| OBJECTIVE: | | | | mapped between the endpoints.o Final Checks: To |
| Electronic messaging services within a company | | | | check the Active Directory users to make sure the |
| remains a mission critical application and its | | | | Exchange attributes appear in their properties using |
| implementation is a vital part to the conduct of | | | | the Active Directory Users and Computers. |
| everyday business strategies, needs and goals. Within | | | | OBJECT DELETION WITH THE ADC: |
| the organization the business requirements now | | | | 1) If you delete a mailbox-enabled user in Active |
| include the safeguard of electronic content retention | | | | Directory, the ADC deletes the corresponding mailbox |
| best practices. Therefore, it is important to see to it | | | | in legacy Exchange. |
| that a migration project is undertaken with a lot of | | | | 2) If you delete a mail-enabled group or contact in |
| care. Read this document carefully to gain a good | | | | Active Directory, the ADC deletes the corresponding |
| understanding of not only the pre-requisites but also | | | | distribution list or custom recipient in legacy Exchange. |
| the migration path from mixed to native mode. | | | | 3) If you remove the e-mail attributes from users, |
| The delivery of mail is a challenging task which | | | | groups, or contacts in Active Directory, the ADC |
| includes the support of thousand of users within the | | | | deletes the corresponding mailbox, distribution list, or |
| corporation environment. The new infrastructure | | | | custom recipient in legacy Exchange. |
| must set up procedures to respect compliance, | | | | 4) If you delete a mailbox in legacy Exchange, the |
| corporate governance and internal regulatory policy | | | | ADC strips the email attributes from the |
| enforcement. Affirmatively, business guidelines and | | | | corresponding user object in Active Directory. |
| principles for the preservation of electronic mail within | | | | 5) If you delete a distribution list or custom recipient |
| the corporate body must now be taken into | | | | in legacy Exchange, the ADC strips the e-mail |
| consideration. This requires that companies learn how | | | | attributes from the corresponding group or contact in |
| to standardize their projects to meet not only | | | | Active Directory. |
| corporate needs but also judicial demands. | | | | § Active Directory Connector Object Replication |
| The granularity of server management depends upon | | | | Check |
| a business model that will sustain the rationalization of | | | | § Active Directory Object Replication Scan |
| all of the mechanics of the migration project from | | | | § Active Directory Unmarked Resource Mailbox |
| Exchange 5.5 to Exchange 2003. It is understood that | | | | Scan |
| the migration will introduce many changes upon the | | | | SCHEDULING REPLICATION WITH THE ADC:o |
| business model. It is to be undertaken by keeping the | | | | Ensure that the 5.5 replication connector is set |
| infrastructure model and design flexible without the | | | | directly between the remote site and the central |
| impairment of performance. | | | | site.o The replication connector is using the same |
| SETUP PROCEDURES FOR THE MIGRATION: | | | | server in the central site as the replication bridgehead |
| MANAGING THE MIGRATION:o Domain controller | | | | that the ADC is configured to replicate changes from |
| location. You'll need at least one Domain Controller in | | | | the Active Directory.o The 5.5 replication schedule set |
| each office that has an Exchange 2003 servero | | | | to Always or short intervalso Configuration |
| Global Catalog server location. Need at least one | | | | Connection Agreements: Exchange 5.5 stores server |
| Global Catalog server in each office that has an | | | | information in a configuration container in the legacy |
| Exchange 2003 server. This can also act as the local | | | | Exchange directory service. Each Exchange server in |
| Domain Controller. The simplest way to accomplish | | | | a site knows about the other servers in the site by |
| this is to make all branch office DCs into GCs. | | | | looking in this Configuration container. The legacy |
| Microsoft recommends a minimum of one GC server | | | | servers in a site will not know that you installed an |
| for every four Exchange processors, not servers.o | | | | Exchange 2003 server until they see the server's |
| DNS configuration. Make certain that DNSLint shows | | | | information in the legacy Configuration container. |
| no errors, other recommended tool KILLADCGN.EXE | | | | That's the job of the Configuration Connection |
| to verify chkds Checkdisk and chkdsro | | | | Agreement, (CA) which is created automatically by |
| (CheckReplicationOrphan objects in AD);o Active | | | | default when you install the first Exchange 2003 |
| Directory Native Mode. Important Notice: The Active | | | | server in the site.o Configuration CA Function: When |
| Directory domain containing the Exchange servers | | | | you install an Exchange 2003 server, Setup creates |
| must be in Native Mode so that you can use | | | | objects under the Exchange organization container in |
| Universal Security Groups for e-mail distribution.o | | | | Active Directory that represent the following |
| Replication or authentication problems. Verify Event | | | | functions: |
| Viewer to have no errors from directory service | | | | ü Site addressing and routing capabilities |
| replication, KCC topology calculations, or | | | | ü Site Connectors |
| authentication errors originating from domain | | | | ü MTA (Message Transfer Agent) and other |
| controller accounts. You can use the EventCombMT | | | | transport protocols |
| utility (download from Microsoft). EventCombMT is | | | | ü Private and public mailbox storage parameters |
| part of the Account Lockout and Management and | | | | ü Recipient Policies |
| Lockouto Domain Prerequisites Considerations : Name | | | | ü Site (Administrative Group) configuration |
| Resolution, ADC Staging OU, ADC Staging, Verify | | | | parameters |
| trusts issues, Replication topology | | | | ü Encryption and secure messaging parameter |
| Verify Current Exchange Organization Roles and | | | | INSTALLING AND CONFIGURING THE CONNECTION |
| Distributions: | | | | AGREEMENTS: |
| O Exchange server version | | | | Recommendations: To be installed after the |
| O Site configuration | | | | ForestPrep |
| O Site connectors and Directory Replication | | | | INSTALLING AND CONFIGURING THE CONNECTION |
| connectors | | | | AGREEMENTS: |
| O Internet connectors | | | | Connection Agreement Properties:o Recipient |
| O Unsupported connectors | | | | Connection Agreements: The wizard creates |
| O Key Management Services | | | | two-way connection agreements, meaning that |
| O Compatible backup | | | | changes made to either of the directory service will |
| O Antivirus and Antispam software | | | | replicate to the other service (within Active |
| O Patches | | | | Directory).o Check Connection Settings: This tab |
| O E-mail dependent applications | | | | allows you to select the endpoint server for each |
| O Exchange 2000 instant messaging | | | | side of the Connection Agreement and the |
| Pre-Requisites and Precautions before the | | | | credentials used to access the directory service on |
| installation:o Security patches (ISDS for Exchange)o | | | | that server. Exchange 2003 has a service called the |
| In order to preserve Exchange 5.5 Public Folder | | | | Site Replication Service. But, SRS listens at TCP port |
| Access Control Lists (ACLs) after mailboxes or | | | | 379 rather than TCP port 389, the standard LDAP |
| distribution lists are moved between sites the | | | | port.o If you delete a resource mailbox, the ADC |
| Administrator will need to install an Exchange 5.5 DS | | | | deletes the corresponding disabled user object in |
| IS hotfix ( on every Exchange 5.5 Public Folder server | | | | Active Directory.o If you delete a standard mailbox, |
| prior to moving mailboxes or DLs between sites.o | | | | the ADC strips the e-mail attributes from the |
| The Consistency Adjuster must be run for each | | | | corresponding Active Directory object and sets the |
| server in each site.o Windows service packs (SP4.0 | | | | LegacyExchangeDN attribute to |
| for Exchange 5.5 while Exchange 2003 is on SP2.0 this | | | | ADCDisabledMailByADC. |
| information must be revised on the website of | | | | RESOURCE MAILBOX WIZARD MANAGEMENT: |
| Microsoft for the latest updates)o Considerations - | | | | It is best practice to allow the ADC Tools to create |
| Mobile Information Server (MIS) --To preserve | | | | the necessary Connection Agreements (CA) for the |
| functionality for existing mobile users during the | | | | migration process. |
| Exchange 2003 deployment, keep at least one MIS | | | | The wizard helps in the creation of the Connection |
| 5.5 servers running as you migrate to Exchange | | | | Agreements required to migrate from Exchange 5.5 |
| 2003.o Instant Messaging (IM) and Chat --This | | | | properly. |
| functionality has been replaced by Live | | | | It will automatically create a recipient (CA) |
| Communication Server (LCS) in Exchange 2003.o | | | | Connection Agreement and a public folder (CA) |
| CcMail connector -- If you are running ccMail (mainly | | | | Connection Agreement. |
| for Lotus Mail Agents) in the organization along with | | | | This Wizard will identify users with multiple mailboxes |
| Exchange, it's time for a final transition upon the | | | | and fix them in advance for the migration. |
| migration path to Exchange 2003.o Backup, Antivirus, | | | | This step will determine if the same user owns |
| and Antispam software compatibility issues and third | | | | multiple mailboxes. It gives you the possibility to |
| party software issueso ADC upgrades considerations | | | | identify the user's primary mailbox so that other |
| - You must upgrade the ADC servers to Exchange | | | | mailboxes can be designated as resource mailboxes. |
| 2003 ADC prior to introducing any Exchange 2003 | | | | Click Run to query the Exchange 5.5 server and |
| servers into the organization. The ADC upgrade | | | | collect information about the Exchange organization. |
| modifies the schema, so make sure that the Schema | | | | ADC Tools performs a series of four tests that will |
| Master is available.o Front-end/back-end upgrades. - If | | | | check for objects and attributes in legacy Exchange |
| you have an existing deployment such as for | | | | and Active Directory. This will help build XML database |
| example, Exchange 2000 that uses a distributed | | | | files to use later for resource mailbox marking. It |
| architecture, upgrade the front-end servers first and | | | | looks for mailboxes that have a similar owner. After, |
| then upgrade the backend servers. | | | | the ADC Tool identifies and marks resource |
| PRE-MIGRATION NORMALIZATION ISSUES: | | | | mailboxes using the Resource Mailbox Wizard. You |
| O Install service packs (verify Microsoft website for | | | | can use the bulk edit capabilities to create .csv files |
| the latest versions) | | | | for doing the mailbox marking. |
| O Normalize mailboxes (size sum check) | | | | HOW CONNECTION AGREEMENTS ARE |
| O Verify public folders permissions (permissions will | | | | CONFIGURED: |
| affect the RUS) | | | | Connection agreements are configured by an |
| OMigration Account Rights Ensure the account(s) | | | | Administrator who controls the type of objects that |
| used for the migration process are given 'Service | | | | are replicated between Active Directory and |
| Account Admin' rights at the Organization, Site and | | | | Exchange 5.5. It contains information on how to |
| Server level. | | | | handle the deletion and what to do when there is no |
| OSimple-Synchronization Ensure the Simple-Sync | | | | matching account for the mailbox in the destination |
| replication schedule is set to every twelve hours (12 | | | | directory. Notice: To ensure that objects are created, |
| hours) - Exdeploy.hta. (Deployment tools) | | | | the ADC marks all connection agreements as primary |
| Considering ultimate performance:o Domain Upgradeo | | | | by default.a) A primary connection agreement has |
| Upgrade the current PDC to Windows Server 2003.o | | | | the capability to create objects in the directory.b) A |
| Install additional Windows Server 2003 domain | | | | secondary connection agreement can only update |
| controllerso Shift the domain and forest to Windows | | | | the attributes of existing objects. |
| Server 2003 functional level | | | | Can configure: o One way from Windows or from |
| Network Infrastructure Considerations:o Traffic | | | | Exchange |
| patternso Outageso Remote userso Routing groups | | | | Can configure: o Two ways replication of the |
| Costs Topology:o Server softwareo Client Access | | | | information this is synchronized in both directions. |
| Licenses (CALs)o Additional personnelo Trainingo | | | | This is generally the preferred method for it keeps |
| Client software | | | | the configuration simple |
| Additional Networking Considerations:o Directory | | | | Types of Connection Agreements to be found during |
| service connection failureso Inability to access public | | | | the Migration: |
| folderso Inability to replicate public folders with legacy | | | | Exchange System Manager Program: Default |
| Exchangeo Incompatible historical backupso Hardware | | | | It will be created by default by the system when the |
| failureso Software compatibility failures | | | | first Exchange Server 2003 system has been |
| Considering Final Networking Objectives:o No service | | | | installed. After the replication of the configuration |
| interruptionso Single mailbox-enabled account for each | | | | information, Exchange 5.5 sites will be visible in the |
| usero Retain existing mailbox and public folder | | | | Exchange System Manager program and they are |
| permissions.o Fastest possible introduction of new | | | | represented as Administrative Groups. Exchange |
| featureso Maximize existing hardware | | | | Server 2003 systems are also visible in the Exchange |
| Domain Prerequisites Considerations: Name Resolution, | | | | 5.5 Administrator program. |
| ADC Staging OU, ADC Staging, Verify trusts issues, | | | | Configuration Connection Agreements :( cannot be |
| Replication topology. ADC, DcDiag, NetDiag, AD | | | | created manually) |
| Snapshot, Log Files, Event Viewer Security, | | | | This CA maps some of the objects in the legacy |
| Application and System Logs | | | | configuration container with objects in the Exchange |
| NB*: Remove Internet Explorer Enhanced Security. | | | | 2003 Organization container in Active Directory. This |
| ADC Setup will make extensive use of Internet files | | | | CA cannot be created manually. Exchange Setup |
| (.html, .hta, etc.). Windows Server 2003 has a feature | | | | configures the CA as part of installation of the very |
| called Internet Explorer Enhanced Security that | | | | first server in each legacy site. It is used for |
| forces a security launched wizard. Remove this | | | | coexistence between the Exchange 5.5 and |
| feature from the server for the duration of the ADC | | | | Exchange 2003 servers environments. To transfer |
| and Exchange setup. | | | | information such as site addressing and routing |
| 1. Launch Control Panel. | | | | information between the various Exchange platforms. |
| 2. Open the Add/Remove Programs applet. | | | | Recipient Connection Agreements: |
| 3. Click Add/Remove Windows Components | | | | It is responsible for replicating mailbox, distribution list, |
| 4. Uncheck the Internet Explorer Enhanced Security | | | | and custom recipient information from the Exchange |
| Configuration option | | | | 5.5 directory to the Active Directory. This CA maps |
| 5. Click Next to accept the change. | | | | the attributes of Users, Groups, and Contact objects |
| Primary Reports and Log Files verifications:o | | | | in Active Directory with Recipient, Distribution Lists, |
| DSConfigSum. This test reports the total number of | | | | and Custom Recipient objects in the legacy Exchange |
| sites and the number of servers in each site.o | | | | directory service environment. |
| DSObjectSum. This utility reports the total number of | | | | It is also used to send users, groups, and contacts |
| public folders, distribution lists, distribution lists with | | | | from Active Directory to Exchange 5.5. Recipient |
| hidden membership, and custom recipients.o | | | | Connection Agreements it maybe configured as |
| UserCount. This test reports the total number of | | | | one-way or two-way connection agreements. It is |
| recipients (users) in the organization, broken down by | | | | important to remember that each connection |
| site.o VerCheck. This test verifies that you have the | | | | agreement has its own schedule |
| right Exchange version and service pack level on your | | | | Public Folder Connection Agreements: |
| Exchange servers.o NB*: The main log file for the | | | | This CA maps legacy public folders with Public Folder |
| deployment is Exdeploy.log. It shows the result of | | | | objects in Active Directory to allow Exchange 2003 |
| each test performed by DSScopeScan. | | | | to accept e-mail on behalf of the public folders. It is |
| INSTALLATION CONTROLS: | | | | responsible for replicating mail-enabled public folder |
| The Extending of the Active Directory Schema: | | | | information from and to Exchange 5.5 and the Active |
| /Forestprep switch is used to extend the Active | | | | Directory. This connection agreement can only be |
| Directory schema. | | | | configured as a two-way connection agreement. It is |
| § Will modify the Active Directory Schema to | | | | best to create the connection agreement for each |
| include new attributes and classes used by Exchange | | | | Exchange 5.5 site in regards to this connection |
| 2003 and also installs the top-level objects for a | | | | agreement. Pfmigrate utility automates replication to |
| placeholder organization tree in the Configuration | | | | allow Exchange mailboxes on the new Exchange |
| Naming Context in the Active Directory forest. | | | | Server 2003 systems to be able to access system |
| Preparing the Windows Server 2003 Domains to | | | | and public folders. |
| Support Exchange Server 2003: | | | | PFMigrate /S: (Source Server) /T: (Target Server) /A |
| /Domainprep It will prepare the domains that will host | | | | /N: (Number) /SC |
| Exchange servers or mailbox-enabled users | | | | How to Manually Configure Additional Connection |
| § This creates objects in the Active Directory | | | | Agreements? |
| domain that represent Exchange service accounts, | | | | To configure a Manual Configuration Agreement: |
| public folders, and groups that represent Exchange | | | | Open the ADC MMC snap-in on the domain controller |
| servers in the domain and the enterprise. | | | | running the ADC. |
| It will configure the Recipient Update Service | | | | The following tabs must be populated:o Generalo |
| parameters responsible for keeping Exchange address | | | | Connectionso Scheduleo From Exchangeo From |
| lists up-to-date and for creating proxy addresses for | | | | Windowso Deletiono Advanced |
| users based on recipient policy addressing | | | | To configure manually a public folder connection |
| configuration. | | | | agreement: |
| NB*: Recipients are Active Directory objects that | | | | It is best practise to right-click the Active Directory |
| have messaging capabilities. The object itself does | | | | Connector service icon for the server and select |
| not receive messages. The messages are not stored | | | | New, Public Folder Connection Agreement. |
| in Active Directory. Instead, they can reside in a | | | | The following tabs must be populated:o Generalo |
| mailbox on an Exchange server, in a public folder, or | | | | Connectionso Scheduleo From Exchangeo From |
| in another messaging system. | | | | Windows |
| How these objects work: | | | | After its creation, the Administrator must force |
| When the proper credentials are sent to the domain | | | | replication immediately; right-click the connection |
| controller for the user object, the contents of the | | | | agreement and select Replicate Now. Verify the |
| mailbox become available to the e-mail client like | | | | Application Event Log in Event Viewer for errors |
| Outlook (in the inbox of the user). | | | | during the replication process. |
| It will also create the Exchange Server 2003 specific | | | | Rehoming and Distribution List Replication: |
| groups (permissions) that allow Exchange services to | | | | All Contacts, Distribution Lists (DLs) and Mail-enabled |
| run without a service account. | | | | Public Folder Objects are represented in the |
| Domainprep will create two new groups:a) Exchange | | | | Exchange 5.5 Directory and are associated with a |
| Domain Serversb) Exchange Enterprise Servers | | | | specific site. When consolidating a 5.5 site, these |
| Utilities to Run to verify the settings of the | | | | objects must be moved (re-homed) to a new site |
| Organization: | | | | prior to removing the old site or they will be lost. |
| 1) OrgPrepCheck | | | | Re-homing these objects will ensure that they are |
| 2) OrgCheck | | | | not lost when an old site is removed and that mail |
| 3) PolCheck | | | | flow to them can continue. |
| OrgPrepCheck: Verifying the Organization Settings | | | | INSTALLING AND CONFIGURING THE FIRST |
| with OrgPrepCheck. To validate the Forestprep and | | | | EXCHANGE 2003 SERVER: |
| Domainprep utilities were functionally successful. The | | | | Run the program: Run SetupPrep it will be use to |
| OrgPrepCheck utility is found via the Exchange | | | | validate that all prerequisites are now in place for the |
| Deployment Tools and is a recommended way of | | | | installation of the first Exchange Server 2003 in the |
| determining whether it is safe to proceed with the | | | | site. |
| migration process. | | | | Routing table issues: This Exchange server will hold |
| OrgCheck: This test is made to verify that the Setup | | | | many critical Exchange organizational management |
| created the proper Exchange objects in the | | | | and routing master tables. |
| Configuration naming context and Domain naming | | | | Installation path: Choose the installation path and |
| context. By making sure that the Exchange Domain | | | | ensure that Typical Installation is chosen. |
| Servers group, Exchange Enterprise Servers group, | | | | The new Exchange site: Enter the name of an |
| and Exchange Services group exist. It also will verify | | | | Exchange 5.5 Server of the site the Exchange Server |
| that the schema changes are propagated and that it | | | | 2003 system will be joining. |
| can find a Global Catalog server in the same site as | | | | Permissions: During Exchange setup, the Exchange |
| the ADC server. | | | | server's machine account is added to a Global |
| PolCheck: This test queries each domain controller in | | | | Security group called Exchange Domain Servers. This |
| the domain to determine if the Exchange Enterprise | | | | group is granted permissions on all Exchange objects |
| Servers group has been given the Manage Auditing | | | | to allow the Exchange Server 2003 services to |
| and Security Logs privileges. If the changes have not | | | | access and update the Active Directory. |
| been created it is possible to make use of Active | | | | Two Global Security Groups:a) Exchange Domain |
| Directory Sites and Services to force replication to | | | | Serversb) Exchange Enterprise Servers group |
| the affected problematic Domains to run | | | | The Exchange Enterprise Servers group contains the |
| OrgPrepCheck again. | | | | Exchange Domain Servers groups from all domains in |
| Manage the (ADC) Active Directory Controller: | | | | the forest and provides cross-domain access |
| Do not make use of the ADC that comes on the | | | | between all Exchange Server 2003 systems. |
| Win 2000 or Win 2003 Setup CD. These specific | | | | What has been installed during the setup of the |
| versions of ADC do not map special attributes | | | | Exchange 2003server? |
| required by Exchange recipients and public folders. If | | | | 1) Exchange Server 2003 binaries and services |
| you have already installed the operating system | | | | installed |
| version of the ADC, remove it before installing the | | | | 2) Changes to Active Directory Configuration |
| Exchange version. Also, unlike the Exchange files | | | | container |
| themselves, you can do the initial installation of the | | | | 3) Exchange Server added to Exchange Domain |
| ADC using the Exchange service pack files. The ADC | | | | Servers security group |
| uses LDAP to query and update servers. The ADC | | | | 4) Configuration connection agreement created (for |
| stores configuration parameters in Active Directory | | | | routing) |
| objects called Connection Agreements (CAs). A CA | | | | 5) Recipient Update Service (RUS) created |
| defines object types for the ADC to copy, the | | | | 6) Site Replication Service (SRS) installed |
| source and target containers for the objects, a | | | | Configuration connection agreements (ConfigCA) and |
| replication schedule, and credentials to use for making | | | | site replication service (SRS): |
| inter-server replication connections between sites. | | | | ConfigCA: |
| Failed Over Principle: The (ADC) Active Directory | | | | The ConfigCA will be responsible for replicating the |
| Connector has the capacity to delete objects in both | | | | configuration information between the Exchange |
| directories, as a pre-migration rule and precaution the | | | | platforms. The ConfigCA replicates items such as the |
| data should be stored. This failed over principle is | | | | Site Addressing Policies and the routing information in |
| important for if things go wrong during the migration | | | | the Gateway Address Routing Table (GWART). Also |
| an authoritative restore must be performed with the | | | | a new (ADC) connection agreement is added to the |
| NTDSUTIL utility of the Active Directory Database. | | | | Active Directory Connector. |
| Fail Over practices for recovery purposes during the | | | | SITE REPLICATION SERVICES (SRS) |
| migration: | | | | Interoperability: It will provide provides directory |
| This particular tool is going to provide a fail over | | | | interoperability between the Exchange 5.5 and the |
| practice which is the standard approach to perform | | | | Exchange 2003 servers. |
| database maintenance of Active Directory | | | | LDAP: SRS service runs using LDAP and is needed |
| - managing of single master operations | | | | only during the migration period. |
| - managing of the metadata in regards to the Domain | | | | Synchronization: SRS service runs in conjunction with |
| Controllers | | | | the Active Directory Connector for directory |
| Found in systemrootSystem32 | | | | synchronization. |
| May also perform the restore from Backups | | | | SRS services: One SRS is allowed per Exchange |
| CONFIGURING THE ACTIVE DIRECTORY | | | | Server 2003 system. |
| CONNECTOR (ADC): | | | | Replication Connectors: The SRS are created on all |
| Step 1: Before installing the ADC the Administrator | | | | servers that house Exchange 5.5 Directory Replication |
| must create or choose a user account that will be | | | | Connectors. The Directory Replication Connector is |
| used to run the ADC service and manage the (CA) | | | | replaced by the SRS to perform Inter-site replication |
| connection agreements. | | | | with the remote Exchange 5.5 sites. |
| Step 2: Permissions rights for the (DC) Domain | | | | SRS Default: SRS is automatically installed and |
| Controller: This account needs to be added to the | | | | configured at the time of the installation of the |
| Administrators group in the domain if the ADC is | | | | Exchange Server 2003 installation. |
| installed on a domain controller. | | | | Recipient Update Service: It is responsible for |
| Step 3: Permissions rights for a Member Server: This | | | | updating address lists and email addresses in Active |
| account needs to be added to the local | | | | Directory. The Recipient Update Service is responsible |
| Administrators group. Must standardize the rights on | | | | for updating the Enterprise configuration information |
| both sides 5.5 Admin and 2003 server by adding the | | | | in Active Directory (administrative and routing |
| service accounts from both administrative accounts | | | | information). |
| to gain the proper credentials (service account Admin | | | | Recipient Policies: The address list and email |
| group) | | | | addresses are configured under this policy. |
| Step 4: To install the ADC there are two (2) options | | | | NB*: Recipients are Active Directory objects that |
| ADC Setup from the Auto Run menu, or simply | | | | have messaging capabilities. The object itself does |
| invoke the setup from the Exchange Deployment | | | | not receive messages. The messages are not stored |
| Tools. | | | | in Active Directory. Instead, they can reside in a |
| Step 5: Before building the installation of the (CA) | | | | mailbox on an Exchange server, in a public folder, or |
| connection agreements the Administrator must | | | | in another messaging system. |
| configure the Attribute replication, account-matching | | | | When the proper credentials are sent to the domain |
| rules, diagnostic logging properties and replicating | | | | controller for the user object, the contents of the |
| directory entries. (Very important) | | | | mailbox become available to the e-mail client like |
| Step 6: Once the ADC is installed with its account | | | | Outlook (in the inbox of the user). |
| credentials and services it will be time to configure | | | | EXAMPLES OF TWO METHODS TO MIGRATE THE |
| the connection agreement (CA) and to begin | | | | MAILBOXES: |
| synchronizing the Active Directory and Exchange 5.5 | | | | The Move Mailbox Tool: |
| directories. | | | | The Move Mailbox tool allows the organization to |
| VERIFY THE CONNECTIVITY WITH ACTIVE | | | | migrate users in sizable numbers. The Outlook profiles |
| DIRECTORY: | | | | automatically are updated on the Desktop. Upon log |
| Run the Exchange 2003 SP1 version of exdeploy.exe | | | | on the users are redirected to the new Exchange |
| with the following switches to test the ADC | | | | Server 2003 systems within the same administrative |
| configuration. | | | | group. During the installation process the |
| %pathname%exdeploy.exe /t:ADCCheck | | | | Administrator can choose to either create a failure |
| p:%logpath% /s:o Initial ADC Attribute Copy , | | | | report if corruption is detected or to skip corrupted |
| ADC-Global-Names Attribute Creationo NT Account | | | | items and continue the mailbox move.a) Swing |
| Migrations -Invalid User Accounts , Do not Enable the | | | | Mailbox Server Migrationb) Cross-site Mailbox |
| Disabled User Objectso Multiple Mailbox Owners | | | | Migrations |
| (NTDSNoMatch) set an exclusion standard on the | | | | NB* If the move is unsuccessful, the user's mailbox |
| accounto Active Directory Account Cleanup Wizardo | | | | will still be available on the source Exchange 5.5 |
| ADC and Distribution Lists - Automatic Security Group | | | | server. It is important to have a failed over design |
| Upgradeso Distribution List Membershipo ADC Setup | | | | plan at this point to avoid errors. |
| Permissions - ADC Server Selection - ADC Service | | | | In moving selected mailboxes to a different server, |
| Account Selection | | | | the duration of the task will depend upon the size of |
| Synchronization: The connection agreements (CA) in | | | | each of the selected mailbox. Specify the current |
| the ADC are necessary to synchronize directory | | | | mailbox store, the server, and the destination mailbox |
| entries between the Exchange 5.5 and Exchange | | | | store. Decide on the action that you want the utility |
| Server 2003 systems. | | | | to take if corrupted messages are found. |
| Dispositions: Can be installed on a Member Server or | | | | MoveMailbox Features: |
| on the 1st Exchange 2003 Server installed. | | | | The Mailbox Wizard lets you decide, how it should |
| Implementation of CA: At this point you can choose | | | | react if one or more corrupted messages are |
| to implement one or more (CA) connection | | | | detected. If you select Create a failure report, the |
| agreements within the organization. It must be done | | | | mailbox containing corrupted messages will be left |
| because of the migration process for it will not | | | | untouched, which basically means it won't be moved. |
| sustain issues of fault tolerance or load balancing. For | | | | But if you select Skip corrupted items and create a |
| managerial purposes of the migration installation | | | | failure report the mailbox will be moved, but any |
| procedures the best practice is to install a single ADC | | | | corrupted items detected will be deleted from the |
| with one connection agreement for each Exchange | | | | mailbox, not only on the destination server, but on |
| 5.5 site. | | | | the source server as well. It is very important to |
| Site Replication: The 5.5 Exchange Server and the | | | | think about failover methods always backup your |
| installed ADC must be on the same physical network | | | | stores to media previous to the moves. |
| segment. | | | | Option 1: |
| Permissions: The rights must be Schema Admin and | | | | The utility can create a failure report (the report can |
| Enterprise Administrator both are required to install | | | | be found in systemdriveDocuments and |
| the ADC. | | | | Settingsprofile nameMy DocumentsExchange Task |
| Installation Process: Allocate at least two hours for | | | | Wizard Logs). This first option will not allow the move |
| the replication of about 5,000 objects within a single | | | | of the mailbox. |
| direction. But, the length of time for replication really | | | | Option 2: |
| varies on the number of | | | | The second option is to skip corrupted items and |
| Connection Agreements that is present and on the | | | | create a failure report. With this option corrupted |
| recipient containers on the populated attributes and | | | | items will be permanently deleted from the mailbox. |
| on the actual directory objects. | | | | These items maybe recuperated from backup |
| SYNCHRONIZATION BY USING THE ADC TOOL:o | | | | storage media. |
| ADC Tools: Simplify the process of testing | | | | This option gives Advanced Properties such as the |
| prerequisites and installing Connection Agreements. It | | | | possibility to specify the maximum number of |
| will synchronize the active directory forest with the | | | | corrupted items to skip; when the maximum number |
| Exchange 5.5 directory during the migration process. | | | | of corrupted items is exceeded the mailbox will not |
| Schema changes will now be fully replicated so that | | | | be move. It is possible to set a Task Schedule period |
| every domain is properly updated to include the | | | | within which to streamline the move. |
| necessary Exchange objects for the migration.o Tool | | | | It is possible to make use of the bulk mailbox move |
| Settings: This step is to specify the name of the | | | | tool in addition to the Active Directory Users and |
| Exchange 5.5 server to use for data collection and | | | | Computers MMC snap-in to move Mailboxes. If the |
| the location for the ADC logs.o Data Collection: This | | | | user has a corrupted item the option Skip Corrupted |
| step ultimately will run a suite of utilities that scans | | | | Items can be use. The mailbox can later be move |
| both Active Directory and the legacy Exchange | | | | manually even if it contains corrupted items with |
| directory service to find parameters that will be | | | | Exmerge. It is possible to plan and schedule to move |
| synchronized by the ADC.o Connection Agreement | | | | 100 to 200 mailboxes per day. |
| Wizard: This step is used to create Connection | | | | The Move Mailbox process can be scheduled to |
| Agreements that define the replication endpoints of | | | | execute right away, 4 mailboxes are processed at |
| the ADC and determine how attributes will be | | | | the same time, and this is the Multithreading feature. |