Solved

Migrating Exchange from 2003 to 2010

Posted on 2015-02-07
15
159 Views
Last Modified: 2015-02-15
Hi,
I am in the middle of migrating an old SBS2003 box to a new physical box running Server 2012 R2 as a hyper-V host with several Server 2012 R2 VMs. As part of the process I have to migrate Exchange 2003 to Exchange 2013. I understand that this is not possible in a single jump without 3rd party software. I have installed a VM running Server 2008R2 and Exch2010. I have been following this tutuorial;

https://supertekboy.com/2014/04/07/migrating-exchange-2003-2010-part-iii/

I am into part III, up to the Split-Brain DNS section part 14, and it tells me this:

"First though we need to open some ports on our firewall. For coexistence we will need two public IPs.

Our first public IP will continue to point to our Exchange 2003 server.
Our second public IP will point to our Exchange 2010 server.

We need to open ports 80 (HTTP) and 443 (HTTPS) to our Exchange 2010 server.

This process will vary based on the firewall you have."

This raises somequestions for me:

1. By 'Public IP' I am assuming we are talking about the external IP address that is provided by our ISP; the same one that we get when we go to http://www.whatsmyip.org/.

2. If this is the case do I need to contact our ISP to get them to provide a second one?

3. Do I even need co-existence beyond the time it takes to migrate from Exch2003 to Exch2010? If I do this out of hours there will be minimal impact on users, so I am happy to take the Exchange server offline to do the migration. Can't I just get Exch 2010 up and running, migrate the data, turn off Exch 2003 and let Exch 2010 take over?

I was hoping to get this done this weekend, but now it's Sunday afternoon and it is looking less promising...:(

Cheers,
Greg
0
Comment
Question by:gregmiller4it
15 Comments
 
LVL 30

Accepted Solution

by:
Gareth Gudger earned 500 total points
Comment Utility
Hey Greg,

1. By 'Public IP' I am assuming we are talking about the external IP address that is provided by our ISP; the same one that we get when we go to http://www.whatsmyip.org/.

Yes. External IP. Do you know how many IPs your ISP currently assigns to you? You can probably decipher this from your firewall by looking at the IP and subnet mask assigned to the external/WAN interface. You may have more than one IP. Unfortunately, whatismyip.com may not be a good judge of what you have. Unless you are sure you only have one IP from your ISP.

2. If this is the case do I need to contact our ISP to get them to provide a second one?

It may take some time for your ISP to get this to you. But there are alternatives which I will answer in question 3.

3. Do I even need co-existence beyond the time it takes to migrate from Exch2003 to Exch2010? If I do this out of hours there will be minimal impact on users, so I am happy to take the Exchange server offline to do the migration. Can't I just get Exch 2010 up and running, migrate the data, turn off Exch 2003 and let Exch 2010 take over?

If you don't need coexistence then you can get by with one IP. Of course, this means cutting everything over from 2003 to 2010 all in one go. Which means you will need to move all your users as well, or, they won't be able to access there mailbox externally (phones, Outlook, Outlook Web Access, etc). Internally they will be fine. Unfortunately, this doesn't give you any room for testing.

How many users do you have?
0
 

Author Comment

by:gregmiller4it
Comment Utility
I'm pretty sure we only have one external IP address.
We probably have around 20 users, of which only about half (i.e. Head Office staff) are regular users; the others just check email occasionally.
0
 
LVL 30

Expert Comment

by:Gareth Gudger
Comment Utility
Ah ok. That's a fairly small amount of users. How large are there mailboxes? Sounds like you might just be able to move it all in one go without coexistence.
0
 

Author Comment

by:gregmiller4it
Comment Utility
I think there was a default 1GB mailbox quota in SBS2003....but a couple of users have had that extended. All up I wouldn't expect the mailboxes to total more than about 30GB.
0
 
LVL 30

Expert Comment

by:Gareth Gudger
Comment Utility
Yep that sounds like a fairly quick move. So, you might be able to get away with a quick cutover. Of course coexistence is safer if you want to check your firewall to see if you have more than one IP.
0
 

Author Comment

by:gregmiller4it
Comment Utility
So, if I run with just one IP address, do I just skip that part on reconfiguring the firewall and charge onwards?
0
 
LVL 30

Expert Comment

by:Gareth Gudger
Comment Utility
Yes. Go ahead and get your certificate completed on your 2010 box (next section) as this can take some time. Then once that is all set, reconfigure your firewall to point ports 80/443 away from the 2003 server and towards the 2010 box.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:gregmiller4it
Comment Utility
Ok thanks heaps. I think I'll sort the certificate tomorrow and maybe do the migration tomorrow evening.
0
 
LVL 5

Expert Comment

by:Hello World
Comment Utility
Hi,

When you're upgrading your existing Microsoft Exchange Server 2003 organization to Exchange Server 2010, there's a period of time when both Exchange 2003 and Exchange 2010 will coexist within your organization.
Then you have to change the MX record and point to Exchange 2010,and register a new record for legacy Exchange server. Meanwhile, request the certificate from CA.
More details about Migration Guide from Exchange 2003 to Exchange 2010, please refer to:
https://gallery.technet.microsoft.com/exchange/Rapid-Migration-Guide-from-7ade7012
0
 

Author Comment

by:gregmiller4it
Comment Utility
So, we own a Thawte certificate that we are currently using on the SBS 2003 server. Is that likely to be the same as what is needed for Exchange 2010? Can I just have that one re-issued for the new server or do we need to buy a new one/type.
If we can have the old one re-issued, will that break the current certificate that is use on SBS 2003?
Also, Exchange 2010 is not he end of the story...I am actually trying to get to Exchange 2013. Will we need to buy more new certificates to get to Exchange 2013?
0
 
LVL 30

Expert Comment

by:Gareth Gudger
Comment Utility
It is possible to reissue the same certificate to 2010. As long as you plan to use all the same name. So if you used mail.domain.com on 2003 you will need to make sure all your URLs on 2010 are configured as mail.domain.com. Both internal and external URLs. You will also need to configure autodiscover with SRV records, instead of a CNAME/A record. Getting a UC/SAN certificate can be a little easier and may be required if your DNS provider doesn't support SRV records.
0
 

Author Comment

by:gregmiller4it
Comment Utility
So the current certificate would not be a UC/SAN certificate?
If I get one of them now, can we re-use it when we move to Exchange 2013?
0
 
LVL 30

Expert Comment

by:Gareth Gudger
Comment Utility
Right. Its doubtful the one for 2003 is a UC certificate. If you get a UC/SAN certificate for Exchange 2010 now you can reuse it for 2013 later.
0
 

Author Comment

by:gregmiller4it
Comment Utility
I just checked; the current certificate in use on Exchange 2003 is an SSL123 certificate
0
 
LVL 11

Expert Comment

by:hecgomrec
Comment Utility
In my experience, you don't need an extra IP (it is recommended, but not necessary).

As soon as I installed my 2010 and finished the certificates and URLs  I made it  my default server.

When I said I made it my default server I just changed my firewall IP and internal DNS settings to point to the new server and then after I start migrating mailboxes to the 2010.

Once finished I repeat the process to get to 2013

Here are the links I used:

2003 to 2010:  http://www.petenetlive.com/KB/Article/0000234.htm

2010 to 2013:  http://www.petenetlive.com/KB/Article/0000788.htm

Good Luck!
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now