Solved

Migrating/Rebuilding Exchange 2007 from Win 2K3 to Win2K8 in a new VM

Posted on 2011-09-15
6
207 Views
Last Modified: 2012-06-21
Hi guys,

Our current Exchange server has multiple issues and I've come to the conclusion that rebuilding the Exchange server is probably the most reliable fix.
At the same time, I'll be upgrading the server from 2003 to 2008.

What I'd like to do is properly configure the Exchange Server to have the Web Front end in a DMZ but lock the datastore away from public eyes, at the moment the whole exchange server may be vulnerable as it's all the one server. What is involved here too?

I'd also like to set up multiple datastores, as we currently have it all configured in one which is about 400GB at the moment.
Is it worth maintaining the current Exchange server, but designating it as a backup? Does this mean emails are duplicated and effectively doubling storage requirements (this isn't an option, space at this point in time is limited)

The server is a VM.

Anything else I need to consider? Points will be split over most helpful answers.

0
Comment
Question by:Tim Palmer
  • 4
  • 2
6 Comments
 
LVL 3

Expert Comment

by:Antknee869
ID: 36546893
In terms of installing Exchange, you can just install a server with the mailbox role and another with the CAS & HUB role (or all roles on one server for that matter).
It is not recommended to put the CAS (front end server) DMZ. It needs to be a member of the AD domain.
You could put another server with the Edge role on it in the DMZ but this is usually overkill for a smaller company. If you were going to put something in the DMZ I would suggest a TMG server.
After the servers are set up you essentially move over all the mailboxes and some other features and you can decommission the old Exchange server.
You will lose single instance storage when you move the mailboxes. FYI, Exchange 2010 does away with SIS, so you will need to plan for that anyway.
Honestly before you go to all that trouble, I would get the storage situation corrected.
I just gave you a rough outline. This is a big topic and will require many steps.
0
 
LVL 3

Author Comment

by:Tim Palmer
ID: 36546901
Thanks for the guideline, we'll be sticking with Exchange 2007.

Are there security risks involved with allowing HTTP traffic to our Exchange server?
What is a TMG server anyway, this isn't something I'm familiar with.
0
 
LVL 3

Expert Comment

by:Antknee869
ID: 36546949
Well, your firewall would be set up to allow only HTTPS traffic to your internal Exchange servers. You would need to purchase a certificate from an external vendor - Verisign, Entrust, etc.
TMG is Microsoft's Threat Management Gateway. It is a firewall/proxy server that works very well with Exchange and it's various feature such as ActiveSync and Outlook Anywhere. If you are just using OWA, you can create a rule in your firewall passing HTTPS (443) to you're internal CAS server and you will be good to go.
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 
LVL 3

Author Comment

by:Tim Palmer
ID: 36571206
We've got certificates from Thwate, so thats covered. I'm still tossing up whether rebuilding or repairing is the best way to go.

Basic plan of attack is install E2007 on W2008, migrate a few test users and see how we go.
Create 3 datastores (our main datastore is 190GB and apparently thats well above best practice)
As for the DMZ part of things... we'll see how we go from there.
0
 
LVL 3

Accepted Solution

by:
Tim Palmer earned 0 total points
ID: 37311835
Wow, sorry this one wasn't closed sooner, I've been away.

I decided not to rebuild exchange.
0
 
LVL 3

Author Closing Comment

by:Tim Palmer
ID: 37333712
No longer relevant
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now