Solved

Migrating/Rebuilding Exchange 2007 from Win 2K3 to Win2K8 in a new VM

Posted on 2011-09-15
6
208 Views
Last Modified: 2012-06-21
Hi guys,

Our current Exchange server has multiple issues and I've come to the conclusion that rebuilding the Exchange server is probably the most reliable fix.
At the same time, I'll be upgrading the server from 2003 to 2008.

What I'd like to do is properly configure the Exchange Server to have the Web Front end in a DMZ but lock the datastore away from public eyes, at the moment the whole exchange server may be vulnerable as it's all the one server. What is involved here too?

I'd also like to set up multiple datastores, as we currently have it all configured in one which is about 400GB at the moment.
Is it worth maintaining the current Exchange server, but designating it as a backup? Does this mean emails are duplicated and effectively doubling storage requirements (this isn't an option, space at this point in time is limited)

The server is a VM.

Anything else I need to consider? Points will be split over most helpful answers.

0
Comment
Question by:Tim Palmer
  • 4
  • 2
6 Comments
 
LVL 3

Expert Comment

by:Antknee869
ID: 36546893
In terms of installing Exchange, you can just install a server with the mailbox role and another with the CAS & HUB role (or all roles on one server for that matter).
It is not recommended to put the CAS (front end server) DMZ. It needs to be a member of the AD domain.
You could put another server with the Edge role on it in the DMZ but this is usually overkill for a smaller company. If you were going to put something in the DMZ I would suggest a TMG server.
After the servers are set up you essentially move over all the mailboxes and some other features and you can decommission the old Exchange server.
You will lose single instance storage when you move the mailboxes. FYI, Exchange 2010 does away with SIS, so you will need to plan for that anyway.
Honestly before you go to all that trouble, I would get the storage situation corrected.
I just gave you a rough outline. This is a big topic and will require many steps.
0
 
LVL 3

Author Comment

by:Tim Palmer
ID: 36546901
Thanks for the guideline, we'll be sticking with Exchange 2007.

Are there security risks involved with allowing HTTP traffic to our Exchange server?
What is a TMG server anyway, this isn't something I'm familiar with.
0
 
LVL 3

Expert Comment

by:Antknee869
ID: 36546949
Well, your firewall would be set up to allow only HTTPS traffic to your internal Exchange servers. You would need to purchase a certificate from an external vendor - Verisign, Entrust, etc.
TMG is Microsoft's Threat Management Gateway. It is a firewall/proxy server that works very well with Exchange and it's various feature such as ActiveSync and Outlook Anywhere. If you are just using OWA, you can create a rule in your firewall passing HTTPS (443) to you're internal CAS server and you will be good to go.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 3

Author Comment

by:Tim Palmer
ID: 36571206
We've got certificates from Thwate, so thats covered. I'm still tossing up whether rebuilding or repairing is the best way to go.

Basic plan of attack is install E2007 on W2008, migrate a few test users and see how we go.
Create 3 datastores (our main datastore is 190GB and apparently thats well above best practice)
As for the DMZ part of things... we'll see how we go from there.
0
 
LVL 3

Accepted Solution

by:
Tim Palmer earned 0 total points
ID: 37311835
Wow, sorry this one wasn't closed sooner, I've been away.

I decided not to rebuild exchange.
0
 
LVL 3

Author Closing Comment

by:Tim Palmer
ID: 37333712
No longer relevant
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This video discusses moving either the default database or any database to a new volume.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question