locked
Exchange 2003/2010 co-existence - Active sync mailflow? RRS feed

  • Question

  • Hi all,

    The plan will be to install Exchange 2010 alongside 2003 without send/receive connectors as a start so that incoming/outgoing email routes through 2003 as it does as the moment for users.

    The questions here is about Activesync.  When you install Exchange 2010 into the environment, are you required to NAT route traffic to the CAS box, or can the traffic still route to the 2003 FE server from mobile phones for users on 2003?  If we choose this method, I'm assuming we would need a second namespace during the interim period for users that are moved to 2010 and have that namespace pointing to the CAS box?

    Or can we leave everything as it is with 2003 at the moment, simply install Exchange 2010 and have mailflow/activesync all going through the 2003 environment until we are happy 2010 is working and then move mailflow/activesync connections to 2010?

    Hope this makes sense.  We want to do everything gradually so would prefer to move mailflow and activesync over to 2010 at a later stage if possible when everyone has been moved to 2010 and we are happy that the servers are stable.

    Monday, January 17, 2011 2:40 AM

Answers

  • Hi,

    I don't think its possible to have 2003 in front if you install exchange 2010, have a look into this blog which explains the transition process for active-sync : http://msexchangeteam.com/archive/2009/12/08/453472.aspx & other previous blog explaining the whole migration process, do let us know if more info is required . 


    Ripu Daman Mina | MCSE 2003 & MCSA Messaging
    • Marked as answer by Novak Wu Wednesday, January 19, 2011 5:37 AM
    Monday, January 17, 2011 9:04 AM
  • First thing: ActiveSync and Mailflow are two different thing, one uses HTTPS, one uses 25.

    QUESTION: The questions here is about Activesync.  When you install Exchange 2010 into the environment, are you required to NAT route traffic to the CAS box, or can the traffic still route to the 2003 FE server from mobile phones for users on 2003?  If we choose this method, I'm assuming we would need a second namespace during the interim period for users that are moved to 2010 and have that namespace pointing to the CAS box?

    ANSWER: You have two options here:

    1. Keep the old namespace, e.g. mail.domain.com, but change NAT setting point it to the new Exchange 2010 CAS. The Exchange 2010 CAS will then act as a proxy for the Exchange 2003 FrontEnd Server. Windows Mobile/other smartphone Users who got their mailbox on 2003 server dont need to change settings and still got access via ActiveSync. However, you will need a new SSL cert with same CN(and different SANs). You will have to enalbe Integrated Windows authentication on the Microsoft-Server-ActiveSync virtual directory on the Exchange 2003 server (Refer to the article Jonas suggested) in order for this to work. Please be ware that Exchange 2010 CAS will not re-direct/proxy OWA to Exchange 2003.
    2. Get a new namespace for Exchange 2010 CAS, like mail2.domain.com, and point it to the new 2010 CAS. Users on different servers use different namespace... This obviously is not ideal, as you mentioned it will only be interim. Once users moved to 2010, they will have to change phone settings again... 

    QUESTION: Or can we leave everything as it is with 2003 at the moment, simply install Exchange 2010 and have mailflow/activesync all going through the 2003 environment until we are happy 2010 is working and then move mailflow/activesync connections to 2010?

    ANSWER: No, you cant in terms of ActiveSync and OWA. Mailflow won't be a problem though. Exchange 2003 FE wont be able to proxy/re-direct ActiveSync or OWA request to Exchange 2010. Mailflow is a separate thing, and it can be routed automatically between 2010 and 2003.

    this article http://technet.microsoft.com/en-us/library/bb310763.aspx really explains a lot for the way Exchange 2010 CAS deals with ActiveSync and OWA traffic.

    • Proposed as answer by aha_tom Tuesday, January 18, 2011 3:38 AM
    • Marked as answer by Novak Wu Wednesday, January 19, 2011 5:37 AM
    Tuesday, January 18, 2011 3:34 AM

All replies

  • Hi,

    I don't think its possible to have 2003 in front if you install exchange 2010, have a look into this blog which explains the transition process for active-sync : http://msexchangeteam.com/archive/2009/12/08/453472.aspx & other previous blog explaining the whole migration process, do let us know if more info is required . 


    Ripu Daman Mina | MCSE 2003 & MCSA Messaging
    • Marked as answer by Novak Wu Wednesday, January 19, 2011 5:37 AM
    Monday, January 17, 2011 9:04 AM
  • Hi

    Here's a great link that describes the proxying and redirections

    http://technet.microsoft.com/en-us/library/bb310763.aspx

     


    Jonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | Blog: http://www.testlabs.se/blog | Follow me on twitter: jonand82
    Monday, January 17, 2011 9:58 AM
  • you would need to follow the process in order as described in http://technet.microsoft.com/en-us/library/aa998186(EXCHG.140).aspx

    and once you have 2010 cas this server is responsible for all Active sync or anuther client connectons and also responsible for prosying to lgeacy version as the case may be as suggested in the post above by jonas anderson


    Dhruv
    Monday, January 17, 2011 3:30 PM
  • First thing: ActiveSync and Mailflow are two different thing, one uses HTTPS, one uses 25.

    QUESTION: The questions here is about Activesync.  When you install Exchange 2010 into the environment, are you required to NAT route traffic to the CAS box, or can the traffic still route to the 2003 FE server from mobile phones for users on 2003?  If we choose this method, I'm assuming we would need a second namespace during the interim period for users that are moved to 2010 and have that namespace pointing to the CAS box?

    ANSWER: You have two options here:

    1. Keep the old namespace, e.g. mail.domain.com, but change NAT setting point it to the new Exchange 2010 CAS. The Exchange 2010 CAS will then act as a proxy for the Exchange 2003 FrontEnd Server. Windows Mobile/other smartphone Users who got their mailbox on 2003 server dont need to change settings and still got access via ActiveSync. However, you will need a new SSL cert with same CN(and different SANs). You will have to enalbe Integrated Windows authentication on the Microsoft-Server-ActiveSync virtual directory on the Exchange 2003 server (Refer to the article Jonas suggested) in order for this to work. Please be ware that Exchange 2010 CAS will not re-direct/proxy OWA to Exchange 2003.
    2. Get a new namespace for Exchange 2010 CAS, like mail2.domain.com, and point it to the new 2010 CAS. Users on different servers use different namespace... This obviously is not ideal, as you mentioned it will only be interim. Once users moved to 2010, they will have to change phone settings again... 

    QUESTION: Or can we leave everything as it is with 2003 at the moment, simply install Exchange 2010 and have mailflow/activesync all going through the 2003 environment until we are happy 2010 is working and then move mailflow/activesync connections to 2010?

    ANSWER: No, you cant in terms of ActiveSync and OWA. Mailflow won't be a problem though. Exchange 2003 FE wont be able to proxy/re-direct ActiveSync or OWA request to Exchange 2010. Mailflow is a separate thing, and it can be routed automatically between 2010 and 2003.

    this article http://technet.microsoft.com/en-us/library/bb310763.aspx really explains a lot for the way Exchange 2010 CAS deals with ActiveSync and OWA traffic.

    • Proposed as answer by aha_tom Tuesday, January 18, 2011 3:38 AM
    • Marked as answer by Novak Wu Wednesday, January 19, 2011 5:37 AM
    Tuesday, January 18, 2011 3:34 AM
  • Thanks for the info guys.  So even if ALL mailboxes are left on Exchange 2003, we still need to move activesync connections to 2010 as soon as 2010 is installed?  That was the main concern really.

    When setting up the Exchange Certificates to replace the self signed ones in that case, in the test environment we noticed that the Exchange SMTP service was set on both the cert that came with Exchange and also the Full cert too.  You could not remove the SMTP service from the self installed certificate.

    Should there be only one certificate in the "Exchange certificates" list?  IE When you install the paid for certificate, do you remove the self-signed one that came with Exchange?

    Thursday, January 20, 2011 10:36 PM