How to do a migration from one organization to another?
In this case it’s about Exchange 2003 organization (legacy) to Exchange 2010
They are totally separated by individual domains, network connection has been established between the domains and two-way trusts have been setup.
Company A à Company B
I’ve created up an account in the target domain called; admt.
The account is added to domain administrator for target.local and the built-in administrators group in the source domain.
To get the passwoed migration to work I needed to:
First on the DC in target domain I installed ADMT ver 3.0 and then run the following command from cmd
“admt key /opt:create /sd:source /kf:c:\key”
In the source domain I needed to create a local group named sourcedomain$$$
A little registry change needs to be done:
“HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa” Create a new DWORD value called TcpipClientSupport and configure it with a value of 1
Install the ADMT password migration DLL on the server from I386\ADMT\Pwdmig folder on the Windows Server 2003 CD-ROM or from C:\Windows\ADMT\PES
Then in the installation point on the pes file created previously on the target/destination DC
Reboot when the settings and installation are done.
When password migration is done, remove the DWORD and reboot the source DC.
On the target side I needed to do some things:
Enable auditing for success and failures for account management in your default domain controllers policy in the target domain
Also verify that the account that’s going to be used in the migration has the appropriate permissions and that the Password Export Server Service is started.
We’re ready to start the user migration from the source domain to the target domain using ADMT.
In my case I had a little problem migrating the accounts because they didn’t have any password so I had to set password for them
Here’s an example I used to set password for all users in a OU
“dsquery user “ou=source,dc=source,dc=local” -limit 0 | dsmod user -pwd P@ssw0rd >password.log”
Now it’s time for the mailbox to move from one organization to another, this could be a little problematic.
I’ve done the following steps to move the mailbox from Exchange 2003 to 2010.
Then move will be an offline move, this means that the client will be disconnected when the move starts.
There are a lot of suffixes for how to move the mailbox if need exists.
These suffixes of commands can be found here:
http://technet.microsoft.com/en-us/library/dd876952.aspx
First step is: Typing in the password for the local forest/domain by starting EMS and typing in
$Local = Get-Credential
Second step is to type in the password for the source forest/domain
$Remote = Get-Credential
It’s time to prepare the move by identifying the user/mailbox
./Prepare-MoveRequest.Ps1 -Identity admin@source.local -RemoteForestDomainController server01.source.local -RemoteForestCredential $Remote -LocalForestDomainController server02.target.local -LocalForestCredential $Local
This is done by using the official prepare-moverequest script, it can be found here:
http://www.microsoft.com/downloads/details.aspx?FamilyID=16a91d42-5ca4-4b58-aaa6-b2689b99ba51&displaylang=en#filelist
When the prepare is set, the move request can be set
New-MoveRequest -Identity admin@target.local -RemoteLegacy -TargetDatabase “DB” -RemoteGlobalCatalog server01.source.local -RemoteCredential $Remote -TargetDeliveryDomain “target.local”
The move have started, to check the progress run:
Get-MoveRequestStatistics -id username
When the move is done, the move-request needs to be removed by typing in:
Remove-MoveRequest –id username
The problems I have discovered were that for some reason the attribute “msExchMailboxGuid” didn’t migrate to the new account in the target domain.
This can be solved by either: copy and paste the information manual or by using IIFP.
In my case I did a manual copy and paste because this is a lab environment.
The last problem, I wasn’t able to create the MoveRequest because it couldn’t find the mailbox/user for some reason and this seems to be a bug and can be solved by on the target mailbox server adding the dns suffix of both the target and the source domain.
Hope this helps someone that will make this procedure!
Don’t hesitate to leave comments and feedback
Source:
http://technet.microsoft.com/en-us/library/bb124797.aspx
http://technet.microsoft.com/en-us/library/dd876952.aspx
http://technet.microsoft.com/en-us/library/ee861103.aspx
Kategorier: Exchange 2003, Exchange 2010
Taggar: Client Access, Mailbox, Migration, Transport
Very nice article thanks a lot for jonas..
Thank you very much!
Hope it helped you in some way
Hi Jonas,
Can you let me know what OS you were running on both source and target? I am using Windows Server 2008 on the target and when I get to the step of installing ADMT it won’t allow me because it’s not compatible with Server 2008.
I tried changing the Compatibility settings of the executable but that didn’t work and just reported “The system cannot find the file specified”
Any suggestions of how to proceed?
Hi Anthony
I was running Windows 2003 on both source and target in this case.
I was using version 3.0 of ADMT, that’s not compatible with Windows 2008.
ADMT version 3.1 is compatible with Windows 2008, download and use that one, can be found here:
http://www.microsoft.com/DOWNLOADS/details.aspx?familyid=AE279D01-7DCA-413C-A9D2-B42DFB746059&displaylang=en
Hello, thanks so much for this!!! Can you go into more detail concerning this problem stated at the end please:
“The problems I have discovered were that for some reason the attribute “msExchMailboxGuid” didn’t migrate to the new account in the target domain.
This can be solved by either: copy and paste the information manual or by using IIFP.”
We have around 600 users and hope to avoid any copy/paste interaction. We have the Source domains on 2003 and the Target will be 2008. So I’m not sure if IIFP would work according to the specs on the download page?
Thanks again, great post.
Hi
Check the GAL sync article on msexchange.org
http://www.msexchange.org/tutorials/GAL-Sync-Identity-Integration-Feature-Pack-IIFP.html
Thanks for the comment and feedback Steve!
Don’t hesitate to take contact if there are any questions
Hello,
What about a second part — How to migrate the public folders between the forests?
Morris
Hi,
Yes sure, thanks for the suggestion
I’ll do a part two of this
Do you want it from 2003 to 2010?
Yes….Like in real life scenario — I am sure that most organizations that run on Exchange 2003 have Public Folder infrastructure and will have to move their public folders to the new Exchange 2010 org
Hi Jonas,
I noticed at the end of your post you mention a problem with creating the move request:
“The last problem, I wasn’t able to create the MoveRequest because it couldn’t find the mailbox/user for some reason and this seems to be a bug and can be solved by on the target mailbox server adding the dns suffix of both the target and the source domain.”
Can you please let me know what you did to resolve this? The exact error we are getting when we do the new-moverequest is : “Cannot find a recipient that has Mailbox GUID”
You mention adding DNS suffix for the target and source. Is that in the NIC configuration?
Thanks for the input…
-jim
Yes, it’s in the NIC config
Any update on your issue?
[...] Cross-Forest Migration in Lab [...]
Great article…
I am in process of this migrationa nd before that i wanted to test…i will build a test setup and will disturb you if required.
Thanks a lot…
Hi
very good articles
one question if I may: have you installed exchange 2010 CAS on the source forest ?
thanks
Lorenzo
Hi Lorenzo
No, I used Exchange 2003 in the source forest and Exchange 2010 in the target forest
Hi,
Can you let me know whether the same procedure has to be followed for migration of Exchange 2007 to Exchange 2010(Cross forest mailbox moves)
Hi Mugundhan,
Thanks for your reply!
I’ll paste some links to sites where cross-forest migrations from Exchange 2007->2010 is discussed:
http://blogs.technet.com/b/exchange/archive/2010/08/10/3410619.aspx
http://blogs.technet.com/b/meamcs/archive/2011/06/10/exchange-2010-cross-forest-migration-step-by-step-guide-part-i.aspx
http://www.thegenerationv.com/2010/03/cross-forest-migration-with-exchange_23.html
I hope these links will give you the information you are looking for
Regards
Jonas
Great post…one of the betters ones i have come across.
Hello,
Can i have ur personal email address. I have a few qestions that i will like to ask you for migration 2003 to 2010 cross forest
Hi Evyn,
You can reach me at: jonas.andersson@testlabs.se
Regards
Jonas