Upgrading from Exchange Server 2003 to Exchange Server 2010

Padman De Silva

A birds eye view on the scenario
• • • • • • • • Prepare your environment Prepare AD Install Exchange Server 2010 Server Establish Coexistence Migrate Users/Data Cleaning up Exchange Server 2003 Servers Uninstall Exchange Server 2003 Servers Cleanup Environment

Upgrade versus Migration
Exchange Server 2010 DOES not Support IN-Place Upgrades from Previous Versions of Exchange! • Upgrade • Migration
Upgrade of an existing Exchange organization to Exchange Server 2010 in which you move data and functionality from the existing Exchange servers to new Exchange Server 2010 servers Replacing a non-Exchange messaging system with Exchange Server 2010 or replacing an existing Exchange organization with a new Exchange organization, without retaining any of the configuration data

Keep in mind… • Exchange 2010 doesn‘t use – Administrative Groups (AG) – Routing Groups (RG) – Link State Routing • During AD Preparation. a new Administrative Group and Routing Group will be created – Only there for Interoperability – ALL Exchange 2010 Servers will be members in this AG/RG .

PREPARING THE ENVIRONMENT .

Active Directory Prereqs • Schema Master must be Windows Server 2003 SP2 or higher • Global Catalogs must be Windows Server 2003 SP2 or higher • Forest Functional Level must be Windows Server 2003 or higher .

Exchange Prereqs • Exchange Server 2003 SP2 minimum • NO Support for Exchange 2000 • Can upgrade from a mixed Exchange 2003/2007 Organization .

space.PS1 to delete leading and trailing spaces on Public Folder Names .PS1 to replace special characters – TRIMPFNAMES. etc.Fix-up Object names • Exchange 2007 and 2010 are very strict when it comes to object naming for – Aliases and Display names • Beware of – Special characters (@.) – Leading and trailing spaces in Public Folder Displaynames • Use Powershell or Scripting for fixup – Need Exchange Management Shell installed! – FIXALIAS.

Maintain connectivity for Outlook 2003 • Exchange 2010 by default requires MAPI encryption • In Outlook 2003 it is not enabled by default! • Either – Disable the requirement on the serverside  – Enable encryption on the client  RECOMMENDED! • Use GPO to rollout the change – Use an ADM Template http://support.com/kb/2006508 – Use GPO Preferences (recommended) .microsoft.

Step 1: PrepareLegacyExchangePermissions! • Upgrade needed before Schema Extension – Failure to do so would break RUS! • Use „Setup /PrepareLegacyExchangePermissions“ or „Setup /pl“ to prepare ALL Domains! – Specify „Domain FQDN“ to prepare only one Domain – Need to be member of Enterprise Admins for this! • Will automatically be done by the next step if you forgot… .

Step 2: Extend the Schema • Exchange 2010 Setup will import differences to Exchange 2003 schema only • Use „setup /PrepareSchema“ or „setup /ps“ – Need to be Schema and Enterprise Admin! • Manual import of LDIF Files not supported! • Will automatically be done by the next step if you forgot… .

Step 3: Preparing AD for Exchange 2010 • Preparation will – Create a new Administrative Group and Routing Group • Exchange Administrative Group (FYDIBOHF23SPDLT) • Exchange Routing Group (DWBGZMFD01QNBJR) – Create some other containers… – Create the „Microsoft Exchange Security Groups“ OU in the Root Domain • Create Groups inside this OU – Prepare the local domain • Use „Setup /PrepareAD“ or „Setup /p“ – Need to be Enterprise Admin! .

Step 4: Preparing Domains • Need to prepare a Domain if you plan to – Want to create recipients in that domain – Install Exchange Servers in that domain • Will Assigns permissions at the domain level • Use „Setup /PrepareDomain“ or „Setup /pd“ – Need to specify „Domain FQDN“ – Need to be Domain Admin – Use /PrepareAllDomains to prepare all Domains in one step… .

Order for Installing Exchange Server 2010 Roles • Deploy Exchange Server 2010 Servers in the following order – Client Access – Hub Transport – Mailbox Server – Unified Messaging • Deploy Edge Transport at any time • Upgrade Internet accessible Sites first • Implement one Active Directory site at a time .

Installing the first HUB/CAS Server • Need to specify Exchange 2003 Source Server – Setup will create a Routing Group Connector between 2003<->2010 Routing Groups • Can specify external Name of CAS Services – E. FQDN used to access OWA. . ActiveSync.g. etc.

After the installation of HUB/CAS… • Inbound Mail Routing – Exchange 2003 -> RGC -> Exchange 2010 • Outbound Mail Routing – Exchange 2010 -> RGC -> Exchange 2003 • Client Access – Not completely established yet • Create a Client Access Array – Even if you don’t plan for HA. it’s an investment in the future… – Databases on all newly installed MBX Servers will use the CASARRAY as endpoint .

-Install HUB and CAS Role on HC1 -Creating a CASARRAY

LAB

Installing the first Mailbox Server
• Setup will create two new Databases
– Mailbox Database – Public Folder Database

• Possible to specify the Path and Name of these Databases
– Must run Setup from the command line to be able to do so…

• If you created a CASARRAY before, DB’s will point to it…

-Install MBX Role on MBX1 -Fixup Contacts and Public Folders

LAB

ESTABLISHING COEXISTENCE .

) – Free/Busy Interoperability – Cross Version Mailbox Access – Use Administrative Tools – Rebuilding Mailboxmanager Policies .Coexistence? • Is about – SMTP Routing – Client Access (OWA. etc. AS.

enable ANONYMOUS on receive connectors of receiving HUBs – Reconfigure Firewall/Mail Gateway for delivery to HUBs .Establishing Inbound Mail connectivity • Inbound Mails still routed via 2003 • Can be switched at any time during migration • Steps: – If no EDGE.

disable connectors as long as you don‘t switch over to 2010 .Establishing Outbound Mail connectivity • • • • Outbound Mails still routed via 2003 Can be switched at any time during migration Need to recreate all SMTP Connectors from 2003! Steps: – Duplicate SMTP Connectors on 2010 Side – Reconfigure Firewall to enable HUBs to send Mail – Reconfigure Mail Gateway(s) to accept Mail from HUBs • As a best practice.

com/enus/library/bb232021.What about Relaying? • In Exchange 2003 relaying is allowed for authenticated users and (anonymous) IP addresses you specify • Exchange 2010 behaves nearly the same – Authenticted Users are allowed to relay – To allow anonymous users to relay you need to create a dedicated receive connector: http://technet.aspx .microsoft.

EXE to export IP Addresses • Then use Powershell to read the file and use the IP Addresses when creating the relaying receive connector .Migrating Relaying-Settings • If you have a large number of IP Addresses. adding them by hand is cumbersome and error prone • Use EXIPSECURITY.

-Configuring Inbound Mail Flow -Duplicating Connectors -Migrating Relaying Settings LAB .

Using new Transport Features • Exchange 2010 introduces a several new features – Transport Rules – Moderated Transport – Etc. • If you want to use them during coexistence. there might be unpredictable results… – Exchange 2003 doesn‘t know of new features – Use “Expansion Server” Property for this .

domain.Client Access coexistence • CAS 2010 will be the primary endpoint • Will redirect OWA users to 2003 – Need to specify a redirection URL – Use „Set-OWAVirtualDirectory –Identity „HC1\owa (Default Web Site)“ –Exchange2003URL https://legacy.com/exchange“ – Need to install a new certificate for redirection url • Will proxy traffic for ActiveSync and Outlook Anywhere • Configure DNS with new(legacy) Name • Remove the Exchange 2003 from the RPC over HTTP configuration .

domain.CAS coexistence: How it all works Outlook Web Access client Exchange ActiveSync client Outlook Anywhere client Exchange 2003 front-end server Exchange Server 2010 HTTP HTTP RPC Outlook RPC Exchange Server 2003 Exchange Server 2010 External URL: https://mail.domain.com .com https://legacy.

-Establishing Client Access Coexistence -Request a new Certificate -Configure OWA Redirection URL LAB .

CAS will provide 2010 Mailboxes with F/B data data from 2003 Servers – Done via WEBDAV – Make sure Exchange 2003 „/Public“ VDIR is accessible • Integrated Windows Authentication turned on! .Free/Busy Interop • Exchange 2003 provides F/B via System Public Folders • Exchange 2010 provides F/B via WebServices • In coexistence.

.Cross Version Mailbox Access • Mailboxes on different Exchange Server versions can be opened in Outlook • Best Practice is to move both at the same time – Manager & Delegate. etc.

Administrative Coexsistence • Exchange 2010 lacks AD Users & Computers Integration – EVERYTHING must be done from Powershell or EMC • Best Practice – Use Exchange 2010 Tools for 2010 Admin Tasks – Use Exchange 2003 Tools for 2003 Admin Tasks • If you accidentialy (?) create new mailboxes on 2010 with 2003 Tools… – Attributes are missing – Use –ApplyMandatoryAttributes in Powershell .

move the OAB Generation to a 2010 MBX Server – Make sure you have Public Folder Store on this Server to support Outlook 2003 users! • As long as the OAB generation is on 2003. Outlook 2007+ will use Public Folders for OAB access .Offline Address Books • Exchange 2010 introduces some new features for the OAB • If you want to use them.

Rebuilding Mailboxmanager Policies • Exchange 2010 don‘t have Mailboxmanager Policies – The replacement is Managed Folders Mailbox Policies • Recreate Mailboxmanager Policies as Managed Folder Mailbox Policies(MFMP) in 2010 – Keep in mind that if you apply a MFMP to a mailbox you cannot enable the archive! – MFMP and Retention Policies are mutually exclusive! .

-Move Offline Address List Generation to Exchange Server 2010 -Recreating Mailboxmanager Policies LAB .

REPLICATING PUBLIC FOLDERS AND MOVING MAILBOXES .

PS1 for Single-Phase upgrades – Use AddReplicaToPfRecursive.Public Folder Replication • Hierarchy Replication should automatically start as soon as you install a mailbox server • Content Replication must be manually set – Use MoveAllReplicas.PS1 for Multi-Phase upgrades • Possible to use ESM for the Job – Work in Batches – don‘t replicate all folders at the same time .

Moving Mailboxes • Move Mailbox has changed in 2010 – We use „Move Requests“ • CAS is responsible of moving the data – No more scheduling – Reports a generated by CAS and stored in a special Mailbox • Keep in mind that the Dumpster is not retained! – If you move Mailboxes from 2010 to 2010. dumpster will be retained! .

Move Mailbox Best Practices • Check for Store Quotas on both sides – A Mailbox won‘t move if it doesn‘t „fit“ into the target store… • Test Mailbox Move – Use –ValidateOnly Switch in Powershell • Move in Batches • Have a look at transaction logs  – SIS is no longer there! .

-Add Public Folder Replicas to Exchange Server 2010 -Move all Mailboxes LAB .

CLEANING UP EXCHANGE SERVER 2003 SERVERS .

Cleanup Servers? • Before you can uninstall Exchange 2003. you need to move everything associated with the specific server to another server – Recipient Update Service – Public Folders – Connectors – Inbound Mail Routing(if not already done) – Move Public Folder Hierarchy .

Prior to moving Public Folders • First compare the contents! – Use the „Export List…“ Function in ESM to get a CSV File of Public Folders on 2003 Server – Use Powershell to get a CSV File of Public Folders on a Exchange 2010 Server – Then use EXCEL to normalize the data and compare the ITEM COUNT! • Size is not comparable… – There are also a lot of scripts out there for this task .

Move Public Folders • To move all at a time either use – ESM „Move All Replicas“ on the 2003 PF Store – Use „MoveAllReplicas.PS1“ Script on 2010 • To move in batches use the same technique as you used to add replicas… – Powershell Scripts in $EXSCRIPTS Folder – ESM .

-Remove Public Folder Replicas from Exchange Server 2003 LAB .

Remove/Move Recipient Update Services • Domain RUS – If you need to keep the RUS. just change the Exchange 2003 Server it points to… – If it is save to remove. delete the RUS • Enterprise RUS can‘t be deleted in ESM – Use ADSIEDIT – at the END OF THE UPGRADE PROCESS! .

-Remove Domain Recipient Update Services LAB .

Delete Connectors… • As soon as you switched your Inbound/Outbound Mail Routing to 2010 – Analyze Mailflow before deleting Connectors • Remove RCG only if you plan to remove the corresponding servers • Also might need to designate a new Routing Group Master… .

-Remove SMTP Connectors -Remove RGC LAB .

Move Public Folder Hierarchy • The „Public Folders“ Object needs to be moved to the Exchange 2010 Administrative Group – Use ESM to create a „Folders“ Container – Drag & Drop the Hierarchy Object .

UNINSTALL/REMOVE EXCHANGE SERVER 2003 SERVERS .

Order for Uninstalling • Remove/Uninstall Exchange Server 2003 Servers in the following order – Backend Server – Bridgehead Server – Frontend Server .

Removing Exchange Server 2003 Servers • Either use Uninstall from the Control Panel – Requires E2003 Sources (CD) • Use the „Remove Server“ Option in ESM – Need to stop all Services/Shutdown Machine • To remove a Cluster – Take all Exchange Resources except Networkname and IP offline – Select “Remove Exchange Virtual Server” in CLUADMIN .

use ADSIEDIT to remove the PF Store(dismount first) • Users are still having mailboxes on the server – Although you moved all of them… – Search for „msExchHomeServerName=*<Name of Exchange 2003 Server> in AD Users & Computers • Use „Remove Exchange Attributes“ to clean it up .Issues when removing Exchange 2003 • Public Folders don‘t replicate correctly – Instances left over in PF Store – If the data is consistent on both sides.

Making sure Outlook gets redirected to the new Server • Everyone‘s Outlook will connect to the old Server first – Will get redirected to the new server • When you remove the server before everyone‘s outlook is updated this wont happen so either: – Leave the server in place until all clients are updated – Create an Alias in DNS for the old server name an point it to a 2010 CAS(!) – Use Scripting to update client profiles  – Put on your sneakers and… .

-Removing Exchange Server 2003 Servers BE1. BE2 and FE LAB .

CLEANUP THE ENVIRONMENT .

you need to deactivate Mailboxmanager settings in ESM .Converting LDAP Filters in Objects • Exchange 2010 use OPATH format in Administrative Tools instead of LDAP • Need to convert Objects to be able to edit them – Address Lists – Recipient Policies – Dynamic Distribution Groups • Convert it with the Shell… • When Converting Recipient Policies.

remove Exchange Server 2003 Permissions in the domain – Remove Permission for „Exchange Enterprise Servers“ from the Root of the Domain – Then safely delete the group • Delete the „Exchange Domain Servers“ Group .Removing Exchange Server 2003 Permissions and Groups • After you finished the upgrade.

Sign up to vote on this title
UsefulNot useful