Exchange 2K3 new server

[TMPadmin]

I did some research but as always and old "friend" who did some consulting for us in the past always makes me nervous about doing such upgrades. Here is my situation and the steps I believe are correct. Someone PLEASE tell me if I am wrong...

Current config:
Win 2K with exchange 2K
Scema master / infrastructure operations master on the same W2K server (different from Exchange server)


I hae a new server that I just installed W2K3 on it sits only with windows updates and such nothing else. I want to make this my exchange server.

1. Install W2K3 on server (done)
2. Backup Schema server (4 hours)
3. Update forest / domain with ADprep (Off hours)
4. Backup current Mail server
5. Install Exchange 2K3 on new 2K3 server
5a. migrate all mailboxes, public folders, GAL and such to new exchange server
6. change DNS entry on DNS server to pint old exchange server name to new server IP
6a. change firewall to route incoming to new IP
6b. change revers lookup
7. Demote old server from all duties (DC, virus, etc)
8. shutdown exchange services
9. shutdown server for X hours to make sure all is working on new server.
10. Reconfigure old mail server for new DC at branch office.

If I'm going to be formatting the server MUST I remove the exchange software in order for it to be removed from the domain? This is the first exchange server.

Thanks for the help!

 

[stash]

3. Update forest / domain with ADprep (Off hours)

Don't need to do this, unless your new Exchange server is going to also be a domain controller. Which would not be a good idea.

 

[TMPadmin]

Originally posted by: STaSh

3. Update forest / domain with ADprep (Off hours)

Don't need to do this, unless your new Exchange server is going to also be a domain controller. Which would not be a good idea.

Well, the old mail server will be a DC at a branch office and I'd like to have w2K3 installed. So I believe I do still have to do this...

other than that, everything else looks good?

 

[stash]

Ok, sure. If you want to make the old server a DC, that's a good idea. But you don't need to worry about running ADprep to get your new Exchange server online. I would put that between step 9 and step 10.

 

[TMPadmin]

Sorry to be a pest about this but everything else look good right? I'm overly cautious about these upgrades even with backups in place.

Thanks again!

 

[stash]

Looks fine to me...good luck! :beer:

 

[spyordie007]

Not adprep; you need to run forrest prep and domain prep to exend the AD schema to support the exchange 2k3 attributes and security groups. (adprep would be if you were installing your first 2k3 domain controller).

If I'm going to be formatting the server MUST I remove the exchange software in order for it to be removed from the domain? This is the first exchange server.

See KB 8229931; if this is the first exchange server you will need to transfer roles and move public folders/the offline address book/etc. to the new server before you remove exchange from this one.

Process should be:
1. Install 2k3 server on the new server (already done)
2. Install Exchange 2k3 on the new server (this is the point where you would run forrest prep and domain prep since this is your first 2k3 exchange server)
3. Move mailboxes
4. Transfer first exchange server roles, public folders, firewall and DNS configuration to route mail through the new server.
5. Remove Exchange from the old server (re-run the exchange 2000 setup on that server)
6. Transfer FSMO roles (Schema master, Infrastructure) from this old DC to another
7. Demote this DC.
8. Rebuild the old server with 2k3 server (if this is your first 2003 DC than this is the point where you would use adprep)
9. Promote the rebuilt old server to a DC

Let me know if you have any questions, I've been through this process several times and I'm just explaining this off the top of my head.

 

[stash]

6. Transfer FSMO roles (Schema master, Infrastructure) from this old DC to another

Don't need this step. Dcpromo will take care of that for you, unless replication is broken. If replication is broken, transferring the roles manually wont work anyway.

 

[spyordie007]

Originally posted by: STaSh

6. Transfer FSMO roles (Schema master, Infrastructure) from this old DC to another

Don't need this step. Dcpromo will take care of that for you, unless replication is broken. If replication is broken, transferring the roles manually wont work anyway.

Good point.

 

[TMPadmin]

Is forest prep any different than:

adprep /forestprep & adprep /domainprep? This is what I was implying.

Can this be done during working hours? I read one place where it says no and another where it says it doesn't matter.

 

[spyordie007]

yes we're talking about a differant forestprep; we're talking about:
d:\setup\i386\setup.exe /forestprep and ...\setup.exe /domainprep
(where d= your CD drive). This is the Exchange forestprep and domainprep. Though if you want to get technical on me like Stash did if you havent performed these steps the Exchange installer will do it for you

Yes they can be done during working hours; users wont "see" anything. forestprep extends the AD schema to support the Exchange attributes (which can take some time) and domainprep creates the security groups and sets the ACLs for Exchange. Though it's very unlikely you'll run into problems with them I still suggest running a backup on (at least) your schema master and one of your GCs before performing these steps.

-Erik

 

[stash]

Everything Erik says is spot on. But keep in mind that you will need to run the ADprep versions of forestprep and domain prep before step 9 (promote the old rebuilt server as a DC).

 

[TMPadmin]

Originally posted by: STaSh
Everything Erik says is spot on. But keep in mind that you will need to run the ADprep versions of forestprep and domain prep before step 9 (promote the old rebuilt server as a DC).

That is what messed me up. Before I decided to swap the server I was simply going to use the new server as a 2K3 DC - it was this process that told me I had to run adprep /forestprep & /domainprep. So I don't need to do the one I was thinking of until I'm ready to install the 2k3 DC... K good.

 

[spyordie007]

Oh just had a thought for you to keep in mind. The process of extending your AD schema for both \forestpreps is pretty intensive on your schema master's processor. If you've got a slow single processor schema master that is also performing other server roles you might want to consider running \forestprep during off hours just so the server isnt lagging on its other tasks.

 

[TMPadmin]

Well all went well. I didn't move the mailboxes yet or take the first server offline but it's working together. A few strange things.

1. OWA gives "under construction" - in iis there are no files listed in the directory. I'm still searching MS
I guess that''s it for now.? I'm tired.

Thanks again!

 

[TMPadmin]

I think I messed up something that is causing my OWA to no longer be found.

What should the default path be to the files for OWA in IIS?

 

[stash]

What URL are you using? It should be http://mailserver/exchange.

The path in IIS should be something like '\\.\BackOfficeStorage\domain.com\MBX'

 

[TMPadmin]

Trying directly to the ip/exchange

giving page cannot be displayed...

my path is what you said it should be...

 

[TMPadmin]

Not sure what I changed but it's working now. sorta.

Since my mailbox is still on the old server should it still be loading 2K OWA? because it does.

more: it is actually redirecting the browser to the other mail server...

Thanks again for all the tips, pointers & help.

 

[spyordie007]

Since my mailbox is still on the old server should it still be loading 2K OWA? because it does.

more: it is actually redirecting the browser to the other mail server...

Yup it's supposed to do this, you'll have to move your mailbox to this new server to use the new version of OWA

 

[TMPadmin]

Thanks for the clarificatioin before I spent hours researching this.

Before my mind wonders I really have to thank you guys for helping out with this upgrade. I know you somewhat enjoy helping as do I when I can but the help you provided saved me hours of headaches. I only hope I can return the favor sometime.

 

[TMPadmin]

Okay one last question. I hope.

I moved my mailbox to the new server and I'm now getting a relay error...

You do not have permission to send to this recipient.

<server.mydomain.com #5.7.1 smtp;551 5.7.1 relaying denied>

I actually setup relaying is alllowed for my submet here. I'm searching MS but if anyone knows, please. As always Thanks!

Nevermind on this one, I figured it out. I added a smart host to the new server to send through my off site spam filter...

Maybe someone can answer this if I don't find it first...

Is there a utility (like in past versions) to move the databases to another drive?

Nevermind: found that one too. It's easy, can't believe I missed it.

 

[TMPadmin]

Okay I'm nearing the finish but I hit a snag.

I think the best way to solve my issues is to ask "how do I specifiy I want my new server to send and receive all incoming and outgoing mail?"

It looks like it goes out through the new server but comes in through the old server. Plus when I try to configure a smarthost under smtp connectors I get an error that I cannot relay.

 

[spyordie007]

It looks like it goes out through the new server but comes in through the old server.

This sounds like a DNS and/or firewall issue. Your MX record for the domain needs to point to the location where the SMTP (TCP port 25) requests will hit the new server.

Plus when I try to configure a smarthost under smtp connectors I get an error that I cannot relay.

Sounds like whoever you are trying to relay through isn't accepting the messages; you sure they are configured to allow you to relay to the outside world?

 

[TMPadmin]

The MX points to an IP - that ip is routed using the firewall so all I have to do is change the firewall and it hit my new server (but the server doesn't accept).

I get the relay when I try to configure the new mail server, the only thing I can think of is my isp has my old mail server's name and not ip, but I find that hard to believe they would do it that way.