deployment and migration plan - wikileaks · web viewbest practices on moving public folders to...

25
MOFA Exchange 2010 Exchange 2007 infrastructure Prepared for MOFA Monday, 24 January 2011 Version 1.0 Prepared by Hisham Bahnasi Infrastructure Consultant [email protected]

Upload: others

Post on 09-Jul-2020

2 views

Category:

Documents


0 download

TRANSCRIPT

MOFA Exchange 2010Exchange 2007 infrastructure

Prepared for

MOFA

Monday, 24 January 2011

Version 1.0

Prepared by

Hisham Bahnasi

Senior Consultant

[email protected]

Revision and Signoff Sheet

Change RecordDate Author Version Change reference

24/1/2011 Hisham Bahnasi 1.0

ReviewersName Version approved Position Date

Related DocumentsDocument Name Version

Page 1MOFA Exchange 2010 Deployment Plan

Table of Contents

1 Introduction........................................................................................................................................ 4

2 Deployment Summary........................................................................................................................ 5

2.1 Overview....................................................................................................................................... 5

2.2 Assumptions.................................................................................................................................. 9

2.3 Prerequisites................................................................................................................................. 9

2.4 Interoperability and Co-existence................................................................................................10

2.5 Client Access Co-existence.........................................................................................................10

2.6 HUB Transport Server Co-existence...........................................................................................11

2.7 Mailbox Server Co-existence.......................................................................................................11

3 Preparing the Exiting Environment.................................................................................................13

3.1 Running EXPDA..........................................................................................................................13

3.2 Preparing Active Directory...........................................................................................................133.2.1 Overview................................................................................................................................ 133.2.2 Checking Active Directory......................................................................................................133.2.3 Prepare Active Directory........................................................................................................13

4 Installing Exchange 2010.................................................................................................................15

4.1 Overview..................................................................................................................................... 15

4.2 Windows Server 2008 Configurations.........................................................................................154.2.1 File Level Antivirus................................................................................................................. 154.2.2 Windows Components to Add................................................................................................15

4.3 Exchange 2010 Installation Order...............................................................................................164.3.1 Installation of Exchange Servers............................................................................................164.3.2 Post Installation Tasks...........................................................................................................174.3.3 Common................................................................................................................................ 17

5 Exchange 2007 Co-existence..........................................................................................................19

5.1 Verify DNS Settings..................................................................................................................... 19

5.2 Send-Receive Connectors...........................................................................................................19Allowing Application Servers to Relay................................................................................................205.2.1 Configure Offline Address Book.............................................................................................20

5.3 3rd Party Products and Additional Services..................................................................................20

6 Replicate and Re-Home Exchange services..................................................................................21

6.1 Best Practices on moving Public Folders....................................................................................21

Page 2MOFA Exchange 2010 Deployment Plan

7 Decommission Exchange 2007 Servers.........................................................................................22

Page 3MOFA Exchange 2010 Deployment Plan

1 INTRODUCTIONThe upgrade from Exchange 2007 to Exchange 2010 should not be approached lightly. Complex preparations, connections and procedures have to be in place. Those preparations, connections and procedures must follow a specific order and they have to be executed and configured on the correct servers to create an optimum operating state of co-existence. Operational management has changed significantly and preparation for the Exchange 2010 management tasks will require serious study and practice which should be completed before any upgrading tasks begin. The Exchange 2007 and Exchange 2010 co-existence state may last as long as needed to support legacy services or 3rd party products. The migration plan will outline an optimal environment to support all the necessary services and features.

This document will read mainly like an instructional manual and several checklists and summaries will provide the proper instructions to perform the upgrade. Links to Microsoft TechNet and Knowledgebase articles provide more detailed explanations and background information.

Page 4MOFA Exchange 2010 Deployment Plan

2 DEPLOYMENT SUMMARYThe following diagram outlines the overall Exchange 2007 to Exchange 2010 upgrade process:

2.1 OverviewThis document provides instructions on how to:

Prepare the existing Exchange 2007 Organization to support Exchange Server 2010;

Page 5MOFA Exchange 2010 Deployment Plan

Prepare Active DirectoryRun Predeployment Analyzer (ExPDA) and correct any issues that will stop the deployment of Exchange 2010;Prepare Active Directory;

Add Exchange 2010 Servers Install Exchange 2010 servers in MOFA HQInstall Exchange 2010 CAS/Hub Transport servers first;Install Exchange 2010 Mailbox servers;Configure Roles as required;Create DAG(s) as required;Implement Backup strategy.

Exchange 2007 and 2010 Co-existenceConfigure legacy host name forExchange 2007 CAS servers;Configure Autodiscover and Availability services;Configure Hub send and receive connectors;Configure Offline Address Books (OAB) for Exchange 2010

Replicate and Rehome Exchange 2007 ServicesConfigure OWA endpoint to point to Exchange 2010;Configure SMTP endpoint to point to Exchange 2010;Replicate and rehome Public Folders;Replicate and rehome system folders; andMove mailboxes to Exchange 2010;

Decommission Exchange 2007 ServersUninstall Exchange 2007CAS/HUB server(s);Uninstall Exchange 2007 Mailbox server(s);

Install and configure Exchange 2010; Establish co-existence between Exchange 2007 and Exchange 2010; Move mailboxes from Exchange 2007 to Exchange 2010; Replicate and re-home Public Folders, System Folders, Connectors, Master Roles; Decommission Exchange 2007 servers.

The following messaging co-existence will be provided:

Message flow between users with mailboxes on Exchange 2007 and Exchange 2010 as well as external users;

Free/Busy information between users with mailboxes on Exchange 2007 and Exchange 2010; Identical Offline Address Book access for Exchange 2007 and Exchange 2010 users; MAPI access to Exchange 2007 and Exchange 2010 mailboxes (online and cached mode); Outlook Anywhere (OA) access to Exchange 2010 mailboxes; Public Folder access through Outlook Online, Exchange 2007 Outlook Web Access (OWA),

Exchange 2010 Outlook Web App (OWA) and OA mode; Management Interfaces:

Exchange 2010 servers can only be managed with either the Exchange Management Console (EMC) or the Exchange Management Shell (EMS) that are installed along with Exchange 2010;

Exchange 2007 servers can only be managed with the Exchange 2007 Exchange Management Console.

Depending on where the mailbox resides for the account logging in, the appropriate Outlook Web Access/App version, 2007 or 2010, will be presented;

Page 6MOFA Exchange 2010 Deployment Plan

Below is a brief about the current Exchange 2007 Environment at MOFA:

- All MOFA Exchange 2007 Server are with SP1 (Exchange 2007 SP3 should be deployed before

the Exchange 2010 Deployment)

- All Domain Controllers are Windows 2003 SP2 – The domain/forest Functional Level is Windows

2000 (Windows 2008 R2 Active Directory will be deployed before Exchange 2010 Deployment and

Forest/Domain Functional Level will be raised to Windows 2003+)

- Exchange 2007 is installed in MOFA HQ with one SCC Exchange 2007 mailbox and two CAS/Hub

Server with Windows Network Load Balancing.

- Exchange 2007 Services is published directly to the Internet using MOFA Firewall.

- Ironport is used for Receiving and Sending Internet E-Mails

- OWA 2007 is customized

- We have around 5000 mailboxes in MOFA

- Most of the users are using Outlook 2003 (with mixed or none service packs)

Page 7MOFA Exchange 2010 Deployment Plan

The recommended high level layout for Exchange 2010 deployment in MOFA is in the diagram below:

The major steps in the Exchange Server 2010 deployment are:

1. Verify that the existing Exchange Organization can support Exchange 2010 by running the Exchange Pre Deployment Analyzer (ExPDA);

2. Test AD and DNS consistency with dcdiag, netdiag and repadmin;3. Prepare Active Directory for Exchange Server 2010

In MOFA HQ:

a. Install and configure 64bit servers with Windows Server 2008 R2;b. Install Exchange Server 2010, CAS/Hub roles first;

i. Configure and test the Availability service;ii. Configure and test the Outlook Autodiscover service;iii. Configure and test OWA (OWA 2007 and OWA 2010);iv. Configure and test OA, if possible, only through Exchange 2010 CAS servers;

c. Install and configure Exchange Server 2010 mailbox servers (in a Database Availability Group (DAG);

d. Move OAB to Exchange 2010e. Install and configure Antivirus and Backup software;f. Upgrade Address Lists/E-Mail Address Policies to Exchange 2010. (as it was not upgraded when

MOFA migrated from Exchange 2003 to Exchange 2007)

Page 8MOFA Exchange 2010 Deployment Plan

g. Replicate Public Folders;h. Create Test Mailboxes in Exchange 2010 Databasesi. Between Exchange 2007 and Exchange 2010 mailbox servers:

i. Test mail-flow, reply-ability and message consistency/quality;ii. Test free/busy and the Availability service inter-operation;iii. Test mail-flow to and from the Internet;

j. Migrate several test mailboxes from Exchange 2007 to Exchange 2010;k. Test moved mailboxes;l. Prepare the Legacy Host Name for Exchange 2007m. Require a SAN certificate with the required names and install it on all your CAS/Reverse

Proxy Serversn. Change the Firewall/Reverse proxy rules to move the Internet endpoint (mail.mofa.gov.sa)

to point to the CAS 2010 Array and create a new rule for Exchange 2007 (webmail.mofa.gov.sa).

o. Change the Internet SMTP Endpoint to the new Exchange 2010 Hub Transport Servers.p. Begin mailbox move;

4. Complete mailbox moves 5. Clean-up, including the decommissioning of non-required legacy servers.

2.2 AssumptionsThis Migration Plan assumes the following:

The provided instructions are not detailed step-by-step instructions, but describe the specific configuration necessary to support the deployment scenario. It is assumed the reader performing the deployment is familiar with Exchange Server 2007 and 2010. This includes familiarity with the Exchange 2010 Help File (ExchHelp.chm) and Microsoft Exchange 2010 content on TechNet - http://technet.microsoft.com/en-us/library/bb124558(EXCHG.140).aspx

The existing Exchange Organization has connections to Internet E-mail; All Domain controllers run Windows Server 2003 Service Pack 2 or higher; The Forest functional level is set to Windows Server 2003; There are at least two Global Catalog Domain controllers in the AD Site where Exchange

resides; All Exchange 2007 servers have Exchange 2007 Service Pack 2+ installed; Important procedures, design features and 3rd-party Software and Hardware was tested in a

Test Lab; Possible existing performance issues or ExPDA concerns are resolved or

recognized/documented; Internet messages to and from the new Exchange 2010 will first be routed through the existing

E-Mail Internet Environment; All third-party applications have been updated to support Exchange Server 2010. For MOFA,

these include: NetBackup Trendmicro AV

2.3 PrerequisitesBefore installing Exchange Server 2010 you must have:

Page 9MOFA Exchange 2010 Deployment Plan

At least two 32bit or 64bit Windows 2003 SP2 or higher servers, configured as a DC/GC in the same site as the Exchange 2010 servers;

For Exchange 2010, 64bit Windows 2008 SP2 or Windows 2008 R2 servers. The server releases can be, depending on memory and CPU requirements: Standard edition (no clustering) or Enterprise edition (clustering, more processors, more RAM);

Configured DNS resolution in the production forest so that all servers can be resolved by their FQDN. Make sure that reverse lookups function and that netdiag does not produce errors on Domain Controllers;

Network connectivity between all servers in the existing Exchange 2007 organization; Highest Administrative access to one or more domain controllers in the MOFA forest (Schema

Admins, Enterprise Admins, Domain Admins) and Exchange servers (local Administrators security group) in the production Exchange 2007 forest;

A minimum of Windows 2003 as the Forest functional level. Exchange 2010 Servers are already configured with Windows 2008 SP2 or Windows 2008 R2

with the latest updates. Operating System Anti-Virus is already deployed/configured on all Exchange 2010 Servers Storage is already configured and connected to the Exchange 2010 Mailbox Servers All MOFA Outlook 2003 Users are using cached mode

http://support.microsoft.com/kb/2006508 (for a list of Outlook 2003 Issues: http://social.technet.microsoft.com/wiki/contents/articles/concern-is-having-outlook-2003-clients-going-to-prevent-me-from-deploying-exchange-2010.aspx )

All outlook clients (2003 and above) are upgraded to the latest service packs.

2.4 Interoperability and Co-existenceIt is possible to deploy Microsoft Exchange 2010 into an existing Exchange 2007 organization which is operating in native mode. Full co-existence of the two Exchange versions is supported in this scenario. There are many important differences between Exchange 2007 and Exchange 2010 in how the servers are administered and in how server-to-server communication occurs.

When an Exchange 2007 organization is being upgraded to Exchange 2010, the typical procedure is to upgrade all of the servers in a particular Active Directory site to Exchange 2010 at the same time, configure co-existence, and then move to the next site.

The upgrade to a new MOFA messaging infrastructure will only require co-existence during the actual time period that mailboxes exist on both Exchange 2007 and Exchange 2010. The co-existence pieces required are as follows:

6. Free/Busy Information – The free/busy information for MOFA users will have to be synchronized between the two environments;

7. Public Folders – Public Folders will have to be synchronized between the two environments; and

8. Email Flow – Email that is sent between MOFA users will have to be delivered no matter which messaging infrastructure their mailbox resides in. Additionally, email sent and received from external parties must also be available no matter where the end-user’s mailbox resides.

2.5 Client Access Co-existence

The Client Access server role provides the functionality that was provided by the front-end server in Exchange 2007 and much more. All client connectivity (including Outlook MAPI connectivity) now goes through the Client Access server role. There are no longer any clients directly connecting to the mailbox server role. The Client Access server role can coexist with Exchange Server 2007 servers.

Page 10MOFA Exchange 2010 Deployment Plan

The following list describes the Exchange 2010 dependencies and requirements for co-existence with Exchange Server 2007:

Whether a user sees the OWA client of Exchange 2007 or Exchange 2010 depends on the location of the user's mailbox. For example, if the user's mailbox is located on an Exchange 2007 mailbox server and the CAS is running Exchange 2010, the user will get the Exchange 2007 version of Outlook Web Access. Exchange 2010 CAS servers provide automatic OWA 2007 access (redirection).

The version of Exchange ActiveSync (EAS) that clients will use also depends on the server version that is hosting the user's mailbox. The user's mailbox must be located on a server that is running Exchange 2007 SP2 or Exchange 2010 to have Direct Push enabled for Exchange ActiveSync.

There are two choices that can be made for the primary namespace that will be used to access Exchange 2010 through OWA, EAS, OA, AutoDiscovery and the Availability service. The first is to create a new namespace specifically for Exchange 2010 and using the existing namespace as the legacy namespace that users will use to access the Exchange 2007 front-end servers, or the existing namespace can be transferred to the Exchange 2010 infrastructure and a new legacy namespace created for the Exchange 2007 infrastructure. The recommended option is the second one, transferring the existing namespace to the Exchange 2010 infrastructure and creating a new legacy namespace for Exchange 2007. The primary reason for this is that Exchange 2010 will automatically redirect the end-user to the Exchange 2007 namespace if their mailbox resides on an Exchange 2007 mailbox server as mentioned previously. By transferring the namespace to Exchange 2010, the users will have a single entry point, and one they are familiar with, and they do not require knowledge of where their mailbox resides, Exchange 2007 or Exchange 2010.

Important

When migrating from Exchange 2007 to Exchange 2010, an Exchange 2007 CAS server is required in order to support the infrastructure. Exchange 2007 CAS Servers External URL will be configured with the legacy name.

2.6 HUB Transport Server Co-existenceThe Hub Transport server role is designed to handle all mail flow for the Exchange organization. It is also responsible for handling Transport Rules, Journaling policies and message delivery. This server is deployed in the Active Directory forest and is required for Exchange 2010 mailboxes to send and receive messages. Messages that are sent to the Internet are relayed by the Hub Transport server to the Ironport appliance which acts as a smart host.

An Exchange 2010 Hub Transport server can be added to an existing Exchange organization after Exchange 2010 CAS servers have been successfully deployed.

2.7 Mailbox Server Co-existence

The Mailbox server role can coexist with Exchange 2007 mailbox servers. For Exchange 2010 and Exchange 2007 mailbox servers to coexist, you must be able to send mail among the mailboxes. Exchange 2010 uses the Hub Transport server to send mail. An Exchange 2010 Hub Transport server must be deployed in each Active Directory site that contains an Exchange 2010 Mailbox server. You also need a Client Access server in each Active Directory site where there is a Mailbox server. For

Page 11MOFA Exchange 2010 Deployment Plan

more information on the upgrading to Exchange 2010 Mailbox Server, see Exchange 2007 - Planning Roadmap for Upgrade and Coexistence.

You can replicate public folder data between Exchange 2010 and Exchange 2007 public folder databases. To do this, you must create a replica of the public folder using the Exchange 2007 Management Console.

Use Exchange 2010 Management Console or PowerShell to move mailboxes from: Exchange 2007 to Exchange 2010; Exchange 2010 to Exchange 2007; Exchange 2010 to Exchange 2010.

Page 12MOFA Exchange 2010 Deployment Plan

3 PREPARING THE EXITING ENVIRONMENT

3.1 Running EXPDA

Exchange Pre Deployment Analyzer is used to check if the existing Exchange 2007 infrastructure is ready for Exchange 2010. All issues uncovered by the ExPDA issues should be investigated and cleaned up prior to starting the Exchange Server 2010 installation.

3.2 Preparing Active Directory

3.2.1 Overview

The second phase in the migration plan is to prepare MOFA Active Directory for Exchange Server 2010.

The following points are important for Active Directory (AD) and Exchange 2010:

The Domain Controller which is Schema Master must have Microsoft Windows Server 2003 Service Pack 1 (SP1) or higher installed. (By default, the schema master runs on the first Windows domain controller installed in a forest.)

There must be at least one Global Catalog (GC) server in every AD Site where Exchange 2010 will be installed. This GC server must be running Windows Server 2003 SP1 or higher.

You should use at least Windows Server 2003 Forest functional level in the Active Directory forest where you will install Exchange 2010 or that will host Exchange 2010 recipients.

3.2.2 Checking Active Directory

Before the schema is extended, Active Directory should be checked to see if it is healthy. The following commands should be used to determine the health of the Active Directory service. Any issues should be corrected before the schema upgrade is performed.

Netdiag - This command-line diagnostic tool helps to isolate networking and connectivity problems by performing a series of tests to determine the state of your network client. These tests and the key network status information they expose give network administrators and support personnel a more direct means of identifying and isolating network problems. Moreover, because this tool does not require parameters or switches to be specified, support personnel and network administrators can focus on analyzing the output rather than on training users how to use the tool.

Dcdiag - This command-line tool analyzes the state of one or all domain controllers in a forest and reports any problems to assist in troubleshooting. DCDiag.exe consists of a variety of tests that can be run individually or as part of a suite to verify domain controller health.

Repadmin - This command-line tool assists administrators in diagnosing replication problems between Windows domain controllers.

3.2.3 Prepare Active Directory

MOFA Active Directory schema must be extended in order to create the Active Directory objects and Universal Security Groups required to support Exchange 2010, before installing the server roles. In order to extend the existing schema it is necessary to run setup.com /PrepareAD from the command line on a new Windows 2008 server that has PowerShell and the Active Directory Remote Administration Tools. When you run setup.com /PrepareAD, the task setup.com will also perform /PrepareSchema and the /PrepareDomain tasks, which are detailed below:

Page 13MOFA Exchange 2010 Deployment Plan

The /PrepareSchema parameter is used to extend the schema to include or modify classes and attributes in the Active Directory schema to support Exchange 2010.

The /PrepareAD parameter will verify that the schema has been extended, and if not, will extend the schema. In addition to the previous task, the /PrepareAD parameter will also create new Exchange 2010 security groups within Active Directory.

The /PrepareDomain parameter grants Exchange 2010 specific rights within that domain and creates some Exchange 2010 security groups. To run this command to prepare every domain in the forest, you must be a member of the Enterprise Admins group. To run this command to prepare a specific domain, or if the forest has only one domain, you must be delegated the Exchange Full Administrator role and you must be a member of the Domain Admins group in the domain that you will prepare.

After this command has been run, you must wait for the permissions to replicate across your Exchange organization before continuing to the next step. The amount of time that replication takes to occur depends on the AD Site topology.

For more information http://technet.microsoft.com/en-us/library/bb125224.aspx

Page 14MOFA Exchange 2010 Deployment Plan

4 INSTALLING EXCHANGE 20104.1 Overview

MOFA has decided to deploy the Microsoft Exchange Server 2010 infrastructure on Windows Server 2008 R2. The following table outlines the versions of Windows Server 2008 and Exchange Server 2010 that will be used in the deployment process:

Exchange Server2010 Role

Windows Server2008 R2 Version

Exchange Server2010 Version

Client Access/Hub Transport

Standard Standard

Mailbox Enterprise Enterprise

These are only a few of the new and improved features of running Exchange 2010 on Windows 2008

Faster log shipping – Windows 2008 includes SMB v2, which increases the throughput performance by around 30-40%

Support for multi-subnet failover cluster – Running a Windows 2008 failover cluster with Exchange 2010 includes support for geographically dispersed cluster for failover across 2 subnets

Improvements for Client Access Servers (CAS) – Windows 2008 removes RPC Proxy service TCP connection limits. Previous versions of Windows had a limit of 65,535 connections per server, Windows 2008 now supports 65,535 connections per IP address

Easier deployment – Windows 2008 includes Windows PowerShell Support of IPv6 – IP addresses can be entered using IPv4 or IPv6 (the default installation

supports both versions)

4.2 Windows Server 2008 ConfigurationsThere are a number of changes that must take place in order for Microsoft Exchange Server 2010 to work properly on Windows Server 2008. These changes are detailed in the following sections.

4.2.1 File Level Antivirus

As MOFA also implements file-level antivirus on the servers, in addition to TrendMicro/Forefront for Exchange, the following guideline must be followed to ensure that Microsoft Exchange Server 2010 is not impacted by real-time, manual or scheduled antivirus scans - http://technet.microsoft.com/en-us/library/bb332342.aspx .

4.2.2 Windows Components to Add

Before Exchange Server 2010 can be installed onto Windows Server 2008 SP2 or Windows Server 2008 R2, there are varying prerequisites that need to be installed, depending on the Exchange 2010 Server role planned for installation.

Essentially the prerequisites are as follows:

Microsoft .NET Framework v3.5 SP1 with updates (installed by default on Windows Server 2008 R2)

PowerShell 2.0 (installed by default on Windows Server 2008 R2)

Page 15MOFA Exchange 2010 Deployment Plan

Windows Remote Management (WinRM) (installed by default on Windows Server 2008 R2) Microsoft Filter Pack (for servers that will host the Hub Transport or Mailbox roles) IIS 7 (Various components needed by different roles) Remote Server Administration Tools - AD Directory Service

For Windows Server 2008 SP2, these various components will be installed using select ServerManagerCmd configuration files. These are:

Exchange-Typical.xml – This will install the prerequisites required for a server running the CAS, Hub Transport and Mailbox roles, and any other multi-role scenario

Exchange-MBX.xml – This will install the Mailbox Server Role prerequisites Exchange-CAS.xml – This will install the Client Access Server Role prerequisites Exchange-Hub.xml – This will install the Hub Transport Server role prerequisites Exchange-UM.xml – This will install the Unified Messaging role prerequisites Exchange-Edge.xml – This will install the Edge Transport role prerequisites

For Windows Server 2008 R2, there are specific commands that are required for each of the installations as follows:

For a typical installation of Hub Transport, CAS and Mailbox:

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy –Restart

For other scenarios, the details can be found here - http://technet.microsoft.com/en-us/library/bb691354(EXCHG.140).aspx

4.3 Exchange 2010 Installation OrderThe following list provides the recommended Exchange 2010 installation order into an existing Exchange 2007 Organization:

Install Exchange 2010 CAS server(s); Install Exchange 2010 Hub transport server(s); Install Exchange 2010 Mailbox server(s);

Decision

MOFA will implement Microsoft Exchange Server 2010 where two roles, Hub Transport and CAS are installed onto a single box. Mailbox Servers will be deployed on different servers.

4.3.1 Installation of Exchange Servers

The installation of the Exchange servers is as follows:

Ensure that all Windows 2008 R2 prerequisites have been installed Run the Exchange Server 2010 setup Perform post installation tasks.

Page 16MOFA Exchange 2010 Deployment Plan

4.3.2 Post Installation Tasks

There are a number of post installation tasks that are required to be performed when an Exchange 2010 server is introduced into the organization, or if the roles on that server are changed. The post installation tasks help to verify the installation and configure the components that have just been installed.

4.3.3 Common

A number of post installation tasks must be performed for all Microsoft Exchange 2010 servers. These are:

Verify the Exchange Server 2010 installation Enter the Exchange Product Key Look for errors in the Exchange setup log Look for errors in the MSI setup log Check the Application and System event logs for errors or critical warnings related to the

Exchange setup Set the PowerShell log setting to a higher value in Event Viewer Open the Exchange Management Console and confirm the server’s existence and functionality Perform any Exchange Updates Run the ExBPA to ensure that the Exchange 2010 implementation meets best practices (can

be performed anytime, however it should be done once the server that has been installed is configured correctly)

CAS RoleFor the CAS role, there are some additional tasks that must be performed:

Configure SSL certificates; Configure the CAS namespace; Configure Outlook Anywhere; Configure OWA; Configure ActiveSync; Configure Exchange Control Panel (ECP); Configure the Autodiscover Service; Configure Availability Service; Configure Offline Address Book (OAB) distribution; and Ensure POP3 and IMAP services are running (per MOFA requirements)

Hub Transport RoleThe following post installation tasks are required for the Hub Transport role:

Register the Filter Pack iFilters; Configure Authoritative Domains (if required); Move databases and logs; and Configure Connectors (as required)

Mailbox Server RoleThe following post installation tasks are required for the Mailbox server role:

Check database and log paths; Create new databases as per the design (including Public Folder store);

Page 17MOFA Exchange 2010 Deployment Plan

Rename the initially created database if applicable; Register the Filter Pack iFilters; Create the DAG or add the node to the DAG (as required) Create the Database Copies (as required)

Page 18MOFA Exchange 2010 Deployment Plan

5 EXCHANGE 2007 CO-EXISTENCE

All Exchange 2010 server roles are supported for co-existence with Exchange 2007 organization. When you deploy the first server roles for co-existence, follow the procedures in Upgrading to Exchange 2010 and Installing Exchange 2010 in an Existing Exchange 2007 Organization.

http://technet.microsoft.com/en-us/library/dd638158.aspx

Administration has changed for Exchange 2010 and Exchange 2007 – In Exchange 2010 co-existence configurations. You must use the administrative tools that are specific to the Exchange server version that you are managing.

Manage Exchange 2010 server roles and mailbox recipients by using the Exchange Management Console or the Exchange 2010 Management Shell in Exchange 2010.

Manage Exchange 2007 servers by using Exchange 2007 Management Console.

5.1 Verify DNS SettingsAll computers that have the Exchange 2010 Mailbox, CAS, HT server role installed must be domain members. When the Windows 2008 Server joins the domain, the domain name is used to create a DNS suffix. The DNS suffix is appended to the server name to create a fully qualified domain name (FQDN). A host record for the server, also known as an A resource record, is registered in a forward lookup zone in the DNS database. A reverse lookup record for the server, also known as a PTR resource record, is registered in a reverse lookup zone in the DNS database.

Exchange servers typically have statically assigned IP addresses. Therefore, you should verify that the DNS server settings are configured correctly on the IP properties of the local area connection of the servers and that the A resource records and PTR resource records are accurately registered in DNS. The DNS server address that is configured on the IP properties should be the DNS server that is used to register Active Directory records.

In addition to the DNS entries that are registered automatically by the operating system, a number of additional DNS entries must be manually registered. These are:

The legacy OWA entry that will point to the Exchange 2007 CAS servers; and The OWA entry that will point to the network load balance of the Exchange 2010 CAS array. The new Exchange 2010 OWA for SharePoint Integration.

Make sure that Active Directory DC’s operate properly with the correct DNS settings and without netdiag problems. Verify that the proper DNS suffixes are correct and that servers can communicate to and from AD DC’s using FQDN’s. 

5.2 Send-Receive ConnectorsThe Exchange 2010 Hub Transport servers provide SMTP transport for the organization. Hub Transport servers use an implicit connector to route messages between sites. This connector is called the intra-organization Send connector. During installation, explicit Receive connectors are automatically created on each Hub Transport server. One Receive connector is configured to receive SMTP traffic from all sources by listening on Port 25. A second Receive connector is configured to receive SMTP traffic from non-MAPI clients by listening on Port 587. The Client Access server role provides the IMAP4 and POP3 protocols for non-MAPI clients.

You must configure a new Send connector to route E-mail to the Internet and delete the ones for Exchange 2007.

Page 19MOFA Exchange 2010 Deployment Plan

Explicit Send connectors and Receive connectors are created on Hub Transport servers only when you want to create a connector that sends messages to a specific address space or receives messages from a specific address range.

Allowing Application Servers to RelayIn order for application servers to send email through the Exchange 2010 infrastructure, a special receive connector must be created on a hub transport server to permit this to happen.

Decision

MOFA will implement a special receive connector for applications in one of Exchange 2010 Hub Transport Servers.

5.2.1 Configure Offline Address Book

After installing Exchange 2010 into the Exchange 2007 organization configure:

Move the Offline Address Book Generation Server to one of Exchange 2010 Mailbox Server. Offline Address book (OAB) distribution for Microsoft Office Outlook 2007/2010 clients. OAB distribution for Office Outlook 2003 and earlier clients.

For more information about the OAB see also:

Managing Offline Address Books - http://technet.microsoft.com/en-us/library/bb124351(EXCHG.140).aspx

5.3 3rd Party Products and Additional ServicesMake sure that the following services and 3rd party products are ready and integrated with the new Exchange environment before moving mailboxes and decommissioning Exchange 2007 servers:

NetBackup TrnedMicro AV

Page 20MOFA Exchange 2010 Deployment Plan

6 REPLICATE AND RE-HOME EXCHANGE SERVICESAlthough not a very complicated process, extra care must be taken when migrating Master Roles, Public Folders and System Folders to other Exchange 2007 Servers or to new Exchange 2010 servers. If the move is not entirely completed, data may be lost and/or previous Exchange server settings may remain in Active Directory, causing Exchange functions to fail. Public Folders contain data created by administrators, applications or end-users and they contain System Folders which maintain Offline Address books for Outlook (cached mode/offline mode) and Schedule+ Free/Busy data which is needed for planning meetings in calendars and searching in other user’s calendars for availability.

How to remove the first Exchange 2007 computer http://technet.microsoft.com/en-us/library/bb310767(EXCHG.80).aspx

6.1 Best Practices on moving Public FoldersTo remove data from a Public Folder database, delete any unnecessary Public Folders, and then move the remaining folder replicas in that database to a Public Folder database on another server.

Page 21MOFA Exchange 2010 Deployment Plan

7 DECOMMISSION EXCHANGE 2007 SERVERSThe last step in the Exchange Server 2010 upgrade is to remove the various Exchange 2007 servers from the organization.

To remove servers from a co-existence scenario with Exchange 2010 and Exchange 2007, you must perform additional steps so that all features and functionality will continue to work as expected. Also, full System state backups from both the AD DC’s and from the Exchange 2007 servers which will be decommissioned should be performed before any action takes place.

When you remove the last Exchange 2007 server from an Exchange organization that is running Exchange 2010, you must perform the following steps:

Move all public folder replicas to an Exchange 2010 server. Move the offline address book (OAB) generation process to an Exchange 2010 server. Move the public folder hierarchy. Replace any outbound SMTP connectors on the Exchange 2007 server with Exchange 2010

send connectors. Verify that inbound mail is routed to an Exchange 2010 server. Verify that inbound protocol services point to an Exchange 2010 server. Decommission the Exchange 2010 Servers in the following order:

CAS Servers Hub Servers Mailbox Servers

http://technet.microsoft.com/en-us/library/bb310767(EXCHG.80).aspx

http://technet.microsoft.com/en-us/library/bb123893(EXCHG.80).aspx

Page 22MOFA Exchange 2010 Deployment Plan