Migrating a small organization from Exchange 2010 to Exchange 2013 (Part 3)

If you would like to read the other parts in this article series please go to:

Introduction

In this series we rapidly migrate from Exchange 2010 to 2013. In parts one and two we decided on server specifications and then configured the base operating system, installed Exchange 2013 and then began configuration.

Post-Installation Configuration Changes

Configuring Exchange URLs using the Exchange Management Shell

The Exchange Management Shell also provides the functionality to change the Exchange URLs for each virtual directory, however unless you know the syntax it can be a little intimidating – and even if you do know the relevant syntax, typing each URL can be a little time consuming too.

We can use a PowerShell script to make this process simpler.

The first two lines of the script are used to specify the name of the Exchange 2013 server, in the $Server variable, and the HTTPS name used across all services in the $HTTPS_FQDN variable.

The subsequent lines use this information to correctly set the Internal and External URLs for each virtual directory:

$Server = “LJD-E1501”

$HTTPS_FQDN = “mail.lisajanedesigns.co.uk”

Get-OWAVirtualDirectory -Server $Server | Set-OWAVirtualDirectory -InternalURL https://$($HTTPS_FQDN)/owa -ExternalURL “https://$($HTTPS_FQDN)/owa”

Get-ECPVirtualDirectory -Server $Server | Set-ECPVirtualDirectory -InternalURL “https://$($HTTPS_FQDN)/ecp” -ExternalURL “https://$($HTTPS_FQDN)/ecp”

Get-OABVirtualDirectory -Server $Server | Set-OABVirtualDirectory -InternalURL “https://$($HTTPS_FQDN)/oab” -ExternalURL “https://$($HTTPS_FQDN)/oab”

Get-ActiveSyncVirtualDirectory -Server $Server | Set-ActiveSyncVirtualDirectory -InternalURL https://$($HTTPS_FQDN)/Microsoft-Server-ActiveSync -ExternalURL “https://$($HTTPS_FQDN)/Microsoft-Server-ActiveSync”

Get-WebServicesVirtualDirectory -Server $Server | Set-WebServicesVirtualDirectory -InternalURL “https://$($HTTPS_FQDN)/EWS/Exchange.asmx” -ExternalURL https://$($HTTPS_FQDN)/EWS/Exchange.asmx

In the example below, we’ve specified both our server name LJD-E1501 and HTTPS name mail.lisajanedesigns.co.uk and then updated each Virtual Directory accordingly:

Image
Figure 1: Updating Internal and External URL values

Configuring Outlook Anywhere

After updating the Virtual Directories for Exchange, we’ll also update the HTTPS name and authentication method specified for Outlook Anywhere.

As Outlook Anywhere is the protocol Outlook clients will use by default to communicate with Exchange Server 2013, replacing MAPI/RPC within the LAN, it’s important that these settings are correct – even if you are not publishing Outlook Anywhere externally.

During co-existence it’s also important to ensure that the default Authentication Method, Negotiate, is updated to NTLM to ensure client compatibility when Exchange 2013 proxies Outlook Anywhere connections to the Exchange 2010 server.

To update these values, navigate to Servers and then choose Edit (Pencil icon) against the Exchange 2013 server:

Image
Figure 2: Editing the server properties

In the Exchange Server properties window choose the Outlook Anywhere tab. Update the External Host Name, Internal Host Name and Authentication Method as shown below:

Image
Figure 3: Updating settings for Outlook Anywhere

Naturally you can also accomplish this with PowerShell, however it’s just as quick to use the Exchange Admin Center for a single server.

With these settings configured, along with the obligatory iisreset /noforce to ensure configured is re-loaded into IIS we could in theory move client access across from Exchange 2010 to Exchange 2013. Before we do that we will first make some additional configuration changes.

Configuring Receive Connectors

We’ll need to ensure that the same settings are applied to Receive Connectors on Exchange 2013 as per our Exchange 2010 staging server. Default and Client connectors are already created and do not typically need to be altered. The defaults for Exchange Server 2013 allow email from the internet or spam filter to be delivered without adding an additional permission.

Many organizations do allow users to relay mail through Exchange from application servers, so we will use this as an example to illustrate how the process is slightly different when compared to Exchange 2010.

To begin, launch the Exchange Admin Center and navigate to Mail Flow>Receive Connectors and after selecting the Exchange 2013 server from the list, then choose Add (+) to create a new Receive Connector:

Image
Figure 4: Viewing and creating new Receive Connectors

On the first page of the wizard, enter the name for the receive connector. For consistency we’ve specified the server name after entering Anonymous Relay. Select Frontend Transport as the role and choose Custom as the type:

Image
Figure 5: Creating a new Anonymous Relay connector

On the next page, we’ll be provided with the opportunity to specify Network Adapter Bindings – the IP address and TCP/IP port that the receive connector will listen on. Our example receive connector will listen on the standard port for SMTP, port 25:

Image
Figure 6: Selecting TCP/IP IP listener and port bindings

On the final page of the wizard, we’ll choose which IP addresses that the receive connector will accept mail for.

This allows multiple receive connectors to listen on the same TCP/IP port and IP address and swing into action depending on the remote IP address of a client. As an example, if our anonymous connector on Exchange 2010 only allowed mail relay from the IP addresses 192.168.15.210-220, we’ll specify that range here:

Image
Figure 7: Specifying a range of IP addresses that will be able to connect to this connector

After completing the wizard, we will then open the new Receive Connector’s properties page by selecting it from the list, then choosing Edit, as shown below:

Image
Figure 8: Editing properties for the new Receive Connector

In the Exchange Receive Connector window, select the Security tab. Then within the Authentication section select Externally secured to indicate our anonymous relay is from secure IPs; then under Permission Groups, choose Exchange Servers and Anonymous users:

Image
Figure 9: Updating settings to allow relay

Moving Default Mailbox Databases

We will move the initial database created by Exchange Server 2013 setup and make it our first Mailbox Database.

To perform this action we will perform a two-step process using the Exchange Management Shell.

First, launch the Exchange Management Shell and use the following command to rename the database to DB01:

Get-MailboxDatabase -Server <Server> | Set-MailboxDatabase -Name DB01

Image
Figure 10: Renaming the existing Database

In the example above you’ll see that by executing the Get-MailboxDatabase cmdlet before making the change we see its default name – “Mailbox Database” with a random suffix. After making the change, the name is changed to something more appropriate.

With the database name changed, it still remains in the same location. Move both the Database file and the associated log files to their respective final destinations using the Move-DatabasePath cmdlet with the -EdbFilePath and -LogFolderPath parameters:

Move-DatabasePath -Identity DB01 -EdbFilePath C:\ExchangeDatabases\DB01\DB01.EDB -LogFolderPath C:\ExchangeDatabases\DB01_Log

Image
Figure 11: Moving the existing database

When moving the database it will be dismounted. The files will then be moved to the new location and the database and log locations updated in Active Directory. Finally the database will be re-mounted.

Creating Additional Mailbox Databases

Next, create additional Mailbox Databases to match our design specifications. We can create the mailbox databases using either the Exchange Admin Center or the Exchange Management Shell.

In this example we will use the Exchange Management Shell, which for a larger number of databases will be faster and more accurate.

The cmdlets used are New-MailboxDatabase, Restart-Service, Get-MailboxDatabase and Mount-Database.

In the example shown below we will use the first cmdlet to create the databases, restart the Information Store to ensure it allocates the correct amount of RAM, then after retrieving a list of all databases we will ensure they are mounted:

New-MailboxDatabase -Name DB02 -Server <Server> -EdbFilePath C:\ExchangeDatabases\DB02\DB02.EDB -LogFolderPath C:\ExchangeDatabases\DB02_Log

New-MailboxDatabase -Name DB03 -Server <Server> -EdbFilePath C:\ExchangeDatabases\DB03\DB03.EDB -LogFolderPath C:\ExchangeDatabases\DB03_Log

New-MailboxDatabase -Name DB04 -Server <Server> -EdbFilePath C:\ExchangeDatabases\DB04\DB04.EDB -LogFolderPath C:\ExchangeDatabases\DB04_Log

New-MailboxDatabase -Name DB05 -Server <Server> -EdbFilePath C:\ExchangeDatabases\DB05\DB05.EDB -LogFolderPath C:\ExchangeDatabases\DB05_Log

Restart-Service MSExchangeIS

Get-MailboxDatabase -Server <Server>| Mount-Database

Image
Figure 12: Creating new databases and mounting databases using PowerShell

Configuring Mailbox Database Settings

After we have moved our first Mailbox Database and created our additional mailbox databases, we will now need to configure each database with the correct limits.

The limits chosen for our example environment are shown below, along with retention settings for mailboxes:

Warning Limit

Prohibit Send Limit

Prohibit Send/Receive Limit

Keep Deleted Items for (days)

Keep Deleted Mailboxes for (days)

9.8GB

9.9GB

10GB

14

30

It’s possible to configure this using the Exchange Admin Center, but for multiple databases, use Exchange Management Shell to ensure consistency. Using a combination of the Get-MailboxDatabase cmdlet and Set-MailboxDatabase cmdlet make the changes, using the values from the table above:

Get-MailboxDatabase -Server <Server> | Set-MailboxDatabase -IssueWarningQuota 9.8GB -ProhibitSendQuota 9.9GB -ProhibitSendReceiveQuota 10GB -OfflineAddressBook “Default Offline Address Book (Ex2013)” -DeletedItemRetention “14:00:00” -MailboxRetention “30:00:00”

Image
Figure 13: Using PowerShell to modify all new databases

Preparing for Exchange 2013 Migration

Testing base functionality

Before we can move namespaces and mailboxes across to Exchange Server 2013 we need to test that the new server is fully functional.

We’ll start by creating a test mailbox to use on Exchange 2013. To do this, navigate to the Exchange Admin Center and within Recipients choose Add, then User Mailbox:

Image
Figure 14: Creating a test mailbox using the Exchange Admin Center

There is no prescriptive name for a basic test account, so enter suitable unique and identifiable details:

Image
Figure 15: Example settings for a new test account

After creating our test mailbox we’ll now need to test that they are functional from a client perspective.

Navigate to OWA via the server’s name. As a minimum test mail flow works correctly between our new Exchange 2013 test user and existing Exchange 2010 users.

Image
Figure 16: Verifying OWA functionality

Updating Exchange 2010 Virtual Directory URLs

Exchange 2013 supports acting as a proxy for Exchange 2010 services. This means that it is easy to allow Exchange 2010 and Exchange 2013 to co-exist using the same URLs.

We decided earlier in this guide that we would use the same names for both Exchange 2013 and 2010.

It is now time to move the autodiscover.lisajanedesigns.co.uk and mail.lisajanedesigns.co.uk names across from Exchange 2010 to Exchange 2013.

This, along with the respective DNS / firewall changes, will result in HTTPS client traffic for Exchange 2010 going via the Exchange 2013 server.

We will update our core URLs for Exchange 2010 to remove the ExternalURL value. We’ll also enable Outlook Anywhere, configuring it with the HTTPS name that will move to Exchange 2013.

To do this we will login to the Exchange 2010 server and launch the Exchange Management Shell. Enter the following PowerShell commands, substituting the $Server and $HTTPS_FQDN variables for appropriate values.

$Server = “LJD-E1401”

$HTTPS_FQDN = “mail.lisajanedesigns.co.uk”

Get-OWAVirtualDirectory -Server $Server | Set-OWAVirtualDirectory -ExternalURL $null

Get-ECPVirtualDirectory -Server $Server | Set-ECPVirtualDirectory -ExternalURL $null

Get-OABVirtualDirectory -Server $Server | Set-OABVirtualDirectory -ExternalURL $null

Get-ActiveSyncVirtualDirectory -Server $Server | Set-ActiveSyncVirtualDirectory-ExternalURL $null

Get-WebServicesVirtualDirectory -Server $Server | Set-WebServicesVirtualDirectory-ExternalURL $null

Enable-OutlookAnywhere -Server $Server -ClientAuthenticationMethod Basic -SSLOffloading $False -ExternalHostName $HTTPS_FQDN -IISAuthenticationMethods NTLM, Basic

Image
Figure 17: Reconfiguration of Exchange 2010 virtual directories

From a client perspective this should not have any immediate effect. The Exchange 2013 server will provide External URL values via Autodiscover, but in the meantime client traffic will still be directed at the Exchange 2010 staging server.

Updating Internal DNS records and switching external HTTPS connectivity

To direct traffic internally at the Exchange 2013 server we need to change internal DNS records so that both the Autodiscover name and HTTPS namespace (in our case, mail.lisajanedesigns.co.uk) are configured with the IP address of the new Exchange 2013 server.

On a server with access to DNS Manager, such as an Active Directory domain controller, update both records from the IP address of the Exchange 2010 server to the Exchange 2013 server:

Image
Figure 18: Updating internal DNS records

Clients will not be immediately redirected to use the Exchange 2013 server as the proxy for client access, and instead will do so once their cached records expire. As soon as clients can access the server retry login and client access to ensure no issues exist.

If internal access works without issue, update the external HTTPS publishing – which in our example organization is a NAT rule configured via the router.

Summary

In this article we’ve moved from configuring the server to co-existence. In the final part of this series we’ll complete preparation for migration, migrate mailboxes and decommission Exchange Server 2010.

If you would like to read the other parts in this article series please go to:

1 thought on “Migrating a small organization from Exchange 2010 to Exchange 2013 (Part 3)”

  1. lucky nicolaidis

    Hi Steve, very good article indeed . I followed this article , strayed a bit , and configured one or two items that needed configuring before actually reaching the stage in the article . I am about to switch DNS entries , firewall rules etc…..in preparation for exchange 2013 , but for the stage where you write a null value to the exchange 2010 virtual directories ……. can i not rather stop IIS on the exchange 2010 server – in case i have to revert back if activesync, owa etc does’nt work?

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top