Link to home
Start Free TrialLog in
Avatar of truth_talker

asked on

How can I upgrade from 2008 R2 as a DC with Exchange 2010 to Windows Server 2022 with Exchange 2019?

I have a Windows 2008 R2 server running Exchange 2010 and trying to upgrade to Windows Server 2022 with Exchange 2019.

I don't have a lot of Exchange servers as most of my clients have moved to Microsoft or G Suite.

My issue is the 2008 R2 is a DC and the Exchange server.  

Exchange 2019 requires a DFL of 2012 R2 to install and I can't raise the DFL with the 2008 R2 Domain Controller in place.

Since I have the 2022 box as a Domain Controller already.  Can I demote the 2008 box and keep exchange 2010 running long enough to raise the DFL, install Exchange 2019 and migrate the mailboxes?

Or if I demote the 2008 R2 box, but keep it a member server will it kill Exchange?

Avatar of Seth Simmons
Seth Simmons
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
As Seth pointed out, you have to go in steps, verifying each step.
I would advise against in-place upgrades if that was even a consideration. Just to be sure.

You are still at the 2008 Level on the AD.

Are you using Physical or Virtual Servers, New hardware where the 2022 DC is and is visualized?

i.e. is this an SBS2011? are you going to the Server Essential route?
OS server edition?
Look at the Exchange support matrix

First you need to bring Exchange 2010 up to SP3 RU22 or later.

Add a separate Windows 2016 DC.

Migrate Exchange 2010 SP3 to a new Exchange 2016 member server.

Retire Exchange 2010.

Demote Exchange 2008 R2 DC.

Now you can upgrade to Exchange 2019. It looks like Exchange 2019 isn't yet supported on Windows 2022. I also wouldn't put in a Windows 2022 DC until it shows that it is supported with your version of Exchange.

Going forward, do not put Exchange on a DC.
If memory serves, if you PROMOTE or DEMOTE an Exchange server to a DC (either way, once Exchange is installed), you can create serious problems.

This is going to be a two stage migration.  Migrate to a later version of Exchange (2013 or 2016) and then to 2019 (as has already been mentioned).

Additionally, you'll have to do that migration BEFORE you get rid of the 2008 R2 DC because you'll need to properly remove the Exchange 2010 install from the DC before you can demote it.

Then you can add Server 2016 or 2019 domain controllers to support the Exchange 2019 install.

After the domain controller migration, you'll need to do another migration to Exchange 2019.
Avatar of truth_talker


I'm finally getting a chance to circle back on this one.

I have  the DFL upgraded to 2012 R2 now and Exchange 2016 loaded on Windows Server 2016.
I have moved one mailbox and am testing connectivity.

The AD domain is a .local domain.  I can connect an Outlook client to it, but I get a security alert where the internal hostname "exch2016.domain.local" is being used.  Since I can't put that in my SSL Certificate, that is an issue.

I have rekeyed the SSL to add the new SAN for the new exchange server.  I have checked all of the URLS I can find in Exchange 2016 but it still wants to use the internal .local hostname instead of the public domain.

Certificate based errors is not a reflection of functional errors, issues.
You can add the new host cert as trusted, elimination these errors from being displayed.
Consider it the same way you would if your business is relocating.
Would you view the need to unlock/lock the front door, to get in as an issue on whether the new location setup has the required functionality for the people to do their respective job?

As long as the issue does not impede the data flow from the old to the new system where this test mailbox now resides.
Is my understanding correct, this test mailbox is being redirected/forwarded to the new server?
Since I can't put that in my SSL Certificate, that is an issue.

you don't use .local for exchange; change all of your OWA/ECP/EWS URLs to match your public domain

I have checked all of the URLS I can find in Exchange 2016 but it still wants to use the internal .local hostname instead of the public domain.

did you check autodiscover?

Configure autodiscover URL in Exchange with PowerShell

I checked the autodiscover URLs and it is showing the .org and not the .local domain

But I still get the SSL Popup when launching Outlook.

User generated image

User generated image
The issue is the Certificate SAN section does not include the hostname referenced at the top of the message.