#IAMMEC Session Report: Exchange 2007/2010 to 2013 Migration

  • Preparation
    • Prepare
      • “Exchange Deployment Assistant” – available on TechNet
      • Verify Prerequisites
      • Install Exchange SP and/or updates across the ORG
        • Exchange 2007 will be a RU, therefore it cannot verify in AD that all servers are at the same level
        • UPDATES WILL NOT BE AVAILABLE UNTIL AFTER THE FIRST OF THE YEAR
          • Meaning you can deploy a fresh environment on RTM, no coexistence until 1Q13
      • Prepare AD with E2013 Schema
      • Validate Client Access
        • Outlook 2003 not supported
        • Entourage 2008 EWS supported
    • Deploy Exchange 2013 Servers
      • Install both E2013 MBX and CAS servers
    • Create Legacy Namespace
      • Create DNS record to point to legacy E2007 CAS
    • Obtain and Deploy Certificates
      • Obtain and deploy certificates on E2013 CAS
      • Deploy certificates on Exchange 2007 CAS
        • For the legacy.contoso.com namespace
    • Switch Primary Namespace to Exchange 2013 CAS
      • Validate client access
    • Move Mailboxes
      • Build out DAG
      • Move users to E2013 MBX
    • Repeat for additional sites
  • Hosting Multiple Roles
    • Recommend NOT consolidating roles to 1 server so that you can take full advantage of the stateless CAS architecture
  • Client Protocol Connectivity Flow
    • Autodiscover
      • 2007 requires the legacy namespace because it doesn’t have the logic to handle the requests
      • 2010 – set the internal autodiscover uri to 2013
        • Outlook clients will lookup the SCP records in AD (oldest first)
      • 2007 – set the internal autodiscover uri to 2013
        • Outlook clients will lookup the SCP records in AD (oldest first)
    • Clients
      • Site scope is still controlling the SCP lookup
        • Prevents cross-site lookups
      • 2007 – Outlook clients go directly to mbx on RPC/TCP
      • 2010 – Outlook clients go to CAS array on RPC/TCP
    • Outlook Anywhere
      • 2007 – IIS Auth: NTLM is required and must be manually configured
      • 2010 – IIS Auth: NTLM is required and configured by SP3
      • 2013 – Connects to legacy servers and authenticates via NTLM
      • If you have an intranet site, you would likely not have OA on the internal side, but you need to do so in the coexistence scenario
      • Client settings need to match what is on the Ex2013 CAS
      • Remember
        • Enable Outlook Anywhere on intranet 2007/2010 servers
        • Make 2007/2010 client settings the same as 2013 server
        • IIS Authentication methods must include NTLM
    • OWA
      • 2010 – single sign on, Ex2013 CAS proxies for Ex2010
      • 2007 – 2013 will auth user on mail.contoso.com, lookup cas, issues redirect to legacy.mail.contoso.com, user logs into 2007
        • Yes, that means dual logons K
        • No really, that means your users will have to logon twice.
        • Seriously, get ready to piss off a lot of people.
        • If you happen to have a TMG deployment, you don’ t have to piss people off.
        • It will HTTP proxy to the internal sites for you.
        • If you have a 2nd site with a unique external namespace, then you’re better off as you will get automatically routed there without the double authentication.
    • EAS/EWS
      • 2010 – You’re good, SSO via SP3, even proxies 2nd sites with external namespaces
      • 2007 – From client to LB to mail.contoso.com to EX2013 CAS to EX2013 MBX to EX2007 CAS to EX2007MBX
        • No, really.
        • Has to be this way because of code handling of phone devices that don’t go through multiple autodiscovers
        • Same for intranet sites
          • Though if you have a separate namespace you route directly there
    • POP/IMAP
      • 2010 – Proxies to appropriate CAS
      • 2007 – Same, proxies to appropriate CAS
    • SMTP
      • Handled on the MBX

Let me make the Cliff’s Notes simple:

If you are on Exchange 2010, it will be a cakewalk.

If you are on Exchange 2007, you are going to have a lot of fun and it will be more painful for everyone – not only yourself, but your users as well.

Advertisements
This entry was posted in Exchange, Exchange 2013, Migration and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s