Re: adding a f/e to the mix questions by ksb
ksb
Tue Mar 15 13:41:05 CST 2005
Thanks for the response Mark,
yes, we will be using ssl. The plan is to, on cutover day, configure an
smtp server on the f/e, force ssl for pop, imap and http, relocationg the
cert that is currently on the b/e to the f/e. We'll also need to update the
mx and dns records appropriately. That way, we keep the same incoming, smtp
and owa server addresses for the end users.
Sound like a solid plan? Or not?
I was hesitant to go forward with beginning the f/e ex install until I had
confirmation that it would not disrupt service in any way until we make the
cutover. Your answer gives me the confirmation I was hoping for.
"Mark Arnold [MVP]" wrote:
> On Tue, 15 Mar 2005 10:43:10 -0800, ksb
> <ksb@discussions.microsoft.com> wrote:
>
> >We currently have one ex2k server that does it all (pop, imap, mapi, owa) in
> >our single domain w2k ads forest. We plan to:
> >1. bring up a f/e in our perimeter network
> >2. bring up an additional ex2003 server back end.
> >3. Move mailboxes and public folders, using a phased approach, to the ex2003
> >box.
> >4. Remove the ex2k server.
> >
> >We've been reading and learning and hope we have the gotcha's covered.
> >I'd appreciate confirmation that I have this part right:
> >When we install ex on the new f/e, the existing backend server will continue
> >to be available for owa, imap, pop and mapi until we change our dns records.
> >Is that accurate?
> >Thanks
>
> yes, you can bring in the FE and continue to drive through to the BE
> until you're ready for switchover.
> A gotcha though is this. I assume you're runnng SSL on the
> OWA/POP/IMAP etc currently? When you switch to FE/BE you'll obviously
> activate and configure SSL on the FE. After you do you will remove the
> requiremnt for Force SSL on the BE since FE to BE is not SSL but
> Client to FE obviously is.
> Of course, if you have no plans to use SSL then I've just wasted a few
> lines of text.
>