Mail flow from Exchange 2007

In case anyone is having trouble with mail flow between an Exchange 2003 and Exchange 2007 server, I found this web page very informative.

http://nickgillott.blogspot.com/2007/08/mail-flow-from-exchange-2003-to.html 

The blogger also notes that no services need to be restarted to accomplish this.

Creating An Offline Address Book

Today I used the Microsoft web page http://technet.microsoft.com/en-us/library/bb124270(EXCHG.80).aspx to verify that I created an Offline Address Book (OAB) correctly. By default there is already an OAB, but it is currently hosted by my old mail server that we will decomission.

Below are two screen shots of the wizard for the adding an OAB.

Adding an Offline Address Book

We also will need to specify that this is the new Default – Just right-click and select “Set as Default”.

By default all three versions (Version 2, Version 3a, and Version 4) of the OAB are generated. However, you will probably want to verify the settings before you continue.

The OAB is generated once a day at midnight by default. I preferred that it be generated twice a day, and I also wanted to take into account that we have an Europe office. Therefore, I set the OAB to be generated at 9:00 AM and 9:00 PM everyday. [The GUI is deceptive in one item. I had to change from the "1 hour" view to the "15 minute" view to select only 9:00 AM, and not 9:00, plus 9:15, 9:30, and 9:45.  Just make sure you switch to the "15 minute" view before you are done to select the appropriate times.]

Hopefully making this OAB the default will clear up a minor issue. When creating a new user and mailbox on Exchange 2007, the user has not showed up in the Global Address Book within Outlook 2003. Interestingly enough, the new user does appear in the list of “All Users” in Outlook.

Configuring Exchange 2007

It’s been several days since I’ve written, partly because of configuration issues and partly because I have not been able to spend the time I should be concentrating on Exchange.

I ran into a RUS problem that was similar to the problem posted by Andy at http://telnetport25.wordpress.com/ Fortunately for me, Andy had just posted his problem and solution less than a day before I ran into the same problem.

I purchased and generated an SSL certificate from GeoCerts.com (http://www.geocerts.com/ssl/tbidmd). Very important note: When one uses the command New-ExchangeCertificate in PowerShell, do not put any spaces between the server names after the -DomainName parameter.

Here are the commands I used:

New-ExchangeCertificate -GenerateRequest -Path c:\mail_unionmark_com.csr -KeySize 1024 -SubjectName “c=US, s=Florida, l=Sarasota, o=Union Marketing, cn=mail.unionmark.com” -DomainName mail1,autodiscover.unionmark.com,mail1.um.dom -PrivateKeyExportable $True

Then I downloaded my new certificate to the C: drive.

Import-ExchangeCertificate -Path c:\mail_unionmark_com.txt -FriendlyName “mail.unionmark.com” | Enable-ExchangeCertificate -services “iis,smtp”

The last command can be split into two separate commands, but then one must cut and paste the Thumbprint – this is quicker.

Next minor steps

Since we are not using an Edge Transport server, then I also used the Set-ReceiveConnector.

It is doubtful that one would need to do this, but I have seen some blogs that mention one needs to use the New-RoutingGroupConnector command.

My Power Scripts

Before I was done for the day,

• I set our firewall to accept mail on port 25 for this email server.
• I selected 7 email accounts from old Union Marketing employees. For those AD accounts, I changed the “Office” AD attribute to “move1″.
• Then I used the following two PowerShell command to move those 7 mailboxes.

Get-Mailbox -filter “Office -like ‘move1′” | move-mailbox -BadItemLimit ‘25′ -TargetDatabase “First Storage Group\Mailbox Database” -PreserveMailboxSizeLimit -ValidateOnly | ConvertTo-Html > MoveOne.htm

Here I checked “MoveOne.htm” to see if all 7 mailboxes could be successfully moved, then proceeded.

Get-Mailbox -filter “Office -like ‘move1′” | move-mailbox -BadItemLimit ‘25′ -TargetDatabase “First Storage Group\Mailbox Database” -PreserveMailboxSizeLimit | ConvertTo-Html > MoveOneB.htm

I’m pretty proud of my command of PowerShell here – I like the way I can select people from an Office and move just those people’s mailboxes. In another post I will show you how to move mailboxes based on another Active Directory attribute.

The Install, Part 2

Today I am

1. Configuring Domains for which the server will accept email, and
2. Moving the default database to the proper locations.

Configuring Domains for which the server will accept email is part of the Hub Transport role.  To do this, I went to the Accepted Domain Management, then in the action pane, clicked “New Accepted Domain”. As it turns out, since Exchange 2003 was already being used, Exchange 2007 correctly put in our domain address. However in a new Exchange environment, this will need to be added.

Moving the default database and logs to the preferred location involves two Exchange PowerShell commands:

  Move-StorageGroupPath -identity “mailprod1\First Storage Group” -LogFolderPath “H:\First Group” -SystemFolderPath “E:\First Group”

where the first path (on the H: drive) is for the log files and the 2nd path is for the Mail database itself.

I also need to run:

  Move-DatabasePath “mailprod1\First Storage Group\Mailbox Database” -EDBFilePath “E:\First Group\Alpha.edb”

to move the Database to “Alpha.edb” on the E: drive.

After that, I used simliar commands to move the Public Folder database to the F: drive (for the .EDB file) and the I: drive for the logs.

The Install, Part 1

Here are my notes so far on the install. Keep in mind that I have done an install of Exchange 2007 RTM about a year ago and have tested it since.

This install is on a Windows 2003 x64 server with Service Pack 2. I am installing Exchange 2007 SP1.

• Installed .Net Framework 2.0 SP1
• Since this will also be a CAS server, I need IIS on this box. Install IIS with the default options checked.
• Configured my EqualLogic SAN with LUN6 at 150GB – it is thin-provisioned at 25GB so only a small amount of space is currently used. This LUN will be used for our E:, F:, and G: drives at 50GB each. These are each for the Exchange databases.
• Configured my EqualLogic SAN with LUN7 at 32GB – it is thin-provisioned at 16GB. This LUN will be used for our H:, I:, and J: drives. These are for the Exchange Logs for each storage group.
• Based on the Exchange Calculator (Excel) I used yesterday, I increased the RAM on the virtual server from 3 GB to 8 GB.
• Installed PowerShell 1.0 for x64
• After a restart, I issued the Exchange setup command which “prepares legacy permissions”
  • setup /pl

Ran setup.com for Exchange with no parameters – same as using the Autorun from the CD. Steps 1 through 3 were “greyed out” since they had already been performed. I choose Step 4 “Install Microsoft Exchange Server 2007 SP1″

• Accepted the terms of the EULA
• Selected these roles to install on this server (see image)

Installed roles

• It tells me the disk space required is 1200MB
• Prompt for “Mail Flow Settings”: I selected the only Exchange 2003 server that we have.
• At the first try for the install, the installer told me I needed to perform an update before installing the Hub Transport role.  I installed the update at    http://go.microsoft.com/fwlink/?LinkID=92858
• Actually, I was a bit surprised that more updates were not needed. Granted, this server has SP2 installed, but I have not done a full update of MS patches yet.
• On the second try, the install worked fine. The two longest items, the Hub Transport Role and the Mailbox role, took 5.5 minutes and 4.5 minutes respectively.
• After running the ExBPA tool, I went to our Exchange 2003 server and made a change to the regsitry. I encountered the ExBPA warning that the ‘SuppressStateChanges’ configuration parameter should be set to ‘1′ on the Exchange 2003 mail server. I did that and left the reboot of that server for the weekend. Do a Google search for ‘SuppressStateChanges’ and [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RESvc\Parameters] and you will find references to this.
• Installed all of the Windows 2003 Microsoft patches that are available as of today.

Overview for Exchange Deployment

This is my planned deployment – any changes to the plan will be discussed as they occur.

1. Configure SAN for the drives that will house the 3 storage groups and appropriate log files. Did I mention that we currently have 1 storage group in Exchange 2003 which is less than 16 GB? We plan to extend this to 3 storage groups with 1 database each.
2. Install Windows 2003 Enterprise x64 with SP2.
3. Apply Schema changes for Exchange 2007 (from Exchange install CD).
4. Install PowerShell and other Exchange 2007 prerequisites.
5. Install Exchange 2007 on MAILPROD1. Install “Update Rollup 3 for Exchange Server 2007 SP1″.
6. Install all Windows 2003 updates from Microsoft.
7. Setup security device for email.
8. Register for a “Unified Communications” site certificate with names MAILPROD1, etc at http://www.geocerts.com/products/unified/
9. Storage groups
   1. First storage Group/Database Alpha will reside on drive E: with logs on drive H:
   2. Second storage Group/Database Beta will reside on drive F: with logs on drive I:
   3. Third storage Group/Database Gamma will reside on drive G: with logs on drive J:
   4. Public store will reside on drive E: with logs on drive H:
10. Setup Mailboxes for 50% of people listed in #11 on a laptop with Outlook 2002 installed. Other 50% on a desktop with Outlook 2003 installed. Note: Some should be setup for using cached mail and some not cached (2003).
11. Morning: I will “watch the lights on the SAN” as the first group of users is moved (check to see if all SAN disks are used, even though 1 database is being used right now). Users should include Steve, Kady, Jerry, Aaron, Derek, Donna, Joyce, Rob, Wendi, Sarah, Connie, Jennifer, John, Keith, Tammy, and Christy. Please time these transfers.
12. Afternoon: Test incoming and outgoing mail for users in #11. Did mail clients automatically shift servers?
13. Test calendar and scheduling of appointments for users in #11. Are all appointments showing correctly? Can a user see the free/busy schedule for all users on 2003/2007 servers?
14. How fast are inboxes being transferred? What is the KB rate?
15. Once I am satisfied with the results so far, give MRS users at least 30-hour notice that their mailboxes will be moved. They will need to use maila.unionmarketing.com/exchange if checking mail from home (until further notice). Laptops would only be affected differently in that they would need to connect to the VPN at the new data center.
16. Test “my” Treo on maila.unionmarketing.com
17. Move mailboxes of 4 s-group users to test the effect of the move on Blackjack II users.
18. Poll the 4 s-group users to see if the functionality of the Blackjack II has changed now that it is speaking to Exchange 2007 at the backend.
19. Setup BackupExec for Exchange on MAILPROD1. Backup Exec will only be used until Sept. 1. September 1 will likely contain the backup on tape before fully utilizing the SAN data recovery features.
20. Move remaining 130 users. [Wait at least 1 week before part B of step 23.]
21. Move Public store.
22. Perform procedures to remove an Exchange 2003 server from the domain (lengthy procedure).
23. Remove Exchange 2003 from the 2003 server. Power down the former Exchange 2003 server for 24 hours to see what problems arise.
24. Configure MAILPROD1 and Fax server to properly work together (lengthy).
25. Use the EqualLogic HIT kit: install the Exchange-specific program. Configure the SAN to create a replica and replicate the replica of each database at an interval of every 15 or every 20 minutes.
26. Remove Backup Exec from MAILPROD1 once #25 is working properly.

Goals for Deployment

Over the next several weeks and months you will see in this space how I will configure Exchange 2007 Server for our company. Comments or questions are always welcome.

I cannot say that I am “the expert” but I have done enough research and testing of Exchange 2007 to know what will work for our company, Union Marketing.

Goals for the deployment of Exchange at Union Marketing.

1. Upgrade the site with a single Exchange 2003 server to Exchange 2007. This is not an “upgrade” in the strict sense, because Exchange 2007 does not allow for an upgrade on a single server. We have 150 Exchange mailboxes that will be moved to Exchange 2007.
2. A single Exchange 2007 server will be used to house the Client Access, Mailbox, and Hub Transport roles. Unified Messaging will not be used. An Edge Transport role is not planned, but this could change.
3. The server will be a virtual 64-bit server running atop VMware ESX 3.5 and connected to an EqualLogic SAN.
4. Connectivity: The Exchange server is not connected to a Microsoft ISA server but SMTP proxy is done by our security device. Mail is filtered for spam and viruses by a company similar to Postini / MX Logic / Message Labs.
5. Maintain the current mailbox metadata including current mailbox limits using PowerShell.
6. Make use of PowerShell where possible to script the move of mailboxes.
7. Minimize the impact of the move on users. Although we are not strictly a 24-hour shop, we have multiple users that work at all hours and also branch office sites that are several time zones away.

-Hitchcock