3.4.2.2 Installing the Exchange Server 2010 servers
As mentioned earlier, the only
supported order of installation of Exchange Server 2010 server roles
into an existing Exchange Server 2007 environment is as follows:
Client Access Servers
Hub Transport Servers
Mailbox Servers.
Also, the Internet-facing Active Directory site, the site associated with your external Autodiscover record, should be the first
to be transitioned. Then you should transition other Internet-facing
Active Directory sites. The last sites you should transition are the
internal Active Directory sites. Transitioning internal Active Directory
sites before the Internet-facing Active Directory sites have been
transitioned is not supported.
In our test
environment, we are installing a combined Exchange Server 2010 Client
Access Server role and Hub Transport Server role, and one dedicated
Exchange Server 2010 Mailbox Server role.
The procedure to install
Exchange Server 2010 in an existing Exchange Server 2007 environment is
not very different from when installing into an existing Exchange Server
2003 environment, as described in this article.
First, ensure that Windows
Server 2008 Server and all the prerequisite software is installed on the
target server. To install Internet Information Server 7 (or 7.5 in the
case of Windows Server 2008 R2) and other prerequisites, open a command
prompt, navigate to the \Scripts directory in the installation media and
enter the following command:
This will install
Internet Information Server, as well as other prerequisites, with the
right configuration for the Client Access Server and the Hub Transport
Server.
To install the actual
Exchange Server roles you can use either the command-line setup or the
graphical setup. Right now, we will use the graphical setup program, and
to open this setup application you just need to start the setup.exe program in the installation media.
During
the setup, choose the Exchange language option. You can choose to
download additional language packs from the Microsoft website, or use
the language as available on the DVD. Select "Install all languages from
the language bundle" to download additional language information.
Follow the setup wizard, and at the Installation Type
windows select "Custom Exchange Server Installation" in order to select
the server roles that need to be installed. Select the Client Access
Server Role and the Hub Transport Server Role.
In contrast with what I wrote in this article,
you are not asked to select a Hub Transport Server in the Exchange
Server 2007 environment. This is because both versions use Active
Directory sites for routing messages, and so this should work right away.
Once
everything is OK and the Readiness Checks are successful, you can start
the actual installation of the Exchange Server 2010 Client Access
Server and Hub Transport Server roles. When the setup is finished, close
the setup application and reboot the server (if the setup asks you to
do so).
To
install the Exchange Server 2010 Mailbox Server role into the existing
Exchange Server 2007 environment you can follow the procedure as
outlined in this article. This is exactly the same, so there's no point in me giving it its own subheading!
2.3 Certificate installation
After the installation of the
Exchange Server 2010 Client Access Server, the coexistence still has to
be configured. Eventually, users will connect to the new Client Access
Server and, if a user's mailbox exists on the new Exchange Server 2010
Mailbox Server, the request will be processed as usual. When the user's
mailbox still exists on the Exchange Server 2007 Mailbox Server,
however, the request is either forwarded to the Exchange Server 2007
Client Access Server, or processed by the Exchange Server 2010 Client
Access Server, and the information retrieved from the Exchange Server
2007 Mailbox Server. This all depends on the protocol that's being used,
but it is important for determining the certificates being used on the
Client Access Server as explained below.
Outlook Web Access
clients naturally connect to the Exchange Server 2010 Client Access
Server. After validating the user's credentials, the Client Access
Server checks the mailbox server and, if this is still running on
Exchange Server 2007, the request is redirected to the Exchange Server
2007 Client Access Server.
After installing the Exchange
Server 2010 Client Access Server, a new third-party certificate needs to
be requested. A self-signed certificate is created by default during
the setup of the Client Access Server, but this is not at all usable for
a production environment. The certificate that ideally needs to be used
on a Client Access Server is a certificate with multiple domain names,
and these certificates are also known as Unified Communications (UC)
certificates. The additional domain names are stored in the "Subject
Alternative Names" property of the certificate. For more information
regarding these certificates and a list of supported UC certificate
vendors, you can visit the Microsoft website: HTTP://TINYURL.COM/CERTVENDORS.
This UC certificate should at least contain the following domain names:
Webmail.inframan.nl
– this is the primary entry point for all Outlook Web Access, Exchange
Active Sync (EAS) and Exchange Web Services (EWS) requests.
Autodiscover.inframan.nl.
Legacy.inframan.nl – this is the namespace for the Exchange Server 2007 Client Access Server.
If you chose not to enter the
external domain during setup (in the case of an Internet-facing Client
Access Server) a number of external URLs will also need to be configured
as explained in the next section.
