Migrating users from Exchange 2007 (on 2003 Domain) to new 2008 Forest and Exch 2010 Server

Posted on 2011-10-25
Last Modified: 2012-06-04
My company is in the process of planning an Active Directory redesign and migration from a native 2003 forest to a 2008 forest.  Currently we have two forests, one for our HQ office and one for our collocated datacenter (don't ask me why, it was here when I signed on).  What they want to do is put our HQ and Collocation AD under a single 2008 forest with the two sites being child domains of the root.  The planned design would look like this:

                                      /  \
Persistent VPN -->   /      \
                                   /          \
         (Child Domain)               (Child Domain)

Our current AD Looks like this (neither forests have site trusts):  -------
  (Separate Forest)      ^       (Separate Forest)    
                      (Connected via VPN )

My main task is to migrate the user mailboxes to Exchange 2010 that could either reside in the child domain or sit in the Root (  I would like to know the pro's and cons of having Exchange in the Root domain and linking them to accounts in the trusted child domain.  Our Root and domain DCs and infrastructure are hosted in a much more robust location with replicating SANs and redundant network infrastructure, so that is why I would like to put the vital parts of our Exchange 2010 (Mailbox, CAS, Edge Transport) there rather than at our HQ location.  Disaster recovery would be much easier if the critical infrastructure was placed there.

The proposed plan entails migrating all HQ users from the old domain to the new child domain. I've been trying to find a best practices guide to this specific example but am having problems finding one that fits our end-scenario.  Any advice from the guru's of AD and Exchange would be of great help.
Question by:xtheory79
    LVL 5

    Expert Comment

    can you please state your questions clearly as from what i've understand, you need a full design for your new infrastructure plus the pros and cons of having exchange in the root domain.
    LVL 18

    Expert Comment

    with exchange 2007 and 2010 you can do cross forest migrations

    I wouldn't put the exchange org in the root domain - try and keep that as clear as possible
    Are you keeping the same email addresses?

    Author Comment

    Revised question:  What is the best way of migrating from Exchange 2007 to Exchange 2010 in a new forest?  The forest itself will also be migrated from an old 2003 AD to a new 2008 AD domain.  The name of the new forest will be different from any of the ones.  Email addresses will remain the same.  I'd like to place Exchange in the root domain for redundancy and disaster recovery reasons, but would like to know what the pro's and cons are of having it run on the root.  

    One caveat I have read was to not run the ADMT tool to migrate users before making the mailbox Move-Request to migrate the mailboxes to the new domain.  
    LVL 18

    Accepted Solution

    its supported to have exchange in a separate domain - if you look up exchange 2010 resource forest
    THe theory is the same but should be less effort

    You should be able to share the same name space by making the domain non-authoritative on both servers and pointed them at each other so that you can bounce the mail between them

    Author Comment


    Our plan is to migrate all users and Exchange mailboxes to a new forest.  Although I know it's possible to make one of the child domains a Resource Forest, I would like one Exchange server and all of it's server roles located in a single domain for DR and management reasons.  It's not necessary in my company to isolate mailbox stores or bounce mail between the child domains.

    You mentioned that you would want to keep your root domain clear.  Although Exchange would be the only other service running within that domain, is there any substantial reasons as to why you would not want to run Exchange in the root, such as for security, replication issues, etc?
    LVL 18

    Expert Comment

    just following guide lines - security mainly, delegation of control to limit Admin access to change things but then my work is security conscious MS recommendations. That way if you do things that alter a domain you will still have the route domain clean.

    the bouncing mail was for the migration, if you migrate over several days/weeks then you will need that to ensure you mail still flows.

    One further thought why bother doing any proper migration export and import the mailboxes via PST's or something that way you can save taking any crap over.


    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    Create high volume marketing opportunities using email signatures with these top 10 DOs and DON'Ts of email signature marketing.
    We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
    In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    25 Experts available now in Live!

    Get 1:1 Help Now