EDIT 10/14/2009: Made a few readability improvements as well as added a section based on feedback.
Traditionally, in order to access an internal share or site link posted within an email, one had...
Updated Jul 01, 2019
Version 2.0
Blog Post
Once again, another disaster as a result of the poorly designed CAS proxying "feature".
WHY is it that every time I find another flaw in CAS proxying I always read/hear the "solution" to be, "Oh just create another url for the other CAS server and make it internet facing/etc".
You do realize that almost NONE of my clients would be ok/accepting of needing more than one URL for webmail especially if its for multiple sites in the same country. Can you imagine telling customers, "Yes, for the Detroit site you need to go to detroitmail.webmail.customer.com and for the Dallas site you need to go to dallas.webmail.customer.com".
Not going to happen.
Also seriously consider the ramifications of what happens when you have multiple sites, one site that is Internet facing, cas proxying configured to the non-internet facing sites, and what the effect is on the non-internet facing sites when for some reason...oh lets say a WAN outtage....that they can't contact the internet facing site. Yep, I'm sitting next to my cas server and mbx server in site Y (non-internet facing) but I can't access OWA. Oh wait...I can add an A record (or modify the current one) to point to my CAS server (never mind the havoc it creates for the other sites if that record is replicated) and then I get to modify URIs as it has to be null for CAS proxying to work.
Seriously, do you guys TEST any of this with customers IN THE REAL WORLD before releasing this crap?
WHY is it that every time I find another flaw in CAS proxying I always read/hear the "solution" to be, "Oh just create another url for the other CAS server and make it internet facing/etc".
You do realize that almost NONE of my clients would be ok/accepting of needing more than one URL for webmail especially if its for multiple sites in the same country. Can you imagine telling customers, "Yes, for the Detroit site you need to go to detroitmail.webmail.customer.com and for the Dallas site you need to go to dallas.webmail.customer.com".
Not going to happen.
Also seriously consider the ramifications of what happens when you have multiple sites, one site that is Internet facing, cas proxying configured to the non-internet facing sites, and what the effect is on the non-internet facing sites when for some reason...oh lets say a WAN outtage....that they can't contact the internet facing site. Yep, I'm sitting next to my cas server and mbx server in site Y (non-internet facing) but I can't access OWA. Oh wait...I can add an A record (or modify the current one) to point to my CAS server (never mind the havoc it creates for the other sites if that record is replicated) and then I get to modify URIs as it has to be null for CAS proxying to work.
Seriously, do you guys TEST any of this with customers IN THE REAL WORLD before releasing this crap?