Archive for the ‘Small Business Server 2008’ Category

I’ve been meaning to write this post for a while now but somehow never found the time to do it.

When migrating from SBS2008 to SBS2011 I have come across this issue a number of times now and each time I seem to get caught up in the moment and try to find another way of resolving this issue.

Lot’s of posts about this being a 3rd party connector that has been setup for a photocopier or mail service of some sort etc etc.  None of which is correct.

It’s plain and simple, this is a foreign connector in SBS 2008, and contrary to other posts, it does seem to be there by default, I have checked vanilla SBS 2008 installs and those that have been migrated. I even installed a fresh SBS 2008 in to a virtual machine and it was there too.

This can be confirmed by launching the Exchange Management Shell and running Get-ForeignConnector and if you want more details run Get-ForeignConnector | fl

It’s also part of the Migration guide from SBS 2008 to SBS 2008.

It’s purpose…to receive email addressed to companyweb.  If you check the Exchange Management Console on an SBS 2008 server you will see it listed under Organisation Configuration > Hub Transport > Remote Domains you will see the Windows SBS Company Web Domain.  This is the matching address space.

The purpose…to drop any emails destined for companyweb to a folder ready for pickup by Sharepoint.  By Default this will be C:\Inetpub\mailroot\drop

This functionality is not available in SBS 2011 (or isn’t as far as I can tell) therefore before migration you will need to remove the foreign connector.

To do this, run the following command Remove-ForeignConnector –Identity “Windows SBS Company Web Connector SERVER2008” and then select Y at the confirmation prompt.

I found myself today in a situation where I hadn’t completely finished an installation of SBS2011 and wanted to finish it remotely.

Without really giving it too much thought I had convinced myself I could simply connect to the server remotely using RWW.

Unfortunately I hadn’t yet got around to installing a 3rd party trusted certificate, which kind of complicated the issue somewhat.  Upon connecting to RWW and clicking the connect button underneath the SBS server name I was rudely presented with this error.

 

Annoyed with myself for not doing enough so that I could complete this job and completely forgetting to install the CA certificate I searched for a way to resolve this.

Thankfully, I didn’t have to look too far.

When connecting to RWW, listed under Shared Folders is the default Public Share as illustrated below.  Click this link, in the new window that opens select Public and then Downloads.  Under here you will see Install Certificate Package.zip put a check box next to this and then select download.

Once downloaded, extract the zip file and then launch the InstallCertificate.exe file.  Select Install Certificate on my computer and click install.

Once done, close and re-launch internet explorer and re-connect to RWW.  You will now find you can successfully connect to remote computers.

The other alternative is to purchase a 3rd party trusted certificate from http://www.exchangecertificates.com that will remove these certificate errors completely.

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip Migration Tip #2 – The Practice Run can be found here: https://demazter.wordpress.com/2011/06/14/migration-tip-2-%e2%80%93-the-practice-run/

My third tip Migration Tip #3 – Preparing for Live Migration can be found here: https://demazter.wordpress.com/2011/06/15/migration-tip-3-preparing-for-live-migration/

My fourth top Migration Tip #4 – The Migration can be found here: https://demazter.wordpress.com/2011/06/16/migration-tip-4-the-migration/

My fifth tip is based around testing and clearing up after the migration.  You’ve done all the hardwork, it would be a real shame to get this far and to encounter problems when you start to remove the old system.

Check over your work, do some test shutdowns of the old system.  Making sure that all users, data and systems are all operational during the shutdown.  Even go as far as to turn the system off for a week before you actually remove it from the network.  Making sure you tell your users that you are doing this and that any glitches you want to know about.  Believe me, all too often they will put up with a glitch and won’t tell you about it, until it’s too late.  You need to make it very clear that no matter how small you need to know about it during this “down” time.  It’s easier to resolve when the system is available than it is when it’s no longer part of your network.

There may be additional tasks you will need to perform once the old system is decomissioned.  These could include (but are not limited to):

  • Backups, check you are backing up the data/system in it’s new location.
  • Data flow, check that any dataflow in, out and around your network/systems have been updated to accomodate the changes you have made.  for example if it’s an Exchange migration, make sure that the firewall rules that control mailflow have been updated.  If it’s a SQL Database, make sure that any scripts/log shipping/etc have been modified. 
  • Check any internal/external DNS entries have been modified if required.  If migrating to the cloud these will be external changes, if internal migrations then they will be internal changes.
  • Check that any systems that interact with what has been migrated are still functioning, MFD’s, Fax Machines, NAS  devices etc etc.  The list is endless and only you will know what devices/systems you have in place.  Check them all.
  • Check with your users that they are happy that all of what they need access to is working and functioning as they expect it to.
  • Update your network documentation, do this now, whilst it’s still fresh in your mind.

Finally, once all that has been completed and you are happy that everything is working, decomission the old system.  Making sure of course you take a final backup before you do so.  Make sure you follow the correct procedure for removing the system you are migrating away from.  Don’t just turn it off and take it away.  Not following the correct procedure, can and will effect your network and any future migrations.

This is my final migration tip, I hope you have found them useful.  Please watch out for my next migration guide which will be available in the next few weeks which is Migrating Small Business Server 2008 to Small Business Server 2011.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip Migration Tip #2 – The Practice Run can be found here: https://demazter.wordpress.com/2011/06/14/migration-tip-2-%e2%80%93-the-practice-run/

So, we now have a healthy source server and you have practice until the match sticks snap what next?

My third tip is about making sure you are prepared for the task ahead. Any type of migration needs to be taken seriously, it is a business critical operation you are about to embark on. If you are in any doubt about it at all, now is the time to say so, and if necessary call in help.

If you are happy with the process and confident you are able to complete the steps to achieve your goal then the next thing we need to do is plan a time to do it.

Most migrations are not time limited other than SBS to SBS migrations that have a limit of 21 days where both SBS servers can co-exist at the same time.

Make people aware of what you are doing, involve them, explain that you are expecting to have teething problems but would prefer if they collated them and then passed them to you when you ask for them. The last thing you want is to try trouble shooting whilst trying to complete a migration.

Find out if there is anything business critical happening (a big bid/contract etc that needs to be out just when you take the mail system offline) that could be delayed by the work you are carrying out, and if so, delay your migration. Talk to absolutely every member of staff. Manage Expectation.

In reality, if you get it bang on, the end users shouldn’t even notice and I would say 99% of the migrations I have done this has been the case. But there is always the odd one.

Have a recovery plan, know how to back out of what you are doing if it does go pear shaped. If you need to lock and migrate huge amounts of data then make sure you plan this stage of the migration for when people aren’t going to be using the system as heavily.

Document what you are doing, make notes of which stage you have got to and what action you have just taken.  This might seem like a waste of time, but take it from someone who has picked up a few failed migrations from people just like yourself, it’s not.  Knowing exactly what stage you are at will help a consultant very quickly get to grips with the situation and this means a faster resolution.

And, most importantly of all, make sure you have backups! Take more than one, take one off-site, and do it different ways. I like to have a backup on either removable storage so I can access it quickly but also on tape just to be sure.

Watch out for tip Migration Tip #4 – The Migration

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip is about making sure you are familiar with the technology you are migrating to.

For many people, migrating to a new technology will be the first and only time they perform this task. So, it’s always a good idea to familiarise yourself with the setup process before you do it for real.  With the use of virtualisation technologies we can install and test new products without the need for new hardware and without the possible impact on our live environment.

There are a number of virtualisation products that will allow you to do this on your desktop/laptop computer. You need to consider that most new products (if not all) will be based on x64 bit architecture. This does limit the virtualisation technologies that you can use on the desktop. Some of my favourites are listed below.

VMWare Workstation, this is a paid product but worth its weight in gold: http://store.vmware.com/store/vmwde/en_IE/pd/productID.166452200/Currency.GBP/?src=PaidSearch_Google_PersonalDesktop_WKSN_EMEA_UK_EN_Brand
VMWare Server, this is free for use and technically should only be used on a Server Operating System, but it does work on Desktop OS for testing purposes: http://www.vmware.com/products/server/overview.html
Virtual Box: http://www.sun.com/software/products/virtualbox/get.jsp

Whichever technology you use, virtualisation will allow you to install the new software in a test environment, and keep installing it until you are happy with the process. Run through it 2, 3 even 4 times. Make sure you are familiar with the screens and what answers you are going to provide to the wizards. Take notes, even write a step-by-step of what you encountered and when you encountered it. Remember, the more you do now when you are in a safe “sandbox” environment, the easier and less pressurised the real thing will be. Don’t pay too much attention to the actual data you are entering as some of this will change when you do a migration as opposed to a new installation.

For the actual Migration Pick a migration guide for your technologies, it’s always best to use one that’s recommended by others and they have had good success with.  You will find my migration guides here: https://demazter.wordpress.com/category/migration-guides/ I use my guides in my own migrations and update them with any changes as often as possible.  Read the guide thoroughly before you start the migration.   It’s easier to get answers when you are not under pressure to fix things.

If you have the time and the inclination I would also suggest that you convert your physical source server to a virtual one. This will allow you to do a test migration with your actual source server. There are many tools for performing the capture and they depend on the virtualisation technology you are using and whether you want a free or paid product. Some examples of methods that can be used to convert physical machines to virtual ones can be found here: http://4sysops.com/archives/p2v-for-vmware-six-ways-to-convert-physical-to-virtual/

Doing a virtual migration with a virtual copy of your actual source server is a great way to identify any problems you may encounter during the real live migration. You then have the opportunity to rectify these issues and then try the migration again. Once you are happy the migration has worked you are then in a position to do the live backup. I would be doing 3 to 4 virtual migrations just to be absolutely sure.

Watch out for tip Migration Tip #3 – Preparing for Live Migration in the next day or two.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip is around source server preparation.

No migration is an easy migration, there is always potential for something to go wrong. All we can do is try to minimize this risk.

The biggest risk comes from the system we already have in place, the integrity of this system is paramount in ensuring a successful migration.

Making sure your source system is healthy and configured correctly will go a long way to ensuring you have a smooth migration.

Use analyzers and health check tools that are available from the vendor. Microsoft, for example, have a number of best practice analyzer tools. These can be used to identify any problems the system may have and provide advice on how to resolve them. Some of the ones I use regularly are listed below:

Small Business Server 2003 BPA: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=3874527a-de19-49bb-800f-352f3b6f2922&displaylang=en
Small Business Server 2008 BPA: http://www.microsoft.com/downloads/en/details.aspx?familyid=86a1aa32-9814-484e-bd43-3e42aec7f731&displaylang=en
Exchange Server BPA (not for Exchange 2007 or 2010, the built in BPA should be used): http://www.microsoft.com/downloads/en/details.aspx?familyid=dbab201f-4bee-4943-ac22-e2ddbd258df3&displaylang=en
Internet Security and Acceleration Server BPA: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=d22ec2b9-4cd3-4bb6-91ec-0829e5f84063
SQL Server 2005 BPA: http://www.microsoft.com/downloads/en/details.aspx?familyid=da0531e4-e94c-4991-82fa-f0e3fbd05e63&displaylang=en

In a Microsoft migration I will use tools like DCDIAG, NETDIAG, REPLMON and REPADMIN to check for errors, even if it’s a single server. You would be surprised how easy it is to misconfigure a single server. Further details on the usage of these tools can be found here:

DCDIAG: http://technet.microsoft.com/en-us/library/cc773199(WS.10).aspx
NETDIAG: http://technet.microsoft.com/en-us/library/cc782085(WS.10).aspx
REPLMON: http://technet.microsoft.com/en-us/library/cc772954(WS.10).aspx
REPADMIN: http://technet.microsoft.com/en-us/library/cc755360(WS.10).aspx

Make sure the source system is up-to-date. All updates, service packs etc need to be applied. This may seem like a waste of time on a system that you are soon to be migrating out of your network but really it isn’t. New products from the same vendor normally rely on the source system being up-to-date. I have been known to spend hours installing service packs and updates on a source server.

It’s worth spending the time getting this part of the migration perfect. There are no timescales in play here you can take your time, once you start migrating there are pressures at play that will make the slightest hiccup seem like your whole world is imploding. I would consider this part of the migration process the most important, and therefore if you are not comfortable with this process, hire someone who is. Buying in consulting services to make sure the server is health can save you a lot of money.

Watch out for tip Migration Tip #2 – The Practice Run in the next day or two.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

This guide is intended to provide step by step inbeen written using the preview version of SBS2011 therefore some structions on how to migrate from Small Business Server 2003 to Small Business Server 2011.

NOTE: This guide has of the screens may look slightly different on the final release.

Steps required:

  1. Health Checks on Small Business Server 2003
  2. Configure SBS2003 for single NIC
  3. Run Migration Preparation tool on SBS2003 & Create Answerfile
  4. Administrative User Creation
  5. Setting data locations
  6. Configure the Network
  7. Configure the Internet Address
  8. Migrate Exchange Mailboxes and Settings
  9. Remove Legacy Group Policies and Logon Settings
  10. Migrate users’ Shared Data
  11. Migrate Fax Data
  12. Migrate Users and Groups
  13. Uninstall Exchange 2003 from Small Business Server 2003
  14. Check Transfer of the 5 FSMO roles to SBS2011
  15. DCPROMO SBS 2003 server so it is no longer a domain controller and remove from network

Step 1. Health Checks on Small Business Server 2003

The absolute first thing you need to do is take a SYSTEM STATE backup of your Small Business Server as well as a full system backup. There is little chance of the data getting lost but the SYSTEM STATE backup backs up Active Directory so that if it all goes wrong we can recover it if needed.

To do this from using your preferred backup product ensure that System Stare is selected from the selection list then run a backup.

What you then need to do on the SBS 2003 server is to make sure you have all the latest available updates. This means you should at a minimum have:

  • Windows 2003 Service Pack 2 – verify this by right clicking on My Computer and select properties. It should tell you here the Windows Service Pack
  • Windows Small Business Server Service Pack 1 – verify this by checking the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\SmallBusinessServer\ServicePackNumber you are looking for a value of 1 in the bracket.
  • Microsoft Exchange 2003 Service Pack 2 – verify this using the Exchange System Manager. Navigate to first administrative > Servers. With the Servers folder highlighted on the right hand side you will see the SBS2003 servername with the service pack version listed.

Once you have installed all of the above, run Windows Update and make sure you select the option in the blue banner bar across the top for Microsoft Update. Microsoft Update will then allow you to update all Microsoft products installed on the server providing a more comprehensive update solution. Keep running the check and installing all updates until there are no more available. Further details on this process can be found in my article here: https://demazter.wordpress.com/2010/06/21/get-more-from-windows-updates/

Check the health of your Active Directory by running DCDIAG, if there is anything reported as an error fix it before moving on.

A common problem that can cause this migration to fail is that the SBS 2003 server does not have its own IP address listed for DNS in the network properties under TCP/IP. If this is the case, update it so that it does (do not use the loopback 127.0.0.1 address).

Step 2 – Configure SBS2003 for single NIC

Before you can migrate from SBS2003 it needs to be configured in a single NIC configuration and ISA server (if in use) needs to be removed.

To do this uninstall the ISA components from Add/Remove programmes.

You may also need an additional internet router appropriate for the type of connection you use. This should support NAT and needs to be configured with an IP address to match the internal NIC on your server.

Once you have done this, disable the second NIC and then run the Connect to the Internet Wizard to ensure SBS2003 is configured correctly.

I would then suggest a reboot to ensure that all these changes are taken in to effect.

Step 3. Run Migration Preparation tool on SBS2003 & Create Answerfile

As part of the Migration Preparation tool it will run the best practice analyzer to identify any issues with the current setup. Before you run the tool you will need to download and install from Microsoft Baseline Configuration Analyzer which can be downloaded from: http://www.microsoft.com/downloads/en/details.aspx?familyid=1B6E9026-F505-403E-84C3-A5DEA704EC67&displaylang=en

We can then run the wizard by inserting the SBS2011 DVD in to the SBS2003 server drive. Allow it to autoplay and you should see the following screen. If you don’t have a DVD drive in the SBS2003 server then there are a few options. Either use a USB DVD Drive, share the drive out from another workstation that does have a DVD drive, or copy the contents of the SBS2011 DVD to the SBS2003 server hard drive. The folders you require specifically are TOOLS and SOURCES. If you copy these 2 folders then instead of seeing the link below you will need to run the SourceTool installer from the TOOLS folder.

From here we need to select the option for Install the Migration Preparation Tool. The first screen we will see asks about getting and installing installation updates. My recommendation here would be to not install updates unless you are encountering an issue that has been identified by the SBS team and you are following specific advice regarding this. (screen below)

Once you have made your choice, the following screen will ask you to confirm that you have an adequate backup of the SBS system. Obviously the data needs to be backed up. But the important thing that needs to be backed up that is often missed is the System State Backup. This includes Active Directory and will be needed to recover with should the migration fail. (screen below)

Once you check the box to say you have a backup and click next you will see the screen below. This is preparing Exchange and Active Directory for the introduction of your new SBS2011 server. We are looking for 4 green ticks here.

Once this has completed click next. The next stage is the Migration Wizard will use the baseline analyzer tools you installed earlier to check the organisation for any misconfigurations that should cause the migration to fail (screen below)

This could take a few minutes but what we are hoping to see is the screen below that says we have no errors. This means we are ready to proceed with the introduction of the new server.

Clicking Next to move on will tell us the source server has been successfully (image below) prepared and give us the option to view the migration guide. At time of writing this article there was no migration content on the link provided.

The second option is to create an answer file. This is essential for the successful migration to SBS2011 so click this option and complete with the detail as illustrated below. The reason I select these options is that it then asks you to confirm some information at the installation stage. Almost like a second check before proceeding. One of the key options is not to perform any updates. This can be done after the migration, and with my experience from SBS2008 migrations these updates have been known to make changes which cause the migration to fail.

Now we need to save the answer file using the save option. Once done, copy it to a USB drive and place this in your new server along with the SBS2011 DVD and post up.

The first screen we see is the language and keyboard selection screen (image below)

Make the appropriate selections and click next.

We then see the screen below. Click Install Now

We are then presented with the usual License Agreement screen (below). Put a check in the check box and click Next. Obviously only if you agree to the licensing terms as set out by Microsoft.

The following screen (below) provides any storage that has already been configured on your new hardware. If you don’t see anything here you will need to load 3rd party drivers from your vendor using the Load Driver option. If you still don’t see anything listed then you may need to configure your RAID Controller so that there is a volume, most will do this by default on first boot if you don’t select to configure yourself, but some might not.

Once you have made the appropriate selections click next and we will see the usual Windows 2008 R2 component configuration and file copy screen as below.

Once this has finished the server will reboot and display the screen below. As this is a migration we will be selecting Server Migration and then click next.

The screen below is the time zone and date/time selection screen. It is absolutely essential that this matches the source server otherwise connection to the domain and promotion to a domain controller will fail.

Verify the time zone and date/time then click Next.

The screen below asks you to verify the source server IP address, the IP address you wish to assign the new server and the gateway address. Confirm the details and then click next.

The next screen is more confirmation. This time it is the source server name and internal domain name along with the administrative user details and the source server name.

Confirm the details, and even retype the password just to be sure. Then click Next.

We then see the update screen below. Again, my recommendation here would be to not install udates. And then click next.

The screen below is your company details, this will be used on Companyweb/Remote Web Workplace. Fill in the form an click next.

We then see the screen below which is the start of the SBS2011 component installation, this could take around 30-45 minutes and you can expect the server to reboot at least once during this phase.

Once this has finished you should be presented with the SBS2011 desktop and the screen below. This means that the installation phase of the migration has been completed.

If there were any problems with the migration you would see a troubleshooting assistant informing you of what has failed and how to correct it.

Step 4. Administrative User Creation

Now that SBS2011 has been successfully installed and you have logged in for the first time we will see SBS console. Those of you familiar with SBS2008 will notice that not much has changed.

As with SBS2008 most of the tasks we need to complete need to be performed with an Administrative user other than the built in Administrator account. This was not the case with SBS2003 and you probably do not have another Administrative user. If this is not completed we will receive the error below when trying to launch the Migration Wizard.

So the first step is to create this user.

Using the SBS Console select the Users and Groups option across the top of the console. You will then see the screen as illustrated below.

There will be no users listed here, don’t panic, this is perfectly normal. You will not see the existing users in the SBS Console until the migration is complete.

Click on the Add a new user account on the right hand side. This will launch the new user wizard.

Enter the details for your user. The important part is that you select Network Administrator as the User Role. Once you are done click next.

The following screen we are asked to enter a password for the user, enter a password and click Add User Account.

We then see the following screen, this can take a few minutes to complete but what we are looking for is 5 green ticks. If for any reason any of the stages fail the final screen will tell you what failed and why.

The following screen allows us to associate computers with this user or add an additional computer. There is no need to do this for the new Administrative User. Click finish to exit the wizard. From the SBS Console select the Home section and click Migrate to Windows SBS to start the migration tasks.

Step 5. Setting data locations

When launching the migration wizard there is a list of tasks to complete. These should be done in the order they are presented. As illustrated below.

The first task is to set the data locations for Exchange, Sharepoint, Shared Folders, Redirected My Documents and Windows Software Update Services. The wizards are the same for each so this guide will only run through one of them.

NOTE: If you don’t have a second volume configured there is no need to run this part. If you try to you will receive the following error.

If you do not have a second volume and don’t intend to have one, then on the first screen of the wizard put a check in the Task Complete radio and click next.

To run the wizards click the hyperlinks on the above screen one by one. The first screen (below) is simply the summary of what you will be doing, click next when ready.

The next screen runs a check of the configuration, one of the tasks this is completing is checking for available volumes and disk space for the files to be moved to.

Once this is complete we are given the options of locations to select from. At this stage because we have not configured a backup you will see an error that this has not been done. Click OK to continue.

Make the drive selection and then click Move. What we want to see is the screen below indicating that the move has been successful. Click finish and then move on to the next hyperlink to continue setting the data locations.

Step 6. Configure the Network

The next task the wizards want us to complete is the Configure the Network wizard. This is the Connect to the Internet Wizard.

When launched, the first screen we see is the one below. From here we need to select the Start the Connect to the Internet Wizard hyper link.

The following screen will give you a summary of some information that will be required to allow the wizard to be completed.

Make sure you have this information to hand and click Next.

The next screen does a check of the network configuration and will attempt to discover among other things your router. Part of these checks will also detect if there are any other DHCP services running on the network.

The wizard will not continue if another DHCP service is detected (see image below). Therefore if you plan to use another device for DHCP then this must be temporarily disabled to allow you to complete this task. I would however recommend that you do use SBS2011 for DHCP rather than another device.

Once you have disabled any DHCP services the wizard will move on and display what it has detected from your network configuration.

Check the information is correct and if so click Next. If not make any appropriate changes before clicking next.

Once done, we are looking for the big green tick as illustrated below that says our network has been configured.

Step 7. Configure the Internet Address

The 3rd task in the migration wizard is to Configure the Internet Address this wizard is for configuring the external domain you intend to use with the SBS2011 server.

The first screen we see is a summary screen explaining what the wizard will do.

Click the hyperlink for Start the Internet Address Wizard and then read the guidance on the screen below.

As this is a migration you will probably already have an external domain name and it will already be configured. The rest of this guide will assume you have a domain name registered and that you will use the control panel from your ISP to manage your External DNS. Click Next to start the configuration.

On the following screen, select the I already have a domain name that I want to use and click Next.

On this screen select the I want to manage the domain name myself and click Next.

The following screen we need to enter the external domain name we will be using, this will be the domain name used in the hyperlink for Remote Web Workplace, Outlook Web App, ActiveSync and will be used to create your email address.

Clicking the Advanced Settings link will allow us to reconfigure the name that appears in the self-signed SSL certificate from remote.domainname.com to something else. If you have mail.domainname.com or owa.domainname.com setup currently then this is where you would enter this information.

Once done click the configure button and the wizard will make the necessary changes. Once completed we want to see the summary screen as below. We are looking for 3 green ticks to say it has been successful.

Step 8. Migrate Exchange Mailboxes and Settings

The next step of the Migration process is to migrate the Exchange Mailboxes and Public Folders. When we launch the wizard for this task we see the following screen.

Clicking the hyperlink (at time of writing) takes you to the technet article for Migrating Mailboxes. To do this, we need to delve in to the Exchange Management Console. Click Start > All Programs > Microsoft Exchange Server 2010 and select Exchange Management Console.

Once the console has launched, navigate to Recipient Configuration > Mailbox. Here we should see all our mailboxes listed. All the mailboxes that appear as Legacy Mailbox are currently located on the SBS2003 servers mailstore.

You can either batch select the mailboxes using SHIFT or CTRL or do each mailbox one by one. Once you have selected the mailboxes to move, from the Action Pane on the right hand side select New Local Move Request. This will start the move mailbox wizard.

From the first screen click the browse button to select the Mailbox Store on the new SBS2011 Server. Once you have done this click Next.

For this screen, leave it at defaults for the first run. If you find that mailboxes fail to move due to corrupt items you may have to increase the value here to allow those corrupt items to be skipped and for the mailbox to move successfully.

The screen above is simply a summary of what task you will be performing, clicking the New button will start the mailbox moves.

Once complete, we are looking for the following screen, all green ticks.

If you are moving the mailboxes in batches then repeat this task until all mailboxes have been moved to the SBS2011 server.

The next stage is to migrate the Public Folders. To do this, complete the following steps on the SBS 2003 Server:

  1. Click Start > All Programs > Microsoft Exchange Server > System Manager
  2. Navigate to Administrative Groups > First Administrative Group > Servers > Servername > First Storage Group
  3. Right click on the Public Folder Store and select Move All Replicas. The only option that should appear in the list is your Exchange 2010 server. Click OK.

Now that we have moved the data to the SBS2011 server it’s best to leave the Exchange Settings as is for a day or so to a) make sure all the data is moved before we perform any other Exchange related tasks. b) Allow all the outlook clients to update automatically with the new server settings. We can now continue with the rest of the migration.

Step 9. Remove Legacy Group Policies and Logon Settings

The next step is to remove any Legacy Group Policies and Logon Configurations that are incompatible with SBS2011. The recommendation here is that any logon scripts in use should be migrated to Group Policies and/or Group Policy preferences. However in my experience it doesn’t cause any problems if this is not done.

Further information on these processes can be found here:

Remove old logon scripts for Windows SBS migration: http://technet.microsoft.com/en-us/library/cc527605(WS.10).aspx

Remove old Active Directory Group Policy objects for Windows SBS 2008 migration: http://technet.microsoft.com/en-us/library/cc527585(WS.10).aspx

Step 10. Migrate users’ Shared Data

This is another task where you need to perform the configuration manually. The steps required can be found here: http://technet.microsoft.com/en-us/library/cc527517(WS.10).aspx

Once you have the shares configured a simple backup of the SBS2003 server and restore to the 2011 server will restore all data with associated permissions.

Alternatively you could use robocopy which is part of the Windows 2003 Resource Kit which can be downloaded from: http://www.microsoft.com/downloads/en/details.aspx?familyid=9d467a69-57ff-4ae7-96ee-b18c4790cffd&displaylang=en

There is also command line reference for robocopy here: http://technet.microsoft.com/en-us/library/cc733145(WS.10).aspx

Step 11. Migrate Fax Data

There is no fax function in SBS2011 (this may change in the final release) but if you already have Fax data stored on the SBS2003 server you will need to migrate this data.

Launching the wizard will display the following screen.

Clicking the hyperlink Click to start Migrating your fax data this will move the data to the new server. At this stage if there is no fax services installed/configured on the SBS2003 server you will receive the error displayed below.

This is not a problem and can be ignored, mark this task as complete.

Step 12. Migrate Users and Groups

As part of joining the SBS2011 server to the domain which contains SBS2003 and making it a Domain Controller it has already got a copy of the Active Directory and all the users and groups.

However, they will not appear in the SBS Console, this is normal and can be resolved following the instructions here.

To allow the users to be seen a new role needs to be applied. To do this on the first screen the wizard shows a hyperlink to Run the change user role wizard as illustrated below.

Click this link, to start the wizard. From the list displayed select the role you wish to assign to these users.

On the following screen put a check in the box for Display all user accounts in the Active Directory as illustrated below. This will display all of the users. Highlight your existing user then click the Add button to move them to the right hand side.

Click the change user role button. We are looking for a screen similar to the one below with lots of green ticks to confirm the roles have changed.

Step 13 – Uninstall Exchange 2003 from Small Business Server 2003

Hopefully you are arriving at this step a day or two after you have migrated all the mailboxes, if not then I would recommend you leave it for a day or two just to allow all client computers to automatically update the Exchange server setting in outlook. If you uninstall Exchange 2003 from the Small Business Server and this hasn’t happened then the clients will have to be changed manually.

To perform this task we will need Small Business Server 2003 CD 2, which will be asked for during the uninstallation. Before we can do this though, there are a few steps we need to perform otherwise we will not be able to uninstall it.

If you use Recipient Policies that are Manage Mailbox policies, then these will need to be removed. Likewise, if you have Recipient Policies that are used for both e-mail address definition and mailbox management, the settings defined under Mailbox Manager Settings will need to be removed. You DO NOT need to remove your e-mail address policies.

The Recipient Update Service is not used in Exchange 2010 and is therefore not required, so it can be removed. To do this you will need to use ADSI Edit. This can be done by using the following procedure:

  1. Click Start > Run > MMC > Click OK
  2. Select File then Add/Remove Snap-in
  3. Click Add and select ADSI Edit and click Add, then close and OK
  4. Right click on the ADSI Edit and select ‘Connect to’. From the drop down under ‘Select a well known Naming Context’, select Configuration and click OK
  5. Expand Configuration > Services > Microsoft Exchange > Organisation Name > Address List Container > Recipient Update Services

Right click on Recipient Update Service (Enterprise Configuration) and select Delete. There may also be a Recipient Update Service (ORGNAME) this also needs to be deleted

Only delete the Recipient Update Service entries under the container; DO NOT delete the container itself or any other entries

The final step in preparation for uninstalling Exchange Server 2003 is to delete the routing group connectors that would have been created as part of the installation. I have highlighted them in the image below. Simply right click on each connector and select delete.

We are now ready to uninstall Exchange 2003. To do this, navigate to Start > Control Panel > Add or Remove Programs. From the list of installed applications, highlight Windows Small Business Server 2003 and click Change/Remove.

Click next on the Welcome screen, and next on the screen that follows. Once the component screen opens pull down the drop down next to Exchange Server and select remove, as shown below. Then click next and next again.

Step 14. Check Transfer of the 5 FSMO roles to SBS2011

All of the 5 FSMO roles should already have been transferred to the SBS2011 as part of the installation process but it’s always worth a check. The steps below will give instructions on how to do this if required.

Caution needs to be taken when performing this next step.[/b] I would advise that ALL of the previous steps need to be completed before this is done as Small Business Server MUST hold all 5 FSMO roles.

Once you are ready, the roles can be transferred as follows. Working on the Windows 2008 server do the following:

  1. Click Start > Administrative Tools > Active Directory Users and Computers
  2. Right click on the domain name and select Operations Masters. You will see the screen below.
  3. On each tab (RID, PDC & Infrastructure) click the change button.
  4. Accept the confirmation that you want each role to be transferred.

That is 3 of the 5 roles transferred. To do the next one, which is the Domain Naming Master we need to do the following:

  1. Click Start > Administrative Tools > Active Directory Domains and Trusts.
  2. Right click where it says Active Directory Domains and Trusts and select Operations Master.
  3. Once again click the Change button and say yes to the notification dialog.

4 down with 1 to go. To move the Schema Master role we need to do the following:

  1. Click Start > Run and type regsvr32 schmmgmt.dll
  2. Click OK to the confirmation
  3. Click Start > Run and type MMC and click OK
  4. Select File > Add/Remove Snap-in from the console
  5. From the list select Active Directory Schema, click Add
  6. Click Close and OK.
  7. Right click on Active Directory Schema and select Change Active Directory Domain Controller
  8. Choose the Windows 2008 Server from the list and click OK
  9. Click OK on the warning Dialog box.
  10. Right click on Active Directory Schema and select Operations Master
  11. Click the Change button and say yes to the notification dialog

That’s all the FSMO roles transferred from the Small Business 2003 Server. The next and final step is to demote the server from being a Domain Controller.

Step 15. DCPROMO SBS 2003 server so it is no longer a domain controller and remove from network

This is the final step of the migration process. If you have made it this far, well done! This is the easy bit!

At this point it is worth double checking that both the SBS2003 and SBS2011 server are both configured to use the SBS2011 server for DNS in the TCP/IP properties of the NIC. The only DNS entry should be the IP address of the SBS2011 server.

The first thing we need to do is make sure the SBS2003 is no longer a Global Catalog Server. Click on Start > Administrative Tools > Active Directory Sites and Services. Locate the Small Business Server

Right click on NTDS settings located under the Small Business Server and select properties. Remove the check from the Global Catalog check box and click OK. Close Active Directory Sites and Services snap-in.

The final step is to run DCPROMO. To do this, do the following:

Click Start > Run and type DCPROMO and click OK

Click next on the Welcome screen

DO NOT check the box that says “This server is the last domain controller in the domain” and Click next

Enter a new administrator password for the local administrator user and click next

The server will then remove Active Directory Services from the SBS2003 server and it will no longer be a Domain Controller.

Once this has finished, allow the server to restart, login and then shut it down. You have now completed the migration.

If you are still with me, well done! There are a few sections of additional reading below if you would like to know some more detail about some of the processes we have just completed. There is an excellent article from EE Expert tigermatt around the purpose of the FSMO roles which you will find under the further reading section.

Further Reading

You will also need a trusted SSL Certificate which can be purchased from http://www.exchangecertificates.com

Move/Migrate Sharepoint Services: http://technet.microsoft.com/en-us/library/cc288664.aspx

Move last legacy Exchange Server: http://technet.microsoft.com/en-us/library/bb288905(EXCHG.80).aspx

Demystifying the Active Directory FSMO Roles by tigermatt: http://www.experts-exchange.com/articles/Software/Server_Software/File_Servers/Active_Directory/Demystifying-the-Active-Directory-FSMO-Roles.html

Introduction

At 19:33 (UST) on Tuesday 21st September the long awaited email arrived with the subject title of “ANNOUNCING THE AVAILABILITY OF WINDOWS SBS 7 PREVIEW”.  It was time to drop whatever I was doing and dedicate as much bandwidth as possible to downloading the latest version of Small Business Server.

The contents of the email went on to brag about the technologies used in this release:

Built on Windows Server® 2008 R2, this exciting new edition of the all-in-one solution server for small businesses will include Microsoft® Exchange Server 2010 SP1, Microsoft SharePoint® Foundation 2010, and Windows Software Update Services. Small business customers will find significant security and management enhancements over previous versions, as well as much richer features for providing file-and-print, email and Internet services to employees.

Once the ISO was downloaded and virtual machine ready I proceeded with the installation.

Installation of SBS 7

The hardware requirements as advertised by the SBS team are:

The first noticeable difference in this specification is the RAM requirements, in SBS2008 the minimum requirement was 4GB to allow installation to proceed.  I have only configured my Virtual Machine with 4GB so let’s see if the installation starts.

The initial installation phase was something I was familiar with.  In fact it was identical to the SBS2008 installation and any other Windows 2008 R2 install.

We received the usual language selection screen, followed by the Install Now button and the license agreement.  Once we had selected which partition/hard disk the installation would reside the usual “Installing Windows” followed by a 30 minute or so wait (I am sure this would have been quicker if I had not done it on a Virtual Machine and if I had given it the 8GB minimum RAM requirements) we had our first restart.

Then upon restart there is the option to perform a clean installation or to perform a Server Migration (screenshot below)

For now we will continue with a clean installation (check out my next article which will be the migration guide 🙂 ).  So we select clean install and click next, verify the time zone settings click next.

The following screen we can either detect the existing network configuration or specify manually your IP address and gateway.  Then we have the usual install updates or not install updates.  As my preference is always to install updates once the installation has completed I am going to decline the updates option.

Following the initial configuration we receive the Company Information screen (above).  Filling in the details relating to your company and clicking next asks us to specify the servername and the internal domain name.  Interestingly it seems to be recommending short internal domain names with no suffix (screenshot below).  I cannot remember if this is the same as SBS2008 (will have to do a virtual install later to find out).  Key thing to remember here is that as with all previous versions of Small Business Server is that these details cannot be changed once you complete these wizards.

As with previous versions we need to specify a network administrator account, this is because by default the Administrator user is not enabled by default.

Conclusion:  The installation of SBS 7 is almost identical to that of SBS2008 and pretty painless.  Once you have given the wizards the information pertaining to your business and clicked next a few times you have successfully installed SBS 7.

It would appear that the 4GB of RAM I assigned to my Virtual Machine has not caused any installation problems, I received no warning and the installation completed.  There is nothing to say that this won’t change in the final release so bear this in mind.

Configuration

There was a nasty rumour that the SBS team had done away with the SBS console in favour of the new home screen in Windows Aurora.  However, thankfully that is not the case.  If you have been working with SBS2008 for a while then you will be familiar with the SBS Console.

The wizards appear to be identical.  This is great because it means we don’t have new wizards to learn.  They work and I see no reason why they needed to be changed.

Upon trying to complete the wizards I discover that the Connect to the Internet wizard unsurprisingly will not complete with no internet access.

Sadly, the test lab I am working on does not have internet access so I will need to rectify this before going any further.

Right, internet access sorted. And in completing the wizards in the SBS console, I have been pleasantly surprised by the lack of difference from the SBS2008 wizards.

Under the hood

The nuts and bolts of SBS7 look very similar to SBS2008 which is great from a supportability perspective.  With updated versions of Windows, Exchange and Sharepoint, SBS7 brings the features and updates that larger Small Business users have been crying out for since Exchange Server 2010 was released last year.

Overall, I think it’s a great addition to the SBS products and with the slimmed down version codenamed ‘Aurora’ designed for startup/smaller businesses to use cloud computing and the premium edition for those that want SQL2008 and an additional Windows 2008 Standard license I think the choices presenting small businesses are looking pretty good for the next round of Microsoft products.

If you are interested then the Public Preview of SBS7 is available on the connect program, you can see further details here: http://www.microsoft.com/sbs/en/us/beta.aspx please note however that previews or beta’s are not supported running in a production environment and you should not be using this as your primary operating system for your business. As with previous versions we need to specify a network administrator account, this is because by default the Administrator user is not enabled by default.

Conclusion:  The installation of SBS 7 is almost identical to that of SBS2008 and pretty painless.  Once you have given the wizards the information pertaining to your business and clicked next a few times you have successfully installed SBS 7.

It would appear that the 4GB of RAM I assigned to my Virtual Machine has not caused any installation problems, I received no warning and the installation completed.  There is nothing to say that this won’t change in the final release so bear this in mind.

Microsoft introduced Windows Update back in the days of Windows 98. This was a facility to get regular updates for Windows, both security updates, minor bug updates, driver updates and service packs. Since then the product has evolved. With Windows Vista and Windows 7 it’s integrated as a service into the operating system. (more…)

With more and more people using iPhones and iPads for email collection we are seeing more problems arising from misconfiguration.

Preparation

  • The first thing to be aware of is that for ActiveSync to work correctly you must be using Exchange 2003 SP2 or higher.
  • There should be a commercial SSL Certificate installed.  Whilst it will work without a commercial certificate, it can be fraught with problems and for the sake of $60 for a SAN/UCC Certificate is it really worth the hassle?  See http://www.exchangecertificates.com for cheap SSL Certificates that will work with Exchange.
  • If still using Exchange 2003 then a SAN/UCC certificate is not required.
  • You will need to ensure that you have port 443 forwarded from your router/firewall to the internal IP address of your Exchange Server.
  • NOTE: Whilst ActiveSync can be configured to work without SSL this is not recommended as port 80 is required to be forwarded from your router/firewall to the Exchange Server.  Also all usernames/passwords/data transmitted between the portable device and Exchange will be in clear text and not encrypted.

Configuration

To setup the Exchange Server account on the iPhone or iPad we need to first select the Settings option.

From settings select “Mail, Contacts, Calendars” as highlighted in red in the image below.

You will then be presented with the screen below.  From here select the Add Account option.

Once selected you will then see the screen below that will display all the options for setting up email accounts on your iPhone.  The one we want is Microsoft Exchange.

Once we have selected Microsoft Exchange you will be presented with the screen below that will ask you for some details regarding your account.

In this screen, you will need to enter your email address, username & password.  I normally enter the email address as the username thus negating the need for the domain name.

If you find this method does not work then you will need to enter the NETBIOS domain name associated with this Exchange Server.  You can find this by right clicking on the user using Active Directory Users and Computers and select properties.  Then under the Account tab the NETBIOS domain name will be listed.  If you enter the domain name on this screen then the username should also be the one that appears on the accounts tab.

Once you have entered the details press Next, at this point the iPhone will attempt to autodiscover your Exchange Server details.  If this fails then you will be presented with the screen below.  Please note it is not unusual for the first check to fail.

If you see the screen above then it might be a little confusing as it looks very similar to the previous screen.  What we have here is the option to enter the server information.  This is the same details that you would use for Outlook Web Access.  So if you use https://outgoing.gkvirtualdomain.co.uk/owa for OWA then the server information you would enter here would be outgoing.gkvirtualdomain.co.uk.

Once you have entered this press Next.

At this stage if you are using a self-signed certificate you will be presented with a certificate dialog box and you must select “Accept”.  If your account has been successfully configured you will see the screen below that will allow you to select what options to synchronise with Exchange.

Further Reading

There are known problems with administrative users when using ActiveSync and this has been covered in an article here by Alan Hardisty: http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/

Troubleshooting ActiveSync with Exchange 2003: http://alanhardisty.wordpress.com/2010/02/28/exchange-2003-and-activesync-configuration-and-troubleshooting/