Janibek
asked on
Moving Exchange 2007 to new hardware
Hi guys,
I'm pretty new to administrating. I have a server which serves as our domain controller and mail-server (exchange 2007 version 08.01.0240.006). The OS is windows 2003 standard. The server usage is pretty high with all that stuff. That is why i need to move exchange 2007 to a brand new hardware which is running under windows 2008 R2 standard.
I'm really concerned about networking issues (MX-, PTR- records, etc.). The current server has two network connections: 1st for the internal (LAN) connection, 2nd -- for the external. Also, note that internet-connection is routed via another server which has ISA 2006 installed. Internet-server is the main gateway in our LAN for all user computers, and the mail-server has its own main gateway which is identical to internet-server's main gateway.
Could you please guide me through this task?
Many thanks and please let me know if you have any questions!
I'm pretty new to administrating. I have a server which serves as our domain controller and mail-server (exchange 2007 version 08.01.0240.006). The OS is windows 2003 standard. The server usage is pretty high with all that stuff. That is why i need to move exchange 2007 to a brand new hardware which is running under windows 2008 R2 standard.
I'm really concerned about networking issues (MX-, PTR- records, etc.). The current server has two network connections: 1st for the internal (LAN) connection, 2nd -- for the external. Also, note that internet-connection is routed via another server which has ISA 2006 installed. Internet-server is the main gateway in our LAN for all user computers, and the mail-server has its own main gateway which is identical to internet-server's main gateway.
Could you please guide me through this task?
Many thanks and please let me know if you have any questions!
ASKER
Thank's a lot guys, for the help! I've read the links and your responces.
After considering everything, i'm guessing it would be easier to just move the domain controller (note that currently, on the server there is DC and exchange 2007) instead of moving exchange 2007.
R--R's link says, "Rename the new server to the same name as the original server that you are replacing, and then join this computer to the domain.". So, that's probably not feasible, because, due to the DC role, the old server will still have to be running under the same name.
So what do you think, guys. Would it be easier to move the DC role to 2008 R2 Standard from 2003 Standard, and reconfigure exchange 2007 to understand that AD has been moved to another server? Another advantage of having DC on 2008 R2 is that it gives you more functionality in administrating user PCs as opposed to 2003.
Thanks in advance, guys!
After considering everything, i'm guessing it would be easier to just move the domain controller (note that currently, on the server there is DC and exchange 2007) instead of moving exchange 2007.
R--R's link says, "Rename the new server to the same name as the original server that you are replacing, and then join this computer to the domain.". So, that's probably not feasible, because, due to the DC role, the old server will still have to be running under the same name.
So what do you think, guys. Would it be easier to move the DC role to 2008 R2 Standard from 2003 Standard, and reconfigure exchange 2007 to understand that AD has been moved to another server? Another advantage of having DC on 2008 R2 is that it gives you more functionality in administrating user PCs as opposed to 2003.
Thanks in advance, guys!
In some ways it'd be easier to just throw in a new DC but something of a waste of hardware if the server is even vaguely new.
Really, that link from R-R is only useful if you want to move Exchange and keep the same name - I'd suggest you don't want/need to do that but rather introduce a new server on new hardware and migrate everything across to it.
The old server could then be reused as a DC.
Also you may wish to investigate Hyper-V. If you buy an Enterprise license and have the new server as only a Hyper-V host (by which, MS mean no other services such as DNS, DHCP etc) that same Enterprise license then allows you to run 4 x Enterprise or Standard virtual servers on that one host.
You could have a virtual DC, Virtual Exchange, and a physical DC and still have capacity for two more virtual machines as and when required.
Really, that link from R-R is only useful if you want to move Exchange and keep the same name - I'd suggest you don't want/need to do that but rather introduce a new server on new hardware and migrate everything across to it.
The old server could then be reused as a DC.
Also you may wish to investigate Hyper-V. If you buy an Enterprise license and have the new server as only a Hyper-V host (by which, MS mean no other services such as DNS, DHCP etc) that same Enterprise license then allows you to run 4 x Enterprise or Standard virtual servers on that one host.
You could have a virtual DC, Virtual Exchange, and a physical DC and still have capacity for two more virtual machines as and when required.
ASKER
Thanks, Tony1044.
Alright, then I need to set the role of the NEW server as the PDC. I probably need to reset 2003 server as a BDC. Also, another old server which is the internet-server must be demoted from BDC to just an internet-server.
Could you guide me through the steps that must be taken in order to properly reconfigure Exchange 2007? Let me remind that currently I have 3 servers:
1) Current PDC and Exchange 207 server with OS Windows Server 2003 Standard, has it's own separate external IP
2) ISA 2006 with OS Windows Server 2003 Standard, has it's own separate external IP
3) Brand new server with no roles assigned, running OS Windows Server 2008 R2 Standard (currently as a 180-day trial, but it will be licensed shortly), connected locally and has no external IP.
If you guys need any additional info, please let me know and i will provided it. Many thanks!
Alright, then I need to set the role of the NEW server as the PDC. I probably need to reset 2003 server as a BDC. Also, another old server which is the internet-server must be demoted from BDC to just an internet-server.
Could you guide me through the steps that must be taken in order to properly reconfigure Exchange 2007? Let me remind that currently I have 3 servers:
1) Current PDC and Exchange 207 server with OS Windows Server 2003 Standard, has it's own separate external IP
2) ISA 2006 with OS Windows Server 2003 Standard, has it's own separate external IP
3) Brand new server with no roles assigned, running OS Windows Server 2008 R2 Standard (currently as a 180-day trial, but it will be licensed shortly), connected locally and has no external IP.
If you guys need any additional info, please let me know and i will provided it. Many thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Dang, that's quite an informative reply!
Yes, indeed I have OWA and shared folders setup on exchange 2007. What about the external network connection? If I move Exchange 2007, as you suggest, the new server should probably be directly connected to an external IP?
Many thanks! What if I just move the DC from 2003 to 2008 and reconfigure Exchange on the old server accordingly? If I go that way, do I avoid all the hassle with firewalls, certificates, and exchange migration process?
Sorry if i'm switching back and forth, I'm just trying to find the easiest way to balance the load. Your help is really appreciated.
Yes, indeed I have OWA and shared folders setup on exchange 2007. What about the external network connection? If I move Exchange 2007, as you suggest, the new server should probably be directly connected to an external IP?
Many thanks! What if I just move the DC from 2003 to 2008 and reconfigure Exchange on the old server accordingly? If I go that way, do I avoid all the hassle with firewalls, certificates, and exchange migration process?
Sorry if i'm switching back and forth, I'm just trying to find the easiest way to balance the load. Your help is really appreciated.
So your external IP information doesn't change.
The MX record in external DNS will point to an IP address that is usually an internet-facing port on a firewall. This won't usually change unless you do something like change ISP/move buildings etc.
You would then have to repoint the rule.
Outbound - most firewalls I see don't do any kind of rule for outbound SMTP so it'd just go as normal.
If you wanted to move to just a Windows 2008 R2 domain controller then it definately removes a lot of the reconfiguration for sure.
But...if you were doing that, I'd still recommend Hyper-V or one of the free VMware or Xen hypervisors. A DC on a brand new server will be lucky to use 2% of its resources (I'm making assumptions on the size of your environment, but I'm guessing it's not a big one).
Remember that if you go down the virtualisation route, there are lots of benefits, notwithstanding a single Enterprise license for Windows Server 2008 R2 allows you to have a physical host with 4 licenses within it.
So - let's say you install hyper-v (and the same is true for VMware or Xen) you could use a single license to run 4 virtual servers. That's a considerable saving.
The one caveat here is if it's hyper-v that is the host, as I said before, it _must not_ host any services beyond hyper-v. If it does, scratch one of your virtual licenses as one will be taken by the host.
If you have a standard license you can install hyper-v and one single virtual machine on the same license.
There's a nice explanation here:
http://msmvps.com/blogs/virtualreality/archive/2009/04/01/hyper-v-licensing-explained.aspx
To summarise, I'd suggest if you are going down the 'simpler' new DC route that you do so in a virtual environment because otherwise you're burning a lot of server resources that could be better utilised (and here's a thing...you could even do a P2V [physical to virtual] migration of your existing Exchange server*) onto the new virtual environment.
*If you decided to do this, I would generally recommend that (a) the server is not a domain controller during the migration and (b) has all of the Exchange services stopped and disabled for the duration of the migration.
The MX record in external DNS will point to an IP address that is usually an internet-facing port on a firewall. This won't usually change unless you do something like change ISP/move buildings etc.
You would then have to repoint the rule.
Outbound - most firewalls I see don't do any kind of rule for outbound SMTP so it'd just go as normal.
If you wanted to move to just a Windows 2008 R2 domain controller then it definately removes a lot of the reconfiguration for sure.
But...if you were doing that, I'd still recommend Hyper-V or one of the free VMware or Xen hypervisors. A DC on a brand new server will be lucky to use 2% of its resources (I'm making assumptions on the size of your environment, but I'm guessing it's not a big one).
Remember that if you go down the virtualisation route, there are lots of benefits, notwithstanding a single Enterprise license for Windows Server 2008 R2 allows you to have a physical host with 4 licenses within it.
So - let's say you install hyper-v (and the same is true for VMware or Xen) you could use a single license to run 4 virtual servers. That's a considerable saving.
The one caveat here is if it's hyper-v that is the host, as I said before, it _must not_ host any services beyond hyper-v. If it does, scratch one of your virtual licenses as one will be taken by the host.
If you have a standard license you can install hyper-v and one single virtual machine on the same license.
There's a nice explanation here:
http://msmvps.com/blogs/virtualreality/archive/2009/04/01/hyper-v-licensing-explained.aspx
To summarise, I'd suggest if you are going down the 'simpler' new DC route that you do so in a virtual environment because otherwise you're burning a lot of server resources that could be better utilised (and here's a thing...you could even do a P2V [physical to virtual] migration of your existing Exchange server*) onto the new virtual environment.
*If you decided to do this, I would generally recommend that (a) the server is not a domain controller during the migration and (b) has all of the Exchange services stopped and disabled for the duration of the migration.
ASKER
Thanks a lot, Tony1044 and R--R! I'm not done with this question, that is why i'm not closing the thread yet. I'm sorry for being silent and keeping it frozen for a little while, i've just been busy these days on my work. But i'll try to implement everything you wrote here asap. Your help is appreciated!
Hi Janibek,
No worries - there's no rush closing a question off if you think you might have other things to ask. Good luck going forwards with your migration :)
No worries - there's no rush closing a question off if you think you might have other things to ask. Good luck going forwards with your migration :)
ASKER
Thanks for the efforts and broad answers!
Glad to have helped. Thank you for the points.
I'm not sure offhand why your current Exchange server has two NIC's in that configuration.
The simple steps though would be as follows:
Install Windows 2008 R2 onto the new server.
Patch etc.
Add it to the existing domain.
Prepare the Active Directory legacy permissions by running the following from the Exchange 2007 CD:
Setup.com /PrepareLegacyExchangePerm
Extend the existing Active Directory schema by running the following from the Exchange CD:
Setup.com /PrepareSchema
and
Setup.com /PrepareAD
Install Exchange 2007.
It's pretty smart and will realise there is an existing infrastructure. To that end, it will create the necessary interoperability connectors to and from Exchange 2003.
Once that's done, follow http://msexchangeteam.com/archive/2006/11/17/431555.aspx to allow it to send/receive mail from the internet.
Next you can migrate mailboxes and public folders (plenty of docs online on this).
Change your firewall to point SMTP (TCP port 25) to the new Exchange server.
In a nutshell, that's about it.
Why not bite the bullet though, and go 2010? Almost identical steps.
Some caveats - you AD needs to be at 2003 SP1 level or above. It's not advisable to have Exchange installed on a DC if you can possibly avoid it, and I'd recommend running a few tests to make sure your DNS etc is fully operational.
If you download and run the Exchange Best Practices Analyser, there is a readiness check section.