1000 user Exchange 2003 migration to 2010

Hi Xperts,

I'm going to conduct a migration of approximately 1000 users on Exchange 2003 to 2010. and I would like to know if there's any step by step guide with snapshots on doing so.

The customer has has 1 exchange 2003 app server and 3 database servers. So according to the existing environment I would like to know the following

How many Servers do I need for each of the following roles?

1-  Mailbox servers,
2- Client Access Server,
3- Unified Message server,
4- Hub Transport Server,
5- Edge Transport server.

I would so much appreciate your inputs and since this is the first time I'm doing this kind of migration I would appreciate any notes from someone who have already applied this migration.

I would like to also know how many public certificate do I need for the exchange and where will it be installed exactly?

What are the required SANs for the certificate(s)?

Just for the info, I have done Exchange deployments but not migrations.

Thanks a lot
LVL 24
Mohammed HamadaSenior IT ConsultantAsked:
Who is Participating?
Gareth GudgerConnect With a Mentor Commented:
The Exchange 2010 sizing calculator might be a good start for you.

This will help you with storage requirements as well for those mailbox severs as well as the number of servers required.

Other things to consider are number of servers for redundancy and resiliency. Two mailboxes servers can be configured in a DAG to maintain copies of a mailbox database. And two CAS and HUB servers can provide resiliency and load balancing for client connection and mail flow.

The Unified Messaging role is only needed if you are going to tie in something like Microsoft Lync to your infrastructure and the Edge Transport Server is only needed as a hop before your Hub server and can act as an antispam/antivirus gateway (although I don't use EdgeSync personally) as I am a bigger fan of Exchange Online Protection (formerly FOPE).

For the actual migration itself, I've always found this to be a really easy to follow article.
Mohammed HamadaSenior IT ConsultantAuthor Commented:
Thanks a lot diggisaur, just want something to be clarified if possible. do you mean that I will have to deploy 1 DAG with 2 mailbox servers for redundancy of mailboxes in case of failure right?
dsnegi_25decConnect With a Mentor Commented:
Yes you have to deploy 2 mailbox servers for high availability.

2 CAS Server with load balancing.

2 Hub transport server.

or you can install cas + hub both same server also

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Will SzymkowskiConnect With a Mentor Senior Solution ArchitectCommented:
For you Certificates you will be required to create a SAN cert with the following names...
- Autodiscover.domain.com
- mail.domain.com

Your Cert Principal Name should be mail.domain.com. Also are you looking to do Complete Site Resiliancy? Using a Active/Passive failover? If so, You will need to have separate namespaces for the Priamry site (mail.domain.com) and another namespace for the DR/Failover site (failover.domain.com).

If this is the case you will also want to add failover.domain.com to the SAN cert as well. When you have the cert the cert will need to be installed and on your primary CAS, bind the services to your cert (IIS,SMTP,IMAP,POP) etc. You can then export the cert (with private key) and then import the cert on to the ALL other CAS servers.

Configure Certificates - http://technet.microsoft.com/en-us/library/dd351257(v=exchg.141).aspx

Site Resiliancy for Active/Passive setup - http://www.msexchange.org/articles-tutorials/exchange-server-2010/high-availability-recovery/designing-site-resilient-exchange-2010-solution-part1.html

There are 3 parts to the link above.

Gareth GudgerCommented:
Yep. Other experts are correct.
Mohammed HamadaSenior IT ConsultantAuthor Commented:
Thanks for the comments, I'm using the exchange sizing tool and I would like to know your opinion or if you have a similar situation how would you go with these choices?

I have no estimation of how an office with 1000 users can send/receive an e-mail per day and I would like to know your estimation?
in the tool it says from 100 to 500?  so I choose 250

What Mailbox Size limit you would setup (default is 5GB, .
Personal Archive mail box size?

IOPS Multiplication factor ? it says 1 by default

Megacycles multplication Factor = says 1 too
Predict IOPS Value ? says Yes or no

Total Number of HA Database Copy Instances (Includes Active Copy) within DAG
= default says 4 ? do I need more instances

What kind of Backup Methodology you are using?
1-Exchange's native data protection?
2- Hardware VSS backup/restore
3- Software VSS backup/restore

Primary database + Log will be 2 TB and the Restore LUN will be 2TB too ? or should they be higher than the that?

How many Processor cores for the mailbox server guest machines should it be ?
It says 12 by default. do I increase that?

Hypervisor CPU adjustment factor is 10% by default? on HyperV it says the normal overhead is 10% but maybe the client is using something else! should the value be the same even on other hosting machines?

Should I have Site Resilient ?

One last question, I have read about disjoint namespace! but it wasn't clear to me on how to find out whether my customer is using a flat or disjoint namespace! How do I find out?

Thanks a lot everyone and I'm sorry for the many questions I have asked but this projects seems little big for me since I didn't do migration i am a little bit worried.
When we went from 5.5 to 2003, MS had a very nice document for that migration and it went very well.  When we wanted to go from 2003 to 2010, we discovered that MS had NOT made this an easy jump.  Primarily they had retooled so much in 2007 and 2010 that at the time we did not find an "easy" migration path. I worked with a MS rep to develop a plan.  I am including the documents that he sent me that were very useful in doing this migration.

http://technet.microsoft.com/en-us/library/bb125224.aspx  - Prepare Active Directory and Domains
http://technet.microsoft.com/en-us/library/aa996719.aspx  - Exchange 2010 System Requirements
http://technet.microsoft.com/en-us/library/bb691354.aspx  - Exchange 2010 Prerequisites
http://www.microsoft.com/downloads/details.aspx?FamilyID=88b304e7-9912-4cb0-8ead-7479dab1abf2&displaylang=en  - Exchange Pre-Deployment Analyzer
http://technet.microsoft.com/en-us/library/dd638130.aspx  - Install Exchange 2010 in an Existing Exchange 2003 Organization
http://technet.microsoft.com/en-us/library/aa998604.aspx  - lists the scenarios in which coexistence between Exchange 2010 and earlier versions of Exchange are supported and information about upgrading your organization to Exchange 2010
http://technet.microsoft.com/en-us/library/dd298136.aspx  - What's New in Exchange 2010
http://technet.microsoft.com/en-us/library/ee681665.aspx  - Exchange 2010 Deployment Assistant
http://msexchangeteam.com/archive/2009/11/09/453117.aspx  - Exchange 2010 Mailbox Server Role Requirements Calculator
http://blogs.techrepublic.com.com/datacenter/?p=1380  - Reduce hardware needs and ease administration with Exchange 2010
http://technet.microsoft.com/en-us/library/aa998911.aspx  - Discontinued Features and De-Emphasized Functionality
http://technet.microsoft.com/en-us/library/dd298026.aspx  - Overview of Exchange 2010 Server Roles
http://technet.microsoft.com/en-us/library/dd346701.aspx  - Understanding Server Role Ratios and Exchange Performance

http://technet.microsoft.com/en-us/library/bb123715(EXCHG.140).aspx - Planning Active Directory
http://technet.microsoft.com/en-us/library/dd298174.aspx - Understanding Move Requests
http://technet.microsoft.com/en-us/library/dd335149.aspx - Remove-MoveRequest
Mohammed HamadaSenior IT ConsultantAuthor Commented:
Thanks jhyiesla but now i'm more concerned about the sizing and would like to know what
kind of hardware should I get, how many server do I need for each role and so on.

The simple talk seems pretty good enough but not that detailed.

I would appreciate if someone could answer the questions I have posted.
Some of the other experts comments are very valid. For example, I have a 900 user Exchange environment. I run Exchange 2010 on a Virtual machine in a ESXi environment. For my setup I have a single server performing all roles.  The C: drive is around 100 GB and the E: drive which contains the datastore is around 200 GB. I am using 2 CPUs and 24 GB RAM allocated to this VM.  But in my environment over 50% of my users have a small mailbox and after a couple of years running with a 200 GB drive for the datastore I am just now about to have to increase that size.  So using the tools mentioned by other above would be critical in determining your hardware requirements.
Mohammed HamadaSenior IT ConsultantAuthor Commented:
Well, it's a relief to know that someone else out there have almost the same number of users and having all the roles on the same server but since this is not my deployment and I'm not sure what exactly the customer wants then I have to put all the possibilities including providing them with HA/LB . and site resiliency if they have different sites. increase the mail databases might very much be possible since they already have DAG with 2 mailbox servers but all the other roles are deployed on the same server.
Gareth GudgerCommented:
I just did a migration with 1000 users and we had two virtual servers. One was a CAS/HUB server and the other was a mailbox server. They were running on VMware. We had 1TB of databases so we split them into 5 databases (we had an Enterprise license). So all our databases were around 200GB. This was more for recovery time should a database go bad.
Mohammed HamadaSenior IT ConsultantAuthor Commented:
Thanks diggisaur,

I finally decided to go on the configuration as following

2 Servers that will have the two roles CAS + HT with Load balancing configured on them.  I found a good article that goes through the NLB configuration.


2 Servers will host DAG with 2 mailbox servers. for DAG Configuration I found this useful article

Now my concern is that since the customer has already Mcafee e-mail gateway then I would like to understand how would I proceed with the Configuration of the CAS External domain?

In this case I think the CAS role will not be internet Facing ? Any advise is appreciated

second question, is it better to create the DAG first before the migration of the database or after? from 2003 to 2010?

last question, after I created the DAG and imported the two mailbox servers. the DAG was created and was the witness as well with a new FQDN that doesn't exist on my DNS. now I assume that I should create this record on my DNS but I would like to know where should this record point to?

should the DAG.mydomain.local point to the 2 mailbox servers?
Question 1 :-  :(

Question 2: - I believe that you have to decide In ex2010 you have the option where you can add mailbox server later on for high availability but my personal suggestion is add servers for  high availability first.

Question 3:- You don't need to create any DNS record for DAG  manually.
Gareth GudgerCommented:
I have to assume that the McAfee Gateway operates like most others because I don't know this product. If it does, then only PORT 25 SMTP will be routing through this device to the HUB role on the new CAS/HUB server. The CAS server itself should only have a standard firewall in front of it. Say a Cisco ASA, etc, which will forward ports 80/443 to the CAS role on the CAS/HUB server.

For the second question I always like to create the DAG, or infrastructure first. But technically you could do it any time. I would do it before you moved your production users though.
Mohammed HamadaSenior IT ConsultantAuthor Commented:
Ok I figured it out, I think i will have to create a send connector that will route all the outbound e-mails to the gateway's IP address.

now I want to know in case I couldn't migrate all the users at the same time! and keep the migrated 2010 and the ones on 2003 working at the same time!!! How would the DNS configuration look like?

the mail.domain.com and autodiscover.domain.com and mx records for Exch 2003 would remain i'm assuming? and what about those located on 2010? How would they access their Emails, How would the OWA be handled ? the OAB and so on...etc ?

I would appreciate any direction on this one.

Gareth GudgerCommented:
Well Exchange 2003 didn't have autodiscover, so that record would point to the IP of your 2010 CAS server.

The mail.domain.com can go to either the 2010 or 2003 server depending on whether you are planning on changing your OWA address or not. If you are not changing your OWA address then mail.domain.com needs to point to the 2010 server as well as you set up a new record for the 2003 server such as legacy.domain.com. Everyone still goes to mail.domain.com but OWA automatically redirects the user to either OWA 2003 or OWA 2010 depending on where there mailbox is still located.

The MX records can point to either 2003 or 2010. Just depends on what you want to be the first hop in your mail flow as you are in your transition period. Obviously MX will eventually end up at 2010. I personally cut the MX record over last when I am ready to decommission the 2003 box.
Gareth GudgerCommented:
Check this article on how to configure OWA to do the redirect based on where their mailbox is.


Its under the section titled OWA configuration.

The second part discussing Mail Flow about half way down the article.

Mohammed HamadaSenior IT ConsultantAuthor Commented:
Great, thanks a lot! I have been going fine in my lab and everything worked perfectly as planned! I created a route from exchange 2010 to 2003 and it sends e-mails properly.

Now one last thing and i'm closing the question.

1- Assuming that I have 2 servers with all roles installed on them in Exchange 2010, how may I create 4 data bases and split the 1000 users on each of them ? and how do I resize each database to 1TB.

2- I'm sorry this is a noob question but I forgot since it's been awhile on my last exchange project, but just to double check ... the database's physical location needs to be on a separated HDD not on the bootable nor the system driver ?

3- for Client Access array, do I need 2 NICs? or in which scenario do I need 2 NICs?

Thanks so much and happy new year.
Gareth GudgerCommented:
1/. You should just be able to add additional databases in EMC. Standard License Exchange allows up to 5 databases (Public Databases counts as one). Enterprise allows for unlimited databases. Once you have for databases then you just issue a Local Move Request from the EMC to move users around until you get the balance you want. I would move users a piece at a time until you get the desired database size (once logs have committed from a good backup). You might be able to use the Exchange Sizing Calculators to help you get a rough estimate of how many users can go in each database based on their email usage but I am not aware of any precise way to get the database to the size you require.

2/. Yes, best practice is to put the database on its own logical array. And the logs on their own logical array.

3/. You can do a CAS Array with one NIC. Here is a pretty good guide on 1 NIC versus 2 NICs.

It basically comes down to whether you want your NLB traffic on the client/server LANs.
Mohammed HamadaSenior IT ConsultantAuthor Commented:
Thanks a lot everyone.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.