Dont know how your environment looks like now (dont have much info on future plans either), but here is a start: LDAP issues - http://support.microsoft.com/default.aspx?scid=kb;en-us;Q224447 LDAP/SSL issues - http://support.microsoft.com/default.aspx?scid=kb;en-us;Q232606 Domain Controller/GC? http://support.microsoft.com/default.aspx?scid=kb;EN-US;q275127
Planning etc - http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechnol/exchange/proddocs/ex2kupgr/planus/p_04_tt1.asp http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/itsolutions/guide/plan/p_04_tt1.asp also, this (pasted doc) with some good points/observations from Andrew Phillips: Here are the notes from our Upgrade of NT4.0/Exchange5.5 to Win2k AD and Exchange2000. Everyone has a different situation, but if this helps anyone then great. It worked pretty well for us. Briefly, we upgraded a new Domain controller from NT4 to Win2K 1st and did the AD migration, then installed clean Win2K box with Exchange 2000 and migrated the mailboxes. While we were at it we updated another couple server to Win2K member servers and also left 4 or 5 member servers at NT4. We are currently in mixed mode. We still have an older BDC active that we can not upgrade yet because we are waiting for updated software that will run on Win2K. I cut and paste the word doc into this email below since I can not send an attachment, if you want the Word doc, email me and I will send it to you. W. Andrew Philips Customer Service Manager Networks Plus Phone: (785) 587-4121 x202 (785) 267-6800 x202 Fax: (785) 565-2902 Email: <mailto:[EMAIL PROTECTED]> -----Original Message----- From: Andrew Philips Sent: Tuesday, April 17, 2001 12:07 PM To: 'MS-Exchange Admin Issues' Subject: win2k/Exchange2K install migration notes Installation / upgrade of Companyname network and messaging infrastructure I. Planning A. Clean up existing NT domain and Exchange directories. B. Remove unused accounts and mailboxes. C.Run the DS/IS consistency checker to remove orphaned permissions. All permissions, to all public folders and in each users mailbox, must belong to an account that will be upgraded to the new domain. D.Identify users with multiple mailboxes. A duplicate account will be created for each extra mailbox. Set custom attribute 10 NTDSNoMatch for each extra mailbox to create a disabled user account. E.Exchange 5.5 groups used for permissions on public folders will be upgraded as distribution lists in a mixed mode Exchange organization. The groups will need to be recreated as security groups in Active Directory to be used for permissions. Then the distribution lists can be deleted, since security groups can be used as distribution groups. F.Plan the DNS and AD structure of the organization. 1.FQDN - companyname.local ( private internal name ) 2.Organizational Units - used to organize users 3.Sites- used to control replication II.Preparation A.Install necessary support services. 1.Install new server with NT4.0 as a BDC. 2.Install SP6. 3.Promote to PDC. 4.Install Windows 2000 as a member server. ( this will be the Exchange server ) 5.Set up DNS. a.create a dynamic zone for the new domain. b.enable forwarding and test. 6.Install SP1. B.Upgrade PDC to Windows 2000. 1.This procedure will install Active Directory on the Server and create a global catalog. 2.Create a new forest root. 3.Install DNS, WINS, DHCP and FTP service. 4.Install SP1. 5.Set time synchronization ( use NTP server or point machine to itself, and set time server for all 2000 DC's.) 6.Shutdown old DHCP server, put new server on-line. 7.Change WINS and DNS parameters on static machines. C.Prepare upgraded domain for Exchange installation. 1.Install AD on new mail server and make it a Global Catalog. ( Any DC running the ADC will prefer a global catalog installed locally. Exchange also prefers a GC installed locally if Exchange is installed on a DC ) 2.Integrate DNS into AD. ( This is preferable for security, as zone transfers are disabled; DNS information is propagated through AD replication mechanisms. ) 3.Install Windows 2000 support tools, test AD with DCDIAG utility, and resolve all problems. 4.Create a service account for the ADC to use ( member of Domain admins and Enterprise admins ), and make the administrator account a member of enterprise admins. 5.Install Active Directory Connector ( can be on either server, as long as the server is a global catalog server ) and join an existing organization ( must be able to contact the Exchange 5.5 server by name at this point ). 6.Run ForestPrep. 7.Run DomainPrep. D.At this point the organization is in Win2K mixed mode, prepared to integrate AD with Exchange. III.Installation of Exchange 2000 A.Connect AD to the Exchange 5.5 directory. 1.Create an ADC connection agreement to the Exchange 5.5 server. 2.Use a 2-way connection agreement if AD needs to be able to update the Exchange directory, use a one-way if the Exchange 5.5 directory will no longer be in use. ( WE used a 1-way agreement as we are not maintaining accounts on the old Exchange server. ) 3.Connect the recipients container to the users container. 4.Use the same user account to run the connector that was specified when ADC was installed. 5.Replicate now to populate AD with users attributes. 6.Create a CA for the public folders. 7.Create a second user connection agreement for the 2nd Company users container. This will also affect 2nd Company users even if they are in the users folder and not the 2nd Company container in AD. 8.Allow time for all objects to replicate and check object attributes in AD. B.Install Exchange 2000 ( IIS and sub components should already be installed. ) 1.Set access permission to disable anonymous access in webserver for default website. 2.Add domain name spaces to default recipient policy. 3.Configure FQDN and external DNS server for default SMTP server. 4.Create additional storage group, and configure database and log file locations and set store limits. 5.Disable POP3 access to the Exchange server. 6.2nd Company Users needed Companyname email addresses to access http://mail.companyname.com/exchange, http://mail.2ndCompany.com/exchange also works. IV.Migration. A.Public Folders. 1.The public folders will be available to clients during this process. 2.Create replicas on the new server. 3.Home the replicas on the new server. ( use Exchange 5.5 manager ) 4.Take time between these steps to be certain no errors are occurring. 5.Be sure to include free/busy schedule+ folder ( system folder ) 6.Be sure to allow time for all replicas to synchronize. 7.The replicas can be removed from the Exchange 5.5 server. 8.Verify public folder permissions. 9.Stop folder replication - public store replication schedule on both servers. 10. Stop the replication of the ADC public folder and user connectors. B.Mailboxes 1.Move user mailboxes. ( AD users - Exchange tasks ) a.Only the user will receive full mailbox access, permissions set inside the mailbox based on groups may be lost, permissions based on users will be retained. b.Users will be unable to access mailboxes while a particular mailbox is being moved. c.If a user has multiple mailboxes, give the user account full mailbox access to the disabled accounts mailbox, or send as permission and forwarding to. ( AD users ) d.Mailboxes can be moved singly, in blocks, or all at once. 2.Remove the Internet Mail Connector from the Exchange 5.5 server if it will no longer be used to send and receive internet e-mail. 3.The Exchange 2000 server should not require a connector. 4.In our case, a SMTP connector was necessary to receive internet e-mail. a.Use DNS to route mail, add local server as a bridgehead using default SMTP server, and address space=*. 5.Change NAT mapping in router to point to new Exchange server. C.Management setup of Exchange 2000 server. 1.Create a full-text index for each store. Be sure to specify the location of the files during creation ( default is C: ). 2.Set a custom update and rebuild schedule ( run when the store / server will not be busy. ) 3.Make the index available to clients. 4.New mailboxes are created by using Active Directory Users and Computers. Create a mailbox when creating the user account. Mailboxes are created, managed, and deleted ( and object permissions are set ) using this console. 5.Set the schedule for deleted item retention in each PRIV and PUB store. 6.Set storage limits in each PRIV and PUB store. 7.To check mail Queues, you must go to server/protocol/SMTP, and enumerate the messages ina queue to get any detail on those messages D.Setup Instant Messaging. (we have not spent the time to get this working) 1.Create a virtual IM server. 2.Enable IM on user accounts. 3.Distribute Client software. 4.IM requires DNS to run. The client must be able to resolve a SRV resource record for port 80 of the virtual IM server. The AD DNS service will have the required records after setup is complete. Clients log in by AD username, password, and e-mail ( which is normally username@<exchange-server>.domain.name ). The DNS record to resolve is taken from the client e-mail credential. 5.The IM client software can be configured to communicate only with the Exchange server or Exchange server plus MSN service. This is set by each client at install time. V.Backup strategy A.Remote storage should be installed before using NT backup. This program allows for management of removable media. Do not configure remote storage to run automatically ( scheduled tasks folder ). It may be necessary to write a free media label on import media.. The backup media pool should be configured to draw media from and return to the free media pool. B.Use the NTBackup program. This program is modified by the Exchange install ( or the Exchange admin tools install ), and is able to backup at the Information Store and Site Replication Service level. Local and remote stores can be backed up. Active Directory ( system state ) can only be backed up locally. C.An offline backup is required to backup the server configuration. An online backup is required to backup the Information store and remove the log files. D.The backup can be created with the backup program and scheduled with the scheduled tasks folder. 1.In the scheduled tasks folder, append the /UM switch the backup command line. This will cause the backup program to use any available tape in the drive. 2.Only the user account that the backup job is running under can view the restore catalogs and job history of that backup job. 3.If necessary, rename tapes in remote storage to match what the tape name is set to be in the backup script. "Rajalakshmi Iyer" To: "MS-Exchange Admin Issues" <[EMAIL PROTECTED] <[EMAIL PROTECTED]> in> cc: Subject: Exchange 5.5 on Windows 2000 01/09/2002 10:18 PM Please respond to "MS-Exchange Admin Issues" Hi, What are the issues with having an Exchange 5.5 server on Windows 2000 machine? Thanks and regards, Rajalakshmi Iyer List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
