Migration from Office 365 or Microsoft 365 mailboxes to G Suite using the G Suite Data Migration Service

Gallery

This gallery contains 1 photo.

Supported Environment Microsoft 365, Office 365, Exchange 2016, 2013, 2010, 2007 or 2003. Supported G Suite G Suite Enterprise, Business, Basic, and Education accounts G Suite Cost Standard prices are shown. Google occasionally offers special discounts to some customers for … Continue reading

Migrating Azure VM to AWS EC2 using AWS Server Migration Service

Gallery

This gallery contains 1 photo.

Requirements for Azure connector The recommended VM size of Azure connector is F4s – 4 vCPUs and 8 GB RAM. Ensure that you have a sufficient Azure CPU quota in the region where you are deploying the connector. A Standard … Continue reading

Migrate Alibaba ECS VM to Azure Cloud using Azure Site Recovery Services

Gallery

In my previous blog, I have written how to migrate workloads from VMware to Azure Cloud.  In this tutorial, I am going to elaborate you how to migrate Amazon Web Services (AWS) EC2 virtual machines (VMs) to Azure VMs by … Continue reading

Migrate SQL Server to Azure SQL Database using Database Migration Services (DMS)

Gallery

The Data Migration Assistant (DMA) helps you upgrade to a modern data platform by detecting compatibility issues that can impact database functionality in your new version of SQL Server or Azure SQL Database. The Data Migration Service (DMA) lets you … Continue reading

Convert Synced User to In-Cloud User

Gallery

Here is the scenario: Synced ID: Specifies the immutable ID of the federated identity of the user. This should be omitted for users with standard identities. You have local Active Directory with AAD Connect installed, which sync users and password … Continue reading

Decide on Office 365 Migration Path

Gallery

This gallery contains 1 photo.

Deciding on the best migration path of your users’ email to Office 365 can be difficult. Your migration performance will vary based on your network, existing messaging systems design, mailbox size, migration speed, and so on. For migrations from an … Continue reading

Migrate Amazon Web Services (AWS) EC2 VM to Azure Cloud

Gallery

This gallery contains 1 photo.

In my previous blog, I have written how to migrate workloads from VMware to Azure Cloud.  In this tutorial, I am going to elaborate you how to migrate Amazon Web Services (AWS) EC2 virtual machines (VMs) to Azure VMs by … Continue reading

Migrate a SQL Server database to Azure SQL Database

Gallery

This gallery contains 1 photo.

Azure Database Migration Service partners with DMA to migrate existing on-premises SQL Server, Oracle, and MySQL databases to Azure SQL Database, Azure SQL Database Managed Instance or SQL Server on Azure virtual machines.     Moving a SQL Server database … Continue reading

Migrating VMware Virtual Workloads to Microsoft Azure Cloud

Gallery

This gallery contains 3 photos.

Overview Migrating to the cloud doesn’t have to be difficult, but many organizations struggle to get started. Before they can showcase the cost benefits of moving to the cloud or determine if their workloads will lift and shift without effort, … Continue reading

EMC Unity Hybrid Storage for Azure Cloud Integration

Gallery

The customers who have placed their workload in both on-premises and cloud forming a “Hybrid Cloud” model for your Organisation, you probably need on-premises storage which meets the requirement of hybrid workloads. EMC’s Unity hybrid flash storage series may be … Continue reading

Office 365 Hybrid Deployment with Exchange 2016 Step by Step

Gallery

Hybrid Configuration Business Case. On-premises IRM- Information Rights Management (IRM) enables users to apply Active Directory Rights Management Services (AD RMS) templates to messages that they send. Antispam and malware protection- Mailboxes moved to Office 365 are automatically provided with antivirus … Continue reading

Exchange 2010/2013 to Exchange 2016 Migration Step by Step

Gallery

Deployment Location: On-premises Target Environment: Exchange Server 2016 CU4 Current Environment: Exchange Server 2010 or Exchange Server 2013 or mixed Public Folder Location: Exchange Server 2013 Understanding of Exchange Server 2016: Exchange Server 2016 wraps up in two Exchange roles … Continue reading

Office 365: Configuring catch-all mailbox during migration

Gallery

Step1: Create Catch-All Mailbox 1. Sign in to portal.office.com>Active Users 2. Create a new user named “Catch-All-Mailbox” and assign licenses either E1 or E3. Step2: Create exception Security Group (Optional Step) 1. Log onto Office 365 admin portal 2. Go … Continue reading

Migrate On-premises Exchange Server to Office 365 using MigrationWiz

Gallery

This gallery contains 9 photos.

Assumptions: An operational on-premises Microsoft messaging environment or an IMAP Source An operational Microsoft Office 365 tenant for Exchange Online Active Directory synchronised with Microsoft Azure Active Directory using DirSync Licenses are assigned to Active Users. There are place holder … Continue reading

Mailflow Co-existence between G Suite and Office 365 during IMAP Migration

Gallery

This article will explain how to create mail flow coexistence between disparate IMAP source and Exchange Online destination. Use case: Customer wants a mailflow co-existence between hosted email e.g. Gmail and Exchange Online during mailbox migration phase. Customer has on-premises … Continue reading

On-prem to Office 365 Migration: PowerShell Script Collection

Gallery

Connect to Azure Active Directory PowerShell without Password Prompt #Use Case: Log on to Office 365 tenant without typing credentials. $User=”Raihan@tenant.onmicrosoft.com” $Password=ConvertTo-SecureString -String “MyPassword” -AsPlainText -Force $O365CREDS= New-Object –TypeName “System.Management.Automation.PSCredential” –ArgumentList $User, $Password #$O365CREDS = Get-Credential -Username Raihan@tenant.OnMicrosoft.Com $SESSION = … Continue reading

Migrate WSUS Server from Server 2008/R2 to Server 2012/R2

The following procedure apply if you have an existing WSUS server installed on a Windows 2008 R2 OS with SQL Express and you wish to migrate to Windows Server 2012 R2 WSUS server and a separate backend database server.

Step1: Backup SQL DB of Old WSUS Server

Log on to existing WSUS server. Open SQL Management Studio>Connect to DB>Right Click SUSDB>backup full database.

clip_image002

Step2: Export metadata from old WSUS Server

The WSUS Setup program copies WSUSutil.exe to the file system of the WSUS server during installation. You must be a member of the local Administrators group and WSUS Administrator Group on the WSUS server to export or import metadata. Both operations can only be run from the WSUS server itself and during the import or export process, the Update Service is shut down.

Open command prompt as an administrator>go to C:\program Files\Update Services\Tools

Issue wsusutil.exe export c:\export.cab c:\export.log command

Move the export package you just created to the new Microsoft WSUS Server.

 

If you have .netFramework v.2 or v.4 but not configured in IIS Application. Then most likely above command will fail giving you some grief. Here is a solution for this.

Verify that WSUS is configured to use the .NET4 libraries in IIS>Application Pool

clip_image004

Create a file named wsusutil.exe.config in C:\Program Files\Update Services\Tools

Edit the file and add the following:

<configuration><startup><supportedRuntime version=”v4.0.30319″ /></startup></configuration>

If issue persists, please try to unapprove KB3020369 in WSUS Console then try again.

Re-run the wsusutil command but instead of making a CAB file make a .xml.gz file and all should be well.

clip_image006

clip_image008

Further reading 1

Further reading 2

 

Step3: Build New WSUS Server

Virtualize a new Windows Server 2012 R2 Server. Setup static IP, Join the server to domain. Install .NetFramework 4 in new server.Do not Configure WSUS at this stage. Go to Step4.

 

Step4: Restore SQL DB in New SQL Server (Remote and/or Local )

Log on to SQL Server. Open SQL Management Studio>Create a Database named SUSDB

Restore old SUSDB to new SUSDB with override option.

Assign sysadmin, setupadmin role to the person who will install WSUS role in new WSUS server.

clip_image013

image

clip_image018

clip_image020

Step5: Install WSUS Role & Run Initial Configuration Wizard.

Installation of WSUS

 Log on to the server on which you plan to install the WSUS server role by using an account that is a member of the Local Administrators group.

 In Server Manager, click Manage, and then click Add Roles and Features.

 On the Before you begin page, click Next.

 In the Select installation type page, confirm that Role-based or feature-based installation option is selected and click Next.

 On the Select destination server page, choose where the server is located (from a server pool or from a virtual hard disk). After you select the location, choose the server on which you want to install the WSUS server role, and then click Next.

 On the Select server roles page, select Windows Server Update Services. Add features that are required for Windows Server Update Services opens. Click Add Features, and then click Next.

 On the Select features page. Retain the default selections, and then click Next.

 On the Windows Server Update Services page, click Next.

 On the Select Role Services page, Select Windows Server Update Services and Database, and then click Next.

 On the Content location selection page, type a valid location to store the updates. For example, type E:\WSUS as the valid location.

 Click Next. The Web Server Role (IIS) page opens. Review the information, and then click Next. In Select the role services to install for Web Server (IIS), retain the defaults, and then click Next.

 On the Confirm installation selections page, review the selected options, and then click Install. The WSUS installation wizard runs. This might take several minutes to complete.

 Once WSUS installation is complete, in the summary window on the Installation progress page, click Launch Post-Installation tasks. The text changes, requesting: Please wait while your server is configured. When the task has finished, the text changes to: Configuration successfully completed. Click Close.

 In Server Manager, verify if a notification appears to inform you that a restart is required. This can vary according to the installed server role. If it requires a restart make sure to restart the server to complete the installation.

 

Post Configuration

Open Server Manager>Add/Remove program. It will provide you with previous installation Wizard. Launch Post Configuration Wizard.

 On the Welcome page, click Next.

 On the Installation Mode Selection page, select the Full server installation including Administration Console check box, and then click Next.

 Read the terms of the license agreement carefully. Click I accept the terms of the License agreement, and then click Next.

On the Select Update Source page, you can specify where client computers get updates. If you select the Store updates locally check box, updates are stored on WSUS, and you can select a location (E:\WSUS) in the file system where updates should be stored. If you do not store updates locally, client computers connect to Microsoft Update to get approved updates.

Make your selection, and then click Next.

On the Database Options page, you select the software used to manage the WSUS database. Type <serverName>\<instanceName>, where serverName is the name of the server and instanceName is the name of the SQL instance. Simply type remote or local SQL Server Name and then click Next.

On the Web Site Selection page, you specify the Web site that WSUS will use to point client computers to WSUS. If you wish to use the default IIS Web site on port 80, select the first option. If you already have a Web site on port 80, you can create an alternate site on port 8530 by selecting the second option. Make your selection, and then click Next.

 On the Ready to Install Windows Server Update Services page, review your choices, and then click Next.

 The final page of the installation wizard will tell you whether or not the WSUS 3.0 installation was completed successfully. The final page of the installation wizard will tell you whether or not the WSUS 3.0 installation was completed successfully. After you click Finish the configuration wizard will be launched.

 

Step6: Match the Advanced Options on the old WSUS Server & the new WSUS Server

Ensure that the advanced synchronization options for express installation files and languages on the old server match the settings on the new server by following the steps below:

  1. In the WSUS console of the old WSUS server, click the Options tab, and then click Advanced in the Update Files and Languages section.
  2. In the Advanced Synchronization Settings dialog box, check the status of the settings for Download express installation files and Languages options.
  3. In the WSUS console of the new server, click the Options tab, and then click Advanced in the Update Files and Languages section.
  4. In the Advanced Synchronization Settings dialog box, make sure the settings for Download express installation files and Languages options match the selections on the old server.

Step7: Copy Updates from File System of the old WSUS Server to the new WSUS server

To back up updates from file system of old WSUS server to a file, follow these steps:

  1. On your old WSUS server, click Start, and then click Run.
  2. In the Run dialog box, type ntbackup. The Backup or Restore Wizard starts by default, unless it is disabled. You can use this wizard or click the link to work in Advanced Mode and use the following steps.
  3. Click the Backup tab, and then specify the folder where updates are stored on the old WSUS server. By default, WSUS stores updates at WSUSInstallationDrive:\WSUS\WSUSContent\.
  4. In Backup media or file name, type a path and file name for the backup (.bkf) file.
  5. Click Start Backup. The Backup Job Information dialog box appears.
  6. Click Advanced. Under Backup Type, click Incremental.
  7. From the Backup Job Information dialog box, click Start Backup to start the backup operation.
  8. Once completed, move the backup file you just created to the new WSUS server.

To restore updates from a file to the file system of the new server, follow these steps:

  1. On your new WSUS server, click Start, and then click Run.
  2. In the Run dialog box, type ntbackup. The Backup or Restore Wizard starts by default, unless it is disabled. You can use this wizard or click the link to work in Advanced Mode and use the following steps.
  3. Click the Restore and Manage Media tab, and select the backup file you created on the old WSUS server. If the file does not appear, right-click File, and then click Catalog File to add the location of the file.
  4. In Restore files to, click Alternate location. This option preserves the folder structure of the updates; all folders and subfolders will appear in the folder you designate. You must maintain the directory structure for all folders under \WSUSContent.
  5. Under Alternate location, specify the folder where updates are stored on the new WSUS server. By default, WSUS stores updates at WSUSInstallationDrive:\WSUS\WSUSContent\. Updates must appear in the folder on the new WSUS server designated to hold updates; this is typically done during installation.
  6. Click Start Restore. When the Confirm Restore dialog box appears, click OK to start the restore operation.

Alternative option would be use FastCopy Software. Copy and paste WSUS content from old server to new server.

Step8: Copy Metadata from the Database on the old WSUS Server to the new WSUS Server

To import metadata into the database of the new Microsoft Windows Server Update Services Server, follow these steps:.

Copy export.xml.gz or export.cab file from old server to new server using copy/Paste or FastCopy software.

Note: It can take from 3 to 4 hours for the database to validate content that has just been imported.

At a command prompt on the new WSUS server, navigate to the directory that contains WSUSutil.exe. Type the following: wsusutil.exe import packagename logfile (For example: wsusutil.exe import export.cab import.log or wsusutil.exe import export.xml.gz export.log)

Step9: Point your Clients to the new WSUS Server

Next you need to change the Group policy and make it point top the new server.  To redirect Automatic Updates to a WSUS server, follow these steps:

  1. In Group Policy Object Editor, expand Computer Configuration, expand Administrative Templates, expand Windows Components, and then click Windows Update.
  2. In the details pane, click Specify Intranet Microsoft update service location.
  3. Set the intranet update service for detecting updates box and in the Set the intranet statistics server box. With the new server details and port For example, type http(s)://newservername :Port in both boxes.

Step10: Invoke GPUpdate

Open PowerShell command prompt as an administrator in any computer. Run Invoke-GPUpdate Servername to synchronise server with new WSUS Server.

Migrate Network Policy Server (NPS) From Windows Server 2008 R2 to Windows Server 2012 R2

Scenario:

  1. Migrate to a new server with new NetBIOS Name and New IP Address
  2. Migrate to a new server retaining NetBIOS Name and IP Address

Step1: Backup NPS Server, NPS Policy & certificate

  1. Open NPS Policy Server from Server Manager>Right Click on NPS(Local)>Export Configuration.
  2. Select I am aware that I am exporting all shared secret. Click Ok>Export as a XML File into a UNC path accessible to new server.
  3. right Click on Template Management>Export Template to a File. Export as a XML File into a UNC path accessible to new server.
  4. Open MMC>Add Certificate Snap-in>Computer Account>Select Personal>Certificate>Export Certificate with Private Key.
  5. Use Windows Backup to backup NPS server. If NPS server is virtualized, then simply right click the virtual machine from Hyper-v manager and rename the machine. Now Power of the VM.

Step2: Build a new Server.

  1. Build a new server. Activate Windows. Assign TCP/IP and join to the domain.
  2. Open MMC>Add Certificate Snap-in>Computer Account>Select Personal>Certificate>Import Certificate with Private Key.
  3. From Roles and Feature Wizard>add network Policy and Services>Select NPS, NAP and Health registration services, Click Next>Select Certificate Authority>Select Certificate>Select Finish Installation.

Step3: Register NPS.

  1. If you have retained NetBIOS Name and IP Address mentioned in scenario 2 then you don’t  need to re-register. It’s already registered.
  2. If you have a different NetBIOS Name and IP address then Right Click NPS(Local)>Register NPS Server to Active Directory.

Step4: Import NPS Policies

  1. Open NPS Policy Server>right Click on NPS(Local)>Import Configuration. Point to the XML file you have exported in step1 and import the file.
  2. Right Click on Template Management>Import template from a File. Point to the XML file you have exported in step1 and import the file.

Step5: Test Client

  1. Connect a client using WIFI or VPN whichever purpose you have configured NPS.
  2. Open Event Viewer in NPS Server and Check Security log. You will see clients are connected successfully.

Relevant Articles:

Windows Server 2008: how to configure Network Policy Server or Radius Server –Step by Step Guide

How to configure L2TP IPSec VPN using Network Policy Server in Windows Server 2008 R2

Step by Step guide to build a Cisco wireless infrastructure using Cisco WLC 5500, Cisco 1142 AP and Microsoft Radius server

Migrate WSUS to Windows Server 2012 R2

Prerequisites

  • Collect source and destination server name, IP address, Database Name, Instance Name, service account for Database instance.
  • Download Microsoft SQL Server Management Studio and install on source and destination SQL Server.
  • Make sure destination server is joined to the domain and time is synced
  • Do not run initial configuration wizard in Destination Server.
  • As best practice, do not migrate WSUS into a Domain Controller.
  • Obtain appropriate permission in source server, destination server and SQL server to initiate and complete migration tasks

Migrate local users and groups

1. Right-click in the Taskbar, click Properties, highlight Toolbars, and then click Address.

2. Type lusrmgr.msc, and then press ENTER.

3. In in the console tree of the Local Users and Groups MMC snap-in, double-click Users.

4. Manually create a list of the local users.

5. In the console tree of the Local Users and Groups MMC snap-in, double-click Groups.

6. Manually add the users from the source server to the WSUS Administrators and WSUS Reporters groups.

Back up the WSUS database on the source server

1. After you connect to the appropriate instance of the database in Object Explorer, click the server name to expand the server tree.

2. Expand Databases, and select the SUSDB database.

3. Right-click the database, point to Tasks, and then click Back Up. The Back Up Database dialog box appears.

4. In the Database list, verify the database name.

5. In the Backup type list, select Full.

6. Select Only Backup. only backup is a SQL Server backup that is independent of the sequence of conventional SQL Server backups.

7. For Backup component, click Database.

8. Accept the default backup set name that is suggested in the Name text box, or enter a different name for the backup set.

9. Follow the prompt to complete backup.

Restore the WSUS database backup on the destination server

1. After you connect to the appropriate instance of the database in Object Explorer, click the server name to expand the server tree.

2. Expand Databases, and select the SUSDB database.

3. Right-click the database, point to Tasks, and then click Restore. The Restore Database dialog box appears.

4. On the General page, use the Source section to specify the Source.

5. In the Destination section, the Database box is automatically populated with the name of the database to be restored.

6. In the Backup sets to restore grid, select the backups to restore. This grid displays the backups available for the specified location. By default, a recovery plan is suggested.

7. Follow the prompt to complete Restore. Click OK

Install WSUS Server on the destination server

Before you begin installing WSUS server into the destination server you must install Microsoft .NET Framework, Background Intelligent Transfer Service (BITS) 2.0 and Microsoft Internet Information Services (IIS) on the destination server. Follow the procedure to install WSUS into destination server and point to the new Database.

1. Open Server Manager, Click Add Roles and Features, Select WSUS and install WSUS role.

2. On the Welcome page, click Next.

3. Read the terms of the license agreement carefully, click I accept the terms of the License Agreement, and then click Next.

4. On the Select Update Source page, you can specify where client computers get updates. If you select Store updates locally, updates are stored on WSUS and you can select a location in the file system to store updates. If you do not store updates locally, client computers connect to Microsoft Update to get approved updates.

5. Make your selection, and then click Next.

6. On the Database Options page, click Use an existing database server, and select the instance name from the drop-down list.

7. Make your selection, and then click Next.

8. On the Web Site Selection page, you specify the Web site that WSUS will use. Note two important URLS: the URL to point client computers to WSUS and the URL for the WSUS console where you configure WSUS.

9. Make your selection, and then click Next.

10. On the Mirror Update Settings page, you specify the management role for this WSUS server. If you want a central management topology, enter the name of the upstream WSUS server. If this is the first WSUS server on your network or you want a distributed management topology, skip this screen.

11. Make your selection, and then click Next.

12. On the Ready to Install Windows Server Update Services page, click Next.

Change the WSUS server identity

Performing this step guarantees that WSUS-managed clients are not affected during the migration process. If the source server and the destination server run with the same identity, and a change is made to one of the servers, the communication between the client and server will fail.

1. On the destination server, open an elevated Windows PowerShell prompt and run the following script:

$updateServer = get-wsusserver

$config = $updateServer.GetConfiguration()

$config.ServerId = [System.Guid]::NewGuid()

$config.Save()

2. As soon as the server identity is changed, run the following command to generate a new encryption key:

WSUSUTIL.exe Postinstall

Point the WSUS clients to the new destination server

1. Open the Local Group Policy Editor, and in Specify intranet Microsoft update service policy, change the URL to reflect the new WSUS server.

2. Update the Group Policy settings that are used to point WSUS clients to the WSUS server by entering the FQDN of the new WSUS server. After you have updated the Group Policy settings, WSUS clients will synchronize with the new WSUS server.

3. To force the clients to detect the new destination server, open a command prompt, and run wuauclt.exe /resetauthorization /detectnow and GPUpdate /Force.

Verify the destination server configuration

  1. In Server Manager, click Tools, and then click Windows Server Update Services.
  2. In the WSUS Administration Console, expand Computers, and verify that all the Computer Groups that existed on the source server are displayed.
  3. Expand Synchronizations. In the Actions pane, click Synchronize now. After the synchronization is complete, (this may take several minutes), confirm that Succeeded is displayed in the Results column.

Reconfigure Group Policy

Open WSUS Group Policy, Edit Group Policy and Change WSUS Server.

Verify client computer functionality

After the detection is finished, open Windows Explorer and check the %WinDir%WindowsUpdate.log to verify that the forced detection was successful.

Exchange 2013 Upgrade, Migration and Co-existence

Migration Guide

Exchange 2007/2010 to Exchange 2013 Migration Step by Step Guide

How to Configure Unified Messaging in Exchange 2013 Step by Step

Mail flow in Exchange 2013

image

Source: Microsoft TechNet

image

Source: Microsoft TechNet

Protocol Exchange 2007 & Exchange 2013 Exchange 2007 & Exchange 2013
Namespace legacy.domain.com no additional namespace
OWA Non-silent redirection to
legacy.domain.com
Proxy to CAS2010
Silent direction
EAS Proxy to MBX2013 Proxy to CAS2010
Outlook Anywhere Proxy to CAS2007 Proxy to CAS2010
Autodiscover Redirect to CAS2007 Proxy to CAS2010
EWS Autodiscover Proxy to CAS2010
POP/IMAP Redirect to CAS2007 Proxy to CAS2010
OAB Redirect to CAS2007 Proxy to CAS2010
RPS N/A Proxy to CAS2010
ECP N/A Proxy to CAS2010

Exchange 2013 Perquisites

Supported Co-existence Scenario

  • Exchange 2010 SP3
  • Exchange 2007 SP3+RU10

Supported Client

  • Outlook Anywhere Only, Outlook 2007 or later
  • Outlook for Mac 2011
  • Entourage 2008 for Mac

Active Directory

  • Windows 2003 Forest Functional Level or higher
  • At least one global catalog. two global catalog is highly recommended for redundancy purpose
  • No support for RODC or ROGC

Namespace

  • Contiguous
  • Non-Contiguous
  • Single level Domain
  • disjoint

Operating Systems

  • Windows Server 2008 R2 SP1
  • Windows Server 2012 or Windows Server 2012 R2

Other Components

  • Internet Information Service (IIS)
  • .Net Framework 4.5
  • Unified Communication Managed API

Cumulative Updates

  • CU is a full exchange installer or binary
  • Required for co-existence with Exchange 2007/2010

Upgrade from Exchange 2010 to Exchange 2013

1. Prepare

  • Prepare Exchange 2010 with SP3
  • Test Exchange using Test cmdlets
  • Test Active Directory health status
  • Prepare Active Directory Schema using Exchange 2013 schema

2. Deploy Exchange 2013

  • Install both Exchange 2013 MBX and CAS servers
  • Install Management Server on admin PC

3. Obtain and deploy Certificates

  • Create Certificate CSR from Exchange 2013
  • Sign the certificate from public CA
  • Install Certificate and assign certificate to IIS,SMTP,POP,IMAP

OR

  • Export certificate from Exchange 2010 and import into Exchange 2013

4. Configure Mail flow

  • Create mail and autodiscover namespace and point to Exchange 2013
  • Add Exchange 2013 MBX server into Send Connector
  • Configure Frontend receive connector
  • Create anonymous relay

5. Switch Primary Name Space

  • Switch OWA, ActiveSync and SMTP traffic to Exchange 2013
  • Use TMG/UAG to switch OWA and ActiveSync to Exchange 2013
  • Switch port 25 forwarding to Exchange 2013
  • Validate traffic flow to Exchange 2013

6. Move Mailboxes

  • Build Exchange DAG
  • Migrate user mailbox
  • Migrate resource mailbox
  • Migrate public folders

7. Repeat additional sites

8. Decommission Exchange 2010

Upgrade from Exchange 2007 to Exchange 2013

1. Prepare

  • Prepare Exchange 2007 with SP3 +RU
  • Test Exchange using Test cmdlets
  • Test Active Directory health status
  • Prepare Active Directory Schema using Exchange 2013 schema

2. Deploy Exchange 2013

  • Install both Exchange 2013 MBX and CAS servers
  • Install Management Server on admin PC

3. Obtain and deploy Certificates

  • Create a certificate CSR from Exchange 2013 with legacy namespace
  • Sign the certificate from public CA
  • Install Certificate and assign certificate to Exchange 2013 IIS,SMTP,POP,IMAP
  • Install same certificate into Exchange 2007

4. Configure Mail flow

  • Create legacy DNS record pointing to Exchange 2007
  • Create mail and autodiscover namespace and point to Exchange 2013 CAS
  • Create Send Connector in Exchange 2013
  • Configure Frontend receive connector
  • Create anonymous relay

5. Switch Primary Name Space

  • Switch OWA, ActiveSync and SMTP traffic to Exchange 2013
  • Use TMG/UAG to switch OWA and ActiveSync to Exchange 2013
  • Switch port 25 forwarding to Exchange 2013
  • Validate traffic flow to Exchange 2013 using MCA and ExRCA

6. Move Mailboxes

  • Build Exchange DAG
  • Migrate user mailbox
  • Migrate resource mailbox
  • Migrate public folders

7. Repeat additional sites

8. Decommission Exchange 2007

Validate External Connectivity

Certificate Best Practice

  • Minimize number of certificates
  • Minimize number of host name
  • use split DNS for Exchange host name
  • Don’t list machine name in certificates
  • Use Subject Alternative Name Certificate or SAN certificates

Restart Transport Services and Information Store Service

  • Patch Exchange Server using WSUS or ConfigMgr
  • Reboot DAG member one by one
  • Reboot CAS server one by one
  • Management Tools
  • User Exchange 2013 Administration Center to manage co-existence and migration tasks
  • Use Exchange 2010 management console to move offline address book

Cutover Process

  • Public folder migration is part of final cutover
  • Exchange and Active Directory health check
  • verify proposed and implemented Exchange 2013

Post Migration

  • Shutdown Exchange 2010 servers for minimum 48 hours in working days
  • Decommission Exchange 2010