Configuring an Exchange Hybrid Deployment & Migrating to Office 365 (Exchange Online) (Part 8)

by [Published on 29 Jan. 2013 / Last Updated on 29 May 2013]

In this article we will look at what deploying Exchange 2010 hybrid servers will provide us with in terms of features and functionality.

If you would like to read the other parts of this article series please go to:

Introduction

In part 7 of this multi-part articles series revolving around Exchange hybrid deployment based migrations to Office 365 or more precisely Exchange Online, we configured and enabled the Directory Synchronization (DirSync) tool. Then we verified that the DirSync tool did the job it is supposed to do by looking at the behind the scene mechanisms of the DirSync engine.

In this part 8, we will continue where we left off in part 7. That is we will look at what deploying Exchange 2010 hybrid servers will provide us with in terms of features and functionality. In addition, we will configure the two Exchange 2010 Hybrid Deployment servers in a Windows Network Load Balancing (WNLB) farm.

Let’s get going…

A Brief Explanation of an Exchange Hybrid Deployment

So as we talked about back in part 1 of this article series, a hybrid deployment makes it possible for an organization to have the same feature-rich and administrative control for the Office 365 tenant in the cloud as it has for the existing on-premise Exchange-based messaging environment.

By deploying Exchange hybrid servers in the on-premise Exchange based messaging environment, it’s possible to integrate the on-premise Exchange environment with the Office 365 tenant in the cloud, so that the end users get a seamless look and feel of a single Exchange organization no matter if their mailbox is located on-premise or in the cloud.

Image
Figure 1:
Integration between Office 365 and on-premise

An Exchange hybrid deployment often serves as an intermediate step for organizations that want to move their messaging environment fully to the cloud, but is also used in a more permanent fashion by organizations that want to be able to:

  • Keep selected mailboxes on-premises while moving others to Exchange Online without breaking end user features
  • Offboard mailboxes from Exchange Online back to Exchange on-premise
  • Keep mailboxes on-premises and store an associated archive mailbox in Exchange Online
  • Keep having some or all on-premises line of business applications, network devices etc. utilize on-premise hybrid servers instead of pointing them to Exchange Online in order to avoid potential limitations that exist in Exchange Online

When configuring an Exchange hybrid deployment, the following features are enabled between the on-premise Exchange based messaging environment and Exchange Online:

  • TLS-based secure mail routing between the on-premises Exchange messaging environment and Exchange Online.
  • Mail routing with a shared domain namespace (primary SMTP domain i.e. fabrikam.com used in the organization).
  • Message tracking, MailTips, and multi-mailbox search between on-premises and Exchange Online organizations.
  • A unified global address list (GAL) meaning users see the same address list no matter if they have a mailbox in Exchange online or on-premise.
  • Free/busy and calendar sharing between user mailboxes stored in Exchange Online and on-premise.
  • Centralized control of outbound mail flow. You can configure Exchange Online to route all messages to Internet recipients through the on-premises Exchange organization.
  • A single Outlook Web App (OWA) URL for both the on-premise and Exchange Online users.
  • The ability to move mailboxes from on-premise to the Exchange Online using the EMC or PowerShell.
  • Centralized mailbox management using the Exchange Management Console on the hybrid servers.
  • Cloud-based message archiving for on-premises Exchange mailboxes.

Configuring Windows Load Balancing on the Exchange Hybrid Servers

So earlier on in this article series, we configured the ADFS and ADFS Proxy servers in a Windows Network Load balancing cluster in order to provide high availability on the identity federation level. This so planned or unplanned downtime for one of the ADFS or ADFS Proxy servers did not affect end users authenticating against Office 365 using their Active Directory user credentials.

In order to not break the hybrid deployment based integration between Exchange Online and on-premise Exchange based messaging environment, we of course also wish to have high availability on the Exchange hybrid configuration level. So before we set up the hybrid configuration on the Exchange 2010 servers, we will load balance them using Windows Network Load Balancing (WNLB).

Note:
Both WNLB and a virtual or hardware based load balancing solution can be used to provide high availability for the Exchange hybrid servers. Depending on your specific scenario, you may wish to go with a hardware-based load balancer

To configure the servers in a WNLB, first install the ”Network Load Balancing” component. This can be done by opening the Server Manager and launching the ”Add Features Wizard” as shown in Figure 2. On the ”Select Features” page, check ”Network Load Balancing”.

Image
Figure 2: Selecting the Network Load Balancing component

When the component has been installed, click ”Close” to exit the wizard.

Image
Figure 3:
NLB component installed

Now launch ”Network Load Balancing Manager” from ”Start” > ”Administrative Tools”.

Image
Figure 4: Launching the NLB Manager

In the NLB Manager, select ”Cluster” in the menu and then click ”New”.

Image
Figure 5:
NLB Manager

Image
Figure 6:
Opening the New NLB Cluster creation wizard

In ”New Cluster: Connect” type the server name of the Exchange 2010 server you currently are logged on to then click ”Connect”.

Select the interface name listed and click ”Next”.

Note:
In this article series I’ll configure the Windows NLB in unicast mode which is the reason why I only have one interface connected to the server.

Image
Figure 7:
Specifying the name of the first node and the associated interface

On the ”New Cluster: Host Parameters” page, leave the defaults as is and click ”Next”.

Image
Figure 8: Host Parameters page

On the ”New Cluster: Cluster IP Addresses” page, click ”Add”. Now enter the IP addresses (virtual IP address) that should accept incoming sessions for the Windows NLB cluster.

When done, click ”OK” and ”Next”.

Image
Figure 9:
Adding a virtual IP address to the NLB cluster

On the ”New Cluster: Cluster Parameters” page, enter the FQDN for the Windows NLB in the ”Full Internet Name” text field and then select the cluster operation mode.

In this article series, we’ll use ”hybrid.office365lab.dk” as the FQDN and make sure the Windows NLB is set to unicast mode.

Note:
The “hybrid.office365lab.dk” FQDN will be used for mail flow between Exchange Online and the on-premise Exchange based messaging environment, down level proxying for availability lookups to mailboxes located on the Exchange 2007 servers etc.

Click ”Next”.

Image
Figure 10: Specifying the full internet name and cluster operation mode

On the ”New Cluster: Port Rules” page, leave the defaults so the NLB cluster listens on all ports.

Click ”Finish”.

Image
Figure 11: Port rules

The NLB cluster has now been configured although only with a single node.

In order to add the other ADFS server as a node, right-click on the cluster name and then select ”Add Host To Cluster” in the context menu. On the ”Add Host to Cluster: Connect” page, enter the server name of the other Exchange 2010 hybrid server and then click ”Connect”. Select the listed interface and click ”Next”.

Image
Figure 12: Specifying the name and interface of the other node

Leave the defaults and click ”Next”.

Image
Figure 13: Host Parameters

Click ”Finish”.

Image
Figure 14: Port rules

After a little while the other node has been added to the NLB cluster.

Image
Figure 15:
NLB cluster now includes two nodes

Okay so although we now have a NLB cluster set with ”hybrid.office365lab.dk” associated with the specified virtual IP address, there’s no way traffic that hits ”hybrid.office365lab.dk” can be directed to the NLB cluster since the FQDN doesn’t exist in DNS.

So let’s open the DNS Manager on a domain controller in the Active Directory forest and add a new host record (A-record). Name it ”hybrid” and then enter the VIP address that was set when the NLB cluster was created.

Image
Figure 16:
Creating a DNS record in AD DNS

Important:
In this article series all servers including the Exchange 2010 hybrid servers are based on virtual machines in a Hyper-V environment. This means that we need to enable spoofing of MAC addresses on the interface for servers participating as nodes in an NLB cluster running in unicast mode. To do so, shut down each node and then open the property page for each respective virtual machine. On the property page, select the virtual network adapter, then check ”Enable spoofing of MAC addresses”.

Image
Figure 17: Enabling spoofing of MAC addresses

Now start each cluster node and then verify you can ping ”hybrid.office365lab.dk” or whatever FQDN you use in your environment.

Image
Figure 18:
Ping the FQDN associated with the NLB Cluster

This concludes part 8 of this multi-part article in which I explain how you configure Exchange hybrid deployment followed by migrating to Office 365 (Exchange Online).

If you would like to read the other parts of this article series please go to:

The Author — Henrik Walther

Henrik Walther avatar

Henrik Walther is a respected writer with special focus on Microsoft Exchange and Office 365/BPOS (Exchange Online) solutions within the unified communications area. Prior to joining Microsoft, he was an eight year Exchange MVP and back in 2006 he took the Microsoft Certified Master: Exchange certification.

Latest Contributions

Featured Links