ENTERPRISE

Installing Exchange Server 2010 in an Exchange Server 2003 environment (part 3) - Finishing the installation

1/20/2011 11:29:01 AM

3. Finishing the installation

Now that we have successfully installed two Exchange Server 2010 servers, it's time to configure the environment and finish the setup. We're now going to have to make sure these are taken care of:

  • Public Folder Replication

  • Certificate installation on the Client Access Server

  • Configure Exchange Server 2010 Web Services.

3.1 Public Folder Replication

During the Mailbox Server Role readiness check, you saw a warning message regarding the Public Folder Replication (see Figure 11). You don't need to worry about this, but you are going to have to take steps to ensure that Public Folder information from the Exchange Server 2003 Public Folders is replicated to the Exchange Server 2010 Public Folders, and vice versa.

So, to make sure this happens smoothly, log on to the Exchange Server 2003 server and open the Exchange System Manager. Browse to the Public Folders in the First Administrative Group, and if needed right-click on Public Folders and select "View System Folders." Select the Offline Address Book "/o=<<yourorg>>/cn=addrlists/cn=oabs/cn=Default Offline Address Book" and open its properties. Click "Add" on the Replication Tab, and add the Public Folder Database on the Exchange Server 2010 Mailbox Server.

Figure 12. Add the 2010 Public Folder Database to set up replication.

Repeat these steps for:

  • OAB Version 2

  • OAB Version 3a

  • OAB Version 4

  • EX:/o=<<yourorg>>/ou=First Administrative Group

  • Schedule+ Free Busy: EX:/o=<<yourorg>>/ou=First Administrative Group.

And that's all of your Exchange Server 2003 to Exchange Server 2010 Public Folder Replication set up!

In Exchange Server 2003 you can also use the "Manage Settings" options and perform the above steps at once in a single step.

To setup Public Folder Replication from Exchange Server 2010 back to Exchange Server 2003, log on to the Exchange Server 2010 server and open the Exchange Management Console. In the left pane select Toolbox, open the Public Folder Management Console in the results pane, and then connect to the Exchange Server 2010 Mailbox Server.

In the Public Folder Management Console, expand the System Public folders, and then expand the Offline Address Book. For all Offline Address Books located in the results pane, select their properties and configure the replication to include the Exchange Server 2003 Public Folder Database, as demonstrated below:

Figure 13. Configure Public Folder Replication to the Exchange Server 2003 server.

All you need to do to finalize your Replication configuration is repeat these steps for:

  • OAB Version 2

  • OAB Version 3a

  • OAB Version 4

  • EX:/o=<<yourorg>>/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)

  • EX:/o=<<yourorg>>/ou=First Administrative Group

  • Schedule+ Free Busy: EX:/o=<<yourorg>>/ou= Exchange Administrative Group (FYDIBOHF23SPDLT)

  • Schedule+ Free Busy: EX:/o=<<yourorg>>/ou=First Administrative Group.

Bear in mind that, depending on the size of your Public Folder database, you may have to wait some time for Public Folder Replication to finish.

3.1 Certificate installation

After installation of the Client Access Server, a new certificate also needs to be installed. By default a self-signed certificate is created during setup but, for production purposes, a third-party certificate is needed. For Exchange Server 2010, a Unified Communication (UC) certificate is used, and these have their own Subject Name (like webmail.inframan.nl) as well as "Subject Alternative Names" like autodiscover.inframan.nl and mail.inframan.nl. Check out Microsoft knowledge base article 929395 (HTTP://TINYURL.COM/CERTVENDORS) for more information regarding UC certificates, and a list of supported Certification Authorities that can issue them.

Suppose we have a domain called "inframan.nl" – our Outlook Web App name can be webmail.inframan.nl. A second namespace used in Exchange Server 2010 is 'autodiscover', which resolves, in our example, to autodiscover.inframan.nl. So far this is the same as it was in Exchange Server 2003. New in Exchange Server 2010 is a third name called "legacy" which results in legacy.inframan.nl. This legacy namespace is used for interoperability between Outlook Web Access in Exchange Server 2003 and Exchange Server 2010 Outlook Web App. All three names are used on the Client Access Server, so for the Client Access Server, a minimum of three SAN values are needed:

  • Webmail.inframan.nl (primary OWA access point)

  • Autodiscover.inframan.nl.

  • Legacy.inframan.nl (OWA access for Exchange Server 2003 mailboxes).

To ensure the Exchange Server 2010 Client Access Server role functions correctly the various settings need to be configured, which is explained in the next section.

3.3 Configure Exchange Web Services

Like its predecessors, Exchange Server 2010 uses the Client Access Server to offer Offline Address Book downloads and Free/Busy information using the HTTP protocol, and these can be used by Outlook 2007 and Outlook 2010. However, Outlook 2003 uses the Public Folder architecture to get the Offline Address Book and Free/Busy information.

As explained in Section 3.2.2.2 (See Figure 7. Enter the external domain for your Client Access Server.) you can enter the external domain that the Client Access Server is using, for example webmail.inframan.nl. If you haven't configured the external domain during setup, you have to configure the following settings using the Exchange Management Shell command below.



Before the Offline Address Book can be distributed by the Client Access Server, the Generation Server needs be changed from Exchange Server 2003 to Exchange Server 2010. This can be achieved by using the Exchange Management Console as follows:

  1. Log on to the Exchange Server 2010 server and open the Exchange Management Console.

  2. Expand Microsoft Exchange on-Premises and expand the organization container

  3. Click the Mailbox option, and in the results pane select the Offline Address Book tab. The Default Offline Address List will appear, and the Generation Server will be the current Exchange Server 2003 server.

  4. Right-click the Default Offline Address Book and select Move. The Move Offline Address Book wizard will appear. Use the Browse button to select the new Exchange Server 2010 Mailbox Server and, when finished, click Move again. When the move to the new Mailbox Server is complete, click Finish.

NOTE

You can also use the Exchange Management Shell to move the Generation Server to Exchange Server 2010 by using the following command.



Even once you've gone through these steps, the distribution itself is still using the Public Folder Mechanism. To change this to Web-based distribution, use the following procedure:

  1. Log on to the Exchange Server 2010 server and open the Exchange Management Console.

  2. Expand Microsoft Exchange on-Premises, and expand the organization container.

  3. Click the Mailbox option and select the Offline Address Book tab in the results pane. The Default Offline Address List will appear. Right-click this and select properties.

  4. Select the Distribution tab and tick the Enable Web-based distribution check box. Click Add to select the Client Access Server Virtual Directory used for distribution and, when finished, click OK.

The Exchange Server 2010 Client Access Server will now start distributing the Offline Address Book using a virtual directory, using the HTTP protocol that can be used by Microsoft Outlook 2007 or Outlook 2010 clients.

Figure 14. After configuring the Offline Address Book generation server you can check the configuration using the Exchange Management Console.

Users with mailboxes still on Exchange Server 2003, who access their mailbox using a Windows Mobile device, will get an error when they use the Exchange Server 2010 Client Access Server. These users will be able to synchronize their device when the Microsoft-Server-ActiveSync virtual directory on the Exchange Server 2003 back-end server has Integrated Windows Authentication enabled. This will allow the Client Access Server and the Exchange Server 2003 back-end server to use Kerberos for authentication.

Now that you've got your Public Folder Replication, Certificates and Web Services all configured, it's time to change your Internet access infrastructure. You need to make sure that users who try to access HTTPS://WEBMAIL.INFRAMAN.NL (the example we've been using so far) are redirected to the new Exchange Server 2010 Client Access Server. So I'll quickly outline the SMTP Infrastructure for this coexistence scenario.

4 SMTP Infrastructure

As discussed earlier, when an Exchange Server 2010 Hub Transport server is installed into an existing Exchange Server 2003 environment, it installs a special Legacy, or Interop, Routing Group Connector. This Interop Routing Group Connector is responsible for sending messages between Exchange Server 2003 and Exchange Server 2010 and vice versa.

When you move mailboxes to Exchange Server 2010 and a new message arrives on the Exchange Server 2003 front-end server, this server will check Active Directory and find the user's mailbox is on Exchange Server 2010. The message will be routed through the Interop Routing Group Connector to the new Hub Transport Server, and the message will be delivered in the Exchange Server 2010 Mailbox Server – nice and simple.

Similarly, when a user with a mailbox on Exchange Server 2010 composes a message for a mailbox on Exchange Server 2003, the message is routed from the Hub Transport Server, through the Interop Routing Group Connector, to the Exchange Server 2003 front-end server. From there it will be delivered to the user's mailbox on the Exchange Server 2003 Mailbox server – also nice and simple.

As this is a completely stable system, it is up to the system administrator to decide when the mail flow is switched from delivery at the Exchange Server 2003 server to the Exchange Server 2010 Hub Transport Server. There are no hard requirements when to switch the message flow.

4.1 Edge Transport Server

An Exchange Server 2010 Edge Transport Server is used for message hygiene purposes; it will be used as an anti-spam and anti-virus solution. The anti-spam solution is built in to the product, and Microsoft Forefront for Exchange Server can be used for antivirus.

An Exchange Server 2010 Edge Transport Server can also be used together with a pure Exchange Server 2003 environment. The Edge Transport Server is used as a smart host for the Exchange Server 2003 server, and can still act as an anti-spam and antivirus solution. The full feature set of an Edge Transport Server is, of course, not available in an Exchange Server 2003 environment.

The full feature set of the Exchange Server 2010 Edge Transport Server becomes available when you transition to the Exchange Server 2010 Hub Transport Server, subscribe the Edge Transport Server to the Hub Transport Server, and switch the mail flow from the Exchange Server 2003 environment to the Exchange Server 2010 environment.

If you want to install the Exchange Server 2010 Edge Transport Server and subscribe it to the Exchange Server 2010 Hub Transport Server. The question is, do you want to install the Edge Transport Server? There's no definitive answer to this, and a consultant's answer would be "it depends." An Edge Transport Server does a great job in offering antivirus and anti-spam functionality and, as such, I can really recommend it. But a lot of customers already have other anti-spam and antivirus solutions that perform very well. If this is the case, you have to make a decision based on experiences, pricing, manageability, etc.

5 Final Exchange 2003 coexistence notes

So, at the end of that you should have everything you need to configure your own Exchange Server 2003 Coexistence scenario. Just to finish off, there are a couple of things I want to recap for when you are running this kind of scenario:

  • An Exchange Server 2003 and Exchange Server 2010 coexistence scenario has two management interfaces:

    • The Exchange Server 2003 System Manager can only be used to manage Exchange Server 2003 objects.

    • The Exchange Server 2010 Management Console and Management Shell can only be used to manage Exchange Server 2010 objects.

  • If mailboxes running on Exchange Server 2003 need to be moved to Exchange Server 2010, this can only be achieved using the Exchange Server 2010 tools.

  • When shared mailboxes are moved from Exchange Server 2003 to Exchange Server 2010, they will continue to run as shared mailboxes. They can be converted to Resource Mailboxes at a later stage.

  • Mailboxes can be moved from Exchange Server 2010 to Exchange Server 2003 using the Exchange Management Console or the Exchange Management Shell on Exchange Server 2010. When a mailbox on Exchange Server 2010 has an archive associated with it, the archive naturally has to be removed before the move to Exchange Server 2003.

Other  
  •  Exchange Server 2010 Coexistence : Coexistence with Exchange Server 2003
  •  Sharepoint 2007: Personal Sites and Personal Details (Available Only in MOSS)
  •  Exchange Server 2007: Administrate Transport Settings - Implement Email Address Policies
  •  Exchange Server 2007: Administrate Transport Settings - Work with Accepted Domains
  •  Exchange Server 2007: Recover a Non-Mailbox Role
  •  Installing Microsoft SharePoint Server 2010
  •  Examining SharePoint Installation Prerequisites
  •  Examining Real-World SharePoint 2010 Deployments
  •  Installing Exchange Server 2010 : Post-setup configuration (part 2) - Add a certificate to the Client Access Server role
  •  Installing Exchange Server 2010 : Post-setup configuration (part 1)
  •  Exchange Server 2007: Design and Deploy Disaster Recovery Settings - Use Dial-Tone Restores
  •  Exchange Server 2007: Design and Deploy Disaster Recovery Settings - Work with Recovery Storage Groups
  •  Exchange Server 2007: Design and Deploy Disaster Recovery Settings - Implement Database Portability
  •  Sharepoint 2007: Specify Your Colleagues
  •  Sharepoint 2007: Modify the Links in the SharePoint Sites Web Part
  •  Sharepoint 2007: Get Started with Your Personal Site
  •  Sharepoint 2007: Create a Personal Site
  •  Exchange Server 2007 : Backup and Recover Data (part 2) - Backup and Recovery with Server 2008
  •  Exchange Server 2007 : Backup and Recover Data (part 1) - Backup and Recovery with Server 2003
  •  Exchange Server 2007 : Design and Deploy Disaster Recovery Settings - Recover Deleted Items and Mailboxes
  •  
    Most View
    OpenGL on Windows : Full-Screen Rendering, Double Buffering
    The New iPad Battleground
    Sand, Sea And Samsung (Part 1)
    Acer Aspire Timeline U M3 581T - A Picture Can Paint A Thousand Words
    Create A Composite
    Intel’s Next Unit Of Computing Review - The Future Desktop Or Another Nettop? (Part 1)
    Integrating Your Application with Windows Phone 7
    XNA Game Studio 4.0 : Multitouch Input For Windows Phones (part 2) - Displaying GestureSample Data
    Security - The Human Element (Part 1)
    Hasselblad H5D - The Leader In Digital Medium Format Photography (Part 2)
    Top 10
    The Contemporary APUs - AMD Trinity vs Intel Ivy Bridge (Part 11)
    The Contemporary APUs - AMD Trinity vs Intel Ivy Bridge (Part 10)
    The Contemporary APUs - AMD Trinity vs Intel Ivy Bridge (Part 9)
    The Contemporary APUs - AMD Trinity vs Intel Ivy Bridge (Part 8)
    The Contemporary APUs - AMD Trinity vs Intel Ivy Bridge (Part 7)
    The Contemporary APUs - AMD Trinity vs Intel Ivy Bridge (Part 6)
    The Contemporary APUs - AMD Trinity vs Intel Ivy Bridge (Part 5)
    Denon AVR 4520 - Stairway To AV Heaven (Part 2)
    No Sound Left Behind
    Panasonic DMR-BWT720 - Alone In The World But Happy To Be Blu