The transition process from Exchange 2003 to Exchange 2007 is a relatively straightforward process and involves the following high level tasks:
- Prepare the Active Directory directory service, you can extend the Active Directory schema and create the Active Directory objects and universal security groups to support Exchange 2007 before you install the server roles. Run setup.com /PrepareAD from the command line on the domain controller that is the schema master at the forest root. When you run setup.com /PrepareAD, the task setup.com /PrepareLegacyExchangePermissions also runs to create the universal security group that is granted permissions to send e-mail to Exchange 2007 Hub Transport servers.
- Supress minor link state updates on all Exchange 2003 front end servers.
- Deploy Exchange 2007 CAS/HUB servers in the same organization/forest as the existing Exchange 2003 servers and choose FE_SERVERNAME as the routing group connector destination
Note: Using an Exchange Server 2003 front-end server together with an Exchange 2007 Mailbox server is not supported.
- Configure the routing group connector to use all Hubs servers.
- Deploy the Edge servers
- Configure the external firewall to allow for outbound SMTP traffic from the Edge servers.
- Configure Edge Sync subscription and rest of the Edge settings.
- Configure the external firewall 1:1 NAT for both Edge servers to allow for incoming SMTP traffic.
- Delete the old SMTP connectors.
- Deploy Exchange 2007 mailbox servers
- Configure Public folder replication
- Configure the CAS web services virtual directories by following the below steps:
a. Configure CAS OWA virtual directories to support integrated authentication and to set the the external URL
b. Configure Outlook Anywhere internal/external URLs with Integrated authentication and set the External/Internal URLs
c. Configure ActiveSync external URL
d. On the Exchange 2003 backend clusters; configure the ActiveSync virtual directory to use Integrated Authentication
e. Configure OAB URLs using the Exchange Management Console and configure it to use HTTPS instead of HTTP
- Configure rest of the CAS settings
- Publish the ActiveSync through ISA 2006
- Test co-existence between both servers:
a. GAL co-existence is automatically achieved since all servers share the same Active Directory information. This means the GAL will appear the same for both Exchange 2007 and 2003 users
b. Email connectivity between Exchange 2003 to Exchange 2007 servers will automatically be enabled because of the Routing Group Connector created by the installation of the Hub server role
- Move sample mailboxes using the Exchange 2007 move mailbox wizard or cmdlet as a test for the migration
Note: You do not need to move your existing contacts or distribution groups. They will be available in Active Directory even if you remove your Exchange 2003 or Exchange 2000 servers
- On an Exchange 2007 server, for each offline address book (OAB), move the generation process to an Exchange 2007 server. For detailed steps, see How to Move the Offline Address Book Generation Process to Another Server.
- Upgrade the email address policies
- Upgrade the address lists
Note: Use the LDAP to OPATH converter tool
- Change the routing group connectors to use the Exchange 2003 backend server
- Decommission Exchange 2003 Front End servers
- Move rest of the mailboxes to the Exchange 2007 mailbox cluster
Note: If you have any Exchange 2003 or Exchange 2000 recipient policies that have not been applied, moving the mailboxes to an Exchange 2007 server will force the recipient policies to be re-evaluated and applied. Before you move mailboxes, make sure that you want to apply all of the existing recipient policies. If you have an existing recipient policy that you do not want to apply, clear the automatically update e-mail address based on e-mail address policy check box in Active Directory Users and Computers. For more information, see the Exchange Server Team Blog article Yes, Exchange 2007 really enforces Email Address Policies.
Note: The old Exchange 2003 backend will be running for at least 1 week in order to allow Outlook clients to automatically update their profile to point to the new Exchange 2007 mailbox cluster, otherwise, if the cluster is decommissioned immediately, clients will not be able to access their mailboxes until their profiles are modified to use the new Exchange mailbox server. KOC must ensure that all Outlook clients will logon at least once during this week for their profiles to be updated. Clients that do not logon before the old cluster is decommissioned must be updated manually. Exprofile can be configured to run as a logon script for the MAPI users to automatically configure their Outlook profiles to use the new mailbox server.
- Remove the Exchange 2003 backend servers. The decommissioning of the Backend servers should be conducted after making sure that all clients are redirected to the Exchange 2007 servers
- Remove the last Exchange 2003 server from the organization. For detailed steps, see http://technet.microsoft.com/en-us/library/bb288905(EXCHG.80).aspx
Note that these are just a guidelines to help in your migration planning, i'm not covering all of the scenarios and situations which will vary according to the environment design & setup.
I hope the above steps will be useful to the readers, as the above steps i always use in my deployments for customers.