• Create a Server Farm (optional)
  • Create a Web Listener
  • Create an Exchange Web Client Access Publishing Rule
  • New Exchange Publishing Rule Wizard for a Single Web Site
  • New Exchange Server Publishing Rule Wizard for a Server Farm
  • Guide to Deploying Windows Mobile-based Devices with Microsoft Exchange Server 2003 sp2




    Download 0.55 Mb.
    bet14/26
    Sana21.03.2017
    Hajmi0.55 Mb.
    1   ...   10   11   12   13   14   15   16   17   ...   26

    Create the Exchange ActiveSync Publishing Rule


    Now that the Exchange front-end server and the ISA Server computer have been properly configured and have the proper server certificates installed, you can start the procedures to publish the Exchange front-end server. Using the Exchange Publishing Wizard, you can provide secure access to your Exchange front-end server.

    The following procedures are used to publish your Exchange front-end server.



       Create a server farm (optional)

       Create a Web listener

       Create an Exchange Web client access publishing rule

    Create a Server Farm (optional)


    When you have more than one Exchange front-end server, you can use ISA Server to provide load balancing for these servers. This will enable you to publish the Web site once, instead of having to run the wizard multiple times. Also, this eliminates the need for a third-party product to load balance a Web site. If one of the servers is unavailable, ISA Server detects that the server is not available and directs users to servers that are working. ISA Server verifies on regular intervals that the servers that are members of the server farm are functioning. The server farm properties determine the following:

       Servers included in the farm

       Connectivity verification method that ISA Server will use to verify that the servers are functioning



    Perform the following procedure to create a server farm.

    To create a server farm

      1. In the console tree of ISA Server Management, click Firewall Policy:

       For ISA Server 2006 Standard Edition, expand Microsoft Internet Securityand Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.

       For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.



    1. On the Toolbox tab, click Network Objects, click New, and select Server Farm. Use the wizard to create the server farm as outlined in the following table.



    Page

    Field or property

    Setting

    Welcome

    Server farm name

    Type a name for the server farm. For example, type Exchange front end servers.

    Servers

    Servers included in this farm

    Select Add and enter either the IP addresses or names of your Exchange front-end servers.

    Server Farm Connectivity Monitoring

    Method used to monitor server farm connectivity

    Select Send an HTTP/HTTPS GET request.

    Completing the New Server Farm Wizard

    Completing the New Server Farm Wizard

    Review the selected settings, and click Back to make changes and Finish to complete the wizard.



    1. When the wizard completes, click Yes in the Enable HTTP Connectivity Verification dialog box.

    2. Click the Apply button in the details pane to save the changes and update the configuration.

    For more information about connectivity verifiers, see ISA Server product Help.

    Create a Web Listener


    When you create a Web publishing rule, you must specify a Web listener to be used. The Web listener properties determine the following:

       IP addresses and ports on the specified networks that the ISA Server computer uses to listen for Web requests (HTTP or HTTPS).

       Server certificates to use with IP addresses.

       Authentication method to use.

       Number of concurrent connections that are allowed.

       Single sign on (SSO) settings.


    Collect the following information that will be used when you use the New Web Listener Wizard.

    Property

    Value

    Web listener name

    Name: ________________________

    Client connection security

    Note the following:



       If HTTP is selected, information between the ISA Server computer and the client will be transferred in plaintext.

       If HTTPS is selected, a server certificate needs to be installed on the ISA Server computer.



    HTTPS or HTTP (circle one)

    Web listener IP address

    Network: ___________________

    Optional

    Specific IP address: ___.___.___.___

    Note:

    If this specific IP address is not the primary network adapter IP address, a secondary IP address needs to be configured on the ISA Server computer before creating the Web listener.



    Authentication settings Web listener SSL certificate

    Note:

    This is only required if HTTPS has been selected for client connectivity security.



    ___Use a single certificate for this Web listener.

    Certificate issued to: _______________________

    ___Assign a certificate for each IP address. (This option will only be available if a specific IP address has been assigned to the Web listener.)

    Certificate issued to: _______________________



    Authentication

    For forms-based authentication, you have options to authenticate your users to ISA Server.



    For more information about authentication, see Authentication for Mobile Devices on the Corporate Network in Security Considerations within the Corporate Network.

    Single sign on settings

    ___Enable single sign on.

    Single sign on domain name:

    ___________________________


    Create a Web listener with the information on the worksheet that you filled in previously, and perform the following procedure.

    To create a Web listener

      1. In the console tree of ISA Server Management, click Firewall Policy:

       For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.

       For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.



      2. On the Toolbox tab, click Network Objects, click New, and then select Web Listener. Use the wizard to create the Web listener as outlined in the following table.



    Page

    Field or property

    Setting

    Welcome

    Web listener name

    Type a name for the Web listener. For example, type Exchange FBA.

    Client connection security

    Select what type of connections this Web Listener will establish with clients

    Select Require SSL secured connections with clients.

    Web Listener IP Addresses

    Listen for incoming Web requests on these networks

    ISA Server will compress content sent to clients



    Select the External network.

    Check box should be selected (default).

    Click Select IP Addresses.


    External Network Listener IP Selection

    Listen for requests on

    Available IP Addresses



    Select Specified IP addresses on the ISA Server computer in the selected network.

    Select the correct IP address and click Add.



    Note:

    For ISA Server Enterprise Edition with an NLB-enabled array, you should select a virtual IP address.



    Listener SSL Certificates

    Select a certificate for each IP address, or specify a single certificate for this Web listener

    Select Assign a certificate for each IP address.

    Select the IP address you just selected and click Select Certificate.



    Select Certificate

    Select a certificate from the list of available certificates

    Select the certificate that you just installed on the ISA Server computer. For example, select mail.contoso.com, and click Select. The certificate must be installed before running the wizard.

    Authentication Settings

    Select how clients will provide credentials to ISA Server

    Select how ISA Server will validate client credentials



    Select HTML Form Authentication for forms-based authentication and select the appropriate method that ISA Server will use to validate the client's credentials.

    For example, select LDAP Authentication if you are installing in workgroup mode. Select Windows (Active Directory) if your ISA Server computer is in a domain configuration.



    Single Sign on Settings

    Enable SSO for Web sites published with this Web listener

    SSO domain name



    Leave the default setting to enable SSO.

    To enable SSO between two published sites portal.contoso.com and mail.contoso.com, type .contoso.com.



    Completing the New Web Listener Wizard

    Completing the New Web Listener Wizard

    Review the selected settings, and click Back to make changes or Finish to complete the wizard.


    Create an Exchange Web Client Access Publishing Rule


    When you publish an internal Exchange front-end server through ISA Server 2006, you are protecting the Web server from direct external access because the name and IP address of the server are not accessible to the user. The user accesses the ISA Server computer, which then forwards the request to the internal Web server according to the conditions of your Web server publishing rule. An Exchange Web client access publishing rule is a Web publishing rule that contains default settings appropriate to Exchange Web client access.

    Collect the following information that will be used when you use the New Exchange Publishing Rule Wizard.



    Property

    Value

    Exchange publishing rule name

    Name: ________________________

    Services

    Note:

    You can publish all services in a single rule using the same Web listener configured with forms-based authentication. ISA Server 2006 will use Basic authentication for services that do not support forms-based authentication.



    Exchange version: ____________

    __Outlook Web Access

    __Outlook RPC over HTTP

    __Outlook Mobile Access

    _X_Exchange ActiveSync


    Publishing type

    __Publish a single Web site

    or

    __Publish a server farm of load balanced servers



    and

    Server farm name:_____________



    Server connection security

    HTTPS or HTTP (circle one)

    Note the following:



       If HTTP is selected, information between the ISA Server computer and the Web server will be transferred in plaintext.

       If HTTPS is selected, a server certificate needs to be installed on the Exchange front-end server.



    Internal publishing details

    Internal site name (FQDN): ______________________

    If the FQDN is not resolvable by the ISA Server computer:

    Computer name or IP address:_____________________


    Public name details

    Accept request for:

    __This domain name:______________

    or

    __Any domain name



    Select Web listener

    Web listener:________________

    User set

    List user sets that will have access to this rule:

    _________________

    __________________


    Use the information on the worksheet that you filled in previously and perform the following procedure to create an Exchange Web client access publishing rule.

    To create an Exchange Web client access publishing rule

      1. In the console tree of ISA Server Management, click Firewall Policy:

       For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.

       For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.



      2. On the Tasks tab, click Publish Exchange Web Client Access. Use the wizard to create the rule as outlined in the following tables.

    For a single Web server, use the table in New Exchange Publishing Rule Wizard for a single Web site.

    If you are using a server farm, use the table in New Exchange Server Publishing Rule Wizard for a server farm.


    New Exchange Publishing Rule Wizard for a Single Web Site




    Page

    Field or property

    Setting

    Welcome

    Exchange Publishing rule name

    Type a name for the rule. For example, type Exchange Web Client Publishing.

    Select Services

    Exchange version

    Web client mail services



    Select the proper version of Exchange. For example, select Exchange Server 2003.

    Select the desired access methods.



    Publishing Type

    Select if this rule will publish a single Web site or external load balancer, a Web server farm, or multiple Web sites

    Select Publish a single Web site or load balancer.

    Server Connection Security

    Choose the type of connections ISA Server will establish with the published Web server or server farm

    Select Use SSL to connect to the published Web server or server farm.

    Note:

    A server certificate must be installed on the published Exchange front-end server, and the root CA certificate of the CA that issued the server certificate on the Exchange front-end server must be installed on the ISA Server computer.



    Internal Publishing Details

    Internal site name

    Type the internal FQDN of the Exchange front-end server. For example, type exchfe.corp.contoso.com.

    Important:

    The internal site name must match the name of the server certificate that is installed on the internal Exchange front-end server.



    Note:

    If you cannot properly resolve the internal site name, you can select Use a computer name or IP address to connect to the published server, and then type the required IP address or name that is resolvable by the ISA Server computer.



    Public Name Details

    Accept requests for

    Public name



    This domain name (type below)

    Type the domain name that you want ISA Server to accept the connection for. For example, type mail.contoso.com.



    Select Web Listener

    Web listener

    Select the Web listener you created previously. For example, select Exchange FBA.

    Authentication Delegation

    Select the method used by ISA Server to authenticate to the published Web server

    Select Basic authentication.

    User Sets

    This rule applies to requests from the following user sets

    Select the user set approved to access this rule.

    Completing the New Exchange Publishing Wizard

    Completing the New Exchange Publishing Rule Wizard

    Review the selected settings, and click Back to make changes and Finish to complete the wizard.



      1. Click the Apply button in the details pane to save the changes and update the configuration.

    New Exchange Server Publishing Rule Wizard for a Server Farm




    Page

    Field or property

    Setting

    Welcome

    Exchange Publishing rule name

    Type Exchange Web client Publishing

    Select Services

    Exchange version

    Web client mail services



    Select the proper version of Exchange server. For example, select Exchange Server 2003.

    Select the desired access methods.



    Publishing Type

    Select if this rule will publish a single Web site or external load balancer, a Web server farm, or multiple Web sites

    Select Publish a server farm of load balanced Web servers.

    Server Connection security

    Choose the type of connections ISA Server will establish with the published Web server or server farm

    Select Use SSL to connect to the published Web server or server farm.

    Note:

    A server certificate must be installed on the published Exchange front-end servers, and the root CA certificate must be installed on the ISA Server computer.



    Internal Publishing Details

    Internal site name

    Type exchfe.corp.contoso.com.

    Specify Server Farm

    Select the Exchange server farm you want to publish

    Select the name of the server farm previously created. For example, select Exchange front end servers.

    Public Name Details

    Accept requests for

    Public name



    This domain name (type below)

    Type mail.contoso.com.



    Select Web Listener

    Web listener

    Select Exchange FBA.

    Authentication Delegation

    Select the method used by ISA Server to authenticate to the published Web server

    Select Basic authentication.

    User Sets

    This rule applies to requests from the following user sets

    Select the user set approved to access this rule.

    Completing the New Exchange Publishing Rule Wizard

    Completing the New Exchange Publishing Rule Wizard

    Review the selected settings, and click Back to make changes and Finish to complete the wizard.

    4. Click the Apply button in the details pane to save the changes and update the configuration.
    1   ...   10   11   12   13   14   15   16   17   ...   26


    Download 0.55 Mb.

    Bosh sahifa
    Aloqalar

        Bosh sahifa


    Guide to Deploying Windows Mobile-based Devices with Microsoft Exchange Server 2003 sp2

    Download 0.55 Mb.