MSExchangeGuru.com

Learn Exchange the Guru way !!!

 

Exchange Server 2016: All You Need to know Part 3

During the Ignite Microsoft had suggested that Exchange 2016 beta will release during summer 2015 and it is summer here. So we may assume Exchange 2016 Server beta release is around the corner.


In the previous blog we learned what will be Exchange 2016 architecture and recommended configuration. In this blog we will see the Exchange 2016 deployment guidance.

 

Exchange Server 2016: All You Need to know Part 1

Exchange Server 2016: All You Need to know Part 2

 

 

Exchange 2016 Deployment

 

These are the declarations from Ignite and subject to change at the time of RTM release.


-Co-existence and Migration

  • Exchange 2007 is not supported in the co-existence
  • Co-existence is only possible with Exchange 2010 and Exchange 2013
  • Migration from Exchange 2010 to 2016 will be identical to Exchange 2013
  • Overview of the steps. We will release a migration guide post beta release of Exchange 2016 which will be better as final bit will be available and we would what to expect in the final bit.
    • Prepare the remove any Exchange 2007 server, Forest functional level, domain functional level, schema update, AD update, domain update.
    • Installed Exchange server 2016 in the environment
    • Configure Exchange 2016 URLs which might be similar as Exchange 2013 or Exchange 2010
    • Import the same certificate to Exchange 2016 unless you decide to have the different urls
    • Setup Exchange 2016 DAG. Remember we told you that you can only have same versions of Exchange and windows in a cluster so don’t try to join Exchange 2016 in the Exchange 2013 DAG
    • Test by changing namespace pointer to Exchange 2016 in the host file for CAS URLs
    • Test the mailbox move.
    • Test the mailflow
    • Cut over the pointers and load balancer to Exchange 2016. One thing which will make your life easy is you can add Exchange 2016 servers in the Exchange 2013 Load balancer pool.
      • It is recommended it add Exchange 2016 in the same pool as Exchange 2013 so that testing can be done this way. Once satisfied remove Exchange 2013 from this pool.
      • Other option is old way create new Pool of exchange 2016 change 1-1 to Exchange 2016 VIP and update internal DNS host record.
    • Cut over the mailflow to Exchange 2016
    • Do the same in all internet facing sites first then on the non-internet facing sites.
    • Move remaining mailboxes to Exchange 2016
  • There is one thing coming new which never happen before. You can live without Exchange 2013 CAS. So if you have Exchange 2013 is installed separately in different servers then you just don’t need Exchange 2013 CAS servers once we have Load balancer pointed to Exchange 2016. The below picture will make you happy.

     


 

  • Exchange 2013 can still proxy the traffic to Exchange 2016 so there is no rush to do a switch to let Exchange 2016 mailbox work normally.
  • Previous version support: we have also explained in the Exchange basics blog that we can’t install the exchange version in a co-existence if we uninstall last server of this exchange version gracefully. So before running setup /prepareAD decide if you need Exchange 2013 for some reason then install Exchange 2013 before Exchange 2016.
  • Exchange 2016 OAB will asked all outlook users to download OAB (which may cause network choke up) if there is no OAB assigned to their databases so assign their current OAB before installing Exchange 2016. We have added this to the Exchange basics
  • Exchange 2013 can manage 2016 objects from both EAC+EMS.
  • Exchange 2016 can manage 2013 objects from both EAC+EMS.
  • Public Folder setting will be same as Exchange 2013 because we still need to provide Exchange 2010 co-existence.

  • The below statement is confusing.
    Exchange 2016 doesn’t support public folder databases. Therefore, there’s no coexistence with legacy public folders. As a result, Exchange 2016 is unable to read from the hierarchy stored in a public folder database on Exchange 2010 servers.https://technet.microsoft.com/en-us/library/dn957481(v=exchg.160)The simple answers we have for your question which Microsoft Product Group confirmed to me is below:
    1. Is Public Folders migration from Exchange 2010 to 2016 is supported and works?
    YES
    2. Is Exchange 2016 mailbox users can access Exchange 2010 Public Folders in a coexistence? (same as Exchange 2013)
    YES
  • Unified Messaging will be same as Exchange 2013.

     

     

-Namespace

  • Bound Namespace: It does redirection. Minimum 5 URLs required and 7 URLs in case of separate Internalurl
    • One per datacenter for Externalurl
    • One per datacenter for Internalurl (For outlook anywhere and mapi/http. Should not be resolving over the public dns)
    • One for AutoDiscover
    • One per datacenter for Outlook Web Apps Server

       

  • Unbound Namespace (Recommended): It does proxy. Minimum 4 urls required and 5 URLs in case of separate Internalurl.
    • One per datacenter pair for Externalurl
    • One per datacenter pair for Internalurl (For outlook anywhere and mapi/http. Should not be resolving over the public dns)
    • One for AutoDiscover
    • One per datacenter for Outlook Web Apps Server

       

  • Brian Day has shared the following chart but at this point I am not clear why do I need internal URL for Outlook Web Apps Server. So I would consider them -2 urls at this point but I will come back and update here if I will find a relevant reason to keep separate internalurl.

     

    Certificate Names Used if no Wildcard Cert Used
    Exchange Versions in Play Bound Model Unbound Model
    2010 + 2016 12 7
    2013 + 2016 10 7
    2010 + 2013 + 2016 10 7

     

     

  • The following table explain how Namespace urls will work on the backend.


 

-Prerequisite

  • Co-existence is only possible with the following:
    • Exchange 2013 CU 10 or later
    • Exchange 2010 SP3 RU 11 or later
  • Windows 2008 R2 Forest and Domain functional level
  • Windows 2008 R2 Domain Controller in every AD Site
  • Windows 2003 is out of support so windows 2003 domain controller must be demoted.
  • Outlook clients should be the following or higher
    • Outlook 2010 SP2 or later with KB2956191 and KB2965295 (These patches provides Mapi/http). Recommended to go for latest update
    • Outlook 2013 SP1 or later with KB3020812 (This patch fixes shared mailbox and legacy Public Folders). Recommended to go for latest update
    • Outlook 2016
    • Outlook for Mac 2011 or Later
    • MAPI/CDO clients are not supported
    • Outlook 2007 is not supported
    • Outlook for MAC 2008 EWS version is not supported
  • Exchange 2016 can be installed on Windows 2012 R2 and Windows Server 10 GUI versions
  • Exchange 2016 installation on server core is not supported
  • .NET Framework 4.5.2 or later
  • Windows Management Framework 4.0
  • Unified Communications Managed API (UCMA) 4.0
  • Office Web Apps Server for in-OWA attachment rendering installed on separate server(s) which is optional
  • If you have Edge Transport server installed then Edge Transport should be updated to supported Exchange 2010/2013 version. Edge Transports version is not updated until we reconfigure the subscription so we would require to rerun the subscription.

 

-Deployment Change

  • Microsoft recommends only 2 datacenters expanded DAG with the 3rd datacenter/Azure for File Share Witness. This is also updated in the exchange basics blog.
  • Mapi/http will be enabled by default.
  • Use “High Performance” Power Plan in Windows
  • Disable Hyperthreading in Physical Deployments
  • Storage Controller Cache (BBWC or FBWC) allocated 75% Write, 25% Read. Make sure to use it.
  • JBOD is recommended with autoreseed. But if you are using RAID then Use a stripe (per disk chunk) of 256KB or larger in multiples of 256KB
  • GPT partition. You have seen me using it already.
  • Format Binary the disk with NTFS with 64K KB Allocation Unit Size. You have seen me doing this too.
  • Format Data Volumes with ReFS w/Data Integrity Features Disabled
  • Enable IPv6. We have to use it.
  • Use Bitlocker for encryption
  • Run the Jetstress with Bitlocker and antivirus enabled if you will be using it.
  • Don’t restrict dynamic TCP port range
  • Move the following system mailbox from 2010/2013 to 2016.

    SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}

    This will allow us to save admin tasks to the admin audit log, export admin audit log, start eDiscovery searches and use new 2016 functionality

  • Use the following blog to configure Kerberos authentication if you need to.

    http://blogs.technet.com/b/exchange/archive/2015/02/20/exchange-2013-and-exchange-2010-coexistence-with-kerberos-authentication.aspx

     

  • Install steps are mentioned below which are similar to Exchange 2013
    • Install Desktop-Experience & RSAT-ADDS then restart the server
    • Install UCMA 4.0 then restart the server
    • Turn off schema master’s replication
    • Schema update, AD update, domain update.
    • Test schema master domain controller for any error. Restart the schema master domain controller and Turn on schema master’s replication
    • Install First Exchange 2016 then restart the server
    • Install remaining Exchange 2016 servers
    • Create DAG and configure urls
    • Add the Exchange 2016 servers to the Exchange 2013 load balancing pool or do a cut over to change the pointer towards Exchange 2016 Load balancer VIP.
    • Do the same in remaining internet facing AD sites then in the non-internet facing site.

     


-Outlook Web Apps Server Integration

  • Outlook Web Apps server configuration will be configured with WAC server.
  • The following URL will show the configuration on the Office web apps server in your browser.

    Https://localhost/hosting/discovery

  • We need to configure Exchange 2016 to use OWA attachment rendering by running the following command.

    Set-OrganizationConfig –WACDiscoveryEndpoint https://OWASURL/hosting/discovery

    Make sure to restart MSExchangeOWAAppPool after executing the command.

  • Some of us will be already experiencing in Office 365.

     

-Exchange 2010 to Exchange 2016 Outlook Anywhere

  • If you are on Exchange 2010 and going to migrate to Exchange 2016 then you need to follow the below steps to enable outlook anywhere before following my co-existence guide.
    • Enabled Outlook Anywhere on all Exchange 2010 CAS.
    • Configure IIS authentication method “NTLM or Basic+NTLM” for outlook anywhere
    • Use same outlook anywhere hostname as Exchange 2016 so that Exchange 2016 can proxy to Exchange 2010
    • Configure Outlook clients using GPO for the checkbox “On fast networks, connect using HTTP first, then connect using TCP/IP”.
    • Remove the CAS array at this point because all users should be connecting using outlook anywhere in place of RPC Mapi.
    • Do the cut over to point the DNS pointer to the Exchange 2016 VIP.

 

This blog ends here. So now you will be excited to use Exchange 2016.

Feel free to watch here the Exchange 2016 Deployment session of Brian Day’s Ignite session at channel 9.

 

Exchange Server 2016: All You Need to know Part 1

Exchange Server 2016: All You Need to know Part 2

 

Prabhat Nigam

Microsoft MVP | Exchange Server

Team@MSExchangeGuru

16 Responses to “Exchange Server 2016: All You Need to know Part 3”

  1. Exchange Server 2016: All You Need Part 1 « MSExchangeGuru.com Says:

    […] Exchange Server 2016: All You Need to know Part 3 […]

  2. Exchange Server 2016: All You Need to know Part 2 « MSExchangeGuru.com Says:

    […] « Configuring Static Ports for Exchange 2010 Exchange Server 2016: All You Need to know Part 3 […]

  3. Stein Vidar Says:

    I think it’s the other way round when comming to requirements:

    “Exchange 2013 CU 11 or later

    Exchange 2010 SP3 RU 10 or later”

    should be:

    Exchange 2010

    Supported with Update Rollup 11 for Exchange 2010 SP3 or later on all Exchange 2010 servers in the organization, including Edge Transport servers.

    Exchange 2013

    Supported with Exchange 2013 Cumulative Update 10 or later on all Exchange 2013 servers in the organization, including Edge Transport servers.

  4. Leon Says:

    thnx for publishing the articles….now i ve got some homework to do 🙂

  5. Prabhat Nigam Says:

    Thank you Stein. Nice catch, surely I messed the numbers. I have updated the blog now.

  6. Hayley Says:

    Exchange 2016 doesn’t support public folder databases. Therefore, there’s no coexistence with legacy public folders. As a result, Exchange 2016 is unable to read from the hierarchy stored in a public folder database on Exchange 2010 servers.

    https://technet.microsoft.com/en-us/library/dn957481(v=exchg.160).aspx

  7. Kannan Says:

    Hi Prabhat,

    I had a EX2010 with all role separate with static IP and mail flow was fine both internal and external. When I introduce exchange 2016 servers (two) mail flow impacted. I can only communicate with internal users from Ex2016 mailbox but not external. Is this is due to 2016 takes over ?

  8. Prabhat Says:

    Share the error. It should not be the case.

  9. Prabhat Nigam Says:

    Thank you Hayley for the point. I have checked with Product Group and this is true. I have updated the blog.

  10. Kannan Says:

    After the install Exchange 2016 modified the connector property and disabled the anonymous option. Once I enabled back mail flow started working fine. I don’t know it is only in my case or anyone else face the same.

  11. Prabhat Nigam Says:

    @Hayley

    Check the update. Exchange 2016 is supported with Exchange 2010 PFs

  12. Raman Says:

    Hello Prabhat,

    Thanks for the excellent article. Would you plesae clarify on the following: –
    “One per datacenter for Internalurl (For outlook anywhere and mapi/http. Should not be resolving over the public dns)”
    Question:
    Currently we have Exchange 2013 with same URL for internal and external (Outlook and OWA). So now in Exchange 2016 we have to use again separate URL for internal like “casarray” in previous Exchange version?

    Thanks,
    Raman

  13. Prabhat Nigam Says:

    In case you want separate internal url… read properly Raman. “Bound Namespace: It does redirection. Minimum 5 URLs required and 7 URLs in case of separate Internalurl”

  14. Prabhat Nigam Says:

    There is separate url required for office web app server which is a new server/feature.

  15. Raman Says:

    Hello Prabhat,

    You mean to say URl for “Office Online Server” ?

    But for OWA, Outlook, Autodiscover we can continue using same URLs as we have been doing. In our environment we have a only 1 URL with split DNS. So this would still work?
    May be in our certificate we add 2 separate URLS for “Office Online Server” for future use, once it is available for production?
    Thanks,
    Raman

  16. Raman Says:

    Hello Prabhat,

    Correction
    You mean to say URl for “Office Online Server” ?

    But for OWA and Outlook we can continue using same URLs as we have been doing. In our environment we have a only 1 URL with split DNS. So this would still work?
    May be in our certificate we add 2 separate URLS for “Office Online Server” for future use, once it is available for production?
    Thanks,
    Raman

Leave a Reply

Categories

Archives

MSExchangeGuru.com