Managing Active Directory can get complicated. Often, the native tools for managing AD are just not up to the task. The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.
COURSE of the MONTH
8 days, 8 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Transitiong exchange 2007 to Exchange 2010 after updating the other servers before internet facing server
Posted on 2014-12-10
I have our main internet facing cas 2007 at our main sight. I had to add exchange 2010 servers to a couple of new facilities in remote sights but they are all connected. I'm now transitioning our last, but main 2007 exchange to a new box with exch 2010 (all 2008r2 OS). I was fallowing the articles to make the 2007 legacy.domain.com to work with exch 2010and then realized that won't work because I needed to upgrade this server first before the others. I had already changed everything on 2007 to legacy.domain .com and the new 2010 to mail.domain.com. Email seems to be working fine on the new server and I believe I can move everyone over to the new server that does not access email remotely ( smartphones, owa, etc) I assume then after movng all users over then I just need to move all the remote users at the same time and change the ip to that of the old server and send connectors? Am I missing anything. Right now I have various users still on the old exch 07 getting the whole pop up box to log in to email, (mail.domain.com) so I'm guessing outlook anywhere is not configured correctly as all their outlooks are set to "connect using http" or the fact that I changed it to legacy.domain.com. Usually I just have to change their authentication to ntlm and they work okay.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
9
8
17 Comments
Well seems like you kinda started backwards, always upgrade your CAS boxes first because they are backward compatible with older mailbox servers and can proxy/redirect connection depending on the environment.
Instead of moving non remote accessing users over to 2010, I would recommend to focus on replacing your 2007 server with 2010 for internet facing services and let exchange 2010 proxy/redirect the request and than you can move the mailboxes after the fact without worrying about who remotely accesses and who doesn't.
Read the - Transitioning an Exchange 2007 environment to Exchange 2010 section from below article thoroughly and follow the steps.
http://blogs.technet.com/b/exchange/archive/2009/11/20/3408856.aspx
Instead of moving non remote accessing users over to 2010, I would recommend to focus on replacing your 2007 server with 2010 for internet facing services and let exchange 2010 proxy/redirect the request and than you can move the mailboxes after the fact without worrying about who remotely accesses and who doesn't.
Read the - Transitioning an Exchange 2007 environment to Exchange 2010 section from below article thoroughly and follow the steps.
http://blogs.technet.com/b/exchange/archive/2009/11/20/3408856.aspx
yes. I am backwards because they bought a new facility last minute and wanted an exchange server asap. that being said is it still going to work correctly because this warns that internet facing needs updated first and its too late for that? First question is. Do I have to do the cas array? 2nd question. I have changed all the exch 07 directories to legacy.domain.com and new 2010 to mail.domain.com ( what old exch used to be) Is that correct? I am following the directions in the article as I get time. Just checking on those things first. Thanks
For cas array it depends if you need to have redundancy for your exchange environment, are these dedicated CAS servers or all-in-one box?
So if you have already changed all your 2007 url's to legacy.domain.com have you also changed it on the internet facing CAS servers? What is the url published on the internet legacy.domain.com or mail.domain.com?
So if you have already changed all your 2007 url's to legacy.domain.com have you also changed it on the internet facing CAS servers? What is the url published on the internet legacy.domain.com or mail.domain.com?
So I don't need redundancy and can not worry about the cas array for now. These are all in one box. Don't use Edge transport either. Yes, its changed on the internet cas server to legacy.domain.com. mail.domain.com is the url published on the internet.
Man you have bunch of things to consider for this cutover, here are the steps I can think of top of my head.
- Set all the external url's on 2010 server to mail.domain.com (same for internal if split dns)
- Set all the external url's on 2007 server to $null and internal url to legacy.domain.com
- Point your internal autodiscover to 2010 if deployed
- Point your external dns records for mail and autodiscover to 2010 box
- Make sure email flow works properly between 2007 and 2010 environment
- Create send connectors for outbound email flow on 2010
- Delete send connectors on 2007
- Enable anonymous permission on the receive connector on 2010 (if the box receives directly from internet)
- Update the MX record in the public DNS to point to 2010 box (if the box receives email directly from internet)
- Update the SPF record to include the new outbound connecting ip if it is changing
Here are some more articles for you to read:
http://technet.microsoft.com/en-us/library/bb738138(v=exchg.141).aspx
http://technet.microsoft.com/en-us/library/gg232715(v=exchg.141).aspx
http://technet.microsoft.com/en-us/library/bb310763(v=exchg.141).aspx
- Set all the external url's on 2010 server to mail.domain.com (same for internal if split dns)
- Set all the external url's on 2007 server to $null and internal url to legacy.domain.com
- Point your internal autodiscover to 2010 if deployed
- Point your external dns records for mail and autodiscover to 2010 box
- Make sure email flow works properly between 2007 and 2010 environment
- Create send connectors for outbound email flow on 2010
- Delete send connectors on 2007
- Enable anonymous permission on the receive connector on 2010 (if the box receives directly from internet)
- Update the MX record in the public DNS to point to 2010 box (if the box receives email directly from internet)
- Update the SPF record to include the new outbound connecting ip if it is changing
Here are some more articles for you to read:
http://technet.microsoft.com/en-us/library/bb738138(v=exchg.141).aspx
http://technet.microsoft.com/en-us/library/gg232715(v=exchg.141).aspx
http://technet.microsoft.com/en-us/library/bb310763(v=exchg.141).aspx
I have followed so many different routes on how to do this,,,I'm lost. The last article sounds promising, but I have no idea how to do this:
2.Create a publishing rule for the legacy host name in your reverse proxy or firewall solution to point to your legacy Internet-facing Exchange server. Refer to your proxy/firewall solution's user manual for instructions for how to do this. Nor can I find anything helpful for directions.
I was considering using Microsoft but it looks like they raised their price from $250 to $499.
So, I'm guessing the best thing to do is just move all users to 2010 at one time and change the ip to be that of the 07 server, fix send connector.
2.Create a publishing rule for the legacy host name in your reverse proxy or firewall solution to point to your legacy Internet-facing Exchange server. Refer to your proxy/firewall solution's user manual for instructions for how to do this. Nor can I find anything helpful for directions.
I was considering using Microsoft but it looks like they raised their price from $250 to $499.
So, I'm guessing the best thing to do is just move all users to 2010 at one time and change the ip to be that of the 07 server, fix send connector.
The step you are talking about is only required if you want to do redirection for the external connection for exchange, the alternate is to set the external url on the 2007 servers to $null so that 2010 server will just proxy request instead of redirect and this way you won't have to publish legacy.domain.com on the internet.
At this point I just want to move everyone over to the new 2010 exch server and shut the 07 down. I have given up trying to make them coexist together and the random box that pops up asking for user name/password for our mail.domain.com. If anyone has a link that clearly shows the easiest path for that please let me know. Thanks
You have to cutover all the externally exposed services over to 2010 and then you should move all the remaining mailboxes. I wish there was a magical article that includes everything that you want to do but you somewhat need to know what you are doing.
Thanks. Setting up a 2nd external ip on the firewall and external dns and pointing to new 2010 server fixed smartphone users. Still having problems with id/pass randomly popping up, but I will post that as a new question. Thanks for trying to help. I have never had these issues in the past transitioning over starting from exch 5.5. I don't know why this one was so difficult for me.
So you have legacy and mail published on the external DNS now?
Is the external URL still set on the 2007 servers?
If answer to the above two questions is yes then you are doing URL redirection and not proxy.
Is the external URL still set on the 2007 servers?
If answer to the above two questions is yes then you are doing URL redirection and not proxy.
Featured Post
Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
New style of hardware planning for Microsoft Exchange server.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync.
To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses
Course of the Month8 days, 8 hours left to enroll
764 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.