| Author |
 Topic  |
|
anthony
Moderator
USA
2373 Posts
Status: offline |
 Posted - 04/10/2012 : 4:51:18 PM
|
In an emergency scenario like 4 for 5 months ago, we installed Exchange 2010 on hardware that was not really what I would consider "Exchange Ready"... Mind you it runs pretty well, but we wanted to use that hardware for another project, and buy something with 4 hour support.
Fast forward to present time. I have my new hardware, I've installed Server 2008 R2, Patched it up, etc.... I am now looking at what my existing server is running. It has Exchange 2010 SP1 Rollup 6 right now.
So, my first question, in a string of what I'm sure could be many is:
Should I upgrade to the latest and greatest on the existing box before starting to move mailboxes?
I know that's always best, but I would prefer not to add the risk of a Service Pack breaking something on my existing server before I even get started on the new one. So I guess, is the risk worth the downsides?
|
anthony
There should be only one World's Greatest Dad shirt. And you should have to kill the previous owner to wear it.
|
|
|
Jazzy
Administrator
Netherlands
1929 Posts
Status: offline |
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
|
|
Jazzy
Administrator
Netherlands
1929 Posts
Status: offline |
Posted - 04/11/2012 : 3:42:27 PM
|
You're not finding the information you're looking for because you need to break the whole process up in a few smaller steps:
- adding a server to the Exchange org
- moving mailboxes to another server
- removing a server from the Exchange org
Deployment of the new server is exactly the same as the previous one, it will be added to you existing Exchange organization. Then you configure the server just as you did with the first one.
Next you move the mailboxes and processes like address book generation to the new server, make sure that multi finctionals or other servers send email to the new server and uninstall Exchange from the old server. |
Jetze Mellema
Exchange specialist
Former MVP (2005-2012)
My blog: http://jetzemellema.blogspot.com (Dutch)
My company: http://www.imara-ict.nl/ |
 |
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 04/11/2012 : 3:44:09 PM
|
| I see what you are saying, I will hit it from that direction. |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3505 Posts
Status: offline |
Posted - 04/11/2012 : 9:56:05 PM
|
| Take this opportunity to virtualize!! That way your next move or hardware failure or whatever will be as simple as copying a few files... |
-Wes |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 04/12/2012 : 08:06:31 AM
|
| That is actually one of the things we are going to be doing, but we are concentrating on the desktop side first (which is backwards from most environments I'm sure). But once that is settled a bit, we will be moving to virtualization on the server side too. |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 04/12/2012 : 08:24:50 AM
|
OK, I'm not huge on making "assumptions" so I have to ask. I'm ready to install my 2nd 2010 server. All pre-reqs are installed and initial setups passes that stage. I'm fully patched and ready. My feeling from what I'm reading is that when I install this 2nd Exchange box, it really effects nothing until I move mailboxes to it. Is that correct? Is there anything I need to worry about or any "gotchas" that I'm missing?
I've done this sort of thing in the Exchange 2003 world on several occasions, but obviously a lot has changed since then, so I want to make sure before I start the install during working hours on a Thursday... |
|
|
|
wobble_wobble
Honorable But Hopeless Addict
Ireland
4517 Posts
Status: offline |
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/14/2012 : 3:36:04 PM
|
"Exchange Server 2010 uses Active Directory sites for routing" (found in an article I was reading) - I have not seen much info about what needs to be done on the connectors in this scenario (2010 to 2010 move). Do they need to be duplicated? I noticed on the Send Connectors there are "Source Servers" and multiple entries can be made. Should I add my new server, then remove the old? Also, I have 2 extra receive connectors (one for a ZIX, and another for GFIFaxmaker) on the old server. Will I need to re-create those since there is no "Source Servers" area?
If I add both servers in the Send Connectors, how will it route? Which will it choose? |
|
|
|
aval
Honorable But Hopeless Addict
USA
3273 Posts
Status: offline |
Posted - 05/14/2012 : 11:05:14 PM
|
quote:
Should I add my new server, then remove the old?
Yes, add the new server of course. At some point you will have to remove the old server - assuming you do not want ot retain it for future use.
As a general rule, I would leave the current (old) E2K10 server running for a while so IF you have to fall back on it, you can.
Try removing it once the new server is added as a source server for the Send Connector and verify that you can still send outbound mail (to your hotmail or gmail account, or whatever you have).
Otherwise, as the Send Connector exists at the Organization Level, it should exist on all (HT) servers and pull it's settings from Active Directory.
(Unless I'm missing something...?)
quote:
If I add both servers in the Send Connectors, how will it route? Which will it choose?
I believe they will be selected in alternance, first Svr1, then Svr2, then Svr1, then Svr2. Having two or more source servers is supposed to provide load balancing so I suppose that is how they work. |
|
|
|
aval
Honorable But Hopeless Addict
USA
3273 Posts
Status: offline |
Posted - 05/14/2012 : 11:14:01 PM
|
quote:
Also, I have 2 extra receive connectors (one for a ZIX, and another for GFIFaxmaker) on the old server. Will I need to re-create those since there is no "Source Servers" area?
Yes, you will need to recreate Receive Connectors as they exist at the Server level. Just copying the settings (even by re-entering them on the new server if there are not too many) should do the trick. |
|
|
|
aval
Honorable But Hopeless Addict
USA
3273 Posts
Status: offline |
Posted - 05/14/2012 : 11:30:57 PM
|
Anthony wrote:
My feeling from what I'm reading is that when I install this 2nd Exchange box, it really effects nothing until I move mailboxes to it. Is that correct? Is there anything I need to worry about or any "gotchas" that I'm missing?
Joe replied:
Nothing changes until you move a mailbox, then the work starts again.
If the new Exchange 2010 server will hold the CAS role, an entry for it will be added to the SCP record in Active Directory. If you are using Outlook 2007 or 2010, users may get warnings if autodiscover selects the new CAS and it does not have the appropriate SAN/UCC certificate installed.
If you move OAB generation, you might encounter that as well.
That's all I've ever read might happen. |
|
|
|
Jazzy
Administrator
Netherlands
1929 Posts
Status: offline |
Posted - 05/15/2012 : 02:29:43 AM
|
| Outlook clients will connect to the oldest SCP they find, this will be the Exchange 2007 CAS server. Still, good point. |
Jetze Mellema
Exchange specialist
Former MVP (2005-2012)
My blog: http://jetzemellema.blogspot.com (Dutch)
My company: http://www.imara-ict.nl/ |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/15/2012 : 2:21:36 PM
|
OK, this leads me to my next issue. My SAN certificate. Will I be able to re-issue a new one from GoDaddy with the new server info? Will this break the CAS on my old server during the transition? I think this is the part I'm most nervous about...
Would I be better off just buying a 2nd SAN Cert? The old server is going away as soon as we can determine that the new one is functioning correctly. It would be a shame to "waste" it's SAN certificate. |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3505 Posts
Status: offline |
Posted - 05/15/2012 : 2:32:36 PM
|
| Hodaddy should allow you to add another name and reissue. Shouldn't be any problems. |
-Wes |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/15/2012 : 2:42:35 PM
|
| So, when I add an additional SAN to my cert, and it gets re-issued - my existing cert will no longer be valid until I replace it with the new one right? What effect will this have on end users? Is this something that needs to happen after hours? |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3505 Posts
Status: offline |
Posted - 05/15/2012 : 2:49:33 PM
|
It is still valid afaik. No reason you can't
put the new cert ok both servers if you prefer, just in case. |
-Wes |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3505 Posts
Status: offline |
Posted - 05/15/2012 : 2:50:36 PM
|
| When I add names to my godaddy san certs it doesn't affect the validity of the existing one. |
-Wes |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/15/2012 : 3:10:42 PM
|
I trust you, but on the GoDaddy site it says this:
quote:
"Once a new certificate is issued, the original certificate will no longer be valid. You must replace the original certificate on the original hosting server."
So just to be safe I will wait until after hours to do it... 
http://support.godaddy.com/help/4649/adding-or-dropping-subject-alternative-names-from-ucc-certificates
|
anthony
There should be only one World's Greatest Dad shirt. And you should have to kill the previous owner to wear it.
|
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3505 Posts
Status: offline |
Posted - 05/15/2012 : 3:14:28 PM
|
| Godaddy says a lot of things, and runs ads with scantily clad wimmins running around lol. |
-Wes |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/15/2012 : 3:16:55 PM
|
| THAT'S WHY I USE THEM! |
|
|
|
aval
Honorable But Hopeless Addict
USA
3273 Posts
Status: offline |
Posted - 05/15/2012 : 6:17:52 PM
|
quote:
Will I be able to re-issue a new one [SAN certificate] from GoDaddy with the new server info?
What new information would you need?
NewServerName.yourDomain.tld ?
(tld = top level domain)
You may or may not really need to put the server FQDNs on the cert.
In theory, you can get by with just two names, assuming both both internal and external URLs are the same, indicating, for example, mail.yourdomain.tld:
mail.yourdomain.tld
autodiscover.yourdomain.tld
Personally, I have the server name in the cert. On one hand, I've read that this could be a security issue (outsiders can see the name of your mail server), but on the other, no fewer than two Exchange MVPs (including Simon Butler - aka "Sembee") have argued in MS Technet forums that this name could be discovered otherwise and if your security depends on the name of your mail server not being known, that's just not good security.
Otherwise, yes, after hours or over the week-end.
OWA should continue to function without a valid cert, although you'll get warnings. I believe Outlook Anywhere and either ActiveSync or Autodiscover (one of the components starting with "A") does require a valid SSL cert to function.
Something to keep in mind.
|
|
|
|
Jazzy
Administrator
Netherlands
1929 Posts
Status: offline |
Posted - 05/16/2012 : 03:19:18 AM
|
quote:
Originally posted by aval
In theory, you can get by with just two names, assuming both both internal and external URLs are the same, indicating, for example, mail.yourdomain.tld:
In theory, you can get by with just one name.
I did a lot of this in the 2007 era, now I've become lazy and use the New Exchange Certificate wizard to prepare my request. The wizard ask what you want to do with it and prepares the request for you. There's a step where you can add or remove names, before you continue. Still need to use common sense, but it works pretty well. |
Jetze Mellema
Exchange specialist
Former MVP (2005-2012)
My blog: http://jetzemellema.blogspot.com (Dutch)
My company: http://www.imara-ict.nl/ |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/16/2012 : 3:17:16 PM
|
| We already own the SAN Cert, so I'm just going to ADD the internal host name to our new server to it, and re-import it. That way it will work on both servers until the transition is over. |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/16/2012 : 4:37:15 PM
|
It seems as though there are "roles" (might not be the right word) that my old server holds that need to be transferred. I'm assuming that much of this will happen during the un-install of the first 2010 server. However, I would love to have a "fallback". Is there a way to move the roles over without completely uninstalling Exchange from the first server?
The reason I ask, is because even if I'm on my new server - if I look at the "Queue Viewer" there is one named after my old server's mailbox database. Nothing about any of the other mailbox databases.
All I have is:
mailbox database 1584415396 (Delivery Type - MapiDelievery)
Submission (Delivery Type - Undefined)
[10.0.10.13] (Delivery Type - SmarthostConnectorDelivery)
In 2003, you could get this done pretty easily if I recall, I was able to transfer all the roles to the new server, then just leave the old one running for a week. Then uninstall once I knew everything was working well.
If I look under Server Configuration, both servers show that "Hub Transport, Client Access, Mailbox" are all installed roles. |
|
|
|
Pesos
Honorable But Hopeless Addict
USA
3505 Posts
Status: offline |
Posted - 05/16/2012 : 4:38:47 PM
|
| do you have any mailboxes on the new server yet? is your queue viewer homed to the new server? |
-Wes |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/16/2012 : 5:02:02 PM
|
| I have a select few - maybe 10 or so out of 100 or so. It appears to be homed on it, when I look at the grey bar within the viewer it has the FQHN of the NEW server. When I look at it that way, it only shows the Submission & [10.0.10.13] SmartHost Queue. |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/17/2012 : 1:16:37 PM
|
OK, this is weird...
A few days ago, I pushed out a txt file with all my mailbox stats by using the posh command:
Get-MailboxStatistics -Database "Mailbox Database Name" | Sort-Object TotalItemSize –Descending | ft @{label=”User”;expression={$_.DisplayName}},@{label=”Total Size (MB)”;expression={$_.TotalItemSize.Value.ToMB()}},@{label=”Items”;expression={$_.ItemCount}} | out-file C:\MailboxSizeReport.txt
And I planned by moves accordingly...
However, when I go to move the Mailboxes, the sizes are vastly different. For instance, on one; the report said it was about 1.5GB but when I went to move it was 5.87GB.
Am I not pulling the right stat in that initial report? |
|
|
|
anthony
Moderator
USA
2373 Posts
Status: offline |
Posted - 05/17/2012 : 1:35:22 PM
|
It's the stuff in "Recoverable Items" Folder.
Did a Get-MailboxFoderStatistics -Identity [username]
It's supposedly set for 14 days... not sure how it's that big. |
|
|
|
clarinathan
Moderator
United Kingdom
4893 Posts
Status: offline |
Posted - 05/18/2012 : 06:33:30 AM
|
| Do you have any users on legal hold? |
Nathan Winters - [MSFT] - Exchange Technical Specialist
Checkout my blog:
http://www.nathanwinters.co.uk |
|
|
|
Topic |
|
Moving 2010 to new hardware question...
