Link to home
Start Free TrialLog in
Avatar of breichard
breichard

asked on

Add new Exchange 2003 server, Remove old Exchange 2003 server

Hi, I have a customer running Exchange 2003 Enterprise Edition [still] and the hardware it's running on is suspect.  I have installed Exchange 2003 on a beefy server that was just a file/print server before.  Both servers are running Windows Server 2003 Enterprise Edition.  Both servers are fully updated, including Exchange 2003 SP2 and updates after that.  I am not what you would call a particularly versed Exchange admin.

I have moved my test user over from the old server to the new server.  If I am logged on on a PC internally as the test user, I can load Outlook.  I can also load OWA in a browser by going to http://new-server/Exchange - on the internal PC.  However, if I am external and go to the link for OWA (goes to old server at the moment), I get prompted for logon info, then I get a "cannot load page" error in Internet Explorer.  How do I set this up so that the old server (or new) will host OWA for all users during transition?  It will take more than a night to move all mailboxes over, so I will need to support OWA with mailboxes on both servers for a time.

I found this link:
     http://support.microsoft.com/default.aspx?scid=kb;en-us;307917
so I feel pretty good about how to gracefully move over all necessary public folders and such prior to shut down the old server, after all mailboxes are moved over to the new server.

Also, as far as mail routing goes - do I need to do anything to make the new server accept Internet mail?  Or, when I have all the users moved and am ready to remove the old server, do I just change the firewall's port forwarding to point to the new server?

What about sending Internet mail?  Do I need to do anything to allow the new server to send out directly?

Thanks in advance for your help.  I would appreciate any help in making this a smooth transition from old server to new server.

Thanks,
Bob
Avatar of Malli Boppe
Malli Boppe
Flag of Australia image

You probably can use this a guide for the move.On your firewall/router you need to forward the SMTP (port 25) and https (port 443) and http traffic (port 80) to you old exchange server to the new server.

http://www.msexchange.org/tutorials/migrating-small-business-server-2003-exchange-standard-part2.html
SOLUTION
Avatar of tigermatt
tigermatt
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
The link given above talks about migrating SBS, which isn't in this case AFAIK.

Now, you are facing two issues to what i understand.

1) If you try to login to the webmail externally, you can get authentication - this means that the webmail / port 443 / exchange-AD sync works good.

However, when old Exchange needs to talk to the new Exchange - you don't get the data that you need - which it should work. Now, there are very few reasons that it shouldn't work.

You've either enabled FBA on old box and not on the second OR you've enabled certain authentication in IIS for /exchange on old box and this isn't matching the ones on new box.

Lastly, your new server isn't up to the same Exchange version/level that you're old box is at. In other words, second Exchange needs to be at the same level (or higher) of Service Pack / Roll up / Patch / hot fix level in order to work.

2) For mail flow, here are the steps that you need to do *after you are ready to decommission the old server*

Open ports 25 on firewall for new server to send/receive emails to/from.
Change SMTP Connector bridgehead server to change from old server to new
Change MX Record to point to new server on internet OR change firewall setting to send emails to new server and not the old server.

Regards,
Exchange_Geek
Avatar of breichard
breichard

ASKER

Thanks to all three of you.

mboppe, the steps listed in the article you provided are pretty much the same as the ones in the link that I had listed, so thanks for the confirmation.

Matt, after thinking about this, I believe I have enough users who don't use OWA that it won't be a problem.  I can move the non-OWA-using mailboxes ahead of time and then move the rest last and the port-forwarding to OWA all at once during one overnight.  Also, I don't know for sure the answer to your question about using an SMTP connector or DNS-based.  How do I tell?  I believe it's the latter, because the mail goes out from this server, not moved to another server to go out (and I believe the latter would be an SMTP connector...?).

Exchange_Geek, you were right about the FBA being enabled on the old server but not on the new.  I have enabled it on the new server, but that made me realize that SSL wasn't set up yet on the new server.  I am going through that process now (but this domain has private registration turned on, so the emails take FOREVER to get to me, so it will take a little while to get this finished).  Are you saying I don't need a front-end server like Matt said I do?  Remember, I only had one server before (serving all roles) and now have added a second.  With ports 25, 443, and 80 pointing to old server still, should I be able to do OWA for a mailbox on new server without use of a separate front-end server?  Either way, I'm not going to bring up a 3rd server just for a temp fix.  As I mentioned to Matt above, I'll just move the mailboxes which don't need OWA over first, then do the rest in a single weekend.  

Also, you said to do this:
   Change SMTP Connector bridgehead server to change from old server to new
How do I do that?  This sounds like a step for a multi-server environment.  Remember, I only had a single server before and I want to migrate to a single server again; just on the new server instead of the old.

Thanks again.
Bob
Remember Exchange always existed in a SBS format (single server format) - so, Exchange can function as-is even with a single server.

Now, the more money you have the more servers you can buy and the more fun you can have with it.

Having said that As I explained earlier compare the settings in IIS for both boxes and you'll find that once you have copied the setting from old box to the new box, all should be good to go.

You don't need a third box at all, Exchange is designed to send connections to multiple server irrespective of mailboxes being hosted on it or not.

Even if you move mailboxes to new server - if connections are received on old server, webmail / SMTP / Active sync all should work, as long as the IIS permissions are in-place (Rem: I've asked you to compare already)

Now, SMTP Connector is used to send emails from Exchange box to internet (you can find that under Routing Groups - Connections on your Exchange System Manager)

See screenshot below

User generated image
User generated image
Regards,
Exchange_Geek
Exchange_Geek,

>> Exchange is designed to send connections to multiple server irrespective of mailboxes being hosted on it or not
>> if connections are received on old server, webmail / SMTP / Active sync all should work

Sorry, but either you know something I don't, or that advice is not accurate.

An Exchange 2003 back-end will perform a simple redirection of an inbound OWA request to the proper back-end server, if it is determined that the server being connected to is not the one hosting the user's mailbox. That redirection usually goes to the internal server name, making it an impossibility for the internal redirection to work from outside the corporate firewall.

Both servers may be able to handle inbound SMTP transport traffic and queue for delivery to another machine, but OWA rendering takes place on the local box only. That is unless a front-end server is in place, which must be dedicated to proxying OWA requests and not hosting mailboxes or public folder stores. This is a similar paradigm to the one which is returning with Exchange 2013 now only having 2 server roles.

Bob, as was originally stated, unless you are able to spin up a third, temporary box specifically for doing OWA proxying as a front-end (which hardly seems worth it), users migrated will lose OWA access until you are able to update the port mapping to point to the new box rather than the old. Maybe that is something you do 50% of the way through, so that no fewer than 50% of your users will have OWA access throughout the procedure.

-Matt
Matt,

I read the post as stated, that what needs to be done to provide access to webmail.

What I've written is keeping in mind that migration would take days/weeks and until then let the environment be as-is. Old Exchange box will receive connections as-it was using in the past, it will redirect webmail / active sync connections to the new server. There isn't any change in configuration needed.

Changes for webmail / active sync / mail-flow should be performed ONLY when all the folks are migrated over to the new box.

Proxy would work internally between both Exchange boxes too - Matt, you've got doubts on this?

Regards,
Exchange_Geek
Thanks guys.  Once I have the SSL in place, I will let you know if it works for mailboxes on the new server using OWA through the old server.  

Exchange_Geek, about your screen shots above.  Is the first one the DNS-based situation that Matt described and the second one a connector?  We have no entries listed under First Routing Group\Connectors.  Does email flow to Internet using DNS-based routing by default?  i.e., send directly out from server?

I just now have the verification email for the SSL, so I should be able to move forward with SSL here shortly...

Thanks,
Bob
Both are SMTP Connectors, first just depicts the location where it would be created and the second talks about the bridgehead connector.

If you do not find any setting in-place at SMTP Connector, you might find it at the following location

First Admin Group - Servers - Exchange Server - Protocols - SMTP - Default SMTP Virtual Server.

If you have any setting in-place that talks about smart host, let us know and we'll guide you on how to remove it and use SMTP Connector.

Regards,
Exchange_Geek
The smart host field is empty.  So, is there a default setting when nothing is explicitly configured?  Does it just do DNS lookup and send it out?

Also, FYI, once SSL is in place, there is no sharing of OWA between the servers.  With port forwarding pointing at old server, I can log on to users with mailboxes on the old server only.  I moved port forwarding to the new server briefly, and I could then logon to mailboxes on the new server only.  FYI only.  I am not overly concerned with this, as I should be able to move enough users who don't use OWA so that what's left can be done in a night's outage.  

My only concern now is whether routing of messages will continue when I go through the steps to take down the old server once all the mailboxes are moved.

Thanks,
Bob
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Yep, that was the screen.  No smart host entry, though.  If a SMTP Connector is the best practice, then I will do that.  Just make it look like the first screen shot above?  Anything else to it?

Thanks again.
Bob
And, PS, I only saw that screen when I did New, SMTP Connector.  There were none there when I went there.
Yep, I would explicitly define that on a Send Connector. You want to create a new one and don't change any of the default settings except assigning a bridgehead server (the new machine).

You don't want an IP address listed in there, though -- make sure the "Use DNS to route..." option is selected. You are also going to need to verify that the new box is NAT'ing its traffic to the same outbound IP as the other box, if this is relevant to your network setup (or that the reverse DNS is appropriately updated on the new IP). If it happens to communicate out on a different IP, your mail may wind up getting bounced.

Regarding the OWA thing, yeah, that's pretty much expected. It sounds like you have a solid plan to workaround that problem, though.

-Matt
Thanks for the help, guys.  Are you both okay with split points?

Bob
Bob, It's an honour to share points with the "tiger" Matt

And yes, we're happy to help you always :)

Happy EE'ing.

Regards,
Exchange_Geek
Thanks, all!

-Matt