550 likes | 942 Vues
Exchange 2013 Transition & Migration. Thomas Dehn, Mario Fasciano. Agenda. Deployment Fundamentals Upgrade and Coexistence Public Folder Migrations 3 rd Party Migration Tools. Deployment Fundamentals. Exchange Server 2013 Scenarios. Transition
 
                
                E N D
Exchange 2013Transition & Migration Thomas Dehn, Mario Fasciano
Agenda • Deployment Fundamentals • Upgrade and Coexistence • Public Folder Migrations • 3rd Party Migration Tools
Exchange Server 2013 Scenarios • Transition • Update from prior version of Exchange within the same Exchange Organization(IntraOrg, local mailbox moves) • Migration • Migration from any Exchange Organization to another Exchange 2013 Organization (InterOrg, cross forest mailbox moves) • Migration from e.g. Lotus Notes, Novell GroupWise or any other mail platform to Exchange 2013 • Office 365 (remote mailbox moves)
Exchange Server 2013 Prerequisites • Supported coexistence scenarios • Exchange Server 2010 SP3 • Exchange Server 2007 SP3 RU10 • Supported client access methods • Microsoft Outlook: • Outlook Anywhere only: Outlook 2013, Outlook 2010, Outlook 2007 • Outlook for Mac 2011 • Entourage 2008 for Mac, Web Services Edition
Exchange Server 2013 Prerequisites • Active Directory • Windows Server 2003 forest functional level or higher • At least one Windows 2003 SP2 or later GC/DC in each site • No support for RODC or ROGC • Namespaces • Contiguous • Non-contiguous • Disjoint • Single label domain  http://support.microsoft.com/gp/gp_namespace_master for details
Exchange Server 2013 Prerequisites • Operating System • Windows Server 2008 R2 SP1 Standard or Enterprise • Windows Server 2012 Standard or Datacenter • Other Components • IIS and OS components • .NET Framework 4.5 • Windows Management Framework 3.0 • Unified Communications Managed API (UCMA) 4.0
Exchange Server 2013 • RTM as of 10/11/12 (15.000.516.32) • http://aka.ms/E15RTM • GA as of 12/3/12 • http://aka.ms/E15GA • Downloadable WW • http://aka.ms/E15DL • Service GA as of 2/27/13 • http://aka.ms/ServiceGA • CU1 released on 4/2/13 (15.00.0620.029) • http://aka.ms/E15RTMCU1 • CU2 released on 7/29/13 (15.00.0712.024) • http://aka.ms/E15RTMCU2
Exchange Server Schema Version 1/2 http://support.microsoft.com/kb/556086 • GUI • Shell dsquery * "CN=ms-Exch-Schema-Version-Pt,CN=Schema,CN=Configuration,DC=contoso,DC=com“-scope base -attr rangeUpper
Servicing Exchange 2013 • Security Updates • Security updates will be delivered via independent packages that can be applied to a previously released CU or installed during the upgrade to the current CU • Cumulative Updates (CU’s) • Routine product updates will be distributed via quarterly (CU’s) • The version of Exchange shipped to on-premises customers in each CU will be the same version we use to host Exchange Online in Office 365 • A CU is serviced for a period of 3 months after the release date of next CU • Service Packs • Periodic service pack releases rolling up CU’s and new features
Cumulative Updates • Benefits of new model • Predictable release cadence (4x a year) • Dedicated security releases • Improved support for hybrid deployments • Differences between CUs and RUs • Larger update packages • Loss of server customization • Installation failure recovery • Server version number will be updated with CU install • At least CU1 required for coexistence with Exchange 2010/2007
Functional Layering Exchange 2010 Architecture Exchange 2013 Architecture L4 LB L7 LB HardwareLoad Balancer Client Access AuthN, Proxy, Re-direct AuthN, Proxy, Re-direct Client AccessHub Transport, Unified Messaging Protocols, API, Biz-logic Protocols, Assistants, API, Biz-logic Mailbox Assistants, Store, CI Store, CI Mailbox
Upgrade from Exchange 2010 to Exchange 2013 • 1. Prepare • Install Exchange 2010 SP3 across the ORG • Validate existing Client Access using MCA and ExRCA and built-in Test cmdlets • Prepare AD with E2013 schema Clients autodiscover.contoso.com mail.contoso.com 6 5 3 4 2 1 E2013 CAS • 2. Deploy Exchange 2013 servers • Install both E2013 MBX and CAS servers Exchange 2010 Servers E2010 HUB E2010 CAS • 3. Obtain and Deploy Certificates • Obtain and deploy certificates on E2013 Client Access Servers SP3 SP3 SP3 SP3 • 4. Switch primary namespace to Exchange 2013 CAS • E2013 fields all traffic, including traffic from Exchange 2010 users • Validate using MCA and ExRCA E2013MBX Intranet site E2010 MBX • 5. Move Mailboxes • Build out DAG • Move E2010 users to E2013 MBX Internet facing site – Upgrade first 6. Repeat for additional sites
Upgrade from Exchange 2007 to Exchange 2013 • 1. Prepare • Install Exchange 2007 SP3 + RU across the ORG • Prepare AD with E2013 schema and validate Clients autodiscover.contoso.com mail.contoso.com 2 4 6 5 3 7 1 legacy.contoso.com • 2. Deploy Exchange 2013 servers • Install both E2013 MBX and CAS servers E2013 CAS • 3.Create Legacy namespace • Create DNS record to point to legacy E2007 CAS Exchange 2007 SP3 Servers • 4. Obtain and Deploy Certificates • Obtain and deploy certificates on E2013 Client Access Servers configured with legacy namespace, E2013 namespace and Autodiscover namespace • Deploy certificates on Exchange 2007 CAS E2007 SP3 CAS E2007 SP3 HUB RU RU E2013MBX RU RU Intranet site • 5. Switch primary namespace to Exchange 2013 CAS • Validate using MCA and ExRCA E2007 SP3 MBX • 6. Move Mailboxes • Build out DAG • Move E2007 users to E2013 MBX Internet facing site – Upgrade first 7. Repeat for additional sites
Upgrade to Exchange Server 2013 • 1. Prepare • Install Exchange SP and/or updates across the ORG • Prepare AD with E2013 schema and validate Clients autodiscover.contoso.com mail.contoso.com 1 2. Deploy Exchange 2013 servers 3. Create Legacy namespace Exchange 2010 or 2007 Servers 4. Obtain and Deploy Certificates E2010 or 2007CAS E2010 or 2007 HUB 5. Switch primary namespace to Exchange 2013 CAS SP/RU 6. Move Mailboxes SP/RU Intranet site 7. Repeat for additional sites E2010 or 2007 MBX Internet facing site – Upgrade first
Prepare for Exchange Server 2013 • Install coexistence update on all existing Exchange servers • For Exchange 2010, this would be SP3 • For Exchange 2007, this would be SP3 RU10 • Prepare Active Directory with Exchange 2013 schema extensions • Validate existing client access • Microsoft Connectivity Analyzer - https://testconnectivity.microsoft.com/?tabid=client • Remote Connectivity Analyzer - http://www.exrca.com • Built-in Test cmdlets
Upgrade to Exchange Server 2013 • 1. Prepare • Install Exchange SP and/or updates across the ORG • Prepare AD with E2013 schema and validate Clients autodiscover.contoso.com mail.contoso.com 2 • 2. Deploy Exchange 2013 CU1 servers • Install both E2013 MBX and CAS servers • 2. Deploy Exchange 2013 servers • Install both E2013 MBX and CAS servers E2013 CAS 3. Create Legacy namespace Exchange 2010 or 2007 Servers E2010 or 2007CAS E2010 or 2007 HUB 4. Obtain and Deploy Certificates SP/RU E2013MBX 5. Switch primary namespace to Exchange 2013 CAS SP/RU Intranet site 6. Move Mailboxes 7. Repeat for additional sites E2010 or 2007 MBX Internet facing site – Upgrade first
Exchange Server 2013 Setup Setup.exe /mode:install /roles:clientaccess Setup.exe /mode:install /roles:mailbox Setup.exe /mode:install /roles:ManagementTools /IAcceptExchangeServerLicenseTerms Install both MBX and CAS Servers MBX performs PowerShell commands CAS is proxy only Exchange 2013 Setup GUI or command lineNo in-place upgrade New Parameter License terms acceptance
Upgrade to Exchange Server 2013 • 1. Prepare • Install Exchange SP and/or updates across the ORG • Prepare AD with E2013 schema and validate Clients autodiscover.contoso.com mail.contoso.com 3 legacy.contoso.com • 2. Deploy Exchange 2013 servers • Install both E2013 MBX and CAS servers E2013 CAS 3. Create Legacy namespace Exchange 2010 or 2007 Servers E2010 or 2007CAS E2010 or 2007 HUB 4. Obtain and Deploy Certificates SP/RU E2013MBX 5. Switch primary namespace to Exchange 2013 CAS SP/RU Intranet site 6. Move Mailboxes 7. Repeat for additional sites E2010 or 2007 MBX Internet facing site – Upgrade first
Create Legacy Namespace • Required for Exchange 2007 coexistence only • Create DNS record in internal and external DNS for legacy namespace • Validate legacy namespace using MCA, ExRCA and built-in Test cmdlets
Upgrade to Exchange Server 2013 • 1. Prepare • Install Exchange SP and/or updates across the ORG • Prepare AD with E2013 schema and validate Clients autodiscover.contoso.com mail.contoso.com 4 legacy.contoso.com • 2. Deploy Exchange 2013 servers • Install both E2013 MBX and CAS servers E2013 CAS 3. Create Legacy namespace Exchange 2010 or 2007 Servers E2010 or 2007CAS E2010 or 2007 HUB • 4. Obtain and Deploy Certificates • Obtain and deploy certificates on E2013 Client Access Servers configured with legacy namespace, E2013 namespace and autodiscover namespace • Deploy certificates on Exchange 2007 CAS SP/RU E2013MBX SP/RU Intranet site 5. Switch primary namespace to Exchange 2013 CAS E2010 or 2007 MBX 6. Move Mailboxes 7. Repeat for additional sites Internet facing site – Upgrade first
Certificates • Best Practices • Minimize the number of certificates • Minimize number of hostnames • Use split DNS for Exchange hostnames • Don’t list machine hostnames in certificate hostname list • Use Subject Alternative Name (SAN) certificate • End-to-End certificate wizard in the EAC • EAC notifies you when a certificates is about to expire • 1st notification shown 30 days prior to expiration • Subsequent notifications provided daily
Upgrade to Exchange Server 2013 Clients autodiscover.contoso.com mail.contoso.com • 1. Prepare • Install Exchange SP and/or updates across the ORG • Prepare AD with E2013 schema and validate 5 legacy.contoso.com • 2. Deploy Exchange 2013 servers • Install both E2013 MBX and CAS servers E2013 CAS Exchange 2010 or 2007 Servers 3. Create Legacy namespace E2010 or 2007CAS E2010 or 2007 HUB • 4. Obtain and Deploy Certificates • Obtain and deploy certificates on E2013 Client Access Servers configured with legacy namespace, E2013 namespace and Autodiscover namespace • Deploy certificates on Exchange 2007 CAS SP/RU E2013MBX SP/RU Intranet site • 5. Switch primary namespace to Exchange 2013 CAS • Validate using MCA, ExRCA and Test cmdlets E2010 or 2007 MBX 6. Move Mailboxes Internet facing site – Upgrade first 7. Repeat for additional sites
Switch Primary Namespace • Validate legacy namespace creation • Configure Load balancing • Legacy namespace is separate VIP with Layer 7 load balancer • Configure AutoDiscoverServiceInternalUri on Exchange 2013 CAS to LB FQDN • Configure AutoDiscoverSiteScope • Update publishing rules for legacy namespace • Use MCA and ExRCA to test access externally and internally • Update DNS • Mail and Autodiscover namespaces should point to CAS 2013
Switching OA to CAS 2013 Clients mail.contoso.com RPC/HTTP Layer 7 LB Layer 4 LB RPC/HTTP HTTP PROXY 1. Enable Outlook Anywhere on all legacy CAS • 2. IIS authentication methods • IIS Auth must have NTLM enabled on all legacy CAS HTTP PROXY E2007/E2010 CAS E2007/E2010 CAS E2013 CU1 CAS Disabled Enabled OA Enabled OA Client SettingsIIS Auth: OA Enabled Client SettingsIIS Auth: NTLM • 3. Client settings • Make legacy OA settings the same as 2013 CAS so all clients get the same proxy hostname Client Auth: Basic NTLM IIS Auth: Basic NTLM RPC RPC RPC 4. DNS cutover A low TTL on the existing record the days prior to the cutover is a good idea. E2007/E2010 MBX E2013 CU1 MBX E2007/E2010 MBX Internet-facing site Intranet-facing site
Upgrade to Exchange Server 2013 • 1. Prepare • Install Exchange SP and/or updates across the ORG • Prepare AD with E2013 schema and validate Clients autodiscover.contoso.com mail.contoso.com legacy.contoso.com • 2. Deploy Exchange 2013 servers • Install both E2013 MBX and CAS servers E2013 CAS 3. Create Legacy namespace • 4. Obtain and Deploy Certificates • Obtain and deploy certificates on E2013 Client Access Servers configured with legacy namespace, E2013 namespace and Autodiscover namespace • Deploy certificates on Exchange 2007 CAS Exchange 2010 or 2007 Servers E2010 or 2007CAS E2010 or 2007 HUB SP/RU E2013MBX SP/RU Intranet site • 5. Switch primary namespace to Exchange 2013 CAS • Validate using MCA, ExRCA and Test cmdlets 6 • 6. Move Mailboxes • Build out DAG • Move users to E2013 MBX E2010 or 2007 MBX Internet facing site – Upgrade first 7. Repeat for additional sites
Moving Mailboxes • New Migration Service • Provides functionality to orchestrate moves such as batch management • Provides migration reporting • Provides retry semantics • New cmdlets • New-MigrationBatch • Get-MigrationUserStatistics • Also available from EAC
Management Tools for Coexistence • Use the Exchange Administration Center (EAC) to: • Manage Exchange 2013 mailboxes • View and update Exchange 2010/2007 mailboxes and properties (with a few limitations) • Use Exchange Management Console (EMC) to: • Create mailboxes • Perform new operations on those versions
Modern Public Folders • Database-centered architecture replaced by mailbox • Existing public folders can be migrated to Exchange 2013 • End user experience doesn’t change (Outlook 2007 and newer) • Public folder replication is removed • Migrate Public Folder users before Public Folders • Exchange 2013 users can access Exchange 2010/2007 Public Folders • Exchange 2010/2007 users cannot access Exchange 2013 Public Folders • Migration of Public Folders is a cut-over migration • Similar to online mailbox moves
Public folder migration • 1. Prepare • Install Exchange SP and/or updates across the ORG • Migrate all users that require access to Exchange 2013 • Verify PF health (replication, mail flow, etc.) from Exchange 2007 or Exchange 2010 Public Folders 4 Outlook clients • 2. Analyze • Take snapshot of existing PF folder structure, statistics and permissions • Map PF folders to PF mailboxes 1 2 PF dbase 1 PF mbx 1 RU10 SP3 E2007 SP3 or E2010 3 Exchange 2013 CU1 PFs • 3. Create new public folder mailboxes • Set to HoldForMigration Mode, mailboxes invisible to clients 5 6 PF mbx 2 PF dbase 2 • 4. Begin migration request • Clients continue to access and create new data during copyAfter copy is complete migration request status is AutoSuspended PF mbx 3 PF dbase 3 MBX MBX MBX • 5. Finalize migration request • Update snapshot of existing PF folder structure, statistics and permissions • Lock source, clients logged off, final sync occurs PF • 6. Validate • Check and verify destination folders
Step 1: Prepare & Analyze (1/2) Prepare Cleanup any Public Folder that includes a Backslash (“\”) in the name Cleanup any Public Folder that is larger than 25 GB (recommendation) Download Microsoft Exchange 2013 Public Folder Migration Scripts http://www.microsoft.com/en-us/download/details.aspx?id=38407 Analyze (optional) Get-PublicFolder-Recurse –Resultsize unlimited | Export-CSVC:\PFMigration\PFStructure.csv Get-PublicFolder -Recurse | Get-PublicFolderStatistics | Export-CSVC:\PFMigration\PFStatistics.csv Get-PublicFolder -GetChildren | Get-PublicFolderClientPermission | Select-Object Identity,User -ExpandPropertyAccessRights | Export-CSV C:\PFMigration\PFPerms.csv
Step 1: Prepare & Analyze (2/2) Run Public Folder Migration Scripts Export-PublicFolderStatistics.ps1<map.csv> <Public Folder server> PublicFolderToMailboxMapGenerator.ps1<maxPFmbxsize> <map.csv> <PFtoMbx.csv> Output example:
Step 2: Create public folder mailboxes Create required Public Folder mailboxes Amount of mailboxes is defined in PFtoMBX matching file First public folder mailbox must be in HoldForMigration mode Create at least one public folder mailbox per 2.000 mailbox users CMDlets to create PF mailboxes: First: New-Mailbox -PublicFolder“Mailbox1” -HoldForMigration:$true -IsExcludedFromServingHiearchy:$true All others: New-Mailbox -PublicFolder“MailboxXX” -IsExcludedFromServingHiearchy:$true Configure Quotas on PF mailboxes On-premises: 2 GB default, 25 GB recommended, 100 GB maximum Online: 25 GB configured / maximum
Step 3: Begin migration Create PF migration request(s) New-PublicFolderMigrationRequest -SourceDatabase (Get-PublicFolderDatabase-Server <Source server>) -CSVData (Get-Content <map file.csv> -Encoding Byte) -BadItemLimit $BadItemLimitCount Verify PF migration request Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics -IncludeReport| fl Verify that Migration Request will stop by 95% Regularly run the following cmdlet: Resume-PublicFolderMigrationRequest \PublicFolderMigration
Step 4: Finalize Migration Request Lock out users from legacy Public Folders: Set-OrganizationConfig-PublicFoldersLockedForMigration:$true (Legacy Public Folders will be locked – wait until replicated to all databases!) Complete PF Migration Request and restart sync: Set-PublicFolderMigrationRequest\PublicFolderMigration-PreventCompletion:$false Resume-PublicFolderMigrationRequest \PublicFolderMigration Get-PublicFolderMigrationRequestStatistics \PublicFolderMigration –IncludeReport |fl Issue: Run: Set-OrganizationConfig-PublicFoldersLockedForMigration:$true (+ restart MSExchangeIS) Resume-PublicFolderMigrationRequest again until request is 100% completed!
Step 5: Finalize Public Folder migration Verify Modern Public Folders Set-Mailbox <Mailbox> –DefaultPublicFolderMailbox Mailbox1 Use Outlook or OWA to verify Public Folders Allow general Access to Modern Public Folders Get-Mailbox -PublicFolder | Set-Mailbox -PublicFolder-IsExcludedFromServingHierarchy $false Run on legacy server: Set-OrganizationConfig-PublicFolderMigrationComplete:$true (Allows e-mail delivery to Modern Public Folders) Remove Legacy Public Folder Databases Don’t remove them too quickly, otherwise you cannot roll-back anymore!
Roll-back to legacy Public Folders Run on Exchange server (on-prem): Set-OrganizationConfig –PublicFoldersLockedForMigration:$false Set-OrganizationConfig–PublicFolderMigrationComplete:$false (Restart Microsoft Exchange Information Store service to speed up access) Remove Public Folder Mailboxes (option) Key consideration May loose new content when users already were working in Modern Public Folders
Summary • Updates are required for coexistence • Exchange 2007 requires a legacy namespace • Certificate management is improved • Public Folder migration is cutover process
Exchange, InterOrgorIntraOrgmigration • Exchange out of the box (local or remote move) • Local IntraOrg (Transition) • Remote InterOrg (Migration) • Quest Migraton Manager Suite • Mainly InterOrg scenarios with complex coexistence requirements • Other 3rd Party
Migration Tools, Microsoft vs. Quest - I • Use Microsoft cross forest MBX move • Involved Exchange Orgs need to be prepared first (e.g. migration accounts, MRS Proxy, MaxConnection) • Prepare mailbox move • mail enabled user need to exist (ADMT, ILM, …) • matching attributes synchronization with Prepare-MoveRequest.ps1(e.g. email addresses, GAL data, LegacyExchangeDN as a new X500 address, …) • Use New-MoveRequestand New-MigrationBatchcmdlets for mailbox moves • Pre-migration of mailbox content is possible. • Email address space sharing (mailrouting needs to be implemented manually)
Migration Tools, Microsoft vs. Quest - II • Use Microsoft cross forest MBX move • Free/Busy (manually) • Calender-Sharing (No) • PublicFolder content (manualy via PST import) • PublicFolder permission (No) • Mailbox permission for Folder and Deputy-Delegation (No) • Profilechange (script or ExProfRe) • OST (rebuilt new) • Administration (script and different tools needed) • WAN Optimizing (none, high bandwidth) • migration time (A fewdays / week) • Adjustment (Medium / High, Ownscripts) • Monitoring and Reporting (manualy, noout-of-the-box)
Migration Tools, Microsoft vs. Quest - I • Use Quest Migration Manager for Exchange • Migration (step-by-step with replication) • Migration of distribution lists (continuously dirsync) • Exchange email addresses (continuously dirsync with delta update, and more) • Mailbox creation (automatically) • LegacyExchangeDN as an X500 address (automatically) • Forwarding (yes via targetaddress) • Mailboxdata (Gradual migration through Replilcationthe source data into the target) • Free/Busy (PF, EWS throughcalendersyncagent) • Calender-Sharing (fully possible)