Improve company productivity with a Business Account.Sign Up


Moving Exchange 2007 to new hardware

Posted on 2010-11-22
Medium Priority
Last Modified: 2012-05-10
Hi guys,
I'm pretty new to administrating. I have a server which serves as our domain controller and  mail-server (exchange 2007 version 08.01.0240.006). The OS is windows 2003 standard. The server usage is pretty high with all that stuff. That is why i need to move exchange 2007 to a brand new hardware which is running under windows 2008 R2 standard.

I'm really concerned about networking issues (MX-, PTR- records, etc.). The current server has two network connections: 1st for the internal (LAN) connection, 2nd -- for the external. Also, note that internet-connection is routed via another server which has ISA 2006 installed. Internet-server is the main gateway in our LAN for all user computers, and the mail-server has its own main gateway which is identical to internet-server's main gateway.

Could you please guide me through this task?
Many thanks and please let me know if you have any questions!
Question by:Janibek
  • 6
  • 5
  • 2
LVL 26

Expert Comment

by:Tony J
ID: 34188486
Well the first thing to bear in mind is that you cannot do any kind of in place upgrade.

I'm not sure offhand why your current Exchange server has two NIC's in that configuration.

The simple steps though would be as follows:

Install Windows 2008 R2 onto the new server.

Patch etc.

Add it to the existing domain.

Prepare the Active Directory legacy permissions by running the following from the Exchange 2007 CD: /PrepareLegacyExchangePermissions

Extend the existing Active Directory schema by running the following from the Exchange CD: /PrepareSchema

and /PrepareAD

Install Exchange 2007.

It's pretty smart and will realise there is an existing infrastructure. To that end, it will create the necessary interoperability connectors to and from Exchange 2003.

Once that's done, follow to allow it to send/receive mail from the internet.

Next you can migrate mailboxes and public folders (plenty of docs online on this).

Change your firewall to point SMTP (TCP port 25) to the new Exchange server.

In a nutshell, that's about it.

Why not bite the bullet though, and go 2010? Almost identical steps.

Some caveats - you AD needs to be at 2003 SP1 level or above. It's not advisable to have Exchange installed on a DC if you can possibly avoid it, and I'd recommend running a few tests to make sure your DNS etc is fully operational.

If you download and run the Exchange Best Practices Analyser, there is a readiness check section.

LVL 19

Expert Comment

ID: 34189322
LVL 19

Expert Comment

ID: 34189340
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.


Author Comment

ID: 34193948
Thank's a lot guys, for the help! I've read the links and your responces.
After considering everything, i'm guessing it would be easier to just move the domain controller (note that currently, on the server there is DC and exchange 2007) instead of moving exchange 2007.
R--R's link says, "Rename the new server to the same name as the original server that you are replacing, and then join this computer to the domain.". So, that's probably not  feasible, because, due to the DC role, the old server will still have to be running under the same name.

So what do you think, guys. Would it be easier to move the DC role to 2008 R2 Standard from 2003 Standard, and reconfigure exchange 2007 to understand that AD has been moved to another server? Another advantage of having DC on 2008 R2 is that it gives you more functionality in administrating user PCs as opposed to 2003.

Thanks in advance, guys!
LVL 26

Expert Comment

by:Tony J
ID: 34194869
In some ways it'd be easier to just throw in a new DC but something of a waste of hardware if the server is even vaguely new.

Really, that link from R-R is only useful if you want to move Exchange and keep the same name - I'd suggest you don't want/need to do that but rather introduce a new server on new hardware and migrate everything across to it.

The old server could then be reused as a DC.

Also you may wish to investigate Hyper-V. If you buy an Enterprise license and have the new server as only a Hyper-V host (by which, MS mean no other services such as DNS, DHCP etc) that same Enterprise license then allows you to run 4 x Enterprise or Standard virtual servers on that one host.

You could have a virtual DC, Virtual Exchange, and a physical DC and still have capacity for two more virtual machines as and when required.

Author Comment

ID: 34195251
Thanks, Tony1044.

Alright, then I need to set the role of the NEW server as the PDC. I probably need to reset 2003 server as a BDC. Also, another old server which is the internet-server must be demoted from BDC to just an internet-server.

Could you guide me through the steps that must be taken in order to properly reconfigure Exchange 2007? Let me remind that currently I have 3 servers:
1) Current PDC and Exchange 207 server with OS Windows Server 2003 Standard, has it's own separate external IP
2) ISA 2006 with OS Windows Server 2003 Standard, has it's own separate external IP
3) Brand new server with no roles assigned, running OS Windows Server 2008 R2 Standard (currently as a 180-day trial, but it will be licensed shortly), connected locally and has no external IP.

If you guys need any additional info, please let me know and i will provided it. Many thanks!
LVL 26

Accepted Solution

Tony J earned 2000 total points
ID: 34195403
Ok - first off there are no PDC and BDC roles within Active Directory in the truest sense of the word, just role masters.

Daniel Petri describes the roles nicely here:

If your new physical server has the RAM & storage capacity, I'd still tend to consider wiping it and installing Hyper-V. I'm a big advocate of one server, one role to simplify troubleshooting and day to day management.

However, that choice of course is entirely yours and I'll assume we're sticking with a single new physical box.

The first thing is I would ensure that your existing domain controller is up to the latest patch and service pack levels. Your domain functional level should be fine since you already have Exchange 2007.

Also the same goes for your new Exchange server - make sure it has all the relevant MS patches and updates.

By the way - as a side note, if you are using Windows 2008 R2 you need to use Exchange 2007 SP3 for supportability and compatibility.

Install the prerequisite components for Exchange 2007 by running the following from an administrative command prompt:

ServerManagerCmd -i RSAT-ADDS

(Reboot required here)
ServerManagerCmd -i PowerShell

ServerManagerCmd -i Web-Server

ServerManagerCmd -i Web-ISAPI-Ext

ServerManagerCmd -i Web-Metabase

ServerManagerCmd -i Web-Lgcy-Mgmt-Console

ServerManagerCmd -i Web-Basic-Auth

ServerManagerCmd -i Web-Digest-Auth

ServerManagerCmd -i Web-Windows-Auth

ServerManagerCmd -i Web-Dyn-Compression

Once that is done, you should be able to do an install of Exchange 2007 (a default install should be sufficient).

Don't forget that as it's eventually going to be the only Exchange server you need to add the anonymous users group to the default receive connector (otherwise it'll reject email from the internet).

Everything else should get picked up from the existing Exchange server by the installation routine.

Next you have to consider the actual migration steps.

You need to create an internet facing send connector on the new server.

From the Exchange Management Shell, run the following command (all one line):

New-sendconnector -name "Internet Send Connector" -usage "Internet" --AddressSpaces 'smtp:*;1' -DNSRoutingEnabled $true -UseExternalDNSServersEnabled $false -SourceTransportServers 'new-exchange-server-name-goes-here'

Needless to say, you replace the 'new-exchange-server-name-goes-here' with the name of your new exchange server :)

You should have a receive connector and it should have your accepted domains already.

You can check that in the management console.

Change your firewall rule to point port 25 (SMTP) to the new server.

Now you can move a test mailbox and check that mail flows internally, outbound to the net and inbound. Also confirm mail flow works for everyone else.

Once you're happy you can migrate all the other mailboxes.

What I would do then is leave everything running for a couple of weeks - that way users will get automatically pointed to the new server when they connect outlook.

The final two stages for me would be to turn the old server off for a few days - does anything break? If not, it's safe to remove Exchange. Remember this is a once only piece of work - there's no going back so you need to be sure it all works (hence my turning it off for a bit).

The only thing to say is do you have public folders? You will need to rehome them. Also make sure things like free/busy and out of office all work (you really need a public UC certificate).

If you use OWA you need to update the firewall rules to take this into account too.

I think I've covered everything. Feel free to ask for more help.

Author Comment

ID: 34195588
Dang, that's quite an informative reply!
Yes, indeed I have OWA and shared folders setup on exchange 2007. What about the external network connection? If I move Exchange 2007, as you suggest, the new server should probably be directly connected to an external IP?

Many thanks! What if I just move the DC from 2003 to 2008 and reconfigure Exchange on the old server accordingly? If I go that way, do I avoid all the hassle with firewalls, certificates, and exchange migration process?

Sorry if i'm switching back and forth, I'm just trying to find the easiest way to balance the load. Your help is really appreciated.
LVL 26

Expert Comment

by:Tony J
ID: 34195653
So your external IP information doesn't change.

The MX record in external DNS will point to an IP address that is usually an internet-facing port on a firewall. This won't usually change unless you do something like change ISP/move buildings etc.

You would then have to repoint the rule.

Outbound - most firewalls I see don't do any kind of rule for outbound SMTP so it'd just go as normal.

If you wanted to move to just a Windows 2008 R2 domain controller then it definately removes a lot of the reconfiguration for sure.

But...if you were doing that, I'd still recommend Hyper-V or one of the free VMware or Xen hypervisors. A DC on a brand new server will be lucky to use 2% of its resources (I'm making assumptions on the size of your environment, but I'm guessing it's not a big one).

Remember that if you go down the virtualisation route, there are lots of benefits, notwithstanding a single Enterprise license for Windows Server 2008 R2 allows you to have a physical host with 4 licenses within it.

So - let's say you install hyper-v (and the same is true for VMware or Xen) you could use a single license to run 4 virtual servers. That's a considerable saving.

The one caveat here is if it's hyper-v that is the host, as I said before, it _must not_ host any services beyond hyper-v. If it does, scratch one of your virtual licenses as one will be taken by the host.

If you have a standard license you can install hyper-v and one single virtual machine on the same license.

There's a nice explanation here:

To summarise, I'd suggest if you are going down the 'simpler' new DC route that you do so in a virtual environment because otherwise you're burning a lot of server resources that could be better utilised (and here's a could even do a P2V [physical to virtual] migration of your existing Exchange server*) onto the new virtual environment.

*If you decided to do this, I would generally recommend that (a) the server is not a domain controller during the migration and (b) has all of the Exchange services stopped and disabled for the duration of the migration.

Author Comment

ID: 34290587
Thanks a lot, Tony1044 and R--R! I'm not done with this question, that is why i'm not closing the thread yet. I'm sorry for being silent and keeping it frozen for a little while, i've just been busy these days on my work. But i'll try to implement everything you wrote here asap. Your help is appreciated!
LVL 26

Expert Comment

by:Tony J
ID: 34290879
Hi Janibek,

No worries - there's no rush closing a question off if you think you might have other things to ask. Good luck going forwards with your migration :)

Author Closing Comment

ID: 34614005
Thanks for the efforts and broad answers!
LVL 26

Expert Comment

by:Tony J
ID: 34614942
Glad to have helped. Thank you for the points.

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In a Cross Forest, the steps to migrate users are quite complicated and even in the official articles of Technet there is no clear recommendation on which approach to take .. From an experience, I mention and simplify which way to go and how to use …
You can use the network upload option and the Office 365 Import service to bulk-import PST files to user mailboxes. Network upload means that you upload the PST files a temporary storage area in the Microsoft cloud.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…

584 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question