Exchange 2010 won't install

We are trying to do the first part of a dual swing migration from Server2003R2/Exchange2003 to Server2012R2/Exchange2013. The intermediate box is going to be Server 2008SP2/Exchange2010, from which we'll go to the 2012R2/Exchange2013 box. That is IF I can get this dang Exchange 2010 to install.

As far as I know, I've installed all the prerequisites on the server 2008 box: .Net framework 3.5 & all subsiquent updates, Powershell 2.0, WinRM 2.0, & the MS Fliter Pack 2.0. Yet, when I try running the Exchange 2010 install, and get to the "Mail Flow Settings" part of the install (very early in the process), I get the following error (attached jpeg):

"Couldn't find the Enterprise Organization container. It was running the command 'Get-ExchangeServer| where {-not($_IsExchange2007OrLater)}'.

It will not see our existing Exchange 2003R2 box, for some reason. I've run the MS Exchange pre-deployment analyzer and there are no errors, and the only warning it has is about a our SMTP being configured to use a smart host, that routes mail to/through our spam filtering provider (Nuvotera/SpamSoap). There's one other warning about us not being able revert back to Exchange2007, later, but I figured that one was standard for anyone going from 2003 to 2010/2013... I'm at a loss.

If anyone has any ideas, they would be greatly appreciated. Thanks.


Ric J.
ricjenkinsNetwork AdminAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

IvanSystem EngineerCommented:
Have you done schema extension and forest/ domain preparation before running install?

This should be run before you try to install exchange 2010.
Setup.exe is from exchange 2010 install cd.

Legacy Exchange preparation:
Setup.exe /PrepareLegacyExchangePermissions
Schema preparation:
Setup.exe /PrepareSchema  
AD preparation:
Setup.exe /PrepareAD /OrganizationName:<OrganizationName>
Domain preparation:
Setup.exe /PrepareDomain

Is Exchange 2003 SP2?
Forest and Domain level 2003?
AmitIT ArchitectCommented:
What level of rights you have for your ID? You need to be part of Enterprise and Schema admin group to install first Exchange 2010 Server.
ricjenkinsNetwork AdminAuthor Commented:
spriggan13: I thought the GUI install would run these commands when performing the install, which is why I didn't do them manually... But I did go ahead and run them, and everything was fine (the "setup /PrepareLegacyExchangePermissions" and "setup /PrepareSchema" commands completed fine) until I got to the setup /PrepareAD (setup /p) command, where it had an issue. Below is the output from powershell, for the setup /PrepareAD comand:
.....Copying Setup Files                           COMPLETED

No server roles will be installed

Performing Microsoft Exchange Server Prerequisite Check

    Organization Checks                                                                               COMPLETED
 Setup is going to prepare the organization for Exchange 2010 by using 'Setup /PrepareAD'. No Exchange 2007 server roles have been detected in this topology. After this operation, you will not be able to install any Exchange 2003 or Exchange 2007 servers.

Configuring Microsoft Exchange Server

    Organization Preparation                                                                          FAILED
     The following error was generated when "$error.Clear();
        install-RootOrganizationContainer -DomainController $RoleDomainController

" was run: "Couldn't find the Enterprise Organization container.".

The Exchange Server setup operation didn't complete. More details can be found in ExchangeSetup.log located in the <SystemDrive>:\ExchangeSetupLogs folder.

Exchange Server setup encountered an error.

And the Exchange 2003 is SP2, and the forest and domain levels are Server 2003 level. I'm also running all commands as the domain administrator, which is a member of the Enterprise & Schema Admins groups, so permissions shouldn't be an issue.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

IvanSystem EngineerCommented:

On DC, ,open adsiedit.msc, expand to [CN=LostAndFoundConfig,CN=Configuration,DC=domain,DC=com.

Check if there is exchange server. if there is, delete and try again to run command.

Useful link:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ricjenkinsNetwork AdminAuthor Commented:
There was a reference to an exchange server in there, which I deleted. After that, the "setup /PrepareAD", and "setup /PrepareDomain" commands both completed successfully. I had seen the article you referenced, but didn't see anything in LostAndFound, just looking at it in AD Users & Computers... It was there with the ADSIedit, though, so thanks for that info! Now we'll see if the actual Exchange install runs! :)

Thanks for the assistance!

And as an aside:
I was wondering how the intermediate step (from Server 2003/Exchange2003 to Server 2008/Exchange2010) in this dual swing migration will affect us, as far as our SSL cert goes, for our OWA and folks who get their mail on their iPhones/Android. Our SSL cert is for "", which neither server is named ("mail"), internally. If I transfer the SSL cert to the "new/temporary" server, will the users even see anything different? The SSL cert is actually due for renewal in December, so once we get to the final destination of Server 2012R2/Exchange2013, I'll just redo it then, but I didn't know what to expect in the short term... If you have any thoughts on that, I'd appreciate them as well.

Thanks again!
IvanSystem EngineerCommented:
Hello :)

Well certificate depends on what you need them for. Are you using public certificate or from internal CA server?
If you have many users, or you think that you wont be able to migrate all users from 2003 --> 2010 in day or two, then you would need name on certificate as well. This name is used to redirect all requests from exchange 2010 to 2003, for users that are still on old exchange, at point when you move mail flow from 2003 to 2010.
You would move mail flow before you start moving users, because exchange 2003 would not know how to redirect requests for users that are already moved to exchange 2010.
Exchange 2010 does know how to redirect request to exchange 2003, and that is done by legacy DNS A record. or CNAME.
If you need autodiscover, then you would need that name on certificate as well. Those are 3 standard names when you are doing migration.

When you move mail flow to Exchange 2010, you mobile phones are not going to notice anything, if certificate is valid (from you trusted CA or public CA).

Your Outlook users are going to receive pop-up message that they need to restart Outlook, and if you configure all service url/ uri, they wont receive no certificate warnings. Just that 1 pop-up. No way to avoid that. You should notify them about it, as well as new OWA site look, so that they don't get confused.
BTW, when you are migrating users, they wont be able to send/ receive email. Exchange 2003 and 2007 are moving mailbox's in offline mode.

OWA users are gona work at this way:
You redirect mail flow from internet to exchange 2010, and start moving mailboxes.
User that is on 2010, try to access OWA, get's to new 2010 OWA site and login.
User that is on 2003, try to access OWA, get's to new 2010 OWA site, login, then gets redirected to OLD 2003 OWA site. Login again and that is it.
Now two important thing.
For this to work you must have on certificate and DNS record to point legacy to exchange 2003.
If you are doing this internally, it will work, but if you go over internet it wont work.
As far as I know, exchange 2010 will try to redirect traffic to exchange 2003 via frontend. If you don't have it, then internet users wont be able to access OWA.
There may be a solution if you have 2 public ip addresses or are using ISA, but I haven't tried it.
I guess via internet you can tell users to access OWA via legacy name, and point that record to new public ip address.

If you done need legacy and autodiscover, then you can move certificate to a new server, and configure autodiscover and rest services to use that
I guess that you have DNS zone, internaly, for that

if possible, it is best to get new public cert with those 2 or 3 names. I always have done that, never tried to use old Exchange 2003 cert. I'm not even sure that it smart to use old cert, because it is most likely using old hashing algorithm.
ricjenkinsNetwork AdminAuthor Commented:
We just have the public SSL cert, so our OWA is over a secure connection. We only have 18 end users here, with 25 total mailboxes. The entire Exchange database (on the 2003 Exchange box) is only around 19GB, total, so it's not like this is for a large organization. Heck, we probably only have 3-5 users that even use the OWA site on a regular basis, and 3 or 4 that have our email set up on their iPhones.

The plan is to come in and get all the mailboxes moved over to the new Exchange 2010 box, and decommission the 2003 server, in a weekend, so mail flow isn't a huge concern, as very few, if any, people even look at their work email over the weekend. The weekend after the Exchange 2003 to 2010 move occurs, we plan to do the Exchange 2010 to 2013 move, to complete our dual swing "migration" from Exchange 2003 to 2013.

I just didn't want a lot of SSL certificate errors making anyone freak out...

And, yes, we have a DNS zone, internally.
IvanSystem EngineerCommented:

you don't need legacy name then. Just inform user that in Monday OWA is gona look a bit different.
Buy new cert with "", and for new server.

One important thing, don't decommission old exchange in that weekend.
Why? Because when your users come to work in Monday, Outlook is not gona work. Outlook is gona try to access exchange 2003, which is gone. For this to work in a way that is planed by Microsoft, you should leave exchange 2003 to work for few days, and when users come in Monday, Outlook is gona reconfigure it self and configure for exchange 2010. Users will receive pop-up to restart Outlook and everything is gona work.
If you remove exchange 2003 in weekend, then you gona have to create new profiles for every users.

If you want Outlook to autoconfigure it self, you should buy new certificate with those 2 names.

PS: If you have manage to install Exchange 2010 via solution I provided, mark solution and give points ;)

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.