The migration scenario:
- Two different forests;
- Exchange 2007 in one forest and Exchange 2010 in the other;
- Exchange 2007 with SP2 installed.
Requirements:
- Create a DNS Conditional Forwarding on the source domain for the destination domain;
- Create a DNS Conditional Forwarding on the destination domain for the source domain;
- Before starting the migration itself, you need to trust between the two domains and deactivate SID Filtering:
- Netdom trust destination.local /domain:source.local / quarantine: No / usero: destination\user / passwordo: *******
- Netdom trust source.local /domain:destination.local / quarantine: No / usero: source\user / passwordo: ********
This way, when migrating with ADMT, users' SIDs remain the same (Filtering Disabled), thus ensuring the same permissions on files and groups in the target domain.
With ADMT installed on a server machine in the target domain, migrate the users/groups from the source to the destination (need to install the password exporter on a Domain Controller at the source, so we can guarantee the passwords are the same in both domains)
O In this document I will not go ahead with the ADMT settings.
Prepare the Migration:
- In Exchange 2007 Source
- You must create a connector that points all addresses to the exchange destination.
- In Exchange 2010 Destination
- Create all contacts of mailboxes in the source exchange (as external). Example:
- New-MailContact -ExternalEmailAddress SMTP:First.Last@source.com -Name "First M. Last" -Alias "FLast" -OrganizationalUnit "destination.local/Migration/Contacts"
- Create the custom Distribution Lists manually in Exchange 2010 (groups have already been migrated) and delete on the source domain;
- Create all Legacy Address Lists manually and delete on the source domain. Example:
- New-AddressList -Name "-RecipientFilter {((((Company -eq 'DL') -and ((Department -eq 'Dep') -or (department -eq 'Selection')) Container '\GroupCompanies\Company'
Migrate Mailboxes:
- Delete the contact in Exchange 2010 of the user to be migrated:
- Open the Exchange Management console and navigate to:
- C:\Program Files\Microsoft\Exchange Server\V14\Scripts
- Enter the command and enter the domain admin credentials of the destination domain (source.local\username):
- $Local = Get-Credential
- Enter the command and enter the domain admin credentials of the source domain (destination.local\username):
- $Remote = Get-Credential
- Enter the command:
- Enable-MailUser -Identity FLast -ExternalEmailAddress First.Last@source.com
- Enter the command:
- Prepare-MoveRequest.ps1 -Identity "CN=XXXX,OU=OU-XXXs,OU=OU-XXX,DC=source,DC=local" -RemoteForestDomainController DC.source.local -RemoteForestCredential $Remote -LocalForestDomainController DC.destination.local -LocalForestCredential $Local -TargetMailUserOU "OU=YYYY,OU=YYYYY,DC=destination,DC=local" -UseLocalObject
- Validate that the following appears: "1 mailbox (s) ready to move."
- Enter the command:
- New-MoveRequest -Identity "CN=XXXX,OU=YYYY,OU=YYYYY,DC=destination,DC=local" -RemoteLegacy -TargetDatabase "StorageGroup" -RemoteGlobalCatalog DC.source.local -RemoteCredential $Remote -TargetDeliveryDomain "destination.local" -baditemlimit 100
- Validate that the status has been queue.
- From this point on, the mailbox appears in Exchange 2010 under Move Request (Remote);
- We can see the logs and migration time. Note that 1GB takes about 90 minutes;
- Validate that the mailbox has been successfully migrated and clear the move request;
- For each migrated mailbox, it is necessary to check/change the user's primary addresses in exchange 2010 (by default, the primary address is @destination.local);
- If the Usar has more than one address, you have to add those same addresses in exchange 2010.
Post Migration:
- Validate that all mailboxes are on the Exchange 2010 side;
- Validate that public folders work correctly (in this Post I will not cover the Public Folder Migration);
- Enter the source domain as authoritative domain;
- Create a Receive Connector with all the IPs that were allowed to Relay in the source domain, like printers, servers, etc.
- Point the MX Records from source domain to destination;
- Some firewall operations may be required;
- Test sending and receiving emails in Outlook;
- Test sending and receiving emails by ActiveSync;
- Uninstall Exchange 2007.
That's All Folks! :)
No comments:
Post a Comment