Introduction to Front-End and Back-End Topologies for Exchange Server 2003 and Exchange 2000 Server

 

Microsoft® Exchange Server2003 and Microsoft Exchange2000 Server support using a server architecture that distributes server tasks among front-end and back-end servers. In this architecture, a front-end server accepts requests from clients and proxies them to the appropriate back-end server for processing. This guide discusses how Exchange Server2003 and Exchange2000 Server support the front-end and back-end server architecture. This guide also describes several front-end and back-end scenarios and provides recommendations for configuration.

Note

A front-end server is a specially configured server running either Exchange Server2003 or Exchange 2000 Server software. A back-end server is a server with a standard configuration. There is no configuration option to designate a server as a back-end server. The term "back-end server" refers to all servers in an organization that are not front-end servers after a front-end server is introduced into the organization.

Important

The information in this guide pertains to Exchange Server 2003 or later, and Exchange 2000 Server with Service Pack 3 (SP3) or later. Therefore, if you are running earlier builds, upgrade to either Exchange Server 2003 or Exchange 2000 Server with Service Pack 3 (SP3) to take full advantage of the features described in this guide.

Assumed Knowledge

You should have an understanding of Microsoft® Office Outlook® Web Access, Outlook Mobile Access, Exchange ActiveSync®, RPC over HTTP, Hypertext Transfer Protocol (HTTP), Simple Mail Transfer Protocol (SMTP), Post Office Protocol version 3 (POP3), and Internet Message Access Protocol (IMAP) version 4rev1 in a standard Exchange deployment, in addition to basic Exchange 2000 Server and Microsoft Windows® Internet Information Services (IIS) concepts.

New Exchange Server 2003 Features for the Front-End and Back-End Architecture

Exchange Server 2003 builds on the front-end and back-end server architecture and adds new features and capabilities such as RPC over HTTP communication that enables users with Outlook 2003 clients to access their Exchange information from the Internet. Additionally, the standard version of Exchange Server 2003 enables you to configure a server as a front-end server.

Kerberos Authentication

New for Exchange Server 2003 is the ability for the Exchange front-end server to use Kerberos authentication for HTTP sessions between the front-end and its respective back-end servers. While the authentication is now using Kerberos, the session is still being sent using clear text. Therefore, if the network is public or the data is sensitive, it is recommended that you use Internet Protocol security (IPSec) to secure all communication between the Exchange front-end and back-end servers.

RPC over HTTP

With Exchange Server 2003 you can now use the Windows RPC over HTTP feature to enable users who are running Outlook 2003 to be able to access their corporate information from the Internet. Information about how to plan, deploy, and manage this new feature for Exchange is in Exchange Server 2003 RPC over HTTP Deployment Scenarios.

Exchange Server 2003 Editions

Exchange Server 2003 is available in two editions, Exchange Server 2003 Standard Edition and Exchange Server 2003 Enterprise Edition. You can configure either for use as a front-end server in a front-end and back-end server architecture.

Note

Exchange 2000 Server can be used only as a back-end server in a front-end and back-end configuration. However, Exchange 2000 Enterprise Server can be used as a front-end server or a back-end server in a front-end and back-end configuration. For more information about the differences between Exchange 2000 Server and Exchange 2000 Enterprise Server, see Microsoft Knowledge Base article 296614, "Differences between Exchange 2000 Standard and Enterprise versions."

Forms-Based Authentication

Exchange Server 2003 includes a new authentication feature for your Outlook Web Access clients. For information about how to enable this feature, see Authentication Mechanisms for HTTP.

Outlook Web Access Version Support

To provide the new Exchange Server 2003 version of Outlook Web Access for users, Exchange Server 2003 must be installed on both the front-end server and the back-end server to which your users connect. When users connect to an Exchange 2003 front-end and back-end server, they are able to take advantage of the following features:

  • Forms-based authentication

  • Replying to and forwarding posts in a public folder through Outlook Web Access

  • Integrated authentication between the front-end and back-end servers

Different combinations of Exchange Server 2003, Exchange 2000 Server, and Microsoft Exchange Server 5.5 determine the version of Outlook Web Access that your users can use. The following table lists the version of Outlook Web Access that users have access to, based on the versions of Exchange that are installed on the front-end and back-end servers.

Outlook Web Access versions available to users

Front-end server

Back-end server

Outlook Web Access version

Exchange 5.5

Exchange 5.5

Exchange 5.5

Exchange 5.5

Exchange 2000

Exchange 5.5

Exchange 5.5

Exchange 2003

Not supported

Exchange 2000

Exchange 5.5

Not supported

Exchange 2000

Exchange 2000

Exchange 2000

Exchange 2000

Exchange 2003

Not supported

Exchange 2003

Exchange 5.5

Not supported

Exchange 2003

Exchange 2000

Exchange 2000

Exchange 2003

Exchange 2003

Exchange 2003

The Exchange Server 2003 version and the Exchange 2000 Server version of Outlook Web Access are substantially different from the Exchange Server 5.5 version of Outlook Web Access. The Exchange Server 5.5 version of Outlook Web Access uses Active Server Pages (ASP) to communicate with an Exchange computer that uses Collaboration Data Objects (CDO) 1.2 and MAPI. The number of clients that can access the mailbox store at the same time is limited by the MAPI-based connection to the Exchange computer.

The Exchange Server 2003 version and the Exchange 2000 Server version of Outlook Web Access do not use MAPI to access the mailbox store, and they do not use ASP pages for client connections. Clients continue to connect to the Web Access Component through Hypertext Transfer Protocol (HTTP). However, the Internet Information Services (IIS) server that hosts the Outlook Web Access component uses the Microsoft Exchange Store service to provide access to the user's messaging functions. IIS receives Outlook Web Access client requests as a proxy for message traffic between a Web client and an Exchange 2003 server or an Exchange 2000 server. If the server contains the Exchange 2003 database, Outlook Web Access uses a high-speed channel to access the mailbox store. If the server is a front-end server, Outlook Web Access sends the request to a back-end server using HTTP.