Wednesday, March 30, 2016

Migrating from Exchange 2010 to Exchange 2016 Part-2

In the first part,  i have given basic process to migration any of the legacy to latest Exchange version, as you know we are working with process orientated organization so we have to have follow the the process.

In this part i will focus on planning & pre-requisite for introduce the Exchange 2016 into existing Exchange 2010  environment.

First of all we have to understand the major changes on the Architectural of Exchange 2016, in Exchange we do have separate servers roles : Mailboxe, Client Access, HUB Transport & Unified Messaging. In Exchange 2016 Microsoft introduced only one server role, which contains all components.

We have to follow some best practices before deployment such as :


Exchange Server Sizing


As we know in Exchange 2016 we do have only one Server roles which is taking care of all Exchange components so it means hardware sizing is the most critical part of deployment.

You can use the Exchange 2016 server requirement calculator  which will give you a clear way to implements the Exchange server in existing environment.

I'm going to use VMWare environment in this series so i will follow the best practice to implements Exchange Server into VMWare.

As i mentioned in previous part assessment, based on the assessments result you have to decide or input the data into calculator and find out the hardware.


Updating Existing Environment


Before introduce the Exchange 2016 into Existing environment you have to have update the Exchange 2010 with require Service Pack 3 with Update Roll up 11.

You can download from here 

Directory Service Requirements:


In Exchange 2016 Microsoft recommended first time minimum support Forest Functional Level and Domain Functional Level is now Windows 2008 or above. So make sure your environment is ready for this.

Updating Outlook Clients:


As you already know Exchange 2016 support outlook 2010 and above on Windows and on the Mac Outlook 2011 and higher.

All version of Outlook 2016 and Outlook 2013 are supported, Outlook 2010 is supported with the latest updates ( KB2965295).

Here you can check the support Outlook version.


Naming Services:


Before implements you have to decide the names used by the clients to access the Exchange. In Co-existence  with Exchange 2010, 2013 and Exchange 2016 allows sharing of the same  HTTPS names for autodiscover, OWA, Activesync and other services, which will make your transition very easy, so before moving forward you have to finalize the names.


Preparing Hardware (VM) for Exchange 2016:


In my LAB environment i do have some hardware limitation so i'm using minimum requirements which is not going to follow into production environment.

I have already assigned 6 core CPU and 16 GB RAM.

Get the disk details which i added in to VM





Now bring the online which is in offline mode
Get the Partition details
Assign the drive latter

Now format disk with new file system called  "ReFS"

Finally get the details

In this part i have cover basic requirement of the environment before installing the Exchange server in existing environment, which is very critical.

In Next part i will start introduce Exchange 2016 server in existing Exchange 2010 environment.

Hope this part also help you to plan your environment to Exchange 2016.

Thanks you.

Part-1                                                                                                                      Part-3

Tuesday, March 29, 2016

Exchange 2016 ECP Login error 400 Outlook Web App Option :(

After completion of the Exchange 2016 in my Lab environment, when i tried to login into Exchange Admin Center,

suddenly i received error - 400 Outlook Web App Option :(  with following description:

"There was a problem opening options in Outlook Web App. Please click sign out blew, then sign in to Option in Outlook Web App again. If doesn't work, sign out, delete browser cookies, and sign in again."


First of all i verify the privileges  in my login account

I logged in with Administrator account click on permission TAB

Select double click Organization Management


Than check the Members of Active Directory Permission from Roles, which my account was missing, and problem with my account which i'm using for login. 

finally i added my account on "Active Directory Permissions"

Once completed logged off from Administrator account and tried to log in with my account and successfully logged in to Exchange Admin Center.

I know its very basic, but some time we are getting confused where the things went wrong, hope fully it will help you for pre-requisite or assigning the delegation to your team mate.

Thanks,

Welcome for valuable comments...




Thursday, March 24, 2016

Migrating from Exchange 2010 to Exchange 2016 Part-1

In this series I will focus on the implementation and migration steps to move from Exchange 2010 to Exchange 2016, also I will going to implementing features like Database Availability Groups.

Before starting it’s important to understand that a key architectural change has been made in Exchange 2016. Exchange 2010 had a number of separate roles; Client Access, Hub Transport, Mailbox and Unified Messaging.

In Exchange 2016 only a single role is used, the Mailbox role. This contains all necessary components required.

There are some best practices and recommendation before implementing /deployment/migration, so in this series we are going migrate Exchange 2010 to Exchange 2016 which will also be co-existence environment.

Following are the phases we have to follow:
1.     Assessment of existing Exchange 2010 environment.
2.     Plan & Design Phase
3.     Define the Preferred Architecture
4.     Verify the Exchange Dependent Components Compatibility
5.     POC Phase
6.     Build & Integration Phase
7.     Pilot Migration
8.     Production deployment.
9.     Stabilization and Documentation
10.  Decommission
11.  Transition and Operations

Phase-1 Assessment of existing Exchange 2010 environment

This is base line any of the migration you have to have do the assessment of existing environment which will give you clear vision for future deployment, assessment points are:
·       Mailboxes States which include the size of the mailboxes in current environment, if you get last 6 months report which will help you to future forecast of the mailboxes size quota & storage calculation.
·       Email flow analysis means average mail flow monthly, you can get daily, weekly & monthly email traffic and get the average email flow.
·       Get the all Name space of Exchange 2010 environment, which will help deploy Exchange 2016.
·       Get the all virtual directory reports.
·       Run the ExBPA and other use full scripts which will give you lot of information of you Exchange 2010 environment.

Phase-2 Plan & Design Phase

·       Plan and Design of OUs and hierarchy and Active Directory
·       Plan and Design of RBAC model and Delegations
·       Technical requirement & Dependency document will be prepared.
·       Detailed Project Plan for overall program
·       Communication template
·       UAT and System Acceptance Test plans
·       Technical Design Requirements (TDR)

Phase-3 Define the Preferred Architecture

Microsoft recommends Exchange 2016 run on Physical servers, In the PA, all servers are physical servers. Physical hardware is deployed rather than virtualized hardware for two reasons:
  1. The servers are scaled to use 80% of resources during the worst-failure mode.
  2. Virtualization adds an additional layer of management and complexity, which introduces additional recovery modes that do not add value, particularly since Exchange provides that functionality.
Commodity server platforms are used in the PA. Commodity platforms are and include:
·       2U, dual socket servers (20-24 cores)
·       up to 96GB of memory
·       a battery-backed write cache controller
·       12 or more large form factor drive bays within the server chassis
Additional drive bays can be deployed per-server depending on the number of mailboxes, mailbox size, and the server’s scalability.
Each server houses a single RAID1 disk pair for the operating system, Exchange binaries, protocol/client logs, and transport database. The rest of the storage is configured as JBOD, using large capacity 7.2K RPM serially attached SCSI (SAS) disks (while SATA disks are also available, the SAS equivalent provides better IO and a lower annualized failure rate).
Each disk that houses an Exchange database is formatted with ReFS (with the integrity feature disabled) and the DAG is configured such that AutoReseed formats the disks with ReFS.

Phase-4 Verify the Exchange Dependent Components Compatibility

·       Since we are going to co-existence environment so we have to focus on dependency services also such as:
·       Check your current backup with Exchange and see if it supports Exchange 2016.
·       Check for any Transport categorizer level Third party software's compatibility. It can be any Antispam, Antivirus, disclaimer solutions etc.
·       Check the compatibility of existing journaling solution if any.
·       Check the compatibility of email Archive solution if any.
·       Check the compatibility of MDM solutions as you know there is no more MAPI/CDO support from Exchange 2016.
·       Check the compatibility of current Monitoring solution for Exchange and see if it supports Monitoring Exchange 2016. 

Phase-5 POC Phase

  • Proof of Concept (POC) will be carried out in the lab environment by simulating the target environment, Integration and Deployment activities as per the Destination Architecture and Migration Infrastructure.
  • POC will highlight the risks if any in migration to new target environment.
  • Migration steps and SOPs
  • Application Regression and Compatibility Testing will carried by respective application owners while Wipro will assist from Exchange configuration point.
  • Server Storage Re-Configuration
  • Document on POC results.
  • POC Phase will highlight the risk & provide the Deployment challenges and related mitigations.
  • Deployment procedure doc will be prepared.
  • Migration Steps as per the POCs and Lessons learn will be prepared.


Phase-6 Build & Integration Phase 

  • Prepare new structure for Exchange 2016 as per the plan and Design document
  • Deployment of the security and Group policies based on the company security requirements
  • Integration with PKI, Federation and Identity Management systems
  • Build procedure documentation.
  • Configuration and Integration documentation


Phase-7 Pilot Migration 

  • Perform Pilot Migration for few Test mailboxes as per the process identified during proof of concept
  • Capture the procedures and lessons and any mitigations of the issues occurred
  • Identify couple of Pilot based accounts and Migrate to test the migration functionalities and features users intend to see as migration results
  • Document the process procedures and the issues to be mitigated and mitigation steps
  • Issues, Lessons learned and mitigation steps
  • User Acceptance Test signoff 


Phase-8 Production Deployment 

  • Implement the communication plan
  • Perform the Mailbox Migration from Source to Target as per the Migration plan and schedule after approved by MBO department.
  • Migration Pre-checklist
  • Migration Post Checklist
  • Capture Issues and Mitigations not seen during POC and Pilot
  • Project Status report (Daily, Weekly, Monthly)


Phase-9 Stabilization and Documentation 

  •        Email routing change from Exchange 2010 to Exchange 2016.
  •        Decommissioning of  legacy MX records
  •        Address operational issues
  •     Finalization of an OTD and any other ITS standard required artefacts
  •     All Build and Configuration document updating and Review
  •     Draft Operational 


Phase-10 Decommission 

  •            Post stabilization and verification phase once the confirmation is done that all Exchange             mailboxes are completely migrated and the access for each mailboxes is verified.
  •          Results need to be verified if any issues occurring.
  •          Decommission of source Exchange 2010 connectors.
  •          Decommission of source Exchange mailbox servers 2010. 


Phase-11 Transition and Operations 

  • Knowledge transfer to the existing support team on the new environment.
  • All build and Configuration document will be shared
  • Administrative operations related to the Incident, Service request, Problem and Change management would be carried out by respective team as per outlines solution descriptions.
  • Operational Turnover and acceptance All the project related documents will be submitted to the ops team for a complete handover


Hope this part will help you for designing and planning for your existing Exchange environment to latest version, it will apply any of the transition or migration.

On next part i will start for migration preparation from Exchange 2010 to Exchange 2016.

Exchange Analyzer for Exchange Server 2013 or 2016

Exchange Analyzer is a PowerShell tool that scans an Exchange Server 2013 or 2016 organization and reports on compliance with best practices.

Historically, Microsoft has provided tools to scan an Exchange Server organization to check its configuration against known “Best Practices”. Exchange 2007 and 2010 included these Best Practice Analyzers (BPA) within the server software itself, while Exchange 2013’s version was shipped externally.



For more details



Monday, March 7, 2016

Exchange 2016- Management Shell error- The WinRM Shell Client can not process the request

Issue:

After installing Exchange 2016, when I tried to open Exchange Management Shell, received error


Solution:
Open IISà Right Click on Exchange Back end

Click on Edit Bindings, Select https: with port 443


Click on Edit select SSL Certificate and check the Exchange server entry, it was not.


Select Exchange Server.


Click on Ok and close the IIS wizard and re-start the IIS and check it works.




Wednesday, March 2, 2016

Federation Information Could not be received from the External Organization –Exchange 2010-Office 365

Issue:

Last week, i was setting up the Exchange Federation one of my Exchange on premises to Office 365 for setting up free busy and more..
I have followup all Microsoft recommendation as usual to create the federation trust, everything seems fine, i have created TXT record in external DNS and update the federation proof, updated autodiscover url and create the rules in reverse proxy.

When i came back to my  on-premises Exchange server and tried to get the federation information for new domain and it was RED.


Workaround 

After getting the error, i have started troubleshooting step by steps:

1. First of all i verified the Telnet and found it is working fine with port 443.

2. Second step  "WSSecurityAuthentication"  is enabled(True) is not, i have checked on  virtual directory with following cmdlet:


Get-AutodiscoverVirtualDirectory | Fl *wssecurity* 
It was true on server
If in case if it is not true use following command to set 
Set-AutodiscoverVirtualDirectory "MBX\Autodiscover (Default Web Site)" –WSSecurityAuthentication:$true

3. Third steps verify the Autodiscover URL working or not 
Use a browser from external world, you have to make sure it opens a credential prompt.

4. Next steps If Get-FederationInformation -DomainName Test.com failed on internal server and working on external server than you have  verify “autodiscover.tech.com” is pinging 

5. Fifth step is to verify MRSPRoxy is enabled or not with following cmdlet :
Get-WebServicesVirtualDirectory | fl *mrs*
If it is not set use below cmdlet
Set-WebServicesVirtualDirectory "MBX\EWS (Default Web Site)" -MRSProxyEnabled:$true
6. Final you have to verify the Authentication in Autodiscover directory in IIS, it should not Kerberos.

In mine case it was authentication issues in IIS directory, once i change issues got solved.

Hope it will help you for Federation troubleshooting.
Cheers!