Re: auditing activesync logon events

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

A front-end server keeps an HTTP session connected to it and proxies the
traffic to the back-end server. Without one, the browser gets redirected to
the appropriate back-end server for the mailbox. The front-end server,
therefore, serves as a termination point for HTTP, POP and IMAP traffic from
the Internet so that Internet clients don't need to contact the back-end
server directly, and you don't have to expose the back-end servers to the
Internet. A front-end server is required when you have multiple back-end
servers unless you want to register each back-end server in your Internet
DNS and expose each of them to the Internet. If you have one mailbox
server, you certainly get less benefit from a front-end server, but there is
some benefit to not exposing your back-end server to the Internet. The
value of that to you is, of course, for you to evaluate.
--
Ed Crowley
MVP - Exchange
"Protecting the world from PSTs and brick backups!"

"Mig.En." <mgen72@xxxxxxxxxxxxxxxxx> wrote in message
news:BDDE9841-0671-445F-A5A7-94D7678C7ED2@xxxxxxxxxxxxxxxx
Thank you Ed,

So, I don't see advantages in having Front-End servers. I mean, I don't
see
the performance of the Back-End gets better if you put a Front-end server.
I
have been monitoring the back-end server with and without the Front-End
server and the use of cpu, disk, is the same. I thought that a Front-End
would allow the Back-end to work less, but I see that the workload is the
same in the Back-end when there is a Front-End and when there is not a
Front-End.

So, what is a front-end server for?

Is it for security? Ok, but then, if you want a good security system I
think
an ISA server is needed, because if there is not an ISA, it's needed to
open
a lot of ports in the firewall between the Front-End and the Back-End, so
that, I any intruder could get access to the front-End, then, this
intruder
would be able to access the Back-End and the DC of the domain due to the
open
ports in the internal firewall. So, for security, I think a Front-End
needs
an ISA server.

Don't you agree with me? I would like to know your mind about the
advantages
of having Exchange Front-ends.

Thanks, regards,


Mig.En.


"Ed Crowley [MVP]" wrote:

You thought wrong. Both will authenticate, as you've found out.
--
Ed Crowley
MVP - Exchange
"Protecting the world from PSTs and brick backups!"

"mig.en." <mig.en.@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:66B1858A-DBA7-46DD-920A-ECFE959297D5@xxxxxxxxxxxxxxxx
Hi.

I need to audite logon events when a user access to his/her mailbox by
using
a PDA with ActiveSync.


I have a Front-End and a Back-End Exchange servers. I have been doing a
test
with a PDA and I see events 540 source:security in the security log
file
(in
event viewer) both in the Front-End and the Back-End. But I am not much
sure
because this PDA doesn't work very fine.
Anyway, I see just one event 540 in the Front-End server, and lots of
540
events in the Back-End server. So, who is doing the authentication? I
thought
that the Front-End with the Domain Controller would do the
authentication
and
not the Back-End.

Well, if anyone could help about how to see which machine is doing the
authentication I would thank you, bye!!

Mig.En.






.

Quantcast