Top 15 questions on Exchange 2016

Exchange-2016.png

Exchange Server MVP & Microsoft UC Specialist Jaap Wesselius presented a webinar on Exchange 2016 and these were the top 15 questions asked by those who attended. Here Jaap answers questions on everything from the Recommended Upgrade Paths to High Availability to and how to co-exist with earlier versions.

1. Does Exchange 2016 support Skype for Business or Lync on-premises integration?

Sure, this is absolutely no problem. However please note that is NOT possible cross-premises, so Exchange 2016 on-premises and SFB Online (or vice versa) do not integrate at all.

2.     Is legacy name space required while migrating from Exchange 2010?

No, a legacy name space is not required in a coexistence environment with Exchange 2010 and higher. In an Exchange 2010/2016 coexistence scenario all client requests end up on the Exchange 2016 servers. From there the requests are proxied (under the hood) to the correct Exchange 2010 Client Access server where the request is sent to the Exchange 2010 Mailbox server hosting the user’s Mailbox.

3.     Which namespaces are required?

By default you need to have namespaces, autodiscover.contoso.com and something like webmail.contoso.com (the second namespace is configurable).

These are two different namespaces, but can use the same IP address or the same Virtual Service on the load balancer. I prefer to use a third namespace for SMTP purposes, like smtp.contoso.com. Since the load balancer does L7 load balancing, the HTTPS connection is terminated at the Load Balancer and some logic is performed there.

For example, if you have 8 Exchange 2016 servers, you can redirect

·       Outlook Anywhere traffic to Exchange servers 1 and 2,

·       OWA traffic to Exchange servers 3 and 4,

·       Autodiscover traffic to Exchange servers 5 and 6

·       ActiveSync traffic to Exchange servers 7 and 8.

Be aware that, although this is possible, I always recommend in such a scenario to redirect all traffic to all 8 Exchange servers.

4.     When you are on Exchange 2013 and in Hybrid setup, are there any updates we must do when we are on Exchange 2016?

The Hybrid configuration is stored in Active Directory, there’s no such thing as a ‘hybrid server’. The hybrid server is the Exchange server where the Hybrid Configuration Wizard is run. So, there’s nothing special when moving from Exchange 2013 to Exchange 2016. There is one major difference though, in previous days the HCW was a web application that was started from within the Exchange Admin Centre. Nowadays the HCW is a standalone, downloadable application that’s run from the ‘hybrid server’.

5.     How do you recommend to publish OWA to the internet? Via a reverse proxy or direct connection to the MBX role through a firewall?

First of all you need a decent firewall of course. Reverse Proxy or direct connection? Personally I prefer a direct connection, but then you need external IP addresses. Lots of users like to use a reverse proxy which is fine as well. There are several options. First the KEMP LoadMaster (free download here) which is actually acting as a reverse proxy, but you can also use IIS/ARR or the Windows 2012 R2 WAP solution for this as well (but this one needs ADFS internally).

6.     Do we have to use a hardware load balancer or is it still possible to use the dag cluster IP for clustering the CAS role?

There still is a lot of confusion about the DAG cluster IP. This is the management IP address for the cluster binaries used within a DAG. That’s all, and it was never meant as an IP address for load balancing purposes. Of course you can configure your (previous) Exchange environment to act this way, but I never recommend doing so.

In Exchange 2016 however the Computer Name Object (CNO) and accompanying IP address are no longer used, so this (unwanted) configuration can no longer be configured. Therefore, you need to have a load balancer if you have multiple Exchange 2016 servers.

Be aware that you also can no longer use the Windows NLB solution in Exchange 2016 when you have a DAG running.

Another thing to be aware of, in Exchange 2016 an IP-less DAG is used, and not all 3rd party application are compatible with an IP-less DAG.

7.     What’s your recommended path to upgrade from Exchange 2010 to Exchange 2016?

This is similar to an Exchange 2010 to Exchange 2013 upgrade. Right now I would recommend building an Exchange 2010/2016 coexistence environment. So, you need to build a new array of Exchange 2016 and reconfigure your load balancer to use the Exchange 2016 servers. Client requests hit the Exchange 2016 servers, and are proxied to the Exchange 2010 servers. Once configured you can gradually move your Mailboxes to the Exchange 2016 servers.

8.     How to co-exist between Exchange 2010/2013 and Exchange 2016?

When it comes to Exchange 2013/2016 coexistence life is easy. You can add Exchange 2016 servers to a load balanced array of Exchange 2013 Client Access servers and the array continues to work seamlessly. When a client hits an Exchange 2013 CAS server, and the Mailbox is already on Exchange 2016, the request is automatically proxied to the correct Exchange 2016 Server hosting the Mailbox.

This is known as an ‘up-version proxy’. Very cool feature of Exchange 2016. However, the HA of the Mailbox databases (DAG) is not compatible, so you do need to build a new DAG with new Mailbox databases.

It is not possible to add Exchange 2016 servers to an Exchange 2013 DAG.

Now, what happens if you have an Exchange 2010/2013 coexistence scenario and you want to add Exchange 2016 in the mix? You have to create a new Exchange 2016 DAG with Exchange 2016 servers, but you can add these servers to the load balanced array of Exchange 2013 Client Access servers. In this scenario you already have clients hitting the Exchange 2013 CAS servers so this should not be a problem.

Then you can start moving Mailboxes from Exchange 2010 and Exchange 2013 to Exchange 2016, followed by decommissioning of the old Exchange severs. When it comes to decommissioning, I would personally decommission Exchange 2010 first, followed by the Exchange 2013 servers.

Full Details were discussed on the webinar. To watch it on demand click here

9.     How much storage and IOPS your need for your users?

You need to use the Exchange requirement calculator to design your Exchange 2016 servers.

Based on the usage profile, the calculator exactly determines the sizing of the new Exchange 2016 servers. Not only the disk configuration is determined, also the type and size of the CPU, and the amount of memory is calculated.
I also recommend the use of Jetstress to validate the storage solution that’s used in your Exchange environment.

10.  When do you need High Availability and how does it work in Exchange 2016?

In the end this is a customer business requirement, and not a technical requirement. From a business perspective, a customer can say he needs an uptime of for example 99.9% during business hours and we can translate this into a technical solution.

Depending on the exact requirements we have to start creating a HA environment, which can range from multiple database copies (if a mailbox database or server is lost), multiple Exchange 2016 servers, a load balancer or maybe even multiple datacentres to survive a failed datacenter.

Please keep in mind that HA is not a matter of adding additional servers, or using hardware virtualization. Training the IT Staff and creating strict procedures is equally important!
To implement a HA solution you need multiple Exchange 2016 servers, and these servers host multiple copies of the Mailbox databases. Information stored in a Mailbox database is replicated across the network to other Exchange 2016 servers hosting copies of this particular Mailbox database. Multiple Exchange 2016 servers are configured in a Database Availability Group or DAG, and you can add up to 16 Exchange servers in a DAG. This means that for any particular Mailbox database, you can add up to 16 copies, one copy on each server. You have to take into consideration that every copy uses equal storage, so if you have a 500GB Mailbox database and have 4 copies of the Mailbox database, you need (at least) 4 x 500GB = 2TB of storage.
These servers are also configured as Real Servers on the load balancer. Since Exchange 2016 uses the Windows Failover Clustering feature for creating a DAG, you can no longer use Windows NLB as a load balancing solution and you have to use a 3rd party (hardware) load balancer.
 

11.  What are the requirement to setup DR site?

That is quite a long story, you can do a full days’ workshop on this topic. You need at least another datacenter, additional hardware and software or course. You can only store data on this DR site, but if you want an automatic datacenter failover life gets complicated.
You can have additional Exchange servers in a 2nd datacenter and just use this as an off-site copy of the data. Maybe you can even use this passive copy for backing up your data.

If you want datacenter failover your Exchange servers need to be scaled accordingly. Plus, you need to be able to fail-over your active copies to this 2nd datacenter, including the File Share Witness. This FSW might get lost when losing the primary datacenter.

Also, you have to figure out a way how your clients will connect to this second datacenter. Using the same namespace like webmail.contoso.com? Or another namespace, like failovermail.contoso.com.
An additional datacenter for Disaster Recovery does not mean automatic fail-over. A so-called switch-over is a non-automatic planned action. You have to have processes in place to initiate a switch-over.

And the more seamless you want a switch-over, the more complex and the more expensive it gets.

12.  Do we really need to consider running Jetstress on every server?

Yes, you have to make absolutely sure that your Exchange servers meet the performance requirements.

Maybe, if you have a building block model, where all servers are equally configured with hardware you can skip this. You just add a new server when for example 2,000 mailboxes are added, and add another server, and add another server…. This way you know in advance the performance characteristics.

13.  What tools do you need use to understand the current environment?

I typically use SCOM for monitoring the environment, followed by perfmon for monitoring performance when issues arise.

When it comes to connectivity, I also use Outlook for testing purposes, telnet/browser and externally the Exchange Remote Connectivity Analyser.
You can also use remote 3rd party tools like MXTOOLS or DNSTOOLS for checking external connectivity to your Exchange servers. For troubleshooting log files on the Exchange server you can use the Microsoft log parser tool.

14.  Certificate requirements for Exchange 2016?

The certificate requirements for Exchange 2016 are the same as for Exchange 2013. You need a proper 3rd party UC certificate, with two namespaces: webmail.contoso.com (or something like this) and autodiscover.contoso.com for the Subject Alternative Name (SAN). You can also use a wildcard certificate for your Exchange server.

For SMTP you don’t need a 3rd party SSL certificate, unless you configure Domain Security (TLS) for secure email with a partner.

If you use a hybrid server, you also need a 3rd party SSL certificate like hybrid.contoso.com. You can also use this server/SSL certificate for SMTP communication with Office 365.

15.   How can you automate server deployments?

Sure, using scripts and PowerShell it is possible to fully automate your Exchange server deployments.
 
The server itself can be installed using unattended setup and after installation you can fully configure your server using PowerShell. In addition to this, the Desired State Configuration (DSC) can also be used to automate and maintain Exchange server configurations. Top 15 questions on Exchange 2016 
Tags: