Transitioning an Exchange 03 to Exch 2010 in one day...

I am in the process of transitioning from Exchange 2003 to 2010 and we have a relatively simple setup: single Exchange 03 server w/ split DNS and low number of users (less than 50).  I have completed all of the preliminary requirements for the AD & Exchange Org and have the new Exchange 2010 server installed in the CAS role (in the existing Exchange Org).  Everything seems to be working with no problems and I have been following the transition instructions.

I would like to transition to the new server quickly and move all of the mailboxes (at one sitting) and would also like to re-use the existing certificate on our old Exchange 03 server for our Outlook Anywhere clients.  Does any one have any experience, instructions or recommendations for doing a quick migration without using a new cert on the new server?  Is it as simple as exporting from the old IIS server and importing on the new server (using the cert IIS wizard)?

How much of the old Exchange 03 server do I need to decommision in order to get the email flowing properly to the new server (SMTP and RPC over HTTPS) after the users are migrated?  Is it simply a matter of reconfiguring our firewall (non-ISA) to point to our new email server for SMTP traffic to work?  Can I migrate one user and test the setup without causing harm to the Exchange Org mail flow (put SMTP Send and Recieve connectors on the new server and have the old SMTP connector running at the same time)?

Do the Outlook Anywhere workstations automatically update the server name when they connect the first time (like normal RPC Outlook connections) or do we have to manually change them to connect to the new Exchange server?

Since we have the split DNS, do I also need to update the host file on the new Exchange server with the external Domain on it to resolve back to itself for the RPC over HTTPS to work?


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andres PeralesCommented:
I would use the mmc, add the certificates snap-in for the computer account and export your certificate that way.  Once you have it then import it to IIS 7.
You should not have to change your external DNS, just point the mail ports to the new exchange server.  Your external clients should be using the fqdn anyway so that will not break them.  Once you make your changes to the firewall...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
please read carefully this 4 parts tutorial as it drives you from A to Z through what you want to accomplish.

It is for exchange 2007 but the same holds true for exchange 2010
e-Tec_SupportAuthor Commented:
Thanks for the info, I think I have the process down now if I decide to move the certificate.

However, if I decide to create a new certficate with the same public name as my old certificate for the new Exchange 2010 server (as Microsoft strongly recommends). what happens to my Outlook Anywhere clients that still have the old certificate (with the same public name)?  Do they continue to work or do I need to email new certificates to them before actually making the final switch to the new server (changing the port forwarding and moving the mailboxes)?

My Outlook Anywhere clients are XP Pro SP2/3 workstations with Office 2003 SP2/3.  They are non-Domain workstations so we had to manually import the root and server certs on each machine.

Thanks again!

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

the root ca doesn't have to change so you will not have to do anything at the client level.

You need to understand that during coexistance both the 2010 and the 2003 should be internet facing so you should pickup another name and create another certificate for you  2003 mailboxes

please read this series of articles I wrote for more info
e-Tec_SupportAuthor Commented:
Thanks for the post however I am not so worried about OWA as RPC over HTTPS (Outlook Anywhere).

And, if I am interpreting what you are saying correctly, I will have to send out the new certificate to my Outlook Anywhere (RPC over HTTPS) clients before making the switch over to the new Exchange Server, otherwise they will stop working, correct?
rpc over http will still work if both certificates are issued from the same CA there is no need to send anything to your clients
e-Tec_SupportAuthor Commented:
That is good news and I appreciate the information.  We are planning to finish the migration tomorrow evening and we'll see how it goes and I will report back then.

Thanks again.

if you need help update this thread
e-Tec_SupportAuthor Commented:
Looks like the certificate issue was less of a problem than I had anticipated.  I went ahead and created a new certificate for the new server (with same public & common name as the old one) and installed it on the server with no problem.

I do have some issues with Outlook 2003 SP2 RPC clients now, however that is probably a new question for the experts.  Thanks for your help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.