If you would like to read the other parts of this article series please go to:
- Configuring an Exchange Hybrid Deployment & Migrating to Office 365 (Exchange Online) (Part 10)
- Configuring an Exchange Hybrid Deployment & Migrating to Office 365 (Exchange Online) (Part 11)
In part 7 of this multi-part articles series revolving around Exchange hybrid deployment based migrations to Office 365 or more precisely Exchange Online, we configured and enabled the Directory Synchronization (DirSync) tool. Then we verified that the DirSync tool did the job it is supposed to do by looking at the behind the scene mechanisms of the DirSync engine.
In this part 8, we will continue where we left off in part 7. That is we will look at what deploying Exchange 2010 hybrid servers will provide us with in terms of features and functionality. In addition, we will configure the two Exchange 2010 Hybrid Deployment servers in a Windows Network Load Balancing (WNLB) farm.
Let’s get going…
A Brief Explanation of an Exchange Hybrid Deployment
So as we talked about back in part 1 of this article series, a hybrid deployment makes it possible for an organization to have the same feature-rich and administrative control for the Office 365 tenant in the cloud as it has for the existing on-premise Exchange-based messaging environment.
By deploying Exchange hybrid servers in the on-premise Exchange based messaging environment, it’s possible to integrate the on-premise Exchange environment with the Office 365 tenant in the cloud, so that the end users get a seamless look and feel of a single Exchange organization no matter if their mailbox is located on-premise or in the cloud.
Figure 1: Integration between Office 365 and on-premise
An Exchange hybrid deployment often serves as an intermediate step for organizations that want to move their messaging environment fully to the cloud, but is also used in a more permanent fashion by organizations that want to be able to:
- Keep selected mailboxes on-premises while moving others to Exchange Online without breaking end user features
- Offboard mailboxes from Exchange Online back to Exchange on-premise
- Keep mailboxes on-premises and store an associated archive mailbox in Exchange Online
- Keep having some or all on-premises line of business applications, network devices etc. utilize on-premise hybrid servers instead of pointing them to Exchange Online in order to avoid potential limitations that exist in Exchange Online
When configuring an Exchange hybrid deployment, the following features are enabled between the on-premise Exchange based messaging environment and Exchange Online:
- TLS-based secure mail routing between the on-premises Exchange messaging environment and Exchange Online.
- Mail routing with a shared domain namespace (primary SMTP domain i.e. fabrikam.com used in the organization).
- Message tracking, MailTips, and multi-mailbox search between on-premises and Exchange Online organizations.
- A unified global address list (GAL) meaning users see the same address list no matter if they have a mailbox in Exchange online or on-premise.
- Free/busy and calendar sharing between user mailboxes stored in Exchange Online and on-premise.
- Centralized control of outbound mail flow. You can configure Exchange Online to route all messages to Internet recipients through the on-premises Exchange organization.
- A single Outlook Web App (OWA) URL for both the on-premise and Exchange Online users.
- The ability to move mailboxes from on-premise to the Exchange Online using the EMC or PowerShell.
- Centralized mailbox management using the Exchange Management Console on the hybrid servers.
- Cloud-based message archiving for on-premises Exchange mailboxes.
Configuring Windows Load Balancing on the Exchange Hybrid Servers
So earlier on in this article series, we configured the ADFS and ADFS Proxy servers in a Windows Network Load balancing cluster in order to provide high availability on the identity federation level. This so planned or unplanned downtime for one of the ADFS or ADFS Proxy servers did not affect end users authenticating against Office 365 using their Active Directory user credentials.
In order to not break the hybrid deployment based integration between Exchange Online and on-premise Exchange based messaging environment, we of course also wish to have high availability on the Exchange hybrid configuration level. So before we set up the hybrid configuration on the Exchange 2010 servers, we will load balance them using Windows Network Load Balancing (WNLB).
Both WNLB and a virtual or hardware based load balancing solution can be used to provide high availability for the Exchange hybrid servers. Depending on your specific scenario, you may wish to go with a hardware-based load balancer
To configure the servers in a WNLB, first install the ”Network Load Balancing” component. This can be done by opening the Server Manager and launching the ”Add Features Wizard” as shown in Figure 2. On the ”Select Features” page, check ”Network Load Balancing”.
Figure 2: Selecting the Network Load Balancing component
When the component has been installed, click ”Close” to exit the wizard.
Figure 3: NLB component installed
Now launch ”Network Load Balancing Manager” from ”Start” > ”Administrative Tools”.
Figure 4: Launching the NLB Manager
In the NLB Manager, select ”Cluster” in the menu and then click ”New”.
Figure 5: NLB Manager
Figure 6: Opening the New NLB Cluster creation wizard
In ”New Cluster: Connect” type the server name of the Exchange 2010 server you currently are logged on to then click ”Connect”.
Select the interface name listed and click ”Next”.
In this article series I’ll configure the Windows NLB in unicast mode which is the reason why I only have one interface connected to the server.
Figure 7: Specifying the name of the first node and the associated interface
On the ”New Cluster: Host Parameters” page, leave the defaults as is and click ”Next”.
Figure 8: Host Parameters page
On the ”New Cluster: Cluster IP Addresses” page, click ”Add”. Now enter the IP addresses (virtual IP address) that should accept incoming sessions for the Windows NLB cluster.
When done, click ”OK” and ”Next”.
Figure 9: Adding a virtual IP address to the NLB cluster
On the ”New Cluster: Cluster Parameters” page, enter the FQDN for the Windows NLB in the ”Full Internet Name” text field and then select the cluster operation mode.
In this article series, we’ll use ”hybrid.office365lab.dk” as the FQDN and make sure the Windows NLB is set to unicast mode.
The “hybrid.office365lab.dk” FQDN will be used for mail flow between Exchange Online and the on-premise Exchange based messaging environment, down level proxying for availability lookups to mailboxes located on the Exchange 2007 servers etc.
Figure 10: Specifying the full internet name and cluster operation mode
On the ”New Cluster: Port Rules” page, leave the defaults so the NLB cluster listens on all ports.
Figure 11: Port rules
The NLB cluster has now been configured although only with a single node.
In order to add the other ADFS server as a node, right-click on the cluster name and then select ”Add Host To Cluster” in the context menu. On the ”Add Host to Cluster: Connect” page, enter the server name of the other Exchange 2010 hybrid server and then click ”Connect”. Select the listed interface and click ”Next”.
Figure 12: Specifying the name and interface of the other node
Leave the defaults and click ”Next”.
Figure 13: Host Parameters
Figure 14: Port rules
After a little while the other node has been added to the NLB cluster.
Figure 15: NLB cluster now includes two nodes
Okay so although we now have a NLB cluster set with ”hybrid.office365lab.dk” associated with the specified virtual IP address, there’s no way traffic that hits ”hybrid.office365lab.dk” can be directed to the NLB cluster since the FQDN doesn’t exist in DNS.
So let’s open the DNS Manager on a domain controller in the Active Directory forest and add a new host record (A-record). Name it ”hybrid” and then enter the VIP address that was set when the NLB cluster was created.
Figure 16: Creating a DNS record in AD DNS
In this article series all servers including the Exchange 2010 hybrid servers are based on virtual machines in a Hyper-V environment. This means that we need to enable spoofing of MAC addresses on the interface for servers participating as nodes in an NLB cluster running in unicast mode. To do so, shut down each node and then open the property page for each respective virtual machine. On the property page, select the virtual network adapter, then check ”Enable spoofing of MAC addresses”.
Figure 17: Enabling spoofing of MAC addresses
Now start each cluster node and then verify you can ping ”hybrid.office365lab.dk” or whatever FQDN you use in your environment.
Figure 18: Ping the FQDN associated with the NLB Cluster
This concludes part 8 of this multi-part article in which I explain how you configure Exchange hybrid deployment followed by migrating to Office 365 (Exchange Online).
If you would like to read the other parts of this article series please go to: