1. Exchange Deployment Planning Services
4/19/2017 9:21 PM
Exchange Server 2010 Upgrade and Coexistence
Exchange Deployment Planning Services
Key Message
The goal of this presentation is to provide the audience with a basic understanding of Exchange 2010 Upgrade and Coexistence
© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

2. Exchange 2010 Upgrade and Coexistence
The Exchange 2010 Upgrade and Coexistence module has the following goals:
Understand Upgrade and Coexistence scenarios
Understand how to prepare for Upgrade and Coexistence
Slide Objective: To explain the overall goals of the Exchange 2010 Upgrade and Coexistence module
Instructor Notes:
This module will cover Exchange

3. Exchange 2010 Upgrade and Coexistence
Ideal audience for this workshop
Messaging SME
Network SME
Security SME
Slide Objective: To show the ideal audience for this module.
Instructor Notes:
This is the recommended audience for the module. Do not be overly concerned if the group does not match the ideal audience. During your time onsite you can have conversations with different resources to get questions answered.

4. Exchange 2010 Upgrade and Coexistence
During this session focus on the following :
Upgrade and Coexistence scenarios?
How to prepare for the upgrade and migration?
Slide Objective: To show the audience what to focus on during the module.
Instructor Notes:

5. Agenda
Discuss the changes between Microsoft® Exchange Server 2003/2007 and Exchange 2010
Discuss the prerequisites for upgrading and the architectural best practices for Exchange 2010
Walk through the upgrade scenarios
Client Access
Transport
Unified Messaging (UM)
Mailbox
Slide Objective:
Instructor Notes:
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6. New from Exchange Server 2003 to Exchange Server 2007
Front-End (FE)/Back-End (BE) -> Client Access/Mailbox/Hub Transport (Hub)/Edge Transport/ Unified Messaging
64-bit servers only
Active Directory® Domain Services (AD DS) sites replace Routing Groups
Autodiscover
Removes Outlook® need for public folders
Availability Service: Free/Busy information read direct from mailboxes, not from public folders
Offline Address Book download from CAS
New admin tools
Exchange Management Console and Exchange Management Shell
Unified Messaging – Voice mail in your inbox
New Developer API: EWS
Slide Objective:
Instructor Notes:
This slide highlights the differences between Exchange Server 2003 and Exchange Server 2007 (these architectural changes roll forward with Exchange 2010).
First and foremost, the key difference between Exchange Server 2003 and Exchange 2010 is the fact that we now have 5 distinct server roles, Edge Transport, Hub Transport, Client Access, Mailbox, and Unified Messaging. Exchange 2010 is also only shipping in 64-bit for both the server roles and the management tools. In addition, Exchange 2010 is built on top of PowerShell, which provides a rich platform by which we develop script-based management infrastructure for all Exchange specific tasks.
Another architectural change was the move away from having a routing infrastructure for mail flow that was separate from the AD DS routing topology. In Exchange 2010, messaging routing leverages the existing AD DS routing topology for least cost route determination.
Autodiscover is a component that allows certain clients, like Outlook, Exchange Web Services (Entourage), and ActiveSync devices to derive profile/client configuration settings from the Exchange infrastructure using only the user’s credentials and address.
We also made calendaring improvements in Exchange by implementing a web service, known as the Availability service, that replaces the Free/Busy public folder architecture for newer clients. Free/Busy information is now always up to date because the Availability Service will query the mailbox directly to obtain Free/Busy information.

7. New from Exchange Server 2007 to Exchange 2010
Run Exchange Server yourself, or use Exchange Online?
HA solution for mailboxes is database mobility
Comprised of database availability group and database copies
Provides site resilience and disaster recovery
30 second switchover/failover with simplified admin experience
Improves the flexibility in storage choices (e.g. SATA disks, JBOD configurations)
Replaces SCR, LCR, SCC, and CCR from Exchange Server 2007
Management Tools are 64-bit only
RPC Client Access and Address Book services
Improved High Availability solution: Outlook MAPI connects directly to Client Access Servers for mailbox related data and directory requests
ExOLEDB, WebDAV, and CDOEx are gone
“Entourage EWS” uses EWS
Slide Objective:
Instructor Notes:
There are also new features in Exchange You have the choice in continuing to leverage an on- premise solution for messaging, or utilize a hosted solution, Exchange Online.
We’ve greatly simplified our high availability model in Exchange We now offer one high availability model, known as a Database Availability Group or DAG. A DAG is a high availability solution that leverages continuous replication and can host up to 16 copies of a given database. A DAG can be deployed in a single datacenter or stretched between datacenters without requiring AD DS site spanning. A key architecture change with the DAG is that failovers/switchovers are now at the database level, as opposed to the server level. Changes in the Extensible Storage Engine have also improved our storage flexibility, allowing you to deploy on disks that provide the most capacity at the lowest cost (tier-2/mid-tier SATA), as well as, with our high availability capabilities allow you to move away from leveraging RAID.
As discussed in the Architecture webcast, one of the major changes in Exchange 2010 is the move to where all clients now connect to a new service, the RPC Client Access service, which is hosted on CAS. This allows us to move the active database between servers within a DAG without affecting the Outlook client’s profile.
We’ve also deprecated a few more developer centric access methodologies like ExOLEDB, WebDAV, CDOEx, and ExCDO.

8. Supported Client Access Methods
Desktop
Outlook 2003
Web
Outlook 2007
Mobile
Slide Objective:
Instructor Notes:
From a client perspective, we have a wide variety. New in Exchange 2010 is that from a browser perspective, we now support 90% of the browser market for the OWA Premium Experience – Firefox 3.0, Safari 3.1, IE7/8.
POP/IMAP
Chrome

9. Upgrade Prerequisites Legacy Exchange Version Requirements
Exchange Server 2003 Service Pack 2 (SP2) and/or Exchange Server 2007 SP2 are required
SP2 is required on all CAS 2007 and UM 2007 servers in the organization prior to Exchange 2010 introduction
SP2 is required on all Exchange Server 2007 servers in an AD DS site prior to Exchange 2010 introduction
Exchange Server 2007 SP2 adds improvements like
Exchange 2010 coexistence support
Exchange 2010 schema extensions
Auditing capabilities
Optional schema extension capabilities
VSS backup plug-in
Slide Objective:
Instructor Notes:
Autodiscover in Exchange Server 2007 SP2 has been updated to redirect Exchange 2010-versioned mailboxes to CAS2010 for Autodiscover lookups.
Exchange Server 2007 SP2 adds the following features:
Enhanced Auditing – New Exchange auditing events and audit log repository enable Exchange administrators to more easily audit the activities occurring on their Exchange servers. It allows the right balance of granularity, performance, and easy access to audited events via a dedicated audit log repository. This simplifies the auditing process and makes review of audited events easier by segregating audited events in a dedicated location. 
Exchange Volume Snapshot Backup Functionality – A new backup plug-in has been added to the product that will enable customers to create Exchange backups when a backup is invoked through the Windows Server 2008 Backup tool. Exchange Server 2007 didn’t have this capability on Windows Server 2008 and additional solutions were required to perform this task.  
Dynamic Active Directory Schema Update and Validation – The dynamic AD schema update and validation feature allows for future schema updates to be dynamically deployed and will proactively prevent conflicts whenever a new property is added to the AD schema. Once this capability is deployed it will enable easier management of future schema updates and will prevent support issues when adding properties that don’t exist in the AD schema.  
Public Folder Quota Management – SP2 enables a consistent way to manage quotas by improving the current PowerShell cmdlets to perform quota management tasks. 
Centralized Organizational Settings – SP2 introduces a new PowerShell option that enables centralized management of many of the Exchange organization settings. 
Named Properties cmdlets – SP2 enables Exchange administrators to monitor their named property usage per database. 
New User Interface for Managing Diagnostic Logging– SP2 enables Exchange administrators to easily configure and manage diagnostic logging from within the Exchange Management Console.

10. Upgrade Prerequisites AD DS and DNS Requirements
Active Directory Domain Services
Windows Server® 2003 SP2 global catalog server (or later) in each Exchange AD DS site
No hard requirement for Windows Server 2008 AD DS
Windows Server 2003 forest functional level
Supported namespaces
Disjoint
Single-label domains
Discontinuous
Slide Objective:
Instructor Notes:
From a topology perspective, we have the following pre-requisites in order to install Exchange 2010:
From an Active Directory perspective, we require the forest to be in Windows Server 2003 Forest Functional Mode (or higher) and that all Active Directory servers that will be leveraged by Exchange to be at Windows Server 2003 SP2 or higher.
Disjoint  (added in E2K7 SP1 )
Provides support parity with Exchange Server 2007
Discontinuous
Provides parity with E2K3.  For Exchange Server 2007, we created a process doc that users who really, really pushed for could do validation in their environment to prove everything was working then CSS would agree to support it because the process was blessed by the PG.  This is now part of the official test matrix for Exchange 2010.
SLD
In February 2008 we announced that Exchange Server 2007 would be supported on an SLD. At the same time we announced that the next version of Exchange would not be supported on an SLD.  We subsequently announced that this policy was under review, and now that we have added it to the test matrix, we intend to support it for Exchange 2010.

11. Exchange 2010 Installation Prerequisites
Windows Server 2008 SP2 or R2 64-bit editions
Standard, Enterprise
Windows Management Framework
Windows PowerShell v2.0
Windows Remote Management v2.0
.NET Framework 3.5 SP1
See
Slide Objective:
Instructor Notes:

12. Exchange Server Pre-Deployment Analyzer
Focuses on overall topology readiness
Performs analysis of Exchange 2003/2007
Supported on Windows 7, Windows Vista SP2, Windows Server 2008 SP2, Windows Server 2008 R2, and Windows Server 2003 SP2

13. Exchange Server Deployment Assistant
Upgrade from Exchange 2003
Upgrade from Exchange 2007
Upgrade from Exchange 2003/2007
New Exchange 2010 Org

14. Mailbox Server Requirements Calculator
User profile
High availability architecture
Server's CPU platform
Storage architecture
Backup architecture
Network architecture

15. Setup Setup.com with parameters used for unattended setup
Setup.exe provides specific settings for configuring your environment
External CAS hostname: mail.contoso.com
externalUrl parameter determines Autodiscover config for clients
Exchange Server 2003 routing group connector (RGC): Exchange Server 2003 server
Setup.com with parameters used for unattended setup
Slide Objective:
Instructor Notes:
One of the new features in Exchange 2010 setup is that when installing the CAS role you can specify the external hostname that will be used by your clients. Setup will take the value provided and configure the ExternalURL properties for all of the Exchange specific virtual directories.
For Exchange Server 2003 migrations, setup will also ask you which Exchange Server 2003 server you would like to use for the routing group connector between the Exchange 2010 routing group and the legacy Exchange routing group. Note that while setup only allows you to specify a single Exchange Server 2003 server for the RGC, you can later update the routing group connector using the Exchange Management Shell.

16. Namespaces and URLs Hostnames and Services Exposed to Internet
Exchange Server 2003
Exchange 2010 Updates
Exchange Server 2007 Updates
mail.contoso.com
Outlook Web Access (OWA)
/exchange, /exchweb, /public
Exchange ActiveSync
/microsoft-server- activesync
Outlook Anywhere
/rpc
POP/IMAP
Outlook Mobile Access
/oma
smtp.contoso.com
Clients and SMTP servers
mail.contoso.com
Outlook Web Access
/owa
Exchange Web Services
/ews
Offline Address Book
/oab
Unified Messaging
/unifiedmessaging
Outlook Mobile Access
/oma
Autodiscover.contoso.com
Autodiscover
/autodiscover
mail.contoso.com
Outlook Web Access
Outlook Web App
Exchange Control Panel
/ecp
Unified Messaging
/unifiedmessaging
legacy.contoso.com
Exchange Server 2003/Exchange Server 2007 services
NOTE: The legacy vdirs will provide a 301 redirect experience to /owa
Slide Objective:
Instructor Notes:
As you think about publishing Exchange services on the Internet, things have changed a little bit with each release. You can leverage this slide as a cheat sheet for when configuring your application layer firewalls or reverse proxies. As you can see as you move from left to right, generally as we added more functionality we included additional namespaces or paths – for example, the most notable in Exchange Server 2007 was the Autodiscover namespace. In addition, we also deprecated some functionality or changed its functionality in each subsequent release.

17. Deploying Exchange 2010 Topology Decisions – SSL Certificates
Use SAN certificate which can cover multiple hostnames
Site resilience scenario: If leveraging a certificate per datacenter, then ensure that the Certificate Principal Name is the same on all certificates
Outlook Anywhere will not connect if the Principal Name on the certificate does not match the value configured in msstd: (default matches OA RPC End Point)
Set-OutlookProvider EXPR -CertPrincipalName msstd:pioneer.exchange.microsoft.com
Do not list machine hostnames in certificate hostname list, if at all possible
OCS requires certificates with <=1024 bit keys, and the server name in the certificate principal name
Best practice: minimize the number of certificates
1 certificate for all CAS servers + reverse proxy + Edge/Hub
Additional certificate if using OCS
Slide Objective:
Instructor Notes:
The less certificates you have to manage, the better your life will be. So as a best practice, Microsoft recommends the use of a single certificate leveraging Subject Alternative Names for your Exchange infrastructure (potentially 1 per Internet Facing AD DS site or 1 per organization). In addition, you do not need to define the machine host names in the certificate list.

18. Certificates Step by step
New-ExchangeCertificate
-GenerateRequest
-SubjectName "c=US, o=Contoso, cn=mail.contoso.com“
-DomainName mail.contoso.com, autodiscover.contoso.com, legacy.contoso.com
-PrivateKeyExportable $true
Creates a Certificate Request file
Send Request file to certificate authority you are buying from
Use Import-ExchangeCertificate to make Exchange use the certificate you get back
Use Enable-ExchangeCertificate to enable the certificate for use with a particular Exchange service
Slide Objective:
Instructor Notes:
If you want to geek out, you can use the cmdlet infrastructure to create/import and enable the certificate.

19. Certificates Certificate Wizard
Exchange 2010 includes a certificate wizard
Accessed in the Server Configuration node
Walks you through all the scenarios which requires a certificate
Handles
Certificate request creation
Certificate import and services enablement
Slide Objective:
Instructor Notes:
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20. Deploying Exchange 2010 Topology Decisions – Split DNS
Best practice: Use “Split DNS” for Exchange hostnames used by clients
Goal: Minimize number of hostnames
mail.contoso.com for Exchange connectivity on intranet and Internet
mail.contoso.com has different IP addresses in intranet/Internet DNS
Important – Before moving down this path, be sure to map out all the host names (outside of Exchange) that you will want to create in the internal zone
Slide Objective:
Instructor Notes:
One way you can reduce the number of hostnames you IT folks have to manage and end users have to remember is by leveraging split-DNS, or split-brain DNS. In short, split-brain DNS is about setting up separate “DNS Zones” so that DNS requests which come from intranet clients will get different DNS hostname->IP lookup answers than requests coming from Internet clients. In other words, if a client within the internal network attempts to resolve mail.contoso.com, the client will get the IP address associated with the CAS2010 array; whereas, if an external client attempts to resolve mail.contoso.com, the client will get the IP address associated with external proxy/firewall solution.

21. Deploying Exchange 2010 Topology Decisions – CAS Load Balancing
OWA and EWS load balancing require Client<->Server affinity
Client-IP based Windows Network Load Balancing (NLB) or LB device using cookie based affinity
Tell Autodiscover where to send clients: configure internalURL and externalURL parameters and on virtual directories
Set-WebServicesVirtualDirectory cas2010\ews* -ExternalURL
Tell Outlook clients where to go for intranet Messaging Application Programming Interface (MAPI) access
Use New-ClientAccessArray and Set-MailboxDatabase
Slide Objective:
Instructor Notes:
Use load balancing both internally and externally for client requests.
OWA and EWS require client to server affinity. This means during a session that every request from a given client must go the same CAS. The load balancing array can’t send those requests randomly to different CAS as that will break the client session/experience.
To make Autodiscover work correctly, you need to make sure the Internal and External URL configurations are configured correctly for both your internal and external clients.
In addition, since MAPI clients now connect to CAS, you can also configure them to utilize a host name associated with the load balanced array.

22. Deploying Exchange 2010 Topology Decisions – CAS Load Balancing
CAS AutoDiscoverServiceInternalUri property should be set to NLB FQDN
Ensure the Web Services property InternalNLBBypassURL is set to the Server FQDN
Configure virtual directory URL according to this table:
Virtual Directory
InternalURL
ExternalURL
(Internet Facing AD Site)
(Non-Internet Facing AD Site)
/OWA
Server FQDN
NLB FQDN
$null
/ECP
/Microsoft-Server-ActiveSync
/OAB
/EWS
Slide Objective:
Instructor Notes:
Internally all domain-connected Outlook 2007/2010 clients will perform an LDAP request to retrieve the SCP records for Autodiscover.  As part of the Autodiscover configuration in your forest, for each CAS you should specify the AD DS sites you wish that CAS to be responsible for.  Also the default configuration has the AutoDiscoverServiceInternalUri property configured with the server's FQDN. 
So by default, when a domain-connected Outlook 2007/2010 client performs an SCP request for Autodiscover it will then retrieve a list that specifies the CAS servers that are associated with the client's AD DS site.  The list is approximately in the order of oldest SCP records (based on creation date) first.  As a result, as long as the oldest CAS server is online, all clients will submit requests to that server (if that server is offline, the client will try the next one in the list and so on until all are exhausted). 
In addition, if the mailbox in question is also located in the same AD DS site as the CAS server responding to the Autodiscover request, all Exchange Web Service (e.g. Availability Service) and OAB traffic will be handled by this server.  The result is that 100% of requests will go to a single CAS server and not be balanced across all CAS servers in the AD DS site for that local mailbox. 
So this is what I recommend - that all requests (Autodiscover, EWS, OAB) traffic go through the load balancer so that the traffic can be equalized across all CAS servers.  This also requires changing the AutodiscoverServiceInternalURI value from the server’s FQDN to that of the NLB FQDN.

23. Deploying Exchange 2010 Topology Decisions – CAS Load Balancing
CAS AutoDiscoverServiceInternalUri should be set to a NLB FQDN
The actual server names are only required on the certificate if Outlook/IE are connecting using them
Configure virtual directory/service URLs like this
Virtual Directory /Service
InternalURL
ExternalURL
(Internet Facing AD Site)
(Non-Internet Facing AD Site)
/OWA
Server FQDN or NLB FQDN*
NLB FQDN
$null
/ECP
/Microsoft-Server-ActiveSync
/OAB
/EWS
POP/IMAP
(InternalConnectionsSettings)
N/A (though configuring ExternalConnectionSettings can make clients happier)
N/A

24. Upgrade in a Nutshell Internet facing AD DS Site Internet CAS, HUB,
Upgrade Internet facing sites first 2
Deploy Exchange 2010 servers
CAS first; MBX last
Start with a few
Gradually add more servers as you move mailboxes
Internet facing AD DS Site
Upgrade Internal sites second 4
Move
Internet hostnames to CAS2010
UM phone number to UM2010
SMTP end point to HUB2010
Internal AD DS Site
CAS-CAS
proxy
CAS, HUB, UM,
MBX 2010 5
Internet
Move Mailboxes
CAS, HUB,
UM, MBX
Slide Objective:
Instructor Notes:
Now that we are caught up on the high-level changes in Exchange 2010 from previous versions, let’s discuss the migration flow.
This is a five step process beginning with the AD DS site that is Internet Facing (and/or owns the Autodiscover Internet entry point):
The first step is to upgrade your existing Exchange servers to Service Pack 2. Note that if you have an environment that is already Exchange Server 2007, you must upgrade all your CAS and UM servers within the organization to SP2 prior to introducing the first Exchange 2010 server.
The second step is to deploy your Exchange 2010 servers. Start with CAS, then Hub, and then Mailbox.
The third step is to create a legacy hostname for your FExchange Server 2003/CAS2007 environment. This will require creating a new certificate that has that namespace.
The fourth step you are going to take is to switchover all your existing namespaces to CAS2010 and HUB2010, while activating the legacy namespace for FExchange Server 2003/CAS2007. At this point, all clients will access the CAS2010 and either be redirected or proxied to the legacy servers for mailbox access. We’ll cover this in depth later.
Step 5 involves moving the mailboxes from legacy to 2010.
Step 6 involves decommissioning the legacy servers that are no longer in use. Remember the order of uninstall is the reverse of install (MBX, Hub, UM, CAS). 3
‘Legacy’ hostname for old FE/CAS
SSL cert purchase
End Users don’t see this hostname
Used when Autodiscover and redirection from CAS2010 tell clients to talk to FExchange Server 2003/CAS2007 for MBX2003/MBX2007 access 1
FE, BE, CAS, HUB, UM, MBX 2003 or 2007
Upgrade existing servers to SP2 6
Decommission old servers

25. Remote Connectivity Analyzer
testexchangeconnectivity.com/
Test
Exchange ActiveSync
Exchange Web Services
Outlook (OA and Autodiscover)
Simple Mail Transfer Protocol
Use it at every step of the upgrade
Slide Objective:
Instructor Notes:
Before I go through the steps of the upgrade, I want to show a tool called the Exchange Remote Connectivity Analyzer.
Use this tool every time you make a change for your Internet client connectivity to validate the changes are successful and non-impacting to clients.
But instead of talking about it let’s demo it.

26. Switching to CAS2010 Preparatory Steps
Obtain and deploy a new certificate that includes the required host name values
mail.contoso.com
autodiscover.contoso.com
legacy.contoso.com
Upgrade all Exchange servers to SP2
Enable Integrated Windows Authentication on Exchange Server 2003 MSAS virtual directory (KB )
Install and configure CAS2010 servers
Configure InternalURLs and ExternalURLs
Enable Outlook Anywhere
Configure the Exchange2003URL parameter to be
Slide Objective:
Instructor Notes:
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27. Switching to CAS2010 Preparatory Steps Continued
Join CAS2010 to a load balanced array
Create CAS2010 RPC Client Access Service array
Ensure MAPI RPC and HTTPS ports are load balanced
Install HUB2010 and MBX2010 servers
Configure routing coexistence
Configure OAB web-based distribution
Create Legacy record in DNS (internal/external)
Create Legacy publishing rules in your reverse proxy/firewall solution pointed to Exchange Server 2003/CAS2007 array
Use ExRCA to verify connectivity for Legacy namespace
Slide Objective:
Instructor Notes:
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28. Switching to CAS2010 The switchover
autodiscover…
mail…
legacy…
The switchover involves a minor service interruption
Update internal DNS and have mail.contoso.com point to CAS2010 array
Update/Create Autodiscover publishing rule and point to CAS2010 array
Update Mail publishing rules and point to CAS2010 array
Remember to update paths with new Exchange 2010 specific virtual directories
Disable Outlook Anywhere on legacy Exchange
Test that CAS2010 is redirecting/proxying to CAS2007 (externally and internally)
ISA 2 1 2
Exchange 2010 CAS+HUB+MBX
Slide Objective:
Instructor Notes:
First if you have Exchange Server 2007, you need to configure the ExternalURLs with the legacy namespace. This is so that Autodiscover on CAS2010 will know where to send users that still exist in Exchange Server 2007.
The last step is to perform the switchover. This is where you will configure your external DNS and/or reverse proxy infrastructure to have the mail and autodiscover namespaces go to CAS2010.
E200x SP2
Clients access Exchange 2010 through Autodiscover… and mail… 1
Redirection (legacy…), proxying and direct access to Exchange Server 2003/Exchange Server 2007 2

29. Client Access Scenarios
CAS2010 Service
Exchange Server 2003/Exchange Server 2007 mailbox treatment
OWA
Exchange Server 2003: Single Sign-On FBA Redirect
Exchange Server 2007 Same AD Site: SSO FBA Redirect
Exchange Server 2007 Externally Facing AD Site: Non SSO Redirect
Exchange Server 2007 Internally Facing AD Site: Proxy
EAS
Exchange Server 2007: Autodiscover & redirect (WM6.1 and newer), Proxying (WM6 and older, all non-Microsoft)
Exchange Server 2003: Direct CAS2010 support.
Clients which use new EAS2010 features need to re-sync
Outlook Anywhere & OAB
Direct CAS2010 support
Autodiscover
EWS
POP/IMAP
Exchange Server 2007:Proxy
Exchange Server 2003: Direct CAS2010 support
Clients access CAS2010 first
Four different things happen for Exchange Server 2003/Exchange Server 2007 mailboxes
Autodiscover tells clients to talk to CAS2007
HTTP redirect to FExchange Server 2003 or CAS2007
Proxying of requests from CAS2010 to CAS2007
Direct CAS2010 support for the service against Exchange Server 2003 and MBX2007
Slide Objective:
Instructor Notes:
So now that we’ve performed the demo, how does it work under the covers?
It’s a different experience depending on the service, the version, and the client. There are four ways:
Autodiscover
HTTP redirect from CAS2010 to Exchange Server 2003 or CAS2007
Proxying from CAS2010 to CAS2007
Direct CAS2010 support to MBX2003 or MBX2007
Redirect (with Single Sign-On for Forms-Based Authentication)

30. OWA Client Experiences Exchange Server 2003/2010 Coexistence
OWA ExternalURL:
OWA ExchangExchange Server 2003URL:
HTTPS Traffic (External)
HTTPS Traffic (Internal)
Resolves to legacy.contoso.com in DNS
RPC Traffic (Internal)
HTTP Traffic (Internal)
Exchange Server 2003 FE
Exchange 2010
CAS
Internet Facing AD Site
Slide Objective:
Instructor Notes:
Non-Internet Facing AD Site
Exchange Server 2003
MBX
Exchange 2010
MBX
Exchange Server 2003
MBX
SSO Redirect
SSO Redirect

31. OWA Client Experiences Exchange Server 2007/2010 Coexistence
OWA ExternalURL:
OWA ExchangExchange Server 2003URL:
OWA ExternalURL:
HTTPS Traffic (External)
HTTPS Traffic (Internal)
RPC Traffic (Internal)
OWA ExternalURL:
HTTP Traffic (Internal)
Exchange Server 2007
CAS
Exchange Server 2007
CAS
Exchange 2010
CAS
Exchange Server 2007
CAS
Regional Internet Facing AD Site
Internet Facing AD Site
Slide Objective:
Instructor Notes:
Non-Internet Facing AD Site
Exchange Server 2007
MBX
Exchange Server 2003
MBX
Exchange Server 2007
MBX
Exchange 2010
MBX
Exchange Server 2007
MBX
Manual Redirect
SSO Redirect
Proxy

32. EAS Client Experiences Exchange Server 2003/2010 Coexistence
HTTPS Traffic (External)
HTTPS Traffic (Internal)
EAS ExternalURL:
RPC Traffic (Internal)
HTTP Traffic (Internal)
Exchange Server 2003 FE
Exchange 2010
CAS
Exchange Server 2003
MBX
Internet Facing AD Site
Non-Internet Facing AD Site
Slide Objective:
Instructor Notes:
Exchange Server 2003
MBX
Exchange 2010
MBX
Direct Connect
Direct Connect

33. EAS Client Experiences Exchange Server 2007/2010 Coexistence
EAS ExternalURL:
HTTPS Traffic (External)
HTTPS Traffic (Internal)
RPC Traffic (Internal)
EAS ExternalURL:
HTTP Traffic (Internal)
Exchange Server 2007
CAS
Exchange 2010
CAS
Exchange Server 2007
CAS
Internet Facing AD Site
Slide Objective:
Instructor Notes:
Non-Internet Facing AD Site
Exchange Server 2003
MBX
Exchange Server 2007
MBX
Exchange 2010
MBX
Exchange Server 2007
MBX
Proxy
451 Redirect
Proxy
Direct Connect

34. OA Client Experiences Exchange Server 2003/2007/2010 Coexistence
ExternalURLs:
OA endpoint:
RPC/HTTPS Traffic (External)
EWS/OAB Traffic
Outlook RPC Traffic
ExternalURLs:
Exchange Server 2007
CAS
Exchange 2010
CAS
Exchange Server 2007
CAS
Internet Facing AD Site
Slide Objective:
Instructor Notes:
Non-Internet Facing AD Site
Exchange Server 2003
MBX
Exchange Server 2007
MBX
Exchange 2010
MBX
Exchange Server 2007
MBX
Direct Connect
Direct Connect

35. SMTP Transport Upgrade
Internet SMTP Servers 5
Switch Internet submission to Edg Exchange 2010
SMTP Transport Upgrade 4
Install Edge 2010 1
Upgrade existing Exchange Server 2003 and Exchange Server 2007 servers to SP2
Exchange 2010 Edge
Exchange Server 2007 Edge
Follow this flow for each physical location
Edge servers are optional
Edge 2007 SP2 can be used with HUB 2010 3
Switch Edgesync + SMTP to go to HUB2010
Exchange Server 2003 Routing Group
AD Site
Exchange Server 2003
Bridgehead
Exchange 2010
HUB
Exchange Server 2007
HUB 2
Slide Objective:
Instructor Notes:
Very similar story here with transport-like client access:
I start with Exchange Server 2003 environment and an Exchange Server 2007 environment. The dash lines here mean either one or the other (2003 or 2007) is the ingress/egress point; you won’t have both
First upgrade all servers to SP2
Introduce 2010 servers
If you have Edge Transport deployed, you will re-subscribe your Exchange Server 2007 Edge servers with Exchange 2010 Hub Transport. At this point your Edge synchronization will now be managed via Exchange 2010 Hub
Install Edge 2010
And then finally switch the endpoint for mail flow
Install HUB and MBX 2010
Exchange Server 2003
Back-End
Exchange 2010 MBX
Exchange Server 2007 MBX

36. Transport Rule Migration (1)
Exchange 2010 stores Transport Rules in a new AD DS location
Exchange Server 2007: CN=Transport, CN=Rules, CN=Transport Settings, CN=<org name>, CN=Microsoft Exchange, CN=Services
Exchange 2010: CN=TransportVersioned, CN=Rules, CN=Transport Settings, CN=<org name>, CN=Microsoft Exchange, CN=Services
Two migration methods:
Automatic – performed during setup
Manual – performed using cmdlets
Exchange 2010 rules engine is backward compatible
Read and apply legacy Exchange Server 2007 rules
Same rules are applied to messages traversing either Exchange Server 2007 and/or Exchange 2010 hubs
Slide Objective: Explain Transport Rule Migration between Exchange Server 2007/Exchange 2010
Instructor Notes:
Automatic migration – performed during Exchange 2010 setup if the setup program detects the existence of legacy journal rules.
Manual migration – performed using updated cmdlets to export and import transport rules between the two messaging platforms.
The Exchange 2010 rules engine is backward compatible and is able to read and apply the legacy Exchange Server 2007 rules so the exact same transport rules are being applied to messages traversing either Exchange Server 2007 and/or Exchange 2010 hub servers.

37. Transport Rule Migration (2) Automatic
Exchange 2010 Setup queries AD DS for existent TransportVersioned container
Queries for existent Exchange Server 2007 Rules
If Exchange Server 2007 Rules exist:
Runs Export-TransportRuleCollection to export legacy transport rules (temp.xml)
Runs Import-TransportRuleCollection to import legacy transport rules and place them in the TransportVersioned container
Deletes temp.xml
Slide Objective: Explain Automatic Transport Rule Migration between Exchange Server 2007/Exchange 2010.
Instructor Notes:
Automatic migration
During installation of the Exchange 2010 hub, the Setup program queries AD DS to identify if there are any Exchange 2010 transport rules (query for “TransportVersioned” container). This is done first because any rules imported from Exchange Server 2007 will overwrite existing Exchange 2010 rules.
If there are no Exchange 2010 transport rules, the setup programs checks AD DS to see if there are any Exchange Server 2007 transport rules (query for “Transport” container)
If there are Exchange Server 2007 transport rules and no Exchange 2010 rules then the setup program will migrate all Exchange Server 2007 transport rules to Exchange 2010 by doing the following
Runs the Export-TransportRuleCollection cmdlet to export the legacy transport rules from the Transport container in Active Directory.
Runs the Import-TransportRuleCollection cmdlet to import the legacy transport rules and place them in the TransportVersioned container in AD DS
Deletes the temporary file: temp.xml

38. Transport Rule Migration (3) Manual
Migration of new Rules after Exchange 2010 setup possible
Updated Exchange 2010 cmdlets used
Export/Import-TransportRuleCollection
Allows export Exchange Server 2007  Import Exchange 2010
Allows export Exchange 2010  Import Exchange Server 2007 (Exchange 2010 predicates and actions stripped out)
Existing Rules may be overwritten during import!!
Slide Objective: Explain Manual Transport Rule Migration between Exchange Server 2007/Exchange 2010
Instructor Notes:
Automatic migration of transport rules is only performed during the initial installation of an Exchange server. Any new transport rules created after the setup process has run are created in their respective Active Directory containers. So for example, a new transport rule created using Exchange Server 2007 would be saved to the “Transport” container in Active Directory and would not appear in the “TransportVersioned” container which is read by Exchange 2010 and vice-versa. To overcome this limitation, Exchange administrators can manually migrate a Transport Rule collection from Exchange to Exchange Server 2007, or from Exchange Server 2007 to Exchange 2010 by using export-* and import-* Power Shell tasks.
The –ExportLegacyRules parameter must be used when exporting Exchange 2010 transport rules for later import to Exchange Server 2007 hub servers. If any of the Exchange 2010 transport rules have been configured with Exchange 2010 specific predicates or actions, those rules will be automatically stripped out before creating the export file.
Importing a transport rule collection will overwrite any pre-existing Exchange 2010 transport rules, except for one special case: If an existing Exchange 2010 transport rule has any 2010 specific predicate or action, then that Exchange 2010 rule will be left untouched. The remaining Exchange Server 2007 rules will be imported into the Exchange 2010 collection.

39. Unified Messaging Upgrade
With private branch exchange/gateways (PBX/GWs): One Dial Plan, Redirect
With Office Communications Server: 2 Dial Plans, Direct
Step 1:
Introduce UM 2010 to existing dial plan
Step 1:
Introduce UM 2010 with new dial plan, OVA#
Slide Objective:
Instructor Notes:
There are two different scenarios for Unified Messaging.
Either you have UM hooked up to your IP gateway or PBX infrastructure directly, or you have UM hooked in with your Office Communication Servers infrastructure. The key difference between the two scenarios is that with OCS you need a new dial plan and you will have to move the users to the new dial plan when you move their mailbox to Exchange 2010.
Step 2:
Route IP GW/PBX calls to UM 2010 for dial plan
Step 2:
Remove UM 2007 after UM-enabled mailboxes have been moved
Step 3:
Remove UM 2007 after UM-enabled mailboxes have been moved

40. Service Level Agreement Service Availability During Migration
1 GB mailbox could take 90 minutes or more to move
Pain: User is disconnected for duration
Pain: Your SLA for availability is not met
Availability
Yearly Downtime allowed w/
24-hour day hour day
90%
876 h (36.5 d)
291.2 h (12.13 d)
95%
438 h (18.25 d)
145.6 h (6.07 d)
99%
87.6 h (3.65 d)
29.12 h (1.21 d)
99.9%
8.76 h
2.91 h
99.99%
52.56 min
17.47 min
99.999% (“five nines”)
5.256 min
1.747 min %
sec
sec
Slide Objective:
Instructor Notes:

41. Online Move Mailbox (Move Requests) Minimal User Disruption
Users remain online while mailboxes are moved
At end of move:
User is briefly disconnected as recently received messages are copied over
Client autodiscovers new database location
Administrators can perform migration and maintenance during regular hours
Online:
Exchange Server 2007 SP2, Exchange > Exchange 2010, Exchange Online
Offline:
Exchange Server > Exchange 2010
Exchange > Exchange Server 2003/Exchange Server 2007
Client
Client Access Server
Slide Objective: Describe how administrators can use the new online move mailbox process to perform Exchange maintenance and migrations without sacrificing their evenings and weekends.
Instructor Notes:
Situation
Administrators commonly move mailboxes between servers and databases as part of maintenance activities or when migrating between Exchange versions. Currently, moving mailboxes takes them offline -- end users experience an outage for the duration of the move. As mailbox sizes have grown, mailboxes take longer to move, and administrators have been forced to perform mailbox moves at night and on weekends to minimize disruptions for end users.
Talking Points
In Exchange 2010, mailbox moves can be done in online mode: users can send, receive, and read mail while the contents of their mailboxes are moved to a new location.
Maintenance activities can now be performed during the day, rather than a nighttime or weekend maintenance window.
Migration to Exchange 2010 can be accomplished faster and with less end-user disruption.
For Exchange Server 2007 to Exchange 2010 moves to be online, your Exchange Server 2007 server will require SP2; otherwise the move will be offline during migration.
Move requests are also asynchronous and are moved the Microsoft Exchange Mailbox Replication Service on all Client Access servers. “MRS” service resides at CAS.
Can’t move it from Exchange Server 2007 SP1 and Exchange 2000 Server.
“Client autodiscovers new database location” – after the user logs out and back in. They will get a message from Outlook telling them that the administrator has moved their mailbox and to log out and log back in. At RTM, this won’t be automatic.
Mailbox Server 1
Mailbox Server 2

42. Key Takeaways
Exchange Server 2007 SP2 introduces new functionality and is required for coexistence with Exchange 2010
Exchange 2010 CAS redirects, proxies, or provides direct access to the mailbox data depending on the client, protocol, and mailbox version
Online mailbox moves improves mailbox data migration by significantly reducing the user outage window
Slide Objective:
Instructor Notes:
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

43. End of Exchange 2010 Upgrade and Coexistence Module
4/19/2017 9:21 PM
End of Exchange 2010 Upgrade and Coexistence Module
© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

44. 4/19/2017 9:21 PM
For More Information
Exchange Server Tech Center
Planning services
Microsoft IT Showcase Webcasts
Microsoft TechNet
© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

45. 4/19/2017 9:21 PM
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.