The Migration of Exchange 5.5 to 2003 Server

OBJECTIVE:

Electronic messaging services within a company remains a mission critical application and its implementation is a vital part to the conduct of everyday business strategies, needs and goals. Within the organization the business requirements now include the safeguard of electronic content retention best practices. Therefore, it is important to see to it that a migration project is undertaken with a lot of care. Read this document carefully to gain a good understanding of not only the pre-requisites but also the migration path from mixed to native mode.

The delivery of mail is a challenging task which includes the support of thousand of users within the corporation environment. The new infrastructure must set up procedures to respect compliance, corporate governance and internal regulatory policy enforcement. Affirmatively, business guidelines and principles for the preservation of electronic mail within the corporate body must now be taken into consideration. This requires that companies learn how to standardize their projects to meet not only corporate needs but also judicial demands.

The granularity of google workspace precio management depends upon a business model that will sustain the rationalization of all of the mechanics of the migration project from Exchange 5.5 to Exchange 2003. It is understood that the migration will introduce many changes upon the business model. It is to be undertaken by keeping the infrastructure model and design flexible without the impairment of performance.

SETUP PROCEDURES FOR THE MIGRATION:

MANAGING THE MIGRATION:

o Domain controller location. You’ll need at least one Domain Controller in each office that has an Exchange 2003 server

o Global Catalog server location. Need at least one Global Catalog server in each office that has an Exchange 2003 server. This can also act as the local Domain Controller. The simplest way to accomplish this is to make all branch office DCs into GCs. Microsoft recommends a minimum of one GC server for every four Exchange processors, not servers.

o DNS configuration. Make certain that DNSLint shows no errors, other recommended tool KILLADCGN.EXE to verify chkds Checkdisk and chkdsro (CheckReplicationOrphan objects in AD);

o Active Directory Native Mode. Important Notice: The Active Directory domain containing the Exchange servers must be in Native Mode so that you can use Universal Security Groups for e-mail distribution.

o Replication or authentication problems. Verify Event Viewer to have no errors from directory service replication, KCC topology calculations, or authentication errors originating from domain controller accounts. You can use the EventCombMT utility (download from Microsoft). EventCombMT is part of the Account Lockout and Management and Lockout

o Domain Prerequisites Considerations : Name Resolution, ADC Staging OU, ADC Staging, Verify trusts issues, Replication topology

Verify Current Exchange Organization Roles and Distributions:

O Exchange server version

O Site configuration

O Site connectors and Directory Replication connectors

O Internet connectors

O Unsupported connectors

O Key Management Services

O Compatible backup

O Antivirus and Antispam software

O Patches

O E-mail dependent applications

O Exchange 2000 instant messaging

Pre-Requisites and Precautions before the installation:

o Security patches (ISDS for Exchange)

o In order to preserve Exchange 5.5 Public Folder Access Control Lists (ACLs) after mailboxes or distribution lists are moved between sites the Administrator will need to install an Exchange 5.5 DS/IS hotfix (http://support.microsoft.com/?kbid=836489) on every Exchange 5.5 Public Folder server prior to moving mailboxes or DLs between sites.

o The Consistency Adjuster must be run for each server in each site.

o Windows service packs (SP4.0 for Exchange 5.5 while Exchange 2003 is on SP2.0 this information must be revised on the website of Microsoft for the latest updates)

o Considerations – Mobile Information Server (MIS) –To preserve functionality for existing mobile users during the Exchange 2003 deployment, keep at least one MIS 5.5 servers running as you migrate to Exchange 2003.

o Instant Messaging (IM) and Chat –This functionality has been replaced by Live Communication Server (LCS) in Exchange 2003.

o CcMail connector — If you are running ccMail (mainly for Lotus Mail Agents) in the organization along with Exchange, it’s time for a final transition upon the migration path to Exchange 2003.

o Backup, Antivirus, and Antispam software compatibility issues and third party software issues

o ADC upgrades considerations – You must upgrade the ADC servers to Exchange 2003 ADC prior to introducing any Exchange 2003 servers into the organization. The ADC upgrade modifies the schema, so make sure that the Schema Master is available.

o Front-end/back-end upgrades. – If you have an existing deployment such as for example, Exchange 2000 that uses a distributed architecture, upgrade the front-end servers first and then upgrade the backend servers.

PRE-MIGRATION NORMALIZATION ISSUES:

O Install service packs (verify Microsoft website for the latest versions)

O Normalize mailboxes (size sum check)

O Verify public folders permissions (permissions will affect the RUS)

OMigration Account Rights Ensure the account(s) used for the migration process are given ‘Service Account Admin’ rights at the Organization, Site and Server level.

OSimple-Synchronization Ensure the Simple-Sync replication schedule is set to every twelve hours (12 hours) – Exdeploy.hta. (Deployment tools)

Considering ultimate performance:

o Domain Upgrade

o Upgrade the current PDC to Windows Server 2003.

o Install additional Windows Server 2003 domain controllers

o Shift the domain and forest to Windows Server 2003 functional level

Network Infrastructure Considerations:

o Traffic patterns

o Outages

o Remote users

o Routing groups

Costs Topology:

o Server software

o Client Access Licenses (CALs)

o Additional personnel

o Training

o Client software

Additional Networking Considerations:

o Directory service connection failures

o Inability to access public folders

o Inability to replicate public folders with legacy Exchange

o Incompatible historical backups

o Hardware failures

o Software compatibility failures

Considering Final Networking Objectives:

o No service interruptions

o Single mailbox-enabled account for each user

o Retain existing mailbox and public folder permissions.

o Fastest possible introduction of new features

o Maximize existing hardware

Domain Prerequisites Considerations: Name Resolution, ADC Staging OU, ADC Staging, Verify trusts issues, Replication topology. ADC, DcDiag, NetDiag, AD Snapshot, Log Files, Event Viewer Security, Application and System Logs

NB*: Remove Internet Explorer Enhanced Security. ADC Setup will make extensive use of Internet files (.html, .hta, etc.). Windows Server 2003 has a feature called Internet Explorer Enhanced Security that forces a security launched wizard. Remove this feature from the server for the duration of the ADC and Exchange setup.

1. Launch Control Panel.

2. Open the Add/Remove Programs applet.

3. Click Add/Remove Windows Components

4. Uncheck the Internet Explorer Enhanced Security Configuration option

5. Click Next to accept the change.

Primary Reports and Log Files verifications:

o DSConfigSum. This test reports the total number of sites and the number of servers in each site.

o DSObjectSum. This utility reports the total number of public folders, distribution lists, distribution lists with hidden membership, and custom recipients.

o UserCount. This test reports the total number of recipients (users) in the organization, broken down by site.

o VerCheck. This test verifies that you have the right Exchange version and service pack level on your Exchange servers.

o NB*: The main log file for the deployment is Exdeploy.log. It shows the result of each test performed by DSScopeScan.

INSTALLATION CONTROLS:

The Extending of the Active Directory Schema:

/Forestprep switch is used to extend the Active Directory schema.
§ Will modify the Active Directory Schema to include new attributes and classes used by Exchange 2003 and also installs the top-level objects for a placeholder organization tree in the Configuration Naming Context in the Active Directory forest.

Preparing the Windows Server 2003 Domains to Support Exchange Server 2003:

/Domainprep It will prepare the domains that will host Exchange servers or mailbox-enabled users
§ This creates objects in the Active Directory domain that represent Exchange service accounts, public folders, and groups that represent Exchange servers in the domain and the enterprise.

It will configure the Recipient Update Service parameters responsible for keeping Exchange address lists up-to-date and for creating proxy addresses for users based on recipient policy addressing configuration.

NB*: Recipients are Active Directory objects that have messaging capabilities. The object itself does not receive messages. The messages are not stored in Active Directory. Instead, they can reside in a mailbox on an Exchange server, in a public folder, or in another messaging system.

How these objects work:

When the proper credentials are sent to the domain controller for the user object, the contents of the mailbox become available to the e-mail client like Outlook (in the inbox of the user).

It will also create the Exchange Server 2003 specific groups (permissions) that allow Exchange services to run without a service account.

Domainprep will create two new groups:

a) Exchange Domain Servers

b) Exchange Enterprise Servers

Utilities to Run to verify the settings of the Organization:

1) OrgPrepCheck

2) OrgCheck

3) PolCheck

OrgPrepCheck: Verifying the Organization Settings with OrgPrepCheck. To validate the Forestprep and Domainprep utilities were functionally successful. The OrgPrepCheck utility is found via the Exchange Deployment Tools and is a recommended way of determining whether it is safe to proceed with the migration process.

OrgCheck: This test is made to verify that the Setup created the proper Exchange objects in the Configuration naming context and Domain naming context. By making sure that the Exchange Domain Servers group, Exchange Enterprise Servers group, and Exchange Services group exist. It also will verify that the schema changes are propagated and that it can find a Global Catalog server in the same site as the ADC server.

PolCheck: This test queries each domain controller in the domain to determine if the Exchange Enterprise Servers group has been given the Manage Auditing and Security Logs privileges. If the changes have not been created it is possible to make use of Active Directory Sites and Services to force replication to the affected problematic Domains to run OrgPrepCheck again.

Manage the (ADC) Active Directory Controller:

Do not make use of the ADC that comes on the Win 2000 or Win 2003 Setup CD. These specific versions of ADC do not map special attributes required by Exchange recipients and public folders. If you have already installed the operating system version of the ADC, remove it before installing the Exchange version. Also, unlike the Exchange files themselves, you can do the initial installation of the ADC using the Exchange service pack files. The ADC uses LDAP to query and update servers. The ADC stores configuration parameters in Active Directory objects called Connection Agreements (CAs). A CA defines object types for the ADC to copy, the source and target containers for the objects, a replication schedule, and credentials to use for making inter-server replication connections between sites.

Failed Over Principle: The (ADC) Active Directory Connector has the capacity to delete objects in both directories, as a pre-migration rule and precaution the data should be stored. This failed over principle is important for if things go wrong during the migration an authoritative restore must be performed with the NTDSUTIL utility of the Active Directory Database.

Fail Over practices for recovery purposes during the migration:

This particular tool is going to provide a fail over practice which is the standard approach to perform database maintenance of Active Directory

– managing of single master operations

– managing of the metadata in regards to the Domain Controllers

Found in systemrootSystem32

May also perform the restore from Backups

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top