Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 401
  • Last Modified:

Migrating from Exchange 2007 to Exchange 2013

I have successfully installed Exchange 2013.  I am trying to minimize any issues with this migration.  Can someone direct me in details on what I need to do next and how.  I just need to decommission Exchange 2007 by this weekend.   Please help me.
Thanks
0
zubby1977
Asked:
zubby1977
1 Solution
 
Md. MojahidCommented:
0
 
zubby1977Author Commented:
I am unsure about Digital Certificates Configurations.  Not too sure about this.  Can someone explain this please

Submit your certificate request to be signed by your CA, then use the following command to import the certificate:
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
zubby1977Author Commented:
Do I need to export the certificates from my Exchange 2007 server.  And if I do, can you kindly explain.

Thx
0
 
NetoMeter ScreencastsCommented:
Zubby,

You have two options:
1. Going through the co-existence scenario which requires configuring and using a legacy namespace, and requesting and installing a new UCC (Multiple Domain Certificate) on both Exchange servers.
2. Going through the quick upgrade scenario. (not recommended, especially for the Exchange 2013 upgrade).

It seems that you are planning to choose the second option. Normally, this means that you are perfectly clear about the individual steps and the whole upgrade is pretested in a lab.

Anyway, the straight answer to your question is that if you are going with the quick upgrade scenario and you already have a valid trusted UCC on the Exchange 2007 server, you have to export it to a PFX file and import it in Exchange 2013. No need to request a new certificate.
0
 
zubby1977Author Commented:
It seems the the cert was issue by the Exchange 2007 Server.  Do I still need to export it to the Exchange 2013 Server.  And also I am seeing multiple certs, which one do I need to export if I need export.

Thanks
0
 
NetoMeter ScreencastsCommented:
If this is the Self-Signed certificate generated during Exchange 2007 setup (or a renewed Self-Signed), you don't need to export it. You will recognize it by checking it's properties in IIS Manager. It's CN (Common Name) is Exchange 2007 short NetBIOS name, and its SAN (Subject Alternative Names) field contains only the internal Exchange 2007 short and Ative Directory FQDN:
Exchange 2007 Self-Signed Certificate Example
Again, you have a couple of options:
1. Purchase and install a trusted UCC (the recommended approach).
2. Install a trusted single name certificate. These are cheaper or free (StartSSL) but you need to modify the Exchange 2013 URL and set all of them to use the single FQDN that's included in the certificate. There is no autodiscover URL included in the certificate, so you will have to create a SRV autodiscover record in the external DNS zone which leads to a popup window presented at remote Outlook Anywhere clients.
3. Generate and install a Self-Signed multiple domain certificate/UCC with Exchange 2013 Public and autodiscover names. (not recommended for production environment or used just as a temporary replacement of the Self-Signed certificate generated by Exchange setup). You will have to create a Group Policy to set this certificate as trusted for internal clients, and install it on remote clients if they need to use Outlook Anywhere.
0
 
zubby1977Author Commented:
Thank you NetoMeter
0
 
zubby1977Author Commented:
Issue resolved.  Thanks again
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now