Monthly Archives: January 2011

Coexistence between Domino and Exchange 2010 – Part 2 of 2

 

Published: 2011-01-05
Updated: 2011-01-16
Version: 1.1
Changelog: Exchange configuration added.

Let’s start from where we ended the last part the Domino configuration.
I hope everything was clear on the last part, if there are any questions about it feel free to give feedback or send me an email on:
Jonas.Andersson@testlabs.se.

DNS Infrastructure

 

In this part we start with the DNS investigation.
There needs to be created at least 2 additional records in the DNS zone for using of Exchange and CMN.

These are autodiscover and mail, in my environment I’m using mail, it could be owa or webmail or whatever you want it to be.

The important information here is that these names should be included into the certificate for the Exchange CAS server(s).
And that certificate is exported and imported into the CMN server as well.

Certificate installation

 

I’m not going to show how to create a CSR and Import and Export it.
There are already so many guides about that, check here for more information about that.

For creating a CSR in Exchange 2010, use this one:
http://www.digicert.com/csr-creation-microsoft-exchange-2010.htm

How to install the certificate when it have been processed use this one:
http://www.digicert.com/ssl-certificate-installation-microsoft-exchange-2010.htm

When the certificate has been installed on the Exchange server and the services have been assigned, it’s time to export it.
This is done by starting a MMC console, adding Certificates (Computer) and go to Personal/Certificates.

Right click the appropriate certificate and choose All Tasks/Export.
Export the private key and select the option “Include all certificates in the certification path if possible”.
Then set a password and copy the certificate file to the CMN machine.

The process for importing the certificate is almost the same, start a MMC console, adding Certificates (Computer)
and right click Personal and choose All Tasks/Import.

Browse for the certificate file and type in the password for it and make sure it’s placed in Personal.

In my case when it’s imported successfully it will look like this.

Check in IIS so that the bindings for port 443 (HTTPS) is using the imported certificate.

Exchange WebServices configuration

 

With DNS and the Certificates in place the keys to get everything to work are done.

Next thing to change from the default behavior on the Exchange CAS machine is to change the EWS.
This is done by running the following command:

“Set-WebServicesVirtualDirectory -Identity “EWS (Default Web Site)” -InternalUrl https://autodiscover.target.local/EWS/Service.asmx
-ExternalUrl https://autodiscover.target.local/EWS/Service.asmx”

Important is to double check the path for the asmx file on the CMN server, in my case this is the correct path.

Double check so the value has been modified by running:

“Get-WebServicesVirtualDirectory | fl *url*”

InternalUrl : https://autodiscover.target.local/EWS/Service.asmx
ExternalUrl : https://autodiscover.target.local/EWS/Service.asmx

When these settings are in place, let’s have a look at the authentication settings for EWS in IIS.
The setting for IIS authentication that should be enabled for the EWS is Anonymous authentication and Windows authentication.

AvailabilityAddressSpace setup

 

To be able to share F/B information between the systems, we need to configure the availabilityaddressspace.
This is done by adding the sub-domain that’s used for the Domino side.
The process is described in Part 1.

“Add-AvailabilityAddressSpace -ForestName domino.target.local -AccessMethod OrgWideFB -UseServiceAccount $true”

Prerequisites for Quest Coexistence Manager for Notes

 

Domino server

Supported versions of Lotus Domino are 6.5.1–6.5.6, or 7.0.0–7.0.4, or 8.0.0–8.0.2, or 8.5.0 or 8.5.1.

Exchange server

Supported versions of Exchange server are Exchange 2010, 2007, or 2007 SP1 or SP2

.NET Framework 3.5 SP1, IIS 7.0 with ASP.NET 2.0

Open up an elevated PowerShell prompt and run the below commands:

  • Import-Module ServerManager
  • Add-WindowsFeature NET-Framework,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,
    Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,
    NET-HTTP-Activation

 

Powershell 2.0

Powershell 2.0 is included in Windows Server 2008 R2.

Lotus Notes Client

Supported versions are 6.5.1–6.5.6, or 7.0.0–7.0.4, or 8.0.0–8.0.2, or 8.5.0 or 8.5.1.

  • Install Lotus Notes in Single User mode.
  • After the installation is complete, copy admin.id from C:\Program Files\Lotus\notes\data on the Domino server to
    C:\Program Files (x86)\lotus\notes\data on the CMN server.
  • Start and configure the Lotus Notes client.

     

Turn off UAC and Windows Firewall

To avoid complications during installation of Coexistence Manager for Notes and related components, turn off Windows Firewall and
User Account Control

Mailbox

We need to create a mailbox for CMN to use to be able to retrieve F/B information, the service
“Quest CMN Exchange Free/Busy Connector Service” should be using this account.

Installation of Quest Coexistence Manager for Notes

 

  • Start autorun.exe on the CMN CD and select the Install tab.
  • Click on “Coexistence Manager for Notes Mail Connector” to start the installation

     

  • Accept the license agreement and then choose default settings in the wizard.
  • Click Finish to complete the installation.

 

Coexistence Manager for Notes Free/Busy Connector

  • Start autorun.exe on the CMN CD and select the Install tab.
  • Click on the appropriate version (32 or 64 bit) of Coexistence Manager for Notes Free/Busy Connector.
  • Accept license agreement and click next
  • Deselect “Domino Server Components” on the “Custom Setup” screen and then click Next.

     

  • Review the Prerequisites screen and confirm all prerequisites are met and click install.
  • Complete the installation with Finish.

 

PowerGUI

  • Start autorun.exe on the CMN CD and select the Install tab.
  • Click on PowerGUI to start the installation.
  • Choose the default features and path.

     

Domino Server Components

  • On the Domino server start autorun.exe on the CMN CD and select the Install tab.
  • Click on the appropriate version (32 or 64 bit) of Coexistence Manager for Notes Free/Busy Connector.
  • Accept License Agreement and click next.
  • Deselect everything except “Domino Server Components”

     

     

  • Review the Prerequisites screen and confirm all prerequisites are met and click install.
  • Complete the installation with Finish.

 

Configuration of Quest Coexistance Manager for Notes

 

Exchange

To be able to send messages between the systems, a send connector needs to be created.
Create a Send connector that sends all messages with “@domino.target.local” to the CMN server.

Open Exchange Management Shell and run the following command.

“New-SendConnector -Name ‘To Coexistence Manager’ -AddressSpaces ‘SMTP:domino.target.local;1’ -DNSRoutingEnabled $false -SmartHosts ‘cmn.target.local’ -SmartHostAuthMechanism ‘None’ -UseExternalDNSServersEnabled $false -SourceTransportServers ‘SERVER03’ -MaxMessageSize ’50 MB'”

PowerGUI configure Web Services and Lotus Notes Components

  • Start PowerGUI from the Start Menu / All Programs / PowerGUI.
  • Select the “Configure Web Services and Lotus Notes Components” item on the left pane.

     

  • Click on Configuration Wizard in the Actions pane on the action panel.
  • Click next and type the SMTP domain target.local in the “SMTP Domain” screen. Also click the radio button for “autodiscover.target.local”

     

 

  • On the Domino Credentials screen enter the Domino server name, the path to the Admin.id file that was copied to the CMN server under the Lotus Notes client installation and the Administrator password and click next.

     

  • On the “Ready to configure” screen review the information entered and click next to configure the Configure Web Services and Lotus Notes Components.

     

    Make sure that the Domino Free/Buys Connector Service is started.

Configure Domino Server and Exchange Components.

 

  • Start PowerGUI from the Start Menu / All Programs / PowerGUI
  • Select the “Configure Domino Server and Exchange Components/Domino Server tasks” item on the left pane.

     

    Make sure the right path is typed in for qcalcon.exe.config file, in my case it’s:

    \\domino\c$\program files\lotus\domino\qcalcon.exe.config

    If everything looks correct it should show you something like this, information about Foreign domain.

  • Select the “Configure Domino Server and Exchange Components/Domino Server tasks” item on the left pane and choose “Configuration Wizard” on the action panel.

     

    In the beginning of the configuration wizard it will give information about the Foreign domain like below

  • Next settings that should be configured is typing in the URL for EWS (Exchange), https://mail.target.local/EWS/Exchange.asmx.
    Also enter the credentials of the CMN Free/Busy service account.

 

 

  • On the “Ready to configure” screen review the information entered and click next to configure the “Configure Domino Server and Exchange Components”.
  • Make sure that the Exchange Free/Busy Connector service is set to log on as the Free/Busy service account “Target\CMNFB” and then start the service.

     

 

Verify / Troubleshooting the function

 

Before doing anything, with my 2 users I’ve added meetings all week/workdays the whole morning 8-12 AM.

  • Start PowerGUI from the Start Menu / All Programs / PowerGUI x86
  • Select the “Diagnostics and Troubleshooting/Troubleshoot free/busy for Domino users” item on the left pane.

    I’m typing in the cmnfb account, password, verify that the EWS path is correct and typing in an Exchange emailaddress for verifying the
    F/B function.

    It seems to work very well!

 

  • Select the “Diagnostics and Troubleshooting/Troubleshoot free/busy for Exchange users” item on the left pane.

    Choose “Test free/busy through Domino” in the action panel.

    Make sure the Domino server name, id file, password and an email address that resides in Domino is typed in.
    Test and verify the function by pressing “Test” button to verify the function.

    It works from both ways! J

Time to verify it with Lotus Notes and Outlook 2010

From Lotus Notes, I’m trying to schedule a meeting from my Domino user to my Exchange user.
Let’s take the time I know that’s setup as BUSY, selecting the user and pressing the availability button.

This is the result, it shows the F/B between the systems.

On the other hand we have Outlook 2010.
Booking a meeting and selecting the contact for my Domino user, it takes some seconds before any information shows up.

Then it will show the F/B information, and I can confirm this is correct.
Domino by default is setting 12-13 as BUSY time.

QCALCON tasks

 

If there are any problems retrieving the F/B information from Lotus Notes to an Exchange user do the following steps.

On the Domino server, verify so that those 3 services have been installed and started.
This can be done in Domino Administrator and/or Notes.ini

They are named: QCALCON, QCALCON NOTESSCHEDGATEWAY, QCALCON LWPSCHEDGATEWAY
Open Domino server console and verify that there is 3 QCALCON tasks running (show tasks), if not use the LOAD command to start them. (LOAD QCALCON, LOAD QCALCON NOTESSCHEDGATEWAY and LOAD LWPSCHEDGATEWAY)

Exchange Configuration

To be able to use sub-domains between the systems, we need to configure the Exchange environment with some settings.

Accepted domains

The sub-domains need to be added into the Accepted Domains.
In my lab environment it looks like this:

Domino.target.local – Internal relay
exch.target.local – Authoritative

E-mail Address Policies

The exchange mailboxes that have recently been created and migrated from Domino needs both the target.local (primary)
and the exch.target.local (secondary) addresses for being able to receive mails when the sub-domains are in use.

Contact

For the users that have not yet been migrated there needs to be a contact with the following settings, ex. From my lab.
Primary: Jonas.Andersson@target.local
Secondary: Jonas.Andersson@domino.target.local
Secondary: Jonas.Andersson@exch.target.local

TargetAddress (forward): Jonas.Andersson@domino.target.local

Summary

 

For setting up CMN from Quest, it’s recommended to use a PSO (certified consultant)!

Feel free to give feedback on the article!
I hope this was interesting and informative, thanks for reading!

Coexistence between Domino and Exchange 2010 – Part 1 of 2

 

Published: 2011-01-03
Updated: 2011-04-19
Version: 1.2
Changelog: Minor changes have been done in the connection doc, smarthost removed and forwarding address added.

For what I’ve seen here is a very large gap that I want to cover, Neil Hobson wrote a very good article about Domino to Exchange 2007
with Transporter Suite. It can be found here.

Also Elan Shudnow wrote a nice article regarding Free/Busy, a little bit more deep-dive into it and how it works, it can be found here.

Both of those articles used Exchange 2007 with Public Folder, this is not my case so here are a bit differences.
In my case, I’m not using any native tools, since Microsoft decided to not support and update their Transporter Suite to fit Exchange 2010
it was up to 3rd part suppliers.

I’m using Quest’s Coexistence Manager for Notes and I haven’t found any great guide or information on a real-world scenario.
That’s why this article is born J

More information about Coexistence Manager for Notes can be found here.
I don’t deal with license questions, these can be handled directly by Quest, just send them an email on: info@quest.com.

I’ve decided to split this article into two parts, or else it will be very long.
These parts will cover SMTP routing and Free/Busy between the systems, the first part will cover the Infrastructure setup and Domino setup.
The second part will cover the CMN and Exchange configuration.
DirSync is not covered in neither of these parts.
Maybe I’ll write an article about that later if it would be of any interest?

Any form of feedback on the article would be nice, good as bad.

Infrastructure Setup

 

This is an overview of my Infrastructure in this setup.

And a little picture on the SMTP Routing mailflow setup and also here’s about the FreeBusy (F/B) information between the systems.
On the CMN server there’s a “connector” called QCalCon installed which handles the F/B between the systems, it sends and receives
the information between them like a collector. I will attach a picture about it below.

Here is some short information about the process (copied from Quest’s document “Free Busy connector user guide.pdf” and a little bit edited).
When Outlook requests free/busy information for Jonas, the following occurs:

1. Exchange resolves “target.local” through DNS. DNS has a zone called target.local which contains a host called
autodiscover.target.local. The host name must match the common name (of the certificate you requested) where
Coexistence Manager for Notes – Free/Busy Connector is installed.

Exchange connects to https://autodiscover.target.local/autodiscover/autodiscover.xml to query the location of the
Availability Web Service from which to receive free/busy information.

The Autodiscover Web Service returns the URL of the Availability Web Service where CMN Free/Busy Connector is installed.

2. Exchange requests free/busy information from this URL.

3. The Free/Busy Availability Web Service communicates with the Quest CMN Domino Free/Busy Connector Service to get free/busy
information. The Quest CMN Domino Free/Busy Connector Service configuration file is configured with Domino Server name,
Directory Server name, ID path, and secure password where your Domino server is installed.

4. The Quest CMN Domino Free/Busy Connector Service queries the Domino server for the free/busy information.

5. Jonas’s free/busy information is returned back to the Exchange server, where it is displayed to Klas.

When Lotus Notes requests free/busy information for Klas, the following occurs:

1. The Domino server requests free/busy information from QCALCON. QCALCON Domino Server Task is installed on the Domino server,
and configured to listen for “Exchange” calendar requests.

2. QCALCON communicates with the Quest CMN Exchange Free/Busy Connector Service to retrieve free/busy information.

3. The Quest CMN Exchange Free/Busy Connector Service retrieves free/busy information from Exchange using Exchange Web Services
(EWS) calls.

4. Klas’s free/busy information is returned back to the Domino server (through the Exchange Free/Busy Service and QCALCON),
where it is displayed to Jonas.

Domino configuration

 

The first thing to add when using sub-domains is to add the sub-domain into the global domain document.
It’s done in Configuration/Messaging/Domains and selecting the Global domain and choosing edit the domain.

In the field “Alternate Internet domain aliases:” there should be added the following domain in my setup:
“domino.target.local”

Next thing to configure and setup is the Foreign SMTP Domain, this is added in Configuration/Messaging/Domains.
Choose “Add domain” and type in the following information.

Domain type: Foreign SMTP Domain
Internet domain: exch.target.local
Domain name: ToExchange

Then it’s time to add the Foreign Domain to be able to have the Free/Busy information between the systems.
This is added in Configuration/Messaging/Domains by choosing “Add domain”.

Domain type: Foreign Domain
Foreign domain name: Exchange
Gateway server name: domino/target
Gateway mail file name: mail.box
Calendar server name: domino/target
Calendar system: Exchange

Next thing to add is a connection document, it’s done in Configuration/Messaging/Connections and by pressing “Add Connection”.
In this document, it needs to be filled with information like source server, source domain, destination server and domain, destination ip,
replication.

Connection type: SMTP
Source server: domino/target
Connect via: Direct connection

Usage priority: Normal
Destination server: cmn.target.local
Destination domain: ToExchange
Optional network address: 172.16.2.20

Replication task: Disabled
Schedule: It should run 24 hours per day

Since we have a matching connection document with the Foreign Domain document we don’t need the smarthost configured. This is deleted in this version, v1.1.

When a Domino user is migrated, the Calendar information will be changed, another value that’s changed it the Mail System,
it will be set to: Other Internet Mail, then Domino knows that it doesn’t have the responsible for the mailbox.
And another option that will be changed is the forwarding address will be changed, in my environment it will be:
Klas.Andersson@exch.target.local since we use exch and domino as coexistence sub-domains.

I will attach two pictures about this, the first one shows the Other Internet Mail settings and the other one shows the calendar information.

This part is completed, next part will cover the Exchange configuration and the CMN configuration.

For setting up CMN from Quest, it’s recommended to use a PSO (certified consultant)!

Feel free to give feedback on the article!
I hope this was interesting and informative, thanks for reading!