Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Transition from Exchange 2007 to Exchange 2010

Posted on 2010-11-20
9
Medium Priority
?
539 Views
Last Modified: 2012-05-10
I have CCR Exch2k7 ( 2 mailboxed , 2 CAS HT Servers)
I installed exch2k10 (2 CAS & HT Servers with CAS array , MailBox Servers )
I created legacy record
 my concern

I need to have coexisting period and move users  as i have 1000 users.

how  i move MAPI users( they are using outlook 2010) , they still using exch2k7 clusterVirtualname ?? also I will need to do anychanges on users PCs ?

I'm using self service Certifcate on Exch2k7, Exch2k10 created automatically certifcate
I need to copy certifactes ?? between 2k7 and 2k10  and if i need , how ?


0
Comment
Question by:Ehab_Nassar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 2

Assisted Solution

by:pvernocchi
pvernocchi earned 1200 total points
ID: 34180874
Hi Ehab,

You don't need to change anything in the client side. Just move mailboxes from Exchange 2007 to 2010 and clients are reconfigured automatically.

If you are using self signed certs, then you can still use self signed certs in Ex 2010. You'll probably want to create a Certificate authority so you can have more control over certs and certs trusts.
0
 

Author Comment

by:Ehab_Nassar
ID: 34181009
I think the outlookanywhere in outlook in some users who has laptop will ask for new certifcate

but still the old Databases Read the old Cluster name as default CAS server

Shal I move users in new database or I run command to change the default CAS for 2007 Databases ??
0
 

Author Comment

by:Ehab_Nassar
ID: 34181028
Also I need to Create DAG first ,or move users and after that create DAG ?
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 

Author Comment

by:Ehab_Nassar
ID: 34182093
I moved someusers already, But I have issue now that all users  while they open their outlook in work, they receive certificate message ( my SSL is self certificate ) but how it comes to outlook users ( MAPI users ???????????????
0
 
LVL 2

Assisted Solution

by:pvernocchi
pvernocchi earned 1200 total points
ID: 34182806
Ehab,

MAPI users still need certificates for Autodiscover and Exchange Web Services (free busy and OAB for example).
0
 

Author Comment

by:Ehab_Nassar
ID: 34186864
I have  CAS array, but each CAS server  has his own certificate is it correct like this or this part of the problem ?
0
 
LVL 2

Assisted Solution

by:pvernocchi
pvernocchi earned 1200 total points
ID: 34187242
You'll probably have to create a new one and install it in both servers. This new cert hast to have the internal urls for EWS, Autodiscover and OAB, OWA, ECP, ActiveSync. (you can configure all of them to whatever you want, and if you have an array you want them to point to the balanced FQDN of the array).

If you publish Exchange with ISA, then the ISA has to have a cert with the External URLs for those services.

Then you have to configure those certs as trusted for all the clients in your network.
0
 
LVL 11

Accepted Solution

by:
JuusoConnecta earned 800 total points
ID: 34188324
MAPI users still need certificates for Autodiscover and Exchange Web Services (free busy and OAB for example).

No users need certificates. If you have created your own certificate it should be issued from your own (internal) certificate authority.

The Certificates authoritys certificate needs to be added to all the client computers computer account certificates store to avoide certificate warnings. Personally Im advising you to get a SSL certificate from a third party, like verisign or godaddy.


You can use one single certificate on all computers but you will need the following names:
webmail.yourdomain.com (the external web name)
autodiscover.yourdomain.com
legacy.yourdomain.com
internalfqdn of all of your exchange servers
casarray.yourinternaldomainname.com (this only if you will load balance cas / hub transport servers)

0
 

Author Comment

by:Ehab_Nassar
ID: 34191910
I did self certifcate from local certificate server ,
 I will need to import this certificate to Exchange 2007 CAS Servers ??
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question