As many of you already know, Exchange ActiveSync uses HTTP-DAV to access the user’s mailbox. By default these HTTP requests are all sent to the /Exchange virtual directory on the mailbox server. However, in certain deployments like the hosting scenario there can be multiple virtual directories each tied to a particular Domain Name. How does Exchange ActiveSync figure out what mailbox server to go to? What virtual directory to use? What is the mailbox name that is used? Here’s some answers…
If you’ve configured a device to sync to an Exchange server you would have noticed that the only information a user supplies is his/her credentials and the server name - no information as to the user’s mailbox. When a device makes a request to Exchange ActiveSync on the front end server, Exchange ActiveSync first makes an LDAP request to the Active Directory to get back the following attributes on the authenticated user (note that this is not the complete list):
displayName
HomeMDB
ProxyAddresses
…
The HomeMDB attribute will be set to the mailbox server name which is how Exchange ActiveSync knows which server to go to for that user. By default Exchange ActiveSync will send its request to the /Exchange virtual directory. So a HTTP-DAV request from Exchange ActiveSync to a mailbox server named mytestserver may look like this:
SEARCH /exchange/
Host: mytestserver
Brief: t
Accept-Language: en
Content-Type: text/xml
Content-Length: 2181
Connection: Keep-Alive
Range: rows=0-511
…
Now, in some cases this default behavior is not desirable – for instance, in the hosting scenario you may have different virtual directories such as:
/Exchange for the blah.com domain
/Foo for foo.com domain
/Bar for bar.com domain
Since all requests will end up going to the /Exchange virtual directory only user’s of the blah.com domain can sync. So, is there a way to solve this so the users of all domains can sync? Well, if you have Sp2 you can!! In Sp2 we changed our url format to use the SMTP mailbox addressing scheme so all requests can go to the same virtual directory even if the users are on different domains. But first let’s take a look at how this currently works in Sp1 and earlier where you could only have it working for a single domain.
Exchange ActiveSync provides a registry key that can be set to make it use a different virtual directory other than the default /Exchange one. The key is under the HKLM and needs an IIS restart to take affect:
HKLM\SYSTEM\CurrentControlSet\Services\MasSync\Parameters\ExchangeVDir
If this key is set to the value foo for instance, then all requests to the mailbox server will be sent to the /foo virtual directory as follows:
SEARCH /foo/
Host: mytestserver
Brief: t
Accept-Language: en
Content-Type: text/xml
Content-Length: 2181
Connection: Keep-Alive
Range: rows=0-511
…
We can now have all users on the foo.com domain syncing to the Exchange server, however, the users of the other domains won’t be able to.
There is one other piece of information that is important here – the mailbox name. Notice the /
Exchange ActiveSync provides a registry key that can be set to use a proxy address rather than the primary SMTP address. The key is under the HKLM and needs an IIS restart to take affect:
HKLM\SYSTEM\CurrentControlSet\Services\MasSync\Parameters\SMTPProxy
In the example above if we set this key to the value foo.com we can then make Exchange ActiveSync use the mailbox name that matches the address for foo.com. Exchange ActiveSync first checks to see if this key is set. If it is set it walks thru all the proxy email addresses for that user and tries to match up the Right Hand Side (RHS) of the address with the SMTPProxy string set above. If a match is found it then uses the LHS of the matching address, else, it defaults to the LHS of the primary SMTP address. Let’s take the example of the
displayName = Mobile Person
mail = mobile1@blah.com
HomeMDB = mytestserver
ProxyAddresses = person@bar.com
If the proxy registry key is not set, Exchange ActiveSync would have derived the mailbox name from the primary SMTP address (mail attribute) as follows:
|-------|
LHS
If the key is set to foo.com then Exchange ActiveSync will try and match the RHS of the proxy addresses first as follows:
|-------|
RHS
|--------| |-------| ç
LHS RHS
In the second case above the RHS will match foo.com and so the requests will be sent to the mailbox mperson corresponding to mperson@foo.com which solves our problem.
SEARCH /foo/mperson/
Host: mytestserver
Brief: t
Accept-Language: en
Content-Type: text/xml
Content-Length: 2181
Connection: Keep-Alive
Range: rows=0-511
In Sp2, we use the SMTP mailbox addressing scheme which was introduced in Sp1 for OWA. This scheme allows us to specify the full emailaddress (not just mailbox name) in the url as follows:
SEARCH /exchange/mperson@foo.com
What does this buy us and how do we use it? With this new scheme you can host multiple domains in multiple virtual directories with all users being able to use Exchange ActiveSync. The SMTP mailbox addressing scheme basically eliminates the need to point a user to the virtual directory that matches their domain. They can go to any one of the exchange virtual directories regardless of the domain that it’s set to. In the url above, note that the request is actually being sent to the /Exchange virtual directory which is set to the default blah.com domain. Since the full SMTP address is supplied the domain used is foo.com rather than blah.com. What’s nice is there’s no change needed to get all this to work – when the front end server is upgraded to Sp2 all requests will immediately start using the new format above so user’s who previously couldn’t sync can sync now!
What’s the catch? Well, there is one requirement for this new feature – the mailbox server that Exchange ActiveSync is accessing must be running at least Sp1.
So, with Sp2, you can host multiple domains and all users can sync!
You Had Me at EHLO.