A few issues with the first Exchange 2007 installation
Migrated my company from Exchange 2003 to Exchange 2007 last week to get a bit of real life experience with the product.
The company only has around 50 email accounts so the plan was to lump all the Exchange 2007 roles onto one server. We were currently on Exchange 2003. As we had recently brought a 64bit capable server for Exchange we didn’t want to buy more new hardware so the plan was to move everyone onto a temp server and then rebuild the good server to 64bit windows and Exchange 2007.
Built a new Exchange 2003 server into the same organisation and moved everyone off, public folders, message connectors etc which all went smooth enough and followed the recommended procedures for removing the first exchange server a site.
Rebuilt the main server with Windows 2003 Server R2 64bit edition which went on very fast. Prepped the AD and installed Exchange 2007 with Mailbox, CAS, and Hub Transport roles.
The installation automatically added a message connector to the Exchange 2003 server.
I moved myself over to Exchange 2007 and did a few tests and then moved a few other test users over
That night we decided to test Outlook Web Access and Active Sync to 2007. We changed the firewall rules to point SSL to the 2007 box (we are not using ISA or a frontend server to keep down costs). I also exported the SSL certificate from the 2003 server into 2007 just by using the directory security tab on IIS Manager.
At first I forgot that they had changed the URL to /OWA and got all sorts of funny SSL error messages trying to log in with /exchange. With that out of the way we got access to 2007 fine but we could not get it to proxy to 2003. After doing a lot of reading and working out that it should work, /OWA for 2007 users /exchange for 2003 users I decided that the only thing that I hadn’t tried was to put in the equivalent of a frontend server. With the amount of users that we had doing this wasn’t necessary but I wanted to test it to see if this was what was causing the problem. I built another 2007 server but this time only with the CAS role, I then directed the SSL traffic to this server and straight away both 2007 and 2003 Outlook Web Access worked.
I also had a problem getting some of the mobile phones to sync with Activesync. Im not sure if it was just a time issue but shortly after removing the CAS role from the mailbox server so that just the CAS role on the frontend server remained things started to work. Also for the 2003 users we had to turn on Integrated authentication on the security for the Activesync virtual directory on the 2003 server.
Another small thing I had an issue with was when I changed the login information on the /OWA and /Exchange virtual directories so that users didn’t have to enter the domain name in their login credentials I forgot to change the /exchweb directory as well resulting in OWA not displaying correctly.
At the moment of writing I have moved all the users over to 2007 and am just trying to work out 2007 and public folders before decommissioning the 2003 environment. It looks like there is no link to public folders from a users mailbox in OWA now and /public isn’t working for us. I also need to spend a bit more time on managing public folders in 2007 before I am happy enough to get rid of 2003 completely. I may even try a sharepoint installation and see how hard it is to move the folders into that. I will be removing the frontend server once 2003 has been removed to save on licenses.