Finally I finished Part 2 of the UAG 2010 publishing post.
I spent days with the UAG configuration to publish Exchange 2013 in the right way but with no success. There are some problem with Lync and OWA that I cannot fix. I decided to disable URL filters. Now my Exchange publishing works and in this final post I explain how my configurations looks like.
First step is to create a new Trunk for Exchange publishing
Then you have to create the Applications for Exchange.
First create the Outlook Web Access Application:
Select the Exchange CAS Servers or the CAS Server VIP.
Configure the authentication and authorize all users.
Next step is to rerun the Wizard to publish Outlook Anywhere and Exchange Active Sync.
Configure Authentication, Kerberos for OWA and Basic for Autodiscover
Don’t forget to configure SPN’s and delegation in ActiveDirectory for Kerberos to work. You can export the settings needed into an LDIF File with the “Export KCD settings” wizard in UAG and import it in AD. Or you can set the SPN’s manually:
You can check the SPN’s and export the file:
When you created the applications you have an application list like this:
Configure Portal Homepage
Change the Portal Home page and uncheck display Home Page within portal frame
Disable component installation
To prevent UAG installing the client, disable component installation.
Redirect HTTP to HTTPS
To redirect HTTP connections to HTTPS create the redirection Trunk in the “HTTPS Connections” section and select the Exchange Trunk.
The basic configuration is done and Exchange is now published via UAG.
But there are some issues:
Lync: Lync Clients cannot get autodiscover settings
In my environment Lync clients couldn’t get the autodiscover configuration from Exchange. After checking the UAG logs I noticed that UAG has a problem when Lync announces his Client Agent.
Solution: Disable scripting on the trunk
OWA: 500 error message when you open another mailbox from OWA
In my environment it was not possible to open another users mailbox without getting the following 500 error message:
Solution: Disable “verify URLs” on the OWA Application
Conclusion
I’m sure with deeper troubleshooting there must be exist a better way to fix this errors but in my opinion UAG is not the right product for publishing Exchange. Better you use a load balancer or II ARR.
I my next publishing post I explain how to publish Exchange 2013 with Citrix Netscaler.