Home > Articles

Migrating from Legacy Exchange

This chapter will help you smooth the transition from a previous version of Exchange to Exchange Server 2003. Included are all of the problems you can expect to encounter and their issues when migrating to the latest version of Exchange Server 2003.
This chapter is from the book

This chapter is from the book

Up to this point in the book, you've worked with a pristine installation of Exchange 2003 in either a Windows Server 2003 or Windows 2000 forest. But while you've worked through the examples and studied the process descriptions and configured your lab, you've probably been wondering how you're going to put this information to use in a production environment that already contains legacy Exchange servers.

Throughout this chapter, the term "legacy Exchange server" refers to servers running Exchange 5.5 or earlier. Features and options that apply solely to Exchange 2000 servers are called out separately.

Before taking on the complex task of migrating your Exchange organization, I invite you to relax and take a few moments to consider the broad expanse of history before computers and digital communications and e-mail, before even the advent of the printed word itself. Back to a simpler time when common folk such as ourselves found inspiration in tales of great heroes who battled mighty foes in pursuit of lofty goals.

One ancient character embodied the very definition of heroism itself, the Greek warrior Heracles. Overcome by madness in his early life, Heracles killed his wife and children. When he sought purification for this act, he was given 12 deadly labors, which he undertook while prepared to die. Instead, he overcame the odds and bested all his opponents. In his maturity, Heracles went on to avenge many evils and eventually had his own action figure and a slot in the AWWF (Ancient World Wrestling Federation).

The story of Heracles puts me in mind of an Exchange 2003 migration because one of the 12 deadly labors involved in defeating the many-headed Hydra. The Hydra posed a special challenge for Heracles.

Not only was each individual head of the monster especially ferocious, but if he lopped off one of the heads, two more would grow back in its place. Every apparent success put him closer to defeat, a perfect metaphor for e-mail administration, regardless of the messaging platform you use.

When you get in the middle of your Exchange migration and you face problems that seem to multiply geometrically like the heads of the Hydra, you might want to take a hint from the way Heracles solved the problem. He didn't try to do the job himself. He sought help from his nephew, who cauterized each neck as Heracles swooped off the head, preventing a new head from growing. Thus they were able to bring down the monster and move on to the next labor.

I'm not telling you to hire your nephew for your Exchange 2003 migration. What I'm advising is this: Approach the migration with all due respect and work with your colleagues to prepare for unexpected calamities. Set reasonable expectations for your management and users. Don't promise a completely transparent and problem-free transition, although that might very well happen. Instead, promise that you'll do your best to stand between your users and any monsters as you make the transition. When everything goes smoothly, your users might not declare you a hero like Heracles, but they'll be happy enough with the experience to continue bringing you cookies and chocolate cake when they want you to do something special with their e-mail. What more could an Exchange administrator want?

Pre-Migration Operational Evaluations

At some point early in your migration planning, you're going to need to sit down with a clean sheet of paper (or a blank computer screen) and figure out what you're going to do. You should test all your actions in a lab first before rolling them out into production. You might also want to arrange for a pilot program where selected users are placed in a separate forest where you perform the entire migration in an environment that more closely matches the production configurations than might be possible in a lab.

It's also important to document your current configurations. You would be surprised how often you'll need to know where a user's mailbox used to be, or what server used to be located in Sheboygan, or what information is available only on old backup tapes buried in a mountain somewhere.

Here is a list of items that you should include in your pre-migration planning. You'll also find a prerequisite list later on in the chapter along with a roadmap for the major steps in the migration.

Active Directory Domains

Evaluate your current domain configuration with an eye toward making sure that it will support Exchange 2003 operations. The deployment tools that come with Exchange 2003 help you to test for these conditions, but it's a good idea to get familiar with the requirements in advance. Here are some items to consider:

  • Domain controller location. You'll need at least one domain controller in each office that has an Exchange 2003 server.

  • Global Catalog server location. You'll need at least one Global Catalog server in each office that has an Exchange 2003 server. This can also act as the local domain controller. The simplest way to accomplish this is to make all branch office DCs into GCs. Microsoft recommends a minimum of one Global Catalog server for every four Exchange processors, not servers.

  • DNS configuration. Make certain that DNSLint shows no errors. See Chapter 1, "Installing an Exchange 2003 Server," for details.

  • Active Directory Native Mode. The Active Directory domain containing the Exchange servers must be in Native Mode so that you can use Universal Security Groups for e-mail distribution.

  • Replication or authentication problems. Verify by a sweep of the event logs that you have no errors from directory service replication, KCC topology calculations, or authentication errors originating from domain controller accounts. You can use the EventCombMT utility, a free download from Microsoft, to perform this sweep. EventCombMT is part of the Account Lockout and Management and Lockout, available at http://snipurl.com/5z37.

If you're willing to spend a few dollars and a couple of weekends learning the configuration, you'll find that Microsoft Operations Manager (MOM) or a third-party product will do a better job of monitoring your event logs.

Current Exchange Organization

Evaluate your current production Exchange organization to make sure that you don't have any outstanding issues that might cause a problem during the transition to Exchange 2003.

The ExMap utility from the Exchange Resource Kit and the ExInfo utility (a free download—see Microsoft Knowledge-Base article 305816) can assist in this information-gathering phase. Here are some key points:

  • Exchange server version. You'll need at least one Exchange 5.5 server with SP3 or higher in each site.

  • Site configuration. Verify that you have an active Exchange server in each site. If you have sites that are no longer used, remove them from the legacy Exchange directory service prior to commencing the Exchange 2003 deployment. It is extraordinarily difficult to remove a site from the Link State Table once it has been placed there.

  • Site connectors and Directory Replication connectors. Make sure that you get proper message routing and directory service updates through your existing connectors. Resolve any problems prior to commencing the Exchange 2003 deployment.

  • Internet connectors. Identify the servers that are acting as Internet Messaging Service (IMS) bridgeheads. You'll want to plan on replacing these servers with Exchange 2003 servers early in your deployment.

  • Unsupported connectors. If you have connectors to third-party messaging systems that do not have Exchange 2003 connectors, such as PROFS and SNADS, you'll need to find another way to connect the systems or plan on installing at least one Exchange 2000 server to act as the gateway.

  • Key Management Services. If you are using digital certificates issued by an Exchange Key Management Service to encrypt and digitally sign e-mail, then you'll need to deploy a Windows Server 2003 PKI and migrate the KMS database to a Windows Server 2003 Configuration Authority. This procedure falls outside the scope of this book. Microsoft has an excellent white paper on migrating a legacy KMS.

  • Compatible backup. Make sure the backup software you're using supports Exchange 2003 and that you have the most current backup agents installed on the Exchange 2003 servers. You can use NTBackup that comes with Windows Server 2003 until your vendor gets a compatible agent. See Chapter 13, "Service Continuity," for details.

  • Antivirus and antispam software. Make sure that your centrally managed antivirus and antispam solutions have agents for both legacy Exchange and Exchange 2003. Make sure that any new servers are included in signature distribution. If your antispam solution runs at a smart host in the perimeter, make sure that any tagging done by the application is compatible with the Exchange 2003 antispam API. See Chapter 13 for more information.

  • E-mail dependent applications. If you use third-party applications that depend on Exchange, such as fax, telephony, or collaboration services, make sure that the application has a version that runs on Exchange 2003. Check their product databases for special configuration requirements and any known problems.

  • Exchange 2000 instant messaging. Must be isolated from Exchange 2000 mailbox/public folder servers that are going to be upgraded to 2003.

Network Infrastructure

Evaluate your WAN connections and network routing topology to make sure that you have sufficient capacity for Exchange 2003 and to give you an idea where to create Routing groups. Here are some important considerations:

  • Traffic patterns. If your WAN infrastructure handles the current Exchange message traffic with no problems or errors, you should not experience problems with Exchange 2003. However, keep in mind that the combination of Outlook 2003 in cached mode and Exchange 2003 can result in a significant amount of traffic on Monday mornings when users refresh their local message cache with e-mails received over the weekend. Warn your network services colleagues and check the Microsoft white paper titled "Client Network Traffic with Microsoft Exchange Server 2003." Download it from www.microsoft.com/exchange/techinfo/outlook/CliNetTraf.asp.

  • Outages. Have you experienced any significant outages in the last six months that might recur and impact your deployment? Instabilities in WAN connections can also cause message routing issues as you make the transition from legacy Exchange routing based on the Gateway Address Routing Table and the Link State Table used by Exchange 2003.

  • Remote users. If remote Outlook users currently connect to the Exchange system via a VPN or dial-up to get their e-mail, you might want to consider deploying RPC over HTTP to support remote e-mail access, especially if e-mail is the only reason that users need a VPN. See Chapter 11, "Deploying a Distibuted Architecture," for more information.

  • Routing groups. Use your Active Directory site map to help define your routing group topology. You don't need to follow them slavishly, though. SMTP works fine over high-latency connections that might cause a problem for Active Directory. Consider consolidating existing sites into a single Routing group based on the traffic volume you see after the deployment. For example, you might have several campuses in the same city connected by fractional T1s in a frame relay cloud. You might have defined separate legacy sites to control bandwidth, but with Exchange 2003, you can use a single Routing group for the entire city. This simplifies mail routing and makes it simpler to manage public folder access.

Costs

Deploying Exchange 2003 requires money, time, and people.

  • Server software. Exchange 2003 Standard Edition lists for $699. Enterprise Edition lists for $3,999. You'll need to purchase Exchange 2003 Enterprise Edition if you want to set up shared-disk clusters or if you need multiple mailbox stores with virtually an unlimited database size. (Standard Edition allows only one mailbox store and limits it to 16GB.)

  • Client Access Licenses (CALs). You do not need to deploy a new client, but you will need to pay for and upgrade your CALs. Each CAL lists at $67 with substantial discounts for upgrade licenses and volume purchases. If you deploy Exchange in several business units, it's theoretically possible to delay the upgrade for a particular business unit until they have the money for the CALs. But in practical terms, you should purchase your licenses up front before you begin deployment.

  • Additional personnel. When estimating the personnel component of your deployment costs, don't forget to factor in a consultant or two who can help you streamline the deployment as well as budgeting for support calls to Microsoft Product Support Services (PSS) if something doesn't go well.

  • Training. Budget for in-depth training for the Exchange administrators and high-level summary training for the Windows system administrators, since they interact with Active Directory objects that affect Exchange operation. End-user training is important, too, if you are going to roll out new clients.

  • Client software. When deciding whether to deploy a new client in conjunction with the Exchange 2003 deployment, keep in mind that you get the full range of features, including cached message handling, if you roll out Office System 2003 or Outlook 2003. (The standalone version of Outlook 2003 can be used for no additional change once you pay for the Exchange 2003 Client Access License.)

When deciding how to size your servers, take a look at the Microsoft white paper titled "Server Consolidation Using Exchange Server 2003." This paper takes a fair look at the factors that affect server sizing and gives you a good baseline to start your testing.

Additional Considerations

Categorize and define the potential problems and challenges you might face during the upgrade. Here are some of the more important items to consider:

  • Directory service connection failures. If you have underlying DNS issues, either with client configuration or the DNS server itself, you can find yourself in situations where the Exchange servers can't locate domain controllers and Global Catalog servers. This results in a variety of errors. See Appendix A, "Building a Stable Exchange 2003 Deployment Infrastructure," for more information about DNS configuration and troubleshooting.

  • Inability to access public folders. If public folder permission mapping fails for some reason, such as invalid permission list entries, then users might lose access to their public folders. See Appendix B, "Legacy Exchange Operation," for more details about permission mapping.

  • Inability to replicate public folders with legacy Exchange. Before you can decommission your legacy Exchange servers, you must move all public folder content to the new Exchange 2003 servers. This includes system folders that contain critical calendaring and offline address book information. It sometimes happens that this replication fails, so part of your testing should monitor for correct content of all folders prior to removing a legacy server from operation.

  • Incompatible historical backups. If you deploy Exchange 2003 and decommission all your legacy servers, and then need to restore a mailbox from a date preceding the deployment, you won't be able to restore the legacy Exchange mailbox database onto an Exchange 2003 server. Leave the Exchange organization in Exchange Native mode until you're sure that you won't need the old backups.

  • Hardware failures. You're going to be deploying new servers running Exchange 2003. There's always the likelihood that you'll find incompatibilities in the new hardware or component drivers. Be prepared to get quick help in the event of a failure, and make sure all hardware is listed in the Windows Server Catalog (which used to be the Hardware Compatibility List).

  • Software compatibility failures. You could find that your selection of backup, antivirus, and antispam tools or other server utilities causes the server to become unstable. If you encounter problems keeping the server operating, one of your first steps should be to deactivate all third-party software, just to see if that makes the problem go away.

Goals

  • No service interruptions. In today's IT environment, messaging is supposed to be as pervasive and available as a dial tone. The major contributors to downtime during a typical Exchange migration are incorrectly configured DNS settings, unstable Active Directory replication, improper hardware, improperly configured Routing groups, and lack of coordination between the Exchange administrators and the other IT staff.

  • Single mailbox-enabled account for each user. In your existing Exchange environment, you might have many legacy mailboxes owned by a single user. Or you might have mailboxes that have no owner. During the migration to Exchange 2003, you will normalize your mailbox ownership so that each legacy mailbox has one and only one valid user. This is done as part of the ADC deployment.

  • Retain existing mailbox and public folder permissions. Exchange maps legacy Exchange MAPI permissions to the ACL-based security descriptors in Exchange 2003. It's important that this mapping work correctly. Be cautious and do lots of testing before making any large-scale changes to permissions.

  • Fastest possible introduction of new features. To take full advantage of the new features in Exchange 2003, you need to complete the Exchange migration and decommission all legacy Exchange servers. Don't let weeks turn into months turn into years. Until you shift to Native mode, you won't be able to take full advantage of the features you paid for.

  • Maximize existing hardware. It's one thing to pay for the Exchange 2003 server software and CALs. It's quite another to pay for a new fleet of servers to run Exchange. Be sure to inventory your server hardware with an eye toward adding RAM, faster disks, more storage, and possibly an updated network adapter that can offload SSL and TCP/IP services.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020