Exchange 2010 Migration - Decommissioning Multi Role Server and Splitting Roles to 2 new servers - Certificate Query

Hi,
I have been tasked with decommissioning our single Multi Role Server (CAS/HT/MB) and assigning the roles to 2 new servers. 1 server will be dedicated to CAS and the other new server will be dedicated to HT & MB roles.
I think I'm OK with the moving of HT and MB roles from our current server to the new HT/MB server by following "Ed Crowley's Method for Moving Exchange Servers", my focus is on the migration of the CAS role from the current to the new server as
this one has the potential to kill our mail flow if I don't move the role correctly.
The actual introduction of the new CAS server is fairly straight forward but the moving of the certificate is where I need some clarification.
Our current multi role server has a 3rd Party Certificate with the following information:
Subject: OWA.DOMAIN.COM.AU
SANs: internalservername.domain.local
          autodiscover.domain.com.au
The issue here is the SAN entry "internalservername.domain.local" which will need to be removed in order for the certificate to be used on the new CAS server, firstly because the CAS server has a different name and secondly the internal FQDN will
no longer be allowed to be used from 2015 onwards. So I will need to revoke this certificate and issue a new certificate with our vendor who is Thawte.
This presents me with an opportunity to simplify our certificate and make changes to the URLs using a new certificate name, so I have proposed the following:
New Certificate:
Subject: mail.domain.com.au
SANs: autodiscover.domain.com.au
          OWA.DOMAIN.COM.AU
I would then configure the URLs using PowerShell:
Set-ClientAccessServer -Identity NEWCASNAME-AutodiscoverServiceInternalUrl https://mail.domain.com.au/autodiscover/autodiscover.xml
Set-WebServicesVirtualDirectory -Identity " NEWCASNAME\EWS (Default Web Site)" -InternalUrl https://mail.domain.com.au/ews/exchange.asmx
Set-OABVirtualDirectory -Identity " NEWCASNAME\oab (Default Web Site)" -InternalUrl https://mail.domain.com.au/oab
Set-OWAVirtualDirectory -Identity " NEWCASNAME\owa (Default Web Site)" -InternalUrl https://mail.domain.com.au/owa
I would also then set up split DNS on our internal DNS server creating a new zone called "mail.domain.com.au" and add an host A record with the internal IP address of the new CAS server.
Now I know I haven't asked a question yet and the only real question I have is to ask if this line of thinking and my theory is correct.
Have I missed anything or is there anything I should be wary of that has the potential to blow up in my face?
Thanks guys, I really appreciate any insights and input you have on this.

Hi Ed,
Thanks for your reply, it all makes perfect sense I guess I was being optimistic by shutting down the old server and then resubscribing the edge and testing with mailboxes on the new mailbox server.
I will make sure to move all of the mailboxes over before removing the old server via "Add/Remove Programs". Will I have to move the arbitration mailboxes on the old server across to the new mailbox server? Will having the arbitration mailboxes
on the old server stop me from completely removing exchange?
Also, the InternalURL & ExternalURL properties are as follows:
Autodiscover:
New CAS - InternalURL: https://svwwmxcas01.pharmacare.local/Autodiscover/Autodiscover.xml
Old CAS - InternalURL: https://svwwmx001.pharmacare.local/autodiscover/autodiscover.xml
WebServices:
New CAS - InternalURL: https://svwwmxcas01.pharmacare.local/EWS/Exchange.asmx
New CAS - ExternalURL: https://owa.pharmacare.com.au/EWS/Exchange.asmx
Old CAS - InternalURL: https://svwwmx001.pharmacare.local/ews/exchange.asmx
Old CAS - ExternalURL: https://owa.pharmacare.com.au/EWS/Exchange.asmx
OAB:
New CAS - InternalURL: http://svwwmxcas01.pharmacare.local/OAB
New CAS - ExternalURL: https://owa.pharmacare.com.au/OAB
Old CAS - InternalURL: https://svwwmx001.pharmacare.local/oab
Old CAS - ExternalURL: https://owa.pharmacare.com.au/OAB
OWA:
New CAS - InternalURL: https://svwwmxcas01.pharmacare.local/owa
New CAS - ExternalURL: https://owa.pharmacare.com.au/
Old CAS - InternalURL: https://svwwmx001.pharmacare.local/owa
Old CAS - ExternalURL: https://owa.pharmacare.com.au/
ECP:
New CAS - InternalURL: https://svwwmxcas01.pharmacare.local/ecp
New CAS - ExternalURL: https://owa.pharmacare.com.au/ecp
Old CAS - InternalURL: https://svwwmx001.pharmacare.local/ecp
Old CAS - ExternalURL: https://owa.pharmacare.com.au/ecp
Our Public Certificate has the following details:
Name: OWA.PHARMACARE.COM.AU
SAN/s: autodiscover.pharmacare.com.au, svwwmx001.pharmacare.local
From your previous communications you mentioned that this certificate would not need to change, it could be exported from the old server and imported to the new which I have done. With the InternalURL & ExternalURL information that you see here can you
please confirm that your original recommendation of keeping our public certificate and importing it into the new CAS is correct? Will we forever get the certificate warning on all of our Outlook clients when we cut over from the old to the new until we get
a new certificate with the SAN of "svwwmx001.pharmacare.local" removed?
Also, I am toying with the idea of implementing a CAS Array as I thought that implementing the CAS Array would resolve some of the issues I was having on Saturday. I have followed the steps from this website, http://exchangeserverpro.com/how-to-install-an-exchange-server-2010-client-access-server-array/,
and I have got all the way to the step of creating the CAS array in the Exchange Powershell but I have not completed this step for fear of breaking connectivity to all of my Outlook Clients. By following all of the preceeding steps I have created a Windows
NLB with dedicated NICs on both the old CAS and the new CAS servers (with separate IP addresses on each NIC and a new internal IP address for the dedicated CAS array) and given it the name of "casarray.pharmacare.local" as per the instructions on
the website, the questions I have on adding the CAS array are:
1. Do you recommend adding the CAS array using this configuration?
2. Will this break Outlook connectivity alltogether?
3. Will I have to generate a new Public Certificate with an external FQDN of "casarray.pharmacare.com.au" pointing back to a public IP or is it not required?
4. If this configuration is correct, and I add the CAS Array as configured, when the time comes to remove the old server is it just as simple as removing the NLB member in the array and everything works smoothly?
So, with all of the information at hand my steps for complete and successful migration would be as follows:
1. Move all mailboxes from old server to new server;
2. Move arbitration mailboxes if required;
3. Implement CAS Array and ensure that all Outlook clients connect successfully;
4. Remove old server;
5. Shut down old server;
6. Re-subscribe Edge from new Hub Transport server;
7. Test internal & external comms;
We also have internal DNS entries that would need changing:
1. We have split DNS with a FLZ of "owa.pharmacare.com.au" that has a Host A record going to the old server, this would need changing from "svwwmx001.pharmacare.local" to "svwwmxcas01.pharmacare.local";
2. The _autodiscover entry that sits under _TCP currently has the IP address of the old server, this would need to be changed to the IP address of the new CAS;
3. The CNAME that sits in our FLZ for "pharmacare.local" would need to be changed from "svwwmx001.pharmacare.local" to "svwwmxcas01.pharmacare.local".
4. Or rather than using the FQDN of the server where applicable in the DNS changes would I be using the FQDN of the CAS Array instead? Please confirm.
Would you agree that the migration path and DNS change plan is correct?
Sorry for the long post, I just need to make sure that everything goes right and I don't have egg on my face. I appreciate your help and input.
Thanks again.
Regards,
Jamie

Similar Messages

  • Exchange 2010 SP3 upgrade on Windows Server Standard SP2

    I'm midway through the swing upgrade process of migrating from Exchange 2003 - Exchange 2010 to Exchange 2013.  Everything has gone smoothly between the Exchange 2003 and Exchange 2010 migration which I started two days ago.  it has been running
    great.  I am beginning the final stages of moving from the Exchange 2010 server to a new Exchange 2013 server, but it requires my Exchange 2010 server to be upgraded to SP3.  I am now trying to install Exchange Server 2013 SP3 Upgrade and I'm
    getting (3) Client Access Role Prerequisites errors.  Finding any of these HotFixes and patches is frustrating, because any link provided does not work.  It has gotten me nowhere.  Here is my Readiness Checks:
    Summary: 6 item(s). 5 succeeded, 1 failed.
    Elapsed time: 00:01:06
    Configuring Prerequisites
    Completed
    Elapsed Time: 00:00:00
    Organization Prerequisites
    Completed
    Elapsed Time: 00:00:08
    Languages Prerequisites
    Completed
    Elapsed Time: 00:00:02
    Hub Transport Role Prerequisites
    Completed
    Elapsed Time: 00:00:15
    Client Access Role Prerequisites
    Failed
    Error:
    Install hotfix Microsoft Knowledge Base article 982867 from http:// code.msdn.microsoft.com/KB982867.
    Click here for help... http:// technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
    Error:
    Install hotfix Microsoft Knowledge Base article 979917 from http:// code.msdn.microsoft.com/KB979917.
    Click here for help... http:// technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
    Error:
    This computer requires the update described in Microsoft Knowledge Base article KB977592 (http:// go.microsoft.com/fwlink/?LinkId=194843). Without this update, the Outlook Anywhere feature may work unreliably.
    Click here for help... http:// go.microsoft.com/fwlink/?linkid=30939&l=en&v=ExBPA.14&id=249bbd89-16b4-4efa-9b66-7ec87f90e44c
    Elapsed Time: 00:00:15
    Mailbox Role Prerequisites
    Completed
    Warning:
    Multi-mailbox search of on-premises and Office 365 mailboxes in a hybrid configuration requires installation of the update mentioned in Microsoft Knowledge Base article 982867 (http:// code.msdn.microsoft.com/KB982867).
    Elapsed Time: 00:00:24
    I put a space between the http://" space "URL so I could display the links.
    Any help/guidance suggestions would be greatly appreciated.
    Chris

    I just got these two to go away:
    Error:
    Install hotfix Microsoft Knowledge Base article 982867 from http:// code.msdn.microsoft.com/KB982867.
    Click here for help... http:// technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
    Error:
    This computer requires the update described in Microsoft Knowledge Base article KB977592 (http:// go.microsoft.com/fwlink/?LinkId=194843). Without this update, the Outlook Anywhere feature may work unreliably.
    Click here for help... http:// go.microsoft.com/fwlink/?linkid=30939&l=en&v=ExBPA.14&id=249bbd89-16b4-4efa-9b66-7ec87f90e44c
    still have this one outstanding:
    Error:
    Install hotfix Microsoft Knowledge Base article 979917 from http:// code.msdn.microsoft.com/KB979917.
    Click here for help... http:// technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
    I have tried the FIX: WCF services that are hosted by NLB computers to route messages to Exchange Server fail when WebHeader settings are added by using a .NET Framework 3.5 SP1 application
    Windows6.0-KB2637518-x64.msu
    when I run it, it tells me "The Update does not apply to your system.  So im thinking I need to remove the .NET Framework 4 Client Profile and the .NET Framework 4 Extended.  reboot, then install
    Windows6.0-KB2637518-x64.msu and then reinstall .NET Framework 4 Client Profile and the .NET Framework 4 Extended
    this has taken a day or so to figure out the order of dependencies and the order to put them on.
    Frustrating, since I won't be using Exchange 2010, were moving all the way to Exchange 2013 on a brand new server.
    Chris

  • Exchange 2010 disconnect AD user from mailbox and reconnect the mailbox to a new copy of the same user with a different username

    How can i get the following done:
    Exchange 2010 disconnect AD user from mailbox and reconnect the mailbox to a new copy of the same user with a different username?
    i nmust do this for 16 users TODAY, SO PLEASE HELP ME OUT HERE.
    Thanks in advance!!
    kind regards,
    Rene Veldman
    System Administrator Teidem bv, The Netherlands.

    Rene,
    Why are you not changing the username of the existing account, instead of deleting the existing one and creating a new one?
    If you truly need to delete and create new, you can save the GUID for the mailbox (Get-MailboxStatistics <mailbox alias> | Fl MailboxGuid), mail disable the existing account (Disable-Mailbox <mailbox alias>
    will work), clean the mailbox database it was hosted on (Clean-MailboxDatabase
    <database name>), then create your new account and recover the existing mailbox to that new account (Connect-Mailbox -Identity <Guid from before> -Database <Database name> -User <SAM account name of new account> -Alias
    <what you wish to set the alias to>).  In PowerShell, for all steps, you would do the following:
    $MbxAlias = <mailbox alias>
    $NewMbxAcct = <SAM Account Name for new account>
    $NewMbxAlias = <new alias for mailbox>
    $DomCtrl = (dir env:\LOGONSERVER).Value.Substring(2)
    $MbxGuid = (Get-MailboxStatistics $MbxAlias -DomainController $DomCtrl).MailboxGuid
    $MbxDb = (Get-Mailbox $MbxAlias -DomainController $DomCtrl).Database
    Disable-Mailbox $MbxAlias
    Clean-MailboxDatabase $MbxDb
    Connect-Mailbox -Identity $MbxGuid -Database $MbxDb -User $NewMbxAcct -Alias $NewMbxAlias -DomainController $DomCtrl
    You will need to supply the information in bold in the above commands, and you will need to create the new account before you run the above commands.  I include direct use of a specific domain controller so you won't need to worry about replication. 
    If you are changing the account from one domain to another, this will not help, and you will need to wait for replication throughout the process, running the commands individually.

  • I am running 10.6.6 on my mac and 10.5.8 on my server and I can not add new people to Ical on my mac but if another user on a 10.5 version of mac can. What is the issue?

    I am running 10.6.6 on my mac and 10.5.8 on my server and I can not add new people to Ical on my mac but if another user on a 10.5 version of mac can. What is the issue?

    Set up iCloud
    Set up iCloud (2)

  • Lync 2010 server and UM role on different domains in different forests

    Hello 
    I have a Lync 2010 environment running on domain A, with exchange 2010 UM also running in Domain A.  We are in the process of migrating users and mailboxes from domain A to domain B.  Once we reach our enterprise voice users with exchange UM enabled
    we will need to install the exchange UM role on the exchange server in Domain B.  
    There is a 2-way trust relationship between domain A and domain B.
    All the users from are running Lync on a PC located in Domain B, using Lync credentials from Domain A.
    Are there any issues running Lync 2010 and Exchange UM from different domains in different forests?  Is it as simple as creating a new UM DialPlan and UM IP Gateway to the domain A Lync FQDN?
    Thanks

    Hi,
    Each UM forest must be configured to trust the forest in which Lync Server is deployed, and the forest in which Lync Server 2013 is deployed must be configured to trust each UM forest. If Exchange UM is installed in multiple forests, the Exchange
    Server integration steps must be performed for each UM forest or you’ll have to specify the Lync Server domain.
    Here is a link about for UM of Lync server 2013 but similar for Lync server 2010:
    http://technet.microsoft.com/en-us/library/jj966276(v=exchg.150).aspx
    Best Regards,
    Eason Huang
    Eason Huang
    TechNet Community Support

  • Exchange 2003 to Exchange 2010 migration steps

    HI ,
    I have migrated windows 2003 to windows 2008.Its successfully migrated.
    Second phase i have a plan to migrate exchange 2003 to exchange 2010.
    My current setup
    windows 2008 64bit (DC)
    exchange 2003 sp2
    1
    Bring the Exchange organization to Exchange Native Mode.
    2
    Upgrade all Exchange Servers to Exchange Server 2003 Service Pack 2.
    3
     Bring the AD forest and domains to Windows Server 2003 Functional (or higher) levels.
    4
     Upgrade at least one Global Catalog domain controller in each AD site that will house Exchange Server
    to Windows Server 2003 SP2 or greater.
    5
     Prepare a Windows Server 2008 (RTM or R2) x64 edition server for the first Exchange 2010 server.
    6
    Install the AD LDIFDE tools on the new Exchange 2010 server (to upgrade the schema).
    7
     Install any necessary prerequisites (WWW for CAS server role).
    8
    Run setup on the Exchange 2010 server, upgrade the schema, and prepare the forest and domains. (Setup runs all in one step or separate
    at the command line.)
    9
     Install CAS server role servers and configure per 2010 design. Validate functionality.
    10
    Transfer OWA, ActiveSync, and Outlook Anywhere traffic to new CAS servers.
    11
     Install Hub Transport role and configure per 2010 design.
    12
     Transfer inbound and outbound mail traffic to the HT servers.
    13
     Install mailbox servers and configure Databases (DAG if needed).
    14
    Create public folder replicas on Exchange 2010 servers using pfmigrate.wsf script, AddReplicaToPFRecursive.ps1, or Exchange 2010
    Public Folder tool.
    15
    Move mailboxes to Exchange Server 2010 using Move Mailbox Wizard or Power Shell.
    16
     Rehome the Offline Address Book (OAB) generation server to Exchange Server 2010.
    17
    1Rehome the public folder hierarchy on the new Exchange Server 2010 admin group.
    18
     Transfer all Public Folder Replicas to Exchange Server 2010 Public folder store(s).
    19
     Delete Public and Private Information Stores from Exchange 2003 server(s).
    20
     Delete Routing Group Connectors to Exchange Server 2003.
    21
    Delete Recipient Update Service agreements using ADS Edit.
    22
    Uninstall all Exchange 2003 servers.
    This  is my plan to migrate.But  i have a doubt in installing exchange 2010 in this scenario.
    Is it necessary to use
    Setup.com /PrepareLegacyExchangePermissions,
    Please help me what excactly i have to do

    I think that <a href="http://www.micronobal.com/blog/2014/5/1/exchange-server-migration-to-the-cloud-ensure-a-seamless-transition" title="Exchange Server Migrations">Exchange Server
    Migration</a>  is a very delicate project and to be taken very seriously as it is a detailed work as well. You are giving us some great tips. 
    Some Articles I would like to share as well:
    <a href="http://www.micronobal.com/blog/2014/5/1/exchange-server-migration-to-the-cloud-ensure-a-seamless-transition" title="Exchange Server Migration to the Cloud - Seamless Transition.">
    Exchange Server Migration to the Cloud</a>
      It takes a lot of time and effort to get it right. Thank you for helping
    Here some information about services for migrations
    <a href="http://www.micronobal.com/business/cloud/advancedtechnologyservices" title="Migrate your email to the cloud.">Business Email migration</a>

  • Exchange 2003 Exchange 2010 migration confusing?

    Hi,
    I have searched several articles for this migration in this forum and other forums (ie
    petenetlive,
    simple-talk, 
    Exchange Server Deployment Assistant,
    Technet) but when you start reading the guides there are discrepancies between one and the others and vice versa.
    I have this scenario:
    1) Old server windows 2003 R2 std + exchange 2003
    2) New server windows 2012 R2 + exchange 2010
    I have not installed exchange 2010 yet because I had to first update Active Directory schema to W2012 (adprep /forestprep, adprep /domainprep) R2 and also update exchange schema using  setup /PrepareSchema from the exchange 2010 media.
    Then I read that I have to install Exchange 2010 in stages ie Client Access Role first, then Transport Hub and then Mailbox role.
    Also a digital certificate i required and was wondering if I could still use a self signed certificate.
    Does anyone know of a very good article or video that explains this process consistently STEP by STEP?
    Thanks
    Regards
    Ipnotech

    Hi,
    Here are more good articles about install Exchange 2010 in Exchange 2003 environment:
    Exchange 2003 - Planning Roadmap for Upgrade and Coexistence:
    http://technet.microsoft.com/en-us/library/aa998186(v=exchg.141).aspx
    Install Exchange 2010 in an Existing Exchange 2003 Organization:
    http://technet.microsoft.com/en-us/library/dd638130(v=exchg.141).aspx
    Create a New Exchange Certificate:
    http://technet.microsoft.com/en-us/library/dd351057(v=exchg.141).aspx
    If you have any question, please feel free to let me know.
    Thanks,
    Angela Shi
    TechNet Community Support

  • Exchange 2010 Emails relay to different server

    Hi Guys
    We are having some trouble in emails. We have hosted exchange for customer. The same Exchange Server(2010) hosts emails for company as well.
    We migrate the email and accounts to hosted exchange from other mail server(exchange,google etc)
    I need to migrate a new customer to hosted exchange but before that I need to migrate few accounts for testing. The issues I need to address is that as soon as I will migrate one mailbox to our hosted exchange, any emails sent to that users from our company
    email address will be routed internally. 
    For Example
    There is a customer with email : [email protected] and is hosted within their own exchange(ExchangeServe1)
    We have a Hosted Exchange(ExchangeServer2) server which hosts our emails and we offer email solution to customers.
    When I will migrate [email protected] into our Exchange server(Exchange Server2) and if after migration I want to send some email from my company email address(Exchange Server2)  exchange will do internal routing and forward email to [email protected] which is
    in the same exchange server(ExchangeServer2).
    But I want exchange to forward email to existing customer exchange server(ExchangeServer1).
    We are not changing MX record yet so incoming emails from anywhere else would be fine except when we will send emails from our company emails addresses to abc.com domain.
    So my question, How do I configure our exchange that it does not send emails to an organization configured in the same exchange server.

    you can do this manually with a contact on the old exchange server and a transport rule to forward a copy to the new server you will have to come up with a unique name for the new server at least on a temporary basis maybe a sub domain.
    you could also remove the allowed domain name of this customer from your server this is how exchange determined delivery.

  • Exchange 2010 Tracking Delivery to Remote Server

    We're partway through a migration from Exchange 2003 to Exchange 2013. Currently we have our Exchange 2010 environment up and running for several weeks.
    I'm trying to determine how to use the message tracking in Exchange 2010 to verify delivery of mail to a remote server.  In the 2003 message tracking I'd enter the recipient and the tool would check the logs and show if the message was successfully
    transferred to the remote host.  I'm trying to find the analog for this tracking in 2010 and so far have not been able to do so.  I've found the "Get-MessageTrackingLog - Recipients [email protected]" powershell command, but it's not giving
    me the information I'm looking for.  Any assistance is appreciated. Thanks in advance.

    I've found the tracking, but I can't find out how to get the same info from that tracking that I did in 2003 (I know it's there somewhere, but haven't been able to find the right commands).
    In the 2003 Tracking Center I only need to type the server and a recipient, pick a time frame and it'll show all messages sent to that recipient.  Clicking on one of the results it'll show the message going through the queue, the categorizer, then
    starting the outbound transfer of the  message, ending with something like, "Message transferred to bn1affo11fd014.mail.protection.outlook.com through SMTP."
    In 2010 I have a couple of options in the toolbox.  Initially I figured I'd use the Message Tracking interface, however that only allows you to search from a particular mailbox.  In most cases the messages I'm trying to track are submitted by a
    web application that does not have an Exchange mailbox.
    I then tried using the Tracking Log Explorer, but that's where my understanding breaks down.  I've not been able to figure out what options I need to select to get the equivalent of the information I'd mentioned in the 2003 example above (or the equivalent
    powershell command).

  • Same CAS Array Exchange 2010 (HLB), with OS Windows 2008R2 and Windows 2012.

    Hello,
    We have a 10 node DAG (Exchange 2010 SP3, Windows 2008 R2), with 2 CasArray.
    We are planning to add news (multirole) servers and create a new DAG (Exchange 2010 SP3, Windows 2012) in this infra, in the same AD site, to migrate all mailbox from the other DAG (Migration from virtual servers to physical servers).
    So we use the same CasArray (HLB, with F5) with différent OS version, during the migration time (1 month or more). I haven't found anything that say it's not supported or can be problematic.
    Have you feedback or advice?
    Thanks,
    Sébastien

    Hi,
    Based on my knowledge, there is no need to deploy a CAS array with CAS servers running on the same Window version. The version can be different.
    After a Client Access server array is defined within an Active Directory site, all Client Access servers within that Active Directory site are automatically part of the Client Access server array.
    Best regards,
    Belinda
    Belinda Ma
    TechNet Community Support

  • Exchange 2003 to Exchange 2010 Migration

    Is there anything I have to do to migrate Exchange 2003 to Exchange 2010 aside from migrating the database(s)? I believe autodiscover picks up the new server when people open Outlook?

    It will definitely HELP
    you with the migration process, its not a guaranty for a successful one.
    You should be familiar with both systems (Exchange 2003 & 2010) and know the migration process and be familiar with each step .
    Best practice is to make the migration in lab environment that is a copy of you production environment first. that way you will get an experience with the process and know in advance if there are any issues before go to production. I
    know that in real world this is not always possible.
    Here is another grate guide from Pete Long:
    http://www.petenetlive.com/KB/Article/0000234.htm
    As a side note, Exchange SP1 or SP2 no longer supported, so make sure your Exchange 2010 is installed with minimum SP3 (RU5 is better).
    Please take a moment to Vote as Helpful and/or Mark as Answer where applicable. Thanks.

  • Decommissioning of CA server and Recommission of ADCS

    Hi All,
    Recently I have to upgrade my old Windows 2003 with FSMO roles to Windows 2008 R2 while retaining the hostname and IP address of the old server. I have transferred the FSMO roles to another Win2k8 R2 server. On the old windows 2003 server, it was installed
    with CA service. I reviewed the Certificates Stores and found out that all the certificates have expired and there isn't any new pending request for a month so I decide to remove the Certificate Services from the old windows 2003 server and not install any
    CS on the Win2k8 R2 server.
    I used a combination of the following guides
    1. http://technet.microsoft.com/en-us/library/ee126170%28v=ws.10%29.aspx
    2. http://support.microsoft.com/kb/555151
    This morning, my boss informed me that he want to use LDAP over SSL and want me to setup ADCS in the forest.
    Questions:
    1. Can I install a new ADCS in my current forest on the same server using back the same hostname and IP? What is the step to do this?
    2. Before I remove the Certificate Services from the old DC, I did a backup of the database and config. Is that of any use to me? Can I restore the data back?
    3. Is there any other way to enable LDAP over SSL?
    4. Assuming in the future I have to upgrade all the DCs from Win2k8 R2 to Win12, for the DCs with the Certificate Services, do I have to go through the process of migration again (The steps to remove the CS is lengthy and troublesome)?
    5. Can the ADCS be installed on a Member Server running Win2k8 R2 as DC demotion cannot happen until the ADCS service is remove or migrated for that server?
    Hope someone can advise me on this.
    Thanks & Regards.

    Hi,
    Based on my research, it is not recommended to install Certificates Services on Domain Controllers, as you mentioned, we have to uninstall Certificate Services if we want to demote the DC. Therefore, yes you can install ADCS on
    a member server, which is a recommended way.
    If you want to use the same host name and IP address for the new CA, please make sure that you have removed all related objects as this article guides:
    How to Decommission a Windows Enterprise Certification Authority and How to Remove All Related Objects
    http://social.technet.microsoft.com/wiki/contents/articles/3527.how-to-decommission-a-windows-enterprise-certification-authority-and-how-to-remove-all-related-objects.aspx
    Since there are CA objects stored in Active Directory, please wait for the AD replication completes, then install Certificate Services on the same host.
    As for the backup, yes you can restore the data back, in addition, if you restore the backup to another server, then it becomes a migration process.
    If you don’t want to set up an internal CA to support LDAP over SSL, you can also use third-party certificates.
    More information for you:
    How to enable LDAP over SSL with a third-party certification authority
    http://support.microsoft.com/kb/321051
    Windows Server 2008 - Enable LDAP over SSL
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/be63bfb5-6578-4590-8369-4488e9952750/windows-server-2008-enable-ldap-over-ssl?forum=winserverDS
    I hope this helps.
    Amy

  • Is WMF3 or WMF4 supported in Exchange 2010 SP3 UR5 installed on Server 2008 R2 SP1?

    We'd like to upgrade WMF (aka powershell) on our Exchange 2010 servers but I haven't been able to find any updated information on support with the most recent servicepack/update rollup.
    Is installing WMF3 or WMF4 supported on Server 2008 R2 SP1 w/ Exchange 2010 SP3 UR5?

    WindowsPowerShell 3.0 is supported. Haven't seen 4.0 running for exchange 2010 on 2008 R2
    http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/30/weekend-scripter-wmf-powershell-and-exchange-server-compatibility.aspx
    http://blog.crayon.no/blogs/janegil/archive/2013/11/17/how_2D00_to_2D00_install_2D00_windows_2D00_powershell_2D00_4_2D00_0.aspx
    Cheers,
    Gulab Prasad
    Technology Consultant
    Blog:
    http://www.exchangeranger.com    Twitter:
      LinkedIn:
       Check out CodeTwo’s tools for Exchange admins
    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
    Gulab,
    Where did you read that WMF3 is supported on Exchange 2010 SP3 on Server 2008 R2?
    Neither of the links you pasted suggest that and in fact explicitly say "There has been no testing with ExchangeServer 2010 SP3 and WMF 3.0 installed on Windows Server 2008 R2."
    My Bad, that was TYPO...
    Cheers,
    Gulab Prasad
    Technology Consultant
    Blog:
    http://www.exchangeranger.com    Twitter:
      LinkedIn:
       Check out CodeTwo’s tools for Exchange admins
    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

  • Case of the Missing User Exchange 2003 - Exchange 2010 Migration issue

    Hey All,
    I am in the middle migrating from Exchange 2003 to Exchange 2013 by way of Exchange 2010 and going through the final parts of my Exchange 2010 portion of the migration I found that one of the users on Exchange 2003 is not showing up in the EMC to migrate.
    In EPS I can find the user with Get-User username but I cannot get the mailbox or kick off the mailbox move from EPS giving me the error of "Object could not be found" It is a valid user with a valid user mailbox and I can log into the
    mailbox in OWA for Exchange 2003. Any thoughts as to why the user's mailbox is not showing in EMC or that I can't get it to move via PS?
    Thanks,
    Joe

    Hello,
    Come back and mark the replies as answers if they help and unmark them if they provide no help.
    I'm marking the reply as answer as there has been no update for a couple of days.
    If you come back to find it doesn't work for you, please reply to us and unmark the answer.
    Cara Chen
    TechNet Community Support

  • TS4136 Apple Mail ActiveSync issue during Exchange 2007 to Exchange 2010 migration

    When customer configures the ActiveSync account on Apple Mail (using Exchange Server 2010 CAS array name) for the user whose mailbox is on Exchange Server 2007, they are not able to get any mail and account displays offline. It shows the mailbox empty as well, even though mailbox has the email items in it.
    But when same account is configured using ActiveSync (using Exchange 2007 CAS Server name) it works fine.
    ActiveSync & Web Services URLs for Exchange 2010 and Exchange 2007 are given as below:
    S#
    Virtual Directory
    URL
    Exchange Server 2010
    Exchange Server 2007
    1
    Web Services Virtual Directory
    Internal URL
    https://email2.domain.ae/EWS/Exchange.asmx
    https://email.domain.ae/EWS/Exchange.asmx
    2
    Web Services Virtual Directory
    External URL
    https://email2.domain.ae/EWS/Exchange.asmx
    https://email.domain.ae/EWS/Exchange.asmx
    3
    ActiveSync Virtual Directory
    Internal URL
    https://email2.domain.ae/Microsoft-Server-ActiveSync
    https://email.domain.ae/Microsoft-Server-ActiveSync
    4
    ActiveSync Virtual Directory
    External URL
    https://email2.domain.ae/Microsoft-Server-ActiveSync
    https://email.domain.ae/Microsoft-Server-ActiveSync
    Following error is logged on Console on Mac when this issue happens:
    30/10/12 3:27:28.398 AM
    Mail
    *** Assertion failure in -[EWSConnection _fetchRootFolderId:], /SourceCache/Message/Message-1278/MessageStores.subproj/EWSConnection.m:202
    EWS fetchRootFolderId: expected one folder in response, received: 0
    0   Message                             0x00007fff8cdeeef8 -[MFAssertionHandler _handleFailureWithPreamble:description:arguments:] + 116
    1   Message                             0x00007fff8cdef08e -[MFAssertionHandler handleFailureInMethod:object:file:lineNumber:description:] + 185
    2   Message                             0x00007fff8cd1c8db -[EWSConnection _fetchRootFolderId:] + 768
    3   Message                             0x00007fff8cd1deba -[EWSConnection _connectAndAuthenticateUsingAccount:] + 650
    4   Message                             0x00007fff8cd1c42d -[EWSConnection connectUsingAccount:] + 462
    5   Message                             0x00007fff8cd1996a -[EWSAccount authenticatedConnection] + 437
    6   Message                             0x00007fff8cd2c00e -[EWSGateway connection] + 55
    7   Message                             0x00007fff8cd2dddf -[EWSGateway sendMessage:forRequest:] + 43
    8   Message                             0x00007fff8cd3e54c -[EWSRequestOperation executeOperation] + 108
    9   Message                             0x00007fff8ce0f97f -[MonitoredOperation main] + 228
    10  Foundation                          0x00007fff94aae6b4 -[__NSOperationInternal start] + 705
    11  Foundation                          0x00007fff94ac1912 ____NSOQSchedule_block_invoke_2 + 124
    12  libdispatch.dylib                   0x00007fff8adc8a86 _dispatch_call_block_and_release + 18
    13  libdispatch.dylib                   0x00007fff8adc9965 _dispatch_worker_thread2 + 255
    14  libsystem_c.dylib                   0x00007fff8a32c3da _pthread_wqthread + 316
    15  libsystem_c.dylib                   0x00007fff8a32db85 start_wqthread + 13

    Hi Akebono,
    Let's check a few things in your server:
    1. From the Organization Configuration - Client Access - Exchange Activesync policies - Default: Verify if the option "Allow non-provisionable devices" is ON.
    2. From Server Configuration - pointing <YourExchange2010> - Certificates: Verify if your SSL certificate is assigned to IIS. (You should also be able to see this certificate from OWA https session)
    3. The problem may also reside in iPhone outdated software, try to test activesync connection from iPhone with the latest OS version.
    4. Take a look at logs in C:\inetpub\logs\LogFiles\W3SVC1\ of Exchange 2010, those might give some more details on connectivity problems.
    5. If you still experience such problems - post the ExRCA error report here.
    ▲ Vote if Helpful / Mark if Answer
    MCSE: Messaging 2013 Charter / Private Cloud / Server Infrastructure
    MaximumExchange.ru

Maybe you are looking for

  • My ethernet data speed slowly slows down until it doesn't work. How do I fix this.

    So as the title says, I plug my MacPro into hard wired ethernet and slowly but surely my data speeds drop to the point that I have to unplug the ethernet and go back to using wifi. Then if I restart the computer and plug it back in it'll work fine fo

  • How to display error message in MSS

    Hi all , I want to desplay an error message in MSS(Portal) at the time of  compensation management . I am implementing BADI HRECM00_SALARY. Please suggest me how to do that . Thanks in advance . Naval Bhatt Edited by: naval  bhatt on Jun 11, 2008 11:

  • I JUST UPLOADED A FILE. HOW DO I SEND IT TO MY CLIENT?

    HOW DO I SEND A CLIENT A FILE i JUST UPLOADED TO THIS SITE?

  • About This Mac screen in Lion still that of Snow Leopard

    I recently wiped my MBP's drive, installed Lion and migrate all my apps and data manually. After I got settled in I remebererd Lion was supposed to have this fancy new "About This Mac" screen. I was very disappointed to find my system does not have i

  • Problem with desktop icon moving

    Whenever I restart my computer, the "Macintosh HD" icon moves to become the bottom icon out of my list of icons, leaving the top right space empty where it usually should be. This has been happening for about a week after having my computer for three