Exchange ASA configuration
The coexistence of both Exchange Environments requires us to configure the Exchange Service (ASA) for Exchange 2016. The existing account should not be used for both environments.
First check if the Exchange 2010 Environment has ever been assigned or configured with an ASA.
Get-ClientAccessServer -IncludeAlternateServiceAccountCredentialStatus | fl name, age *
Create a new computer account with this command for the Exchange 2016 Environment
New-ADComputer -Name CS-MSXASA -AccountPassword (Read-Host ‘Enter password’ -AsSecureString) -Description ‘Alternate Service Account credentials for Exchange’ -Enabled: $ True -SamAccountName CS-MSXASA
Enable the AN 28 cipher suites required by Kerberos with the 256 value.
Set-ADComputer CS-MSXASA -add @ {“msDS-SupportedEncryptionTypes” = “28”}
Exchange ASA assignment
Start the Exchange Management Shell on both CAS servers and change to the directory <Exchange 2016 installation directory> \ V15 \ Scripts.
On the first node, we execute this command:
. \ RollAlternateServiceAccountPassword.ps1 -ToSpecificServer CS-MSX3.ccs.local -GenerateNewPasswordFor ccs \ cs-msxasa $
On the second node, this command. The configuration is copied from the first to the second node.
. \ RollAlternateServiceAccountPassword.ps1 -ToSpecificServer CS-MSX4.ccs.local -CopyFrom CS-MSX3.ccs.local