How do I separate then upgrade an exchange & windows domain controller server 2003 that have been coexisting?

Posted on 2012-09-10
Last Modified: 2012-10-03
How do I separate then upgrade an exchange server & domain controller that have been coexisting? I have an exchange server 2003 coexisting with the only domain controller (I know not a good idea but I inherited it that way).  The domain controller is of course managing AD/DNS/DHCP, but the users are not logging into the domain they just have accounts created in order to have email accounts from the domain. Recently purchased windows server 2008 R2 & Exchange 2010 neither provide the upgrade option so 1st:
I need to separate our exchange 2003 server from the domain controller that is coexisting on a physical server. Only problem(s) is that:
•      200 users are using outlook with the connection settings RPC over http to the email server.
•      Our public dns MX records points to for our email server.
•      The domain controller is called
•      The exchange server is housed on the DC it is also called
What will be the hurdles & pitfalls for the following?:
•      Created a vm w/server 2008 R2 that I want to promote to a DC then transfer all roles to it from the existing DC.
•      Cloned the previously mentioned VM so I can install Exchange 2010 on it then transfer the existing email accounts and emerged PST’s.
Question by:ID10Tz
    LVL 95

    Accepted Solution

    Working backwards, when you cloned the new VM, it was a Volume License install and you DID sysprep it, correct?  If not you're violating licenses (only Volume Licenses can be cloned or using the correct technical term, imaged). And Sysprep is REQUIRED or your could have serious problems with the servers.  

    You exported the PSTs already?  You SHOULD be joining the 2010 Exchange server to the organization and then just migrating mailboxes. (One place to start -

    Assuming you're using the correct versions, then 2008 R2 is fine.  You need to run ADPREP on the existing server to update the schema to allow you to add the 2008 R2 DC.

    Basically, to demote the 2003 server, you need to remove Exchange.  This means first migrating to Exchange 2010.  Once your users are all on 2010, you'd remove 2003 from the DC.  Once removed, you can demote the 2003 DC.

    If this forces you to change your public IP you can... otherwise you can change your port forwarding rules and just send mail to the IP of the new Exchange 2010 system.  Alternatively, if you have to public IPs, you can always set port forwarding for the second to point to the 2010 system while the original stays pointed at the 2003 system and just add another MX record with a higher weight so that the correct exchange server is reported as the "primary" and if/when the other server comes down, as far as the internet is concerned, you still have a mail server (though I believe you'll need to adjust connector settings here).
    LVL 41

    Expert Comment

    Follow this:

    Plan A
    Install one new ADC and one new Exchange 2003 server.
    Move FSMO, DHCP to new ADC
    Move Mailboxes to new Exchange server
    Decom Exchange from old DC.

    Plan B
    Install one new ADC and one new Exchange 2010 server.
    Move FSMO, DHCP to new ADC
    Move Mailboxes to new Exchange 2010 server
    Decom Exchange from old DC.

    If I need to follow, Plan B is best.

    Note: You need lot of planning for all this.
    LVL 63

    Expert Comment

    by:Simon Butler (Sembee)
    There is nothing to cause concern in your post.
    What version of Outlook are you using? If Outlook 2007 and higher, then autodiscover will help with a lot of the client configuration. If Outlook 2003 then you will have to tolerate some DNS inconsistencies for a while.

    You need to remember that you remove Exchange from a DC, not DC from Exchange.
    Personally I would look to decommission the current Exchange server from everything, DC and Exchange.

    What I don't understand is why there are PST files involved at all. If this is the same domain that step is a waste of time and completely unnecessary. Either all of the facts are not here, or you don't fully understand the migration process.

    So if it was me with Outlook 2003.
    1. Build new domain controller.
    2. Build Exchange 2010, with RPC CAS Array, SSL certificate etc, using new names for OWA, ActiveSync, Outlook Anywhere. Include the existing name as one of the names on the SSL certificate.
    3. Replicate the public folders, get new platform ready to go.
    4. Pick a weekend, and migrate all mailboxes to new server, and remove Exchange correctly using the guides from Microsoft and others.
    5. Once Exchange has gone, DCPROMO the box out, remove from the domain and shutdown. Then put the existing name as an additional DNS entry to the new server.

    With Outlook 2007 and higher, step 1 - 3 would be the same.
    I would be aiming to drop the existing name completely.

    LVL 1

    Author Comment

    leew: my apologies but yes its volumed licensed

    Featured Post

    Want to promote your upcoming event?

    Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

    Join & Write a Comment

    New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
    The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
    This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
    This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now