Archive for the ‘Windows 2003’ Category

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip Migration Tip #2 – The Practice Run can be found here: https://demazter.wordpress.com/2011/06/14/migration-tip-2-%e2%80%93-the-practice-run/

My third tip Migration Tip #3 – Preparing for Live Migration can be found here: https://demazter.wordpress.com/2011/06/15/migration-tip-3-preparing-for-live-migration/

My fourth top Migration Tip #4 – The Migration can be found here: https://demazter.wordpress.com/2011/06/16/migration-tip-4-the-migration/

My fifth tip is based around testing and clearing up after the migration.  You’ve done all the hardwork, it would be a real shame to get this far and to encounter problems when you start to remove the old system.

Check over your work, do some test shutdowns of the old system.  Making sure that all users, data and systems are all operational during the shutdown.  Even go as far as to turn the system off for a week before you actually remove it from the network.  Making sure you tell your users that you are doing this and that any glitches you want to know about.  Believe me, all too often they will put up with a glitch and won’t tell you about it, until it’s too late.  You need to make it very clear that no matter how small you need to know about it during this “down” time.  It’s easier to resolve when the system is available than it is when it’s no longer part of your network.

There may be additional tasks you will need to perform once the old system is decomissioned.  These could include (but are not limited to):

  • Backups, check you are backing up the data/system in it’s new location.
  • Data flow, check that any dataflow in, out and around your network/systems have been updated to accomodate the changes you have made.  for example if it’s an Exchange migration, make sure that the firewall rules that control mailflow have been updated.  If it’s a SQL Database, make sure that any scripts/log shipping/etc have been modified. 
  • Check any internal/external DNS entries have been modified if required.  If migrating to the cloud these will be external changes, if internal migrations then they will be internal changes.
  • Check that any systems that interact with what has been migrated are still functioning, MFD’s, Fax Machines, NAS  devices etc etc.  The list is endless and only you will know what devices/systems you have in place.  Check them all.
  • Check with your users that they are happy that all of what they need access to is working and functioning as they expect it to.
  • Update your network documentation, do this now, whilst it’s still fresh in your mind.

Finally, once all that has been completed and you are happy that everything is working, decomission the old system.  Making sure of course you take a final backup before you do so.  Make sure you follow the correct procedure for removing the system you are migrating away from.  Don’t just turn it off and take it away.  Not following the correct procedure, can and will effect your network and any future migrations.

This is my final migration tip, I hope you have found them useful.  Please watch out for my next migration guide which will be available in the next few weeks which is Migrating Small Business Server 2008 to Small Business Server 2011.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com

Advertisements

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip Migration Tip #2 – The Practice Run can be found here: https://demazter.wordpress.com/2011/06/14/migration-tip-2-%e2%80%93-the-practice-run/

So, we now have a healthy source server and you have practice until the match sticks snap what next?

My third tip is about making sure you are prepared for the task ahead. Any type of migration needs to be taken seriously, it is a business critical operation you are about to embark on. If you are in any doubt about it at all, now is the time to say so, and if necessary call in help.

If you are happy with the process and confident you are able to complete the steps to achieve your goal then the next thing we need to do is plan a time to do it.

Most migrations are not time limited other than SBS to SBS migrations that have a limit of 21 days where both SBS servers can co-exist at the same time.

Make people aware of what you are doing, involve them, explain that you are expecting to have teething problems but would prefer if they collated them and then passed them to you when you ask for them. The last thing you want is to try trouble shooting whilst trying to complete a migration.

Find out if there is anything business critical happening (a big bid/contract etc that needs to be out just when you take the mail system offline) that could be delayed by the work you are carrying out, and if so, delay your migration. Talk to absolutely every member of staff. Manage Expectation.

In reality, if you get it bang on, the end users shouldn’t even notice and I would say 99% of the migrations I have done this has been the case. But there is always the odd one.

Have a recovery plan, know how to back out of what you are doing if it does go pear shaped. If you need to lock and migrate huge amounts of data then make sure you plan this stage of the migration for when people aren’t going to be using the system as heavily.

Document what you are doing, make notes of which stage you have got to and what action you have just taken.  This might seem like a waste of time, but take it from someone who has picked up a few failed migrations from people just like yourself, it’s not.  Knowing exactly what stage you are at will help a consultant very quickly get to grips with the situation and this means a faster resolution.

And, most importantly of all, make sure you have backups! Take more than one, take one off-site, and do it different ways. I like to have a backup on either removable storage so I can access it quickly but also on tape just to be sure.

Watch out for tip Migration Tip #4 – The Migration

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip Migration Tip #1 – Source Server Health can be found here: https://demazter.wordpress.com/2011/06/12/migration-tip-1-source-server-health/

My second tip is about making sure you are familiar with the technology you are migrating to.

For many people, migrating to a new technology will be the first and only time they perform this task. So, it’s always a good idea to familiarise yourself with the setup process before you do it for real.  With the use of virtualisation technologies we can install and test new products without the need for new hardware and without the possible impact on our live environment.

There are a number of virtualisation products that will allow you to do this on your desktop/laptop computer. You need to consider that most new products (if not all) will be based on x64 bit architecture. This does limit the virtualisation technologies that you can use on the desktop. Some of my favourites are listed below.

VMWare Workstation, this is a paid product but worth its weight in gold: http://store.vmware.com/store/vmwde/en_IE/pd/productID.166452200/Currency.GBP/?src=PaidSearch_Google_PersonalDesktop_WKSN_EMEA_UK_EN_Brand
VMWare Server, this is free for use and technically should only be used on a Server Operating System, but it does work on Desktop OS for testing purposes: http://www.vmware.com/products/server/overview.html
Virtual Box: http://www.sun.com/software/products/virtualbox/get.jsp

Whichever technology you use, virtualisation will allow you to install the new software in a test environment, and keep installing it until you are happy with the process. Run through it 2, 3 even 4 times. Make sure you are familiar with the screens and what answers you are going to provide to the wizards. Take notes, even write a step-by-step of what you encountered and when you encountered it. Remember, the more you do now when you are in a safe “sandbox” environment, the easier and less pressurised the real thing will be. Don’t pay too much attention to the actual data you are entering as some of this will change when you do a migration as opposed to a new installation.

For the actual Migration Pick a migration guide for your technologies, it’s always best to use one that’s recommended by others and they have had good success with.  You will find my migration guides here: https://demazter.wordpress.com/category/migration-guides/ I use my guides in my own migrations and update them with any changes as often as possible.  Read the guide thoroughly before you start the migration.   It’s easier to get answers when you are not under pressure to fix things.

If you have the time and the inclination I would also suggest that you convert your physical source server to a virtual one. This will allow you to do a test migration with your actual source server. There are many tools for performing the capture and they depend on the virtualisation technology you are using and whether you want a free or paid product. Some examples of methods that can be used to convert physical machines to virtual ones can be found here: http://4sysops.com/archives/p2v-for-vmware-six-ways-to-convert-physical-to-virtual/

Doing a virtual migration with a virtual copy of your actual source server is a great way to identify any problems you may encounter during the real live migration. You then have the opportunity to rectify these issues and then try the migration again. Once you are happy the migration has worked you are then in a position to do the live backup. I would be doing 3 to 4 virtual migrations just to be absolutely sure.

Watch out for tip Migration Tip #3 – Preparing for Live Migration in the next day or two.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self-signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration.

My first tip is around source server preparation.

No migration is an easy migration, there is always potential for something to go wrong. All we can do is try to minimize this risk.

The biggest risk comes from the system we already have in place, the integrity of this system is paramount in ensuring a successful migration.

Making sure your source system is healthy and configured correctly will go a long way to ensuring you have a smooth migration.

Use analyzers and health check tools that are available from the vendor. Microsoft, for example, have a number of best practice analyzer tools. These can be used to identify any problems the system may have and provide advice on how to resolve them. Some of the ones I use regularly are listed below:

Small Business Server 2003 BPA: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=3874527a-de19-49bb-800f-352f3b6f2922&displaylang=en
Small Business Server 2008 BPA: http://www.microsoft.com/downloads/en/details.aspx?familyid=86a1aa32-9814-484e-bd43-3e42aec7f731&displaylang=en
Exchange Server BPA (not for Exchange 2007 or 2010, the built in BPA should be used): http://www.microsoft.com/downloads/en/details.aspx?familyid=dbab201f-4bee-4943-ac22-e2ddbd258df3&displaylang=en
Internet Security and Acceleration Server BPA: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=d22ec2b9-4cd3-4bb6-91ec-0829e5f84063
SQL Server 2005 BPA: http://www.microsoft.com/downloads/en/details.aspx?familyid=da0531e4-e94c-4991-82fa-f0e3fbd05e63&displaylang=en

In a Microsoft migration I will use tools like DCDIAG, NETDIAG, REPLMON and REPADMIN to check for errors, even if it’s a single server. You would be surprised how easy it is to misconfigure a single server. Further details on the usage of these tools can be found here:

DCDIAG: http://technet.microsoft.com/en-us/library/cc773199(WS.10).aspx
NETDIAG: http://technet.microsoft.com/en-us/library/cc782085(WS.10).aspx
REPLMON: http://technet.microsoft.com/en-us/library/cc772954(WS.10).aspx
REPADMIN: http://technet.microsoft.com/en-us/library/cc755360(WS.10).aspx

Make sure the source system is up-to-date. All updates, service packs etc need to be applied. This may seem like a waste of time on a system that you are soon to be migrating out of your network but really it isn’t. New products from the same vendor normally rely on the source system being up-to-date. I have been known to spend hours installing service packs and updates on a source server.

It’s worth spending the time getting this part of the migration perfect. There are no timescales in play here you can take your time, once you start migrating there are pressures at play that will make the slightest hiccup seem like your whole world is imploding. I would consider this part of the migration process the most important, and therefore if you are not comfortable with this process, hire someone who is. Buying in consulting services to make sure the server is health can save you a lot of money.

Watch out for tip Migration Tip #2 – The Practice Run in the next day or two.

If you are planning on a migration and are not comfortable with the process then Demazter IT Services can assist you. Please contact me on glen@demazter.co.uk.

All versions of Microsoft Exchange and Small Business Server require the use of an SSL Certificate. Whilst they will quite happily use a self signed certificate a commercial certificate can save a lot of time and hassle, purchase Exchange/SBS SSL Certificates at an excellent price from: http://www.exchangecertificates.com/

Microsoft introduced Windows Update back in the days of Windows 98. This was a facility to get regular updates for Windows, both security updates, minor bug updates, driver updates and service packs. Since then the product has evolved. With Windows Vista and Windows 7 it’s integrated as a service into the operating system. (more…)

This guide is intended for migrating Windows 2003 Standard with Exchange 2003 to Windows Small Business Server 2008.

You will need the following:

Before we can start the migration process there are a few things we need to do on the Windows 2003 server.

  1. First and foremost make sure you have a SYSTEM STATE backup.  This can be done with the built in Backup tools or a 3rd party product, but this needs to be done PRIOR to any of the following steps and is probably the most important step of the whole process.
  2. If the Windows 2003 server has more than 1 Network card then all apart from the LAN connection will need to be disabled.
  3. The assumption is that this is a single server scenario and DHCP/DNS are also installed on the server you are migrating from.  Therefore please ensure that the Windows 2003 server has got ONLY it’s own IP address configured in the TCP/IP properties of the network card.  There should be no external DNS servers listed here.
  4. The gateway should be the LAN IP address of your router.
  5. If you have made any changes to the above configuration it’s best to restart the server so that DNS is updated and all the services are bound to the correct adapter.
  6. Perform all available Microsoft Updates.  Windows 2003 should at a minimum have Service Pack 2 installed along with Service Pack 2 for Exchange 2003.  When you run Windows Update check the link across the top of the screen for Microsoft Update this will ensure you receive updates for all products.

Prepare the 2003 Server

Raise the domain Functional Level of the  Windows 2003 Domain.  In Active Directory Users and Computers, right click on the domain and select Raise Domain Functional Level. This needs to be set to Windows Server 2003. If it is not already then you will have the option to change it.

Raise the Forest Functional Level of Windows 2003 Forest.  In Active Directory Domains and Trusts right click Active Directory Domains and Trusts and select Raise Forest Functional Level.  This needs to be set to Windows Server 2003. Again if it’s not already you will have the option to change it.

Using Exchange System Manager right click at the top of the tree where it says Organisation Name (Exchange) and check that the Exchange Functional level is set to Native Mode (no pre-Exchange 2000 servers)

Once that’s done run the Exchange Best Practice Analyzer.  The test you need to run is the Exchange 2007 readiness check.  This scan will tell you if there is anything that needs to be resolved prior to the installation of Exchange 2007 which is performed as part of the Small Business Server 2008 install.

Prepare Active Directory

The first step of preparing for the installation of SBS2008 is to run sourcetool.exe.  This will prepare the forest and domain and change Exchange from Mixed mode to Native mode (Exchange 2007 will not install if it’s not in Native mode).

Insert the SBS DVD into the Windows 2003 Server (if you copy the sourcetool.exe to the Windows 2003 server make sure you copy the whole tools folder) and then from the tools folder run the sourcetool.exe.

The first thing you will be asked is to confirm you have a FULL backup, I cannot stress this enough this is where all the changes to your Active Directory start happening, so even if you took one at the start of this process, take another one now!

So check the box and click Next and the tool will run through and perform the required updates.

Once done you will be presented with a screen that tells you it has successfully prepared the server for migration and you will have the option to create an Answerfile.  I say ‘option’ because it will let you close the wizard without creating one, but if you don’t have an Answerfile you cannot put the SBS2008 installation into Migration Mode.

 

The message at the top of the screen indicates that the utility “Cannot prepare the Source server for migration” this is normal.  It is because it cannot execute WindowsServer2003-KB943494-x86-ENU.exe.  The screen indicates the location of the log file.  To confirm this is why it has failed open the log file and look for the entry:

     Current version: 5.2.3790.131072
     Service pack version = 2
     Running D:\tools\KB943494\WindowsServer2003-KB943494-x86-ENU.exe /quiet /norestart
     Package returned: 1603 (0x643)
     ProgressPage: Task Finished.  Succcess=False

I have highlighted the link to create an Answerfile because the very first SBS migration I did I missed it.  It doesn’t jump out at you and make itself obvious that it’s a link.  Perhaps this should have been a button to press?  Click the link and then fill the form in as below

The important sections of the Answerfile are:

  1. Installation Type, make sure you select Migration from Existing Server (join existing domain) otherwise it won’t!
  2. I personally like to uncheck “Run unattended” so that I can see what is going on
  3. Select the Time Zone you will be using.  IMPORTANT if the time and timezones of both servers don’t match then the migration may fail.
  4. Source and Destination Server information.  The destination server information is what will be set during installation and during the DCPROMO process so use the actual name the server will have.

Once you have filled in the required information scroll right to the end and click Save As.  This will create an SBSAnswerfile.xml file that will be used during the installation of SBS2008.  Copy this file to a USB pen drive or a floppy drive.

Small Business Server 2008 Installation

To install SBS2008 if your server has 2 network cards, make sure that one of them is disabled in the BIOS. If you don’t, this can cause communication problems with the 2 servers.  I have seen some have problems and others that don’t but personally I would rather be safe than sorry.

Set your boot device priority so that it’s First DVD/CDROM Drive and Second Hard Disk.  The important thing to make sure is it’s not going to try and boot from either the floppy drive or the USB drive.  Insert your disk/drive with the Answerfile on and boot from the SBS2008 DVD.

Follow the instructions to install SBS, it’s fairly self explanatory.  The installation will expand files and then reboot.  After the second reboot it will check for the Answerfile, either on the local storage, floppy drive or USB drive.  If it successfully finds one you will see this screen.

At this stage you will again be prompted to confirm you have a good backup and can then continue.  On the remaining screens confirm the information is correct for the new server and the existing server.  You will then receive the expanding files screen.

This section of the installation can take anything from 45 minutes to 2 hours.  A lot of that time it will look as if it hasn’t moved.  Whatever you do do not think it has failed and turn it off.  If it has failed it will tell you.  Once this section has finished the server will again reboot.  And the screen we all hope to see is this one.

 

You now have a Windows 2003 Domain Controller with Exchange 2003 installed and an SBS2008 server with Exchange 2007 installed.  The next step is the data migration from Exchange 2003 to Exchange 2007.

Data Migration

So that we can remove Exchange 2003 from the older server we need to migrate the user mailboxes and Public Folders to Exchange 2007, this would normally be done as part of the Migrate to SBS wizard but as the source server is not SBS we are not able to do this.

To move the mailboxes launch Microsoft Exchange Management Console and navigate to Recipient Configuration > Mailboxes.  You will see that all the mailboxes that reside on the Exchange 2003 server will be listed as a Legacy Mailbox.  Right click on the mailbox and select Move Mailbox.  Follow the wizard to move the mailboxes to the SBS2008 server.  You can bulk select all the users and the move wizard will then work through them 4 at a time.  This can take a while depending on how many users you have and how big their mailboxes are.

To move public folders on the Exchange 2003 server launch Exchange System Manager.  Navigate to Administrative Groups > First Administrative Group (or if you Exchange 2003 admin group has a different name select this one) > Servers > servername (your Exchange 2003 Server) > First Storage Group  > Public Folder Store (servername).  Right Click on Public Folder Store and select Move All Replicas select the SBS2008 server and click OK.  Once you have allowed to for the public folders to replicate right click the Public Folder Store in Exchange System Manager and select Delete.  A dialogue box will pop up informing you that this store is the default store for one or more Mailbox Stores, click OK to this dialogue and then select the SBS2008 server from the list and click OK.  Click OK to confirm the delete.

If the store has not finished replicating (as we are on Exchange 2003 Service Pack 2) you will not be able to delete the store.

Rehome the Offline Address book.  In Exchange System Manager on the 2003 server navigate to Recipients > Offline Address Lists and for each address list right click and select properties.  Click the Browse button next to Offline Address list server and enter the name of the SBS2008 server. Click OK.  Do this for each Offline Address List

If you use Recipient Policies that are Manage Mailbox policies then these will need to be removed and likewise if you have Recipient Policies that are used for both e-mail address definition and mailbox management the settings defined under Mailbox Manager Settings will need to be removed.  You DO NOT need to remove your e-mail address policies.

Using Exchange System Manager, navigate to Administrative Groups and right click on Exchange Administrative Group (FYDIBOHFSPDLT) and select New, then Public Folder Container.  Then under First Administrative Group, expand Folders and drag and drop the Public Folders container from First Administrative Group to the folder you have just created under Exchange Administrative Group (FYDIBOHFSPDLT).

The Recipient Update Service is not used in Exchange 2007 and is therefore not required so can be removed.  To do this you will need to use ADSI Edit.  This can be done by clicking Start > Run > mmc <click OK> Under File select Add/Remove Snap-in > Click Add and select ADSI Edit and click Add, then close and OK.  Right click on the ADSI Edit and select Connect to from the drop down under Select a well known Naming Context select Configuration and click OK

Expand Configuration > Services > Microsoft Exchange > Organisation Name > Address List Container > Recipient Update Services right click on Recipient Update Service (Enterprise Configuration) and select Delete.  There may also be a Recipient Update Service (ORGNAME) this also needs to be deleted.  Only delete the Recipient Update Service entries under the container DO NOT DELETE THE CONTAINER ITSELF OR ANY OTHER ENTRIES

The final step in preparation for uninstalling Exchange Server 2003 is to delete the routing group connectors that would have been created as part of the installation.  I have highlighted them in the image below.  Simply right click on each connector and select delete.

Remove Exchange Server 2003

Now that you have transferred all the mailboxes, public folders and offline address lists, it’s time to remove Exchange Server 2003.  To do this go to Start > Control Panel > Add/Remove Programs. From the list, select Microsoft Exchange and click Change/Remove.  When the Exchange wizard opens click Next and then from the Action drop down select remove.

Demote the Windows 2003 Server

Now that Exchange Server 2003 has been removed it’s time to demote the Windows 2003 server so that it’s no longer a domain controller.  This is not an essential part of the process and if the server is going spare and you have the license it’s always worth having a second domain controller on your network.

If you do decide to remove the domain controller then the following will need to be done:

  1. Confirm the Windows 2003 server is not a Global Catalog server.  Open Active Directory Sites and Services navigate to Sites > Default-First-Site-Name > Servers > {name of 2003 Server} and then right click on NTDS Settings select properties and then uncheck the box for Global Catalog
  2. From a command prompt run NETDOM QUERY FSMO to check that all 5 FSMO roles are now with the SBS2008 server.  This should have been done during the installation process of SBS2008 but it’s always good to check
  3. Run DCPROMO. DO NOT select the option for “This Server is the last domain controller in the domain”

SBS Console Wizards

Once you have completed the migration and removed Exchange Server 2003 then you can continue through the SBS Console and complete the following wizards:

  1. Connect to the internet
  2. Set up your Internet Address
  3. Configure a Smart Host for Internet e-mail
  4. Add a trusted certificate (if you need a 3rd party SSL Certificate I would recommend buying a SAN/UCC certificate from http://www.exchangecertificates.com)

When running the Set up your Internet Address wizard it may fail. The reason for this is that some of the system Public folders are Mail Enabled by default.  To ensure that the wizard will run successfully in the Exchange Management Console navigate to Toolbox and double click on Public Folder Management Console.  On my System the folders highlighted below were mail enabled, by simply right clicking on them and selecting Mail Disable will then allow the Internet Address wizard to complete successfully

 

Tidy Up

There are a few other steps that need to be performed to make it a “proper” SBS 2008 setup.  The users and computer accounts need to be moved in Active Directory Users and Computers.  By default in a non Small Business Server environment all your users will be created in Active Directory User and Computers under the Users container for SBS they need to be located in the MyBusiness > Users > SBSUsers container.  You can simply drag and drop them into the correct location.

The Computer accounts should be moved from their default location in Active Directory Users and Computers, which is the Computers container to the MyBusiness > Computers > SBSComputers.

These 2 moves will ensure that the SBS Group Policies are applied to these computers/users and that they receive the correct permissions.

Users will also not appear in the SBS Console, this can be rectified by running the process explained here: http://blogs.technet.com/sbs/archive/2008/09/22/why-are-some-of-my-users-not-displaying-in-the-sbs-console.aspx under How do I use the “Change user rols for user accounts” wizard section.

Further Reading

How to remove the last legacy Exchange Server (already detailed above but here is the technet article): http://technet.microsoft.com/en-us/library/bb288905(EXCHG.80).aspx