Link to home
Start Free TrialLog in
Avatar of Brian Carstens
Brian CarstensFlag for United States of America

asked on

Final steps to remove old exchange server. Any suggestions etc..

I have recently installed a second 2016 exchange, matching version of the first. The intent is to retire and remove the first server. I have moved all mailboxes including service mailboxes. Everything seems to be working good. My next step is to either update DNS\firewall Ip addressing to point to new server, or am considering changing the ip address of each server to give the new server install the 1st IP address and then test. If all seems good I will then uninstall exchange from 1st server, then demote server and remove from domain.

Are the any recommendations\warings to finalizing that I may be over looking?

Avatar of M A
M A
Flag of United States of America image

FYI:If your old and and new servers are 2016 you dont need to worry about changing NAT. You can change NAT now. It will proxy each other.
Below are tips to avoid issues..
After installation of Exchange 2016
Export certificate from Exchange 2013 and import in Exchange 2016
https://www.experts-exchange.com/articles/35371/Export-Import-Exchange-Certificate.html 
Assign services IIS and SMTP. (POP and IMAP if required)
https://practical365.com/exchange-server/exchange-2013-assign-ssl-certificate-to-services/
Please configure your Virtual Directories.
https://www.experts-exchange.com/articles/31221/Fix-for-Exchange-server-2016-2019-certificate-and-related-issues.html
Configure OutlookAnywhere and use NTLM authentication instead of Negotiate.
http://msexchangeguru.com/2013/01/10/e2013-outlook-anywhere/
Configure Mapi-HTTP
https://docs.microsoft.com/en-us/exchange/clients/mapi-over-http/configure-mapi-over-http?view=exchserver-2019

This is for testing a mailbox before working with live mailboxes
Configure outlook in a workgroup PC(non-domain joined PC).
Create host record in the workgroup PC for your common name and autodiscover for all your accepted domains which points to new Exchange 2016 IP.
I.e. When you ping your mail.domain.com(common name) and autodiscover.youremail.com it should return Exchange 2019 IP.
https://www.siteground.com/kb/how_to_use_the_hosts_file/
Test mailflow. Open Outlook from this workgroup PC. If everything works with test mailbox (including mailflow) you can change NAT and you can point common name and autodiscover to new Exchange2016 server in your DNS server.
Please check Step1 through step5 in this article to configure your DNS A records and autodiscover.
https://www.experts-exchange.com/articles/29662/Exchange-2013-Fix-for-an-Invalid-certificate-and-related-issues.html
https://www.experts-exchange.com/articles/31221/Fix-for-Exchange-server-2016-2019-certificate-and-related-issues.html

If you have mailboxes in old server move to the new one.
https://www.experts-exchange.com/articles/31741/Move-mailboxes-in-bulk-or-one-by-one-to-another-database-in-Exchange-2010-2013-2016.html
Migrate Public folder.
https://docs.microsoft.com/en-us/exchange/collaboration/public-folders/migrate-from-exchange-2013?view=exchserver-2019

Add the new server to the send connector.

Please use this for easy CSR creation.
Count Mailboxes
ASKER CERTIFIED SOLUTION
Avatar of Seth Simmons
Seth Simmons
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Brian Carstens

ASKER

Seth,
In the ECP I have matching receive connectors configured and compared from drop down choosing each server.
For Send, I only have 1, this one routes thru a smart host, under inspection I see it is associated to older server 1. I now from your suggestion, created a second matching but associated this to the new server. I created a second rather then adding new server to association so I could enable and disable for testing.
I have confirmed all virtual directories are configured already as I had a previous failure and had been getting a cert error.

Regarding updating DNS, see any issue in swapping IP addresses so new has IP of old. My thought on this is not having to update firewall settings for inbound and send restrictions (Original Mail server IP only allowed smtp out device)? Also if I had any other device by IP setting for sending thru old server they would not need updating.

Thank you for delete mail database tip.
Good catch on "Demote" my bad, no not DC - Remove from domain and retire.
nothing wrong with changing the address though it might briefly interrupt client connections so when you do the switch, would do after hours or the weekend and test from end-to-end between client connection (outlook), OWA, mail flow...haven't done it myself but others here have.  right now you have the old server serving client connections which means it is proxying to the new server.  may want to consider restarting the new server once you change the IP address; upon restart it will register itself in DNS properly so no need to change anything manually in DNS