locked
Exchange 2003-->2013 Questions RRS feed

  • Question

  • We are in the process of migrating a small office to Exchange 2010 then 2013 from 2003.  Our current 2003 server has all roles on a single box and so will our Exchange 2010 server (and 2013 after 2010).  We have Exchange 2010 installed into our domain and it is part of our current Exchange organization.

    My question is about our public DNS.  For the new Exchange 2010 server we need a new A record (which will be nat'd to our internal number space) and should we assign a secondary MX record to the new Exchange 2010 server with a weight of 20?  Our current Exchange 2003 server has an MX record with a weight of 10.  

    Is this the way to go?  I want to be able to receive mail on Exchange 2003 and on migrated mailboxes on our 2010 server and keep both live until all mailboxes are moved.

    Currently we don't have any mailboxes moved yet.

    Thank you for any assistance.

    Wednesday, April 27, 2016 6:03 PM

Answers

  • You need a new A record.  That can be either for Exchange 2010, or for legacy Exchange 2003 if you want to switch the URLs to point to Exchange 2010, which is strongly recommended.  If your legacy name isn't in the certificate, you can add it, or you can just get a single-name certificate for Exchange 2003 for the transition.

    I wouldn't create a secondary MX.  I would test that mail flow works both ways between Exchange 2003 and 2010 (create your routing group connectors!), create the receive connector for inbound mail, test that it works, and then just switch the MX record to Exchange 2010.  Exchange will forward the mail to Exchange 2003 recipients.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    • Proposed as answer by Troy Werelius Wednesday, April 27, 2016 6:37 PM
    • Marked as answer by Allen_WangJF Sunday, May 8, 2016 11:59 AM
    Wednesday, April 27, 2016 6:36 PM
  • I would test with a hosts file entry before switching DNS and NAT.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    • Marked as answer by Allen_WangJF Sunday, May 8, 2016 11:59 AM
    Monday, May 2, 2016 5:40 PM

All replies

  • You need a new A record.  That can be either for Exchange 2010, or for legacy Exchange 2003 if you want to switch the URLs to point to Exchange 2010, which is strongly recommended.  If your legacy name isn't in the certificate, you can add it, or you can just get a single-name certificate for Exchange 2003 for the transition.

    I wouldn't create a secondary MX.  I would test that mail flow works both ways between Exchange 2003 and 2010 (create your routing group connectors!), create the receive connector for inbound mail, test that it works, and then just switch the MX record to Exchange 2010.  Exchange will forward the mail to Exchange 2003 recipients.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    • Proposed as answer by Troy Werelius Wednesday, April 27, 2016 6:37 PM
    • Marked as answer by Allen_WangJF Sunday, May 8, 2016 11:59 AM
    Wednesday, April 27, 2016 6:36 PM
  • Thanks.  I will get a new A record in our public DNS (Time Warner) and create the one to one NAT on our Cisco ASA.

    What certificate are you referring to?  For OWA?  Right now we only have a cert with our 2003 server name in it.

    I will make sure routing connectors are in tact.  Thank you for the quick response.

    Wednesday, April 27, 2016 7:36 PM
  • You could use the existing Exchange 2003 server FQDN as the legacy name for OWA as long as it's routable on the Internet.  You could create a new name, e.g., owa.company.com or webmail.company.com for all services going forward and point that name to the Exchange 2013 server..

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    • Proposed as answer by Allen_WangJF Thursday, April 28, 2016 2:51 AM
    Wednesday, April 27, 2016 8:19 PM
  • Hi,

    Here're some reference link about upgrade Exchange 2003 to Exchange 2010, then Exchange 2013:
    http://blogs.technet.com/b/mconeill/archive/2013/04/03/migration-from-exchange-2003-to-2013-a-no-go.aspx
    https://technet.microsoft.com/en-us/library/dd638130%28v=exchg.141%29.aspx
    http://searchexchange.techtarget.com/tip/Moving-from-Exchange-2003-to-Exchange-2010-in-12-steps
    Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Please note that we need decommission and remove all Exchange 2003 servers before update Exchange 2010 to Exchange 2013.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Allen Wang
    TechNet Community Support

    Thursday, April 28, 2016 3:02 AM
  • Agree.  ok i have my request in for my public A record for Exchange 2010.

    I have a send connector set up in 2010 and called it Internet and associated it with the Exchange 2010 Hub Transport.

    I have a receive connector set up in Exchange 2010 too.  I don't see any reference to the Exchange 2003 server in either connector form the Technet notes I followed.  I this correct?  

    I am reading the guides that is how I got to this point but I am double checking things so we don't hit a wall and face major downtime.  I appreciate your insight Ed! 

    Thursday, April 28, 2016 8:00 PM
  • You're welcome, happy to have helped.  Please feel free to mark responses as helpful and/or the answer as appropriate.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Thursday, April 28, 2016 11:37 PM
  • Will do.  I'm not closing this until I get rolling if you don't mind.  I should have my public IP address for Exchange 2010 today then I am going to do a 1:1 NAT and open port 80, 443 and 25 on my firewall for this nat translation.  Then I will move my mailbox to Exchange 2010 and make sure I can still receive mail before I touch the other mailboxes.

    Does this make sense?

    Monday, May 2, 2016 5:32 PM
  • I would test with a hosts file entry before switching DNS and NAT.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    • Marked as answer by Allen_WangJF Sunday, May 8, 2016 11:59 AM
    Monday, May 2, 2016 5:40 PM
  • Hi Ed,

    I am back.  Sorry...but I am real close now.  I have 95% of the mailboxes moved to Exchange 2010 and mail flow is working inbound and outbound.  OWA is also working internally and externally (from our local LAN).

    Activesync isn't working but I am going to work on that tonight.

    I have a public A record Nat'd to my internal Exchange hosat ip address with ports, 25, 443, 993 and imap4 open on the nat translation.

    I am thinking this Friday night is a good time to change the MX record from pointing to the old Exchange box to the new one.  I have to get Activesync working first thought.

    Do you see any holes?  Once again thanks for your help! 

    Thursday, May 26, 2016 5:04 PM
  • You can test everything that you can run on a device that supports a hosts file entry (which makes it hard to test ActiveSync) before making the switch.

    The MX record switch should be no problem at all as long as a connection can be made to the new server via port 25 and it's open to Anonymous connections.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Thursday, May 26, 2016 6:14 PM
  • Yes I have it Nat'd with a Cisco firewall with no restrictions on the traffic except that it has to be IP.

    Thanks Ed.  Going to tackle Activesync tonight.  I think it might be a cert issue but i have to dig into it.

    Thursday, May 26, 2016 8:11 PM