Migration to Exchange 2010

Many of you are still running Exchange 2003 and it is working just fine. Exchange 2007 is the current active release and Exchange 2010 will be released the end of 2009, according to Microsoft.

The question for many of you is whether or not you should upgrade to Exchange 2007, or simply wait and upgrade directly to Exchange 2010 skipping Exchange 2007 altogether.

To help you make the decision, here are some deciding factors.

• What is the age of the hardware currently supporting your Exchange 2003 environment? Can your existing hardware provide good email service until you move to Exchange 2010?
• What are your budget constraints? Can you afford to purchase Exchange 2007 CALs this year and then purchase new CALs again for Exchange 2010?
• What are your resource constraints? Can you afford the staff resources to perform the Exchange 2007 migration now and then repeat the process again in 2010?
• What are your functionality demands? Do you require support for unified communications now, or can you wait until 2010?

Your decision to remain on Exchange 2003 and wait another year for Exchange 2010 will largely be shaped by these cost and resource related concerns. There is no technical requirement to upgrade to Exchange 2007 before you migrate to Exchange 2010.

When you eventually upgrade to Exchange 2010, you will require complete new server hardware, so plan accordingly.

I love Windows Server 2008R2…

• Recycle Bin for Active Directory
• Offline Domain joining
• Hyper-V Live Migration
• Cluster Node Connectivity Fault Tolerance
• Hyper-V 2.0
• Virtual Desktop Infrastructure (VDI)
• Desktop Virtualization is a new feature in Windows Server 2008 R2
• Windows clients (XP, Vista, Windows 7) run on virtual machines on a centralized server
• VDI includes the following technologies: Hyper-V, Live Migration, System Center Virtual Machine Manager 2008, Microsoft Application Virtualization version 4.5 in Microsoft Desktop Optimization Pack (MDOP), and Vista Enterprise VECD licensing
• Graphical PowerShell: GUI for creating and debugging PowerShell scripts

 

Management tools for Windows Server 2008R2

• Server Manager now supports remote administration of servers
• Better integration of management consoles in Server Manager
• Active Directory Administrative Center and IIS have a task-driven user interface and their administrative capabilities are based on PowerShell cmdlets
• Hyper-V’s user interface is also based on PowerShell cmdlets, has updated VM performance and management capabilities, and tighter integration with Virtual Machine Manager 
• Best Practices Analyzer (BPA): Each server role has a BPA to help administrators configure it properly

Exchange 2010 email archiving in summary:

• Tightly integrated with Outlook.
• PSTs can be dragged and dropped into the archive.
• Unified search across the live message store and the archive.
• Search across multiple mailboxes for qualified staff.
• Simple retention policies, based on the number of days of retention, can be defined. These policies can be defined to apply to a folder, individual messages, or an entire mailbox.
• Legal holds can be imposed, overriding defined retention policy.
• There’s basic mailbox and configuration logs and auditing.
• Stubbing’s not used.

Archive Mailbox In Exchange 2010

Archive Mailbox is one of the many welcoming features in Exchange 2010 Server. This feature solves issues related to PST files which gives headache for any exchange admins.

Let me explain how archive mailbox feature will address the existing problems.

1. There is no company which doesn’t have staff using PST files. Archive mailbox gets rid of PST files by giving the user an additional mailbox.
2. PST files are local to the user’s machine, gets corrupted easily and is hard to include the files in backup. Archive mailbox sits in the same mailbox database as the user’s main mailbox and can be included in the backup easily.
3. Archive Mailbox is available in Outlook as well as Outlook Web App (OWA), which is a huge improvement. Users can access their email archive irrespective of where they are.
4. Archive Mailbox is included as part of the Exchange Enterprise CALs and hence no extra cost is required (for those who have ECALs).
5. Retention policies can be set for emails/folders in the archive mailbox.
6. User has the option to search for emails in archive only or both primary & archive mailbox.
7. Archive Quota can be set separate to the primary mailbox.
8. Emails in existing PSTs can be dragged into the archive mailbox very easily.
9. Users get Conversation View scoped to archive mailbox as well.
10. The archive and primary mailbox share the same user account.
11. Only one archive mailbox can be configured for a user.
12. Archive mailbox gets created on the same mailbox database as the primary one, which is a drawback. Future service packs might bring the option to create the archive mailbox in a different database.
13. The default quota warning for the archive mailbox is 10GB, which can be changed.
14. All in all, it is good news for admins as they don’t have to worry about issues like a lost laptop with PST files in it, corrupted PSTs etc.

An Overview on Backing up and Restoring Active Directory

To ensure availability of mission critical resources and network objects, and business continuity, you would need to perform backups of Active Directory if it is running in your environment. This is because Active Directory normally hosts mission critical data, and resources. Backups are typically preformed for a number of reasons, including the following:

• Protect your network environment from the accidental deletion of, or modification of data, and from hardware failures: Having a readily accessible back up of Active Directory would ensure that you can recover any important Active Directory objects which were deleted in error. Backups also prove invaluable when unauthorized users intentionally delete or modify data. The backup would enable you to restore data to its previous state of integrity. Because certain hardware failures such as corrupted hard disk drives can cause considerable loss of data, backing up your data would ensure that the business can continue to perform its mission critical functions when such an event does occur.

Store mission critical data: It is recommended to regularly back up mission critical data so that any previous version of information can be accessed, if necessary, at some time in the future
because Active Directory is dependent on the Registry, you need to back up files within the system directory. These files are called system files. System state data basically contains the main configuration information in Windows 2000, and Windows Server 2003. What actual information is included in system state data is determined by operating system (OS) configuration.

System state typically includes the following important data, files and components:

• The Windows Registry
• The contents of the SYSVOL directory
• Files which are protected by the Windows File Protection system
• Boot and system files: Ntdetect.com, Ntldr and Bootsect.dat.
• The COM+ Class Registration database
• The Active Directory database (Ntds.dit), including all log files and checkpoint files
• Cluster service files
• Certificate service files
• The Internet Information Server (IIS) metabase

You can use one of the methods listed below to back up Active Directory.

• You can back up the system state data only
• You can back up Active Directory as part of a full system backup
• You can back up Active Directory as part of a partial system backup

The best option to use when specifying what data or components should be backed up in the Active Directory backup; is to specify a back up of system state data. This ensures that all core system files are backed up. When a full system backup is performed, system state data is automatically included in the back up process. When performing a partial backup, you can specify that system state data should be included. Manually specifying individual files and components for an Active Directory backup can be an extremely complicated process. Apart from having to be able to identify and specify all important system files and

components, you also need to be able to specify which other important Active Directory data and components need to be backed up, such as the replication topology, and Group Policy information. You can back up Active Directory by using the Windows Server 2003 Backup utility, or you from the command line, using the Ntdsutil command-line utility. The Windows Server 2003 Backup utility includes the feature of using volume shadow copying to back up open files. With the previous versions of Windows, a third party backup tool had to be used to back up open files. The Volume Shadow Copy service creates a read-only copy of any open files. This in turn ensures that these files can continue to be accessed. In Windows 2000 Active Directory, you could only perform one of the following restore methods:

• Authoritative Restore
• Non- Authoritative

When it comes to restoring Windows Server 2003 Active Directory, you can use one of the following restore methods:

• Normal Restore: In Windows 2000, this was your Non-Authoritative restore method. A Normal restore functions pretty much the same as a Non-Authoritative restore. With a Normal restore, the Backup utility is run on the computer while in Directory Services Restore Mode. After the domain controller is rebooted, normal replication occurs with replication partners.

A normal restore is typically performed when the following conditions exist:
o A domain has multiple domain controllers, and only one domain controller is operational. You can use a Normal restore to restore all other domain controllers in the domain.
o A domain has a single domain controller, and that domain controller has to be restored. You can also choose to alternatively perform a Primary restore of Active Directory.

• Authoritative Restore: An Authoritative restore of Active Directory has to be performed in cases where a Normal restore would not be able to return Active Directory to the correct state. For instance, if an organizational unit was deleted in error, a Normal restore would only result in the particular OU being deleted once again, after replication. This is basically due to the replication partners having a higher version number for the particular OU. An Authoritative restore has a similar process to that of a Normal restore, the difference being that after system data is restored, you define certain Active Directory objects as being authoritative. When Active Directory objects are defined as authoritative, the particular objects have the higher version numbers. This results in these objects being replicated to the other domain controller’s copies of the Active Directory database.

• Primary Restore: The Primary restore method is used when each domain controller within a domain hosting multiple domain controllers, needs to be restored. What this means is that the entire domain has to be reconstructed from the Active Directory backup. This method can also be used to restore Active Directory for a domain that only has one domain controller. The Primary restore method is selected in Windows Server 2003 Backup utility by merely enabling the Primary restore method checkbox. This removes previous complexities associated with performing this type of restore in Windows 2000. The Primary restore process is also very similar to that performed for a Normal restore of Active Directory.