Pre-Release Programs
Be first in line!
Exchange & SharePoint On-Premises Programs
Customers get:
Early access to new features
Opportunity to shape features
Close relationship with the product teams
Opportunity to provide feedback
Technical conference calls with members of the
product teams
Opportunity to review and comment on
documentation
Get selected to be in a program:
Sign-up at Ignite at the Preview Program desk
OR
Fill out a nomination: http://aka.ms/joinoffice
Questions:
Visit the Preview Program desk in the Expo Hall
Contact us at: [email protected]
We heard you!
The same experience as coexisting with Exchange 2013









OWA Redirect if ExternalURL
exists in remote site.
mail.contoso.com
europe.mail.contoso.com
Layer 4 or 7 LB
HTTP Proxy
E2010 CAS
E2016
Store
Protocol Head
DB
DB
E2010 MBX
9
Site Boundary
Protocol Head
IIS
Layer 7 LB
Protocol Head
E2010 CAS
Store
DB
E2010 MBX
E2013 CAS
E2010 CAS
E16 MBX
Option 1, let Exchange 2013 up-version proxy.








 Swing the load balanced namespaces over from 2013 to 2016
 Recommended: Gradually introduce 2016 servers into the existing LB pool.
 Supported: Cutover to all 2016 servers at once
Option 2, let Exchange 2016 down-version proxy.




 Swing the load balanced namespaces over from 2013 to 2016




E16 MBX
E2013 CAS
E2010 CAS
E2013 MBX
E13
CAS
E13
CAS
2016
MBX
2016
E13
MBX
CAS
2016
MBX
E13
MBX
E13
MBX
E13
MBX
E13
MBX
2016
MBX
mail.contoso.com
europe.mail.contoso.com
Layer 4 LB
16 Client Access Services
IIS
HTTP Proxy
E2013 CAS
Protocol Head
Protocol Head
DB
DB
16 Store
15
E2013 MBX
Site Boundary
IIS
HTTP Proxy
Layer 7 LB
Protocol Head
E2010 CAS
Store
DB
E2010 MBX
europe.mail.contoso.com
mail.contoso.com
Layer 7 LB
Layer 4 LB
IIS
HTTP Proxy
HTTP Proxy
E2013 CAS
Protocol Head
Protocol Head
DB
DB
16 Store
16
IIS
E2013 MBX
Site Boundary
16 MBX Server
Client Access Services
Protocol Head
E2010 CAS
Store
DB
E2010 MBX
europe.mail.contoso.com
mail.contoso.com
Layer 7 LB
Layer 4 LB
16 MBX Server
Client Access Services
Protocol Head
HTTP Proxy
Protocol Head
Protocol Head
DB
DB
16 Store
17
E2013 MBX
Site Boundary
IIS
E2010 CAS
Store
DB
E2010 MBX
No longer supported
All legacy Exchange server versions must meet requisite levels.
Edge Transport servers may require Edge Subscriptions to be re-run before 2016 setup will operate.
[PS] C:\>Get-ExchangeServer | FT Name,AdminDisplayVersion,ServerRole -AutoSize
Name
----
E2K10-EDG-001
E2K13-MLT-001
AdminDisplayVersion
-------------------
ServerRole
----------
Version 14.2 (Build 247.5) EdgeTransport
Version 15.0 (Build 1076.9) Mailbox, ClientAccess
Earlier versions of Exchange cannot be reintroduced
Avoid The OAB Avalanche
Exchange 2016 and 2013 create a new default OAB for the organization
Specifying the existing OAB on all legacy DBs prior to installing 2016 (or 2013)
Protocol
Exchange 2007 user accessing
Exchange 2010 namespace
Exchange 2007 user accessing
Exchange 2013 namespace
Exchange 2010 user accessing
Exchange 2013 namespace
Requires
Legacy namespace
Legacy namespace
No additional namespaces
OWA
• Same AD Site: Silent SSO FBA redirect
• Externally facing AD site: manual or silent/SSO
Cross-site redirect
• Internally facing AD site: proxy to CAS 2007
• Silent SSO redirect to CAS 2007 externally facing
URL in same-site or cross-site
• Same AD Site: Proxy to CAS 2010
or
• Different AD Site: Silent SSO cross-site redirect or
proxy depending on External URL
EAS
• EAS v12.1+ : Autodiscover & redirect
• Older EAS devices: proxy
Proxy to MBX 2013
Proxy to CAS 2010
Outlook Anywhere
Direct CAS 2010 support
Proxy to CAS 2007
Autodiscover
Exchange 2010 answers Autodiscover query for
2007 User
Exchange 2013 answers Autodiscover query for
2007 User
EWS
Uses Autodiscover to find CAS 2007 EWS External
URL
Uses Autodiscover to find CAS 2007 EWS External
URL
POP/IMAP
Proxy to CAS 2007
Proxy to CAS 2007
OAB
Direct CAS 2010 support
Proxy to CAS 2007
RPS
n/a
n/a
ECP
26
• Proxy to CAS 2010 or
• Cross-site redirect, which may redirect to CAS
2010 or CAS 2013
Protocol
Exchange 2010 user accessing
Exchange 2016 namespace
Exchange 2013 user accessing
Exchange 2016 namespace
Exchange 2016 user accessing
Exchange 2013 namespace
Requires
No additional namespace
No additional namespace
No additional namespaces
OWA/ECP
• Same AD Site: Proxy
• Internal AD site: Proxy
• Externally facing AD site: Proxy or silent/SSO
cross-site redirect, your choice
• Same AD Site: Proxy to E2013 MBX w/Active DB
• Internal AD site: Proxy to E2013 MBX w/Active DB
• Externally facing AD site: Proxy to E2013 MBX
w/Active DB or silent/SSO cross-site redirect,
your choice
• Same AD Site: Proxy to E2016 MBX w/Active DB
• Internal AD site: Proxy to E2016 MBX w/Active DB
• Externally facing AD site: Proxy to E2016 MBX
w/Active DB or silent/SSO cross-site redirect,
your choice
EAS
Proxy to CAS 2010 endpoint
Proxy to MBX 2013 with Active DB
Proxy to Exchange 2016 with Active DB
Outlook Anywhere
EWS
POP/IMAP
RPS
MAPI/HTTP
N/A
Autodiscover
E2016 proxies the AutoD request to E2010 CAS
endpoint
E2016 proxies the AutoD request to E2013 MBX
with the user’s active DB copy
E2013 CAS proxies the AutoD request to the E2016
server with the user’s active DB copy
OAB
E2016 proxies OAB request to CAS 2010
endpoint
E2016 proxies the request to OAB generation
mailbox with the OAB or a shadow copy of the
OAB
E2013 proxies the request to OAB generation
mailbox with the OAB or a shadow copy of the
OAB
27
In an All Exchange 2016 World
Unbound namespace




Bound namespace




*
*
*
mailfb.emea.fabrikam.com
mailfb.us.fabrikam.com
*
*
*
* = Internal DNS Only
*
14 Names
12 Names on the certificate
*
*
*
*
*
*
*
* = Internal DNS Only
9 Names
7 Names on the certificate
*
*
*
*
* = Internal DNS Only
10 Names
10 Names on the certificate
*
*
*
*
*
* = Internal DNS Only
7 Names
7 Names on the certificate
*
*
*
*
*
* = Internal DNS Only
*
12 Names
10 Names on the certificate
*
*
*
*
*
* = Internal DNS Only
*
9 Names
7 Names on the certificate
Certificate Names Used if no Wildcard Cert Used
Exchange Versions in Play
Bound Model
Unbound Model
2010 + 2016
12
7
2013 + 2016
10
7
2010 + 2013 + 2016
10
7
1.
2.
3.
4.
5.
6.
7.
D:\>setup /mode:install /roles:mailbox /iacceptexchangeserverlicenseterms
…and repeating… and repeating… and repeating…
Move this system mailbox from 2010/2013 to 2016.
SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}
Exchange 2010 + Exchange 2016
http://aka.ms/kerbcoexist20102013
Exchange 2013+ Exchange 2016
Exchange 2010+ Exchange 2013+ Exchange 2016
[PS] C:\>Get-OrganizationConfig | FL WACDiscovery*
WACDiscoveryEndpoint :
[PS] C:\>Set-OrganizationConfig –WACDiscoveryEndpoint https://oos.corp.e16lab.com/hosting/discovery
[PS] C:\>Get-OrganizationConfig | FL WACDiscovery*
WACDiscoveryEndpoint : https://oos.corp.e16lab.com/hosting/discovery
Moving Outlook Anywhere to 2016 from 2010
Clients
mail.contoso.com
RPC/HTTP
Layer 7 LB
Layer 4 LB
RPC/HTTP
HTTP
PROXY
E2010 CAS
OA Enabled
Client Auth: Basic
IIS Auth: Basic
NTLM
1. Enable Outlook Anywhere on all legacy CAS
E16
OA Enabled
Client Settings
IIS Auth: NTLM
RPC
HTTP
PROXY
2. IIS Authentication Methods
E2010 CAS
Disabled
OA Enabled
Client Settings
IIS Auth: NTLM
RPC
RPC
IIS Auth must have NTLM enabled on all
legacy CAS (Basic + NTLM is ok!)
3. Client Settings
Make legacy OA settings the same as 2016
CAS so all clients get the same proxy
hostname
4. DNS Cutover
A low TTL on the existing record the days
prior to the cutover is a good idea.
E2010 MBX
E2010 MBX
Internet facing site
Intranet facing site
64
Y
X
B
A
http://myignite.microsoft.com