8/8/2011

1

Upgrading to Exchange 2010

Technology OperationsSOSPG3

Graphics Courtesy of Microsoft and Other Public Sources

Session Overview• Not an Exchange 2010 Introduction• Focus on Lessons Learned• Agenda

M b l D– Introductions– 2010 Overview– Design– Roles– Management– Migration and Users

– Mobile Devices– Third Party Integrations– Archiving– Outlook– Public Folders– Resources

Introduction

David MichelChief Information OfficerBurr & Forman LLP dmichel@burr.com(205) 458-5470

Michael SulinInfrastructure ManagerThompson Coburn LLPMSulin@thompsoncoburn.com(314) 552-6532( )

Patrick SklodowskiManaging DirectormindSHIFT Technologies, Inc.Patrick.Sklodowski@mindSHIFT.com(856) 425-0029

( )

8/8/2011

2

Thompson Coburn

• Virtual Hub & CAS Roles– CAS Array using Windows NLB

• Single DAGM S– Two Mailbox Servers

• One Physical with DAS (primary)• One Virtual on SAN (secondary)

• Unified Messaging Server– One Physical (active)– One Virtual (standby)

Burr Forman

• All Servers Virtualized• Two Hub/CAS Servers

– CAS Array Load Balanced Using F5

• Single DAG – Two Production Mailbox Servers

• High Availability

– Site Resilient Mailbox Server is Planned

• Storage on NetApp SAN

mindSHIFT Technologies

• 25+ Exchange 2010 Migrations

• Projects Summary60 to 2500 Seats– 60 to 2500 Seats

– Single Server to Multi-site, Multi-role– Exchange 2003 and Exchange 2007 Migrations– GroupWise to Exchange 2010 Migrations– HA and Site Resiliency– Virtualization, SAN, Complex Networks

8/8/2011

3

EXCHANGE 2010 OVERVIEW

Server Roles

• Mailbox

• Client Access • Combining Roles

• Hub Transport

• Edge Transport

• Unified Messaging

• Scale Out

• Scale Up

MAPI Connections

MAPI (Outlook) Connections through the CAS Role

What “Mailbox” Server is listed in Outlook Profile?

8/8/2011

4

Database Availability Group

• Defines Which Mailbox Servers Can Replicate• Multiple Mailbox Database Copies per DAG• Multiple DAGS per Environment• High Availability

– Within Site

• Site Resiliency– Cross Sites

Database Availability Group

EXCHANGE 2010 DESIGN

8/8/2011

5

Design Concepts• New Design Philosophy

– Recovery Objectives– Best Way to Manage System

• Dependent on EnvironmentDependent on Environment– Simple– Complex– Moderately Complex

• Staggering Number of Options!

Design Options• High Availability

• Exchange Native• VMware• Third Party On-premise• Third Party Email

• Replication • Exchange Native• Third Party Software• SAN-based• Future Integration

Continuity

• Client Connectivity • Outlook AnyWhere• Outlook WebApp• SSLVPN / UAG• Mobile Devices

• Disaster Recovery• Exchange Native• Third Party On-premise

• Software Based• SAN Solutions

• Third Party Email Continuity

Design Consideration

• Database Availability Group– Avoid Quorum Isolation

• Three Tier Architecture / CAS Role• Load Balancing

– Hardware vs. Software

• Decreased Storage IOPS• Replication Network

8/8/2011

6

DATABASE AVAILABILITY GROUP

• DAG Design– Single Active Site/DAG– DAGOnly Mode

• Database Layout– Flexible

Database Availability Group

Flexible• File Share Witness

– With Active Mailboxes• Collapse Networks• Hide Storage Network from DAG

Cluster network ClusterNetworkName /prop Role=0

Collapse DAG Network

8/8/2011

7

SERVERS & ROLES

Mailbox Role/ Databases• Create Databases after CAS Array

Set-MailboxDatabase –identity <db> -RpcClientAccessServer <NLB Array>

• Retention Tags– No Separate Tags for Calendar

• Database CopiesDatabase Copies– Same Directory Path on Each Server– DataMoveReplicationConstraint– MaxActiveMovesPerTargetMDB | SourceMDB

• Many Settings are Per User• Apply Settings En Masse with PowerShell

Quorum / File Share Witness

8/8/2011

8

Client Access Role

• All* MAPI Traffic Through CAS Role– *Except Public Folders

• Load Balancing– Hardware vs. Software

MS N t k L d B l i– MS Network Load Balancing– Virtual Servers with MS NLB

• Certificates– Intermediate Certificates

• Name Space Design– Try to Move to New Names

Exchange Control Panel

• Administrative Roles– Must Assign Admins to Roles

• User Self-ServiceA M f O A– Allows Users to Modify Own AD Records

• Not a Bug!• Disable

Hub Role• SMTP Database• Shadow Redundancy• When to Cutover• ‘C fli t” ith E 07 R i C t• ‘Conflict” with Ex07 Receive Connectors• Site Not Enabled for Hub Role

• Set-AdSite “SITE" -HubSiteEnabled $true

• Disable LinkState Routing (Ex03)• Careful Execution; Avoid Being Blacklisted

8/8/2011

9

Unified Messaging• Ensure Compatibility with Phone System

– Even for Service Packs!!• Message Waiting Indicator Support• Transition Issues – SIP Trunk

N F • New Features • Speech to Text Translation Experience• Call Answering Rules allows for voicemail based on

caller ID• Texting Capability– Watch out

• Ease of Use

Virtualization

• Size Based on Physical Requirements – Then Add Resources for Hypervisor

• Exchange isn’t Virtualization-“Aware” • Follow MS Virtualization Validation Program• Unified Messaging Now Support• VMotion Now Supported!!

• Carefully Plan DRS Affinity Rules

Storage• Single Instance Store is Removed• Database is Compressed• Assume 40-50% Growth over Ex2003• Is JBOD an Option?Is JBOD an Option?• Email Archiving • Storage on Hub Role

8/8/2011

10

Archiving / Retention

• Native Archiving is Now a Viable Alternative• Can Be A Separate Database

– Does Not Require the Same Number of Copies as Live DatabasesLive Databases

• Requires Outlook 2010 or 2007 with Plugin• Not Stub Based• Not Available Offline• Third Party Products / Service

MANAGEMENT

Operational Management

• PowerShell– Don’t Be Intimidated!– Some Commands Have Changed

• Management Console RefreshManagement Console Refresh– Requires 64-bit

• No Storage Groups; Only Databases• Managed Database Under Organization

– Not Under Server• Clear Move Requests

8/8/2011

11

DAG Management

• Use PowerShell to Check Database Status– Check Content Index State (Not in GUI)

Get mailboxdatabasecopystatus server <server> Get-mailboxdatabasecopystatus –server <server>

• Think Through Failover Testing

• Practice Failover!

User Accounts

• Ensure Security Inheritance is Enabled• Accounts in Protected Groups May Not Work

with ActiveSync• Remote Connectivity Analyzer May Fail Due to Remote Connectivity Analyzer May Fail Due to

Password Complexity• Importing Pictures Into the GAL

– Can be Highly PoliticalImport-RecipientDataProperty –identity <USERID> -Picture -FileData([Byte[]]$(Get-Content -Path "<FILE LOCATION>" -Encoding Byte -ReadCount0))

Backup / Recovery• Backup Strategy

– May Change Significantly• Lagged Database

– Item Recovery, Not Database RecoveryR D b• Recovery Database

• Vendor Support• Single Item Recovery

– Enable Per User– Use Multi-Mailbox Search in ECP

8/8/2011

12

MIGRATION

Mailbox Migration• Enable Circular Logging• Online Moves From Exchange 2007 SP2

– Requires Restarting Outlook• PowerShell Scripts

• Read CSV File with User, Database, Etc.• Apply Policies & SettingsApply Policies & Settings

• Cached Addresses May Fail After Retiring Ex2003 – Clear Outlook Cache– Add Custom x500 Address to users

X500:/o=Exchange Org Name/ou=first administrative group/cn=Recipients/cn=%'mailNickname'%

• Determine Move Rate For Your Environment

Mobile Devices

• ActiveSync– Certificates– May Take Time to Start to Sync– Users in “Protected” Groups May Not Sync– Ex2003: Allow Integrated Authentication

• BlackBerry– Throttling Policy– Validate BES and MAPI Version– When to Migrate BES Admin Account– Issues Requiring Recreation of BES Admin Account

8/8/2011

13

Third Party Integration

• Confirm Exchange 2010 Support• Coexistence with Legacy Exchange Server• Removal of WebDAV• Backup

– TEST! TEST! TEST!

• Autonomy EMM– May lose Email Links when Migrating Mailboxes

Outlook• Re-evaluate Cache Mode

– Deploy Cache Mode Cautiously • UDP Notification for Outlook 2003

– Doesn’t work on Office XP• Performance Issues Opening Delegated Mailboxes

on Legacy Exchange Servers• Outlook 2010 with Exchange 2003/2007 Does

Not Warn of Mailbox Quotas• Outlook Anywhere Auto-configuration

Get-outlookprovider –identity EXPR | remove-outlookprovider

• GPO Disable Deletion From Delegated Mailbox

Public Folders

• Consensus: Get Rid of Them! • Validate Consistent Replication Settings• Add Replicas a Few at a Time, Not all At Once• E E h Di k S H b S• Ensure Enough Disk Space on Hub Server• Verify Replicas

– User PFDavAdmin and EXFolders to Export Reports– Use Excel or WinDiff to Compare– Focus on Item Count

8/8/2011

14

Resources

• Pre-Deployment Analyzer• Server Profile Analyzer • Deployment Assistantp y• Remote Connectivity Analyzer• Mailbox Role Requirements Calculator• Vendor Sizing Calculators

Contact Information

David MichelChief Information OfficerBurr & Forman LLP dmichel@burr.com(205) 458-5470

Michael SulinInfrastructure ManagerThompson Coburn LLPMSulin@thompsoncoburn.com(314) 552-6532( )

Patrick SklodowskiManaging DirectormindSHIFT Technologies, Inc.Patrick.Sklodowski@mindSHIFT.com(856) 425-0029

( )