module 14: migrating users from exchange server 5.5 to exchange server 2003
TRANSCRIPT
Module 14: Migrating Users from Exchange Server 5.5 to
Exchange Server 2003
Overview
Populating Active Directory with Windows NT 4.0 User and Group Accounts
Connecting the Exchange 5.5 Directory to Active Directory
Moving Mailbox and Public Folder Contents into an Exchange Server 2003 Organization
Discussion: Migrating Users from Exchange Server 5.5 to Exchange Server 2003
Video
Lesson: Populating Active Directory with Windows NT 4.0 User and Group Accounts
What Is ADMT?
What Is SIDHistory?
The Process of Populating Active Directory Using ADMT
How to Create a Two-Way Trust Between a Windows NT Server 4.0 Domain and an Active Directory Domain
How to Install ADMT
How to Migrate User and Group Accounts Using ADMT
How to Migrate Exchange Server 5.5 Mailbox ACLs Using ADMT
How to Verify a Successful User and Group Account Migration
What Is ADMT?
A wizard-based utility that simplifies the migration and reconfiguration of user and group accountsA wizard-based utility that simplifies the migration and reconfiguration of user and group accounts
Active Directory Migration Tool
At least one domain controller in the Must be running
Target domain Windows 2003
Source domain Windows NT 4.0 SP4 or later
What Is SIDHistory?
NT4Domain\SamanthaNT4Domain\Samantha
Windows NT 4.0 Domain Active Directory DomainAccess Token
Common NameGiven NameUser NameTelephone NumberSIDHistory
Common NameGiven NameUser NameTelephone NumberSIDHistory
Samantha’s User Account in Active Directory
Samantha’s User Account in Active Directory
ADDomain\SamanthaADDomain\Samantha
S-1-5-21-1133985645-1692497899-3334113883-1134S-1-5-21-1133985645-1692497899-3334113883-1265
S-1-5-21-808340152-435566559-1691616715-1225S-1-5-21-808340152-435566559-1691616715-1803
SIDs from Windows NTSIDs from Windows NT
SIDs from Windows 2003SIDs from Windows 2003
Windows NT 4.0 Domain Active Directory DomainAccess Token
Common NameGiven NameUser NameTelephone NumberSIDHistory
Common NameGiven NameUser NameTelephone NumberSIDHistory
Samantha’s User Account in Active Directory
Samantha’s User Account in Active Directory
ADDomain\SamanthaADDomain\Samantha
S-1-5-21-1133985645-1692497899-3334113883-1134S-1-5-21-1133985645-1692497899-3334113883-1265
S-1-5-21-808340152-435566559-1691616715-1225S-1-5-21-808340152-435566559-1691616715-1803
SIDs from Windows NTSIDs from Windows NT
SIDs from Windows 2003SIDs from Windows 2003
NT4Domain\SamanthaNT4Domain\Samantha
The Process of Populating Active Directory Using ADMT
verify
Administrator
22
User and Group Accounts
55
User and Group Accounts
migrate
Windows NT 4.0 Domain
11
33
Active Directory Domain44
MailboxACLs Mailbox
ACLs
migrate
Administrator
22
User and Group Accounts
55
migrate
Windows NT 4.0 Domain Active Directory Domain
MailboxACLs
migrate
User and Group Accounts
User and Group Accounts
MailboxACLs
MailboxACLs
11
verify
44
33
Create a two-way trustCreate a two-way trust
Install ADMTInstall ADMT
Migrate user and group accounts using ADMTMigrate user and group accounts using ADMT
Migrate Exchange 5.5 mailbox ACLS using ADMTMigrate Exchange 5.5 mailbox ACLS using ADMT
Verify that user and group accounts migratedVerify that user and group accounts migrated
11
22
33
44
55
How to Create a Two-Way Trust Between a Windows NT Server 4.0 Domain and an Active Directory Domain
create a two-way trust
Active Directory Domain
Practice
To create a two-way trust:To create a two-way trust:From the Windows NT domain, add the Active Directory domain as a trusted domain and a trusting domain
From the Active Directory domain, create a two-way trust with the Windows NT domain
Add the Active Directory administrator account to the Windows NT domain’s local administrators group
From the Windows NT domain, add the Active Directory domain as a trusted domain and a trusting domain
From the Active Directory domain, create a two-way trust with the Windows NT domain
Add the Active Directory administrator account to the Windows NT domain’s local administrators group
11
22
33
Windows NT 4.0 Domain
How to Install ADMT
Practice
To install ADMT:To install ADMT:
Open the Active Directory Migration Tool Setup Wizard from the Windows 2003 installation CD in the I386\ADMT folder
Follow the steps of the wizard to install ADMT
Open the Active Directory Migration Tool Setup Wizard from the Windows 2003 installation CD in the I386\ADMT folder
Follow the steps of the wizard to install ADMT
11
22
Active Directory Domain
Windows NT 4.0 Domain
install
How to Migrate User and Group Accounts Using ADMT
To migrate user and group accounts:To migrate user and group accounts:
Open Active Directory Migration Tool and use the shortcut menu to start the User Account Migration Wizard
Follow the wizard prompts to migrate user accounts to Active Directory
Use the shortcut menu to start the Group Account Migration Wizard
Follow the wizard prompts to migrate group accounts to Active Directory
Open Active Directory Migration Tool and use the shortcut menu to start the User Account Migration Wizard
Follow the wizard prompts to migrate user accounts to Active Directory
Use the shortcut menu to start the Group Account Migration Wizard
Follow the wizard prompts to migrate group accounts to Active Directory
Practice
11
22
33
44
Active Directory Domain
Windows NT 4.0 Domain
migrate
How to Migrate Exchange Server 5.5 Mailbox ACLs Using ADMT
To migrate Exchange 5.5 mailbox ACLs:To migrate Exchange 5.5 mailbox ACLs:
Open Active Directory Migration Tool and use the shortcut menu to start the Exchange Directory Migration Wizard
Follow the wizard prompts to migrate Exchange 5.5 mailbox ACLs to Active Directory
Open Active Directory Migration Tool and use the shortcut menu to start the Exchange Directory Migration Wizard
Follow the wizard prompts to migrate Exchange 5.5 mailbox ACLs to Active Directory
Practice
11
22
Active Directory Domain
Windows NT 4.0 Domain
migrate
Mailbox ACLs
Mailbox ACLs
How to Verify a Successful User and Group Account Migration
To verify a successful migration:To verify a successful migration:
Practice
Verify that Exchange 5.5 mailboxes are now associated with Active Directory accountsVerify that Exchange 5.5 mailboxes are now associated with Active Directory accounts
Active Directory Domain
Windows NT 4.0 Domain
verify
Lesson: Connecting the Exchange 5.5 Directory to Active Directory
What Is Active Directory Connector?
What Is a Connection Agreement?
What Is NTDSNoMatch?
What Are ADC Tools?
The Process of Connecting the Exchange 5.5 Directory to Active Directory
How to Install ADC
How to Configure Resource Mailbox Properties
How to Configure an Inter-Organizational Connection Agreement to Populate Active Directory
How to Verify Synchronization
How to Organize Objects in Active Directory
What Is Active Directory Connector?
Updates object changes between the Exchange 5.5 directory and Active Directory:
Eliminates the need for re-entering this data in Active Directory
Automatically performs directory synchronization and maps all objects from the Exchange 5.5 directory to Active Directory
Updates object changes between the Exchange 5.5 directory and Active Directory:
Eliminates the need for re-entering this data in Active Directory
Automatically performs directory synchronization and maps all objects from the Exchange 5.5 directory to Active Directory
Active Directory Connector
What Is a Connection Agreement?
An object that defines what will be synchronized and how synchronization will occur between the Exchange 5.5 directory and Active Directory
An object that defines what will be synchronized and how synchronization will occur between the Exchange 5.5 directory and Active Directory
Connection Agreement
Type Description
ConfigurationReplicates Exchange 5.5 configuration container information to Active Directory
RecipientDefines which recipient objects in Active Directory and Exchange 5.5 will be synchronized and where each synchronized object will be replicated
Public folder
Replicates public folder properties between the Exchange 5.5 directory and Active Directory. Can only exist where a recipient connection agreement exists and only works in the same organization
What Is NTDSNoMatch?
Needed because Exchange 5.5 allows a single Windows NT user account to own more than one mailbox but Exchange 2003 does not
Use it to control how ADC matches mailboxes to Active Directory user accounts
Needed because Exchange 5.5 allows a single Windows NT user account to own more than one mailbox but Exchange 2003 does not
Use it to control how ADC matches mailboxes to Active Directory user accounts
NTDSNoMatch An attribute in Active Directory that designates mailboxes as resource mailboxes:
NTDSNoMatchCustom Attribute10 (10):
SamSmith’s Mailbox
SamSmith Conf1SamSmith Conf2
SamSmith’s Mailbox
ResourceMailboxes
What Are ADC Tools?
Use this wizard To do this
Resource Mailbox Wizard
Match the appropriate primary mailbox to the Active Directory account and stamp other mailboxes with the NTDSNoMatch attribute
Connection Agreement Wizard
Review the recommended connection agreements and select those that you want the wizard to create
A collection of wizards and utilities to help set up connection agreements when you connect Active Directory to an Exchange 5.5 directory that is part of the same forest
A collection of wizards and utilities to help set up connection agreements when you connect Active Directory to an Exchange 5.5 directory that is part of the same forest
ADC Tools
Administrator
The Process of Connecting the Exchange 5.5 Directory to Active Directory
verify
55
Install ADC
44
Exchange 5.5 OrganizationActive Directory Domain
Install ADCInstall ADC
Configure resource mailbox propertiesConfigure resource mailbox properties
Configure an Inter-Organizational Connection Agreement to Populate Active DirectoryConfigure an Inter-Organizational Connection Agreement to Populate Active Directory
Verify synchronizationVerify synchronization
Organize objects in Active DirectoryOrganize objects in Active Directory
11
22
33
44
55
SamSmith’s MailboxSamSmith Conf1
22
SamSmith’s MailboxResource mailboxConfigure
Connection Agreement
3311
Administrator
verify
Exchange 5.5 OrganizationActive Directory Domain
Install ADCInstall ADC
Configure resource mailbox propertiesConfigure resource mailbox properties
Configure an inter-organizational connection agreement to populate Active DirectoryConfigure an inter-organizational connection agreement to populate Active Directory
Verify synchronizationVerify synchronization
Organize objects in Active DirectoryOrganize objects in Active Directory
11
22
33
44
55
SamSmith’s MailboxSamSmith Conf1
SamSmith’s MailboxResource mailboxconfigure
Connection Agreement
How to Install ADC
Practice
To install ADC:To install ADC:
Use ExDeploy to choose a deployment scenario
Start the Exchange 2003 ADC Setup Wizard
Follow the wizard steps to complete the installation
Use ExDeploy to choose a deployment scenario
Start the Exchange 2003 ADC Setup Wizard
Follow the wizard steps to complete the installation
11
22
33
Active Directory Domain
Exchange 5.5 Organization install
To configure resource mailbox properties:To configure resource mailbox properties:
Open Active Directory Connector from the Administrative Tools folder
Run the Resource Mailbox Wizard to configure Custom Attribute 10 = NTDSNoMatch for mailboxes that have aliases that do not match their owner’s
Verify that NTDSNoMatch completed successfully by viewing the custom attributes of one resource mailbox
Use ExDeploy to verify that NTDSNoMatch completed without errors
Open Active Directory Connector from the Administrative Tools folder
Run the Resource Mailbox Wizard to configure Custom Attribute 10 = NTDSNoMatch for mailboxes that have aliases that do not match their owner’s
Verify that NTDSNoMatch completed successfully by viewing the custom attributes of one resource mailbox
Use ExDeploy to verify that NTDSNoMatch completed without errors
11
22
33
44
How to Configure Resource Mailbox Properties
Practice Active Directory Domain
Exchange 5.5 Organization
ADC
SamSmith’s Mailbox
SamSmith Conf1
SamSmith’s Mailbox
Resource mailbox
configure
How to Configure an Inter-Organizational Connection Agreement to Populate Active Directory
Practice
To configure an inter-organizational connection agreement to populate Active Directory:To configure an inter-organizational connection agreement to populate Active Directory:
Use Active Directory Connector Services to create a new recipient connection agreement
Configure the connection agreement to be an inter-organizational connection agreement
Verify the results by viewing the status in ADC Tools
Use Active Directory Connector Services to create a new recipient connection agreement
Configure the connection agreement to be an inter-organizational connection agreement
Verify the results by viewing the status in ADC Tools
11
22
33
Active Directory Domain
Exchange 5.5 Organization configure
Connection Agreement
How to Verify Synchronization
Practice
To verify synchronization:To verify synchronization:
Verify that Exchange 5.5 mailbox properties are synchronized to Active Directory
Verify that Exchange 5.5 distribution lists are synchronized to Active Directory
Run ExDeploy and verify that output indicates a successful synchronization
Verify that Exchange 5.5 mailbox properties are synchronized to Active Directory
Verify that Exchange 5.5 distribution lists are synchronized to Active Directory
Run ExDeploy and verify that output indicates a successful synchronization
11
22
33
Active Directory Domain
Exchange 5.5 Organization verify
How to Organize Objects in Active Directory
Practice
To organize objects in Active Directory:To organize objects in Active Directory:
Move synchronized objects into your existing organizational structure
Verify that synchronization works from the Exchange 5.5 directory to Active Directory after the objects have been moved
Move synchronized objects into your existing organizational structure
Verify that synchronization works from the Exchange 5.5 directory to Active Directory after the objects have been moved
11
22
Active Directory Domain
Exchange 5.5 Organization
organize
verify
Lesson: Moving Mailbox and Public Folder Contents into an Exchange Server 2003 Organization
The Process of Moving Mailboxes and Public Folders
Guidelines for Choosing a Mailbox Move Method
What You Can Do Using the Exchange Server Migration Wizard
How to Move Mailboxes from Exchange 5.5 to Exchange 2003
What Is the InterOrg Replication Utility?
How to Replicate Public Folders from Exchange 5.5 to Exchange 2003
The Process of Moving Mailboxes and Public Folders
Identify the method for moving mailboxes that you will use
Identify the user accounts that you want to migrate
Identify the container where new user accounts will be created, if needed
Verify that the information for all of the user accounts is correct
Verify connectivity from the Exchange 2003 organization to messaging systems that the Exchange 5.5 organization communicated with
Move the mailboxes from a server running Exchange 5.5 to a server running Exchange 2003
After the mailboxes are moved, you can move the public folders
Identify the method for moving mailboxes that you will use
Identify the user accounts that you want to migrate
Identify the container where new user accounts will be created, if needed
Verify that the information for all of the user accounts is correct
Verify connectivity from the Exchange 2003 organization to messaging systems that the Exchange 5.5 organization communicated with
Move the mailboxes from a server running Exchange 5.5 to a server running Exchange 2003
After the mailboxes are moved, you can move the public folders
11
verifyIdentify:• Method• User accounts• Container
Identify:• Method• User accounts• Container
1, 2, and 31, 2, and 34 and 54 and 5
move
66
77
33
22
44
55
66
77
Guidelines for Choosing a Mailbox Move Method
Method Description
The one-step move
Extract the e-mail data from the server running Exchange 5.5 and import it immediately to the server running Exchange 2003
The two-step move
1. Run the Exchange Server Migration Wizard once to extract migration files from the server running Exchange 5.5
2. Run the wizard again to import those migration files to the server running Exchange 2003
Guidelines:Guidelines:
Use the one-step method if you have a high-bandwidth connection
Use the two-step method:
If your servers cannot reliably communicate across the network
If you want to review and edit the extracted migration files between steps
Use the one-step method if you have a high-bandwidth connection
Use the two-step method:
If your servers cannot reliably communicate across the network
If you want to review and edit the extracted migration files between steps
What You Can Do Using the Exchange Server Migration Wizard
Use Exchange Server Migration Wizard to:Use Exchange Server Migration Wizard to:
Identify which messaging system elements to move
Migrate all mailbox data to the new Exchange 2003 mailboxes
Create new Active Directory users based on Exchange 5.5 accounts in the source organization (if matching users do not already exist in Active Directory)
Migrate Exchange, MSMail, Lotus cc:Mail, Lotus Notes, Novell GroupWise 4.x, Novell GroupWise 5.x, LDAP and IMAP4 e-mail into the Exchange mailbox store
Identify which messaging system elements to move
Migrate all mailbox data to the new Exchange 2003 mailboxes
Create new Active Directory users based on Exchange 5.5 accounts in the source organization (if matching users do not already exist in Active Directory)
Migrate Exchange, MSMail, Lotus cc:Mail, Lotus Notes, Novell GroupWise 4.x, Novell GroupWise 5.x, LDAP and IMAP4 e-mail into the Exchange mailbox store
How to Move Mailboxes from Exchange 5.5 to Exchange 2003
Practice
To move mailboxes from Exchange 5.5 to Exchange 2003:To move mailboxes from Exchange 5.5 to Exchange 2003:
Use Exchange Server Migration Wizard to move mailboxes
Verify that the mailboxes were moved
Verify that Exchange 5.5 resource mailboxes are synchronized to Active Directory
Use Exchange Server Migration Wizard to move mailboxes
Verify that the mailboxes were moved
Verify that Exchange 5.5 resource mailboxes are synchronized to Active Directory
11
22
33
move
Windows NT 4.0 Domain
verify
Active Directory Domain
ExchangeServer MigrationWizard
What Is the InterOrg Replication Utility?
Program Description
ConfigurationCreates a configuration file for setting replication frequency, logging options, folders to be replicated, and accounts to be used
Replication Service
Uses the file created by the Configuration program to continuously update information from one server (the Publisher) to one or more Exchange servers (Subscribers)
Replicates public folders between different Exchange organizations
Includes the Configuration and Replication Service programs
Replicates public folders between different Exchange organizations
Includes the Configuration and Replication Service programs
InterOrg Replication Utility
How to Replicate Public Folders from Exchange 5.5 to Exchange 2003
Practice
To replicate public folders from Exchange 5.5 to Exchange 2003:To replicate public folders from Exchange 5.5 to Exchange 2003:Prepare the servers for the InterOrg Replication Utility
Install the InterOrg Replication Utility
Create a replication configuration file on the server running Exchange 5.5
Configure the replication service on the server running Exchange 5.5
Use Outlook to verify that public folders and their content are replicating correctly
Remove the instances of the public folders from the server running Exchange 5.5
Prepare the servers for the InterOrg Replication Utility
Install the InterOrg Replication Utility
Create a replication configuration file on the server running Exchange 5.5
Configure the replication service on the server running Exchange 5.5
Use Outlook to verify that public folders and their content are replicating correctly
Remove the instances of the public folders from the server running Exchange 5.5
1122334455
66
replicate
Windows NT 4.0 Domain
Active Directory Domain
InterOrg ReplicationUtility
verify
Outlook
Discussion: Migrating Users from Exchange Server 5.5 to Exchange Server 2003
Read the scenarios
Determine possible solutions
Discuss your solutions with the class
Read the scenarios
Determine possible solutions
Discuss your solutions with the class
11
22
33
Course Evaluation