exchange 2013 migration & coexistence
TRANSCRIPT
Infrastructure, communication & collaboration
Exchange Server 2013 Migration and
CoexistenceScott SchnollSenior Content Developer
Microsoft [email protected]
http://aka.ms/SchnollTwitter: @Schnoll
Agenda Upgrade ApproachPreparing for Exchange 2013Upgrade and CoexistenceMoving MailboxesPublic FoldersManaging CoexistenceQuotas
Functional Layering
AuthN, Proxy, Re-directProtocols,
API, Biz-logic
Assistants, Store, CI
Exchange 2010Architecture
AuthN, Proxy, Re-direct
Store, CI
Protocols, Assistants,
API, Biz-logic
Exchange 2013Architecture
Client Access
Mailbox
Client AccessHub Transport,
Unified Messaging
Mailbox
HardwareLoad Balancer
L4 LBL7 LB
Upgrading to Exchange 2013From an existing Exchange 2010 environment
5
SP3
E2010 CAS
E2010 HUB
E2010 MBX
Clients
Internet-facing site – upgrade first
autodiscover.contoso.commail.contoso.com
Intranet site
Exchange 2010 Servers
SP3
1. PrepareVerify prerequisitesInstall Exchange 2010 SP3 or later across ORGPrepare AD with Exchange 2013 schemaValidate existing client access
4. Switch primary namespace to Exchange 2013 CASExchange 2013 fields all traffic, including traffic from Exchange 2010 usersValidate using Remote Connectivity Analyzer
5. Move MailboxesBuild out DAGMove Exchange 2010 users to Exchange 2013 MBXMigrate Legacy Public Folders to Modern Public Folders
6. Repeat for additional sites
2. Deploy Exchange 2013 serversInstall both Exchange 2013 MBX and CAS roles
SP3SP3
E2013 CAS
E2013MBX
3. Obtain and deploy certificatesObtain and deploy certs on Exchange 2013 CAS
1 2 4
3
5 6
Upgrading to Exchange 2013From an existing Exchange 2007 environment
6
RU10
E2007 SP3 CAS
E2007 SP3 HUB
E2007 SP3 MBX
Clients
Internet-facing site – upgrade first
autodiscover.contoso.commail.contoso.com
Intranet site
Exchange 2007 Servers
RU10
1. PrepareVerify prerequisitesInstall Exchange 2007 SP3 + RU10 or later across ORGPrepare AD with Exchange 2013 schemaValidate existing client access
5. Switch primary namespace to Exchange 2013 CASValidate using Remote Connectivity Analyzer
6. Move mailboxesBuild out DAG Move Exchange 2007 users to Exchange 2013 MBXMigrate legacy Public Folders to Modern Public Folders
7. Repeat for additional sites
2. Deploy Exchange 2013 serversInstall both Exchange 2013 MBX and CAS servers
RU10
RU10
E2013 CAS
E2013MBX
3. Create legacy namespace Create DNS record pointing to Exchange 2007 CAS
4. Obtain and Deploy CertificatesObtain and deploy certificates on Exchange 2013 CASDeploy certificates on Exchange 2007 CAS
legacy.contoso.com3
1 2 5
4
6 7
Preparing for Exchange Server 2013
11
Supported coexistence scenariosExchange Server 2010 SP3 and laterExchange Server 2007 SP3 RU10 and later
Supported client access methodsRPC over HTTP is only method of connectivity for Outlook clientsEntourage 2008 for Mac, Web Services EditionOutlook for Mac 2011
Exchange 2013 Prerequisites
Outlook Version Minimum Supported Version Recommended Version*Outlook 2013 RTM August 2013 updateOutlook 2010 SP1 + Nov 2012 Update
(14.0.6126.5000 or later)June 2013 update
Outlook 2007 SP3 + Nov 2012 Update (12.0.6665.5000 or later)
August 2013 update
*Recommended Updates fix an issue with Outlook using the wrong Exchange 2013 Internal/External settings
11
Operating System (64-bit)Windows Server 2008 R2 SP1 or later Standard or Enterprise
Standard - for Exchange 2013 Client Access servers and standalone Mailbox serversEnterprise - for Exchange 2013 Mailbox servers in a DAG
Windows Server 2012 RTM or later Standard or DatacenterWindows Server 2012 R2 (support coming in Exchange Server 2013 SP1)
Other IIS and OS components.NET Framework 4.5Windows Management Framework 3.0Unified Communications Managed API (UCMA) 4.0
Exchange 2013 Prerequisites 11
Install Exchange 2010 SP3 or Exchange 2007 SP3 RU10 to all servers
Extend the AD schema for Exchange Server 2013 setup /PrepareSchema or /ps
Prepare the Exchange organization for Exchange Server 2013 setup /PrepareAD or /p
Prepare remaining AD domains that have or will have any mail enabled objects for Exchange Server 2013:Local domain setup /PrepareDomain or /pRemote domains one at a time setup /PrepareDomain:FQDN.of.domain or /p:FQDN.of.domainOr do them all at once setup /PrepareAllDomains or /pad
Validate existing client access using Remote Connectivity Analyzer and test cmdletshttp://www.exrca.com
Preparing for Exchange Server 2013 11
Deploying Exchange Server 2013
22
Install both MBX and CAS ServersCAS is proxy onlyMBX performs PowerShell commandsUse the latest CU packageNo more SP then RU installExchange 2013 SetupGUI and command line optionsCommand line parametersNew parameter for license terms acceptanceAfter the FactYou cannot remove roles in Exchange 2013
Exchange 2013 Setup
Setup.exe /mode:install /roles:c,m,mt /IAcceptExchangeServerLicenseTerms
22
Create Legacy Namespace
3
Required for Exchange 2007 coexistence only
Used to access Exchange 2007 mailboxes and public folders during coexistence
Create DNS record in internal and external DNS for legacy namespaceLegacy.contoso.com
Validate legacy namespace creation using Remote Connectivity Analyzerhttp://www.exrca.com
Create Legacy Namespace 13
Certificates
1 43
End-to-end Certificate Wizard in the Exchange Admin Center (EAC)Export with private key and import to other CAS from the UIAssign services right from the UI
EAC alerts when certificate is about to expireFirst notification shown 30 days prior to expirationSubsequent notifications provided daily
Certificates 1 43
17
Minimize the number of certificatesThe same private key is required on all CAS in a site for transient CAS failures to be seamlessA unified namespace may mean the same cert is required on all sites covering the namespace
Certificates - Best Practices 1 43
18
Minimize number of host namesUse split DNS or pinpoint DNS for Exchange host names
mail.contoso.com for Exchange connectivity on intranet and Internetmail.contoso.com has different IP addresses in intranet/Internet DNS zonesThis is not a requirement, some customers may have unique environments where different names would be helpfulDon’t list machine host names in certificate host name listUse load-balanced (LB) arrays for intranet and Internet access to servers
Use “Subject Alternative Name” (SAN) certificatePublic CA providers are beginning to restrict the issuing of certs with invalid DNS names
Certificates - Best Practices 1 43
Cutover Namespaces
54
Configure load balancingLayer 7 load balancers no longer required for an Exchange 2013 namespaceLayer 4 (aka no-affinity/persistence) and Layer 7 are supported for Exchange 2013 namespace
Legacy namespaceValidate creation with https://www.exrca.com/Legacy namespace should begin or continue to use Layer 7 load balancingScript the change for legacy namespaces (and have a script to revert back if required)
Switch namespaces to CAS 2013Update mail and Autodiscover DNS records to point to a Exchange 2013 CAS serverExchange 2007 and Exchange 2010 Autodiscover will redirect to Exchange 2013 CAS for Exchange 2013 mailbox
Switching to Exchange 2013 CAS 54
Switching to CAS 2013Outlook Anywhere
Layer 4 LBLayer 7 LB
mail.contoso.com
HTTPPROXY
RPC/HTTPClients
E2007/E2010 MBX Internet facing site
RPC/HTTP
Intranet facing siteE2007/E2010
MBX
OA Enabled OA EnabledClient SettingsIIS Auth: NTLM
E2007/E2010 CAS OA
Client SettingsIIS Auth:
E2007/E2010 CAS
HTTPPROXY
3. Client SettingsMake legacy OA settings the same as 2013 CAS so all clients get the same proxy hostname
1. Enable Outlook Anywhere on all legacy CAS2. IIS Authentication Methods
IIS Auth must have NTLM enabled on all legacy CAS
RPC
Client Auth: BasicIIS Auth: Basic
NTLM
E2013 CAS
E2013 MBX
RPC RPC
DisabledEnabled
NTLM
4. DNS CutoverA low TTL on the existing
record the days prior to the cutover is a good idea
54
Outlook Web App
Available in a variety of scenarios2013 to 2007 in the same AD site2013 to 2007 in a different AD site2013 to 2010 in a different AD site2013 to 2013 in a different AD site
Relies on Exchange handling FBA itself, not offloaded to a reverse proxy
Silent Single Sign-On Redirection 3
Exchange 2013 OWA Client Connectivity FlowExchange 2010 Coexistence
Layer 4 LB
E2013 CAS
IISHTTP Proxy
E2013 MBX
Protocol Head
DB
E2010 CAS
Protocol Head
E2010 MBX
Store
DB
Site Boundary
E2010 CAS
Protocol Head
E2010 MBX
Store
DB
RPC RPC
Cross-Site Proxy Request
Layer 7 LB
Cross-SiteSilent
Redirect
OWAparis.mail.contoso.commail.contoso.com
Exchange 2013 OWA Client Connectivity FlowExchange 2007 Coexistence
Layer 4 LB
E2013 CAS
IISHTTP Proxy
E2013 MBX
Protocol Head
DB
E2007 CAS
Protocol Head
E2007 MBX
Store
DB
Site Boundary
E2007 CAS
Protocol Head
E2007MBX
Store
DB
RPC RPC
Layer 7 LBCross-Site
Silent Redirection
OWA
Layer 7 LBLegacy.contoso.com mail.contoso.com paris.mail.contoso.com
Cross-Site Proxy Request
Same-SiteSilent Redirect
Request
CAS 2013 Client Protocol Connectivity FlowLegacy Coexistence (Cumulative Update 2 and later)Protocol Exchange 2007 user accessing
Exchange 2010 namespaceExchange 2007 user accessing
Exchange 2013 namespaceExchange 2010 user accessing
Exchange 2013 namespaceRequires Legacy namespace Legacy namespace No additional namespacesOWA • Same AD site: silent or SSO FBA
redirect• Externally facing AD site: manual or
silent/SSO Cross-site redirect• Internally facing AD site: proxy
Silent redirect to CAS 2007 ExternalURL in same or different AD site.
• Same AD Site: Proxy to CAS 2010
• Different AD Site: Cross-site silent redirect to ExternalURL
EAS • EAS v12.1+ : Autodiscover & redirect • Older EAS devices: proxy
Proxy to MBX 2013 Proxy to CAS 2010 - all noted protocols
Outlook Anywhere
Direct CAS 2010 support Proxy to CAS 2007
Autodiscover
Exchange 2010 answers Autodiscover query for 2007 User
Exchange 2013 answers Autodiscover query for 2007 User
EWS Uses Autodiscover to find CAS 2007 EWS External URL
Uses Autodiscover to find CAS 2007 EWS External URL
POP/IMAP Proxy Proxy to CAS 2007OAB Direct CAS 2010 support Proxy to CAS 2007RPS n/a n/aECP n/a n/a • Same AD Site: Proxy to CAS 2010
• Different AD Site: Cross-site silent redirect to ExternalURL
Move Mailboxes to Exchange Server 2013
65
New migration serviceBatch managementReportingRetry semanticsUses Mailbox Replication Service (MRS) internally
New cmdletsNew-MigrationBatchGet-MigrationUserStatistics
Also available from EACWLM will throttle moves to maintain a good user experience
Exchange Server 2013 Mailbox Moves
6 65
Public Folders
Uses mailbox architectureExisting Public Folders can be migrated to Exchange 2013Public Folder Replication is removedEnd user experience doesn’t change
Migrate mailboxes before Public FoldersExchange 2013 users can access Exchange 2010/Exchange 2007 Public FoldersExchange 2010/Exchange 2007 users cannot access Exchange 2013 Public FoldersMigration of Public Folders is a cut-over migrationSimilar to online mailbox moves
Exchange 2013 Modern Public Folders
Analyze existing Public Folders Tool available to analyze existing Public Folder hierarchy to determine how many Exchange 2013 Public Folder mailboxes are recommended
Copy Public Folder dataUsers continue to access existing Public Folder deployment while data is copiedData migration happens in the background
Switch clients to Exchange 2013 Public Folders There will be a short downtime while the migration is finalizedOnce migration completes, everyone switches at the same timeCan switch back, but any post migration Public Folder changes are lost
Public Folder Migration Process
2. AnalyzeTake snapshot of existing PF folder structure, statistics and permissionsMap PF folders to PF mailboxes
Public Folder Migrationfrom Exchange 2007 or Exchange 2010 Public Folders
Outlook Clients1. Prepare
Install Exchange SP and/or updates across the ORGMigrate all users that require access to Exchange 2013
4. Begin Migration RequestClients continue to access and create new data during copyAfter copy is complete migration request status is AutoSuspended5. Finalize Migration RequestUpdate snapshot of existing PF folder structure, statistics and permissionsLock source, clients logged off, final sync occurs
3. Create new Public Folder mailboxesSet to HoldForMigration Mode, mailboxes invisible to clients
1 2
4
6
MBX MBX
6. ValidateCheck and verify destination folders
PF dbase 2
PF dbase 3
E2007 SP3 or E2010
PF
Exchange 2013
PF mbx 1
PF mbx 2
MBX5
PF dbase 1
PFs
PF mbx 3
3
RU10
SP3
Managing Coexistence
Use Exchange Admin Center (EAC) toManage Exchange 2013 mailboxesManage Exchange 2013 certificatesManage Exchange 2013 serversManage some Exchange 2007/2010 server attributesView and update Exchange 2010/2007 mailboxes and properties (with a few limitations)
Use Exchange Management Console (Exchange 2010/2007) to create legacy mailboxes
Managing Coexistence
Quota Calculations
Mailbox and Public Folder data moved from legacy Exchange 2013 will appear to growThis is due to more accurate space usage calculation of items within the database compared to previous versions
Expectation is 30% increase in quota hit, but will vary based on the content typesMay want to increase the quotas of any user using 75% or more of their quota prior to moving their mailbox to Exchange 2013
The database size on disk does NOT increase
Quota Calculations
Infrastructure, communication & collaboration
#mstechdays
QUESTIONS?Thank you!
#mstechdays Infrastructure, communication & collaboration
• Exchange 2013 Haute disponibilité et tolérance aux sinistres (Session 1/2 première partie) – 12/02/14 - 15:15-16:00, salle 351
• Exchange 2013 Haute disponibilité et tolérance aux sinistres (Session 2/2 première partie) – 12/02/14 - 16:30-17:15, salle 253
Related Content
#mstechdays Infrastructure, communication & collaboration
• Exchange 2013 Bonnes pratiques – 12/02/14 – 12:15-13:00, salle 252B
• Exchange 2013 Dimensionnement et Performance – 12/02/14 – 17:45-18:30, salle 252B
Related Content
Infrastructure, communication & collaboration
#mstechdays
APPENDIX – RESOURCES
#mstechdays Infrastructure, communication & collaboration
• Office Blogs – http://blogs.office.com/• Exchange Team Blog –
http://aka.ms/ehlo• Lync Team Blog –
http://aka.ms/lyncblog• SharePoint Blog –
http://aka.ms/spblog• Yammer Blog – http://
aka.ms/yammerblog• Outlook Blog – http://
aka.ms/outlookblog
Office-related Blogs
#mstechdays Infrastructure, communication & collaboration
• Excel Blog – http://aka.ms/excelblog• Power Bi Blog – http://aka.ms/pbiblog• Office 365 for Business Blog – http://
aka.ms/o365fbblog• Project Blog – http://
aka.ms/msprojectblog• OneNote Blog – http://
aka.ms/onenoteblog
Office-related Blogs
#mstechdays Infrastructure, communication & collaboration
• Access Blog – http://aka.ms/accessblog
• OneDrive Blog – http://blog.onedrive.com/
• PowerPoint Blog – http://aka.ms/pptblog
• Word Blog – http://aka.ms/wordblog• Office for Mac Blog –
http://aka.ms/ofmblog
Office-related Blogs
Join the conversation#iammec
Sign up for the newsletter
<mecupdates>
Promote with customerswww.iammec.co
mInternal site for all info
aka.ms/MECfield
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Digital is business