Resolved SBS2008 and CNAMES

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi Guys,

I'm about to create 3 different CNAMES for the components of SBS (OWA, Outlook Anywhere and Remote Workplace)

Am I right in saying that all three CNAMES should point to the IP Address of the server (External obviously) and that I should set the External Host names of all three things to their corresponding CNAME? or is it not quite that simple.

Basically I want

mail.domain.com
owa.domain.com
remote.domain.com

Any suggestions from the megapros would be great

thanks guys.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

EDIT: Ignore this post sorry!

 

but wait - if he is using SBS there would only be one box - and there would only be one ip address.

 

oops, i totally mis-read the OP's post - Sorry, ignore me!!

 

Bingo. That's where my confusion sets it. I'm also concerned I could **** up Auto-discover by changing the host name.

 

The names should point to the external IP address that is running the service e.g.

mail.domain.com 81.123.45.1
owa.domain.com 81.123.45.2
remote.domain.com 81.123.45.3

These could all point to the same external IP address 81.123.45.1 they just use a different URL to get to the same destination.

 

Can u set up a CNAME to point at the IP address at all? Looking at my DNS server I have to set up A record for the IP and all CNAMEs to point at FQDN.

 

Same here - I always thought CNAME's tend to be like an alias just to send it to another address - which would usually be a domain name, dont know if it works with ip's or not

I think that's why i mentioned using A records previously, but only from the domain to the ip - not an rdns lookup. I'm pretty sure you could set multiple A records to go to the same IP address without problem?

 

Yep. But then the thread would be about setting A records and not CNAMES

 

alright, alright! :P

 

It was actually about both was I was unsure of the semantics of it bit couldn't be bothered to edit the title.

So, how will the SBS differentiate between which A Record is meant for which service? IE, how will it route mail.domain to Outlook Anywhere if they all go to the same Address?

 

It doesn't need to. Outlook Anywhere, Autodiscover, Active-Sync, ECP and WebApp are all services running off IIS. So given your domain name is domain.com as long as all Exchange related HTTPS traffic is routed to the server it's going to work as different services will be published on different websites (domain.com/Microsoft-Active-Sync, domain.com/owa, etc.)


Keep in mind you will need a SAN or a wildcard certificate for all those names for it to work.

When having multiple subdomains for HTTPS requests it's the host header that matters. IIS can read host header passed by a client and decide where to route the request.

To give you an example:
Imagine IIS server hosting 100 websites. All off 1 IP address. They have different external names configured and different domain names pointing at the same IP address. Depending on which domain name you type in in the browser, different websites will display. IIS knows which domain you requested.

Not sure if the example is any helpful but IIS host headers is something you should be looking at to find out more. CAS servers are basically RPC/MAPI listeners for normal Outlook access and IIS webservers that do everything else.

edit: Just read it through again. If you're looking at sharing different services through different domains you might need to look up how to split Exchange services across multiple IIS applications/websites. So each website will have it's domain name (host header to read) and will host the service (Active-Sync, OWA, ECP, RPC over HTTPS)

 

So just set up the A records for each pointing to the same address and then change the external host names in SBS console? and test.

Cheers mate Repped

 

You can either set up A records for all services or 1 A record for the server name and CNAMEs pointing at that A record. Either way it should work.

 

FYI you shouldn't use a Wildcard Certificate as these can only be used external domain names only where as Exchange 2007/2010 needs to use internal names as well. MS recommend using a SAN certificate which would contain something like the following:

mail.domain.com
mail.domain.local
autodiscover.domain.local
ex01.domain.local
ex01

You need to ensure that you put in the following on the SAN:

External FQDN
Internal FQDN
NetBIOS

 

Thanks! This is all true if your external domain name is different than your internal one. But I get your point. I don't agree on the NetBIOS name. It works well without it.

 

Weird. Mine works fine without it. I have FQDN on it but no NetBIOS. Haven't had any problems with it.