Welcome to the

basiliskcanoeΛογισμικό & κατασκευή λογ/κού

2 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

152 εμφανίσεις

Welcome to the

Exchange 2013 Webcast

Deployment & Coexistence

http://technet.microsoft.com/en
-
us/library/cc731125(v=WS.10).
aspx
AuthN
, Proxy,

Re
-
direct

Protocols, API,

Biz
-
logic

Assistants, Store, CI

Exchange 2010

Architecture

AuthN
, Proxy,

Re
-
direct

Store, CI

Protocols, Assistants,
API, Bi z
-
logic

Exchange 2013

Architecture

Client Access

Mailbox

Cl i ent Access

Hub Transport,

Uni fi ed Messagi ng

Mai l box

Hardware

Load Bal ancer

L4 LB

L7 LB

SP3

E2010
CAS

E2010
HUB

E2010
MBX

Clients

Internet
-
facing site


upgrade first

autodiscover.contoso.com

mail.contoso.com

Intranet site

Exchange 2010
Servers


SP3

1. Prepare

Install Exchange 2010 SP3 across the ORG

Prepare AD with
Exchange 2013 CU1 schema

Validate existing Client Access using Remote
Connectivity Analyzer and test connectivity
cmdlets


4. Switch primary namespace to
Exchange 2013
CAS

Exchange 2013
fields all traffic, including traffic from
Exchange 2010 users

Validate using Remote Connectivity Analyzer

5. Move Mailboxes

Build out DAG

Move Exchange 2010 users to
Exchange 2013
MBX

6. Repeat for additional sites

2. Deploy
Exchange 2013 CU1 servers

Install both
Exchange 2013
MBX and CAS
roles

SP3

SP3

E2013
CAS

E2013

MBX

3. Obtain and deploy certificates

Obtain and deploy certificates on
Exchange 2013
Client Access Servers

1

2

4

3

5

6

RU10

E2007
SP3
CAS

E2007
SP3
HUB

E2007
SP3
MBX

Clients

Internet
-
facing site


upgrade first

autodiscover.contoso.com

mail.contoso.com

Intranet site

Exchange 2007
Servers

RU10

1. Prepare

Install Exchange 2007 SP3 +
RU10
across the ORG

Prepare AD with Exchange
2013 CU1 schema

5. Switch primary namespace to Exchange
2013
CAS

Validate using Remote Connectivity Analyzer

6. Move mailboxes

Build out DAG

Move Exchange 2007 users to Exchange
2013 MBX

7. Repeat for additional sites

2. Deploy
Exchange 2013 CU1 servers

Install both Exchange
2013 MBX
and CAS servers

RU10

RU10

E2013
CAS

E2013

MBX

3. Create legacy namespace


Create DNS record to point to legacy Exchange 2007 CAS

4. Obtain and Deploy Certificates

Obtain and deploy certificates on
Exchange 2013
CAS
servers configured with legacy namespace, Exchange
2013
namespace, and autodiscover namespace

Deploy certificates on Exchange 2007 CAS

legacy.contoso.com

3

1

2

5

4

6

7

SP/RU

E2010
or 2007

CAS

E2010
or 2007
HUB

E2010
or 2007
MBX

Clients

Internet facing site


Upgrade first

autodiscover.contoso.com

mail.contoso.com

Intranet site

Exchange 2010
or 2007 Servers


SP/RU

1. Prepare

Install Exchange SP and/or updates across the org

Prepare AD with
Exchange 2013 CU1 schema
and
validate

5. Switch primary namespace to
Exchange 2013
CAS

6. Move mailboxes

7. Repeat for additional sites

3. Create legacy namespace

4. Obtain and deploy certificates

1

2. Deploy
Exchange 2013 CU1 servers

Extend Active
Directory
Schema for Exchange 2013 CU1

Upgrade the Exchange Organization to Exchange 2013 CU1

Prepare domains for Exchange 2013 CU1 mail enabled objects

Validate existing client access using
MS Connectivity
Analyzer
and
Test
-
*connectivity
cmdlets

in EMS.

http://www.exrca.com

Prepare

1

SP/RU

E2010
or 2007

CAS

E2010
or 2007
HUB

E2010
or 2007
MBX

Clients

Internet
-
facing site


upgrade first

autodiscover.contoso.com

mail.contoso.com

Intranet site

Exchange 2010
or 2007 Servers


SP/RU

1. Prepare

Install Exchange SP and/or updates across the org

Prepare AD with
Exchange 2013 CU1 schema

5. Switch primary namespace to
Exchange 2013
CAS

6. Move mailboxes

7. Repeat for additional sites

2. Deploy
Exchange 2013
servers

Install both E2013 MBX and CAS servers

E2013
CAS

E2013

MBX

3. Create legacy namespace

4. Obtain and deploy certificates

2

2. Deploy
Exchange 2013 CU1 servers

Install both
Exchange 2013
MBX and CAS servers

MBX performs PowerShell commands

CAS is proxy only

GUI or command line

In
-
place upgrades not supported

Updated to reflect
Exchange 2013 roles

Cannot change roles later on

New required parameter for license
terms acceptance

Install


Setup.exe /
mode:install

/
roles:clientaccess


Setup.exe /
mode:install

/
roles:mailbox


Setup.exe /
mode:install

/
roles:ManagementTools


Other required parameter

-

/
IAcceptExchangeServerLicenseTerms



1

2

E2010
or 2007

CAS

E2010
or 2007
HUB

E2010
or 2007
MBX

Clients

Internet
-
facing site


upgrade first

autodiscover.contoso.com

mail.contoso.com

Intranet site

Exchange 2010
or 2007 Servers

1. Prepare

Install Exchange SP and/or updates across the org

Prepare AD with
Exchange 2013 CU1 schema

5. Switch primary namespace to
Exchange 2013
CAS

6. Move mailboxes

7. Repeat for additional sites

2. Deploy
Exchange 2013 CU1 servers

Install both
Exchange 2013
MBX and CAS servers

E2013
CAS

E2013

MBX

4. Obtain and deploy certificates

legacy.contoso.com

3

3. Create legacy namespace

SP/RU


SP/RU

Used to access Exchange 2007
resources during
coexistence

l
egacy.contoso.com

http
://testconnectivity.microsoft.com




Create Legacy Namespace

1

3

E2010
or 2007

CAS

E2010
or 2007
HUB

E2010
or 2007
MBX

Clients

Internet
-
facing site


upgrade first

autodiscover.contoso.com

mail.contoso.com

Intranet site

Exchange 2010
or 2007 Servers

1. Prepare

Install Exchange SP and/or updates across the org

Prepare AD with
Exchange 2013 CU1 schema

5. Switch primary namespace to
Exchange 2013
CAS

6. Move mailboxes

7. Repeat for additional sites

2. Deploy
Exchange 2013 CU1 servers

Install both
Exchange 2013
MBX and CAS servers

E2013
CAS

E2013

MBX

4. Obtain and deploy certificates

Obtain and deploy certificates on
Exchange 2013
CAS
configured with legacy namespace,
Exchange 2013
namespace, and Autodiscover namespace

Deploy certificates on Exchange 2007 CAS

legacy.contoso.com

4

3. Create legacy namespace

SP/RU


SP/RU

End
-
to
-
end certificate request creation

Allows importing of certificate with private key to any CAS in the org

First
notification shown 30 days prior to
expiration


Subsequent
notifications provided
daily

1

4

Minimize the number of certificates

Minimize number of host names

Use split DNS for Exchange host names


mail.contoso.com
for Exchange connectivity on intranet and Internet


mail.contoso.com
has different IP addresses in intranet/Internet DNS

Don’t list machine host names in certificate host name list

Use load
-
balanced (LB) arrays for intranet and Internet access to servers

Use “Subject Alternative Name” (SAN) certificate

Certificates

1

4

E2010
or 2007

CAS

E2010
or 2007
HUB

E2010
or 2007
MBX

Clients

Internet
-
facing site


upgrade first

autodiscover.contoso.com

mail.contoso.com

Intranet site

Exchange 2010
or 2007 Servers

1. Prepare

Install Exchange SP and/or updates across the org

Prepare AD with
Exchange 2013 CU1 schema

5. Switch primary namespace to
Exchange 2013
CAS

Validate using Remote Connectivity Analyzer

6. Move mailboxes

7. Repeat for additional sites

2. Deploy
Exchange 2013 CU1 servers

Install both
Exchange 2013
MBX and CAS servers

E2013
CAS

E2013

MBX

4. Obtain and deploy certificates

Obtain and deploy certificates on
Exchange 2013
CAS
configured with legacy namespace,
Exchange 2013
namespace, and Autodiscover namespace

Deploy certificates on Exchange 2007 CAS

legacy.contoso.com

3. Create legacy namespace

SP/RU


SP/RU

5

https://testconnectivity.microsoft.com
/
Exchange 2010 Coexistence

Layer 4 LB

E2013 CAS

IIS

HTTP Proxy

E2013 MBX

Protocol Head

DB

E2010 CAS

Protocol
Head

E2010 MBX

Store

DB

Site Boundary

E2010 CAS

Protocol
Head

E2010 MBX

Store

DB

RPC

RPC

Cross
-
Site Proxy

Request

Layer 7 LB

Cross
-
Site

Redirect
Request

OWA

europe.mail.contoso.com

mail.contoso.com

Exchange 2007 Coexistence

Layer 4 LB

E2013 CAS

IIS

HTTP Proxy

E2013 MBX

Protocol Head

DB

E2007 CAS

Protocol
Head

E2007 MBX

Store

DB

Site Boundary

E2007 CAS

Protocol
Head

E2007MBX

Store

DB

RPC

RPC

Layer 7 LB

Cross
-
Site

Redirect
Request

OWA

Layer 7 LB

l
egacy.contoso.com

mail.contoso.com

europe.mail.contoso.com

Cross
-
Site Proxy

Request

Load Balancer

Layer 7 LB

mail.contoso.com

HTTP

PROXY

RPC/HTTP

Clients

E2007/E2010 MBX

Internet
-
facing site

RPC/HTTP

Intranet
-
facing site

E2007/E2010 MBX

OA Enabled

OA Enabled

Client Settings

IIS
Auth
: NTLM

E2007/E2010 CAS

OA

Client Settings

IIS
Auth
:

E2007/E2010 CAS

HTTP

PROXY

3. Client settings

Make legacy OA settings the same as 2013
CAS so all clients get the same proxy
hostname

1. Enable Outlook Anywhere on all legacy CAS

2. IIS authentication methods

IIS
Auth

must have NTLM enabled on all
legacy CAS

RPC

Client
Auth
: Basic

IIS
Auth
: Basic

NTLM

E2013 CU1
CAS

E2013 CU1 MBX

RPC

RPC

Disabled

Enabled

NTLM

4. DNS cutover


A low TTL on the existing record the days

prior to the cutover is a good idea.

Protocol

Exchange 2007
user accessing

Exchange 2010 namespace

Exchange

2007
user accessing

Exchange 2013 namespace

Exchange 2010

user accessing

Exchange 2013 namespace

Requires

Legacy

namespace

Legacy namespace

No additional

namespaces

OWA


Same AD site: silent

or
SSO FBA redirect


Externally facing AD site: manual or silent/SSO

Cross
-
site r
edirect


Internally facing AD site: proxy

Non
-
silent redirect (not SSO)

to CAS 2007
externally facing URL


Proxy to CAS 2010


Cross
-
site

silent redirect (not SSO), which may
redirect
to CAS 2010 or CAS 2013

EAS


EAS v12.1+ : Autodiscover & redirect


Older EAS devices: proxy

Proxy to MBX 2013

Proxy to CAS 2010

Outlook
Anywhere

Direct CAS 2010 support

Proxy to CAS 2007

Proxy to CAS 2010

Autodiscover

Exchange 2010

answers Autodiscover query for
2007 User

Exchange 2013

answers Autodiscover query for
2007 User

Proxy to CAS 2010

EWS

Uses Autodiscover to find

CAS 2007 EWS
External URL

Uses Autodiscover to find

CAS 2007 EWS
External URL

Proxy to CAS 2010

POP/IMAP

Proxy

Proxy to CAS 2007

Proxy to CAS 2010

OAB

Direct CAS 2010 support

Proxy to CAS 2007

Proxy to CAS 2010

RPS

n/a

n/a

Proxy to CAS 2010

ECP

n/a

n/a


Proxy to CAS 2010


Cross
-
site

redirect, which may redirect
to CAS
2010
or CAS 2013


E2010
or 2007

CAS

E2010
or 2007
HUB

E2010
or 2007
MBX

Clients

Internet
-
facing site


upgrade first

autodiscover.contoso.com

mail.contoso.com

Intranet site

Exchange 2010
or 2007 Servers

1. Prepare

Install Exchange SP and/or updates across the org

Prepare AD with
Exchange 2013 CU1 schema

5. Switch primary namespace to
Exchange 2013
CAS

Validate using Remote Connectivity Analyzer

6. Move mailboxes

Build out DAG

Move users to
Exchange 2013
MBX

7. Repeat for additional sites

2. Deploy
Exchange 2013 CU1 servers

Install both
Exchange 2013
MBX and CAS servers

E2013
CAS

E2013

MBX

4. Obtain and deploy certificates

Obtain and deploy certificates on
Exchange 2013
CAS
configured with legacy namespace,
Exchange 2013
namespace, and Autodiscover namespace

Deploy certificates on Exchange 2007 CAS

legacy.contoso.com

3. Create legacy namespace

SP/RU


SP/RU

6

https
://testconnectivity.microsoft.com
/
http://
blogs.technet.com/b/exchange/archive/2012/11/21/publishing
-
exchange
-
server
-
2013
-
using
-
tmg.aspx