Migrate Active Directory 2003 to 2012 R2 and Exchange Server 2007 to 2013.

Similar Messages

• Upgrading from SBS 2008 and Exchange Server 2007 and Adding Modest Failover Protection

  I haven't seen anyone describe this scenario, so maybe it can't be done, but it seems it should work. Can someone either confirm this is viable or set me straight and tell me it's not wise (and if not, why not).
  I currently have SBS 2008 (2008 Server + Exchange Server 2007 + some other components). I use redirected folders so all my user data is stored primarily on the server, and then sync'd with their local harddrives for roaming use and as an additional
  backup precaution. I want to upgrade to a modern version of Exchange (don't care too much about the underlying server OS, but seems like a good time to upgrade everything). I also want to improve the reliability for rapid recovery in the event of a system
  failure. I have always felt nervous with SBS because it only runs on a single server.
  My plan is:
  Install Windows Server 2012 Standard on a new server machine
  Join that new server to the existing SBS domain and sync the users, etc.
  Install Exchange Server 2013 on the new 2012 Server
  Migrate the existing Exchange data and account info to the new server
  Demote the SBS Server and promote the new server to primary DC
  Reformat the old SBS server and install Windows Server 2012 on it too, and join it to the domain as a second DC
  Set up DFS Replication and keep all my user data folders between the two servers (so if one server fails, the other can take over, just not automatically like with a cluster)
  Install Exchange Server 2013 on the reformatted 2012 Server box (so second instance on the domain) and set it up to sync with the first Exchange Server 2013 via DAG (so if either computer crashes, the other can take over for both Exchange Server and file
  services)
  Wouldn't that give me a complete slow-response failover system without the need for setting up a cluster (I know a cluster would provide instant failover protection, but I don't need that kind of speed - a manual switchover in the rare event of a server
  failure is acceptable for us)? I could do this using cheap hardware for each server, because unless both servers fail at the same time, clients can point to the other server. And because it's not a formal cluster, I don't need to buy anything for a shared
  SAN. This seems like such an obvious more cost-effective solution for a small network, I don't understand why this isn't a common approach, which makes me wonder if there is some reason it won't work.
  Any suggestions or feedback? Are Redirected Folders still recommended for users on a Server 2012-based domain?
  Thanks,
  Colin
  Colin

  Ed, thanks again for your help. OK, so here's my updated plan (I realize I should probably check on some of these pieces on the Server group, instead of this Exchange group).
  Constraints/objectives:
  None of the machines are truly server grade hardware, but only 5 people on the network, so performance is generally not an issue, unless a given server is just pegged on CPU or HD due to its own internal maintenance tasks and can't respond to user requests.
  Haven't seen any problems, since upgrading server from 4GB RAM to 8GB a few years ago.
  Not going to buy any new hardware at this time, but do have several unused consumer-grade computers I can deploy as wimpy or moderate servers.
  Main issue is to limit repair time in the event of a system failure (instant failover is not required, but want to be able to restore network functions within less than 24 hours in the event of a hardware failure) and minimize time spent on IT
  maintenance.
  Because of light IT maintenance (not anyone's primary job and we're too small to justify a dedicated IT person or to pay for outside help), almost every touch takes me research and time to re-learn what I haven't done in weeks, months, or years -- so also
  want to keep all IT tasks as simple as possible.
  We philosophically want to invest now for the next 5 years and avoid ongoing cloud fees (so zero interest in Windows Server Essentials with Exchange Online)
  A little nervous about using VM's, just because I never have before, but I do respect that's probably the right way to do many of these things...
  Currently I have SBS 2008 (Windows Server 2008 R2, Exchange Server 2007, WSUS 3, all with latest SP's, also includes SharePoint and other stuff, but I don't really care about most of it) on a single 8GB consumer grade system, which functions as a file
  server and Exchange server. We use Redirected Folders and Offline files for all users, which works great for us and provides additional file redundancy (if server goes down, all of each user's files are also on their own machine and they can even continue
  to work just fine w/o the server, losing only ability to send and receive e-mail). It has been sufficient, but I want to upgrade our version of Exchange and I am nervous that if that current one server fails, it would take me a long time to restore everything
  from backup, easily many days, especially if I need to buy any replacement hardware. It is RAID1, so a single drive failure is easy to handle, but that's the only hardware redundancy for the current server.
  New Plan:
  Install Windows Server 2012 R2 Standard on a new modest machine (16GBR RAM, Core i7, 1TB RAID1 (may upgrade to 3 or 4 TB), 256 GB SSD boot drive, this had been my old personal computer)
  Join that new server to the existing SBS domain (2008 R2/Exchange 2007), make it a DC, sync the users, etc.
  Install Windows Server 2012 R2 Standard on a wimpy computer (4GB RAM Core i3 processor), leave it as a member server
  Install Exchange Server 2013 on the wimpy new 2012 R2 Server (and nothing else, this will be dedicated to Exchange to make the most of such a wimpy machine)
  Migrate the existing Exchange data from the old SBS Exchange 2007 server and account info to the new server
  (or should I just create new accounts and copy the data from the user end through Outlook -- is that safer and cleaner than attempting any kind of server-level Exchange data migration?)
  Demote the old SBS Server and promote the new 16GB server to primary DC. Now it's OK to take the old SBS server off the network.
  Reformat the old SBS server and install Windows Server 2012 R2 on it too, and join it to the domain as a second DC (and possibly DCPROMO it to be the main server)
  Install Exchange Server 2013 in a VM on the reformatted 2012 R2 Server box (so second instance on the domain for Exchange redundancy) and set it up to sync with the first Exchange Server 2013 via DAG OR set up another physical wimpy member server and install
  it there. In any case, do NOT install Exchange directly on either DC.
  Set up DFS Replication or a Failover Cluster (still need to research this, but I had planned on DFS, thinking Cluster required shared drive, but Ed corrected me on this) between the two DC's for redirected files and keep all my user data folders between
  the two servers. We don't need automatic failover, like with a cluster, a manual switch would be acceptable, but if no additional cost or risk to clustering the two DC's, then the auto-failover protection that provides would be better than DFS.
  I think this incorporates all of your points, Ed. Does this sound right now? What's your advice on #5 (how to best migrate user data)?
  Thanks so much for all your help,
  Colin

• Migrate Active Directory 2008 to 2012 but need to keep the same ip address and server name

  Hi,
  Current setup is 2 DCs in one site running 2008 R2 AD.
  We are planning to migrate from 2008 R2 to 2012 R2 but need to keep the same ip address and server name. I have came up two plans to do this and hope someone can tell me which one would be the best approach. What is the pros
  and cons in Plan A and B or may be plan C if there is a better one?
  First, I was planning to do plan A but just had a second thought of Plan B.  My concern in Plan A is about changing the server name when the new 2012 R2 already running as DC.  Plan B would be changing all the old server
  name and ip before they become member sever and DC. 
  Any information and suggestion would be very appreciated.
  Plan A
  Run adprep /forestprep on 2008 R2 DC
  Build a new 2012 R2 server and promote it as 3rd DCs in current Domain
  Transfer FSMO from 2008 R2 to 2012 R2
  Run Repadmin /syncall to force replication
  Rename the demoted 2008 R2 DC to something else
  Change the demoted 2008 R2 ip address to something else
  Restart the demoted 2008 R2 server to take effect
  Now, run Netdom computername command to change the new 2012 R2 server name to the old 2008 R2 DC server name
  Change the new 2012 R2 DC's ip to old 2008 R2 DC's ip
  Run ipconfig /flushdns
  Run ipconfig /registerdns
  DCDIAG to see any error
  Plan B
  Build 2 new 2012 R2 standalone servers
  In 2008 R2 ServerA transfer FSMO to 2008 R2 ServerB
  Demote 2008 R2 ServerA to become member server
  Rename 2008 R2 ServerA to something else and change the ip address to something else and shut it down
  Now, rename one of the new 2012 R2 standalone server to the old demoted 2008 R2 ServerA name
  Change the new 2012 R2 standalone server ip to the old demoted 2008 R2 ServerA's ip address
  Add the new 2012 R2 standalone server (now with the old 2008 R2 ServerA name and ip) to become member server
  Run adprep /forestprep on the 2008 R2 ServerB
  Promote the new 2012 R2 (now with the old 2008 R2 ServerA name and ip) as DC
  Transfer 2008 R2 ServerB FSMO to the new 2012 R2 DC (now with the old 2008 R2 ServerA name and ip)
  Demote 2008 R2 ServerB as member server
  Rename 2008 R2 ServerB to something else and change the ip address to something else and shut it down
  Now, rename the 2nd new 2012 R2 standalone server to the old demoted 2008 R2 ServerB name
  Change the new 2012 R2 standalone server ip to the old demoted 2008 R2 SeverB 's ip address
  Add the 2nd new 2012 R2 standalone server to become member server
  Promote it as DC
  Run DCDIAG to check error
  Thanks.

  Hi,
  Renaming a Domain Controller is a risky operation which may lead to issues, therefore, I would suggest you go with the Plan B, rename the server before it becomes DC.
  Here is a blog below which could be helpful to you:
  Remove an Old DC and Introduce a New DC with the Same Name and IP Address
  http://blogs.msmvps.com/acefekay/2010/10/09/remove-an-old-dc-and-introduce-a-new-dc-with-the-same-name-and-ip-address/
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]

• Active Directory: 2003 to 2012 R2 Upgrade across single forest with child domains

  I just have a quick questions about something that should be simple. We will be upgrading our current domain from Windows 2003 functionality to Windows 2012 R2.  This forest has domain and two child domains.  I have two questions.  Since we
  have to do this in a few steps in order to get up to 2012 functionality I am wondering where is it consider best practice to start?  In the Root (top level) domain of the forest or in one of the child domains?  I want to say the root (top level)
  domain is where I would place my first Windows 2012 R2 box and promote it to a domain controller.  Then move to the child domains one the root domain controllers have all be replaced with Server 2012.
  Kristopher Turner | Not the brightest bulb but by far not the dimmest bulb.

  Yes.  We are working with the client to migrate any dependencies off these 3 NT legacy domains.  We will be able to decommission 2 of the 3 without any issues.  However, they still have an old NT box running SQL 6.5 databases for a application
  still in production.  Yes, they are very aware that NT isn't supported, that that version of SQL isn't supported, and that this will hold up their upgrade.
  Our plans for them will be to deploy all new Windows Server 2012 R2 domain controllers but keep the domain and the forest functionality at 2003 in order to support that final NT Legacy domain until they can get that application migrated.
  Once that NT domain is decommissioned then we can raise the functionality of the rest of their domains from 2003 to 2012 R2.
  Kristopher Turner | Not the brightest bulb but by far not the dimmest bulb.

• Integration of sap R/3 (4.7) and Microsoft active directory (2003)

  Hi All,
  I would like to know integration of sap R/3 (4.7) and Microsoft active directory (2003) and also SAP EP and Microsoft active directory. I have been working as a ep consultant with a local bank. I am new for this integration work, So please kindly provide me the steps for integrating these both directories.
  Pls help me with this issue.
  Thanks in advance,
  Regards,
  Raghav.

  Hi,
  First You should read:
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/bc72b890-0201-0010-3a8d-e31e3e266893
  Regards,
  Jarek

• Active Directory 2003 and Sun One Directory Server 5.2

  I just installed Sun One Directory Server 5.2 on a Linux machine. I want to configure LDAP on that machine so that it can be authenticated on Active Directory 2003. How do I go about doing this?

  Active Directory server is a "directory server" (and kerberos server.) If your linux client authenticates against Active Directory it doesn't have to involve the Sun Directory Server at all. You have several general approaches you could investigate:
  1. Linux client gets accounts and and authentication via LDAP from Active Directory
  If you use AD to handle unix LDAP authentication (opt 1) you may need to extend schema in AD to add the unix password field. I haven't tried it yet, but hope to.
  2. Linux client gets accounts from AD LDAP and authorization from AD Kerberos.
  There should be docs on support.microsoft.com on enabling kerberos support for non-Win clients.
  3. Linux client (with samba client installed, with winbind or pam_smb to support unix level services) gets accounts and authentication as a "Windows" client from Active directory "Windows server"
  Check the samba.org docn or forums- I think this is a pretty common solution.
  4. Linux client gets account information from Sun Directory server but uses kerberos (against active directory) for authentication.
  There should be docs on support.microsoft.com on enabling kerberos support for non-Win clients.
  5 Linux client gets account and authorization from Sun Directory server, which the sun Directory server configured to use Active Directory as a Kerberos server.
  Probably incredibly complex.

• Migrate AD from 2003 to 2012

  Hi,
  I'm looking migrate an AD from windows server 2003 to windows server 2012 but i can't find all the requirement to do it.
  I find that my Domain and Forest level have to be at least 2003 but anything else.
  I will thanks any information to make successfully the migration.

  Hello,
  First of all, you have to upgrade to AD DS 2012: http://www.windowsitpro.com/article/scripting-tools-and-products/windows-server-2012-simplifies-active-directory-upgrades-deployments-143654
  Once upgraded, you will be able to introduce new DCs running Windows Server 2012.
  You have to promote your new DCs as DNS and GC servers and transfer all FSMO roles to them: http://support.microsoft.com/kb/255504
  Once done, you will be able to demote all DCs. Of course, do the needed checks using
  dcdiag and repadmin before proceeding.
  This
  posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   
  Microsoft Student Partner 2010 / 2011
  Microsoft Certified Professional
  Microsoft Certified Systems Administrator: Security
  Microsoft Certified Systems Engineer: Security
  Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
  Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
  Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
  Microsoft
  Certified Technology Specialist: Windows 7, Configuring
  Microsoft
  Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
  Microsoft Certified IT Professional: Enterprise Administrator
  Microsoft Certified IT Professional: Server Administrator
  Microsoft Certified Trainer

• I am new How to make internet enable group in my active directory 2003 ?

  I am new How to make internet enable group in my active directory 2003 ?
  Thanks & Regards, Amol . Amol Dhaygude

  Greetings!
  What is Internet Enabled Group? Would you please clarify this?
  Mahdi Tehrani   |  
    |  
  www.mahditehrani.ir
  Please click on Propose As Answer or to mark this post as
  and helpful for other people.
  This posting is provided AS-IS with no warranties, and confers no rights.
  How to query members of 'Local Administrators' group in all computers?

• Autheticating useing Cisco ACS 4.2 integrated with Active Directory 2003

  How do i check that users are Autheticated useing Cisco ACS 4.2 integrated with Active Directory 2003, any one help me in this thanks

  You can't actually see the user's membership from ACS. All you can do, create group-mapping under external database >> group mapping section. This would give you an option to map external (AD) group with an Internal group.The group memberrship need to be modified under Active Directory.
  Once user is succussfully authenticated and learned as a dynamic user in ACS user setup database, it would be mapped with an ACS internal group based on group mapping we did.
  Let me know if you have any doubts.
  Regards,
  Jatin

• Deploying Windows Server 2012 and Exchange Server 2013

  Hi All,
  Our Clinet is planning to implement Exchange Server 2013 as an email solution. There is no Active Directory Domain exists in the environment. So, we have planned to configure a Windows Server 2012 R2 Standard as a Domain Controller and Exchange
  Server 2013 Standard would be installed on another Windows Server 2012 R2 Standard.
  The setup would be for 250 users. Please guide me about the Cost of OS + Exchnage and CAL for 250 Users.
  Warm Regards,
  Prosenjit Sen
  Thanks & Regards, Prosenjit Sen.

  Another option would be to consider signing up for Office 365 instead of setting up the hardware and software for such a small number of users.  It will take a long time for the cost of the hardware, maintenance, and support to be less costly than Office
  365, if it would ever be less expensive.  There is a lot of maintenance required for Exchange, so unless your client already has someone experienced in configuring and maintaining Exchange, there is a lot of expense in bringing someone up to speed to
  perform those functions capably.
  Just a suggestion.  I do not work for Microsoft and I have no financial incentive to propose an Office 365 environment.  I just know that if I were running my own business, I would have to be convinced that my business required its own internal
  mail system when there are so many fully functional and capable mail systems available via subscription.
  . : | : . : | : . tim

• Just FYI, Windows Server 2012 R2 and Windows Server 2012 BranchCache Deployment Guide in Word format in the TechNet Gallery

  The Windows Server 2012 R2 and Windows Server 2012 BranchCache Deployment Guide is now available for download in Word format in the TechNet Gallery at
  http://bit.ly/1pYZT3F
  Thanks -
  James McIllece

  hello again,
  meanwhile I was lucky to find this article about Idenity Mapping in TechNet in the Storage Team Blog:
  http://blogs.technet.com/b/filecab/archive/2012/10/09/nfs-identity-mapping-in-windows-server-2012.aspx
  Likely to be overseen at the end of one paragraph it says:
  "Client for NFS does not support NFS V4.1 in Windows 8 or Windows Server 2012"
  Question : Is this an official statement and is it still valid with most recent
  Windows Server 2012 R2 that NFS client does NOT support NFSv4.x  ??
  thanks - Rainer

• Windows Server 2012 R2 with Exchange Server 2013 SP1 Completely fresh install giving errors signing into EAC

  Hi,
  I am struggling with a completely clean installation of Server 2012 R2 and Exchange 2013 SP1.  I followed these steps:
  Installed Server OS
  Windows Updates
  Added Active Directory Role (This is a single standalone server that would have been SBS until it was dropped)
  Added DHCP & DNS
  Added Certificate Services
  Added Windows Server Update Services (WID Database & WSUS Services)
  Windows Updates
  Added Media Foundation
  Added File Server Resource Manager and Work Folders
  Added Windows Server Backup
  Windows Updates
  Checked all running without errors in Server Manager and performed a full bare bones backup.
  Ran Setup.exe from Exchange 2013 SP1 disc.
  Installed Pre-requisites and then rebooted
  Windows Updates
  Ran Setup.exe from Exchange 2013 SP1 disc.
  Installation completed without errors
  Rebooted
  Checked all running without errors in Server Manager.
  I Launch Exchange Administrative Center and get "problem with website's server certificate error" (normal on machine with self-assigned certificates).  Click Continue to Website and get:
  Windows Security dialog box:
  iexplore - "The server localhost is asking for your username and password.  The server reports that it is from Digest"
  however no username and password combination will work:  have tried [Administrator]; [Domain\Administrator] even created a user to no avail.
  I believe the issue is somewhere in the IIS configuration because I also get the same error when trying to log into the server website from either the server or another machine on the network.
  I have tried the complete installation three times now:  (full disclosure not all of the same features/roles each time).  On the first attempt I got this error immediately and on try number 2 was able to get into the EAC and created the mailboxes
  but then it started giving the same error.  The above steps are try number 3.
  Any ideas?
  Thanks in advance.
  Andy Halford
  P.S. A Follow up which might be significant:  The Default Web Site is not running and will not start (it was previously running before the Exchange installation) and when I try I get the message that Another Website may be using the same port however none
  of the others (Exchange Back End or WSUS Administration) are using ports 80 or 443 and I still get the error when they are both stopped.

  Could you post the list of sites:
  appcmd list site
  The ones listening on port 80:
  appcmd list site /bindings:http/*:80:
  And on port 443:
  appcmd list site /bindings:https/*:443:
  Step by Step Screencasts and Video Tutorials

• Windows Azure and Exchange Server

  Hi,
  Do Azure VMs support installation of Exchange Server 2010 or 2013. I am sure technically you can install.
  QUESTION IS: But is that a supported scenario (like sql server 2012)?
  -Phani
  Technical Architect | BrainScale Consulting | AllThingsAzure.com

  Hi,
  Yes. Here are some articles about how to do it with steps:
  http://theroadchimp.com/2012/11/02/installing-exchange-2013-in-windows-azure/
  http://www.msexchange.org/articles-tutorials/exchange-server-2010/migration-deployment/installing-exchange-2010-test-environment-windows-azure-part1.html
  http://social.msdn.microsoft.com/Forums/en/WAVirtualMachinesforWindows/thread/2a750e53-d0f2-4f52-a6c7-d4a471bbe1ee
  Thanks,
  QinDian Tang
  MSDN Community Support | Feedback to us
  Develop and promote your apps in Windows Store
  Please remember to mark the replies as answers if they help and unmark them if they provide no help.

• AD RMS 2012 integration with exchange server 2013

  AD RMS 2012 integration with exchange server 2013
  I would like to  have a knowledge About this Topic
  1.what is differrent if we use internal SSL certificate  with Public Certificate and in this case i would like to use Mobile Phone I eed to import Root Certificate ?
  2.Do I have problem?  If I start to install AD RMS 2012 with SQL EXpress after that I want to chage it to SQL Server ?
  3.when I use SQL Expres what I can do after Disk is full (10 GB)?
  4.If AD RMS is down It will affect with email that it is already sent ?
  5. Which Edition of outlook can produce IRM protected documents
  6. To Use AD RMS Server 2012 through OWA, Outlook and Moblie Phone ,a CAL is required or not ?

  Could you post the list of sites:
  appcmd list site
  The ones listening on port 80:
  appcmd list site /bindings:http/*:80:
  And on port 443:
  appcmd list site /bindings:https/*:443:
  Step by Step Screencasts and Video Tutorials

• Migrating Public Folders on Exchange Server 2007 SP1 to Exchange Online\Office 365

  Hello,
  Our company is looking to migrate from Exchange 2007 on premises to Exchange Online/Office 365. We have a number of public folders on our exchange server that function similarly to how the new shared mailboxes work in Exchange Online. That is to say that
  we have many outside users (customers and wholesale dealers) emailing this public folder ([email protected]) and our end users are given permission to view and respond as themselves ([email protected]). I've been looking all over but haven't found a clean
  way to migrate the current public folders directly into shared mailboxes. I'd just start from scratch, but we want to keep the records of the emails we've received at these public folders for customer support reasons. Can anyone help?

  Hi psh8989,
  According to your description, I know that you want to migrate public folder from Exchange 2007 to Office 365.
  Since Office 365 is different from Exchange On-Premises, I suggest ask Office 365 Forum for help so that you can get more professional suggestions. For your convenience:
  http://community.office365.com/en-us/default.aspx
  However, I can also share some information for your reference : )
  Based on my knowledge, Exchange supports moving your public folders to Office 365 and Exchange Online from Exchange 2007 SP3 RU10 or later. I notice that your Exchange server version is SP1, please upgrade to SP3 RU10 first and perform migration.
  More detailed information to see:
  Migrate legacy public folders to Office 365 and Exchange Online 
  http://technet.microsoft.com/en-us/library/jj983799(v=exchg.150).aspx
  Thanks
  Mavis Huang
  TechNet Community Support