in NetScaler

Netscaler and Exchange OWA legacy redirect from OWA 2013 to 2007

Recently I deployed a Netscaler Enterprise Edition HA pair in combination with an Exchange 2013 environment in coexistence with Exchange 2007.  In this deployment we are not really aware of where a user’s mailbox resides (on legacy or on 2013). We would think Exchange OWA is able to redirect between OWA 2013 and OWA 2007 and that’s the case, however SSO isn’t really working well when authentication is offloaded.  If you Google a little you can find a lot of forum questions about this.

Below a possible solution, it might not be the most elegant solution, but it surely proofs how flexible your Netscaler actually is. 🙂

Looking in Active Directory it seems each user with a mailbox has an attribute : “msExchVersion”
If the mailbox resides on an Exchange 2007 Legacy the value is : “4535486012416” and if the mailbox resides on an Exchange 2013 the value is : “88218628259840”.

Group Membership in AAA wasn’t really used anyway so I changed my config like this :

 

So instead of using “MemberOf” we used “msExchVersion”

Next step is configuring a couple of responders :

If the user has his mailbox on the legacy exchange and he/she is using the 2013-OWA-URL redirect him/her to https://legacy.blubird.eu :

If the user has his mailbox on the legacy exchange and he/she is using the 2007-legacy-OWA-URL redirect him/her to https://legacy.blubird.eu :

And after this the only thing that you still need to do is bind the responder policies to your content switch(CS).   This way redirection between OWA 2013 and Legacy OWA 2007 is handled dynamically at the Netscaler.

Below a summary of all the commands in one go :

 

 

 

What do you think?

Comment