System Administrator Recipes: November 2012

Microsoft Exchange Server is the backbone of messaging service in most of the organizations and works in synchronization with the Active Directory. We will make the necessary steps for a successful migration from Exchange Server 2003 to Exchange Server 2010.

I assume you know the hardware requirements for the installation and operation of Exchange Server 2010.

Lets get started!

1. Exchange Server 2003 requirements

Domain Functional Level should be at least 2003 Native

Click Start < Administrative tools < Active Directory Users and Computers.
Right click on Organization Name e.g "xxxxxxxx.com".
Click "Raise Domain Funtional Level...".
In "Raise Domain Funtional Level" window, choose Windows Server 2003 and click on Raise button.
Then you see a caution window ** This cannot be reversed at any point of time, click OK.

At this point you Raised your Domain Functional Level to Windows Server 2003 Native.

Raise Forest Functional Level

Click Start < Administrative tools < Active Directory Domains and Trust.
Right click on Active Directory Domains and Trust, click on "Rise Forest Functional Level...".
In "Raise Forest Functional Level" window, choose Windows Server 2003 and click on Raise button.

At this point you Raise your Forest Functional Level.

Change Exchange Server 2003 to Native mode

Click Start < All Programs < Microsoft Exchange Server < Exchange System Manager.
In "Exchange System Manager window", right click on "First Organization (Exchange) and click on Properties.
In "First Organization Properties" window, in Operation mode you see "Mixed Mode ......" click on Change Mode button, and choose Native Mode.
You see a "Exchange System Manager" caution window, then click Yes.

Your Exchange is now in Native Mode.

2. Exchange Server 2010 prerequisites installation

* At this point you should already have installed Windows Server 2008 R2 SP1

Download and Install “Microsoft Filter Pack” (64bit Version)

Go http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=20109

Install Exchange Server 2010 Prerequisites on Windows Server 2010 R2

Go http://systemadministratorrecipes.blogspot.com/2012/07/installing-exchange-2010-prerequisites.html

* After the Server restart:

Insert the installation Exchange Server 2010 DVD in the DVD drive.
Copy the Script below.
Open Notepad and paste it.
Save it in C:/ExchangePreparation.bat
Right click in the "ExchangePreparation.bat" file, and Run as administrator

* In this case the DVD-Drive letter is E: \, you must check the letter corresponding to your DVD-Drive and make the change in the line 7 on the script.

* After running the above script and successfully complete all commands can proceed to install Exchange Server 2010.

3. Install Exchange Server 2010

For install Exchange 2010 run the follow script:

Copy the Script below.
Open Notepad and paste it.
Save it in C:/ExchangeInstallation.bat
Right click in the "ExchangeInstallation.bat" file, and Run as administrator

* In this case the DVD-Drive letter is E: \, you must check the letter corresponding to your DVD-Drive and make the change in the line 7 on the script.

When Microsoft Exchange Server 2010 window installation appears. Click on "Step 4: Install Microsoft Exchange", and follows the next steps

In the "Exchange Server 2010 Setup" page, click to choose "Typical Exchange Server Installation" and Give a check mark for "Automatically install Windows Server roles and features required for Exchange".
In the "Configure Client Access server external domain" page, click to check "The Client Access server role will be internet-facing" and give the external domain name.
In the "Mail Flow Settings" page, you will get this option to configure mail flow between these Servers, If Exchange 2003 Exists in your Environment.
In the "Readiness Checks" page, setup will verify the prerequisites for selected components and if they have completed successfully. Click Install.
In the "Completion" page you can see the progress of the installation, once all are completed, click Finish.
In the initial setup pop-up screen, after you click Close, you will be prompted to install latest critical updates for Exchange Server before exiting. Click Yes.
Now Reboot your Server.

4. Exchange Server 2010 Setup

Send Connector in Exchange 2010

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises < Organization Configuration.
Click Hub Transport.
In the "Hub Transport" panel, click Send Connectors tab.
Right click in the result panel, and click "New Send Connector ..."
In the "New Send Connector" Introduction window, you can type a friendly name and click Next.
In the "New Send Connector" Address space, click on Add ...
In "SMTP Address Space" window leave by default, then click OK.
In the "New Send Connector" Network Settings by Default type – Use Domain Name System (DNS); If your using a smart host “Route Mail through the following smart hosts”, and Add the IP and configure your smart host for the same.
In the "New Send Connector" Source Server window, Add new Exchange name, and click Next. If you have multiple Exchange 2010 you can configure the source server as per your Requirement.
In the "New Send Connector" Completion window click Finish.

Now you are configured Send Connector in Exchange 2010.

Receive Connector in Exchange 2010

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises < Server Configuration.
Click Hub Transport.
In the "Hub Transport" panel, click Receive Connectors tab.
Right click in the Default Connector , and click to select Properties.
In the "Default Connector Properties" window, click Permission Group tab and check Anonymous users permissions group.
Click Ok.

Now your Server will receive mails from Internet (If your Firewall Points to Exchange 2010 Server).

Configure Client Access Server Role migrating from Exchange 2003 to Exchange 2010

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises < Server Configuration.
Click Client Access, in the result panel click Outlook Web App tab, then right click on owa (Default Web Site), and select Properties.
In the "owa (Default Web site) Properties" window, in General tab you can set Internal URL - e.g "https://server-name.domain.com/owa" and External Url - e.g "https://mail.domain.com/owa"
In the "owa (Default Web site) Properties" window, in Authentication tab you need check "Basic Authentication" & "Integrated Windows Authentication".
Click Apply, and OK.

* You can configuring Client Access Server Role using Exchange Management Shell.

Set-OwaVirtualDirectory -Identity “Exchange-Server-Name\owa (Default Web Site)” -ExternalUrl https://mail.Domain.com/owa -InternalUrl https://Exchange-Server-Name.Domain.com/owa

Set-OwaVirtualDirectory -Identity “Exchange-Server-Name\owa (Default Web Site-BasicAuthentication:$True -WindowsAuthentication:$True

Configure Exchange Control Panel

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises < Server Configuration.
Click Client Access, in the result panel click Exchange Control Panel tab, then right click on ecp (Default Web Site), and select Properties.
In the "ecp (Default Web site) Properties" window, in General tab you can set Internal URL - e.g "https://server-name.domain.com/owa" and External Url - e.g "https://mail.domain.com/owa".
In the "ecp (Default Web site) Properties" window, in Authentication tab you need check "Basic Authentication" & "Integrated Windows Authentication".
Click Apply, and OK.

* You can configuring Exchange Control Panel using Exchange Management Shell.

Set-EcpVirtualDirectory -Identity “Exchange-Server-Name\ecp (Default Web Site-BasicAuthentication:$True -WindowsAuthentication:$True

Configure Microsoft Server ActiveSync

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises < Server Configuration.
Click Client Access, in the result panel click Exchange ActiveSync tab, then right click on Microsoft-Server-ActiveSync (Default Web Site), and select Properties.
In the "Microsoft-Server-ActiveSync (Default Web Site) Properties" window, in General tab you can set Internal URL - e.g "https://server-name.domain.com/Microsoft-Server-ActiveSync" and External Url - e.g "https://mail.domain.com/Microsoft-Server-ActiveSync".
Click Apply, and OK.

* You can configuring Microsoft Server ActiveSync using Exchange Management Shell.

Set-ActiveSyncVirtualDirectory -Identity “Exchange-Server-Name\Microsoft-Server-ActiveSync (Default Web Site)” -InternalUrl https://Exchange-Server-Name.Domain.com/Microsoft-Server-ActiveSync –ExternalUrl “https://mail.Domain.com/Microsoft-Server-ActiveSync“

Configure Offline Address Book Distribution

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises < Server Configuration.
Click Client Access, in the result panel click Offline Address Book Distribution tab, then right click on OAB (Default Web Site), and select Properties.
In the "OAB (Default Web Site) Properties" window, in URLs tab you can set Internal URL - e.g "https://server-name.domain.com/OAB" and External Url - e.g "https://mail.domain.com/OAB".
Click Apply, and OK.

* You can configuring OAB using Exchange Management Shell.

Set-OabVirtualDirectory -Identity “Exchange-Server-Name\OAB (Default Web Site)” -PollInterval 480 -InternalUrl http:// Exchange-Server-Name.Domain.com/OAB -ExternalUrl https://mail.Domain.com/OAB

Configure Outlook Anywhere

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises < Server Configuration.
Click Client Access, in the result panel right click on Server-Name, then click on Enable Outlook Anywhere, and the Enable Outlook Anywhere wizard appears.
In the "Enable Outlook Anywhere wizard"window, type the external host name for Outlook Anywhere users to use when connecting remotely to Exchange e.g "mail.Domain.com", and choose Basic Authentication method.
Click Apply, and OK.

* You can configuring Outlook Anywhere Exchange Management Shell.

Enable-OutlookAnywhere -Server ‘Exchange-Server-Name′ -ExternalHostname ‘anywhere.Domain.com’ -DefaultAuthenticationMethod ‘Basic’ -SSLOffloading $false

5. Request a new Certificate from a trusted Certificate Authority in Exchange 2010

    We can use a internal windows Certificate Authority certificate with Exchange 2010 to avoid Certificate Errors.

    Now will Learn issuing a Internal Windows CA Certificate, for this to be used externally you need to have a CNAME record in your public DNS
    pointing to your Public IP NAT to your CAS.

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises.
Click on Server Configuration, in the result panel right click on Server-Name and click to select "New Exchange Certificate...", and the New Exchange Certificate wizard appears.
In "Introduction" windows, type a friendly name for the new certificate e.g Exchange2010Certs, and click Next.
In "Domain Scope" window, Wild Card is used if you are going to manage more URL e.g *.Domain.com, if not leave it by default, and click Next.
In "Exchange Configuration" window, click to assign the required services:

* Click to expand "Client Access server (Outlook Web App)", then click to choose "Outlook Web App is on the intranet" and "Outlook Web
App is on the Internet"

* Click to expand "Client Access server (Exchnage ActiveSync)", then click to choose "Exchange Active Sync is Enable"

* Click to expand "Client Access server (Web Services, Outlook Anywhere, and Autodiscover)", then click to choose "Exchange Web
Services is enable" and "Outlook Anywhere is enable"

* Click to expand "Legacy Exchange Server", then click to choose "Use legacy domain"

Click Next.
In "Cetificate Domains" window you will see the collection for URL's. click Next.
In "Organization and Location" window fill out the form, and click Next.
In "Completion" window click Finish.

You request a file name: Exchange2010Certs. Right click in it and open with Notepad.

Now we need install Active Directory Certificate Services.

Click Start < Server Manager.
In new window click Continue.
In "Server Manager" window click on Roles.
In "Roles" panel click Add Roles, click Next, and click to choose "Active Directory Certificate Services".
In "Select Role Services" window click to choose "Certification Authority" and "Certification Authority Web Enrollment", then click Next.
In "Specify Setup Type" window choose "Enterprise", and click Next.
In "Specify CA Type" window choose "Root CA", and click Next.
In "Set Up and Private Key" window choose "Create a new private key", and click Next.
In "Configure Cryptography for CA" window leave it by default with 2048 key Character length, and click Next.
In "Configure CA Name" window leave it by default, and click Next.
In "Set Validity Period" window leave it by default, and click Next.
Finally you see "Instalation Result" window then click Close.

Next;

Click Start < Administrative Tools < Internet Information Services (IIS) manager.
In the left panel click to expand Server-Name < Sites < Default Web Site.
Click on "CertSrv", in the Action panel click on Browse *:443 (https).
When Internet Explorer window open, click on "Continue to this website (not recomended)".
In "Welcome" page, click on "Request a certificate".
In "Request a Certificate" page, click on "advanced certificate request".
In "Advance Certificate Request" page, click on "Submit a certificate request by using a base-64-encode......"
In "Submit a Certificate Request or Renewal Request" page, in "Saved Request" paste content of file "Exchange2010Certs" that you create above; in "Certificate template" choose "Web Server", then click Submit.
In "Certificate Issued" page, click to select "Base 64 encoded" and click in "Download certificate".
Click on Save.

Next;

Click Start < Exchange Management Console.
Click to expand Microsoft exchange On-Premises < Server Configuration.
In "Server Configuration" panel, right click on "Exchange2010Certs" and click to select "Complete Pending request".
In "Complete Pending Request" window, click to browse the new created certificate above then click Complete.
In "Server Configuration" panel, right click on "Exchange2010Certs" and click to select "Assign Services to Certificate...".
In "Select Servers" window, leave by default and click Next.
In "Select Services" window, click to select IMAP, POP, SMTP, and IIS then click Next.
In "Assign Services" window, click on Assign.

At this moment the Server Part is ready.

Now we going to install the Certificate in the Client End.

Double click on Certificate, and click on Install Certificate...
In "Welcome to the Certificate Import Wizard" window, click Next.
In "Certificate Store" window, click to select "Place all certificates in the following store" then click Browse... select "Personal", click OK, click Next, then click Finish.
In "Certificate Store" window, click to select "Place all certificates in the following store" then click Browse... select "Trusted Root Certification Authorities", click OK, click Next, then click Finish.
In "Certificate Store" window, click to select "Place all certificates in the following store" then click Browse... select "Intermediate Certification Authorities", click OK, click Next, then click Finish.

Now you are ready to use a internal windows CA certificate with Exchange 2010.

6. Move offline address book from Exchange 2003 to Exchange 2010

In the process of migration from Exchange 2003 to Exchange 2010. We going to move the Offline address book.

Click Start < Exchange Management Console.
Click to expand Microsoft Exchange On-Premises < Organization Configuration.
Click on Mailbox, in the Mailbox panel click on "Offline Address Book" tab.
Right click on "Default Offline Address...", and click to select Move.
In "Move Offline Address Book", choose your Offline Address Book generation Server to your Exchange 2010 Server, then click Move.
Right click on "New Default Offline Address...", click to select Properties, and click on Distribution tab.
Click to check "Enable Web-based distribution" and "Enable public folder distribution", then click on Add..., and click Apply.

The Offline address book migration is complete.

7. Move Public Folders from Exchange 2003 to Exchange 2010

Moving public folders is simple if your mail flow is fine between Exchange 2003 and Exchange 2010.

For small and medium Public Folder Database we can go ahead and use Scripts. This will add replica of Public Folders from Exchange Server 2003 to
Exchange Server 2010.

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Shell.
Browse your prompt into the Scripts folder and you can run this command

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\AddReplicaToPFRecursive.ps1 -TopPublicFolder “\” -ServerToAdd “Exchange-Name-Server2010″

    Once that completes . Dismount your Public Folder database in your Exchange 2003 and try to access data from your Exchange 2010 Mailbox. This
    verifies the data has been replicated fine.

    Once the replica is added and data has been replicated over to finish of the Public Folder migration we going to move the replica from Exchange 2003
    to Exchange 2010.

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Shell.
Browse your prompt into the Scripts folder and you can run this command.

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\MoveAllReplicas.ps1 -Server “Exchange-Name-Server2003″ -NewServer “Exchange-Name-Server2010″

Great, your Public Folder migration is done.

Now, we are moving Folder Hierarchies.

In Exchange Server 2003, click Start < All Programs < Microsoft Exchange < Exchange Management Console.
Click to expand Administrative Groups, right click on Exchange Administrative Group, click on New, then click Public Folders Container.
Click to expand First Administrative Group < Folders, and you can see Public Folders.
Click and Drag “Public Folders” from First Administrative Group < Folders to Exchange administrative Group < Folders container.

At this moment your Public Folder Folders are completely migrated.

8. Remove Recipient Update Services

Now we remove Recipient Update Services using "Adsiedit.msc". In the process of migration to Exchange 2010.

Click Start, in "Search programs and files" type "adsiedit.msc".
In "ADSI Edit" window, right click on "ADSI Edit" and click "Connet to...".
In "Connection Settings" window, click to check "Select a well known Naming Context" and select "Configuration".
In "ADS Edit" click to expand Configuration < Services < Microsoft Exchange < First Organization (Default ORG name) < Address lists Container < Recipient Update Services, right click to remove the Recipient Update Services, the click OK.

Now we remove Routing Group Connector.

Click Start < All Programs < Microsoft Exchange Server 2010 < Exchange Management Shell.
Browse your prompt into the Scripts folder and you can run this command.

C:\Program Files\Microsoft\Exchange Server\V14\Scripts>Get-RoutingGroupConnector | Remove-RoutingGroupConnector

9. Uninstall Exchange 2003

Click Start < Control Panel < Add and Remove Programs.
Search Microsoft Exchange Server 2003, and click Remove.

Congratulation!! You do successfully migrated from Exchange Server 2003 to Exchange Server 2010 :)

System Administrator Recipes

Pages

Friday, November 23, 2012

Migrating from Exchange Server 2003 to Exchange Server 2010