Slide1 l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 36

Upgrading from Microsoft Exchange Server 2003/2007 to Exchange Server 2010: Tips, Tricks, and Lessons Learned PowerPoint PPT Presentation


  • 163 Views
  • Uploaded on
  • Presentation posted in: General

Required Slide. SESSION CODE : UNC303. Upgrading from Microsoft Exchange Server 2003/2007 to Exchange Server 2010: Tips, Tricks, and Lessons Learned. Rand Morimoto, Ph.D., MCITP, CISSP Author, “Exchange 2010 Unleashed” President, Convergent Computing, http://www.cco.com

Download Presentation

Upgrading from Microsoft Exchange Server 2003/2007 to Exchange Server 2010: Tips, Tricks, and Lessons Learned

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Slide1 l.jpg

Required Slide

SESSION CODE: UNC303

Upgrading from Microsoft Exchange Server 2003/2007 to Exchange Server 2010:Tips, Tricks, and Lessons Learned

Rand Morimoto, Ph.D., MCITP, CISSP

Author, “Exchange 2010 Unleashed”

President, Convergent Computing, http://www.cco.com

Jeff Guillet, MVP, MCITP, CISSP

Author and Technical Editor, Sams Publishing


Session objectives and takeaways l.jpg

Session Objectives and Takeaways

  • Session Objectives:

    • Share best practices on upgrading to Exchange 2010

    • Describe tips and tricks for successful upgrades, including lessons learned from hundreds of real world migrations

  • You deploy Exchange 2010 next to the older Exchange servers, and then move users

  • Upgrade to Exchange 2010 can be done with no significant user access downtime

  • Use the Deployment Assistant!


Session agenda l.jpg

Session Agenda

What’s New / Different Since Exchange Server 2003 and 2007

Client Support (Outlook, Web, Mobile) to Exchange 2010

Exchange 2010 Pre-Reqs and Exchange 2003 CoExistence

Preparation Tools (TroublshootingAsst, LoadGen, Best Practice Analyzer)

Exchange Transitions and Certificates!

Exchange CAS 2010 Implication

SMTP Transport Upgrades

Unified Messaging Upgrades

Public Folders and Exchange 2010

Retiring Exchange 2003 / Exchange 2007

Jeff’s Blog: http://www.expta.com

Rand’s Blog: http://www.networkworld.com/community/morimoto


New since exchange server 2003 l.jpg

New since Exchange Server 2003

Front-End / Back-End ->Client Access / Mailbox / Hub Transport / Edge Transport / Unified Messaging

64-bit servers support

Active Directory Sites replace Routing Groups

Autodiscover to automatically configure clients

Removes Outlook 2007+ need for Public Folders

Availability Service: Free/Busy information read direct from mailboxes, not from Public Folders

Offline Address Book download from Client Access Server

New admin tools

Exchange Management Console (EMC) and PowerShell 1.0

Unified Messaging: Get voice mail in your inbox

New Developer API: Exchange Web Services (EWS)


New since exchange server 2007 l.jpg

New since Exchange Server 2007

UNC201 – More on Exchange online in SP1

UNC305 – Exchange High Availability

  • Run Exchange Server on-premises, use Exchange Online or mix and match?

  • High Availability solution for mailboxes isDatabase Availability Groups (DAG)

    • Provides site resilience and disaster recovery

    • 30-second fail-over with simplified admin experience

    • Flexibility in storage choices (SATA disks, JBOD configs, etc.)

    • Replaces SCR, LCR, SCC and CCR from E2007

  • Simplified Prerequisite Installation using input files from the DVD

  • Only 64-bit Management tools or Remote PowerShell

  • RPC Client Access and Address Book service

    • Improved High Availability solution

    • Outlook MAPI connects directly to Client Access Servers

  • ExOLEDB, WebDAV and CDOEx are gone

    • “Entourage Web Services Edition” uses EWS

Note

Note


Collaborate effectively l.jpg

Collaborate Effectively

A familiar and rich Outlook experience across clients, devices, and platforms

Desktop

Web

Mobile


Outlook 2003 to exchange 2010 l.jpg

Outlook 2003 to Exchange 2010

Fully functional, although…

Outlook 2003 by default does not encrypt client to Exchange communications

Outlook 2007 / 2010 by default DOES encrypt client to Exchange communications

Option 1: Make Exchange 2010 NOT communicated encrypted with client

Simple to do (PowerShell on all CAS servers)

Set-rpcClientAccess –server {servername} –encryptionRequired $false

Although “dumbs down” the client to Exchange 2010 security

Option 2: Enable encryption in Outlook 2003 to communicated with Exchange 2010 in an encrypted manner

Can be done through Group Policy Object (KB Article# 2006508)


Exchange server 2010 prerequisites l.jpg

Exchange Server 2010 Prerequisites

Active Directory

Windows 2003 SP2 global catalog server is installed in each Exchange Active Directory (AD) site

No hard requirement for Windows Server 2008 AD

Windows Server 2003 forest & domain functional level

Exchange

All Client Access Servers (CAS) and Unified Messaging (UM) servers must have SP2

Existing servers are Exchange 2003 SP2 or Exchange 2007 SP2. No Exchange 2000 or older servers.

To install Exchange 2010 on a machine

Windows Server 2008 SP2 or R2 64-bit editions (Std/Ent)

Windows Management Framework

.NET Framework 3.5 SP1

Internet Information Services (IIS)


Upgrading to exchange 2010 l.jpg

Upgrading to Exchange 2010

Exchange 2003 / 2007 FE/CAS need to do Forms based Authentication (FBA)

TIP!

Internet Facing AD Site

2

Deploy E2010 Servers

Upgrade Internet-facing sites FIRST

  • Start small

  • Gradually add more servers to support scale

4

Move Infra Pointers

  • Internet hostname switch

  • Unified Messaging switch

  • SMTP switch

Internal AD Site

Proxy

https://autodiscover.contoso.com

https://mail.contoso.com

5

Move Mailboxes

Internet

E200x Servers

https://autodiscover.contoso.com

https://mail.contoso.com

https://legacy.contoso.com

Legacy hostnames for old FE/CAS

3

1

Upgrade servers to SP2

  • SSL cert purchase

  • End users don’t see this hostname

  • Used when new CAS tell clients to talk to legacy environments

E200x Servers

Upgrade Internal sites NEXT

Decommission old servers


Preparation tools l.jpg

Preparation Tools

Finding and solving problems before users do

  • Troubleshooting Assistant

  • Help determine the cause of performance, mail flow, and database issues

Load Generator

  • Simulate and test how a server responds to e-mail loads

Best Practice Analyzer

Remote Connectivity Analyzer

  • Determine overall health of Exchange system and topology

  • Test external connectivity to Exchange messaging communications resources


Remote connectivity analyzer l.jpg

Remote Connectivity Analyzer

https://www.testexchangeconnectivity.com/

DEMO


Deployment assistant l.jpg

Deployment Assistant

http://technet.microsoft.com/exdeploy2010

DEMO


Setup for exchange 2010 l.jpg

Setup for Exchange 2010

Step-by-step instructions in setup app

Setup.com with parameters gives unattended setup

Setup provides specific settings for configuring your environment

Configure CAS External domain name

Sets ExternalUrl property which hich aids client configuration

E2003 routing groupconnector: E2003 server


Slide14 l.jpg

Namespaces and URLs

Exchange 2007

Exchange 2010

Exchange 2003

mail.contoso.com

mail.contoso.com

mail.contoso.com

Outlook Web Access

  • /exchange, /exchweb, /public

    Exchange ActiveSync

  • /microsoft-server-activesync

    Outlook Anywhere

  • /rpc

    POP/IMAP

    Outlook Mobile Access

  • /oma

Outlook Web Access

  • /owa

    Exchange Web Services

  • /ews

    Offline Address Book

  • /oab

    Unified Messaging

  • /unifiedmessaging

    Outlook Mobile Access

  • /oma

Exchange Control Panel

  • /ecp

    Unified Messaging

  • /unifiedmessaging

Note: the /exchange and /public vdirs will provide a 301 redirect experience to /owa

smtp.contoso.com

  • Autodiscover.contoso.com

legacy.contoso.com

E2003/E2007 services

Autodiscover

  • /autodiscover

Clients and SMTP servers


Deploying ssl certificates l.jpg

Deploying SSL Certificates

Wildcard * cert could be used

For better security, use unique names, not wildcards

  • Use “Subject Alternative Name” (SAN) certificate which can cover multiple hostnames

  • Minimize the number of certificates

    • 1 certificate for all CAS servers + reverse proxy + Edge/Hub

  • Minimize number of hostnames

    • Use “Split DNS” for Exchange hostnames

      • mail.contoso.com for Exchange connectivity on intranet and Internet

      • mail.contoso.com has different IP addresses in intranet/Internet DNS

    • Don’t list machine hostnames in certificate hostname list

      • Use Load Balance (LB) arrays for intranet and Internet access to servers

Note

Note


Certificate creation l.jpg

New-ExchangeCertificate

-GenerateRequest

-Path c:\certificates\request.req

-SubjectName “c=US, o=contoso Inc, cn=mail1.contoso.com”

-DomainNamemail.contoso.com, autodiscover.contoso.com, legacy.contoso.com

-PrivateKeyExportable$true

Certificate Creation

Create a Certificate Request file

Send Request file to certificate authority you are buying from

Use Import-ExchangeCertificate to activate newly acquired certificate

Use Enable-ExchangeCertificateto enable the certificate for use with a particular service


Certificate wizard l.jpg

Certificate Wizard

DEMO


Deploying exchange 2010 l.jpg

Deploying Exchange 2010

OWA and EWS load balancing require ClientServer affinity

Client-IP based Windows NLB or LB device using cookie-based affinity

Tell Autodiscover where to send clients: Configure internalURL and externalURL parameters and virtual directories

Example: Set-WebServicesVirtualDirectory cas2010\ews* -ExternalURL https://mail.contoso.com/ews/exchange.asmx

Tell Outlook clients where to go for intranet MAPI access

Use New-ClientAccessArray and Set-MailboxDatabase

See Microsoft Exchange 2010 Whitepaper on CAS Load Balancing for more details

Topology decisions—CAS load balancing

Note


Switching to cas2010 l.jpg

Switching to CAS2010

Obtain and deploy a new certificate that includes the required host name values

mail.contoso.com

autodiscover.contoso.com

legacy.contoso.com (for coexistence)

Upgrade all Exchange servers to Service Pack 2

Enable Integrated Windows Authentication on Exchange 2003 MSAS virtual directory (KB 937031)

Install and configure CAS2010 servers

Configure InternalURLs and ExternalURLs

Enable Outlook Anywhere

Configure the Exchange2003URL parameter to be https://legacy.contoso.com/exchange

Preparatory steps


Switching to cas201020 l.jpg

Switching to CAS2010

Preparatory steps, continued

  • Join CAS2010 to a load balanced array

    • Create CAS2010 RPC Client Access Service array

    • Ensure MAPI RPC and HTTPS ports are load balanced

  • Install HUB2010 and MBX2010 servers

    • Configure routing coexistence

  • Create Legacy hostname in internal DNS

  • Create Legacy publishing rules in your reverse proxy/firewall solution pointed to FE2003 / CAS2007 array

  • Use ExRCA to verify connectivity for Legacy hostname against E2003/E2007


Switching to cas201021 l.jpg

Switching to CAS2010

The switchover involves a minor service interruption

Update/Create Autodiscover publishing rule

Update Mail publishing rules

Update paths with new Exchange 2010 specific virtual directories

Switch: Move Mail… and Autodiscover… hostnames to point to CAS2010 array

Reconfigure CAS2007 internalURLs and externalURLs to now utilize Legacy namespace

Disable Outlook Anywhere on legacy Exchange

Test that CAS2010 is redirecting/ proxying to CAS2007 (externally and internally)

The switchover

autodiscover…

mail…

legacy…

ISA

1

2

2

E2010 CAS+HUB+MBX

E200x SP2

Clients access E2010 through Autodiscover… and mail…

1

Redirection (legacy…), proxying, and direct access to E2003/E2007

2


Switching to e2010 cas l.jpg

Switching to E2010 CAS

DEMO


Client access upgrade l.jpg

Client Access Upgrade

Clients access CAS2010 first

Four different things happen for E2003/ E2007 mailboxes

Autodiscover tells clients to talk to CAS2007

HTTP redirect to FE2003 or CAS2007

Proxyingof requests from CAS2010 to CAS2007

Direct CAS2010 support for the service against BE2003 and MBX2007


Smtp transport upgrade l.jpg

SMTP Transport Upgrade

  • Follow this flow for each physical location

  • Edge servers are optional

  • Edge 2007 SP2 can be used with HUB 2010

Internet SMTP Servers

Step 5:

Switch Internet e-mail submission to Edge 2010

Step 4:

Install Edge 2010

E2010 Edge

E2007 Edge

Step 3:

Switch Edgesync +SMTP to go to HUB2010

E2010 HUB

E2007 HUB

E2003 Bridgehead

Step 1:

Upgrade existing E2003 and E2007 servers to SP2

Step 2:

Install HUB and MBX 2010

E2003 Back-End

E2010 MBX

E2007 MBX


Unified messaging upgrade l.jpg

Unified Messaging Upgrade

IP PBXes and GWs

Configure to send all traffic to E2010 UM

E2010 UM will redirect to E2007 UM when necessary

Office Communications Server (OCS)

With E2010 RTM, create new dial plan for E2010 UM users

Soon: OCS will automatically talk to E2010 UM, which will redirect to E2007 UM when necessary

Step 1:

Introduce UM 2010 to existing dial plan

Step 2:

Route IP GW/PBX calls to UM 2010 for dial plan

Step 3:

Remove UM 2007 after mailboxes have been moved

UNC308 – Exchange 2010 UM in the Real World

Note


Public folders l.jpg

Public Folders

  • Co-existence support between mailbox server 2010 and mailbox server 2003/2007

  • Outlook can read mailbox from one Exchange version (such as 2010) and public folder from another (such as 2003/2007)

  • OWA 2010 will allow access to public folders with replica in mailbox server 2010

  • Get-PublicFolderStatistics help take action

    • Move

    • Delete

    • Migrate to SharePoint


Service level agreement l.jpg

Service Level Agreement

1GB mailbox could take 90 minutes or more to move

Pain: User is disconnected for the duration

Pain: Your SLA for availability is not met

Service availability during migration


Online move mailbox l.jpg

Online Move Mailbox

Minimal disruption

  • Users remain online while their mailboxes are moved between servers

    • Sending messages

    • Receiving messages

    • Accessing entire mailbox

  • Administrators can perform migration and maintenance during regular hours

  • Also can be used to migrate users from on-premises server to Exchange Online

E-mail Client

Client Access Server

  • Exchange 2010 and Exchange 2007 SP2 Online

  • Exchange 2003 Offline

Mailbox Server 1

Mailbox Server 2


Time to retire e2003 and e2007 l.jpg

Time to retire E2003 and E2007


Session key takeaways l.jpg

Session Key Takeaways!

  • Deployment Assistant, TechNet, and other resources provide a WEALTH of guidance, leverage them!

  • Preparation Tools and ExRCA are VERY helpful in configuration validation

  • Certificates, CAS Cutover, SMTP Cutover are the areas of most interest for orgs

  • Anything else preventing your cutover, if not, start your transition!!!


Unified communications track call to action l.jpg

Unified Communications Track Call to Action!

Learn More!

  • View Related Unified Communications (UNC) Content at TechEd/after at TechEd Online

  • Visit microsoft.com/communicationsserver for more Communications Server “14” product information

  • Find additional Communications Server “14” content in the Technical Library, weekly technical articles at NextHop, and follow DrRez on Twitter

  • Check out Microsoft TechNet resources for Communications Server and Exchange Server

  • Visit additional Exchange 2010 IT Professional-focused content

    • Partner LinkorCustomer Link (Name: ExProPword: EHLO!world)

      Try It Out!

    • Exchange 2010 SP1 Beta downloadis now available from the download center!


  • Resources l.jpg

    Required Slide

    Resources

    Learning

    • Sessions On-Demand & Community

    • Microsoft Certification & Training Resources

    www.microsoft.com/teched

    www.microsoft.com/learning

    • Resources for IT Professionals

    • Resources for Developers

    • http://microsoft.com/technet

    • http://microsoft.com/msdn


    Slide33 l.jpg

    Required Slide

    Complete an evaluation on CommNet and enter to win!


    Slide34 l.jpg

    Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st

    http://northamerica.msteched.com/registration

    You can also register at the North America 2011 kiosk located at registrationJoin us in Atlanta next year


    Slide35 l.jpg

    © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

    The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.


    Slide36 l.jpg

    Required Slide


  • Login