I am about to finish a project located in Washington DC for a government. This project involved taking active directory 2003 and exchange 2003 and bringing into AD 2008 and Exchange 2008. To be honest the team I belong to is "ROCK" smart dedicated , intelligent people, and I have to give most of the credits to the team, prod to be part of a good team
AD 2003 and AD 2008 doesn't have huge differences in my opinion, knowing basic 2003 is the key to understand AD 2008 and life simply gets better with 2008 servers, hands up I started to love windows 2008 server. I love the new idea behind most of the new Microsoft products secure out the box, even exchange won't work because "Anonymous authenticating is not enabled" by default. This is just an example many other things are not there so Microsoft is giving us secure product ,we will have to turn these futures on so we cannot blame Microsoft no more (-:, this is very smart approach in my opinion.
The windows 2008 Core server was a lot of fun to play with but, I have to admin you will need to find tool called "Core configuration" to make your life easy otherwise you will have hard time to configure core servers. I hope that Microsoft soon hae this tool available for us officialy as MS tool.
Steps I have taken going through the migration
- Prepare active directory, fix replication issues among DC's
- Make sure FRS is happy, as well as SysVol, no journal wrap errors
- Use DCdiag /q (quite) until, no errors are reported, fix the issues reported accordingly
- Don't touch existing exchange 2003 environment ( I liked this one (-:, didn't have to fix anything)
- Build new DC's windows 2008, migrate the functionalities, DNS, DHCP, FSMO roles etc.
- Perform IP swap , Old DC IP addresses swap to new build DC's, to prevent , possible application related issues
- Build Exchange 2007 mailbox server (SCC single cluster copy), I really think this is a great configuration considering having rock solid SAN is being used and we used NetAPP, hands up I used to work with NetAPP, these appliance are rock solid, so no worries about SAN going down. Having two nodes in active passive configuration is great as one can be used to maintenance and install patches over fail over if it is needed.
- Used store calculator to find out MS best practices and followed one SG one DB model as it is recommended by MS.
- I have to give many credits to NetAPP Engineers as they know their stuff in and out as well as clustering technologies and Exchange 2007, especially to Mike Mitchell, Denise Otarola and Jason Middleton. Thanks guys for excellent service and deep knowledge.
- Installed HTS (Hub transport servers) two for redundancy and high availability
- Installed mail gateways as always IronPort as smart host and first line of defense for the corporate network. Thanks to IronPort engineer John for his supports as always.
- Installed CAS ( Client access servers) for OWA, Active sync, and Outlook anywhere etc
- Configure virtual directories and have a lot of fun with IIS 7.0, looks real nice and neat, finally.
- During installing mailbox server created connector to existing exchange 2003 server, the idea behind this was not to change anything on the production environment
- Moved some test mailboxes from exchange 2003 to exchange 2007, and test the mail flow.
- After make sure moved rest of the users from 03 to 07.
- Run into some minor issues such as
- OWA issues , needed bulk changes in ad used ADMOD (fixed right a way)
- Some default address book issues (fixed later on)
- Changed mail flow, deleted old connectors
- Start preparing decommission process for exchange 03
- Everything step by step is here
- Pay attention to PF folders as it is notes in the MS link "If you do not complete this step, the Exchange 2007 public folder database could fail to mount if you delete the Exchange 2003 or Exchange 2000 administrative group"
- Move offline address book
- Decommission existing legacy mail servers and domain controllers one by one
- Setup ISA server and use it as Proxy , internet firewall, ISA, CAS, and mailbox servers
I am still working on finishing this project and I will be posting more issues and experiences on my blog
MVP (Exchange) MCITP (EMA),
MCITP (SA) MCSE 2003, M+, S+,
MCDST, Security+, Project +, Server +