Wednesday, January 4, 2012

Transitioning from Exchange Server 2003 to Exchange Server 2010 Part-3

In this multi-part article, we will take a deep dive into how to transition between Exchange forests with different versions of Exchange deployed.



Transitioning from Exchange Server 2003 to Exchange Server 2010 Part-1
Transitioning from Exchange Server 2003 to Exchange Server 2010 Part-2
Transitioning from Exchange Server 2003 to Exchange Server 2010 Part-4
Transitioning from Exchange Server 2003 to Exchange Server 2010 Part-5



7  Pilot Phase


Mailbox Storage Design

Before installing the Exchange Server 2010 Mailbox Server role a proper storage design has to be made. Microsoft has recently released the new storage calculator, which is now called the “Exchange 2010 Mailbox Server Role Requirements Calculator” and can be downloaded here:

http://msexchangeteam.com/archive/2009/11/09/453117.aspx.

Configuring the Exchange Server 2010 servers

When both Exchange servers are installed it is time to configure the Exchange environment properly before Exchange Server 2010 can be used and mailboxes can be moved. The following needs to be configured:

• Relocate the Mailbox Databases on the new storage solution;

• Unified Communications certificate on the Client Access Server;

• New server certificate on the Exchange 2003 front-end server;

• OWA 2010 needs to be configured for use with Exchange Server 2003;

• Public Folder replication.

• A send and receive connector also have to be configured.


Unified Communications Certificate

On the Exchange Server 2010 Client Access Server a new 3rd party Unified Communications certificate needs to be installed. According to Microsoft knowledge base article 929395 (http://support.microsoft.com/kb/929395) the following Certificate Authorities are supported for use with Unified Communications certificates:

Entrust - http://www.entrust.net/microsoft/
• Digicert - http://www.digicert.com/unified-communications-ssl-tls.htm
• Comodo - http://www.comodo.com/msexchange

However, most SSL Certificate Authorities can generate UC/SAN certificates that will work just fine. New in Exchange Server 2010 is the possibility to request certificates using the Exchange Management Console. Open the Exchange Management Console and select the Server Configuration in the navigation pane. Select the Exchange Server 2010 Client Access Server and create a new certificate request. For our environment we have to use the following domain names in our certificate:

• Webmail.Almora.com
• Autodiscover.Almora.com
• Legacy.Almora.com

During the coexistence phase Internet clients will connect to the Exchange Server 2010 Client Access Server while their mailbox is still on Exchange Server 2003. The client request will then be redirected to the old Exchange Server 2003 front-end server. This server will therefore get a new FQDN (Fully Qualified Domain Name) and thus need a new certificate. This new FQDN will be legacy.Almora.com.

OWA Configuration

During installation of the Exchange Server 2010 Client Access Server all settings have been configured for use on the Internet. The only thing that needs to be configured is the coexistence information for Outlook Web App. The Client Access Server needs to be configured in case a mailbox is still on Exchange Server 2003 and the client needs to be redirected to the Exchange Server 2003 front-end server.

On an Exchange Server 2010 server enter the following Management Shell Command:

Set-OWAVirtualDirectory\OWA-ExternalURLhttps://webmail.Almora.com/OWA ‘
-Exchange2003URL https://legacy.Almora.com/exchange

This will make sure that when a user connects to Exchange Server 2010 Client Access Server for Outlook Web Access and the mailbox is still on Exchange 2003 the client will be redirected to the old Exchange Server 2003 front-end server.

Public Folder Replication

During installation of the Mailbox Server a new Exchange Server 2010 Mailbox Database will be automatically created. After installation you have to make sure that this database is moved from the default location to an alternate location for recovery and performance reasons.

A new Public Folder database will also be automatically created on the new Mailbox Server. The hierarchy, which is the structure of all Public Folders, will be automatically replicated between all Public Folder Databases in the entire organization. The content replication of the Public Folders will have to be configured manually though.

To replicate the Offline Address Book and Free/Busy folders from Exchange Server 2003 to Exchange Server 2010 open the Exchange System Manager on the Exchange Server 2003 server and navigate to the System Folders in the ‘Folders’ folder in the First Administrative Group Navigate to the first Offline Address Book folder, right click it and select “All Tasks…”. The next is to select “Manage Settings”.

If you want to toggle between the System Folders and the normal Public Folders, navigate to the Public Folders, right click the Public Folders and select “View System Folders” or “View Public Folders”.


The “Manage Public Folder Settings wizard” will appear. Click next on the Welcome page and select the “Modify lists of replica servers”. Follow the wizard and add the Exchange Server 2010 Mailbox Server role as a new replica. When finished, the folder and all its subfolders will be replicated to the Exchange Server 2010 Public Folder database. Repeat this step for the second Offline Address Book folder and the Schedule+ Free Busy folder.

Note: When the “Manage Settings” option is not available you can select “Properties” and select the replication tab to add the Exchange Server 2010 Public Folder Database.

Note: replication of public folders can take quite some time.

The (default) Public Folder that are located on the Exchange Server 2010 Mailbox Server should be replicated to the Exchange Server 2003 Mailbox Server. To accomplish this logon to the Exchange Server 2010 Mailbox Server, open the Exchange Management Console and navigate to the Tools node. Under the Tools node open the Public Folder Management Console.

Right click the Offline Address Book in the results pane, select Properties and click the Replication tab.

Offline Address Book

Changing the Offline Address Book generation isn’t the most difficult part of a migration. Logon to the new Exchange 2010 Server and open the Exchange Management Console. In the navigation pane, navigate to the Organization Configuration and select the Mailbox option. In the results pane, select the Offline Address Book tab. Right here you’ll see that the ‘old’ 2003 Mailbox Server is the Offline Address Book generation server. Right click this server and select ‘Move…’ The Move Offline Address Book wizard will appear, use the Browse button to select the Exchange 2010 Mailbox Server Role as the new generation server. Click the Move button to finish the wizard. When finished click the Finish button.
                                                                 Click on Update

                                                   Select Exchange 2010 server “MX2010”

                                                                  Click on Move


                                       You can also check the Offline address book properties.

Address List conversion

Exchange Server 2010 uses E-mail Address Policies, just like Exchange Server 2007. And, as with Exchange Server 2007 these are not compatible with the Recipient Policies used in Exchange Server 2003. The next step is to convert the Recipient Policies to Exchange Server 2010 Email Address Policies.

There’s no way to achieve this using the Exchange Management Console so we need the Exchange Management Shell. When you try to edit a Recipient Policy in Exchange Server 2010 Management Console it gives a clue on how to convert the Recipient Policies to E-mail Address Policies:


You cannot edit Exchange 2003 Recipient Policies in Exchange Server 2010

Besides the fact that you have to convert the Recipient Policies to Email Address Policies there’s another very important aspect. Exchange Server 2003 can use LDAP queries for Recipient Policies while Exchange Server 2007 and Exchange Server 2010 use a new technique called OPATH filtering for creating queries. The OPATH filtering syntax replaces the LDAP filtering syntax. Using OPATH it is possible to create filters directly in the Exchange Management Shell using the –RecipientFilter parameter.

LDAP filters are supported in Exchange Server 2010, and they continue to work, but they only exist on objects that are migrated from Exchange Server 2003 or earlier. But if you want to edit LDAP filters they first need to be converted to OPATH filters. Microsoft has created a script that can convert your LDAP filters to OPATH filters. Check the Exchange team blog for more information: “Need help converting your LDAP filters to OPATH?

                                                                 You can use cmdlet

                                                      Setting the new Policy.

Mail flow settings

Before changing the actual SMTP mailflow we have to create a Send Connector first. This will allow the Hub Transport Server to send SMTP mail to the Internet directly. In the Exchange Management Console, navigate to the Organization Configuration and select the Hub Transport Server. In the Actions Pane select “New Send Connector…” and create a new SMTP connector to the Internet. Select * in the namespace (this will send all outbound messages go through this connector) and select the DNS or the Smarthost option, depending on your own situation.

By default the Receive Connector on the Exchange 2010 Hub Transport Server will not allow any anonymous connections. To change this open the Exchange Management Console, navigate to the Server Configuration and select the Hub Transport Server in the Results Pane. Right Click the default Receive Connector and select its properties. Select the Permissions tab and check the “anonymous” option to enable SMTP anonymous access.

Client Access Server

In the previous article regarding the upgrade from Exchange Server 2003 to Exchange Server 2010 I explained the different namespaces. On the Exchange Server 2010 Client Access Server there’s a certificate with the following names:

• Webmail.Almora.com
• Autodiscover.Almora.com
• Legacy.Almora.com

When an OWA client logs on to the Exchange Server 2010 Client Access Server and the particular mailbox is still on Exchange Server 2003 the client gets redirected to the Exchange Server 2003 front-end server. This server will have the legacy. Almora.com name, since two servers cannot have the same Fully Qualified Domain Name (webmail.Almora.com).



Part-4















No comments:

Post a Comment