One of the new features in Exchange 2010 that many people are not familiar with is the CAS Array. The CAS array is a really neat feature for clients looking for High Availability in their Exchange organization and wants to remove the chance for a single point of failure.
In the old versions of Exchange clients would connect directly to the mailbox server but that is no longer the case in Exchange 2010 (http://www.scottfeltmann.com/index.php/2009/10/26/sizing-exchange-2010-client-access-servers). This leads us to the reason why CAS arrays are so important in the Exchange 2010 environment. In Exchange 2010 clients now connect directly to the CAS. The CAS then will proxy the client to the mailbox server. This means that all outlook client connectivity is now routing through the CAS. When not using the CAS array the outlook client will connect directly to the CAS and remain connected to that CAS. In the event of an outage the Outlook client will lose connectivity to the Exchange Mailbox Server and will not be able to fail over to another CAS in the Active Directory Site since it has already established a connection to a CAS which is now down. How does the Outlook client find the CAS? When a CAS is deployed in Active Directory it will create a service connection point (SCP). This SCP then tells clients the clients via autodiscover how to find a CAS. If an organization has multiple CAS then there are multiple SCP created in AD. This process holds true in both Exchange 2007 and Exchange 2010. The difference is Exchange 2010 has the ability to create Client Access Array’s.
So, you’re asking yourself, ok, what is a Client Access Array? Well, I’m glad you asked! In Exchange 2010 Microsoft introduced a new concept for High Availability for the Client Access Servers called a CAS Array. What organizations are now capable of doing is configuring a set of Client Access Servers to act as one by using Network Load Balancing (NLB), either Windows or a Hardware Load Balancer will do. When using NLB admins create a DNS record that points to a Virtual IP address (VIP). Behind this VIP will be the Client Access Servers. You may have one or twenty. Keep in mind though, if using one, when that server goes down, users lose connectivity. (I’m assuming that you know how to NLB the Client Access Servers, unfortunately I don’t have anything written on setting up NLB but there are some good articles out there.) So, if you have three CAS in your environment you are capable of creating a new array which will include all three of these servers. The array will point to the NLB hostname which will then route the traffic to one of the CAS behind the NLB URL. In the event that a CAS should go offline, and since the client is connecting directly to the NLB URL and IP the client will be redirected to a functioning CAS and be able to maintain their connection!
Now that we have an idea of what a Client Access Array is the next logical step is creating the array! In order to create a new Client Access Array we will use the new command of “New-ClientAccessArray”. This command will create an object that represents a load balanced array of CAS within a single Active Directory Site. Keep in mind, that each array is specific to the AD site. This means if you have multiple sites with Client Access Servers you can create arrays specific to that site.
The following example is the command for creating a new array, this command will create a server array named cas.scottfeltmann.com:
New-ClientAccessArray –FQDN cas.scottfeltmann.com –Name “cas.scottfeltmann.com” –Site “HQ”
The Fqdn parameter specifies the fully qualified domain name (FQDN) of the Client Access server array. (Required)
The Name parameter specifies the name of the Client Access server array.
The Site parameter specifies the Active Directory site to which the Client Access server array belongs. (Required)
In the event that exchange databases already existed prior to the creation of the CAS array you will need to configure the databases to point to the new array. To do this you can use the following command:
Set-MailboxDatabase Databasename –RpcClientAccessServer “cas.scottfeltmann.com”
Otherwise, when a new database is created it will automagically detect the Client Access array and point users to the load balanced URL.
In close if you’re looking for some HA you will want to use the Client Access Array to provide the highest level of redundancy for your Outlook client connection. Keep in mind you will still need another form of HA for OWA and ActiveSync. ISA 2006 presents a group solution for this process as well since ISA can direct traffic to multiple Exchange Client Access Servers. For more information on NLB Exchange 2010 CAS see my link here: (http://www.scottfeltmann.com/index.php/2009/10/21/network-load-balancing-recommended-for-exchange-2010-cas-public-facing-internet-facing-and-internal/)
Edit:
I would also like to point out that if you would like to remove a CAS from a CAS Array you will need to remove that Client Access Server from the NLB array. This can be done either through WNLB if that is what you are using or via your NLB appliance. Simply remove the desired server from the NLB and that server will no longer be included in the CAS Array.
Hi John,
Can you explain how you are Load Balancing your CASArray? Is it WNLB or a Hardware appliance?
WNLB with just 2 nodes both Win2K8 R2 that are VM’s (not HyperV) on 2 different ESX hosts fiber across the lan and both are in the same vlan. I did find a recommendation and set the Notify Switches to No on the NIC teaming of both the vSwitch and the Network in the ESX and just did that. Also, I’m not seeing anything in the log file for the NLB to indicate an issue. Thanks again.
Hi John, As I recall you need to place the Client Access Servers on the same ESX host in order for WNLB to work correctly.
Otherwise there are network communciation errors that can occur when the guest VMs are on differnt ESX Hosts.
Hi John. I am having issues after setting up a CAS Array. I had mailboxes before the setup.
1. I have two Mailbox Servers (SVR1,SVR2) and two CAS Servers (CAS1,CAS2)
2. User Joe.Doe, in Site B already had a Mailbox on Mailbox Database MBX1. His outlook shows it is using CAS2 as the MAPI mailbox server.
3.I created a CAS Array casarray.internal and bound it to one site A (this site is different to where Joe.Doe is)
4 I then bound the mailbox Database MBX1 to the new CAS Array. Set-MailboxDatabase MBX1 -RpcClientAccessServer “casarray.internal”
4. I am using DNS for failover (poor mans failover) so in DNS I have two entries
casarray.internal points to CAS1 timeout 1hr
casarray.internal points to CAS2 timeout 1hr
Now after the change, everything works fine but then I find that Joe.Doe’s outlook keeps on disconnecting (shows it is disconnected). I finally traced it to this -
His Outlook is happy only when casarray.internal resolves to CAS2, where his mailbox initially was. If it resolves to CAS1, his outlook doesnt connect. To test this I created entries in his local hosts file and it is as stated above.
I am getting very frustrated by this and it only happens to one user.
Do you have any ideas on this?
Regards
[...] [...]
I have two exchange 2010 sp1 servers w/DAG but I’m having a small issue. Basically whenever i switchover to the secondary server (which works fine) then shutdown the primary server all outlook clients get prompted for credentials and even if they plug them in it doesn’t work.
The two exchange 2010 sp1 servers are multi role cas/hub/mbx and I have a FSW onsite as well. Now the switchover goes smooth. Just when I shutdown the server after moving the dbs off the clients get the trying to connect message. Do I need an CAS array to prevent this? I was told that it should update the CAS server on switchover so it knows to use the secondary nodes for the clients.
Clients are all exchange 2007/2010.
thanks for the help in advance.
@Jim, You will need a CASArray. Your problem sounds like the majority of your users are connecting to the server directly by name. If you open the EMS and run the following command what are the resultes? Get-MailboxDatabase | fl name,RPCClientAccessServer
My bet is it will show the name of the server. In this case a CAS Array is your best bet. See my article here: http://www.scottfeltmann.com/index.php/2011/09/12/do-i-need-a-cas-array/
It will explain if you need a CAS array or not. Also, check out my original article on the CASArray locate here: http://www.scottfeltmann.com/index.php/2010/02/09/exchange-2010-cas-array/
Hope this helps!
Excellent Post on CAS Arrays. Quick read and simple to understand.
Thank you scott for this valuable article ,,,
Correct me if I am wrong :
“The CAS array is required to provide High availabilty of Internanl Clients only ”
Since they when they on the same site , then run autodiscover , it will query for SCP in the AD , then it will retrive the SCP CAS array record then query DNS to get NLB VIP….
i.e:
autodiscover =>SCP of CAS array =>NLB VIP =>Cas server
What about external Clients ??
Sultan, this depends on what external clients are doing. You will need to publish the autodiscover service from the internet. If their device supports autodiscover it will perform the query and find the connection point.
Internally you will use a SCP unless you configure your environment to go to a URL for the autodiscover information.