Solved

Exchange Server 2010 - Replace User's Accounts

Posted on 2013-12-26
10
234 Views
Last Modified: 2014-01-24
We are running Exchange 2010 on a Windows 2012 Enterprise server. We have a client that has changed their website address from www.acme.com to www.acme.org. They would now like to change their email address (about 30 users) to reflect the new address change (user@acme.org). I would like to setup the new user accounts and still have the old email addresses available during the changeover. I believe that I would have to change the DNS pointers to have mail.acme.org and webmail.acme.org point to the exchange server WAN address. Can I leave the old address DNS pointers for mail.acme.com and webmail.acme.com? How would I make the users address change in the Exchange configuration and the ISP DNS pointer change?
0
Comment
Question by:Generator
  • 6
  • 3
10 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 400 total points
ID: 39741017
First, only because I believe that accuracy is important in both asking a question and providing an accurate answer, let me say that there is no such thing as Windows 2012 Enterprise.

Now, your question falls into several parts. I'm making a few assumptions about your topology, and assuming you have a fairly simple layout of server(s) for Exchange. If it is complex, the answer will obviously not apply, but chances are you wouldn't need to ask the question here anyways...

First, you will need to tell Exchange that it can accept email for the new domain. You'll do that via the Exchange Console (or via powershell) in the Organization Configuration Hub Transport area.  Add the new accepted domain, tell it you are authoritative for that domain. Your existing domain can stay for as long as you want during the transition. Return here and remove the existing domain when you are comfortable.

Second, you will want to add the new addresses to existing users. You'll do that in the same section (hub transport) under E-mail address policies. In a small environment, you probably only have one default policy. Edit that, step through the wizard, and you'll reach a point where you see a place to add email addresses using a template format. Add as many new template addresses as you want, and for each mailbox where the policy applies (usually all of them by default) they will get the new addresses. Again, you can also leave the existing templates in place and a user's mailbox will apply all of the templates. Go back and remove the old ones when you are comfortable that the transition is complete.

Exchange is now ready to receive new mail (and still receive email for the existing domain.

So now you just need to adjust DNS. You'll do that with whoever hosts your public DNS records. Maybe that is your ISP. Maybe it is your DNS registrar. Or maybe you did this with a 3rd-party. All are common options, and only you know how you set that up. And different ISPs and registrars offer different ways to manage DNS, so I can't really give any specifics here.

Add A records and MX records for your new domain pointing to your public IP address(es) and, as long as your router is already forwarding traffic for the old domain to your Exchange server, that should continue to work. If you have a firewall or UTM device that can filter traffic and does deep inspection, you *may* need to adjust the firewall rules to allow the new domain. But in my experience, this is rare. And again, each UTM and firewall is different.

Your existing records for your old domain can continue to exist, so email will continue to flow properly as well. And, again, when you are comfortable, you can always go back and delete the old DNS records.

So coexistence is certainly possible, and in most cases, quite easy.

Good luck.

-Cliff
0
 

Author Comment

by:Generator
ID: 39741051
Thanks for this - you are right about the OS - it's Windows 2012 Standard. We should be completing this changeover this weekend. I'll keep you informed.
0
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 39741059
And you have to take care :- autodiscover , webmail & there certificate also for new domain.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:Generator
ID: 39743016
Cliff - I have setup the new address in the email Address Policy - there was an existing policy related to the existing  address being used and a default one. I edited the existing policy and added the new address. Do I make the new address "Set as Reply"? Also, I went through the "Edit E-Mail Address Policy" but could not find the place to add e-mail addresses using a template format as mentioned in your comments. I made the DNS changes so I think we are getting close. I did send a test email using the new address but it bounced back "smtp;550 5.1.1 <joe@acme.org> recipient rejected". Thanks.
0
 

Author Comment

by:Generator
ID: 39747055
It looks like Exchange has been configured properly - all the users now also have the new email address along with the former one. Since the new web address is hosted by a different ISP I had to contact the registrar to add three NS entries related to the users ISP so that the mail will flow properly. Another problem to be addressed is the certificate. I'll keep you up to date. Thanks.
0
 

Author Comment

by:Generator
ID: 39761101
The new DNS settings have been applied and the ping for mail.acme.org is pointing to the proper address - however - when testing the new email address I get the following message:

Reporting-MTA: dns;blu0-omc1-s11.blu0.hotmail.com
Received-From-MTA: dns;BLU0-SMTP76
Arrival-Date: Mon, 6 Jan 2014 16:23:12 -0800

Final-Recipient: rfc822;generator@acme.org Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;550 5.7.1 Unable to relay for <generator@acme.org>

I assume that there is an exchange setting preventing the mail from being delivered? The NS entries were completed today - would this be the usual wait for 48 hours for propagation?
0
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 39761120
I will suggest go for DNS test first for me it look some DNS issues

http://www.dnssy.com/
0
 

Author Comment

by:Generator
ID: 39761145
Thanks - I completed the tests on the new domain and the following 2 failed:
"Mail to local postmaster" - (failed) - I got an error response to my "RCPT TO:<postmaster>" message. Your mail server does not accept mail addressed to "postmaster". I expected a response beginning with 250, but got the response:
 
550 5.7.1 Unable to relay for <postmaster>
 
[RFC2821 Section 3.6]

"Mail to domain postmaster" - (failed) - I got an error response to my "RCPT TO:<postmaster@acme.org>" message. Your mail server does not accept mail addressed to "postmaster@acme.org". I expected a response beginning with 250, but got the response:
 
550 5.7.1 Unable to relay for <postmaster@acme.org>
 
[RFC2821 Section 3.6]

The other tests passed.
0
 
LVL 7

Assisted Solution

by:dsnegi_25dec
dsnegi_25dec earned 100 total points
ID: 39761152
Can you check your relay configuration has been done correctly

http://exchangeserverpro.com/how-to-configure-a-relay-connector-for-exchange-server-2010/
0
 

Author Comment

by:Generator
ID: 39761171
The problem may have been associated to the Sonicwall Email Security Appliance - there was a relay setting to only allow the former domain - I added the new domain and now do not get that error message any longer. I will test this again tomorrow to see if this solved the problem. Thanks.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
In-place Upgrading Dirsync to Azure AD Connect
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question