Exchange 2013 SP1 SSL Offloading

One of the ‘new’ features in Exchange 2013 SP1 is SSL Offloading, although I can better say ‘re-introduced’ features since this was available in Exchange 2010 but not supported in Exchange 2013 RTM.

I’ve explained numerous time why you want to use SSL offloading in Exchange, but mainly because of performance reasons (load balancers typically have a dedicated chip for SSL decryption) and for SSL certificate management. Suppose you have 8 Client Access servers and *not* using SSL Offloading. In this case you have to manage the SSL certificate on each individual Client Access server. If you have an SSL offloading scenario you have only one SSL certificate to manage, and that’s the SSL certificate on the load balancer.

Continue reading Exchange 2013 SP1 SSL Offloading

MapiHttp in Exchange 2013 SP1

Microsoft introduced a new protocol in Exchange Server 2013 SP1 called MapiHttp (codename Alchemy). This is an Office 365 development to replace the traditional RPC/HTTPS protocol used in Outlook Anywhere.

Outlook Anywhere was developed in the Exchange 2003 timeframe to use Outlook 2003 over the Internet. Outlook is using RPC to communicate with the Exchange server, and the RPC traffic is encapsulated in HTTPS packets. To achieve this an RPC proxy is used. The ‘problem’ here is that this is not too stable, especially not when you have a flaky Internet connection. RPC is never designed to work with network connections like this. Besides this, the RPC proxy is a Windows components and thus a responsibility of the Windows team at Microsoft and not the Exchange team. So if problems arise, the Windows team has to solve this and the only thing the Exchange team can do is wait. Not a desirable solution.

Continue reading MapiHttp in Exchange 2013 SP1

Command Logging in Exchange 2013 SP1

Re-introduced in Exchange 2013 SP1 is Command Logging. This was available in Exchange Server 2010 when using the Exchange Management Console. This way you could easily see what commands the Management Console was actually executing.

Command logging is now also available in Exchange Server 2013 SP1, but you have to be aware that you need to turn it on before you start working in the Exchange Admin Center. In EAC click on the little arrow in the top right corner and select the Show Command Logging option.


A new window appears where all commands are shown based on what you configure in EAC. It can be a bit cryptic, sometimes object GUIDs are used instead of normal (readable) names but at least it’s possible to figure out what’s happening under the hood.


In the screenshot shown here I’ve created a new Email Address Policy and I can use Command Logging to figure out what EMS commands were used. The only thing I have to figure out now what container is used for the User objects, but that’s not too difficult.

Exchange 2013 Service Pack 1

On February 25, 2014 Microsoft released Exchange 2013 SP1, an interesting upgrade in the Exchange 2013 program. Besides SP1 new UM Language Packs have been released as well. For more detailed information please check the SP1 release notes. At the same time Microsoft has released Update Rollup 5 for Exchange 2010 SP3 and Update Rollup 13 for Exchange 2007 SP3.

Looking at the Cumulative Updates with Exchange 2013, SP1 is identical to CU4. One reason for releasing a Service Packs is the support lifecycle. Major releases and Service Packs of a Microsoft product are included in the support lifecycle, Cumulative Updates are not.

Continue reading Exchange 2013 Service Pack 1

Load Balancing Office Web Apps 2013

In an earlier blog post I explained how to install and configure Office Web Apps 2013 in combination with Exchange Server 2013. This blog post only explained how to create an Office Web Apps farm on a single server. This blog post will explain how to create additional servers and use a load balancer in front of multiple Office Web Apps 2013 servers using SSL Offloading

SSL Offloading

Microsoft recommends using SSL Offloading when configuring a load balancer in front of an Office Web Apps farm so we need to configure this first.

My original blogpost was about a WebApps server that had a dedicated Internet connection. This is now changed to a WebApps server that is only connected to the internal network. The Internet connections will enter the load balancer and the WebApps server is configured as a real server in the load balancer’s VIP.

Continue reading Load Balancing Office Web Apps 2013