Walk through the process for introducing Exchange 2010 servers into an Exchange 2003/2007 organisation. Learn the pre-requisites, steps required, and the impact to client access for MAPI, Outlook Anywhere, OWA, ActiveSync, and POP/IMAP clients after the upgrade has occurred.
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Â
UNC301 - Microsoft Exchange Server 2010 Upgrade and Coexistence with Exchange Server 2007 and 2003
1.
2. Exchange 2010 Upgrade and Coexistence Andrew Ehrensing Principal Consultant Microsoft Corporation UNC301
3. New from Exchange Server 2003 to Exchange Server 2007 Shift from front-end/back-end to a scalable role-based architecture 64-bit server support Active Directory Sites replace Routing Groups AutoDiscover to automatically configure users Removes Outlook 2007+ need for Public Folders Availability Service: Free/Busy information read direct from mailboxes, not from Public Folders Offline Address Book download from Client Access Server New admin tools Unified Messaging: Get voice mail in your inbox New Developer API: Exchange Web Services (EWS)
4. New from Exchange Server 2007 to Exchange Server 2010 Flexible deployment choices Run Exchange Server on-premises, use Exchange Online, or a hybrid approach High Availability solution for mailbox resiliency Comprised of database availability group and database copies Provides site resilience and disaster recovery 30-second switchover/failover with simplified admin experience Improves the flexibility in storage choices (SATA disks, JBOD configurations, etc.) Replaces SCR, LCR, SCC, and CCR from E2007 64-bit management tools support RPC client access and Address Book services Improved High Availability solution Outlook MAPI connects directly to Client Access Servers for mailbox-related data and directory requests ExOLEBD, WebDAV, and CDOEx are gone âEntourage EWSâ uses EWS
5. A familiar and rich Outlook experience across clients, devices, and platforms Mobile Web Collaborate Effectively Desktop
6.
7. Windows 2003 SP2 global catalog server is installed in each Exchange Active Directory (AD) site
18. Namespaces and URLs Exchange 2010 Exchange 2007 Exchange 2003 mail.contoso.com mail.contoso.com mail.contoso.com Outlook Web Access /exchange, /exchweb, /public Exchange ActiveSync /microsoft-server-activesync Outlook Anywhere /rpc POP/IMAP Outlook Mobile Access /oma Outlook Web Access /owa Exchange Web Services /ews Offline Address Book /oab Unified Messaging /unifiedmessaging Outlook Mobile Access /oma Outlook Web Access Outlook Web App Exchange Control Panel /ecp Unified Messaging /unifiedmessaging Note: the legacy vdirs will provide a 301 redirect experience to /owa Autodiscover.contoso.com smtp.contoso.com legacy.contoso.com E2003/E2007 services Autodiscover /autodiscover Clients and SMTP servers
19. Deploying SSL Certificates Use âSubject Alternative Nameâ (SAN) certificate which can cover multiple hostnames Site resilience scenario If leveraging a certificate per datacenter, ensure that the Certificate Principal Name is the same on all certificates Donât list machine hostnames in certificate hostname list Use Load Balance (LB) arrays for intranet and Internet access to servers Best practice: Minimize the number of certificates 1 certificate for all CAS servers + reverse proxy + Edge/Hub Additional certificate(s) if using Office Communications Server (OCS)
20. New-ExchangeCertificate -GenerateRequest -Path c:ertificatesequest.req -SubjectName âc=US, o=contoso Inc, cn=mail1.contoso.comâ -DomainNamemail.contoso.com, autodiscover.contoso.com, legacy.contoso.com -PrivateKeyExportable$true Certificate Creation Create a Certificate Request file Send Request file to certificate authority you are buying from Use Import-ExchangeCertificate to activate newly acquired certificate Use Enable-ExchangeCertificateto enable the certificate for use with a particular service
22. Deploying E2010 Topology DecisionsâSplit DNS Best Practice: Use âSplit DNSâ for Exchange hostnames used by clients Goal: Minimize number of hostnames mail.contoso.com for Exchange connectivity on intranet and Internet mail.contoso.com has different IP addresses in intranet/Internet DNS Important: Before moving down this path, be sure to map out all the hostnames (outside of Exchange) that you will want to create in the internal zone
23. Deploying Exchange 2010 Topology decisionsâCAS load balancing OWA and EWS load balancing require Clientïï Server affinity Client-IP based Windows NLB or LB device using cookie-based affinity Tell Autodiscover where to send clients: Configure internalURL and externalURL parameters and virtual directories Example: Set-WebServicesVirtualDirectory cas2010ws* -ExternalURL https://mail.contoso.com/ews/exchange.asmx Tell Outlook clients where to go for intranet MAPI access Use New-ClientAccessArray and set-mailboxdatabase
24. Deploying Exchange 2010 Topology decisionsâCAS load balancing CAS AutoDiscoverServiceInternalUriproperty should be set to NLB FQDN Ensure the Web Services property InternalNLBBypassURL is set to the Server FQDN Configure virtual directory URLs according to this table:
30. Used when new CAS tell clients to talk to legacy environmentsE200x Servers Upgrade Internal sites NEXT Decommission old servers
31. Preparation Tools Finding and solving problems before users do Remote Connectivity Analyzer Verify Internet-facing services are set up and configured properly Troubleshooting Assistant Help determine the cause of performance, mail flow, and database issues Load Generator Simulate and test how a server responds to e-mail loads Best Practice Analyzer Determine overall health of Exchange system and topology
33. Switching to CAS2010 Preparatory steps Obtain and deploy a new certificate that includes the required host name values mail.contoso.com autodiscover.contoso.com legacy.contoso.com Upgrade all Exchange servers to Service Pack 2 Enable Integrated Windows Authentication on Exchange 2003 MSAS virtual directory (KB 937031) Install and configure CAS2010 servers Configure InternalURLs and ExternalURLs Enable Outlook Anywhere Configure the Exchange2003URL parameter to be https://legacy.contoso.com/exchange
34. Switching to CAS2010 Preparatory steps, continued Join CAS2010 to a load balanced array Create CAS2010 RPC Client Access Service array Ensure MAPI RPC and HTTPS ports are load balanced Install HUB2010 and MBX2010 servers Configure routing coexistence Configure OAB Web-based distribution Create Legacy record in DNS (internal/external) Create Legacy publishing rules in your reverse proxy/firewall solution pointed to FE2003 / CAS2007 array Use ExRCA to verify connectivity for Legacy namespace
35. Switching to CAS2010 The switchover autodiscover⊠mail⊠legacy⊠The switchover involves a minor service interruption Update internal DNS and have Mail and Autodiscover point to CAS2010 array Update/Create Autodiscover publishing rule and point to CAS2010 array Update Mail publishing rules and point to CAS2010 array Remember to update paths with new Exchange 2010 specific virtual directories Reconfigure CAS2007 URLs to now utilize Legacy namespace Disable Outlook Anywhere on legacy Exchange Test that CAS2010 is redirecting/ proxying to CAS2007 (externally and internally) ISA 1 2 2 E2010 CAS+HUB+MBX E200x SP2 Clients access E2010 through Autodiscover⊠and mail⊠1 Redirection (legacyâŠ), proxying, and direct access to E2003/E2007 2
36. Client Access Upgrade Clients access CAS2010 first Four different things happen for E2003/ E2007 mailboxes Autodiscover tells clients to talk to CAS2007 HTTP redirect to FE2003 or CAS2007 Proxyingof requests from CAS2010 to CAS2007 Direct CAS2010 support for the service against BE2003 and MBX2007
40. Edge 2007 SP2 can be used with HUB 2010Step 5: Switch Internet e-mail submission to Edge 2010 SMTP Transport Upgrade Internet SMTP Servers Step 4: Install Edge 2010 E2010 Edge E2007 Edge Step 3: Switch Edgesync +SMTP to go to HUB2010 E2010 HUB E2007 HUB E2003 Bridgehead Step 1: Upgrade existing E2003 and E2007 servers to SP2 Step 2: Install HUB and MBX 2010 E2003 Back-End E2010 MBX E2007 MBX
41. Unified Messaging Upgrade Step 1: Introduce UM 2010 to existing dial plan Step 2: Route IP GW/PBX calls to UM 2010 for dial plan Step 3: Remove UM 2007 after mailboxes have been moved IP PBX/ gateways: One Dial Plan, Redirect With Office Communications Server: Will find proper UM server
42. Public Folders Co-existence support between mailbox server 2010 and mailbox server 2003/2007 Outlook can read mailbox from one Exchange version (such as 2010) and public folder from another (such as 2003/2007) OWA 2010 will allow access to public folders with replica in mailbox server 2010 Get-PublicFolderStatistics help take action Move Delete Migrate to SharePoint
43. Service Level Agreement Service availability during migration 1GB mailbox could take 90 minutes or more to move Pain: User is disconnected for the duration Pain: Your SLA for availability is not met
49. Also can be used to migrate users from on-premises server to Exchange OnlineE-mail Client Client Access Server Exchange 2010 and Exchange 2007 SP2 Online Exchange 2003 Offline Mailbox Server 1 Mailbox Server 2
50. Key Takeaways Exchange 2007 Service Pack 2 introduces new functionality and is required for coexistence with Exchange 2010 Upgrading server roles is seamless and without impact to end users Online mailbox moves improves mailbox data migration by significantly reducing the user outage window
52. Required Slide Speakers, TechEd 2009 is not producing a DVD. Please announce that attendees can access session recordings at TechEd Online. www.microsoft.com/teched Sessions On-Demand & Community www.microsoft.com/learning Microsoft Certification & Training Resources http://microsoft.com/technet Resources for IT Professionals http://microsoft.com/msdn Resources for Developers Resources
53. UNC Track Call to Action! Learn More! Related Content at TechEd on âRelated Contentâ Slide Attend in-person or consume post-event at TechEd Online Check out learning/training resources at Microsoft TechNet Exchange Server and Office Communications Server Check out Exchange Server 2010 atVirtual Launch Experience (VLE) at thenewefficiency.com Try It Out! Download the Exchange Server 2010 Trial Take a simple Web-based test drive of UC solutions through the 60-Day Virtual Experience
SituationBefore we dive into Exchange 2010, letâs talk about the vast improvements made from 2003 to 2007Slide objectiveSet the stage with background on what has changed from source Exchange 2003 organizations.Talking points
SituationNow, letâs see the next step â what has changed from 2007 to 2010Slide objectiveSet the stage with background on what has changed from Exchange 2003 organizationsTalking pointsWeâve listened to our customers and have simplified, but yet, made more powerful our HA solutionFlexibility of deploymentSome other technical changes â for customers that leverage these technologies
Situation :People use many different platforms to communicate these days. From getting a message on the go on your cell phone to sending out a contract proposal at a desktop; users are looking for ways to keep in better touch as their mobility increases. Access though Macs, PCs, Web Browsers and Cell phones all are a critical part of the connected infrastructure that allows businesses to increase their productivity and decrease decision making time. Talking Points :Rich desktop clients are available for both PCs and Macs though Outlook and EntourageRich web browser access to OWA premium is now available for 99% of the browser market. Users can use IE for the premium experience they have come to expect, or use Safari and Firefox for very similar premium experiences. OWA Lite is still available for those with restricted bandwidth or accessibility needs.Exchange ActiveSync (EAS) is fast becoming the standard for Push e-mail to smartphones. For almost any smartphone that an organization has decided to support, there is an Exchange ActiveSync enabled client available. There are other access methodologies not mentioned here: POP/IMAP/Outlook 2003, etc.Slide Objective:The Audience should walk away understanding that Exchange is providing the one stop for their communications needs. Exchange inboxes will be accessible from a wide variety of platforms and technologies. This broad access to rich Exchange data experiences allows them to be more flexible in their organizations while still having a consistent management story on the administrative side. This means lower costs with greater support for the platforms their organizations chooses to use; lower cost, greater choice.
SituationBefore you can begin deploying Exchange 2010 there are several preliminary requirements that must be completed.Slide objectiveExplain Exchange Server 2010 prerequisites so that when admins deploy it there are no surprises.Talking pointsPrepare the AD forest Make sure that the existing Exchange organization meets the requirements for installing install Exchange 2010No Support for RODCUse 64 bit domain controllers if possibleThere are schema changes!Commitment to non-deprecationNo hard requirement for Windows ServerÂź 2008 Active DirectoryÂź (AD)At least one Windows 2003 Service Pack 2 (SP2) global catalog in each site where Exchange Server 2010 domain-joined server roles will be installedThe AD must be at least in Windows Server 2003 forest functionality modeNo support for read-only domain controller (RODC)/read-only global catalog (ROGC)Additional resourcesâActive Directory Performance for 64-bit Versions of Windows Server 2003âhttp://www.microsoft.com/downloads/details.aspx?FamilyID=52e7c3bd-570a-475c-96e0-316dc821e3e7&DisplayLang=en
SituationStep-by-step instructions help you install Exchange easily Slide objectiveInstalling Exchange 2010 is very straightforward and available through a GUI interface or a scriptable shellAids to handle common scenarios and interoperability needsTalking pointsOut-of-the box integration with Exchange 2003 and Exchange 2007Step-by-step instructions and parameters
SituationThrough the iterations of Exchange, there have been many additions and removals of virtual directories needed to be published for exchange to work externally. Slide objectiveShow what is needed as far as namespaces and virtual directories in Exchange 2010Show what has changed from their current experienceTalking pointsOutlook Web App is the new name for Outlook Web Access to give common look and feel across all of the Office Web AppsNew: ECP is added giving self-service for users/unifiedmessaging is not needed any more as the service runs through Exchange Web Services
SituationSSL certificates are a challenge that can provide security for an organization if done correctly.Slide objectiveUse a SAN cert to reduce complexityMinimize different certificatesTalking pointsUse âSubject Alternative Nameâ (SAN) certificate which can cover multiple hostnamesUse Load Balance (LB) arrays for intranet and Internet access to serversBest practice: Minimize the number of certificates
SituationIf you would like to use the Exchange Management Console to create the certificate request, it is possible and easy. You can import and enable via shell as well.Slide objectiveHere is a sample of what a certificate request would look like. Talking pointsUse the new-, import-, and enable-exchangecertificate commands to secure the server roles with certificates
If you would like to host your demo on the Virtual Server, please use the myVPC demo slide, not this slide.
SituationChoosing how to manage DNS has been complicated in the past. We now recommend using split-brain DNS for Exchange environments to minimize certificate and user training complexitySlide objectiveUsing the same namespace internally and externally is recommendedTalking pointsUse the same name space internally and externally.This will mean that changes to the external zone need to be manually created internallyPlanning for all external records should be done prior to deploying
SituationCAS is now at the forefront of server roles as it manages all client connectivity. High availability and redundancy for this role is paramount.Slide objectiveDetermine the path and technology for load balancingMake sure that the Web Service virtual directory, client access array and mailboxdatabase are set accuratelyTalking pointsOWA and EWS load balancing require Clientïï Server affinityTell Autodiscover where to send clients: Configure internalURL and externalURL parameters and virtual directoriesTell Outlook clients where to go for intranet MAPI access
SituationCAS is now at the forefront of server roles as it manages all client connectivity. High availability and redundancy for this role is paramount.Slide objective5 virtual directories in particular need to have internalURL and externalURL set based on whether the AD site is internet facingTalking pointsIf the site is not Internet facing, never set the ExternalURL parameterIf the site is Internet facing, always set the ExternalURL to NLB FQDNFor /OWA set the internalURL to Server FQDNFor all other Virtual Directories, set the internalURL to NLB FQDN
SituationUpgrading to Exchange Server 2010 is designed to be as easy as possible. Slide objectiveGive the audience an idea of whatâs involved in upgrading, beginning with how to migrate Internet-facing sites.Talking points Start with diagram of a typical exchange architecture where you have one site which is Internet facing, and the second site on the right is an internal site which is accessed through the CAS to CAS proxy mechanism. For the Exchange 2003 environments the CAS server is the front-end server, and you can see that we have a URL for OWA for the users â mail.contoso.comWhen moving to Exchange 2010: First determine which order you need to upgrade your sites in. Assuming you have Exchange servers in more than one site, you will want to start with any Internet-facing AD Sites. The general pattern of upgrading is from the outside in â so anything facing the Internet is migrated first, followed by the internal sites. The first step in the upgrade is to install Service Pack 2 onto any Exchange 2007 servers you have in that site. We have included some fixes in Sp2 to improve the interop experience with Exchange 2010. After that, you can start to deploy your Exchange 2010 servers. You start with the CAS servers, then HUB, UM and lastly the Mailbox servers. The third step is what weâll discuss most in this presentation: moving the Internet host name for your Exchange servers to point to the new Exchange 2010 servers. In the diagram, mail.contoso.com is what provided OWA access before. Now you redirect this name so that it is pointing to the new Exchange 2010 CAS server. At the same time, you want to set up some other host name (here we have called it legacy.contoso.com) and make that point to your older CAS or frontend servers. An alternative to using a different host name for your existing OWA environment may be to use the same name with an alternative port number. Setting up the legacy Exchange host name enables Exchange 2010 to redirect users to the older servers until they have been moved to Exchange 2010. Users will in most cases never have to remember this legacy hostname. It is just something which is used under the covers to support the redirection between the old and new environments. You may need to get an SSL certificate to support this old or legacy name End users continue to use the same name they used before â in this example mail.contoso.com â for all their configuration or external access to the Exchange system. For existing Exchange 2007 customers, the UM phone number will also have to be pointed to the new Exchange 2010 UM Server. Once you have done this, your environment is setup to support both the old Exchange mailboxes as well as the new Exchange mailboxes, and you are can start moving mailboxes from the old Exchange servers to the new Exchange mailbox servers. Once you have migrated the Internet facing sites, you can move on to migrating the Internal facing sites.
SituationProblems can arise during an upgrade process. We have a variety of tools to make your upgrade easier.Talking pointsA number of tools are availableUse RCA at every step of an upgradeTroubleshooting Assistant is great for mailflow and database issuesLoad Generator is a great way to test your storage solution before deploymentBest Practice Analyzer is a great health check for your Exchange organizationSlide objectiveTools are available to ensure your success
If you would like to host your demo on the Virtual Server, please use the myVPC demo slide, not this slide.
SituationNow, letâs go through what the actual steps are to switch over to a CAS infrastructure on Exchange 2010Talking pointsThese are preparatory steps before actually performing a switchWalk through the steps and give examplesMake sure to test each step by using Exchange RCASlide objectiveMake sure audience is comfortable with the 8 basic steps on how to prepare to get to CAS 2010
SituationNow, letâs go through what the actual steps are to switch over to a CAS infrastructure on Exchange 2010Talking pointsThese are preparatory steps before actually performing a switchWalk through the steps and give examplesMake sure to test each step by using Exchange RCASlide objectiveMake sure audience is comfortable with the 8 basic steps on how to prepare to get to CAS 2010
SituationOnce the preparation is complete, we can now switch the service over to CAS 2010 from Exchange 2003 Front-End or Exchange 2007 CAS for an AD-SiteTalking pointsOnce step 1 is done, the service is liveStep 2 and 6 are vital for getting a properly configured autodiscover service to be reachableMake sure to test each step by using Exchange RCASlide objectiveMake sure audience is comfortable with the 6 basic steps on switching to CAS 2010
SituationCAS 2010, by default, minimizes end-user impacting behavior. Here is how each service uses the 4 technologies.Talking pointsOWA will try to redirect (with Single Sign-On for Forms-Based Authentication). This prevents a user from having to learn a new URL or type in a password twice.Exchange Activesync will do Autodiscover and redirect (WM6.1 and newer for Exchange 2007), Proxying (WM6 and older, all non-Microsoft OS for Exchange 2007), Direct CAS2010 access (for Exchange 2003).Clients which use new EAS2010 features need to re-syncOutlook Anywhere,Offline Address Book, and autodiscover will do direct CAS2010 supportExchange Web Services will use autodiscoverPOP/IMAP will do proxy for Exchange 2007 and Direct CAS2010 for Exchange 2003Slide objectiveNo matter the protocol, Exchange 2010 has your users in mind.
If you would like to host your demo on the Virtual Server, please use the myVPC demo slide, not this slide.
SituationAdmins need to know how to upgrade SMTP transport when deploying Exchange 2010.Slide objectiveShow the process in upgrading SMTP to use the Exchange 2010 serversTalking points We start with Exchange 2003 environment and an Exchange 2007 environment. The dash lines here mean either one or the other (2003 or 2007) is the ingress/egress point; you wonât have both.First upgrade all servers to SP2.Introduce 2010 servers.If you have Edge Transport deployed, you will re-subscribe your Exchange 2007 Edge servers with E2010 Hub Transport. At this point your Edge synchronization will now be managed via Exchange 2010 HubThen install Edge 2010.And then finally switch the endpoint for mail flow.
SituationUpgrading Unified Messaging systems is an important part of moving to Exchange Server 2010Slide ObjectiveTalking PointsUnified MessagingFirst add the Exchange Server 2010 UM server to an existing UM dial plan that contains Exchange Server 2007 UM serversThen configure each IP gateway or IP PBX to send all incoming calls to the Exchange Server 2010 UM servers within the UM dial planAfter all UM-enabled userâs mailboxes have been migrated to Exchange Server 2010 Mailbox server, the Exchange Server 2007 UM servers can be removed from the UM dial planUsers donât need to change any configuration or connectivity behavior (e.g. URL they use) as part of migration Certificates for Exchange Server 2010Simplest way: wildcard for domain name (doesnât work for WM5)SAN certificateWith IP PBX/GWAdmin ImpactPoint SIP GWs to send calls to UM2010 servers onlyUM2010 servers will redirect traffic to UM12 servers as requiredUser ImpactNone, except appearance of new featuresWith OCSAdmin ImpactOCS will now find the appropriate version of Exchange UM and redirect the call to that locationNo new dial plans are neededThis is contingent on a post RTM patch that is forthcomingUser ImpactNone, except appearance of new features
SituationPublic Folders continue to be a very important part of Exchange for some customers. Others wish to migrate or delete some of these folders.Slide ObjectiveTools are available to help you identify, monitor, and report against Public FoldersAccess methodology to Public Folders differTalking PointsThere is enhanced reporting for PFs. Get-PublicFolderStatistics now captures last user access â this will help determine which PFs to move, delete, or migrate to SharePoint.Outlook can access multiple versions of Public FoldersOWA will access a 2010 replica of a Public Folder
SituationIn the IT community, the metric used to measure availability is the percentage of time that a system is capable of serving its intended function. As it relates to messaging systems, availability is the percentage of time that the messaging service is up and running. The following formula is used to calculate availability levels:Percentage of availability = (total elapsed time â sum of downtime)/total elapsed timeAvailability is typically measured in ânines.â For example, a solution with an availability level of âthree ninesâ is capable of supporting its intended function 99.9 percent of the timeâequivalent to an annual downtime of 8.76 hours per year on a 24x7x365 (24 hours a day/seven days a week/365 days a year) basis. Talking PointsThe simple task of moving a 1 GB mailbox will take 90 minutes. If you measure this against an organizationsâ SLA, youâll find that the uptime agreement may not have been met.We wanted to allow regular maintenance and upgrade to Exchange 2010 while not increasing downtimeSlide ObjectiveMeasuring SLA for an organization is important. Regular maintenance may lead to unnecessary outages
Situation: Administrators commonly move mailboxes between servers and databases as part of maintenance activities or when migrating between Exchange versionsCurrently, moving mailboxes takes them offline -- end users experience an e-mail outage for the duration of the move. As mailbox sizes have grown, mailboxes take longer to move, and administrators have been forced to perform mailbox moves at night and on weekends to minimize disruptions for end usersSlide Objective:Describe how give administrators can use the new online move mailbox process to perform Exchange maintenance and migrations without sacrificing their evenings and weekends. Talking Points: In Exchange 2010, mailbox moves can be done in online mode: users remain can send, receive, and read e-mail while the contents of their mailboxes are moved to a new location Maintenance activities can now be performed during the day, rather than a nighttime or weekend maintenance window Migration to Exchange 2010 can be accomplished faster and with less end-user disruption For E12- E2010 moves to be online your E12 server will require SP2 otherwise the move will be offline during migration ?
SituationShown how to move to Exchange 2010Talking PointsExchange 2007 Service Pack 2 introduces new functionality and is required for coexistence with Exchange 2010Exchange 2010 CAS redirects, proxies, or provides direct access to the mailbox server depending on the client, protocol, and mailbox versionExchange 2010 UM, Hub, Edge have seamless upgrade paths as well.Online mailbox moves improves mailbox data migration by significantly reducing the user outage windowSlide ObjectiveRecap high level points in moving to Exchange 2010