Inter-Organizational Migration to Exchange Server 2003


Topic Last Modified: 2006-08-16

When you run the Microsoft® Exchange Installation Wizard, if you choose to create a new Microsoft Exchange Server 2003 organization instead of joining your existing Exchange 5.5 organization, you must use the Exchange Server Migration Wizard to move your mailboxes from Exchange 5.5 to Exchange 2003. This topic provides instructions for migrating your Exchange directory and mailbox data to Exchange 2003.

Specifically, this topic will:

  • Provide you with the information necessary to migrate your mailbox content and Exchange 5.5 directory information between two Exchange organizations using Migration Wizard.

  • Show you how to configure Active Directory Connector to work with separate Exchange organizations.

  • Show you how to run Migration Wizard in clone mode to preserve your users' offline folder store (.ost) Files during migration.

  • Point you to the Inter-Organization Replication Tool, which helps you to move your public folder and free and busy information between separate Exchange organizations.

After ensuring that your organization meets the necessary prerequisites, the procedures referenced in this topic guide you through the deployment process.

Table 1 lists the required permissions or roles for the procedures referenced in this topic.

Table 1   Procedures referenced in this topic and corresponding permissions

Procedure Required permissions or roles

Install Active Directory Connector (ADC)

  • Enterprise Administrator

  • Schema Administrator

  • Domain Administrator

  • Local Machine Administrator

Run Exchange 2003 Migration Wizard

  • Exchange Full Administrator role applied at the organization level

  • Exchange Full Administrator role applied at the source domain

  • Exchange Full Administrator and Domain Administrator roles applied at the target domain

  • Local Machine Administrator

Migration is the process of moving your existing Exchange 5.5 messaging system to Exchange 2003. Migration involves using the Migration Wizard to export a copy of your existing mailboxes, messages, and other data, and then import that information into Exchange 2003.

Migration Wizard is a tool that is used to migrate mailbox data and simple directory service information. You can use Migration Wizard to migrate the Exchange 5.5 data shown in Table 2. Data that cannot be migrated is shown in Table 3.

Table 2   Data that can be migrated from Exchange 5.5

Item Notes

Directory information

Migration Wizard migrates a subset of the attributes from the Exchange 5.5 directory to the Microsoft Active Directory® directory service user object that was created for the migrated mailbox.

Mailbox content

Migration Wizard migrates the messages and information in the Calendar, Contacts, Deleted Items, Drafts, Inbox, Journal, Notes, Sent Items, and Tasks folders. The folder structure of the Exchange 5.5 mailbox is mirrored in the Exchange 2003 mailbox.

Table 3   Data that cannot be migrated from Exchange 5.5

Item Notes

Inbox rules

Inbox rules must be re-created after migration.

Public folders

Migration Wizard does not migrate either public folder content or the public folder hierarchy. This includes messages and other items, such as forms, stored in public folders.

Public folder permissions

Migration Wizard does not maintain public folder properties or permissions for migrated mailboxes. After migration, migrated mailboxes must have their public folder permissions updated in the destination site by the administrator.

Out-of-office messages

If a user selects the I am currently Out of the Office option (using the Out of Office Assistant) and migration occurs while this option is selected, the option will be reset. After migration, the I am currently Out of the Office option must be reset.

Offline folder files

Migration Wizard does not update the offline folder files for each migrated mailbox. Because the offline folder files might be outdated, mailbox users who have offline folders must delete them after migration.

Offline address books

Migration Wizard does not maintain offline address books during migration. Default settings are added to any customized settings. After migration, you must regenerate offline address books and users must download them after regeneration.


Migration Wizard does not update the profile of each migrated mailbox. Mailbox users must create new profiles.

Personal Address Book

Migration Wizard does not update entries in the Personal Address Book stored on a client computer. When you migrate an Exchange 5.5 mailbox, Personal Address Book entries for the mailbox user no longer contain valid addresses.

Signature validation

Migration Wizard does not maintain signature validation. Users with advanced security might not be able to validate the signatures on messages that were sent before migration.

Encrypted messages

Existing encryption keys will not be available after migration. To avoid the risk of losing access to messages if their keys are lost, users should decrypt encrypted messages before migration.

Migration Wizard migrates a subset of attributes from the Exchange 5.5 directory to the Active Directory user object for the migrated mailbox. Table 4 lists these attributes.

Table 4   Attributes that are migrated from Exchange 5.5 to the Active Directory user object

Exchange 5.5 attributes Attribute names in Active Directory


displayName (also used as cn value)









Extension-Attribute-1-15 (also known as CustomAttribute 1 – 15)

ExtensionAttribute1 - 15









































To check the common names (CNs) of Exchange 5.5 attributes, use the Exchange 5.5 Administrator tool in raw mode. For detailed steps, see How to Check Attribute Common Names in Exchange Server 5.5.

When Migration Wizard is migrating Exchange mailboxes, it copies directory and mailbox information from the source Exchange 5.5 server and directory service to the target Exchange 2003 server and Active Directory forest. The steps Migration Wizard performs to accomplish these tasks are based on searches for user objects and contacts in Active Directory.

Migration Wizard searches the target Active Directory for user objects that match the mailboxes selected for migration. For each security identifier (SID) not found in Active Directory, Migration Wizard creates a disabled user object that corresponds to the account that you are migrating. Most matches are based on Microsoft Windows® SIDs. In addition, Exchange 5.5 uses the SID to associate mailboxes with Windows user accounts.

If Migration Wizard finds a user object in Active Directory that matches the mailbox to be migrated, Migration Wizard:

  • Connects to the source directory.

  • Copies attributes from the source user object.

  • Merges directory information from the source user object with the user object in the target Active Directory forest.

  • Creates a mailbox on the target Exchange 2003 server.

  • Connects to the source Exchange 5.5 server.

  • Copies mailbox content from the source mailbox to the new mailbox on the target Exchange 2003 server.

If you migrate mailboxes to a new Active Directory forest but you keep the user objects in the current domain or forest, Migration Wizard will not find the appropriate SIDs in the target Active Directory. In this case, Migration Wizard:

  • Creates a mailbox on the target Exchange 2003 server.

  • Connects to the source Exchange 2003 server.

  • Copies mailbox content from the existing mailbox to the new mailbox on the target Exchange 2003 server.

  • Gives the source user object rights to access the target Exchange 2003 mailbox.

A trust relationship must exist between the source and target domains to allow the source user object to access its new Exchange 2003 mailbox. For more information about creating a trust relationship between separate domains, see Windows 2000 or Microsoft Windows Server™ 2003 Help.
The Windows Account Creation and Association page in Migration Wizard lists the mail accounts that you selected for migration. If an existing user object is located in Active Directory, the existing user object's distinguished name is shown in the Existing Windows Account column. If a disabled user object is created for the mailbox account, the disabled user object's distinguished name is shown in the New Windows Account column.

After Migration Wizard searches for user objects, it searches Active Directory for contacts that match the mailboxes that are selected for migration. When a match is found, Migration Wizard:

  • Reads directory information from the contact.

  • Merges the information from the contact's attributes with the attributes for the new user object.

  • Deletes the contact object.

The directory information from the contact object is merged with the user object's attributes based on the following rules:

  • The target Active Directory is the most recent directory service.

  • An attribute will not be overwritten if the target value already exists.

  • Source multi-valued attributes are preserved.

  • An attribute will not migrate if it is not part of the target schema.

If Migration Wizard does not find any contacts, it considers the search process to be complete (no new objects are created).

Before you migrate mailboxes from Exchange 5.5 to Exchange 2003, you must perform initial migration tasks. In addition, the mailbox owners must complete specific initial migration tasks. To prepare to migrate from Exchange 5.5, you need to:

  • Reduce the amount of Exchange 5.5 data to be migrated as much as possible.

  • Use Active Directory Connector to establish coexistence (if necessary) between Exchange 5.5 and Exchange 2003 while you are migrating Exchange 5.5 data. If you require full replication between the Exchange 5.5 directory and Active Directory, establish an inter-organizational connection agreement.

  • Identify resource mailboxes.

  • Ensure that the owners of the Exchange 5.5 mailboxes that will be migrated perform the initial user tasks.

When you upgrade an Exchange 5.5 server with an Internet Mail Connector that is configured to forward mail through a smart host, you should be aware if the smart host resides in an Exchange 2000 administrative group that consists of multiple routing groups. In such a scenario, Active Directory Connector will designate the first routing group that it finds as the connected routing group for the upgraded SMTP connector (displayed on the connector's Connected Routing Groups tab). Even if the smart host is identified correctly by the SMTP connector, unless the correct routing group is chosen, all messages routed through the SMTP connector will result in non-delivery reports (NDRs) for those messages. To prevent NDRs, after migration, configure the SMTP connector manually with the correct connected routing group.

Before you run Migration Wizard, it is recommended that you reduce the amount of Exchange 5.5 directory information and mail data as much as possible to ease the migration process. You can reduce the amount of data both before migration begins and during the migration process. Two ways to reduce data before you begin the migration are:

  • Delete outdated files from your Exchange mail system.

  • Instruct users to delete old mail and calendar data.

During the migration process, you can use Migration Wizard to reduce the amount of data that you migrate. On the Account Migration page, ensure that only the user accounts that you want to migrate are selected. On the Migration Information page, use the following options to specify what data should or should not be migrated:

  • To migrate messages that are dated within a specific time period, select Migrate Mail messages within a date range. Then specify a date range by typing a starting date in the Date Range box and an ending date in the To box.

  • To avoid migrating mail messages with specific subjects, such as a list of words or letters, select Do not migrate mail messages with specific subjects. In Subject List File, click Browse to locate the file that contains the subjects that you want to filter.

    The files in Subject List File must be saved in Unicode file format.

To install the Exchange 2003 version of Active Directory Connector (ADC), you must have at least one server in each Exchange site running Exchange 5.5 SP3. The account that you use to install ADC must be a member of the Enterprise Administrator, Schema Administrator, and Domain Administrator groups. The account must also be a Local Machine Administrator on the local machine. To install Active Directory Connector, see "Installing Active Directory Connector" earlier in this topic.

You can migrate Exchange 5.5 mailboxes without using Active Directory Connector and connection agreements. Active Directory Connector is required only when:

  • Your organization requires coexistence during the migration period.

  • You want mailbox directory replication between the Exchange 5.5 directory and Active Directory.

Coexistence during migration is the recommended solution when you want to ensure that users in Exchange 5.5 and Exchange 2003 organizations can exchange mail during the migration process. When you connect Exchange 5.5 and Exchange 2003, the two systems coexist. Message transfer and directory synchronization must occur during the coexistence period. You can use an SMTP connector for message transfer. For directory synchronization, you can use Active Directory Connector. For more information about how to create an SMTP connector, see Exchange 2000 Help.

If you use Active Directory Connector while you are migrating your Exchange 5.5 mailboxes, adhere to the following guidelines:

  • Use inter-organizational connection agreements.

  • Establish replication between Exchange 5.5 and Exchange 2003 by configuring two one-way inter-organizational connection agreements between the Exchange 5.5 server and Active Directory.

  • Configure the inter-organizational connection agreements to create contacts in Active Directory. To do this, on the Advanced tab of the connection agreement Properties dialog box, select Create a Windows contact. Contacts are created only when Active Directory Connector is replicating a mailbox whose primary Microsoft Windows NT® account does not exist in Active Directory.

  • Configure the inter-organizational connection agreement whose target container is in Active Directory to include X500 addresses with replicated objects. By default, Active Directory Connector does not include X500 addresses with user objects. Use either the Active Directory Administration Tool (Ldp.exe) or the ADSI Edit snap-in to assign the values SMTP,X500 to the msExchInterOrgAddressType attribute on the connection agreement object in Active Directory.

    Ldp.exe and ADSI Edit are available on the Windows 2000 Server compact disc in the \Support\Tools folder. For more information about how to use Ldp.exe and ADSI Edit, see Windows 2000 Help.
  • Suspend replication before you run Migration Wizard.

  • Restore replication after Migration Wizard finishes and the migrated mailboxes have been removed from Exchange 5.5.

Although inter-organizational connection agreements can only be configured to replicate in one direction, you can achieve coexistence by configuring two one-way inter-organizational connection agreements between the Exchange 5.5 server and Active Directory. Setting up two one-way ADC inter-organizational connection agreements that point in opposite directions enables the inter-organizational ADC to replicate the Exchange 5.5 directory information to Active Directory and to stamp replicated objects with the X500 address of the Exchange 5.5 mailbox. If you use the inter-organizational Active Directory Connector for directory synchronization during coexistence, do so only during the migration process.

When you establish two one-way inter-organizational connection agreements, ensure that the target container of one connection agreement is not the source container of the second connection agreement.

The Exchange 5.5 migration process uses X500 addresses in two different ways:

  • To ensure reply functionality for e-mail messages that are sent to a mailbox owner after migration.

  • As a search criterion when looking for Active Directory user objects that have already been created for mailboxes selected for migration.

Ensure that the connection agreement includes X500 addresses with replicated objects.

A primary mailbox is the mailbox where a user receives mail. A nonprimary (or resource) mailbox is a mailbox created for resources such as conference rooms or group mailboxes. Resource mailboxes are owned by users who also own a primary mailbox. In Exchange 2003, a mailbox is an attribute of an object in Active Directory, not an object itself. Therefore, each user object in Active Directory can only be matched to one mailbox, which is the user's primary mailbox.

Resource mailboxes become separate objects in Active Directory during the migration process. For this reason, resource mailboxes must be identified before running Migration Wizard so that Migration Wizard handles them differently than primary mailboxes. Migration Wizard identifies resource mailboxes that are to be migrated by searching for the value NTDSNoMatch in the custom attributes for each resource mailbox. For this reason, if a user has a primary mailbox and one or more resource mailboxes, all mailboxes but the primary mailbox must be stamped with the value NTDSNoMatch.

Migration Wizard will only migrate multiple mailboxes that are associated with the same user if all but one of the mailboxes are stamped with the value NTDSNoMatch.

In addition to the initial migration tasks that you must perform, mailbox users must perform the following tasks before you run Migration Wizard:

  • Remote access users must synchronize their offline folder store (.ost) files with the Exchange 5.5 server so that any messages in their Outbox will be sent.

  • Exchange client and Schedule+ users must synchronize their schedule (.scd) file with the Exchange 5.5 server.

  • Users must decrypt encrypted messages.

After you ensure that your organization meets the requirements listed in this topic, you can run the Exchange Server Migration Wizard to migrate mailbox data from Exchange 5.5 to your newly created Exchange 2003 organization. For detailed steps, see How to Run the Exchange Server Migration Wizard.

One of the new features in Microsoft Office Outlook® 2003 is Cached Exchange Mode. In Cached Exchange Mode, Outlook 2003 uses an offline folder store (.ost) file, which is usually stored on the end-user's workstation. If you run Exchange Server Migration Wizard in the default mode, your users will lose their .ost files. As a result, users will have to synchronize their .ost files again. Depending on your network speed, hardware configuration, number of users, and other factors, re-synchronizing .ost files can be time consuming and performance intensive.

However, you can preserve the user's .ost file by running Migration Wizard in clone mode. There are, however, some requirements and restrictions:

  • For Migration Wizard to run in clone mode, a user target mailbox must not exist.

  • If a user target mailbox does exist and the user has logged on to the mailbox, Migration Wizard switches to default mode.

  • In clone mode, Migration Wizard does not support filtering by date and subject.

To run Migration Wizard in clone mode, click Start, and then click Run. Type cmd, and then press ENTER. Type D:\Program Files\Exchsrvr\bin\mailmig.exe /m (where D:\Program Files is the drive on which Exchange 2003 is installed). For more information about how to run Migration Wizard, see "Running Exchange Server Migration Wizard" earlier in this topic.
After you run the Migration Wizard in clone mode, you can run it in default mode to merge any new messages that have arrived since you created the clone. However, the Migration Wizard will not merge any modifications that you make to the cloned mailbox. Modifications that the wizard will not merge include deleting messages, deleting folders, or renaming folders. You may experience problems with the new mailbox if you make changes to the cloned mailbox and then run the Migration Wizard in default mode. It is recommended that before you start the Migration Wizard in clone mode, you set the mailbox permissions so that users cannot make modifications to the mailbox. From this point on, the user will only have permissions on the new mailbox.

For more information about Cached Exchange Mode in Outlook 2003, see Configuring Exchange 2003 for Client Access.

After you run Migration Wizard, you must perform some final migration tasks to complete your mailbox and directory move. To complete the Exchange 5.5 migration process:

  • Remove migrated mailboxes from Exchange 5.5.

  • Re-establish coexistence for migrated mailboxes (optional).

  • Make sure that the owners of the migrated Exchange 5.5 mailboxes perform the final user tasks.

After you migrate mailboxes from Exchange Server 5.5 to Exchange Server 2003, remove the migrated mailboxes from Exchange 5.5. For detailed steps, see How to Remove Migrated Mailboxes from Exchange Server 5.5.

Before you remove migrated mailboxes from Exchange 5.5, verify that the migration was successful and that directory information and mailbox content for the migrated mailboxes are available on Exchange 2003.

If you want to re-establish coexistence between Exchange 2003 and Exchange 5.5, create a custom recipient on Exchange 5.5 for each mailbox that you migrated and deleted. Custom recipients appear in the address book and can receive messages from users still on Exchange 5.5. You can create custom recipients either manually or automatically.

  • If you installed Active Directory Connector and suspended replication before running Migration Wizard, now is the time to resume replication. Active Directory Connector creates custom recipients for the migrated mailboxes automatically.

  • You can create custom recipients on Exchange 5.5 manually. For information about creating custom recipients, see the Microsoft Exchange Server 5.5 documentation.

In addition to the post-migration tasks that you must perform, a mailbox user must perform the following tasks after Migration Wizard has run:

  • Delete schedule (.scd) files before they re-create their profile.

  • Re-create their profile and specify their new mailbox name. They must not copy or edit the original profile.

  • Encrypt the messages that they decrypted prior to the migration process.

    The keys required for encryption are not available after migration. After the migration process, you must issue new keys to users so that they can encrypt their messages.
  • Re-create rules based on mailbox name, private folders, or public folders.

  • Download offline address books after you regenerate them.

  • Update entries in their personal address books that contain users not migrated to the same Exchange 2003 organization. Users do not need to update personal address book entries for users whose mailboxes were migrated to the same Exchange 2003 organization.

  • Re-establish additional folder permissions.

  • For remote access users, delete their .ost files before they re-create their profiles.

The Inter-Organization Replication Tool supports the migration of your public folders and free and busy information across Exchange organizations. After you have used the Exchange Server Migration Wizard to move your mailbox contents and directory information to your new organization, you can use the Inter-Organization Replication Tool to migrate your public folder and free and busy information. For more information about the Inter-Organization Replication Tool, see the Downloads for Exchange2003 Web site.