Forum Discussion

mekki's avatar
mekki
Level 2
13 years ago
Solved

Setting up a Enterprise Vault Outlook anywhere configuration

HI all,

 

I'm trying to get some information on setting up a Http over RPC/Outlook anywhere configuration with Enterprise Vault and i need help verifying some assumptions

 

As i know it, we have 2 options:

 

  1. We can configure a direct connect. 
    For this we will need to configure our firewall to allow access to our enterprise vault server from outside the network. We'll also need a external ip address and DNS name. Is there any else we'll need to do here? Do we need a TMG or proxy server to make this work?
  2. We can configure a enterprise vault proxy server.
    For this we'll need to install another enterprise vault server with a minimal amount of services running. We'll allso need to configure anonymous connections to the mail EV server

Thanks for any guidance on this issue.

Configuring
Enterprise Vault
Information Governance
Installing
Tip-How to
  • JesusWept3's avatar
    JesusWept3
    13 years ago

    The topic of an Enterprise Vault Proxy Server came from an OWA set up guide knocking around, its just a bit confused in terminology unfortunately.

    What they really mean is you have a single point of entry

    So you may have something like

    evServer1.internal.com
    evServer2.internal.com
    evServer3.internal.com

    You have to publish the /EnterpriseVault/ virtual directory, but rather than publishing all three servers directories, you just publish one server, and all requests will be handled through which ever server that you publish.

    Typically most people just hijack the DNS and listeners that OWA already uses.
    So a lot of companies have an alias such as 'https://mail.myCompany.com/'

    They then have the /Exchange/ and /OWA/ directories published pointing at a load balancer.
    i.e.

    https://mail.myCompany.com/Exchange/ -> ISA/TMGServer -> https://casServer.internal.com/Exchange/

    and with EV you would publish /EnterpriseVault/ to point to http://evserver1.internal.com/EnterpriseVault/
    i.e

    https://mail.myCompany.com/EnterpriseVault/ -> ISA -> http://evServer1.internal.com/EnterpriseVault/

    So again, this is where the "proxy" comes in to play, a users archive maybe located on evServer2 or evServer3, but the published directory is pointing at evServer1 and that will just pass the requests to the other servers and retrieve the contents

5 Replies

Sort By
  • LCT's avatar
    LCT
    Level 6
    13 years ago

    Hello,

    1.

    Technically you do not need a TMG/ISA server but it would make life a lot easier if you did.

    If you don't have TMG/ISA server then you would need to have an external DNS name for your Vault site alias, this gets a little more complicated if you have more than 1 EV server, as you would need multiple external DNS names. Configure your Firewall to redirect all traffic for the EV Site Alias name to your EV server. This will allow Search and Archive Explorer to function correctly externally.

    If you have TMG/ISA server then you don't need to have extra external DNS for EV site alias as the TMG/ISA server will do the forewarding using different rules etc.

    Assuming that you already have your Outlook Anywhere configured for Exchange side of things, then currently you need to change the Desktop Policy - Advanced - Outlook - RPC Over HTTP configuration to get it working. This would only be for the normal EV functions such as retrieval and restore. As mentioned above, for Search and Archive Explorer you need extra bits. 

    http://www.symantec.com/business/support/index?page=content&id=HOWTO38209

    http://www.symantec.com/business/support//index?page=content&id=HOWTO59068

    http://www.symantec.com/business/support/index?page=content&id=TECH61472

    http://www.symantec.com/business/support/index?page=content&id=TECH63250

    http://blogs.pointbridge.com/Blogs/olson_andy/Pages/Post.aspx?_ID=30

    2.

    I have not heard of Enterprise Vault proxy server for such configuration. I'd be interested to know where you go this information from.

    Hope this helps.

  • JesusWept3's avatar
    JesusWept3
    Level 6
    13 years ago

    The topic of an Enterprise Vault Proxy Server came from an OWA set up guide knocking around, its just a bit confused in terminology unfortunately.

    What they really mean is you have a single point of entry

    So you may have something like

    evServer1.internal.com
    evServer2.internal.com
    evServer3.internal.com

    You have to publish the /EnterpriseVault/ virtual directory, but rather than publishing all three servers directories, you just publish one server, and all requests will be handled through which ever server that you publish.

    Typically most people just hijack the DNS and listeners that OWA already uses.
    So a lot of companies have an alias such as 'https://mail.myCompany.com/'

    They then have the /Exchange/ and /OWA/ directories published pointing at a load balancer.
    i.e.

    https://mail.myCompany.com/Exchange/ -> ISA/TMGServer -> https://casServer.internal.com/Exchange/

    and with EV you would publish /EnterpriseVault/ to point to http://evserver1.internal.com/EnterpriseVault/
    i.e

    https://mail.myCompany.com/EnterpriseVault/ -> ISA -> http://evServer1.internal.com/EnterpriseVault/

    So again, this is where the "proxy" comes in to play, a users archive maybe located on evServer2 or evServer3, but the published directory is pointing at evServer1 and that will just pass the requests to the other servers and retrieve the contents

  • mekki's avatar
    mekki
    Level 2
    13 years ago

     

    "

    Assuming that you already have your Outlook Anywhere configured for Exchange side of things, then currently you need to change the Desktop Policy - Advanced - Outlook - RPC Over HTTP configuration to get it working. This would only be for the normal EV functions such as retrieval and restore. As mentioned above, for Search and Archive Explorer you need extra bits. "

     

    CTEV,

     

    So are you saying for outlook anywhere we don't need a seperate external DNS and IP address and we just have to configure the desktop policy or do we need seperate dns/ip and configure desktop policy?

     

    Thanks for the help guys

  • LCT's avatar
    LCT
    Level 6
    13 years ago

    Thanks JW2, that explains the confusions.

    Mekki:

    Yes if you are not using Search and Arxchive Explorer externall via Outlook Anywhere then you don't need extra DNS, just configure the Desktop policy to use the webmail address, see the configuration guide I attached above.

  • Prone2Typos's avatar
    Prone2Typos
    Moderator
    13 years ago

    Hey Mekki. 

     

    Looks like this posting is well resolved by the assistance above. If this is the case please mark it as such so us who are trolling to help in our spare time do not stop by in a place which does not require assistance. Conversely, if you need further assitance or clairification...please let us know what you need and I am certian someone will be happy to help you. 

     

    Thanks.