MAKING THE TRANSITION

(1)

DEFINITIVE GUIDE

TO EXCHANGE SERVER

2010 MIGRATION

CHA

P

TE

R

THR

E

EXCHANGE 2003

TO EXCHANGE 2010:

MAKING THE

TRANSITION

(2)

Microsoft Exchange 2010?

Keep your email up and running throughout your migration with Mimecast.

To find out how Mimecast can help you mitigate the risks of migration Microsoft Exchange 2010 delivers greater deployment

flexibility and reliability than ever before. It’s without doubt the best version of Exchange yet.

But if you are looking to move to Exchange 2010, you need to identify and assess the additional risks that may be introduced during the migration process, such as email downtime, data loss and interruptions to policy enforcement.

To download your free Three Step Plan, visit www.mimecast.com/Migrateto2010.

(3)

DEFINITIVE GUIDE TO EXCHANGE SERVER 2010 MIGRATION • SEARCHEXCHANGE.COM 3

HOME

PREREQUISITES FOR THE MOVE TO

EXCHANGE 2010

REACHING OUT TO THE DEPLOYMENT

ASSISTANT

STEPS IN THE TRANSITION

SHUTDOW: THE FINAL STAGES

CHAPTER 3: EXCHANGE 2003 TO EXCHANGE 2010

Exchange 2003

to

Exchange 2010:

MAKING THE

TRANSITION

The transition from Exchange Server 2003 to Exchange

2010 is not simple. Skip a step along the way and the whole

process becomes even more complicated.

BY J. PETER BRUZZESE

MICROSOFT REFERS TOthe process of

moving from Exchange Server 2003 or Exchange 2007 to Exchange 2010 as atransition, not a migration, as many refer to it. While this may seem like simple semantics, there is a reason behind it. A transition includes a period of time in which both the legacy Exchange servers and new versions of Exchange func-tion in a coexistence scenario. The length of time the coexistence peri-od lasts varies from company to company and depends on the length of time it takes to remove the last legacy Exchange Server.

So how does the transition from Exchange 2003 (or Exchange 2007) to that perfect state of Exchange 2010 happen? What’s involved? This chapter explains the complicat-ed transition from Exchange 2003 to Exchange 2010, with a few points included for Exchange 2007 admin-istrators.

PREREQUISITES FOR THE MOVE TO EXCHANGE 2010

The first step in moving to Exchange 2010 is to verify that your environ-ment meets the various

(4)

prerequi-HOME

EXCHANGE 2010

ASSISTANT

sites. For example, make sure your existing directory service infrastruc-ture is up to par by checking that you've met the following criteria:

Schema master:Confirm that it’s

running Windows Server 2003 SP1 Standard, Enterprise or a later edition.

Global catalog server:In every

Active Directory site where you plan to install Exchange 2010, you need at least one global catalog server run-ning Windows Server 2003 SP1 Stan-dard, Enterprise or a later edition.

Active Directory forest:The AD

forest functional level must be run-ning Windows 2003 forest func-tional mode.

Domain controller:AD domain

controllers must be running Win-dows 2003 SP1 Standard, Enterprise or a later edition.

Once you’ve verified this, check your environment for its readiness for Exchange 2010. In a smaller environment, you can check this manually. In a larger Exchange Serv-er environment, it’s easiServ-er to down-load and use the freeExchange Pre-Deployment Analyzer, which runs an overall topology readiness scan.

With Exchange 2010, in-place upgrades of an existing server are not possible. Therefore, you’ll need to install Exchange 2010 on its own 64-bit server. That server has to run as a

member server of the domain on an X64-based system running either Windows Server 2008 Standard or Enterprise SP2 edition or Windows Server 2008 R2 Standard or Enter-prise edition. Before installing Ex-change 2010, both ExEx-change 2003 and Exchange 2007 must be on SP2.

The next prerequisite is to prepare the Active Directory schema for an Exchange 2010 installation, which you can do in a variety of ways. In smaller Exchange installments where administrators are in complete con-trol of upgrade decisions, you simply start the installation using the graph-ic setup; behind-the-scenes com-mands and switches will run at that point. However, if you are in an envi-ronment that requires the process to be broken down into smaller pieces, take it one step at a time byrunning the following switches:

Setup/PrepareLegacyExchange

Permissions:This command, which

you can enter as /pl, is absolutely necessary for the transition from Exchange 2003 to Exchange 2010. It ensures that permissions are pre-pared between the two versions.

Setup/PrepareSchema:This

com-mand, entered as /ps, will extend the schema.

Setup/PrepareAD:Entered as /p,

the command runs the other two commands if you haven’t started them yet. This multi-tasked switch

(5)

will create Exchange security groups and prepare the local domain for Exchange.

Setup/PrepareDomain or /Prepare

AllDomains:These switches (/pd

or /pad, respectively) create a new global group called Exchange Install Domain Servers for the domain. They also add that group to the Ex-change System Objects container and the Exchange Servers group for the root domain.

As a final prerequisite, you’ll need to do some patchwork changes to the Exchange 2003 environment to allow it to communicate and perform message transport with Exchange 2010. For example, Exchange 2010 creates an Exchange routing group that is only visible using Microsoft

Exchange Server 2003 Exchange System Manager. Note: The route will be named DWBGZMFD01Q-NBJR.

Exchange also creates routing group connectors between the Exchange 2003 bridgehead routing group and the Exchange 2010 serv-er. You’ll also need to create an Exchange Administrative Group on Exchange 2003; the group will be named FYDIBOHF23SPDLT.

REACHING OUT TO THE DEPLOYMENT ASSISTANT

Before you begin the physical transi-tion to Exchange 2010, you should seek the help ofMicrosoft’s

Ex-change Server Deployment Assistant. Don’t let the tool’s initial screen, shown inFigure 1, distract you. This is

HOME

EXCHANGE 2010

ASSISTANT

FIGURE 1.

The Exchange Server Deployment Assistant

(6)

the newest iteration of the assistant, which takes into account companies that want to coexist with a cloud-based hosted Exchange solution such as Microsoft Business Productivity Online Suite (BPOS) or Office 365. Our focus, however, is strictly on the on-premises option.

Once you select the "On-Premises Only" option, you'll need to choose from a range of options, including deploying from Exchange 2003 to Exchange 2007, Exchange 2003 to 2010, Exchange 2007 to 2010 and a completely new install of Exchange 2010 (Figure 2). The tool asks yes/no questions to narrow down your needs during the transition.

STEPS IN THE TRANSITION

Once you’re certain that your

com-pany’s entire environment can han-dle the upgrade to Exchange 2010, you still need to do more prep work. If your organization has multiple sites, you’ll need to install the Exchange 2010 server onto an Internet-facing site.

I recommend administrators do a typical installation of all three key server roles—client access server, hub transport server and mailbox server. However, some design archi-tectures require that you deploy servers in stages. In these situa-tions, I recommend using the fol-lowing order:

1. Client access server (CAS) 2. Hub transport server 3. Unified Messaging server,

which is optional 4. Mailbox server

HOME

EXCHANGE 2010

ASSISTANT

FIGURE 2.

Exchange 2010 deployment scenario choices

(7)

5. Edge transport server, which is optional.

To secure external access with a CAS, you need digital certificates. It’s recommended that you obtain a sub-ject alternative name certificate from a reputable certificate authority (CA). Since you will be running a coexis-tence environment, you will need at least three different namespaces— one for the current namespace, one for the legacy namespace and one for autodiscover. If your company con-nects to its mail through mail.compa-nyname .com, which is one fully quali-fied domain name (FQDN), you should also register autodiscover.com-pany name.comand legacy.company-name.com. Finally, you’ll need to install the certificate on the legacy Exchange 2003 servers.

If you’re trying to expedite the transition or plan to move all

Exchange mailboxes over in one fell swoop, you don’t need to be con-cerned with legacy host names. You’ll need only a subject alternative name certificate for the current namespace and autodiscover.

During the transition to Exchange 2010, one user’s mailbox may

reside on Exchange 2003 while another resides on Exchange 2010. With the legacy namespace, all users—no matter which server ver-sion their mailboxes reside on— need to type only one thing to access Outlook Web App or ActiveSync services.

Prep Outlook Address Book and

directories.Depending on how

users access the email environment in off-site situations, you may want to enable Outlook Anywhere, con-figure the Outlook Address Book (OAB) and Web Services virtual directories or configure Exchange ActiveSync settings. You’ll also need to change the OAB generation serv-er to Exchange 2010.

Once you are ready to move the OAB to Exchange 2010, go to Proper-ties and choose Web-based distribu-tion from the Distribudistribu-tion tab. This is the modern method for Exchange 2007 and Exchange 2010 servers, so you don’t need public folders or pub-lic folder distribution. From the

Actions pane, choose Move and then the Exchange 2010 server that will host the OAB.

Transition inbound/outbound

mail flow.Now you’ll need to

reroute outbound Internet mail flow from Exchange 2003 to Exchange 2010. With the implementation of the edge transport server role, Send/ Receive connectors will work out of the box because the edge transport is automatically configured to send and receive email. However, if you forego installing the edge transport server role, you’ll need to make some config-uration changes to the hub transport server. In addition, you’ll need to change Send connectors and Receive connectors on the hub transport serv-er. Receive connectors are created by

HOME

EXCHANGE 2010

ASSISTANT

(8)

default; they’re not configured to allow anonymous inbound mail flow. Exchange users can send mail inter-nally but cannot receive external mail unless Receive connectors are proper-ly configured.

To configure Receive connectors, go to the Server Configuration node and locate Receive connector set-tings under the hub transport server side. Then go to the Permissions Groups tab and select Anonymous Users to allow Internet-based email to enter the organization.

Clean up public folders.If your

organization is using public folders, you’ll need to set up a public folder database in Exchange 2010 and create replicas of the data. Then remove legacy Exchange servers from the list of replicated folders so that all content resides on Exchange 2010. Set aside plenty of time for this step; replicating public folders— especially if your public folder tree has sprawled out of control—is a time-consuming process. You might even want to set aside a day for this and perform a few tests afterward to be sure all data moved.

Move Exchange 2003 mailboxes.

When you move a mailbox from Exchange 2003 to Exchange 2010, you must take the mailbox offline. So, plan to move mailboxes after regular business hours. This is dif-ferent when you upgrade from Exchange 2007 to Exchange 2010—

mailbox moves can occur simulta-neously. To move them, open the Exchange Management Console (EMC) and use the New Local Move Request. Once you’ve moved all mailboxes, go back and convert them to resource mailboxes for rooms or equipment, as needed.

SHUTDOWN: THE FINAL STAGES

When you’re certain that you’ve moved all mailboxes over to

Exchange 2010—and you must be certain because you cannot leave anything behind in a storage

group—you can move theRecipient Update Service (RUS)to Exchange 2010. This step is a bit of an anom-aly since Exchange 2010 doesn’t actuallyusethe RUS. You cannot uninstall Exchange Server 2003 from an environment if it’s the only server running the RUS. First you’ll need to use Exchange System Man-ager to enable the RUS on another server. Moreover, you can’t uninstall Exchange Server 2003 from an envi-ronment server if it’s the only server in a mixed-mode architecture that’s running Site Replication Service (SRS). You’ll have to enable SRS on another Exchange Server first.

After you create the Recipient Update Service , you may need to enable Site Replication Service on a second Exchange server. Be sure to clear away all bridgehead informa-tion and routing group data before you try to uninstall RUS.

HOME

EXCHANGE 2010

ASSISTANT

(9)

Once you’re completely confident that all mailboxes have been moved to Exchange 2010, you’ve replicated all public folder databases and and you've taken care of other odds and ends such as the RUS, the last step is to click Add or Remove Programs on Exchange Server 2003 and uninstall it.

At this point, verify that your Exchange configuration is correct. Several tools are available to help test external connectivity to the new Exchange environment, includ-ing the Exchange Best Practices Analyzer (ExBPA) and theExchange Remote Connectivity Analyzer (ExRCA). ■

J. Peter Bruzzese, Triple-MCSE, MCT, MCITP: Enterprise Messaging, is an Exchange MVP, an Exchange Instructor for Train Signal and the co-founder of ClipTraining.com. He is a technical author for Que Publishing, has produced hun-dreds of articles and videos about Exchange Server, and speaks at a variety of conferences. He is a frequent contributor for TechTarget’s

SearchExchange.comandInfoWorld.Follow him on Twitter.

HOME

EXCHANGE 2010

ASSISTANT

Cathleen Gagne Editorial Director

[email protected]

Matt Gervais Site Editor

[email protected]

Michelle Boisvert Senior Managing Editor

[email protected]

Linda Koury Director of Online Design

[email protected]

Marc Laplante Publisher

[email protected]

TechTarget 275 Grove Street Newton, MA 02466 www.techtarget.com

T

here are fewer steps involved

in removing Exchange 2007 simply because you don't have to worry about items like the Recipi-ent Update Service (RUS) and Site Replication Service (SRS). You simply have to remove Exchange 2007 from the Add or Remove Programs (in Windows Server 2003) or from Programs and Fea-tures (in Windows Server 2008).

(10)

See ad page 2

•A Three Step Plan for Migrating To Microsoft Exchange 2010

•_{Basic Energy Services Deploys Mimecast SaaS-Based UEM: Achieves Email Continuity}

and Greater Security and Compliance and Saves on Cost

•_{IDC Vendor Spotlight: Using Cloud-Based Email Management to Integrate Archiving,}

Security, and Business

About Mimecast:

Mimecast (www.mimecast.com) delivers cloud-based email management for Microsoft Exchange, including archiving, continuity and security. By unifying disparate and fragmented email environments into one holistic solution that is always available from the cloud, Mimecast minimizes risk and reduces cost and complexity, while providing total end-to-end control of email. Founded in 2003, Mimecast serves approximately 4,000 customers worldwide and has offices in Europe, North America, Africa and the Channel Islands.