Site icon Franky's Web

Migration from Exchange 2010 to Exchange 2016 (Part 1)

Frank Zöchling

Foreword

Exchange 2016 has been available in the final version since 01.10. Many people will have skipped Exchange 2013 and are currently still using Exchange 2010, for those it is time to plan the migration to Exchange 2016. Exchange 2016 will be the last version to which you can migrate directly from Exchange 2010.

This guide describes the migration from Exchange 2010 to Exchange 2016 and is intended to provide an overview of the necessary steps and is therefore deliberately kept simple. Certificates and the namespace should also be transferred, because you don't have to keep reinventing the wheel.

This guide will consist of 3 parts, the first part will prepare the migration, the second part will migrate the mailboxes and public folders and the third part will clean up.

One thing first: This is not a generally valid migration guide that can be applied to every Exchange 2010 organization. The implementation options for Exchange 2010 were very diverse, so you should map your Exchange infrastructure 1-to-1 in a test environment before the migration in order to test the migration.

Surroundings

The test environment consists of 3 Windows Server 2012 R2. One Domain Controller, one Exchange 2010 Server and one Exchange 2016 Server:

Exchange 2010 and Exchange 2016 are already installed.

Exchange 2010 Service Pack 3 and Update Rollup 11 must be installed to support coexistence and therefore migration. The downloads for Service Pack 3 and Update Rollup 11 can be found here:

The Exchange 2016 installation in an existing Exchange 2010 organization is no different from the installation in a fresh environment. Only the question about the organization name is omitted. I will therefore save myself the trouble of describing the installation of Exchange 2016, as I have already done that here:

https://www.frankysweb.de/exchange-2016-installation-auf-windows-server-2012-r2/

Exchange 2010 is configured to the following URLs:

Exchange 2016 should use the following URLs:

Exchange 2016 should therefore use the same URLs as Exchange 2010 so that users do not have to get used to them.

Preparation

As already mentioned, Exchange 2016 is already installed but not yet configured. The URLs are therefore configured first, the easiest way to do this is using the Exchange Management Shell:

$servername = "EX2016"
$internalhostname = "outlook.frankysweb.de"
$externalhostname = "outlook.frankysweb.de"
$autodiscoverhostname = "autodiscover.frankysweb.de"
 
$owainturl = "https://" + "$internalhostname" + "/owa"
$owaexturl = "https://" + "$externalhostname" + "/owa"
$ecpinturl = "https://" + "$internalhostname" + "/ecp"
$ecpexturl = "https://" + "$externalhostname" + "/ecp"
$ewsinturl = "https://" + "$internalhostname" + "/EWS/Exchange.asmx"
$ewsexturl = "https://" + "$externalhostname" + "/EWS/Exchange.asmx"
$easinturl = "https://" + "$internalhostname" + "/Microsoft-Server-ActiveSync"
$easexturl = "https://" + "$externalhostname" + "/Microsoft-Server-ActiveSync"
$oabinturl = "https://" + "$internalhostname" + "/OAB"
$oabexturl = "https://" + "$externalhostname" + "/OAB"
$mapiinturl = "https://" + "$internalhostname" + "/mapi"
$mapiexturl = "https://" + "$externalhostname" + "/mapi"
$aduri = "https://" + "$autodiscoverhostname" + "/Autodiscover/Autodiscover.xml"
 
Get-OwaVirtualDirectory -Server $servername | Set-OwaVirtualDirectory -internalurl $owainturl -externalurl $owaexturl
Get-EcpVirtualDirectory -server $servername | Set-EcpVirtualDirectory -internalurl $ecpinturl -externalurl $ecpexturl
Get-WebServicesVirtualDirectory -server $servername | Set-WebServicesVirtualDirectory -internalurl $ewsinturl -externalurl $ewsexturl
Get-ActiveSyncVirtualDirectory -Server $servername | Set-ActiveSyncVirtualDirectory -internalurl $easinturl -externalurl $easexturl
Get-OabVirtualDirectory -Server $servername | Set-OabVirtualDirectory -internalurl $oabinturl -externalurl $oabexturl
Get-MapiVirtualDirectory -Server $servername | Set-MapiVirtualDirectory -externalurl $mapiexturl -internalurl $mapiinturl
Get-OutlookAnywhere -Server $servername | Set-OutlookAnywhere -externalhostname $externalhostname -internalhostname $internalhostname -ExternalClientsRequireSsl:$true -InternalClientsRequireSsl:$true -ExternalClientAuthenticationMethod 'Negotiate'
Get-ClientAccessService $servername | Set-ClientAccessService -AutoDiscoverServiceInternalUri $aduri

Now the authentication for Outlook Anywhere must be adapted from Exchange 2016 to Exchange 2010:

First check which authentication Exchange 2010 uses:

The same authentication method will then also be set for Exchange 2016:

The type of login to OWA and ECP must also be configured in the same way

Since I do not change the URLs, I can continue to use the existing certificate of the Exchange 2010 server:

Of course, this only makes sense if the certificate still has a sufficiently long remaining validity period and has also been signed with SHA256. The certificate can then simply be exported from the Exchange 2010 server and re-imported on the Exchange 2016 server:

Then assign the services

But a new certificate is not the problem either. A new certificate can be issued either by an internal CA or by a public CA. The process does not differ from Exchange 2013:

Next, Exchange 2016 can be added to the send connector so that mails can also be sent via Exchange 2016:

During the Exchange 2016 installation, a new offline address book is created, which still needs to be assigned to the Exchange 2016 database:

The basic configuration is now complete.

Now a test mailbox can be moved to the Exchange 2016 database:

Select test mailbox

Assign a name and select the Exchange 2016 database

Then complete the mailbox move:

Now wait a little until the mailbox transfer is complete:

As soon as the mailbox has been moved, the infamous message appears again if Outlook was open at the time the mailbox was moved:

The Microsoft Exchange administrator has made a change that requires Outlook to be restarted

To test the connection without immediately changing all clients, we can bypass the DNS server and add the following entries to the HOSTS file under c:\Windows\System32\drivers\etc:

  • 172.168.100.102 outlook.frankysweb.de
  • 172.16.100.102 autodiscover.frankysweb.de

Where 172.16.100.102 is the IP of my Exchange 2016 server. The entry in the HOSTS file is of course only for testing purposes and will be removed after a successful test.

After Outlook has been restarted, it should now be connected to Exchange 2016:

Here you can already see that MAPIoverHTTP is now used, which is the new standard protocol for Exchange 2016.

Note: If you use Outlook 2010 as a client, you must ensure that the following update is installed:

Only the update provides support for MAPIoverHTTP for Outlook 2010.

And Autodiscover should now also provide the Exchange 2016 settings:

Now the usual tests can be carried out, internal e-mail reception, external e-mail reception, internal e-mail dispatch, external e-mail dispatch and anything else you want to do.

A detailed test is now recommended here, also with several test mailboxes. It is also important to remember that Exchange is not just a mail server, calendars, room bookings, absence assistant etc. should also be tested. Don't forget to test external access (ActiveSync, Outlook Anywhere).

IMPORTANT: It is also essential to test whether access is possible if the mailbox has not yet been moved to Exchange 2016, i.e. find an existing Exchange 2010 mailbox and change the HOSTS file accordingly as described above. This access must be possible for the further migration.

NOTE: If public folders are used, you should have noticed during the tests that Exchange 2010 public folders cannot be accessed from an Exchange 2016 mailbox. In the second part of this guide, access is set up accordingly.

Exit mobile version