Boswell's Q&A

Exchange 2003 Migration Roadmap

Safely find your way to Exchange 5.5 to Exchange 2003.

Bill: My company is ready to move from Exchange 5.5 to Exchange 2000 or Exchange 2003. We have Windows 2000 with Exchange 5.5 and OWA on one front-end server and Exchange 5.5 on Windows NT 4.0 Service Pack 6a on another. The NT server is a BDC but the domain runs Windows 2000 with Active Directory. I have seen documentation (see KnowledgeBase article 822179, "Overview of Operating System and Active Directory Requirements for Exchange Server 2003" at http://support.microsoft.com/default.aspx?
scid=kb;en-us;822179
) that indicates Exchange 2003 is only supported in Active Directory environments with Windows 2000 and/or 2003 domain controllers and global catalog servers. Even though I still have an NT BDC, my Active Directory environment complies with requirements.

Can I safely introduce a new Exchange 2003 server into the Exchange 5.5 site? If yes, should I install Exchange 2003 on Windows Server 2000 or 2003? The goal is to use the Exchange Server Deployment tools to migrate Exchange 5.5 Mailboxes and Public Folders.
—George

George: Just as a summary, you have a mixed-mode Windows 2000 domain with Exchange 5.5 servers running on Windows 2000 and NT 4.0 servers. In this configuration, you can introduce new Exchange 2000 or Exchange 2003 servers, with this caveat: You can't create Universal groups in a mixed-mode domain. In a multi-domain forest, using Global groups for e-mail distribution can cause incomplete group membership expansion. It sounds like you only have one Active Directory domain, but you never know what the future holds, so you need to plan for a mode shift as soon as possible in the Exchange migration.

I recommend jumping directly to Exchange 2003, as it has all the latest fixes and code updates and represents a more mature messaging platform. Exchange Server 2003 also automates many of the processes required to migrate account information and permissions from legacy mailboxes and public folders. Your OWA users will really like the new interface and additional features in Exchange 2003 OWA. Also, if you want to use a front-end/back-end architecture for OWA, you only need to buy Exchange Server 2003 Standard Edition for the front-end server—that's a significant savings.

I also recommend upgrading to Windows Server 2003 to get the security improvements, the reliability enhancements in IIS 6.0 and the improved handling for group membership changes. That being said, you can run Exchange 2003 servers in a Windows 2000 domain and you can even run Exchange 2003 on Windows 2000 servers (SP3 or higher) but since you're going to spend quite a bit of time on this migration, why not get to the most current platforms?

Get Help from Bill

Got a Windows or Exchange question or need troubleshooting help? Or maybe you want a better explanation than provided in the manuals? Describe your dilemma in an e-mail to Bill at mailto:[email protected]; the best questions get answered in this column.

When you send your questions, please include your full first and last name, location, certifications (if any) with your message. (If you prefer to remain anonymous, specify this in your message but submit the requested information for verification purposes.)

You can't upgrade an Exchange server directly from Exchange 5.5 to Exchange 2003. [Note: The preceding sentence originally contained a typographical error. The sentence has been corrected.—Editor] You'll need to introduce a new Exchange server. Here's a brief roadmap. I'm going to assume that you upgrade to Windows Server 2003, as well.

Upgrade the Forest to
Windows 2003

You can upgrade the current Windows 2000 domain controller if you have confidence in your configuration control, or you can introduce a new server to get a pristine installation of Windows Server 2003 with all the new security enhancements. You sound as if you only have a single Windows 2000 domain controller, so adding a second Active Directory domain controller would be a good move. You can then upgrade the PDC Emulator to Windows Server 2003 or demote it, wipe the drives, install Windows Server 2003 and promote it to be the second domain controller. Don't tempt fate by having anything less than two domain controllers in a domain. Three is better, because you can take one domain controller down for maintenance and still have two up and running. Also, you'll want a couple of Global Catalog servers so that Exchange can expand group membership and Outlook can get the Global Address List.

Install SP4 and the Latest Security Patches on the
Exchange 5.5 Servers

You can get by with Exchange 5.5 SP3 on the end-point servers for Active Directory Connector (ADC) Connection Agreements, but why introduce complexity? Get all servers at the most current service pack and patch level.

Normalize Mailboxes
Spend an afternoon, maybe a long afternoon, validating that you have a one-to-one match between each legacy Exchange mailbox and an Active Directory user. At the same time, verify that each mailbox owner actually exists in Active Directory. The Exchange 2003 ADC has tools for this, but why wait until you're in the middle of the migration to find that you have a problem?

Verify Public Folder Permissions
Spend another long afternoon going through the permission list for each public folder to ensure that the recipients and distribution lists actually exist. This avoids having zombies on the permission lists; that is, distinguished names that do not point at a valid account in the legacy Exchange directory service.

Install Active Directory Connector (ADC)
This updates the Active Directory schema to include all changes required by Exchange Server 2003, so it takes some preparation on the Windows side.

Configure Recipient and Public Folder Connection Agreements A Connection Agreement (CA) defines a pathway and translation rules for synchronizing mail-enabled objects in Active Directory and the legacy Exchange directory service. You'll get warnings because your domain is in Mixed mode, but you'll correct that problem in short order.

Install the First Exchange 2003 Server
This creates a Configuration connection agreement in the ADC that copies information about the legacy Exchange organization into Active Directory. This server also runs an instance of the Site Replication Service (SRS) so the Exchange 2003 server can act as an endpoint for a Connection Agreement.

Move Connection Agreement Endpoints
The ADC Connection Agreement Wizard initially assigns endpoints to legacy Exchange servers. Manually move the endpoints of these CAs to the Exchange 2003 SRS server.

Move Mailboxes
Now that you have a fully functional Exchange 2003 server, you can move mailboxes to it from the legacy Exchange servers in the same site. You may want to install additional Exchange 2003 servers if you need the extra storage capacity and horsepower, or you can install Exchange 2003 Enterprise Edition and create additional storage groups and mailbox stores. Exchange is still in Mixed mode, so you cannot move mailboxes directly between servers in different legacy sites.

Move Connectors
The legacy Exchange server could host a variety of connectors, such as the Internet Mail Service (IMS), Site connectors, Directory Replication connectors, and possibly connectors for X.400 and third party e-mail systems. You'll need to create new connectors on the Exchange 2003 server and make sure that those connectors work satisfactorily before removing the legacy connectors. You'll need Exchange Server 2003 Enterprise Edition to get an X.400 connector.

Decommission the Legacy Servers
At this point, you no longer need the legacy Exchange servers in this particular site. De-install Exchange from the servers. This removes their objects from the organization both in the legacy Exchange directory service and from Active Directory.

Decommission the NT BDCs
This eliminates the need to support legacy LanMan replication.

Shift the Domain and Forest to Windows Server 2003
Functional Level

This enables you to create Universal Security Groups, a requirement for proper Exchange operation in a multiple domain forest. You can change any Global groups to Universal groups after you upgrade the functional level.

Repeat for Other Sites
While upgrading the first Exchange site to Exchange 2003, start upgrading the other sites using the same steps.

Shift to Exchange Native Mode
With all legacy servers decommissioned, remove the Site Replication Service from all Exchange 2003 servers then set a flag in the Organization that puts it in Native mode. This releases the organization from compatibility with legacy Exchange and enables the new Exchange Server 2003 features.

Hope this helps.

About the Author

Contributing Editor Bill Boswell, MCSE, is the principal of Bill Boswell Consulting, Inc. He's the author of Inside Windows Server 2003 and Learning Exchange Server 2003 both from Addison Wesley. Bill is also Redmond magazine's "Windows Insider" columnist and a speaker at MCP Magazine's TechMentor Conferences.

comments powered by Disqus
Most   Popular