Solved

Exchange migration 2003 to 2010 next step

Posted on 2014-01-06
8
627 Views
Last Modified: 2014-01-11
Hello everyone,

I am currently in the process of migrating exchange 2003 to 2010. my Exchange 2010 environment consists of 2 Exchange servers with all roles installed.

I have one DAG with 2 mailbox servers and 5 databases copied over the two mailbox servers.

I have migrated one Mailbox from the legacy server to the new server and it worked fine. I created send and receiver connector and it seems that incoming and outgoing emails are working.

I would like to know what's the next step that I can do now?

A friend of mine said that I have to update all the DNS records to Exchange 2010 and Exchange will handle the redirection of OWA site. but what about the CAS request for those who are still on Exchange 2003? would Exchange also redirect them too?

and what  about Moving the OAB ? if I moved it would it affect the legacy mailbox users?
What about Upgrading Email Address Policies and Address lists ? would that affect anyone too?

Any notes to take on Moving Public Folders from Exchange? do I do them in a specific time?

Do I need to remove the Recipient Update Services after migrating all the users?

I would appreciate any comments.

Thanks a lot
0
Comment
Question by:Mohammed Hamada
  • 4
  • 3
8 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 333 total points
ID: 39760793
Answers are below...

1. redirection takes place on the Exchange 2010 cas array (or single cas if that's all your using). When users use OWA that have a mailbox on Exchange 2010 they will be presented with the exchange 2010 login page. If the mailbox still resides on the Exchange 2003 server they will be redirected to the old server. You need to make sure that your certificates are correct on your Exchange 2010 cas server. You need to make sure that you have the following names in your SAN cert...
- Mail.domain.com
- autodiscover.domain.com
- legacy.domain.com
You will then need to import the cert into your exchange 2010 and 2003 cas/front end servers. You will then need to change the virtual directories on Exchange 2010 to the original URL which are present on Exchange 2003 and then change your virtual directories on exchange 2003 with the legacy.domain.com. When user use OWA they will be redirected depending on where their mailbox is located.

2.OAB will need to be create on the CAS server and generation server will be on a Exchange 2010 mailbox server. this is required as new Outlook clients use EWS (exchange web services) to retrieve mailbox free/busy info. This is backward compatible with Exchange 2003. You need to make sure that your are using public folder distribution and Web Services distribution.

3. For public folders you will need to move replica's you Exchange 2010 servers and then when you have moved all replica's you can then remove them from Exchange 2003. Once this is completed you will be able to move the public folder hierarchy to Exchange 2010 server.

4.In order to update email address policies and address lists you will need to convert them from ldap to opath and this is backward compatible with Exchange 2003 when it is still in the environment.

5. Recipient Update Service should not be removed until all of the mailboxes have been migrated. Once they are moved to exchange 2010 it is safe to remove the RUS as Exchange 2003 only uses this service.

Update email address policy - http://technet.microsoft.com/en-us/library/cc164375.aspx

Public Folder Migrate - http://exchangeserverpro.com/migrate-public-folders-from-exchange-2003-to-exchange-server-2010/

Will.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 167 total points
ID: 39760799
Are you following any of the migration guides?
I suspect not, because they answer your questions - everything is documented on TechNet.

For Exchange 2003 and 2010 coexistence you need a second URL for the Exchange 2003 server. This is called a legacy URL. All traffic goes to Exchange 2010, then it is redirected.

I would start here:
http://technet.microsoft.com/en-us/library/aa998186(v=exchg.141).aspx

As for public folders, replicate those to Exchange 2010 (So they are on both servers). Move the mailboxes, then use the Move All Replicas command to remove them from Exchange 2003.

Everything else should be done after the mailboxes have been moved.

Have you configured a CAS Array? If not, do so now.

Simon.
0
 
LVL 23

Author Comment

by:Mohammed Hamada
ID: 39761825
Hello Guys, thanks for your reply,

I have configured the redirection for the OWA and it worked perfectly. I replicated Public folder using the powershell script and it replicated also fine.

Now i'm moving couple of mailboxes to see what would happen. and then I will move them all at once.

I would like to know do I move the OAB after moving all the mailboxes? and regarding the Mailbox public policy .? When does it come as well?

Thanks
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39761877
Once you have your CAS and a Mailbox server up and running I would create the new OAB generation point. This will work with both 2003 mailboxes and also 2010. You need to make sure that you have enabled OAB for Public Folders and Web Services distribution.

Refere to answer # 2 i have posted in my previous comment.

Will.
0
Too many email signature changes to deal with?

Are you constantly being asked to update your organization's email signatures? Do they take up too much of your time? Wouldn't you love to be able to manage all signatures from one central location, easily design them and deploy them quickly to users. Well, you can!

 
LVL 23

Author Comment

by:Mohammed Hamada
ID: 39763302
Hi Will,
I'm sorry I haven't had enough time to play with the OAB as I got stuck with client's requirements.

They want to use the new OWA without /owa, so instead of writing https://webmail.domain.com/owa they want to write
webmail.domain.com and get automatically directed to https and owa. and if there's an e-mail siding on the Exch 2003 it will redirect to the legacy FQDN.

I tried using the IIS to do so but to no avail. do I switch off the https and turn off the SSL bindings ? the redirection on the owa page doesn't seem to work if i simply redirect it to https://webmail.domain.com/owa nor http://webmail.domain.com/owa

The second thing is publishing the Exchange services e.g. ( activeSync, RPC Over http and Autodiscover) I have done this using TMG before and PFsense but never used Checkpoint firewall.

I have created a static NAT Rule that points my public IP to the CAS server. the Autodiscover seems to work as when I setup the mailbox on outlook it passes the settings but stops at the logging to the mail server part and says it can't connect to the exchange server and when I click OK  It shows a box with General tab showing the microsoft Exchange server's Internal FQDN. exch01.internaldomain.com
and Mailbox: =SMTP:kur@publicdomain.com

Is this something to do with the Reverse proxy or RPC over HTTP firewall publishing rules?
I'm attaching a photo of the settings.

I also have the same problem with the Active Sync, when I first setup my iphone with one account it finds the settings but it doesn't connect to the server nor it connects to the Legacy server's active sync.

On the Exchange event viewer I can see the following error message

An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case, Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization. 

URL=/Microsoft-Server-ActiveSync/default.eas?User=kursatar@domain.com=&DeviceId=Appl86137B4TDZZ&DeviceType=iPhone&Cmd=FolderSync
--- Exception start ---
Exception type: Microsoft.Exchange.AirSync.AirSyncPermanentException
Exception message: A null value was received for the NTSD security descriptor of container CN=ExchangeActiveSyncDevices,CN=Kursat ARI,OU=Muhe,OU=HHT,DC=hema,DC=com.
Exception level: 0
HttpStatusCode: 500
AirSyncStatusCode: 110
XmlResponse: 
This request does not contain a WBXML response.
Exception stack trace:    at Microsoft.Exchange.AirSync.ADDeviceManager.SetActiveSyncDeviceContainerPermissions(ActiveSyncDevices container)
   at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDeviceContainer(Boolean retryIfFailed)
   at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime, Boolean retryIfFailed)
   at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime)
   at Microsoft.Exchange.AirSync.Command.UpdateADDevice(GlobalInfo globalInfo)
   at Microsoft.Exchange.AirSync.Command.CompleteDeviceAccessProcessing()
   at Microsoft.Exchange.AirSync.Command.WorkerThread()
--- Exception end ---.

Open in new window

I would appreciate any input.

Thanks
hemaexch.jpg
0
 
LVL 23

Author Comment

by:Mohammed Hamada
ID: 39763546
I have just noticed another thing with active sync, I tried removing my configured mailbox on iPhone and re-adding it and noticed these errors were generated on Exchange server.

Event code: 3008 
Event message: A configuration error has occurred. 
Event time: 1/8/2014 12:09:10 AM 
Event time (UTC): 1/7/2014 10:09:10 PM 
Event ID: dd7b52c3866f4736bf99e529e8f99114 
Event sequence: 2 
Event occurrence: 1 
Event detail code: 0 
 
Application information: 
    Application domain: /LM/W3SVC/1/ROOT-1-130336061504156613 
    Trust level: Full 
    Application Virtual Path: / 
    Application Path: C:\inetpub\wwwroot\ 
    Machine name: EXCH01 
 
Process information: 
    Process ID: 5908 
    Process name: w3wp.exe 
    Account name: IIS APPPOOL\DefaultAppPool 
 
Exception information: 
    Exception type: ConfigurationErrorsException 
    Exception message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level.  This error can be caused by a virtual directory not being configured as an application in IIS. (C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa\web.config line 37) 
 
Request information: 
    Request URL: https://webmail.domain.com:443/Exchange/default.aspx 
    Request path: /Exchange/default.aspx 
    User host address: 178.243.128.104 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: IIS APPPOOL\DefaultAppPool 
 
Thread information: 
    Thread ID: 1 
    Thread account name: IIS APPPOOL\DefaultAppPool 
    Is impersonating: False 
    Stack trace:    at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
   at System.Web.Configuration.RuntimeConfig.GetSectionObject(String sectionName)
   at System.Web.Configuration.RuntimeConfig.GetSection(String sectionName, Type type, ResultsIndex index)
   at System.Web.Configuration.RuntimeConfig.get_Identity()
   at System.Web.HttpContext.SetImpersonationEnabled()
   at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
 
 
Custom event details: 

Open in new window


and also the error that I posted above as well.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 333 total points
ID: 39763659
To redirect your IIS page you can use the IIS manager to accomplish this.

OWA simple URL - http://technet.microsoft.com/en-us/library/aa998359(v=exchg.150).aspx

As for the external access you can check the link below which illustrates what needs to be done. Although it is demonstrating with ISA and TMG.

http://technet.microsoft.com/en-us/library/aa998036(v=exchg.141).aspx

Will.
0
 
LVL 23

Author Comment

by:Mohammed Hamada
ID: 39773797
Thanks a lot Will and Simon
0

Featured Post

Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
"Migrate" an SMTP relay receive connector to a new server using info from an old server.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now