Thursday, July 22, 2010

Transition Exchange 2003 to Exchange 2010

 

This article will document the process for transitioning your existing Exchange 2003 environment to Exchange 2010.

Readiness Checks

First things first, you must validate whether your existing Exchange 2003 environment is ready for Exchange 2010.  To do this download/update and run the Exchange Best Practice Analyzer (ExBPA) tool.  Select the “Readiness” check from the list of tests to run. Remediate any issues flagged.  Following remediation, re-run the ExBPA tool and to verify the environment is ready.

Exchange Server 2010 can easily coexist in a Exchange Server 2003 organization as long as the Exchange Server 2010 prerequisites are met:

  • Your domains and the domain controllers meet the system requirements in the "Network and Directory Servers" section of Exchange 2010 System Requirements.
  • The Active Directory forest needs to be in Windows Server 2003 forest functionality mode;
  • All domains that contain Exchange recipients need to be in Windows Server 2003 domain native mode;
  • The Global Catalog Servers and the Active Directory Schema Master need to be at a minimum level of Windows Server 2003 SP1 (which equals to Windows Server 2003 R2);
  • The Exchange 2003 organization needs to be running in ‘native mode’;
  • Link State updates on all Exchange Server 2003 servers need to be disabled according to Microsoft knowledge base article KB 123456.
    • To disable the use of link state information by all connectors, you have to edit the registry on the Exchange server with the connectors in question:
      1. Go to the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet \Services\RESvc\Parameters.
      2. Add a new REG_DWORD value in this key named SuppressStateChanges and set it to 1.
      3. Restart the system (or at least Exchange Server services).
  • Namespace Changes
    • In Exchange Server 2010 this has changed. When a client connects to Exchange Server 2010, it actually connects to the Exchange Server 2010 Client Access Server and if the mailbox is still on the Exchange Server 2003 Mailbox Server then the client is redirected to the Exchange Server 2003 front-end server. This front-end server then handles the connection request. This automatically means the namespaces of the Exchange environment will change. For this article this means that the following namespaces are used:
      • https://webmail.contoso.com – This is used by all Internet clients that connect to the Exchange environment. This name is not different than in the Exchange Server 2003 namespace, but it will now point to the Exchange Server 2010 Client Access Server;
      • https://autodiscover.contoso.com – This is used by Outlook 2007 and (Outlook 2010) clients for autodiscover purposes;
      • https://legacy.contoso.com – This will be the new namespace for the Exchange Server 2003 front-end server. This automatically means that the namespace for the Exchange Server 2003 front-end server is going to change!

Prepare Active Directory

For a more in depth explanation of the process reference the following article:  http://technet.microsoft.com/en-us/library/bb125224.aspx 

Basic Steps:

Note:  PrepareAD will handle the SchemaPrep, legacyExchangePermissions, Adprep operations.

  • Setup /prepareAD /Organization:
  • setup /PrepareDomain

 

Installing Exchange 2010 Servers

Note: The installation process will reflect a Front-end (HT and CAS) and Backend (MBX) server topology.

Installing the Front-end (HUB and CAS)

  • Install Prerequisites/Roles/Features
Item Info
Install Prerequisites

The servers that will hold the Exchange Server 2010 server roles have the following prerequisites:

  • The servers need to be running on Windows Server 2008 or Windows Server 2008 R2;
  • .Net framework 3.5 with SP1 needs to be installed;
  • PowerShell 2.0 needs to be installed;
  • Office 2007 Filter packs needs to be installed for the Hub Transport Server role and the Mailbox Server role; Http://go.microsoft.com/fwlink/?LinkId=123380

Make sure that after installing Windows on the servers that they are up-to-date with the latest hotfixes and service packs.

Install Roles/Features From a Powershell Command Prompt (With elevated privileges)

<prompt> Import-Module ServerManager
<prompt> Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy –Restart

After the servers have rebooted, we must open an elevated Windows PowerShell window again, and set the service to start automatically. This can be accomplished with the following command:

Set-Service NetTcpPortSharing –StartupType Automatic

Since we are going to install both the Hub Transport on these servers, we must also install the Microsoft Filter Pack.

Additional Configurations

I will then turn off the Internet Explorer Enhanced Security Configuration for Administrators.
Go to the Server Manager, Scroll down to the Security Information

  • Installing Exchange Client Access/Hub Server Role:  Automated Install

    Setup.com /mode:install /roles:ht,ca /ExternalCASServerDomain:webmail.contoso.com
    /LegacyRoutingServer:Ex2003srv.contoso.com

 

Install Exchange Certificate for Exchange 2003 and Exchange 2010 Servers

Within this article we will not step through the process of creating an Exchange certificate or applying the Exchange certificate, because there are a number of different scenarios that warrant different processes.  In our case we generated a certificate using the “New Exchange Certificate” wizard in Exchange 2010.  This was accomplished through the Exchange Management Console > Server Configuration > CAS node > New Exchange Certificate in the right hand action pane.  

For the Exchange Certificate Configuration we defined the following data:
Certificate requirements will vary depending upon the environment. Whether its externally accessible, etc.. Generally 3rd party certificates are recommended for the FrontEnd Exchange 2010 Servers (CAS), so that all clients connecting will trust them (internal/External).


Exchange Configuration:

Outlook Web App is on the Intranet webmail.contoso.com, <CASfqdn>
Outlook Web App is on the Internet webmail.contoso.com
Exchange Active Sync is enabled webmail.contoso.com
Exchange Web Services is enabled
Outlook Anywhere is enabled
webmail.contoso.com

Certificate Domains:

webmail.contoso.com
autodiscover.contoso.com
legacy.contoso.com
<casFQDN>

enter the rest of the data according to you organizations requirements.

 

 

OWA 2010 needs to be configured for use with Exchange Server 2003;

During installation of the Exchange Server 2010 Client Access Server all settings have been configured for use on the Internet. The only thing that needs to be configured is the coexistence information for Outlook Web App. The Client Access Server needs to be configured in case a mailbox is still on Exchange Server 2003 and the client needs to be redirected to the Exchange Server 2003 front-end server.

On an Exchange Server 2010 server enter the following Management Shell Command:

Set-OWAVirtualDirectory <CASHUB01>\OWA -ExternalURL https://webmail.contoso.com/owa -Exchange2003URL https://legacy.contoso.com/exchange

This will make sure that when a user connects to Exchange Server 2010 Client Access Server for Outlook Web Access and the mailbox is still on Exchange 2003 the client will be redirected to the old Exchange Server 2003 front-end server.

 

 

Installing the Mailbox Server Role

Note:  This process assumes that a Database Availability Group (DAG) will be configured.

Item Info
Install Prerequisites

The servers that will hold the Exchange Server 2010 server roles have the following prerequisites:

  • The servers need to be running on Windows Server 2008 or Windows Server 2008 R2;
  • .Net framework 3.5 with SP1 needs to be installed;
  • PowerShell 2.0 needs to be installed;
  • Office 2007 Filter packs needs to be installed for the Hub Transport Server role and the Mailbox Server role;
    Http://go.microsoft.com/fwlink/?LinkId=123380

Make sure that after installing Windows on the servers that they are up-to-date with the latest hotfixes and service packs.

Install Roles/Features From a Powershell Command Prompt (With elevated privileges)

<prompt> Import-Module ServerManager
<prompt> Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,
Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server -Restart

After the servers have rebooted, we must open an elevated Windows PowerShell window again, and set the service to start automatically.
This can be accomplished with the following command:

Set-Service NetTcpPortSharing –StartupType Automatic

Since we are going to install both the Mailbox Server Role on these servers, we must also install the Microsoft Filter Pack.

 
Configuring Network Adapters

Two NICs should be installed on each Mailbox Server.  For our example we will use the following Network Connections:

  • PROD (Connection to Production Network)
  • REPLICATION  (Connected to the isolated Replication network)


Figure 1: Network connections

Let us first open the property page of the PROD interface. Here it is typically fine to leave the default settings as is. Optionally, you can uncheck QoS Packet Scheduler and Internet Protocol Version 6 (TCP/IP v6).


Figure 2: Properties of PROD interface

Open the property page of Internet Protocol Version 4 (TCP/IPv4). Here we have a static IP address configured as well as the other necessary settings (default gateway, subnet mask, and DNS server).


Figure 3: TCP/IP Version 4 Properties for the PROD interface

When you have configured the NIC correspondingly, close the property page by clicking OK twice.

It’s time to configure the network settings for the “REPLICATION” interface, so let us open the property page of the “REPLICATION” NIC. Uncheck “Client for Microsoft Networks” and “File and Printer Sharing for Microsoft Networks” as shown in Figure 4. In addition, you may optionally uncheck QoS Packet Scheduler” and Internet Protocol Version 6 (TCP/IPv6).


Figure 4: Properties for the REPLICATION interface

Now open property page of  REPLICATION network - “Internet Protocol Version 4 (TCP/IPv4)” and enter an IP address and subnet mask on the isolated replication subnet. Since this NIC solely is used for replication, seeding and heartbeats, you should not specify any default gateway or DNS servers.

Note:
If routing on the “REPLICATION” interface for some reason is necessary between the two servers, you should use static routes instead of specifying a default gateway.


Figure 5: TCP/IP Version 4 properties for the REPLICATION interface

Now click “Advanced” and uncheckRegister this connection’s addresses in DNS” and then click “OK” twice.


Figure 6: Advanced TCP/IP Properties for REPLICATION interface

Now that we have configured each NIC, we must make sure the “PROD” NIC is listed first on the binding order list. To bring up the binding order list, you must press the ALT key, and then select Advanced > Advanced Settings.


Figure 7: Selecting Advanced Settings in the Network Connection menu
If not already the case, move the PROD NIC to the top as shown in Figure 8.


Figure 8: Binding order for the network interfaces

Click OK and close the Network Connections window.

Note:
You should of course make sure the above steps are performed on each of the MBX servers.

Prepare your Storage

Create your Database and Log LUNS on your storage solution.  Make sure to assign each LUN disk identically on each MBX server.

For our demo purposes we have the following storage configuration:
Note:  By rights I would normally place the Exchange Binaries on a separate volume however for this demo it will be installed on the system volume.

Drive/Volume Size Directory
C:\ System 80GB na
G:\   DBLUN1 500GB G:\MDB1
H:\   LogLUN1 250GB H:\MDB1LOG
Installing Exchange 2010 Mailbox Role

At this point you should have your Prerequisites installed, Windows updates applied, DAG created, Network setting applied and Storage prepared.   Next step is to install Exchange Server 2010 mailbox role onto the designated Exchange 2010 Mailbox Server(s).       This process is straight forward following the Wizard on the installation media.  If you desire to use the command line installation, the command is listed below.

Setup.com /Mode:Install /Roles:Mailbox /MdbName:MDB01 /DbFilePath:C:\Mailbox\MDB01\mdb01.edb LogFolderPath:C:\Mailbox\MDB1Log

image

Moving Exchange Database Paths

If you did not use the command-line above for specifying Database name, file and folder location for the first database, then you should go into the Exchange Management Console to Move and Rename each Mailbox database.  Even if you have used the command line install, you should verify the names and paths are correct.

To move and rename the Database(s):
  1. Open Exchange Management Console > Organization Configuration > Mailbox.  Within the Database Management tab in the center pane, select the database you wish to move and rename.
  2. Right click on the database, select “Move Database Path”.  The Move Database Path wizard will open.
  3. Within the wizard change the path for the Database and Logs, so that they are placed in the proper LUNs created in the Prepare Storage section.  At this point you may also want to rename the database file name.
  4. Once the file name is changed, Click “Move” button.
  5. when Completed click “Finish” button.
  6. Now you can rename the actual database name.  This is done by right click the Database within the console, select Properties, and Change the name of the database and click OK.

<Insert Image>

 

Creating the DAG:

Note: This process can be completed before or after the mailbox server is installated.

  • Permissions Required to create the DAG:
    You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Database availability groups" entry in the High Availability Permissions topic.
  • Creating the DAG using Exchange Management Shell:
    • Create the DAG, define a witness server, witness directory, and static IP address for DAG

      New-DatabaseAvailabilityGroup -Name DAG01 -WitnessServer EXHUB01 -WitnessDirectory C:\DAG01 -DatabaseAvailabilityGroupIPAddresses x.x.x.x
    • The IP is for the MAPI or CorporateNetwork 
      Add Mailbox Server(s) to the DAG
      Note:  Dont complete:Add Mailbox Server(s) process unless you have already installed Exchange 2010 Mailbox Role in the environment.  In our case we have not yet, so we will  -execute this command after Exchange Mailbox Role installation.

      Add-DatabaseAvailbilityGroupServer -Identity DAG01 -MailboxServer MBX01

     

    • Create DAG Network (for mailbox DB replication)

      New-DatabaseAvailabilityGroupNetwork -DatabaseAvailabilityGroup DAG01 -Name DAGNetwork01 -Subnets 10.10.2.0/24 -ReplicationEnabled:$true

    Note:  Dont complete:Add Mailbox Server(s) process unless you have already installed Exchange 2010 Mailbox Role in the environment.  In our case we have not yet, so we will execute this command after Exchange Mailbox Role installation.

     

    Note:  Adding the mailbox server(s) to the DAG will install the Failover Clustering Component on the servers.  This process may take a few minutes.

    • Check the configuration of the Database Availability Group.  Open the Exchange Management Shell and enter the following command.

      Get-DatabaseAvailabilityGroup | FL

<Insert Image cmd window>

Once complete open Failover Cluster Manager and check the resources

<Insert Image Failover CM> 

Check the configuration of the Database Availability Group.  Open the Exchange Management Shell and enter the following command.

Get-DatabaseAvailabilityGroup | FL

<Insert Image cmd window>

Adding Mailbox Database Copies

If you have multiple Exchange mailbox servers within your DAG you can create the Mailbox Database Copies.  If you are not planning on utilizing the DAG, then hopefully you did not create a DAG otherwise what would be the point.

To add mailbox database copies perform the following:

  1. Open the Exchange Management Console > Organization Configuration > Mailbox > Database Management tab
  2. Right click the Database you wish to create a copy, and select “Add Mailbox Database Copy” from the menu.
  3. Click Browse button and select from the list of available Mailbox server you wish to maintain a copy on.

  4. Once the server is selected, click “Add”.
  5. When the wizard completes successfully, click Finish.
  6. Now you can open the Properties of the Database and view the status of the “Database Copies” .
  7. If you log on to the Mailbox Server that you added in step 3 above, you can navigate to DB and seeded and log files replicated.

    Log files replicate to the server holding the passive database copy.
    Database seeded

 

 

Configuring the Exchange 2010 Servers

When both Exchange servers are installed it is time to configure the Exchange environment properly before Exchange Server 2010 can be used and mailboxes can be moved. The following needs to be configured:

 

System Folder Replication

A new Public Folder database will also be automatically created on the new Mailbox Server. The hierarchy, which is the structure of all Public Folders will be automatically replicated between all Public Folder Databases in the entire organization. The content replication of the System Folders will have to be configured manually though.

To replicate the Offline Address Book and Free/Busy folders from Exchange Server 2003 to Exchange Server 2010:

  1. open the Exchange System Manager on the Exchange Server 2003 server and navigate to the System Folders in the ‘Folders’ folder in the First Administrative Group Navigate to the first Offline Address Book (/o=<Exchange Org>/CN=….)folder, right click it and select “All Tasks…”. The next is to select “Manage Settings”.

If you want to toggle between the System Folders and the normal Public Folders, navigate to the Public Folders, right click the Public Folders and select “View System Folders” or “View Public Folders”.

clip_image001

  1. The “Manage Public Folder Settings wizard” will appear. Click Next on the Welcome page and select the “Modify lists of replica servers”. Follow the wizard and add the Exchange Server 2010 Mailbox Server Public Folder Database  as a new replica. When finished, the folder and all its subfolders will be replicated to the Exchange Server 2010 Public Folder database.
  2. Repeat this step for the EX:/o=<>  Offline Address Book folder and the Schedule+ Free Busy folder.

Note: When the “Manage Settings” option is not available you can select “Properties” and select the replication tab to add the Exchange Server 2010 Public Folder Database.

  1. The (default) Public Folder that are located on the Exchange Server 2010 Mailbox Server should be replicated to the Exchange Server 2003 Mailbox Server. To accomplish this logon to the Exchange Server 2010 Mailbox Server, open the Exchange Management Console and navigate to the Tools node. Under the Tools node open the Public Folder Management Console.
  2. Right click the Offline Address Book in the results pane, select Properties and click the Replication tab.

clip_image002

3.  Add the Exchange Server 2003 Mailbox Server to the replica list, the contents will now be replicated to the Exchange Server 2003 Mailbox Server. Be aware that Public Folder replication is a low priority mechanism, so it takes some time before both Public Folder databases are in sync.

4.  Repeat these steps for the Schedule+ Free/Busy folder.

Public Folder Replication

Following System Folder replication, you can move on to adding an Exchange 2010 MBX server as a replica to the public folders.

Open EMS and jump to path  drive:\Program Files\Microsoft\Exchange Server\V14\Scripts and run the script AddReplicaToPFRecursive.ps1
This will add replica of public folders on Exchange Server 2003 to Exchange Server 2010. This is the simplest way to add replica of all PFs to Exchange 2010 PF database.

Note:  I recommended performing the replication off hours.  This operation will generate significant traffic depending on the public folder data amounts.

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\AddReplicaToPFRecursive.ps1 -TopPublicFolder "\" -ServerToAdd "exchange2010"

DONOT MOVE ONTO THIS NEXT STEP OF REMOVING THE 2003 REPLICAS UNTIL REPLICATION IS COMPLETE, AND YOU ARE COMFORTABLE WITH REMOVING 2003 AS A REPLICA.  I GENERALLY INCLUDE THIS STEP AFTER 2003 USERS HAVE BEEN MOVED OVER TO EXCHANGE 2010.

Once the replica is added the next step is to move the replica from Exchange 2003 to Exchange 2010. To do this, jump to scripts directory and run following command.

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\MoveAllReplicas.ps1 -Server "Exchange2003" -NewServer "Exchange2010"

 

Offline Address Book Generation

 

Address List Conversion

RECOMMENDATION:  DO NOT DO THIS PART UNLESS YOU ARE CLOSE TO DECOMMISSIONING YOUR 2003 SERVERS.  EMAILADDRESS POLICIES THAT WILL NOT CONVERT WILL CAUSE PROBLEMS>

There is a major change in the way Address Lists were handled by Exchange 2003 and the way Exchange 2010 handles them. The most important thing that needs to be known before migrating the Address Lists to the Exchange 2010 server is to know that Exchange 2010 does not support the LDAP filters. The LDAP filters must be converted to OPATH filters before the Address Lists can be moved. If you have custom LDAP filters implemented to configure Address Lists make sure that you prepare the corresponding OPATH filters as well. Also, there is no GUI interface for upgrading or moving the Address Lists to Exchange 2010. This movement/upgrade has to be done using EMS.

 

Moving Mailboxes

Moving mailboxes from Microsoft Exchange Server 2003 Service Pack 2 (SP2) or later to Exchange Server 2010? Consider the following:

  • The move process is performed offline, and end-users won't be able to access their mailboxes during the move.
  • Perform the move from a server running Exchange 2010 by using the move request cmdlets in the Exchange Management Shell. You can't use Exchange System Manager on an Exchange 2003 server to move the mailboxes.
  • You can't move mailboxes from Exchange 2003 Service Pack 1 (SP1) or earlier.
  • Exchange 2003 doesn't have resource mailboxes. Instead, you must use shared mailboxes to represent resources. If you move a shared mailbox from Exchange 2003 to Exchange 2010, the move request creates the mailbox as a shared Exchange 2010 mailbox. After you move the mailbox to Exchange 2010, you can convert it to a resource mailbox. For more information, see Convert a Mailbox.

2 comments:

  1. My brother likes to play with my notebook and was the day when he accidentally broke my computer. I started thinking of the decision for this issue. And came to the conclusion that my friend advised me the best. This utility is good determination for such question also - recover data for ms exchange ost.

    ReplyDelete
  2. Excellent write up! In my limited experience, however, I’ve found out that to Convert edb to pst - EdbMails is the best option as it can handle most exchange recovery tasks gracefully. It supports export of mailboxes to PSTs and also has an extensive range of filtering options. It is a forensic recovery that can extract most data from even corrupt or inaccessible exchange databases.It supports public, private folder recovery along with migration to Live exchange and Office 365. Archive mailbox migration is also supported by edbmails

    ReplyDelete