Solved

Upgrade exchange 2003 to 2010, 2003 has no internet facing server (no mobile access)

Posted on 2014-11-09
5
83 Views
Last Modified: 2014-11-10
I'm planning an exchange 2003 to 2010 coexistence to full migration.
I currently have no mobile/internet users. I have just exchange 2003 and exchange smtp delivery gateways. I have no front end server for my internal owa users (yes, you can actually have that configuration and still use owa, it's some kind of loophole in Exchange 2003).
I assume internet facing exchange will be required for 2010.
How should I proceed, and which roles should I install first?
I have my sans certificate from Digicert ready but unpopulated.
0
Comment
Question by:challBOE
  • 2
  • 2
5 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 200 total points
ID: 40431328
"no front end server for my internal owa users (yes, you can actually have that configuration and still use owa, it's some kind of loophole in Exchange 2003)."

It isn't a loophole.
A frontend server was never required. You would only deploy one if you had multiple backend servers.

Are you planning to have the roles on separate servers? If so, then you are going against best practise. I haven't separated the roles out for over five years, never on Exchange 2010. I see no point. Best practise is all roles on all servers, with the servers configured as identically as possible.

Therefore just install your first Exchange server, configure the SSL certificate as appropriate, replicate the public folders then do a standard migration.
If you are going to coexist, with Exchange 2003 users using OWA and ActiveSync then you will need a legacy URL for Exchange 2003, with the Exchange 2003 server directly exposed to the internet.

Simon.
0
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 300 total points
ID: 40431439
0
 

Author Comment

by:challBOE
ID: 40432423
I have three user mailbox servers and 5 (little) just-smtp-delivery servers ( redundancy over 2 locations and two ips providers). A third (party spamsoap) filters and delivers mail incoming. It's the only thing allowed into the LAN. Outgoing mail connects to internet directly through exchange smtp services, but outgoing only. I have no user mailboxes on those gateways.
You all expose mailbox servers to the internet? No DMZ connection to a cal server then authenticate then get access to a mailbox server?
Am I overthinking this?
Thanks for your answers.
(I have 700 users. 300 perms and 400 temps who come and go).
0
 

Author Closing Comment

by:challBOE
ID: 40432433
Thank you both. Gareth provided a more detailed reference so got the majority of points
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40432434
A DMZ doesn't improve your network security.
Furthermore the only role supported in a DMZ is Edge, which is for SMTP traffic, no other roles are supported in a perimeter network.
I have no problem with exposing Exchange servers straight to the internet. You only need two ports open - 443 and 125. As long as you enforce decent network security on the server and keep it patched then you are fine.

Keep everything very simple. All roles on all servers. If you want redundancy then look at a DAG, an internal load balancer and perhaps a cloud based load balancer for incoming traffic.

Simon.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cannot create 365 Migration Endpoint 11 80
Save Exchange PowerShell Command 12 36
Exchange 2007 Outlook 2010 1 24
exchange 2007, calendar 3 14
We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question