Site Consolidation Tools for Exchange Server 2003
Reference: Exchange 2003 Deployment Tools and Planning an Exchange Server 2003 Messaging System
Site consolidation benefits
- The Exchange topology is simplified because remote sites are consolidated to a central administrative group.
- Better Hardware utilization through central Server consolidation (Bridgehead Servers, Gateway Server, Monitoring Server). A centralized Datacenter can also increase scalability and availability.
- Centrally Exchange Administration and reduced administrative costs.
- Consolidating sites can help your organization reach the goal of running Exchange in native mode by reducing the number of Exchange 5.5 servers in the organization.
- Enhanced security because of fewer Exchange Server to administer.
For this article we assume that you already deployed Exchange 2003 Server into the existing Exchange 5.5 organization with the help of the Exchange Deployment Wizard which is out of the scope of this article. For more information point your browser to: http://www.microsoft.com/exchange/techinfo/interop/55.asp
As a first Step we have to install Exchange 2003 SP1 on our Exchange servers.
Next – install the updated Version of the Exchange Server 2003 Deployment Tools. You can download this tool here:
The Exchange Deployment Tools (Exdeploy.hta) contain new site consolidation guidance.
What to do before Site Consolidation
Upgrade client computers to Microsoft Office Outlook 2003
It is a good idea to upgrade the mail Client for all computers to Outlook 2003 and enable Cache Mode. Cached Mode creates a local copy of the Exchange Mailbox and reduce the network traffic to the Exchange Server. This feature is great for Clients in remote Sites with limited network capacity. During the Migration process your users can work with the local copy of the mailbox.
Upgrade ADC to Exchange 2003 SP1
Use the Exchange 2003 SP1 version of the ADC (Active Directory Connector), which contains new functionality that cleans up objects and distribution lists after site consolidation. When you move mailboxes across sites, ADC updates user objects and all of the distribution groups to which the users belong; as a result, changes are replicated between directories and users can continue to receive mail. It is important to upgrade all installed version of previous ADC installations.
Figure 1: Exchange 2003 SP1 ADC
OPTIONAL - Consolidate Microsoft Windows domains
To reduce the risk of problems with setting delegates, Key Management Service certificates, and updating groups through Outlook, i recommend that you consolidate the remote Windows domains and the Exchange mailboxes at the same time.
Active Directory requires that Outlook use a global catalog server that is located in the same domain as the object that Outlook is attempting to update but the desired concept is to consolidate all objects at a central site.
You can configure the following registry key on Outlook clients to use a global catalog server in the central domain where the Active Directory objects are located:
HKEY_CURRENT_USER\Software\Microsoft\Exchange \Exchange Provider – REG_SZ – Name = DS Server - Value: FQDN of the global catalog server
Applying the Hotfix for the DS/IS Consistency Checker
Before you consolidate Exchange 5.5 sites, apply the hotfix for the Exchange 5.5 DS/IS consistency Checker (available at http://go.microsoft.com/fwlink/?linkid=3052&kbid=836489) to all Exchange 5.5 public folder server. This hotfix ensures that, after a cross-site move, public folder ACLs are updated properly so users and groups have continued access to public folders.
To run the Exchange 5.5 DS/IS consistency Checker start the Microsoft Exchange 5.5 Administrator, expand the site, expand Configuration, expand Servers, and then select the server and click Properties. Click the Advanced tab, and then click Consistency Adjuster.
Under Operations, select all four checkboxes, and then click OK and ignore the warning message.
Deploy a full offline address book download
Outlook client computers that use Cached Exchange Mode require an offline address book to resolve e-mail addresses. The offline address book is stored on a public folder server. A full download of the offline address book occurs in the following situations:
When you consolidate a site, all users at that site who use Cached Exchange Mode and whose mailboxes have moved will receive a full download of the offline address book. This download occurs the first time these users start Outlook after the mailbox move.
When a significant number of directory changes occur (for example, when you move large numbers of mailboxes across sites or when you make changes to the Exchange topology), all users at all sites who use Cached Exchange Mode receive a full download of the offline address book.
Site Replication Consolidation Tools
Move Mailbox Wizard in Exchange 2003 SP1
The Exchange 2003 SP1 version of the Move Mailbox Wizard gives you the option to move mailboxes across administrative groups in mixed Mode.
If your Exchange organization is in mixed mode, Exchange 2003 maps each Exchange 5.5 site to one administrative group and one routing group in Exchange 2000/2003. Prior to Exchange 2003 SP1, if your organization contained Exchange 5.5 servers, you could move only mailboxes within the same administrative group so there was no easy way to consolidate remote Exchange 5.5 sites into a central Exchange 2003 administrative group.
In Exchange 2003 SP1, you can move mailboxes across administrative groups by using either the Move Mailbox Wizard in Exchange System Manager or Active Directory Users and Computers.
Figure 2: Exchange Task Wizard
Exchange Profile Update tool (EXPROFE)
The Exchange Profile Update tool (Exprofre.exe) is a tool that updates Outlook profiles automatically, allowing users to log onto their relocated mailboxes after the mailboxes have been moved across administrative groups. To update the default Outlook profile to reflect the new information, you must run Exprofre.exe on each client computer. You can download this tool here: http://www.microsoft.com/downloads/details.aspx?FamilyId=56F45AC3-448F-4CCC-9BD5-B6B52C13B29C&displaylang=en
Figure 3: Exchange Profile Update Tool
Public Folder Migration tool (PFMIGRATE)
My recommendation is that you create replicas of Exchange 5.5 public folders on Exchange 2003 servers. By creating replicas, users will still be able to access public folders after users are moved from the remote site to the central site and it is easy to remove the public folders from the Exchange 5.5 Servers after successful migration.
The Public Folder Migration tool (PFMigrate) moves public folders from remote Exchange 5.5 servers to the central Exchange 2003 server. PFMigrate is a command line Tool with several commands. The latest version of PFMigrate contains the command option /sc. SC is short for Site Consolidation. PFMigrate /sc allow the move of public folders across administrative groups. You can download this tool here:
Figure 4: PFMigrate help
Object Rehome tool
The Object Rehome tool moves contacts and distribution lists from remote Exchange 5.5 servers to central Exchange 2003 servers. With the help of the Object Rehome tool it is possible to update the LegacyDN for distribution lists and custom recipients to reflect the new naming of the central site during site consolidation.
The Object Rehome tool ensures that theses objects are not lost when you remove the Exchange 5.5 site.
The Object Rehome tool also updates the distribution list expansion server to the server that you specify.
Figure 5: Exchange 2003 SP1 Deployment Wizard
Figure 6: Phase 1 – Preparing for Site Consolidation
Figure 7: Phase 2 – Using the new Site Consolidation Tools
Figure 8: Phase 3 – Moving Oublic Folders and Rehoming objects
Known Limitations with the Site Consolidation Process
Increased Public folder replication traffic
When you use the Exchange Public Folder Migration tool (pfMigrate) to move public folders to the central site, you can expect increased traffic while the public folder hierarchy is updated and public folder content replicates across sites. The pfMigrate tool and the DS/IS consistency adjuster cause increased replication traffic.
Delegates may lose access
To retain delegate access in Outlook, move managers and their delegates from the remote Exchange 5.5 site to the central site together. If it is not possible to move them together, move the manager before the delegate or re-grant access rights to the delegate after the move.
Journal recipients need to be re-designated
A journal recipient is a user who is configured to receive all archived messages for a mailbox store. Before you move the journal recipient across sites, assign the journal recipient designation to a different user. After the move, you can re-designate the user as the journal recipient.
Inbox rules may not function If a user's mailbox does not reside on an Exchange 2003 SP1 server, any Inbox rules based on other users who have moved across sites will not function because the legacyExchangeDN attribute for the users who have moved is changed. However, the user can re-create the rules. If the user's mailbox resides on an Exchange 2003 SP1 server, rules will continue to function. This issue does not affect users whose mailboxes have moved; it only affects users who have rules based on users who have moved. After all users' mailboxes are hosted on Exchange 2003 SP1 servers, rules will function again.
User names may be briefly absent from the Exchange 5.5 GAL
In Exchange 5.5, user names that have moved across sites may be missed from the GAL for a while until directory replication is complete. During this time, the original Exchange 5.5 object in the remote site is hidden while the new Exchange 5.5 object is replicated to the new site. The Exchange 2003 GAL is unaffected.
Some users may receive non-delivery reports after migration
After you move mailboxes from Exchange 5.5 to the central site, if Exchange 5.5 users who have not been moved reply to mail from Exchange 5.5 users who have been moved, they will receive a non-delivery report (NDR). This situation will continue until Exchange 5.5 directory replication is complete. To reduce the number of NDRs during mailbox move, you can force replication by selecting Replicate now in ADC. Another option is to redirect Exchange 5.5 mail through an Exchange 2000 or Exchange 2003 bridgehead server because these servers are able to forward mail to the new mailbox.
Key Management Service requires export of certificates
Key Management Service continues to function after a cross-site move if you are using X.509 v3 certificates, but not if you are using v1 certificates. With v1 certificates, users who were moved across sites can decrypt old mail, but they cannot sign or encrypt new mail.
I highly recommend to export the KMS certificate before you move users to the central site and to import these certificates in the central KM Server. Run the Exchange Profile Update tool after the migration. For more information how to migrate Exchange Key Management Server read the following article: http://www.msexchange.org/tutorials/Key_Management_Server_Migration.html
Exchange Conferencing Server requires a switch to native mode
If you are running Exchange 2000 Conferencing Server, first switch your Exchange organization to native move and then consolidate the sites. As a benefit it eliminates problems with the legacyExchangeDN attributes and ensures functionality of Exchange 2000 Conferencing Server.
Unified messaging is unavailable after site consolidation.
You must reinstall / redeploy all installed Unified Messaging Systems like Exchange integrated Fax servers, SMS Servers and so on. Carefully evaluate the Migration steps of these Third Party Tools before Site Consolidation.
The Exchange 2003 Site Consolidation tools make the administrators life a bit easier but don’t underestimate the complexity of a Exchange 5.5 to 2003 consoldiation process.
Planning an Exchange Server 2003 Messaging System