More Coffee Anyone?

Notes from the lab and the field

Exchange 2010 Cross Forest Migration: The case of the missing User Account Attributes

Recently I encountered a situation where the client created a new active directory forest was created and all user objects were “migrated” to the new forest. The legacy forest was left intact as Exchange 2003 was not migrated. All applications and other services were migrated to the new forest while Exchange was the only service remaining in the legacy forest. The users accessed their mailboxes via an account in the legacy forest.

I was engaged by the client to design, deploy and migrate to Exchange 2010 SP1 in the new forest. Once this was all setup and configured, migrating the mailbox should be a walk in the park with the power of the Exchange Management Shell. However, in my initial review of the new and old forests, I should have checked the following with the client:

  • How were the user accounts migrated? i.e. was a tool used to migrate the accounts? If so, which tool?
  • If a tool was indeed employed, which user account attributes were migrated in the migration process?

These questions are very important especially if SIDHistory was not migrated as an attribute on the user account. Read more »

August 1, 2011 Posted by | Exchange 2010 RTM, Exchange 2010 SP1 | , | Leave a Comment

Exchange 2010 Cross-Forest (Cross-org) Client Migration Planning

After some absence, I’ve decided to get my blog running. I have a couple of ideas of what I would like to publish but that will have to wait for now. This week I’m performing a cross-forest migration for a client. After reviewing the assistance available for CLIENT – SIDE CONSIDERATIONS on the Internet, I thought I’d start publishing a list of issues I have encountered so far. It would be great if you could leave your comments so that I can update the list so that it captures a well-rounded list of scenarios and possible issues.

This is a WORK IN PROGRESS – Feel free to send me your comments.

This client has two active directory forests. Both forests have a mix of Windows 2003 and Windows 2008 R2 servers as DCs. The legacy Exchange organization has Exchange 2003 deployed, while the target organization has Exchange 2010 SP1 deployed. The client active directory accounts have already been migrated but are still accessing their mailboxes in the legacy forest / organization. The user accounts used to access the existing Exchange 2003 organization are still the old accounts in the legacy forest.

The Outlook clients deployed in this scenario are:

  • Outlook 2003
  • Outlook 2007

Here are the items I need to review: Read more »

August 1, 2011 Posted by | Exchange 2010 RTM, Exchange 2010 SP1 | 2 Comments

Exchange 2010 RTM: ActiveSync and the Personal Archive

I’ve been pretty lax lately but had an interesting question on whether or not a user can view a Personal Archive via ActiveSync. There aren’t any particular references as to whether or not this can be done. I posed the question to Jeff Guillet who was kind enough to test it immediately. The short answer: NO. See Jeff’s Post on this test here.

The official Microsoft Whitepaper on the Personal Archive (this one covers Exchange 2010 SP1) doesn’t mention any other way to access the personal archive via any other methods than Outlook Web App or Outlook 2010. See the new Personal Archive whitepaper here.

April 20, 2010 Posted by | Exchange 2010 RTM | | Leave a Comment

Exchange 2010 DAG Implementation

I was seriously considering writing a cool Exchange 2010 DAG implementation series but I just can’t justify the effort when a very good one already exists over at Shudnow’s Blog. Please see his 4 part series called “Exchange 2010 RTM DAG using Server 2008 R2″. You won’t regret it. I will update this post as I find issues with DAG that is not addressed in Shudnow’s post.

March 29, 2010 Posted by | DAG, Exchange 2010 RTM | | Leave a Comment

Upgrade Exchange 2003 Default Address Policy & Address Lists to Exchange 2010

So here’s the kicker. What are you doing with these commands and WHY? One of my pet peeves is to read information on the Internet and nobody can tell me why I need to do something in order to make it work. I don’t have the exact answer but I have a firm idea. Exchange 2007 and later uses OPATH filtering syntax as opposed to LDAP filtering syntax. This is not clearly explained here but it is a good reference and the code can be copied directly from this Technet page. These commands are for the DEFAULT address lists. Here is another link that explains custom Address Lsit conversion. I suspect that this is why the Office Filter Pack is required on Exchange 2010 servers.

I got most the guidance I need off Andy Grogan’s post over at TelnetPort25.

In order toedit an email address policy created by Exchange 2003 after installing Exchange 2010, a powershell command must be used to enable Exchange 2010 to manipulate this policy. In actuality, the Email Policies and Address Lists are converted.

[PS] C:\>Set-EmailAddressPolicy “Default Policy” -IncludedRecipients AllRecipients

In the command above, I am CONVERTING the Default Policy to Exchange 2010. It would be best to change this policy once the Exchange 2003 servers have been decommissioned or all the mail objects have been moved to Exchange 2010. Read more »

March 26, 2010 Posted by | Exchange 2010 RTM | , , | 8 Comments

External HA failover in multiple Internet facing Exchange 2010 sites

[Updated: 03/27/2010]

SCENARIO

Here’s the scenario faced at a client site. They wanted the configuration below (it was simplified to discuss failover options).

NOTE: This is a discussion around external connectivity without any form of VPN or other secure connection to the corporate network. It is purely an external client connection.

  Read more »

March 25, 2010 Posted by | DNS, Exchange 2010 RTM | , | Leave a Comment

Building NLB Exchange 2010 RTM CAS / HT Servers (Hyper-V) – Part 3

NOTE: Before configuring anything after the deployment of the CAS server roles, remember that if any send or receive connectors are configured, these would supersede the configured Exchange 2003 connectors or they would take precedence over the default SMTP virtual server in Exchange 2003 if no connectors are configured at all. My recommendation would be to install the mailbox server roles and create mail databases before performing any CAS configuration tasks.

The following steps should be performed to specify the CAS Array. All this does is specify the connection point to the client. The virtual IP address of the NLB servers will be used as a connection point for MAPI clients. 

The CAS Array can be set by opening the Exchange Management Shell and typing the following command:

New-ClientAccessArray –Name “MAPI Client Connection Point” –Fqdn “Outlook.Morecoffeeany1.com” –Site “Default-First-Site-Name” Read more »

March 23, 2010 Posted by | Exchange 2010 RTM, NLB | , | 1 Comment

Building NLB Exchange 2010 RTM CAS / HT Servers (Hyper-V) – Part 2

Before using the NLB cluster for Exchange, the NICs should be able to forward requests between each other. This is achieved by running the following command on the cluster NICs on each node of the cluster:

netsh interface ipv4 set int “Cluster Only LAN” forwarding=enabled

The reason for this configuration is as clear as mud at this stage. However, I assume that it has to do with the fact that the cluster only interface does not have a gateway configured for the connection. This connection functions on a broadcast anyway. According to the Microsoft Enterprise Networking Team, the packet will be dropped since IP forwarding is not enabled by default in Windows 2008 and the inbound packet comes in without a subnet mask.

Now we’re ready to install Exchange 2010. First I’ll run the ExPDA to check the environment for the Exchange 2010 prerequisites. If you’re not sure how download and use the ExPDA, check my earlier  blog post on how to do this.

Read more »

March 23, 2010 Posted by | Exchange 2010 RTM, NLB | , | Leave a Comment

Building NLB Exchange 2010 RTM CAS / HT Servers (Hyper-V) – Part 1

UPDATE: 07/12/2011

Since this has been a topic of debate, I’ve added an additional network diagram (not one generated in my lab) so that it may become a little clearer as to how NLB works. The understanding for this network configuration comes directly from Michael Platts’ blog post: Balancing Act: Dual-NIC Configuration with Windows Server 2008 NLB Clusters

I know I’ve been pretty offline regarding this blog but I fully intend to jump start it soon.

This post was created using Joe Hoegler’s post as a guide. All Exchange 2010 client access to mailboxes and other resources go through the CAS server. Clients no longer connect to the Exchange server directly for anything. With this said, it makes sense to build CAS servers in an HA configuration. This article was created to detail the steps required to create a load balanced CAS / HT server using Windows Network Load Balancing.

Before deploying the NLB configuration, the following should be carefully considered:

“You achieve load balancing for Hub Transport servers when you install more than one Hub Transport server in the same Active Directory site. By default, connections to Hub Transport servers are automatically load balanced if more than one Hub Transport server is deployed in an Active Directory site. If one Hub Transport server is unavailable, the operational Hub Transport servers continue to accept connections. If all Hub Transport servers in an Active Directory site are unavailable, messages are queued until a Hub Transport server becomes available or the messages expire.

Load balancing of outbound connections to remote domains is achieved by specifying more than one Hub Transport server in the same Active Directory site as a source server for the corresponding Send connector. Load balancing doesn’t occur when the source servers for a Send connector are located in different Active Directory sites.

Note:
If the Hub Transport server is installed on the same hardware as the Mailbox server role, load balancing may not occur. When the Hub Transport server role is on the same hardware as the Mailbox server role, the local server is preferred for all messages that are sent by users who have mailboxes on that server. Therefore, in this scenario, true load balancing does not occur.” Taken from: http://technet.microsoft.com/en-us/library/bb125239.aspx

Requirements

Two or more servers running Windows 2008 R2 (earlier version do have NLB built in but for this blog entry, I will be using Windows 2008 R2). Ideally each server will be configured with two NICs. One for client access and one for the cluster heartbeat. NLB requires all IPs to be on the same network.

Notes on Hyper-V

Read more »

March 19, 2010 Posted by | Exchange 2010 RTM, NLB | | 10 Comments

Exchange 2010 RTM: 10 things about Archiving

  1. Can only be accessed via Outlook 2010 and OWA 2010. (What about mobile devices?)
  2. Archive appears as a separate node in the Outlook interface. Items can be dragged and dropped in both directions. The import process is drag and drop through Outlook, no other way.
  3. There is a separate disk quota setting for the size of the email archive.
  4. Requires eCAL
  5. Drag and drop PST to archive. ExMerge is not supported.
  6. Only difference between main mailbox and archive is that archive cannot be accessed offline.
  7. Mailbox and mailbox archive has to be stored on the same mailbox server. (What about the database?)
  8. Mailbox search searches primary mailbox and archive mailbox node.
  9. No compression used on archived mailboxes.
  10. Archive dB can be part of a DAG.

March 13, 2010 Posted by | Exchange 2010 RTM | | Leave a Comment

« Previous Entries    

Follow

Get every new post delivered to your Inbox.