exhange 2007, exchange 2013

Posted on 2016-10-20
Last Modified: 2016-10-25
We  have a resource forest set up.
 We have resource domain, where all resource, such as mailboxes, file/print servers are kept and there is user domain, where only user accounts are kept.
 User account in resource domain is disabled. Mailbox is linked to user account in the user domain. This is done by LinkedMasterAccount attribute in the user account.
 we have 1 hub and client access server ( which is also DC) and 1 mailbox server sitting on xxx. lan domain which is in resource domain.
  We have another DC which is which have all enabled accounts.

 We have 2300 users and divded into 16 storage groups

 We are planning to upgrade to exchange 2013

 Our Action Plan

 A)      We want to keep the same resource setup.
 B)      Build separate windows server 2012 and make it DC in same resource forest set up
 C)      Replicate DC from exchange 2007 ( CAS and Hub Server) to new windows server 2012 DC as disabled AD accounts.
 D)      Install exchange 2013 on windows server 2012 and build DAG involving 3 mailbox servers
 E)      Move mailbox from exchange 2007 to 2013

 Please add to my plan if I am missing something
Question by:pramod1
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4

Expert Comment

by:Joshua Hopkins
ID: 41851876
Looks about right.  Just wondering if there is a reason not to go to Exchange 2016?  It does have better security features and controls.

Author Comment

ID: 41851892
my company decided, any how 2 questions

1) what methods should I use to replicate DC which has disabled ad accounts to new DC.
2) any articles in creating legacy namespaces, or with EWS, OWA to work in middle of transition
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41851914
Hello pramod1,

Your design will work, but if possible (resources available) consider:
- Do not co-locate your DC with Exchange. This separation can be easily justified as far as you have +2000 mailboxes. Additionally, if you are implementing the DAG that you specified in 'E', it will be mandatory.
- If possible, use Windows Server 2012 R2 (Maybe you already mean R2 explicitly, but just in case).
- You can also go with Exchange 2016 as Joshua says, it will be better from multiple perspectives. However, in this scenario as far as you cannot transition directly from 2007 to 2016, you will need to stop at 2013 (or 2010) and then upgrade to 2016. The latter means that you will complete two transitions (AKA migrations).

In general terms your plan sounds good, of course... as you know there are many small details involved in the process.

Note: On step C, be aware that if your accounts are disabled, and you replicate them to a different DC, you will continue exactly with the same [disabled] accounts. It does not require any additional task.
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.


Author Comment

ID: 41851918
thanks, but any methods I should use to replicate from disabled DC to new DC,

Author Comment

ID: 41851922
what do you mean by do not co-locate? I didn't get it very clear
LVL 14

Accepted Solution

Schnell Solutions earned 500 total points
ID: 41851923

1. If your accounts are already disabled in your domain, they will continue disabled on the other DC. This is the same domain and you will have the same set of basic properties in all your DCs as far as all these properties are going to be replicated.

2. You can find general information about the virtual directories here: And instructions to manage them here: virtual directories.

The specific case of how to change the virtual directory will depend on many internal details of the environment and how you handle your different servers/sites.
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41851927
I mean do not install together your ADDS Role (Domain Controller) with your Exchange roles.

If you want a DAG, you cannot combine a Mailbox with a DC.
Independently of using a DAG or not, if possible... consider to use  a separate server as a DC.

Author Comment

ID: 41851942
If I set up nee DC how will it replicate from old dc
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41859027
When the DCPROMO process completes it ensures that all the critical data is replicated. After that, automatic replication objects are created in Active Directory to maintain the replication in two ways between the new and old servers.

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question