Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 541
  • Last Modified:

Transition from Exchange 2007 to Exchange 2010

I have CCR Exch2k7 ( 2 mailboxed , 2 CAS HT Servers)
I installed exch2k10 (2 CAS & HT Servers with CAS array , MailBox Servers )
I created legacy record
 my concern

I need to have coexisting period and move users  as i have 1000 users.

how  i move MAPI users( they are using outlook 2010) , they still using exch2k7 clusterVirtualname ?? also I will need to do anychanges on users PCs ?

I'm using self service Certifcate on Exch2k7, Exch2k10 created automatically certifcate
I need to copy certifactes ?? between 2k7 and 2k10  and if i need , how ?


0
Ehab_Nassar
Asked:
Ehab_Nassar
  • 5
  • 3
4 Solutions
 
pvernocchiCommented:
Hi Ehab,

You don't need to change anything in the client side. Just move mailboxes from Exchange 2007 to 2010 and clients are reconfigured automatically.

If you are using self signed certs, then you can still use self signed certs in Ex 2010. You'll probably want to create a Certificate authority so you can have more control over certs and certs trusts.
0
 
Ehab_NassarAuthor Commented:
I think the outlookanywhere in outlook in some users who has laptop will ask for new certifcate

but still the old Databases Read the old Cluster name as default CAS server

Shal I move users in new database or I run command to change the default CAS for 2007 Databases ??
0
 
Ehab_NassarAuthor Commented:
Also I need to Create DAG first ,or move users and after that create DAG ?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
Ehab_NassarAuthor Commented:
I moved someusers already, But I have issue now that all users  while they open their outlook in work, they receive certificate message ( my SSL is self certificate ) but how it comes to outlook users ( MAPI users ???????????????
0
 
pvernocchiCommented:
Ehab,

MAPI users still need certificates for Autodiscover and Exchange Web Services (free busy and OAB for example).
0
 
Ehab_NassarAuthor Commented:
I have  CAS array, but each CAS server  has his own certificate is it correct like this or this part of the problem ?
0
 
pvernocchiCommented:
You'll probably have to create a new one and install it in both servers. This new cert hast to have the internal urls for EWS, Autodiscover and OAB, OWA, ECP, ActiveSync. (you can configure all of them to whatever you want, and if you have an array you want them to point to the balanced FQDN of the array).

If you publish Exchange with ISA, then the ISA has to have a cert with the External URLs for those services.

Then you have to configure those certs as trusted for all the clients in your network.
0
 
JuusoConnectaCommented:
MAPI users still need certificates for Autodiscover and Exchange Web Services (free busy and OAB for example).

No users need certificates. If you have created your own certificate it should be issued from your own (internal) certificate authority.

The Certificates authoritys certificate needs to be added to all the client computers computer account certificates store to avoide certificate warnings. Personally Im advising you to get a SSL certificate from a third party, like verisign or godaddy.


You can use one single certificate on all computers but you will need the following names:
webmail.yourdomain.com (the external web name)
autodiscover.yourdomain.com
legacy.yourdomain.com
internalfqdn of all of your exchange servers
casarray.yourinternaldomainname.com (this only if you will load balance cas / hub transport servers)

0
 
Ehab_NassarAuthor Commented:
I did self certifcate from local certificate server ,
 I will need to import this certificate to Exchange 2007 CAS Servers ??
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now