Microsoft Exchange Server 2010: Coexistence with Exchange Server 2007

You can install Exchange Server 2010 into an existing Exchange Server 2007 environment and have the two coexist for as long as you need.

Excerpted from “Exchange 2010 - A Practical Approach,” published by Red Gate Books (2009).

Jaap Wesselius

There are several considerations you’ll face when upgrading your Exchange infrastructure. First, you’ll have to meet a number of prerequisites before installing your first Exchange Server 2010 server into an existing Exchange Server 2007 environment, including:

• You must run all domains in an existing Active Directory forest in native mode.
• You must run the Active Directory forest on at least Windows Server 2003.
• Each site in Active Directory should have at least one domain controller, and the Global Catalog Server on at least a Windows Server 2003 SP2 level. Although not enforced, it’s recommended to have 64-bit type DCs and Global Catalog Servers for optimal performance.
• The Active Directory Schema Master needs to be a Windows Server 2003 SP2 or a Windows Server 2008 SP1 server. This can either be a 64- or 32-bit server.
• All Exchange Server 2007 servers must have Service Pack 2 installed.
• The Internet-facing Active Directory sites must be the first you upgrade to Exchange Server 2010.

Likewise, the physical server where you plan on installing Exchange Server must meet the following prerequisites:

• The server needs a 64-bit processor (64-bit Itanium is not supported).
• You must have Windows Server 2008 SP2 or Windows Server 2008 R2 64-bit installed.
• You must have IIS installed.
• You must have Windows Remote Management (WinRM) 2.0 installed.
• You must have Windows PowerShell 2.0 installed.
• You must have the Microsoft .NET Framework 3.51 installed.

Depending on the version of Windows Server 2008 you’re using (Windows Server 2008 SP2 or Windows Server 2008 R2), you’ll also need to install a number of hotfixes. You should definitely bring your server up-to-date with the latest hotfixes from Windows Update.

Order of Installation

You can install Exchange Server 2010 in an existing Exchange Server 2007 environment in the same forest and same domain, but there are compatibility issues. You have to take into account the installation order of the Exchange Server 2010 servers to minimize the impact of this:

1. First, install the Exchange Server 2010 Client Access Server. The Client Access Server can work with an Exchange Server 2007 Mailbox Server as well as an Exchange Server 2010 Mailbox Server.
2. Second, install the Exchange Server 2010 Hub Transport Server.
3. Third, install the Exchange Server 2010 Mailbox Server.
4. You can install the Edge Transport Server at any time, because you can have an Exchange Server 2010 Edge Transport Server subscribed to an Exchange Server 2007 SP2 Hub Transport Server.

After you’ve installed the Mailbox Server role and established proper Public Folder replication between Exchange Server 2007 and Exchange Server 2010, you can start moving mailboxes to the new Mailbox Server. You only need to configure Public Folder replication when you’re using Public Folders in Exchange Server 2007. Bear in mind that an in-place upgrade to Exchange Server 2010 in any scenario isn’t supported.

Installing Exchange Server 2010

Although there’s a specific order to installing server roles, you can combine these roles on one server. When upgrading to Exchange Server 2010, you’ll need to perform the following steps:

1. Upgrade the Active Directory schema
2. Upgrade the Active Directory configuration
3. Upgrade the Active Directory domain
4. Install the Exchange Server 2010 server roles

Let’s get started with the upgrade.

Upgrading Active Directory

Before you even think about installing server roles, the first step to upgrading an Exchange Server 2007 environment to Exchange Server 2010 is upgrading the Active Directory schema. You can use the graphical setup program you’ll find on the installation media as setup.exe. When you use this program, all the following steps are performed automatically.

The command-prompt system is mainly for people who want to retain more fine-grained control over their transitions. Enter the following into a command prompt:

Setup.com /PrepareSchema

Once you’ve upgraded the schema, the configuration (which is stored in the Active Directory Configuration Container) can follow. All Exchange Server 2007 servers are stored in the default Exchange administrative group FYDIBOHF23SPDLT. If you’ve previously upgraded to Exchange 2007 from Exchange Server 2003, then it’s likely you’ll see a first administrative group as well. If the upgrade was completed correctly, this group should be empty, or nearly empty.

Exchange Server 2010 uses the same Exchange administrative group (FYDIBOHF23SPDLT), but there are differences in how Exchange Server 2010 works. In Exchange Server 2007, a database is bound to a mailbox server. In Exchange Server 2010, databases exist on the organization level, independent of any mailbox server. So when you upgrade the Exchange configuration, you must change the administrative group to facilitate both the Exchange Server 2007 and Exchange Server 2010 environment.

When you want to change the Exchange configuration, open a command prompt, navigate to the Exchange Server 2010 installation media and enter the following command:

Setup.com /PrepareAD

After upgrading the Exchange configuration, some Exchange Server 2010-specific entries will appear in the Exchange administrative group, like the database availability group and the databases container. The next step is to prepare the domain (or domains, if you have multiple domains) for use with Exchange Server 2010. To do this, open a command prompt, navigate to the installation media and enter the following command:

Setup.com /PrepareDomain

To prepare all domains in your environment, enter the following command:

Setup.com /PrepareAllDomains

When the setup /PrepareDomain command is finished, Active Directory is now ready to install the first Exchange Server 2010 server.

Install the First Exchange Server 2010 Server

The only supported order of installation of Exchange Server 2010 server roles into an existing Exchange Server 2007 environment is as follows:

• Client Access Servers
• Hub Transport Servers
• Mailbox Servers

Also, the Internet-facing Active Directory site—the site associated with your external Autodiscover record—should be the first you transition. Then you should transition other Internet-facing Active Directory sites. The last sites you should transition are the internal Active Directory sites. Transitioning internal Active Directory sites before the Internet-facing Active Directory sites isn’t supported.

In our test environment, we’re installing a combined Exchange Server 2010 Client Access Server role and Hub Transport Server role, and one dedicated Exchange Server 2010 Mailbox Server role. The procedure for installing Exchange Server 2010 in an existing Exchange Server 2007 environment isn’t very different from installing a server into an existing Exchange Server 2003 environment.

First, ensure that Windows Server 2008 and all prerequisite software is installed on the target server. To install IIS 7 (or 7.5, in the case of Windows Server 2008 R2) and other prerequisites, open a command prompt, navigate to the \Scripts directory in the installation media and enter the following command:

ServerManagerCmd.exe –ip Exchange-CAS.XML

This will install IIS, as well as other prerequisites, with the right configuration for the Client Access Server and the Hub Transport Server.

To install the actual Exchange Server roles, you can use either the command-line setup or the graphic setup. We’ll use the graphic setup program. To open this, start the setup.exe program in the installation media.

During setup, choose the Exchange language option. You can download additional language packs from the Microsoft Web site, or use the language as available on the DVD. Select “Install all languages from the language bundle” to download additional language information.

Follow the setup wizard. At the Installation Type window, select “Custom Exchange Server Installation” to select the server roles you need to install. Select the Client Access Server Role and the Hub Transport Server Role.

You won’t be asked to select a Hub Transport Server in the Exchange Server 2007 environment. This is because both versions use Active Directory sites for routing messages, so this should work right away.

Once everything is set and you’ve run successful Readiness Checks, you can start actually installing Exchange Server 2010 Client Access Server and Hub Transport Server roles. When setup is finished, close the setup application and reboot the server (if the setup asks you to do so). Install the Exchange Server 2010 Mailbox Server role into the existing Exchange Server 2007 environment.

Install Certificates

After installing the Exchange Server 2010 Client Access Server, you still have to configure coexistence. Users will eventually connect to the new Client Access Server. If a user’s mailbox is on the new Exchange Server 2010 Mailbox Server, the request will be processed as usual.

When the user’s mailbox still exists on the Exchange Server 2007 Mailbox Server, however, the request is either forwarded to the Exchange Server 2007 Client Access Server or processed by the Exchange Server 2010 Client Access Server. The information is retrieved from the Exchange Server 2007 Mailbox Server. This all depends on the protocol you’re using, but it’s important for determining the certificates used on the Client Access Server.

Outlook Web Access clients naturally connect to the Exchange Server 2010 Client Access Server. After validating user credentials, the Client Access Server checks the Mailbox Server. If this is still running on Exchange Server 2007, the request is redirected to the Exchange Server 2007 Client Access Server.

After installing the Exchange Server 2010 Client Access Server, Exchange will need to request a new third-party certificate. It can create a self-signed certificate by default during Client Access Server setup, but you can’t use this in a production environment. The ideal Client Access Server certificate is one with multiple domain names. These are also known as unified communications (UC) certificates. Additional domain names are stored in the “Subject Alternative Names” property of the certificate. For more information regarding these certificates and a list of supported UC certificate vendors, you can visit the Microsoft Web site.

This UC certificate should contain at least the following domain names:

• Webmail.inframan.nl—the primary entry point for all Outlook Web Access, Exchange Active Sync (EAS) and Exchange Web Services (EWS) requests
• Autodiscover.inframan.nl
• Legacy.inframan.nl—the namespace for the Exchange Server 2007 Client Access Server

If you choose to not enter the external domain during setup (in the case of an Internet-facing Client Access Server), you’ll need to configure a number of external URLs as explained in the next section.

Configure Exchange Web Services

Exchange Server 2010 uses the Client Access Server to offer the Offline Address Book and Free/Busy information using the HTTP protocol. Outlook 2007 and Outlook 2010 can use these. To configure the Exchange services, open an Exchange Management Shell and enter the following commands:

Set-OWAVirtualDirectory –Identity 2010CASHUB\OWA* ` -ExternalURL https://webmail.inframan.nl/OWA Set-OABVirtualDirectory –Identity 2010CASHUB\OAB* ` -ExternalURL https://webmail.inframan.nl/OAB Set-WebServicesVirtualDirectory –Identity 2010CASHUB\EWS* ` -ExternalURL https://webmail.inframan.nl/ews/exchange.asmx Set-ActiveSyncVirtualDirectory ` –Identity 2010CASHUB\Microsoft-Server-ActiveSync ` –ExternalURL https://webmail.inframan.nl/Microsoft-Server-ActiveSync Set-ECPVirtualDirectory –Identity 2010CASHUB\ECP* ` -ExternalURL https://webmail.inframan.nl/ECP

In the coexistence scenario, the Offline Address Book generation server is still the Exchange Server 2007 Mailbox Server. You want to move this to the Exchange Server 2010 Mailbox Server, so follow these steps:

1. Log on to an Exchange Server 2010 server and open the Exchange Management Console.
2. Expand the Microsoft Exchange On-Premises (SERVERNAME).
3. Expand the Organization Configuration container and select the Mailbox option. Click the Offline Address Book tab.
4. Right click the “Default Offline Address Book” and select Move.
5. Use the Browse button to select the new Exchange Server 2010 Mailbox Server and click Move.

You can also move the generation server to Exchange Server 2010 using the Exchange Server 2010 Management Shell. On an Exchange Server 2010 server, open the Exchange Management Shell and enter the following command:

Move-OfflineAddressBook ‘Default Offline Address Book‘ –Server 2010MBX

If your Exchange Server 2007 environment has public folders, you’ll probably want these on your Exchange Server 2010 Mailbox Server as well. The public folder database is created automatically in this case. You have to manually configure replication, though, which is a bit of a hassle:

1. Log on to an Exchange Server 2007 Mailbox Server and open the Exchange Management Console.
2. In the Exchange Management Console, double-click the Toolbox. Double-click the Public Folder Management Console in the results pane.
3. Select the Offline Address Book. In the results pane, right-click “/o=<<organization>>/cn=addrlists/cn=oabs/cn=Default Offline Address Book.” Select the Replication tab. Use the Add button to add the Exchange Server 2010 Public Folder Database, and then click OK to close the properties window.

Repeat these steps for:

• EX:/o=<<organization>>/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)
• Offline Address Book Version 2
• Offline Address Book Version 3a
• Offline Address Book Version 4
• EX:/o=<<yourorg>>/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)
• Schedule+ Free Busy: EX:/o=<<yourorg>>/ou= Exchange Administrative Group (FYDIBOHF23SPDLT).

SMTP Infrastructure

You also need to transition the Exchange Server 2007 Edge Transport Server to Exchange Server 2010. Before doing so, ensure Active Directory is transitioned first:

1. Install Exchange Server 2007 SP2 on all Client Access Servers throughout the entire Exchange organization.
2. IInstall the Exchange Server 2010 Hub Transport Server (after you’ve installed the Exchange Server 2010 Client Access Server) and subscribe the existing Exchange Server 2007 Edge Transport Server to this new Hub Transport Server. This can coexist for some time if needed.
3. Install the Exchange Server 2010 Edge Transport Server in the network perimeter.
4. Remove the subscription from the Exchange Server 2007 Edge Transport Server. Subscribe the new Exchange Server 2010 Edge Transport Server to the Exchange Server 2010 Hub Transport Server.

It’s actually rather simple, though you should bear in mind that this is one of the rare cases when the relationship between Exchange Server 2007 and Exchange Server 2010 is asymmetric. You can’t have an Exchange Server 2010 Edge Transport Server subscribed to an Exchange Server 2007 Hub Transport Server.

Moving Mailboxes

You should move your mailboxes from Exchange Server 2007 to Exchange Server 2010 using the 2010 version of the Exchange Management Console or the Exchange Management Shell. You could also use the new online move-mailbox functionality (now called MoveRequest). This results in a minimal downtime for the users, even with a multigigabyte mailbox.

During an online move-mailbox, a new mailbox is created on the Exchange Server 2010 Mailbox Server. Contents are synchronized between the old Exchange Server 2007 mailbox and the new Exchange Server 2010 mailbox. The user can still work with the old mailbox and new messages still arrive there.

When both mailboxes are in sync, the old mailbox is closed, Active Directory is updated with information regarding the new mailbox location, and the new mailbox on Exchange Server 2010 is fully up and running.

The online move-mailbox functionality only works between Exchange Server 2010 servers, and when moving from Exchange Server 2007 to Exchange Server 2010. When moving from Exchange Server 2010 to Exchange Server 2007, the move is offline. It doesn’t work with Exchange Server 2003.

Either way, you now have Exchange Server 2010 running in coexistence with your Exchange Server 2003 or 2007 environment.

Jaap Wesselius is the founder of DM Consultants, a company with a strong focus on messaging and collaboration solutions. After working at Microsoft for eight years, Wesselius decided to commit more of his time to the Exchange community in the Netherlands, resulting in an Exchange Server MVP award in 2007. He's also a regular contributor at the Dutch Unified Communications User Group and a regular author for Simple-Talk.

Learn more about “Exchange 2010 - A Practical Approach” at red-gate.com/our-company/about/book-store.

Related Content

• Microsoft Exchange Server 2010: Get to Know the Exchange Management Shell
• Microsoft Exchange 2010: Establishing a Virtual Exchange 2010 Datacenter
• Exchange Server 2010: Exchange Server High Availability