Solved

Exchange Server 2010 - Replace User's Accounts

Posted on 2013-12-26
10
230 Views
Last Modified: 2014-01-24
We are running Exchange 2010 on a Windows 2012 Enterprise server. We have a client that has changed their website address from www.acme.com to www.acme.org. They would now like to change their email address (about 30 users) to reflect the new address change (user@acme.org). I would like to setup the new user accounts and still have the old email addresses available during the changeover. I believe that I would have to change the DNS pointers to have mail.acme.org and webmail.acme.org point to the exchange server WAN address. Can I leave the old address DNS pointers for mail.acme.com and webmail.acme.com? How would I make the users address change in the Exchange configuration and the ISP DNS pointer change?
0
Comment
Question by:Generator
  • 6
  • 3
10 Comments
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 400 total points
ID: 39741017
First, only because I believe that accuracy is important in both asking a question and providing an accurate answer, let me say that there is no such thing as Windows 2012 Enterprise.

Now, your question falls into several parts. I'm making a few assumptions about your topology, and assuming you have a fairly simple layout of server(s) for Exchange. If it is complex, the answer will obviously not apply, but chances are you wouldn't need to ask the question here anyways...

First, you will need to tell Exchange that it can accept email for the new domain. You'll do that via the Exchange Console (or via powershell) in the Organization Configuration Hub Transport area.  Add the new accepted domain, tell it you are authoritative for that domain. Your existing domain can stay for as long as you want during the transition. Return here and remove the existing domain when you are comfortable.

Second, you will want to add the new addresses to existing users. You'll do that in the same section (hub transport) under E-mail address policies. In a small environment, you probably only have one default policy. Edit that, step through the wizard, and you'll reach a point where you see a place to add email addresses using a template format. Add as many new template addresses as you want, and for each mailbox where the policy applies (usually all of them by default) they will get the new addresses. Again, you can also leave the existing templates in place and a user's mailbox will apply all of the templates. Go back and remove the old ones when you are comfortable that the transition is complete.

Exchange is now ready to receive new mail (and still receive email for the existing domain.

So now you just need to adjust DNS. You'll do that with whoever hosts your public DNS records. Maybe that is your ISP. Maybe it is your DNS registrar. Or maybe you did this with a 3rd-party. All are common options, and only you know how you set that up. And different ISPs and registrars offer different ways to manage DNS, so I can't really give any specifics here.

Add A records and MX records for your new domain pointing to your public IP address(es) and, as long as your router is already forwarding traffic for the old domain to your Exchange server, that should continue to work. If you have a firewall or UTM device that can filter traffic and does deep inspection, you *may* need to adjust the firewall rules to allow the new domain. But in my experience, this is rare. And again, each UTM and firewall is different.

Your existing records for your old domain can continue to exist, so email will continue to flow properly as well. And, again, when you are comfortable, you can always go back and delete the old DNS records.

So coexistence is certainly possible, and in most cases, quite easy.

Good luck.

-Cliff
0
 

Author Comment

by:Generator
ID: 39741051
Thanks for this - you are right about the OS - it's Windows 2012 Standard. We should be completing this changeover this weekend. I'll keep you informed.
0
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 39741059
And you have to take care :- autodiscover , webmail & there certificate also for new domain.
0
 

Author Comment

by:Generator
ID: 39743016
Cliff - I have setup the new address in the email Address Policy - there was an existing policy related to the existing  address being used and a default one. I edited the existing policy and added the new address. Do I make the new address "Set as Reply"? Also, I went through the "Edit E-Mail Address Policy" but could not find the place to add e-mail addresses using a template format as mentioned in your comments. I made the DNS changes so I think we are getting close. I did send a test email using the new address but it bounced back "smtp;550 5.1.1 <joe@acme.org> recipient rejected". Thanks.
0
 

Author Comment

by:Generator
ID: 39747055
It looks like Exchange has been configured properly - all the users now also have the new email address along with the former one. Since the new web address is hosted by a different ISP I had to contact the registrar to add three NS entries related to the users ISP so that the mail will flow properly. Another problem to be addressed is the certificate. I'll keep you up to date. Thanks.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:Generator
ID: 39761101
The new DNS settings have been applied and the ping for mail.acme.org is pointing to the proper address - however - when testing the new email address I get the following message:

Reporting-MTA: dns;blu0-omc1-s11.blu0.hotmail.com
Received-From-MTA: dns;BLU0-SMTP76
Arrival-Date: Mon, 6 Jan 2014 16:23:12 -0800

Final-Recipient: rfc822;generator@acme.org Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;550 5.7.1 Unable to relay for <generator@acme.org>

I assume that there is an exchange setting preventing the mail from being delivered? The NS entries were completed today - would this be the usual wait for 48 hours for propagation?
0
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 39761120
I will suggest go for DNS test first for me it look some DNS issues

http://www.dnssy.com/
0
 

Author Comment

by:Generator
ID: 39761145
Thanks - I completed the tests on the new domain and the following 2 failed:
"Mail to local postmaster" - (failed) - I got an error response to my "RCPT TO:<postmaster>" message. Your mail server does not accept mail addressed to "postmaster". I expected a response beginning with 250, but got the response:
 
550 5.7.1 Unable to relay for <postmaster>
 
[RFC2821 Section 3.6]

"Mail to domain postmaster" - (failed) - I got an error response to my "RCPT TO:<postmaster@acme.org>" message. Your mail server does not accept mail addressed to "postmaster@acme.org". I expected a response beginning with 250, but got the response:
 
550 5.7.1 Unable to relay for <postmaster@acme.org>
 
[RFC2821 Section 3.6]

The other tests passed.
0
 
LVL 7

Assisted Solution

by:dsnegi_25dec
dsnegi_25dec earned 100 total points
ID: 39761152
Can you check your relay configuration has been done correctly

http://exchangeserverpro.com/how-to-configure-a-relay-connector-for-exchange-server-2010/
0
 

Author Comment

by:Generator
ID: 39761171
The problem may have been associated to the Sonicwall Email Security Appliance - there was a relay setting to only allow the former domain - I added the new domain and now do not get that error message any longer. I will test this again tomorrow to see if this solved the problem. Thanks.
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now