Exchange 2007 - Planning Roadmap for Upgrade and Coexistence

Applies to: Exchange Server 2010

You can deploy Microsoft Exchange Server 2010 in an existing Microsoft Exchange Server 2007 organization. This topic provides an overview of the planning considerations and configuration steps that you must take when Exchange 2010 will coexist with Exchange 2007.

Existing Exchange Organization Planning

Before you continue in your planning for Exchange 2010, make sure your current Exchange 2007 organization meets the requirements discussed in the following topics:

Coexistence

Any organization that upgrades from Exchange 2007 to Exchange 2010 will experience a period of coexistence when parts of the organization still use Exchange 2007 functionality and other parts have completed the upgrade to Exchange 2010.

Important

You can only install additional Exchange 2007 servers in your organization if an Exchange 2007 server was there when the first Exchange 2010 server was installed.

Be aware of the following coexistence issues:

  • Management interfaces   In Exchange 2010, you can manage Exchange 2010 servers and mailboxes by using either the Exchange Management Console (EMC) or the Exchange Management Shell. You can also use the EMC to view some attributes on Exchange 2007 servers. For more information, see Exchange Management Console Interoperability.
  • Server role features   The Exchange 2010 server role features available to clients in the Exchange organization during the coexistence period depend on the version of the Exchange server where the user's mailbox is stored and the version of the e-mail client application used to access Exchange.
    For more information about how server-to-server communication occurs, see Understanding Transport Pipeline.
  • Routing groups   A large organization that has many routing groups requires a routing topology that maintains mail flow during the coexistence period. When you plan for a period of coexistence between Exchange 2010 and Exchange 2007, you need to understand how each version determines its routing topology. For more information about routing and coexistence, see Upgrade from Exchange 2007 Transport.

Upgrade Process from Exchange 2007 to Exchange 2010

Here is a high-level overview of the upgrade steps that you follow to upgrade from Exchange 2007 to Exchange 2010.

First, you upgrade all Internet-facing Active Directory sites by doing the following:

  1. Upgrade existing Exchange 2007 servers to Exchange 2007 Service Pack 2 (SP2).
  2. Deploy Exchange 2010 servers in this order:
    1. Client Access
    2. Hub Transport
    3. Unified Messaging
    4. Mailbox
  3. Configure the Exchange 2010 Client Access server.
  4. Configure the Exchange 2010 Hub Transport server and the Unified Messaging servers.
  5. Move mailboxes from Exchange 2007 to Exchange 2010

Then, upgrade all internal Active Directory sites in the same manner.

The following figure illustrates the overview of the upgrade process from Exchange 2007 to Exchange 2010.

Overview of upgrade steps from Exchange 2007 to Exchange 2010
Upgrade process Exchange 2007 to Exchange 2010

Order of Active Directory Sites for Upgrade

When you're upgrading your organization to Exchange 2010, you must begin with your servers in the Internet-accessible Active Directory sites, and then upgrade your internal Active Directory sites. Upgrading an internal Active Directory site before all your Internet-accessible sites have been upgraded isn't supported. This is because Client Access server to Client Access server proxying is only supported from the newer Client Access server role versions (Exchange 2010) to older Client Access server role versions (Exchange 2007) and not the reverse.

Order of Server Roles for Upgrade

Within the first Active Directory site or sites you're upgrading, the first Exchange 2010 server role you install is the Client Access server role. We recommend that you upgrade a single Active Directory site at a time to Exchange 2010. Depending on the size of your Active Directory site, this might be a single Client Access server computer or a load-balanced array of Exchange 2010 Client Access server computers.

We recommend the following order when installing the Exchange 2010 server roles:

  1. Client Access server role
  2. Hub Transport server role
  3. Mailbox server role
  4. Unified Messaging (UM) server role
  5. Edge Transport server role

Note

When upgrading to Exchange 2010, you can't perform an in-place server upgrade on an existing Exchange server.

For detailed information about upgrading server roles, see the following topics:

Exchange 2007 and Exchange 2003 Mixed Mode Coexistence

When you're ready to upgrade a mixed mode environment, upgrade each Active Directory site individually. If you have Active Directory sites with only Exchange 2007 or Exchange 2003 in them, follow the instructions for upgrade from that version for that Active Directory site. For example, if you have Exchange 2007 in Active Directory site A, follow the upgrade instructions for Exchange 2007. If you have Exchange 2003 installed in Active Directory site B, follow the upgrade instructions for Exchange 2003. For more information about upgrading your Exchange 2003 and Exchange 2007 versions, see Upgrade to Exchange 2010.

If you have Active Directory sites with both Exchange 2003 and Exchange 2007 installed, follow the upgrade instructions from both Exchange 2003 and Exchange 2007, and perform the upgrade steps required by both. For more information about upgrading to Exchange 2010 in this scenario, see the following topics:

Administration Differences

The Exchange Management Console (EMC) is available in both Exchange Server 2010 and Exchange Server 2007. The following lists the tasks and actions that can be performed using the EMC in either Exchange 2010 or Exchange 2007:

  • Actions that create objects, such as new mailboxes or a new offline address book (OAB), can only be performed on a version of the EMC that's the same as the target object. For example, creating a mailbox on an Exchange 2007 Mailbox server must be performed with the EMC in Exchange 2007. The following applies:

    • Exchange 2007 Mailbox databases can't be managed from the EMC in Exchange 2010, although these databases can be viewed.
    • The EMC in Exchange 2010 can't enable or disable Exchange 2007 Unified Messaging mailboxes.
    • The EMC in Exchange 2010 can't manage Exchange 2007 mobile devices.
  • Actions that require viewing of objects can be performed from any version of the EMC to any version of Exchange objects, with a few exceptions:

    • Exchange 2010 and Exchange 2007 transport rule objects can only be viewed from their corresponding version of the EMC.

    • Exchange 2010 and Exchange 2007 servers can only be viewed from their corresponding version of the EMC.

    • The Queue Viewer tool in the EMC in Exchange 2010 can't connect to an Exchange 2007 server to view queues or messages.

      Note

      If an Exchange 2007 object (such as a storage group) is no longer present in Exchange 2010, there's no interoperability expected or provided because Exchange 2010 isn't aware of the feature.

  • You can't use message tracking configuration tasks between Exchange 2010 and Exchange 2007. You must use Exchange 2007 messaging tracking tools within your Exchange 2007 servers, and Exchange 2010 messaging tracking tools within your Exchange 2010 servers.

Client Access Server Coexistence

The Client Access server role can coexist with Exchange 2007 Client Access servers. Before you upgrade the first Active Directory site, you must install Exchange 2007 Service Pack 2 (SP2) on all Exchange 2007 Client Access servers within your organization.

After the first Exchange 2010 Client Access server or Client Access server array has been installed in your organization, the Autodiscover service on the Exchange 2007 Client Access servers will redirect users with mailboxes on an Exchange 2010 Mailbox server to the appropriate Exchange 2010 Client Access endpoint.

Installation of Exchange 2010 within your organization requires the creation of a second Domain Name System (DNS) host name. When you install the first Exchange 2010 Client Access server in your organization, you also need to create a host name. If your current host name is https://contoso.com, we recommend creating http://legacy.contoso.com. You install the first Exchange 2010 Client Access server or Client Access server array, copy the appropriate Microsoft Outlook Web Access, Microsoft Exchange ActiveSync, POP3, IMAP4, Exchange Web Services, and Autodiscover service settings, and then configure http://legacy.contoso.com to point to the Exchange 2007 Client Access servers and https://contoso.com to point to the Exchange 2010 Client Access server or Client Access server array. You need the appropriate Secure Sockets Layer (SSL) certificate for both host names. We recommend a Subject Alternative Name that can support multiple host names. For more information, see Upgrade from Exchange 2007 Client Access.

Exchange ActiveSync Coexistence

For coexistence with Exchange ActiveSync, you configure a legacy DNS host name. Users with mailboxes on Exchange 2007 Mailbox servers will be proxied from Exchange 2010 to Exchange 2007.

Note

When moving a user's mailbox from Exchange 2007 to Exchange 2010, some users are prompted to perform a full synchronization of their mailbox. This is a requirement for many mobile phones and only occurs during the first synchronization of the user phone after the mailbox is moved.

When a user’s mailbox is on Exchange 2007, the user will experience the Exchange 2007 version of Exchange ActiveSync during coexistence. That user will have the Exchange 2010 functionality of Exchange ActiveSync when the mailbox is moved to Exchange 2010. For more information about coexisting with Exchange ActiveSync, see Upgrade from Exchange 2007 Client Access.

Outlook Web App Coexistence

If a user with a mailbox on an Exchange 2007 Mailbox server connects to an Exchange 2010 Client Access server in the same Active Directory site, the user will be redirected to an Exchange 2007 Client Access server within that site. If a user with a mailbox on an Exchange 2007 Mailbox server connects to an Exchange 2010 Client Access server in a different Active Directory site and there's no Internet-accessible Client Access server in the destination Active Directory site, the user will be proxied to an Exchange 2007 Client Access server within the destination Active Directory site. As with Exchange 2007, if a user accesses an Exchange 2010 Client Access server in an Active Directory site different from the one where the mailbox resides and there's an Internet-accessible Client Access server in the Active Directory site that contains the user's mailbox, the user will be redirected to the Client Access server in the destination Active Directory site. When a user's mailbox is on Exchange 2007, the user will experience the Exchange 2007 versions of Microsoft Office Outlook Web App during coexistence. That user will have the Exchange 2010 functionality of Outlook Web App when the mailbox is moved to Exchange 2010.

When upgrading Outlook Web App, there are different authentication scenarios that need to be examined:

  • Forms-based authentication terminating at an Exchange 2007 Client Access server   In this scenario, the Exchange 2010 Client Access server will redirect the user to the legacy Client Access server, and a second sign-on won't be required.
  • **Third-party authentication solution in front of the Exchange 2007 Client Access server   **This scenario requires a Microsoft Internet Security and Acceleration (ISA) Server or other authentication solution in front of the Exchange servers. In this situation, users will only be required to authenticate at the authentication solution, which will pass the credentials to any required Exchange 2010 or Exchange 2007 servers.
  • **Non-forms based authentication terminating at an Exchange 2007 Client Access server   **Outlook Web App will redirect the user to a legacy Exchange 2007 Client Access server. Whether the user needs to reauthenticate depends on the authentication mechanism used. For example, if Integrated Windows authentication is used, the user will experience a single sign-on. If Basic authentication is used, the user will need to authenticate twice.

The upgrade and coexistence steps you must take for Outlook Web App depend on which authentication scenario you have chosen. For more information about coexisting with Outlook Web App, see Upgrade from Exchange 2007 Client Access.

Hub Transport Server Coexistence

The Hub Transport server role is designed to handle all mail flow for the Exchange organization. It's also responsible for handling transport rules, journaling policies, and message delivery. This server is deployed in the Active Directory forest and is required for Exchange 2010 mailboxes to send and receive messages. Messages sent to the Internet are relayed by the Hub Transport server to the Edge Transport server or a third-party smart host.

You can add an Exchange 2010 Hub Transport server to an existing Exchange organization after you successfully deploy Exchange 2010 Client Access servers. After you introduce Exchange 2010 Hub Transport servers to your Exchange 2007 environment, you still need to maintain your Exchange 2007 Hub Transport servers. Exchange 2010 Mailbox servers can only communicate with Exchange 2010 Hub Transport servers, and Exchange 2007 Mailbox servers can only communicate with Exchange 2007 Hub Transport servers. When a message is sent from a mailbox on an Exchange 2010 Mailbox server to a mailbox on an Exchange 2007 Mailbox server, the message is first submitted to the closest Exchange 2010 Hub Transport server in the site. This server then relays the message to an Exchange 2007 Hub Transport server in the same site, which finally delivers the message to the Exchange 2007 Mailbox server.

To learn more about introducing Exchange 2010 Hub Transport servers to your Exchange 2007 organization, see Upgrade from Exchange 2007 Transport.

Mailbox Server Coexistence

The Exchange 2010 Mailbox server role can coexist with Exchange 2007 Mailbox servers. If you move a mailbox from Exchange 2007 to Exchange 2010, and the mailbox is part of an e-mail address policy, the e-mail addresses for that mailbox are automatically updated based on the configuration of the e-mail address policy. If the mailbox had a primary SMTP address that differs from the e-mail address enforced by the e-mail address policy, that SMTP address becomes a secondary SMTP address, and the e-mail address generated by the e-mail address policy becomes the primary SMTP address. For information about how to move mailboxes, see Managing Move Requests.

You can replicate public folder data between Exchange 2010 and Exchange 2007 public folder databases. For more information about Exchange 2010 and Exchange 2007 public folder coexistence, see Understanding Public Folders.

Edge Transport Server Coexistence

The Edge Transport server role is designed to provide improved antivirus and anti-spam protection for the Exchange organization. The Edge Transport server also applies policies to messages in transport between organizations. This server role is deployed in the perimeter network and outside the Active Directory forest. The Edge Transport server can be deployed as a smart host and SMTP-relay server for an existing Exchange 2007 organization.

You can add an Edge Transport server to an existing Exchange organization without upgrading the internal Exchange servers or making any organizational changes. You don't have to perform any Active Directory preparation steps when you install the Edge Transport server. The Edge Transport server provides antivirus and anti-spam protection as messages enter the network.

When an Exchange 2010 Edge Transport server is deployed to support an Exchange organization that hasn't yet deployed Exchange 2010, a limited set of features is available. You can't create an Edge Subscription in this scenario. Therefore, you can't use the Recipient Lookup or safelist aggregation features. For more information about Edge Transport servers and coexistence, see Upgrade from Exchange 2007 Transport.

Unified Messaging Server Coexistence

When you install the first Exchange 2010 Unified Messaging server and add it to an existing Exchange 2007 organization, you must first add the Exchange 2010 Unified Messaging server to an existing UM dial plan that contains Exchange 2007 Unified Messaging servers. Then, configure each IP gateway or IP Private Branch eXchange (PBX) to send all incoming calls to the Exchange 2010 Unified Messaging servers within the UM dial plan and not to the Exchange 2007 Unified Messaging servers. When an incoming call is received by an Exchange 2010 Unified Messaging server and the Unified Messaging-enabled user's mailbox is located on an Exchange 2010 Mailbox server, the Exchange 2010 Unified Messaging server will process the incoming call. If the user's mailbox is located on an Exchange 2007 Mailbox server, the incoming call will be redirected to an Exchange 2007 Unified Messaging server within the same UM dial plan, and the incoming call will be processed.

After all Unified Messaging-enabled user mailboxes have been migrated to an Exchange 2010 Mailbox server, the Exchange 2007 Unified Messaging servers can be removed from the UM dial plan. For more information, see Upgrade from Exchange 2007 Unified Messaging.

Supported Topologies

Exchange 2010 supports the following topologies:

  • Single forest with multiple Active Directory sites
  • Multiple forests (resource forest model) with multiple Active Directory sites
  • Single Active Directory site

For more information, see the following topics:

Exchange 2010 doesn't support the following topologies:

  • Coexistence with Exchange 2000 Server or earlier
  • Coexistence with Exchange 2003 versions prior to SP2
  • Installing an older version of Exchange into a newly created Exchange 2010 organization