So, you need to replace your Exchange 2003 Front-End server with an 07 Client Access Server (CAS)? Luckily, it’s not too difficult, however, you certainly want to test the functionality before switching the CAS into production.
Assuming you have one, use an available external IP address for the 07 CAS to avoid any service interruptions on the production environment. You’ll then use the local hosts file on your test machine(s) for DNS manipulation.
One very important point to remember is the CAS role CANNOT be install on a server that also has the Mailbox role, as this will break CAS to Exchange 2003 BE proxying, effectively cutting off access to the Exchange 2003 based mailboxes. This can be a problem in environments with a single Exchange 2003 server performing both the Front and Back-End duties. In this case, you will either build an additional Exchange 2007for CAS until the mailboxes have been migrated from the 03server, or migrate all mailboxes at one time.
I have found these steps helpful in testing the functionality of a new Exchange 2007 CAS:
1. Export the SSL Certificate from Exchange 2003 front-end server
2. Import onto the Exchange 2007 CAS server and enable for web services
3. Create a Test Mailbox on Exchange 2003 back-end server
4. Configure an RPC/HTTPS profile and test Outlook in addition to OWA
5. Edit the local Hosts file and add an entry for mail.domain.com (replace mail.domain.com with your registered name) to go to the external IP configured for the CAS
6. Ping mail.domain.com to verify the IP points to the CAS. If necessary, do an ipconfig /flushdns
7. Test RPC/HTTPS and OWA to ensure CAS to Exchange 2003 BE proxying works.
8. Move the test mailbox to an Exchange 2007 mailbox server
9. Test RPC/HTTPS and OWA once again to ensure CAS to Exchange 2007 Mailbox is working as intended. Specifically, you want to make sure the RPC/HTTPS profile is updated correctly.
If all goes well, you are ready to go live with your new Exchange 2007 CAS!!
One final thought, if you do have a single Exchange 2003 server and have problems accessing your mailboxes using RPC/HTTPS, you should configure the 03 server be an RPC-HTTP back-end server as shown below: