4

I have an ailing Exchange 2003 server on my domain that I am replacing with Exchange 2007 running on a brand new Server 2008 box. I've read the TechNet articles about the difference between an Exchange Transition and Migration. I've also read this 3 part walkthrough from MSExchange.org in detail.

I need clarification on the following points from anyone who has experience with this procedure:

  1. My understanding is that when I install Exchange 2007 on my domain, the existing Active Directory structure will be updated to make the E2K7 box my "primary" mail server for lack of a better word. Will the Exchange 2003 server continue to send and receive email for the mailboxes it hosts without any intervention on my part? Assume I have not yet made any NAT changes on my firewall. Also assume I have not migrated any mailboxes to the new server yet.
  2. When I do begin to migrate mailboxes from 2003 to 2007, I believe I should change my NAT rules to direct inbound mail flow and OWA traffic to the new Exchange 2007 server. Am I correct in thinking that the 2007 server will redirect traffic to the 2003 server for mailboxes it does not yet host?
  3. I currently implement Outlook Anywhere (RPC-HTTPS) on my Exchange 2003 server using an SSL certificate from Network Solutions. I assume I will need to get a new certificate for the new 2007 server, correct? Can anybody recommend a best practice for making this switch? Will my Outlook Anywhere implementation break when I bring Exchange 2007 online?

Any additional advice or best practice suggestions are welcome.

Kyle Noland
  • 1,039
  • 3
  • 19
  • 21

4 Answers4

3

  1. Yes you can continue to use your 03 box as a mail server. You can also have it as your "SMTP Gateway/Transport" still if it is where all your email comes into from the internet.

  2. OWA will be tricky since you can only have it pointing to a single server. So existing mailboxes on the 2003 box won't be able to use OWA until they are migrated (unless you go through a big ordeal that I don't want to describe here).

  3. You will need a certificate for Outlook Anywhere. Regardless, you'll need to setup autodiscover.domain.com DNS records externally for Outlook Anywhere to work properly automagically.

Things to note from our migration:

-Blackberry stuff can be tricky, move the BESAdmin account first. -Activesync relies on the Client Access stuff, so either move them all first, or all last. This will affect OWA though since the same rules apply. -if you have a small enough company (under 500 people) I would strongly recommend moving around 25-50 on a weekend, let them test throughout the next 2 weeks, then move EVERYONE else in a single weekend. -you shouldn't have to mess with their outlook profiles -Migrate resource mailboxes over and then convert them to true "resource mailboxes" using Powershell and OWA

The things that I remember vividly is that OWA/Activesync definitely broke if you moved it over to the 07 box first. So we ended up moving all of the OWA/Activesync users at the same time and then moving the firewall rules to redirect to the 07 box.

EDIT: I'm referring to what happens to OWA if you only have a single Exchange 07 server and don't bother to setup 2 different URLs and redirects for OWA clients. See the technet article I refer to in the comments below.

TheCleaner
  • 32,627
  • 26
  • 132
  • 191
  • 1. Will the 20003 box be the "SMTP Gateway/Transport" by default or do I have to manually configured that? 2. The article I linked to seems to indicate that the 2007 box will redirect OWA requests for mailboxes it does not host to the 2003 box automatically. Is this not your experience? 3. This should have read RPC-HTTPS, which does require a certificate. I have corrected this point in my question. – Kyle Noland Jun 09 '09 at 15:33
  • Kyle is right, once you install the CAS server (part of exchange 2007) it will work as a front end server for any other exchange servers and essentially proxy requests. OWA will work just as well as it had before you installed 2007 just with a different address. – TrueDuality Jun 09 '09 at 16:08
  • Kyle, My OWA experience is because we only had a single 03 box and were only migrating to a single 07 box. See here: http://technet.microsoft.com/en-us/library/bb885041.aspx basically OWA redirection works fine if you have a CAS 07 box as a separate box, but if it is a single 07 box you have to create 2 different URL redirects, which we weren't willing to do because users wouldn't know which one to use. – TheCleaner Jun 09 '09 at 18:25
  • @TheCleaner, you **do** need a certificate for Outlook Anywhere, from Exchange 2007 onwards it only works using HTTPS. – Massimo Feb 05 '12 at 18:15
  • @Massimo, you are correct. I will edit my statement for future reference. – TheCleaner Feb 09 '12 at 20:54
2

You can run outlook 2003 on an exchnage 2007 network with no problems, did a magration recently and removed the 2003 server when done, the workstations with outlook 2003 still work fine

1

  1. The simple act of introducing an Exchange 2007 server in an existing Exchange 2003 infrastructure doesn't change anything at all about mail flow or client access. Things start to actually change when you reconfigure your firewall to expose your new server to the Internet instead of the old one, and/or when you move mailboxes to the new server.

  2. There are two different things to consider here: mail flow and client access.

    • For mail flow, you'll need to a) configure your Exchange 2007 server to accept messages from external sources, as it by default doesn't, and b) reconfigure your firewall to forward incoming SMTP traffic to it instead of the old server. When this is done, incoming messages will go to your Exchange 2007 server, which will then either deliver them to mailboxes it hosts, or send them to Exchange 2003 for mailboxes that are still hosted there.
    • For OWA, you'll need to configure Exchange 2007 to use the same external URL Exchange 2003 is using, install your certificate on the Exchange 2007 server, and then reconfigure your firewall to forward HTTPS traffic to Exchange 2007 instead of Exchange 2003; users will log in to Exchange 2007, and then it will either use its own OWA (for mailboxes it hosts) or proxy the request to Exchange 2003 (for mailboxes still hosted there); there is no need to make both servers accessible from outside, as Exchange 2007 can and will proxy OWA access to Exchange 2003 servers. This is not true instead for Exchange 2010, which redirects requests to a different URL where Exchange 2003 needs to be made reachable (you usually need two certificates, two public names and two IP addresses during a 2003->2010 or a 2007->2010 transition).

  3. Exchange 2007 can safely handle Outlook Anywhere access for mailboxes that are residing both on Exchange 2007 and on Exchange 2003. You only need to enable Outlook Anywhere, configure its URL to be the same you used for Exchange 2003, install your certificate on Exchange 2007 and modify your firewall configuration to publish Exchange 2007 instead of Exchange 2003 (the last two steps are the same you already need for OWA).

Massimo
  • 70,200
  • 57
  • 200
  • 323
-2

There are 2 things I learned from Microsoft seminar early this year re migrating Exchange 2003 to 2007, and it seems to worth sharing.

  1. Once the last 2003 box is removed from the domain, it cannot be brought back anymore. It's permanently gone.

  2. If you have even one Outlook 2003 in your network, you will have to keep at least one Exchange 2003 box in the same network.

I haven't had chance get my hands on 2007 box yet. But from my understanding, RPC-HTTP does need digital certificate to encrypt the data sent between the server and the client. It doesn't matter how you issue it but you will have to need it to secure the traffic. If the address still remain the same you don't need to re-issue a new one.

kentchen
  • 754
  • 5
  • 9
  • Regarding your second point, is this documented anywhere? I have read fairly extensively about this procedure and have never seen this mentioned anywhere. Are you saying that as long as I have Outlook 2003 clients on the domain, I must maintain an Exchange 2003 AND an Exchange 2007 server? – Kyle Noland Jun 09 '09 at 16:04
  • I can tell you from personal verification that Outlook 2003 clients will work with Exchange 2007, the problem lies in the Public Folders. Exchange 2007 has done away with Public Folders but they can be created to support older clients – TrueDuality Jun 09 '09 at 16:09
  • OK, thanks. I was aware of the Public Folder issues, but believe they have been accounted for in the walkthrough I linked to in my question. – Kyle Noland Jun 09 '09 at 16:15
  • I recall that the issue has been both on public folder and free/busy stuff. – kentchen Jun 09 '09 at 16:59
  • Our last 2003 server has been down for 2 months now, and our Outlook 2003 clients are still working fine. Yes, your offline address book will need to be published via Public Folders, but that is the only issue that I recall. – Doug Luxem Jun 09 '09 at 20:33
  • Suppose I were going to move a client from POP mailboxes from an outside vendor to Exchange 2007, with no public folders, etc. I still have clients using Outlook XP and Outlook 2003. Would they run fine with the older clients, and just not support the public folders and free/busy features? – phuzion Jun 24 '09 at 14:27
  • The clients will still work. Free/Busy information in Exchange 2003 is located in the Public Folders so that will not be available. – TrueDuality Jun 25 '09 at 18:59
  • Email, calendering, invites, contacts all those goodies will still work in 2003 clients – TrueDuality Jun 25 '09 at 19:00