Introduction
Any mail migration requires a lot of preparatory work from the mail administrator to ensure that the end-users and mail flow will not be affected during the migration and/or transition process.
We still have a lot of message topics in the Microsoft forums inquiring about how to migrate from third-party mail servers to Exchange Server 2003 and 2007. In this series, we are going over this process to establish the minimum requirements for this kind of migration. We are going to use MDaemon mail server as the source mail server to our future Exchange 2007 and 2003. However, we can use the same principles applied here to any other third-party mail server.
There are many ways to perform a migration from MDaemon Mail Server to Exchange Server, basically the options are: Single Step (also called Big Bang Migration) or using Coexistence. The Big Bang Migration is when all users are moved at the same time, usually during the weekend, and on the first day of the new Exchange Server the Help Desk team is swamped by incidents from the new users. There is also the coexistence scenario where both systems are kept up and running, sharing information and a group of users is migrated at a time. In this scenario, the process is more complex and requires some efforts to make sure that both users (migrated and non-migrated) are able to exchange messages and use both mail systems during the transition. In a coexistence scenario, all steps should be done seamlessly from the user point of view.
A big bang migration can be visualized in the following MSExchange.org article here. After reading this series you can make up your own mind on which migration path you want to follow. You can always use a mix of both article series to create your own migration plan. There are similarities in some steps in both migration scenarios, however, the main goal of this current series is to provide end-to-end migration steps in coexistence mode.
In order to achieve a successful migration we are going to use 4 (four) important points that we are be validating during the coexistence which are: Directory Synchronization, Global Address List, Mail Routing and Data Migration Process. This general rule may be applied in any Exchange migration to provide basic functionality during the coexistence but it is not a rule, you can add/remove important points in your migration plan.
Microsoft provides a suite of tools to accomplish these tasks when the source systems are Lotus Notes or GroupWise (Microsoft Lotus and GroupWise Connectors built-in Exchange Server 2003 and Microsoft Transporter for Lotus notes in Exchange Server 2007). However, there is no single built-in tool to do all the process when the source is a third-party mail server.
Figure 1
The migration process itself requires a lot of labs and testing from the IT team but there are some other points that must be seen before starting the lab phase, some of them are listed below:
-
Backup
-
Message flow before, during and after migration
-
Anti-virus
-
Disk subsystem
-
Documentation
-
Applications that do relay on the mail server
-
User Training
-
IT Team training
-
Documentation of the basic procedures to be performed by Help Desk team
-
Outlook deployment
-
Outlook Web Access usage for the new users
-
Message Archiving
Our migration scenario
In this article series we are going to start migrating from MDaemon mail server to Exchange Server 2007 and in the final part we are going to do the same process using Exchange Server 2003 as well. In this first portion we are going to use 3 (three) servers: a Domain Controller, an Exchange Server 2007 with the three basic roles installed (Mailbox, Client Access Server and Hub Transport) and the MDaemon mail server, as show in Figure 2.
Figure 2
The Active Directory is a single forest/domain called apatricio.local and the SMTP address that is being in use by MDaemon is andersonpatricio.org.
Directory Authentication
Our first goal is to make sure that our authentication directories are synchronized. MDaemon Mail server allows different methods to create mailboxes in its mail system and the mailbox information can be kept in a simple disk file, ODBC data source or LDAP store. We can also use Active Directory to either import users or monitor Active for user changes, and then any new user created in AD is also created in MDaemon.
Based on the variety of ways to have the accounts/mailboxes stored, we must ensure that both directories are synchronized, or at least both directories have the same users. We are going over each scenario to validate how to make sure that the future environment will have all users added to the Active Directory.
Scenario 1: Active Directory and Mdaemon are being synchronized through Mdaemon
The best option that you may have from a migration perspective is if MDaemon uses Active Directory to synchronize its mailboxes, we can check this out by opening MDaemon, click on Accounts menu, Account Database/Active Directory/Minger… item, and click on Active Directory tab as shown in Figure 3.
If the first checkbox is enabled then any new AD in Active Directory will automatically start a mailbox creation and the password used will be the same for both environments (mail and AD). The same process will take an action for deleted accounts. In our environment, the mailbox is disabled when the AD account is deleted.
Figure 3
If you are using this option, you are ready to move forward to the next step since you do not need to create users because the MDaemon mailboxes came from Active Directory.
Scenario 2: There is no Active Directory integration
In this scenario we must ensure that all MDaemon users have accounts in Active Directory before changing their mail clients to the new environment. In some cases, users may have two different directories: Active Directory, where all users log on with different user names and passwords at mail level. In this case, the administrator has to manage and instruct users that in the new environment they will use the same username and password to log on in the network (Active Directory) and mail system (Exchange).
In order to export the information from MDaemon to Active Directory the following can be used.
Note:
The MDaemon export process may contain passwords, which is a really good thing because all new users in Active Directory will use their current passwords.
-
First, validate the current usernames that are being used on the MDaemon server. Open MDaemon Console, click on Accounts, then Account Manager (Figure 4). We can use this step to remove unnecessary accounts from the source environment.
Figure 4
-
We can now import the current accounts. Click on the Accounts menu, Exporting, and again on Export accounts to a comma delimited file item.
-
A windows dialog box will show up saying that the export will create a file and it will be save on the following path: C:\Mdaemon\APP\Accounts.csv. Click OK.
-
Another dialog box will show up saying that the export process was completed , click OK
-
We can open the file that was created by MDaemon and a list of all users and their correspondent attributes will be in that file, as shown in Figure 5.
Note:
We can clean up the accounts.csv file to avoid unnecessary accounts to be migrated. In this step we are going to remove the built-in MDaemon and administrator accounts/lines from the csv file because they are not going to be moved to Exchange Server.
Figure 5
Now, we can copy the file C:\MDaemon\App\Accounts.csv to the root drive of Exchange Server. Logged with privileges to create an account and mailboxes, we can run the following commands:
$Users = Import-CSV C:\Accounts.csv
$Users | ForEach { $SecurePWD = ConvertTo-SecureString $_.Password –AsPlainText –Force; New-MailUser –Name $_.Mailbox –UserPrincipalName ($_.Mailbox+”@<your-AD-FQDN-Domain-Name>”) –SamAccountName $_.Mailbox –FirstName $_.FullName –Password $SecurePWD –ResetPasswordOnNextLogon $false –ExternalEmailAddress (“SMTP:”+$_.Email)}
Figure 6
Note #1:
You may have some issues with users who have passwords that do not match with Active Directory security requirements, you may have to change the current Domain Security policy to accommodate the new users.
Note #2:
If you are migrating from a different product and you cannot retrieve the users’ password, you can use a general password to the new users.
Conclusion
In this first article we visualized the main steps that should be covered during a migration process with coexistence between Exchange and any other third-party mail server. Our main goal in this first article was to make sure that we have both directories synchronized. This synchronization may be running automatically or an export/import process may be required like we saw in the last section.
In the next article we are going to start the mail routing section of this article series where Exchange Server will be configured to receive, route and send message traffic to the Internet and also MDaemon server.
评论前必须登录!
注册