Exchange 2013 Migration checklist
Let’s take a look at Exchange 2013 migration checklist and planning data
Use various tools available and create a plan as to how many users should be active on a server at any given point and how many users will be active during a failover.
Microsoft Exchange Server Deployment Assistant (EDA), Microsoft Exchange Pre-Deployment Analyzer, Exchange profile analyzer tool (EPA), Exchange 2013 Server Role Requirements Calculator etc
To give you an idea, for a recent deployment I did for a 10000 user base I used the following. Please note that this data is “specific” to the organization post assessment of various factors like number of mailboxes, number of message sent/received, average mailbox size etc
****************************************************************************************************************************
10000 mailboxes – Solution was architected for 12000 mailboxes forecasting potential growth
2 datacenters – High availability within datacenter and Site resilience to DR site when primary datacenter is down
Primary datacenter will have 50-50 Active and 50-50 Passive database copies and DR datacenter will have 100% Passive copies (ready to be activated)
Total of 3 copies per database including the Active copy (Active-Passive-Passive)
3 VMWare ESX hosts in total – 2 in primary and one in DR site
4 Active CAS and Mailbox server roles combined – so 4×3 = 12 servers in total
8 Servers in primary datacenter and 4 servers in DR Datacenter
3000 users per server while all systems are up and running
Hardware requirements tuned on one server making it capable of handling 6000 users at time of failure
At any time 2 ESX hosts can be down at the same time
4 servers should be up and running at any given point for the design to support 100% availability
Total of 10 Active databases + 20 Passive database = 30 Databases on one server
MaximumActiveDatabases attribute set on every server to 20 using the Set-MailboxServer “ServerName” –MaximumActiveDatabases 20 cmdlet
300 users per database = 300 x 10 = 3000 Active users
Using Exchange calculator results – 16 processor and 64GB memory per server
Load Balancer with GEO Global Multi-Site LoadMaster capability to ensure datacenter outages do not affect production
RAID 5 – SAS 10K RPM 900GB drives for Exchange database and log files. Microsoft recommends using 64K Allocation size while preparing the Disk volume in Disk management
****************************************************************************************************************************
2. Run Jetstress 2013 on each server atleast for 12-18 hours prior to implementing exchange. This is to ensure the storage subsystem can handle the maximum projected load for Exchange 2013
3. Setup DNS records – internal and External
| Create these Prior to the change and ensure load balancer can talk to the servers. We are not making DNS changes but tuning the load balancer proactively. At the time of simply change the DNS entries to the new Load balancer virtual ip’s (VIP’s) | ||
| External DNS | Internal DNS | |
| Public ip of load balancer |
Internal ip of load balancer |
owa.domain.com |
| autodiscover.domain.com | ||
| mobile.domain.com | ||
While co-existing with Exchange 2013, Exchange 2010 does not require a Legacy namespace but Exchange 2007 will require one. So, create a legacy.domain.com URL and point the load balancer to Exchange 2007.
4. Setup Load balancer internal and external virtual ip’s (VIP) and configure firewall for port 443
5. Backup existing configurations if any:
Get-ActiveSyncVirtualDirectory -ADPropertiesOnly | fl Identity, *lurl*, *method*
Get-ECPVirtualDirectory -ADPropertiesOnly | fl Identity, *method*, *lurl*
Get-OWAVirtualDirectory -ADPropertiesOnly | fl Identity, *method*, *lurl*
Get-WebservicesvirtualDirectory -ADPropertiesOnly | fl Identity, *method*, *lurl*
Get-OABvirtualDirectory -ADPropertiesOnly | fl Identity, *method*, *lurl*
Get-ClientAccessServer | fl Name, *uri*
Get-OutlookAnywhere -ADPropertiesOnly | fl Identity, *method*, *lurl*
Add Get-ClientAccessServer if you have multiple CAS servers. You may also want to backup Send/receive connector configurations. Remove the -ADPropertiesOnly switch while running on Exchange 2007.
6. Download Microsoft Assessment and Planning Toolkit and ensure all client outlook are updated to Outlook 2007 + latest updates
7. Update all existing legacy servers to the latest Exchange server service pack and roll up version
8. Prepare AD and Schema using setup /pad /IAcceptExchangeServerLicenseTerms and setup /ps /IAcceptExchangeServerLicenseTerms command. Schema should be updated on a server in the same AD site as the domain controller with Schema role. Run netdom query fsmo and nltest /dsgetsite
9. Configure all prerequisites and install Exchange 2013 using the latest CU or service pack available. Apply latest version of .NET Framework if installation is done on Windows 2012.
10. Configure SSL certificates on Exchange 2013 and enable it via EAC or Shell and check Bindings to make sure it’s enabled on the default website Virtual Directory. SSL certificates should have all the URL’s for the deployment added as Subject Alternative names. This is right after exchange 2013 installation to avoid Outlook pop up for certificate mismatch. If you use a service like Digicert’s you can have the SSL cert ready before installing Exchange 2013 and no CSR from Exchange required to generate it – Digicert has a tool which will validate the CSR and generate the certificate on the Windows server.
11. Configure Internal/External URL’s, Active directory SCP (AutoDiscoverServiceInternalURI) and authentication methods on Exchange 2013. I personally like to keep internal and external URL’s same. AutoDiscoverServiceInternalURIis or the SCP is what lets Outlook know which server to connect to and it should point to https://autodiscover.domain.com/autodiscover/autodiscover.xml
12. Test Exchange 2013 access prior to placing it in production. Create a DAG and add copy for a new mailbox database or use the default database and some test mailboxes. get used to the new EAC (Exchange admin center) and install the monitoring solution for Exchange 2013. Test failover – planned and forced server shutdown method
13. Cutover web services URL DNS entries to Exchange 2013/the Load balancer VIP during off business hours/weekend
14. Configure Exchange 2013 for sending / receiving emails and to co-exist with legacy versions. Change the NAT rules on firewall so all emails will be relayed to and from exchange 2013
15. Test Internal and External OWA/Outlook/Outlook anywhere/Exchange ActiveSync for old/new mobile devices. Use ExRCA.com and a local Outlook machine to accomplish this task
16. Run TestEmailAutoConfiguration in Outlook and review all URL and settings. Test several versions of Outlook.
17. If you had a separate URL for mobile devices, then you may want to create a URL rewrite policy on the load balancer so owa.old.com will redirect to owa.new.com. This will ensure all URL’s – old and new can service mobile requests
18. Make Exchange 2013 OAB Primary
19. Create test mailboxes and test internal and external mailflow and mailflow to legacy exchange versions
20. Tune Database availability group and DAG network
21. Create a proper database layout on the new Exchange 2013 server/s and create databases and add copies
22. Migrate mailboxes or create new mailboxes on Exchange 2013
23. Public folders changed dramatically in exchange 2013. Plan and transition public folders to exchange 2013 Modern public folders
All testing needs to be done off business hours.
Reference and resources:
User Profile Analysis for Exchange Server 2010 (Who needs the Exchange Profile Analyzer?): http://blogs.technet.com/b/neiljohn/archive/2011/08/09/user-profile-analysis-for-exchange-server-2010.aspx
Ask the Perf Guy: Sizing Exchange 2013 Deployments: http://blogs.technet.com/b/exchange/archive/2013/05/06/ask-the-perf-guy-sizing-exchange-2013-deployments.aspx
Released: Exchange 2013 Server Role Requirements Calculator: http://blogs.technet.com/b/exchange/archive/2013/05/14/released-exchange-2013-server-role-requirements-calculator.aspx
Exchange Solution Reviewed Program (ESRP) — Storage: http://technet.microsoft.com/en-us/exchange/ff182054.aspx
Exchange 2010/2007 to 2013 Migration and Co-existence Guide: https://msexchangeguru.com/2013/05/10/exchange2013-migration/
Exchange 2013 virtual directory settings and redirection: https://msexchangeguru.com/2013/10/30/http-redirect-owa-ecp/
Public Folders Migration from Exchange 2007/2010 to Exchange 2013: https://msexchangeguru.com/2013/04/18/exchange2013-public-folders/
Create a new Exchange certificate on Exchange 2013: https://msexchangeguru.com/2013/01/18/e2013-certificate/
Regards,
Ratish Nair
Microsoft MVP| Exchange Server
Team @MSExchangeGuru.com
Keywords: Exchange 2013 migration, Exchange 2013 planning, how to install Exchange 2013, Exchange 2013 installation
December 17th, 2013 at 5:14 pm
Great Article for Exchange On-Premises Engineers that are planning Exchange 2013 On-Premises.
Thanks 🙂
December 19th, 2013 at 1:01 pm
Hello Ratish,
It is a good check list.
I just wanted to confirm regarding SSL certificate. We have Exchange 2010 servers with SSL certificate. I am going to install Exchange 2013 CAS and mailbox servers on separate servers. Since, our OWA, ActiveSync URLS are going to be remain same. I think I can just use the same certificate we are currently running on Exchange 2010. Do you see any issues in that?
Second: In our Exchange 2010 certificate we also have FQDN of all Exchange 2010 servers but if I use that same certificate it would have Exchange 2013 server’s FQDN. We have same URL for OWA from internally and externally. Do we even need FQDN in SSL certificates in Exchange 2010 and Exchange 2013?
Thanks,
Regards
Raman
December 19th, 2013 at 1:51 pm
No FQDN’s required provided none of your internal/external URLS and AutoDiscoverServiceInternalURI set on the CAS points to a URL in the cert and you can use the same cert if the URL’s are the same and if exchange 2013 accepts the format…
December 19th, 2013 at 3:14 pm
Thanks Ratish.
I guess you mean “No FQDN’s required provided none of your internal/external URLS and AutoDiscoverServiceInternalURI set on the CAS points to a “FQDN”.
December 19th, 2013 at 3:31 pm
typo !!! Your’e right… dont use server FQDN’s at all… Ive only had one customer use it in a very long time…
December 19th, 2013 at 3:55 pm
Ratish,
One more question. Although, all our users uses same messages.company.com from Intranet or Internet. But I have just noticed that OWA, OAB is showing Internal URL as FQDN. Although, no one uses that. I think it is default setting which it picks up automatically.
So does it means that when I install Exchange 2013 I should change Internal URL to same as External URL since, no one uses internal URL.
I am just wondering if Exchange 2013 OWA and OAB directories have Internal URL as FQDN by default and SSL certificate does not have FQDN then Outlook would prompt for certificate error or it would not?
December 19th, 2013 at 4:01 pm
Create a DNS entry internally for owa.domain.com and point it to the load balancer internal VIP (virtual ip)and external URL to LB external VIP
December 19th, 2013 at 4:19 pm
We already have this in place and it works. My confusion is that Virtual directories Internal URL in Exchange 2010 are still FQDN. I think if we do not have FQDN in SSL certificate Outlook would prompt for certificate error. Or we need to change Internal URL same as External URL and then we do not need FQDN in SSL certificate. Especially with Exchange 2013 since SSL certificate would not have Exchange 2013 FQDN in SSL certificate.
December 19th, 2013 at 4:30 pm
Internal URL and external URL should be same unless you have a geographically dispersed setup. Its a best practice.
December 21st, 2013 at 6:17 pm
Ratish,
I just installed Exchange 2013 and changed Internal URl to same as External URL. Used the same certificate with External URls but without Exchange 2013 FQDN. Since, we are still going to keep External URL pointing towards Exchange 2010 for couple of weeks until then it seems if I change autodiscoverserviceinternaluri to External URL Exchange 2013 does not map with mailbox which is obvious since autodiscover is still pointing to Exchange 2010.
So in my understanding if you want to install Exchange 2013 in co-existence and keep it running with Exchange 2010 without making any changes and moving external URl to Exchange 2013 then you need Exchange 2013 FQDN so no Exchagne 2010 user sees Certificate error in Outlook.
I am wondering in large organizations do people switch the external URLs to new servers you just installed.
Thanks,
Raman
December 22nd, 2013 at 1:31 pm
[…] Exchange 2013 Migration checklist – 17-Dec-2013 […]
December 22nd, 2013 at 1:39 pm
[…] Exchange 2013 Migration checklist – 17-Dec-2013 […]
December 23rd, 2013 at 6:56 am
[…] Exchange 2013 Migration checklist […]
December 23rd, 2013 at 8:20 pm
Hi
I am a big fan of the blog
but something looks off to me
why do you need this”Load Balancer with GEO Global Multi-Site LoadMaster capability to ensure datacenter outages do not affect production” ?
do you have a third site?
Thanks
November 12th, 2015 at 4:21 am
If I need to migrate Exchange 2010 mailboxes to Exchange 2013 in Cloud, what migration tools do I nedd to use ? or can I go ahead with Exchange Admin Center Migration option ? Please reply ASAP at my email address.
November 16th, 2015 at 1:20 pm
Exchange Powershell should be good enough if you can just doing mailbox migration.
November 16th, 2015 at 1:47 pm
Hi Prabhat,
Thank you for the quick response.Could u please tell me in details.no its not just mailbox migration, we have to copy the data,contacts,calendar for lat 2 weeks as well.Could you please guide me about those steps & how to perform the migration.can this done using any GUi tool like EAC? Please advice.
November 16th, 2015 at 2:35 pm
They are part of mailbox so its ok. If you have Public folders and it is configured cross forest then you need 3rd party tool or manual export and import of it into pst.
You should look for our migration blogs.
If you are unsure then you should hire a consultant who can give you right directions after analyzing your setup.
November 17th, 2015 at 12:57 am
Hi Prabhat,
No this will be under same forest,in same FQDN. We will migrate the exchange 2010 to exchange 2013 in Cloud platform, we are going to use Exchange Admin Center as Migration tool,can that be done through this ?
Yes, we need to migrate the Public folder as well, we will do that using the Script.
Can you please share any related link or any information related to this migration plan.
November 19th, 2015 at 6:52 am
Hi Prabhat,
Can you please guide me how to run the Cross Forest Public Folder Migration.I need to perform this task after migrating the mailboxes from Exchange 2010 to Exchange 2013 via Cross Forest Migration.
Please update me or share any link for that.please send the link for Migration Blog.
December 5th, 2016 at 9:55 am
Hi Prabhat,
When you use “ADPropertiesOnly”, it request AD.
For this task, and for many others, you can request directly Exchange servers, without this option. for example, when you check ActiveSyncVirtualDirectory with EAC, there is not ADPropertiesOnly option, and EAC is very, very slow, and you can find DCOM 10028 error in System logs. I think you know this issue.
Did you ever work on this issue?
Best regards