Exchange server 2013 Client Access Server - Part 1

Exchange server 2013 have only two roles. Mailbox server role & client access server role.


Client Access server role is changed a bit as far as previous versions of exchange is concerned. All the client request will go through CAS, client will no longer get connected to mailbox server directly, this includes both mailbox data as well as public folder data.

Typical configuration of CAS is, it will be placed inside the internal network & running all of the Client access protocols that client will be using such as POP3, IMAP4, EAS etc.



Internally client connects to CAS, CAS will then authenticates the client by communicating with Active directory. After the successful authentication CAS will proxy the request to the mailbox server.For the clients request which are coming from internet, will have to first communicate with the external firewall, which will have a port for appropriate client access protocol, then firewall forwards the requests to appropriate CAS, then authentication & proxying to mailbox server occurs.

It is important to note that if you want to secure the communication then you will have to place certificate for all the protocols that external clients will be using to communicate with exchange environment.


Planning  CAS deployment:

For hardware requirement, it is recommended that CAS should have

• minimum 2 Processor cores to maximum of 12 processor cores.
• 2 GB of RAM for each processor core.
• minimum of 8 GB of RAM
• 
  

CAS is not resource intensive as far as hardware activity goes, it does not store any mailbox data. But you do want to make sure that you have adequate drives. It requires fast network connections as there is constant communication between CAS & MB.
CAS also communicates with Global Catalog server as well. As a typical thumb rule, you can deploy one CAS for every four mailbox servers.


While deploying exchange server 2013, you will really need to be familiar with active directory infrastructure, because of the requirements exchange has on AD. One of those requirements is that, you have to install CAS server in any AD site that has mailbox server. If you are in multi-domain environment then you need to have CAS for each domain of mailbox server that is there in AD site.

The purpose of the exchange client access server is to accept the requests from the clients, authenticate the clients & then upon authentication, proxy or redirect the request over to the mailbox server. Again it is important to note that all client request will go through the CAS. Previous version of exchange using MAPI running over HTTP to connect to MB or CAS.

In exchange 2013 MAPI over RPC is the core Protocol & uses HTTPS regardless how client is connecting.


Stay tuned for more posts. :)