locked
Exchange 2010 to 2016 migration RRS feed

  • Question

  • hi...

    We are in the process of migrating from Exchange 2010 to 2016.  

    Exchange 2010 URL's all set to the server name (Except Outlook Anywhere which is disabled).  Two CNAMES are setup -> mail.domain.com pointing to the Exchange 2010 server.  There is also an AutoDiscover.domain.com cname which points to the Exchange 2010 server.  There are no external URL's configured as External access is not required.

    There is a CAS array configured which is set to mail.domain.com

    Questions I have:

    1. Do we need to enable Outlook Anywhere for Coexistence, even though its not currently used in 2010 and there is no requirement for External access?

    2. How best should we manage the URLs. For ease should we keep the server name for all the URLs in Exchange 2016 and cutover the CNAME so instead of point to Exchange 2010 it will point to 2016?

    thank you for you help...

    Monday, July 29, 2019 10:01 AM

Answers

  • All client and admin connections to Exchange 2013 and later are now done by HTTP/HTTPS.  So, there's no side-stepping the new connection paths.

    You can (and should) configure OutlookAnywhere in Exchange2016 so that you have the greatest compatibility coverage for Outlook clients.  This does NOT mean you have to expose any of this to the Internet - you can, but not require to.

    For internal use only, you can disable the HTTPS (use SSL) requirement on the receive connectors, but from a security standpoint, you really shouldn't do this.

    So, to use HTTPS, you have to deal with certificates.  you can either buy a simple SAN certificate, or standup your own internal Certificate Authority server (it's part of Windows Server).  However, if you stand up your own CA, you'll have to push the CA root cert to your desktops.  However, mobile devices can be challenging with a private CA.  


    -Eriq VanBibber, CTO, Priasoft Inc.

    • Marked as answer by Unknown2014 Tuesday, August 6, 2019 9:50 AM
    Monday, July 29, 2019 6:53 PM
  • Hi

    Wow, no external access at all? so nobody works after they leave the office?

    So firstly, CAS array falls away with Exchange 2016.

    It is easier to have either outlook anywhere or if you have newer clients then look at enabling mapi over http which is the new method of connecting.

    If you want to use the same name space then keep your urls the same for both sets of servers, just make sure to point your DNS to the 2016 servers. Exchange 2016 will proxy the request to 2010 if the mailbox resides there.


    Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    • Proposed as answer by ThinkCenter Tuesday, July 30, 2019 6:48 AM
    • Marked as answer by Unknown2014 Tuesday, August 6, 2019 9:51 AM
    Monday, July 29, 2019 6:55 PM

All replies

  • All client and admin connections to Exchange 2013 and later are now done by HTTP/HTTPS.  So, there's no side-stepping the new connection paths.

    You can (and should) configure OutlookAnywhere in Exchange2016 so that you have the greatest compatibility coverage for Outlook clients.  This does NOT mean you have to expose any of this to the Internet - you can, but not require to.

    For internal use only, you can disable the HTTPS (use SSL) requirement on the receive connectors, but from a security standpoint, you really shouldn't do this.

    So, to use HTTPS, you have to deal with certificates.  you can either buy a simple SAN certificate, or standup your own internal Certificate Authority server (it's part of Windows Server).  However, if you stand up your own CA, you'll have to push the CA root cert to your desktops.  However, mobile devices can be challenging with a private CA.  


    -Eriq VanBibber, CTO, Priasoft Inc.

    • Marked as answer by Unknown2014 Tuesday, August 6, 2019 9:50 AM
    Monday, July 29, 2019 6:53 PM
  • Hi

    Wow, no external access at all? so nobody works after they leave the office?

    So firstly, CAS array falls away with Exchange 2016.

    It is easier to have either outlook anywhere or if you have newer clients then look at enabling mapi over http which is the new method of connecting.

    If you want to use the same name space then keep your urls the same for both sets of servers, just make sure to point your DNS to the 2016 servers. Exchange 2016 will proxy the request to 2010 if the mailbox resides there.


    Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    • Proposed as answer by ThinkCenter Tuesday, July 30, 2019 6:48 AM
    • Marked as answer by Unknown2014 Tuesday, August 6, 2019 9:51 AM
    Monday, July 29, 2019 6:55 PM
  • While not common, i have seen many specific business sectors that disallow external connections.  I know many banks, goverment, and high-security business sectors limit connections to internal only. 

    Maybe the post author is in such a business.  

    Still doesn't change the need for HTTP.  So he/she will have to prepare for such.

     

    -Eriq VanBibber, CTO, Priasoft Inc.

    Monday, July 29, 2019 7:06 PM
  • Hi,

     

    I am writing here to confirm with you how the thing going now?

     

    If you need further help, please provide more detailed information, so that we can give more appropriate suggestions.

     

    Regards,

    Kelvin Deng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com


    Thursday, August 1, 2019 1:32 AM
  • appreciate the help guys....I am much clearer on what i need to do.
    Tuesday, August 6, 2019 9:51 AM