Team blog of MCS @ Middle East and Africa

This blog is created by Microsoft MEA HQ near shoring team, and it aims to share knowledge with the IT community.With its infrastructure and development sides,It brings to you the proven best practices and real world experiences from Subject Matter Experts
Follow Us On Twitter! Subscribe To Our Blog! Contact Us

Part 2: Step-by-Step Exchange 2007 to 2013 Migration

Part 2: Step-by-Step Exchange 2007 to 2013 Migration

  • Comments 17
  • Likes

In Part 1 of this post we went through the steps required to deploy Exchange 2013, in this part we will start by the required configurations on Exchange 2013 to establish our coexistence and then test it.

2.Digital Certificates Configurations

SSL Certificate

The first step in our configurations will be certificate. By default Exchange is installed with self-signed certificate, we need to replace this certificate to include the correct names (legacy is required as I will use the same certificate on Exchange 2007 and TMG as well):

Hostname

Description

mail.contoso.com

FQDN used by all external and internal clients

autodiscover.contoso.com

FQDN for the autodiscover service

Legacy.contoso.com

FQDN used by all external and internal clients for Exchange 2007

To create certificate request open exchange management shell and run the following command:

New-ExchangeCertificate -FriendlyName 'Contoso Exchange 15 Certificate' -GenerateRequest -PrivateKeyExportable $true -KeySize '2048' -SubjectName 'C=EG,S="Cairo",L="Cairo",O="Contoso",OU="IT",CN=mail.contoso.com' -DomainName 'mail.contoso.com','autodiscover.contoso.com' ,'legacy.contoso.com' | out-file c:\sw\e15_csr.txt

Capture1

Submit your certificate request to be signed by your CA, then use the following command to import the certificate:

Import-ExchangeCertificate -filename c:\sw\certnew.cer

Capture2

Configure the Exchange server to use this certificate using the following command:

Enable-ExchangeCertificate -Thumbprint A826389C71ED5870137B866F01192D47F69CE526 -Services IIS,POP,IMAP

Capture2.1

Export the certificate with the private key and import it on Exchange 2007 CAS servers using the same steps.

To use the Exchange certificate wizards, follow this link.

3.Exchange 2013 name space & virtual directories configurations

To configure Exchange 2013 virtual directories open Exchange 2013 management shell and follow the below steps:

OWA and ECP:

Set-OwaVirtualDirectory -Identity "e15-01\OWA (Default Web Site)" -ExternalUrl https://mail.contoso.com/owa -LogonFormat username -DefaultDomain contoso.local

Capture3

Set-EcpVirtualDirectory -Identity "e15-01\ECP (Default Web Site)" -ExternalUrl https://mail.contoso.com/ecp

Capture4

OAB:

Set-OabVirtualDirectory -Identity "e15-01\OAB (Default Web Site)" -InternalUrl https://mail.contoso.com/oab -ExternalUrl https://mail.contoso.com/oab

Capture5

ActiveSync:

Set-ActiveSyncVirtualDirectory –Identity “e15-01\Microsoft-Server-ActiveSync (Default Web Site)” –ExternalUrl https://mail.contoso.com/Microsoft-Server-ActiveSync –InternalUrl https://mail.contoso.com/Microsoft-Server-ActiveSync

Capture7

Web Services:

Set-WebServicesVirtualDirectory –Identity “e15-01\EWS (Default Web Site)” -InternalUrl https://mail.contoso.com/ews/exchange.asmx –ExternalUrl https://mail.contoso.com/EWS/Exchange.asmx

Capture8

AutoDiscover:

Set-ClientAccessServer -Identity e15-01 -AutoDiscoverServiceInternalUri https://autodiscover.contoso.com/autodiscover/autodiscover.xml

Capture9

Outlook Anywhere:

Set-OutlookAnywhere -Identity "E15-01\Rpc (Default Web Site)" -InternalHostname mail.contoso.com -ExternalHostname mail.contoso.com -InternalClientAuthenticationMethod Ntlm -ExternalClientAuthenticationMethod Basic -ExternalClientsRequireSsl $True -InternalClientsRequireSsl $true

Capture10

4.Configure offline address book (OAB)

Change the default OAB on Exchange 2013 databases, to do so open Exchange 2013 Management Shell and run the following command:

Get-MailboxDatabase | Set-MailboxDatabase -OfflineAddressBook "\Default Offline Address Book (Ex2013)"

Capture17

5.Exchange 2013 Mail flow configurations:

Receive connectors

In my case all I need is one connector to receive mails from TMG (or SMTP GW), to create this connector use the below command:

New-ReceiveConnector -Name Inbound -Usage Custom -Bindings 192.168.2.11:24 -RemoteIPRanges 192.168.2.20

Capture15

Send connector:

All you have to do is to add Exchange 2013 server to the existing send connector as shown below:

Set-SendConnector -Identity Outbound -SourceTransportServers E12-01,E15-01

Capture12

Transport Rules:

Transport rules are not migrated to exchange 2013; accordingly you must export and import them as below:

Open Exchange 2007 management shell and run the following command:

Export-TransportRuleCollection -FileName "c:\ExportedRules.xml"

Capture13

Copy the ExportedRules.xml file to Exchange 2013, open Exchange 2013 management shell & run the following command:

[Byte[]]$Data = Get-Content -Path "C:\TransportRules\ExportedRules.xml" -Encoding Byte -ReadCount 0
Import-TransportRuleCollection -FileData $Data

Capture14

For additional readings check this Link

Testing:

Now its time to create your own test scenarios and apply them before starting your migration.

For me I have a small test scenarios as below:

Create a test user on E15 and apply the following tests from a machine with hosts file that point to Exchange 2013 server.

Test mail flow by sending couple of mails to Exchange 2007 users, outbound and Inbound mail flow and analyze headers using the same tool.

You can add your 3rd party tools configurations and testing, and once you complete all tests successfully, continue to Part 3 and let us start the migration process.

Comments
  • Nice write up.  This really simplifies deploying a new 2013 Server into a 2007 environment for a small organization.  One area that I encountered a little confusion was your send and receive connector setups.  In your diagram in part 1, you illustrate the infrastructure using FQDN.  In the connector setups you list only the IPs with making reference to to the FQDN. That makes it a little trickier to follow.  Thanks again for a great write up.

  • You have a typo in the Outlook Anywhere command. Should be a capital B in Basic and a space after the word. Otherwise this document is awesome.

  • In section 4.Configure offline address book (OAB) I had to put in: "Get-MailboxDatabase | Set-MailboxDatabase -OfflineAddressBook "\Default Offline Address Book (Ex2012)"" because I installed from a non serviced packed disk. However when I run: "Move-OfflineAddressBook -Identity "Default Offline Address Book" -Server E15-01" I get an error stating "Move-OfflineAddressBook : failed to create the 'ExchangeOAB' folder on the target server 'xxx'. Two possible reasons for the failure are that the System Attendant Service is not running or your do not have permission to perform this operation. Error message : 'Catastrophic failure (Exception from HRESULT: x8FFFF (E_UNEXPECTED))'." Any ideas what I am missing? Cheers, Tony

  • RE: Tony: Seems you can ignore the command to move the generation server of the 2007 Default Offline Address Book. Exchange 2013 creates a new type specific to 2013.
    http://social.technet.microsoft.com/Forums/en-US/85e7276b-ae35-40cf-827d-04f60e441afd/help-with-migration-from-exchange-2007-to-exchange-2013?forum=exchangesvrdeploy

    http://blogs.technet.com/b/exchange/archive/2012/10/26/oab-in-exchange-server-2013.aspx

  • This is the first time I have had to do a migration of this type. I see the Legacy.contoso.com example, so my question is the new 2013 system going to use the autodiscover, owa and all that, that was on my 2007 cert or do I need to come up with new names? If new, how does autodiscover work, since both the 2007 and 2013 both need autodiscover?

  • We are trying to move the OAB from exch2010 to 2013 using the above commands and we are getting the below error.

    [PS] C:\Windows\system32>Get-MailboxDatabase | Set-MailboxDatabase -OfflineAddressBook "\Default Offline Address Book (Ex2013)"
    Couldn't find offline address book "\Default Offline Address Book (Ex2013)" . Please make sure you have typed it
    correctly.
    + CategoryInfo : NotSpecified: (:) [], ManagementObjectNotFoundException
    + FullyQualifiedErrorId : 60AA48EC
    + PSComputerName : irsauhcas01.irshad.ae

    [PS] C:\Windows\system32>Get-MailboxDatabase | Set-MailboxDatabase -OfflineAddressBook "\Default Offline Address Book (Ex2012)"
    Couldn't find offline address book "\Default Offline Address Book (Ex2012)" . Please make sure you have typed it
    correctly.
    + CategoryInfo : NotSpecified: (:) [], ManagementObjectNotFoundException
    + FullyQualifiedErrorId : 60AA48ED
    + PSComputerName : irsauhcas01.irshad.ae

    [PS] C:\Windows\system32>Get-MailboxDatabase | Set-MailboxDatabase -OfflineAddressBook "\Offline Address Book (Ex2012)"
    [PS] C:\Windows\system32>Move-OfflineAddressBook -Identity "Offline Address Book " -Server unicorp.IRSHAD.AE

    The operation couldn't be performed because object 'Offline Address Book ' couldn't be found on
    'hodc1.irshad.ae'.
    + CategoryInfo : NotSpecified: (:) [Move-OfflineAddressBook], ManagementObjectNotFoundException
    + FullyQualifiedErrorId : 44CBFB6F,Microsoft.Exchange.Management.SystemConfigurationTasks.MoveOfflineAddressBook
    + PSComputerName : irsauhcas01.irshad.ae

  • When followed this post, but are facing problems. For mailboxes on Exchange 2013, when I try to connect them in Outlook 2013, I get the error message "the action cannot be completed. the microsoft exchange address book was unable to log on to exchange." Mailboxes on Exchange 2007 can still be connected. OWA/ActiveSync is working for new mailboxes. Any idea?

  • I'm with Florian, I have OWA working internally, but cannot get Outlook clients to connect.

  • I am also getting this error: Couldn't find offline address book "\Default Offline Address Book (Ex2013)" . Please make sure you have typed it correctly. this is when I try the Get-MailboxDatabase | Set-MailboxDatabase -OfflineAddressBook "\Default Offline Address Book (Ex2013)" command.

  • [PS] C:\Windows\system32>Get-MailboxDatabase | Set-MailboxDatabase -OfflineAddressBook "\Default Offline Address Book (Ex2013)"
    Couldn't find offline address book "\Default Offline Address Book (Ex2013)" . Please make sure you have typed it
    ---- I think the reason for this is that it is "\Default Offline Address LIST (Ex2013)" not "\Default Offline Address Book (Ex2013)".

  • how to get cert signed by my own ca??

  • Manually create the OAB Share under the v15 install folder on the Exchange 2013 Server, compare the 2007 OAB share for permissions and apply the same permissions on the share.
    Try the move again ;-)

  • @Holli V thanks for the note, updated it :)

  • @ravin what is your CA version ? is it based on ADCA ?

  • In the testing phase my issue is test user on Ex2013, outlook 2013 with the lastest updates constantly prompts for password, and no passwords are accepted. I can cancel it and email works fine, but public folders do not work.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment