/en-us/exchange/architecture/client-access/load-balancing?view=exchserver-2016

· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GeorgeGaprindashvili-0372 avatar image GeorgeGaprindashvili-0372 ·

Thank you for your answer. if by some reason one server (assume one which holds non active database) is down then load balancer will ensure Outlook clients proper functionality?

0 Votes 0 ·
AndyDavid avatar image
0 Votes"
AndyDavid answered GeorgeGaprindashvili-0372 commented

Yes, all the Exchange Servers are in a pool and when one is down, the load balancer automatically routes client connections to the active servers only and does not route to the inactive

· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GeorgeGaprindashvili-0372 avatar image GeorgeGaprindashvili-0372 ·

Load balancer is great but lets have in mind that will be load balancer within single LAN
within same class C subnet.

Any advice for what load balancer can be used?
hardware appliance? DNS server?

DNS server is on premises and has got proper Autodiscover to primary exchange server lets call it server0 for simplicity. Other one lets call server1.
I I had idea to force all outlook clients use server0 using DNS server and SCP in AD
But seems Outlook can not be cheated or forced it senses present of server1.
All outlook clients use server0 and server1 both and intermittently.
Even one PC Outlook intentionally left out of Domain uses both server0 and server1.


So there seems no easy way.

For external clients router forces them to go server0. I guess now that also should be using load balancer or not necessarily?

please advise on load balancers for on premises single LAN. what are the options?

thanks Andydavid



0 Votes 0 ·
GeorgeGaprindashvili-0372 avatar image GeorgeGaprindashvili-0372 ·

Main question with load balancer of any kind is that given load balancer should become our SCP. any outlook client needs to seek services with load balancer and not server0 or server1.
And how organize that?

This is the key question.

right now anyone on network seeks Exchange services directly server0 or server1 because they advertised SCP everywhere.

How make SCP that load balancer?

0 Votes 0 ·