Lesson 2: Upgrade and Migration Strategies

Now that you have started to deploy Windows 2000 and Active Directory and you have configured at least one connection agreement with ADC to synchronize the Exchange directory with Active Directory, you are ready for upgrading. In a production environment, it is good practice to prepare a full backup of the computer running Exchange Server 5.5 before launching the Setup program of Exchange 2000 Server. You may even restore your system on a test machine and perform a test upgrade there. This helps familiarize you with the entire upgrade task and shows that it can be performed without problems.

This lesson discusses available options for upgrading to Exchange 2000 Server. It introduces two general upgrade strategies that you may find useful. In environments with more than one server, the upgrade is accompanied by a coexistence phase that comes with special requirements, also covered here.

---

At the end of this lesson, you will be able to:

• Identify the components that allow you to integrate Exchange 2000 Server into an existing Exchange Server 5.5 environment.
• Perform an in-place upgrade to Exchange 2000 Server.
• Perform a migration using the move-mailbox strategy instead of in-place upgrades.
• Clean up Active Directory after the upgrade of an organization is complete.

Estimated time to complete this lesson: 2 hours

---

Upgrade Strategies

In general, you have to decide between two upgrade strategies. You can either install Exchange 2000 Server directly on a computer running Exchange Server 5.5, performing an in-place upgrade, or join an existing Exchange Server 5.5 site with a new server and move mailboxes and other resources to Exchange 2000 Server manually, which corresponds to a move-mailbox upgrade.

TIP

---

It is a good idea to review the installation and configuration of connectors, gateways, and any third-party software prior to the upgrade to ensure that they are compatible with Exchange 2000 Server.

In-Place Upgrade

The in-place upgrade is simple and quickly accomplished, but it is only supported over Exchange Server 5.5 Service Pack 3 or later. When you launch the Exchange 2000 Setup program directly on a computer running Exchange Server 5.5 Service Pack 3, the previous version is detected automatically, and Setup switches into upgrade mode, not allowing you to add additional components or change the existing configuration in any way. To make any changes, you will need to launch Setup one more time after the upgrade in maintenance mode, which was introduced in Chapter 5, "Installing Microsoft Exchange 2000 Server."

Database Conversion

During the in-place upgrade, Setup stops the Exchange Server services to convert the information store databases. The upgrade process works with approximately 8 GB per hour, which is extremely fast. However, the actual conversion speed depends on a number of factors, such as the number of mailboxes and public folders.

NOTE

---

The database conversion is a resource-intensive task during which the computer or the Setup procedure may appear to hang, for instance, at 85 or at 100 percent completion. This is an expected behavior, especially if the size of the databases being upgraded is large. You will need to be patient; do not terminate the Setup process, and do not restart the server.

Upgrade Prerequisites

The following prerequisites must be met to perform an in-place upgrade:

• The computer running Exchange Server was upgraded to Windows 2000 Server SP1 and is part of an Active Directory domain.
• Internet Information Services (IIS) 5.0 with Simple Mail Transport Protocol (SMTP) and Network News Transfer Protocol (NNTP) service must be installed.
• The server hardware must fulfill the minimum requirements for running Exchange 2000.
• You are running Exchange Server 5.5 Service Pack 3 or later.
• You have the required permissions to install Exchange 2000, as outlined in Chapter 4, "Planning the Microsoft Exchange 2000 Server Installation."

Move-Mailbox Upgrade

A significant disadvantage of the in-place upgrade is server downtime because the Exchange Server services must be stopped during the upgrade process. In-place upgrading also requires installing Windows 2000 Server and possibly updating Exchange Server to version 5.5 with Service Pack 3 first, which also causes the system to be unavailable for a period of time. If your organization is supposed to be up and running 24 hours, 7 days a week, consider a move-mailbox upgrade instead of the in-place approach. During a move-mailbox upgrade, you join an existing site with a machine running Exchange 2000 Server and move all resources from the legacy Exchange server to this computer. As soon as all resources have been moved, the old system may be removed from the site.

Leapfrog Upgrade

You may want to use the upgrade to Exchange 2000 Server as a perfect opportunity to replace outdated server hardware, or you may reuse the old hardware for subsequent Exchange 2000 Server installations after the data has been moved from the old system. This is known as a leapfrog upgrade (see Figure 6.8).

Figure 6.8 The leapfrog upgrade method

Joining an Existing Site

The move-mailbox upgrade involves manual configuration steps, but its most significant advantage is that business processes are not interrupted. Prepare a new computer according to the hardware and software requirements outlined in Chapter 5 and launch the Exchange 2000 Setup program. During Setup, indicate that you will join an existing organization. You need to specify an existing server running Exchange Server 5.5 with Service Pack 3. The name of the existing organization is retrieved from the specified server and replicated to Active Directory. The Exchange 2000 server will then join the selected site. As soon as Exchange 2000 Server is running in the site, you can move mailboxes and replicate public folders to the new system. This doesn't affect the installed client base because clients are redirected to new mailbox and public folder locations automatically, provided that the old home server is still available in the network (see Figure 6.9).

NOTE

---

When joining a site you must specify a server running Exchange Server 5.5 with Service Pack 3.

Figure 6.9 Redirection of Outlook 2000 to Exchange 2000

Dedicated Server Configurations

The move-mailbox migration strategy works best for mailbox and public folder resources. Existing connectors, however, need to be reconfigured on the new server if you plan to remove the old server from the site. This is also true if you have installed Key Management Service (KMS) in your organization. To most conveniently upgrade servers responsible for connectors (bridgehead servers) and KMS, consider the in-place upgrade method.

NOTE

---

It is a good idea to check the configuration of messaging connectors after an in-place or leapfrog upgrade. Do not forget to check whether or not the routing information is upgraded properly.

Upgrade Order

You can upgrade to Exchange 2000 Server in any order, which means that you don't need to consider upgrading bridgehead or connector servers first. As a matter of fact, you might want to upgrade these systems last, especially when they are running connector instances not supported by Exchange 2000 Server, such as the Professional Office System (PROFS) connector. It is advisable to upgrade public and mailbox servers first so that your users can benefit from the advanced messaging and collaboration features of Exchange 2000 Server immediately.

Exercise 4: Performing an In-Place Upgrade to Exchange 2000 Server

In this exercise you will perform an in-place upgrade to Exchange 2000 Server. At the end of this exercise, you will be operating an Exchange organization consisting of an Exchange 2000 server and a computer running Exchange Server 5.5.

To view a multimedia demonstration that displays how to perform this procedure, run the EX4CH6*.AVI files from the \Exercise_Information\Chapter6 folder on the Supplemental Course Materials CD.

Prerequisites

• Install the NNTP service of the IIS 4.0 on BLUESKY-PDC according to the installation instructions in "Installation of a Microsoft Windows NT 4.0 and Microsoft Exchange Server 5.5 for Chapter 6, 'Coexistence with Previous Microsoft Exchange Server Versions,'" found in the "Getting Started" section of "About This Book."
• Complete Exercise 3, earlier in this chapter.
• Log on as Administrator to BLUESKY-PDC.
• Insert the Exchange 2000 Server installation CD into the CD drive of BLUESKY-PDC. You can use the Standard or Enterprise edition to upgrade Exchange Server 5.5.

To perform an in-place upgrade to Exchange 2000 Server

1. To make sure the in-place upgrade can be performed on BLUESKY-PDC, click the Start button, point to Programs, then Microsoft Exchange, and then select Microsoft Exchange Administrator.
2. Make sure you are connected to BLUESKY-PDC, expand the site container BLUESKY-OLD-10, then select Configuration. In the right window pane, double-click on the DS Site Configuration object.
3. Switch to the Offline Address Book tab, and then, under Offline Address Book Server, select BLUESKY-BDC.
4. Click OK and close the Exchange Administrator program.
5. Click Start, select Run and, in the Run dialog box, click Browse to display the Browse dialog box.
6. From the Exchange 2000 Server installation CD, from the directory \Setup\i386, double-click the Setup executable file, and then click OK.
7. On the Welcome screen of the Microsoft Exchange 2000 Installation Wizard, click Next.
8. In the End-User License Agreement dialog box, select I Agree, and then click Next.
9. On the Product Identification wizard screen, enter the CD key of your Exchange 2000 installation CD, and then click Next.

   At this point, you have reached the Component Selection wizard screen, which provides you with information about the individual components that will be updated. It is important to note that you cannot change the Action displayed for any component (see Figure 6.10).

   

   Figure 6.10 The Upgrade action on the Component Selection wizard screen

10. On the Component Selection wizard screen, click Next.
11. On the Service Account wizard screen, make sure Administrator is displayed under User Name and that the Domain is BLUESKY-OLD-10. Under Password, type password.
12. Click Next.
13. On the Component Summary wizard screen, click Next to upgrade the server.
14. After Setup has upgraded the server, the final wizard screen is displayed. Click Finish.
15. A Microsoft Exchange 2000 Installation Wizard dialog box will appear, informing you that the system must be restarted. Use the Tab key to set the focus to the OK button, and then press Enter to confirm the dialog box and restart BLUESKY-PDC.

Exercise Summary

The in-place upgrade method is easy to accomplish if all prerequisites are met. You cannot change any configuration settings during the installation process. During the upgrade, existing configuration information is transferred to Active Directory. To verify that the configuration is now present in Active Directory, start the Exchange System snap-in from the Microsoft Exchange program group. Computers running previous versions of Exchange Server are shown as transparent objects and sites are matched with administrative groups, as explained in Chapter 5, "Installing Microsoft Exchange 2000 Server."

NOTE

---

To minimize the risk of permission-related problems during an in-place upgrade of a production system, check the consistency of the server prior to running the Exchange 2000 Server Setup program. Open the Exchange Administrator program, and display the properties of the affected server object. Switch to the Advanced tab, and then click on the Consistency Adjuster button. Select only the Remove Unknown User Accounts From Mailbox Permissions and Remove Unknown User Accounts From Public Folder Permissions check boxes, and then click OK. It is not necessary to synchronize the directory or re-home public folders.

Administering Heterogeneous Exchange Organizations

During the coexistence phase, it is important to coordinate system administration and maintenance carefully. Although Exchange 2000 Server resources are displayed in the directory information tree within the Exchange Administrator, any changes you make to these configuration objects are not replicated to Exchange 2000 Server and don't take effect. When displaying the configuration of the organization in the Exchange System snap-in, resources of previous Exchange versions are shown as transparent objects. The Exchange System snap-in displays the information as read-only and prevents you from changing settings.

NOTE

---

You must administer Exchange Server 5.5 using the Exchange Administrator program and Exchange 2000 Server using the Exchange System snap-in and other Microsoft Management Console (MMC) snap-ins.

User Account and Mailbox Management

Use only the Active Directory Users and Computers management tool for mailbox management. Don't use Exchange Administrator for this purpose. After all, you are migrating away from Exchange Server 5.5, and, therefore, it is a good idea to create mailboxes for new Windows 2000 accounts on servers running Exchange 2000 Server only. Avoid the creation of additional mailboxes on the legacy system.

Directory Replication with Previous Exchange Server Versions

Whether you join an existing site with a new Exchange 2000 server or perform an in-place upgrade, thus joining a site automatically, Exchange 2000 Server must disguise itself on the site to appear as an Exchange 5.5 server. When viewing your organization in Exchange Administrator, note that Exchange 2000 servers are displayed in much the same way as servers running previous versions of Exchange.

Site Replication Service

The disguising function results from a helper directory service, which the Setup program of Exchange 2000 Server installs automatically. You can find this service when launching the Services utility from the Administrative Tools program group. Look for the Microsoft Exchange Site Replication Service (SRS). It will be activated and its database initialized when you install a first Exchange 2000 server on a site or when you upgrade a directory replication bridgehead server. On all other Exchange 2000 servers, this component is deactivated by default. On BLUESKY-PDC, for instance, this service is configured to start automatically because this is the first Exchange 2000 server on the site.

SRS Directory Integration

You can think of SRS as an Exchange directory service for Exchange 2000 Server. Only the Name Service Provider Interface (NSPI) is disabled to prevent Microsoft Outlook clients from connecting to SRS and retrieving directory information from this service. As a matter of fact, SRS contains much of the executable code of the former directory service, which ensures full compatibility with earlier versions.

SRS consists of the following components (see Figure 6.11):

• The Windows 2000 SRS implemented in SRSMAIN.EXE
• A Site Consistency Checker, which runs as part of SRS and performs tasks similar to the Knowledge Consistency Checker of Exchange Server 5.5, such as the creation of replication links
• An SRS database named SRS.EDB and corresponding transaction logs, which hold Exchange Server 5.5 directory information and reside in the \Exchsrvr\Dsadata directory (in-place upgrade) or the \Exchsrvr\Srsdata directory (joining an existing site)

Figure 6.11 Directory replication between Exchange 2000 Server and Exchange Server 5.5

NOTE

---

When installing or enabling SRS, all existing Exchange 2000 administrators inherit the permissions to manage the SRS environment. Administrators that have been granted permissions in Exchange System Manager at a later time are unable to manage SRS. To grant these administrators SRS permissions, use the Exchange Administrator program and connect to the Exchange 2000 server. Grant the desired user account the appropriate rights, such as Service Account Administrator, as usual at the organization, site, and configuration level. You need the rights of a Permissions Admin.

Intrasite and Intersite Directory Replication

Within a site, SRS automatically replicates directory information using remote procedure calls (RPCs). Between sites, SRS replicates directory information via e-mail messages, just as the Exchange directory service does (see Figure 6.11). SRS automatically disables the directory replication to servers in the site as well as bridgeheads in other sites as soon as they are upgraded to Exchange 2000 Server. This ensures that replication data is not duplicated because the replication between Exchange 2000 systems is handled through Active Directory.

Configuration Connection Agreements

The SRS only replicates data with previous Exchange directories. Connection agreements of the ADC, on the other hand, replicate changes between SRS and Active Directory, as indicated in Figure 6.11. In a manner similar to the Exchange directory service, SRS accepts incoming connections from the ADC via a customized LDAP port if you are running Exchange 2000 Server on a domain controller; otherwise, it accepts them through the well-known LDAP port 389.

During the first installation of Exchange 2000 Server in an existing site, a configuration connection agreement is configured automatically. You can verify its existence when launching the Active Directory Connector tool from the Microsoft Exchange program group. For the ADC of BLUESKY-PDC, for instance, a connection agreement named Config CA_BLUESKY-OLD-10_BLUESKY-PDC was created. As you can see on the Connections property sheet, this connection agreement connects to SRS on BLUESKY-PDC through the customized TCP port 379 to synchronize configuration and routing information from the SRS database with Active Directory.

NOTE

---

If you are installing a first Exchange 2000 server on a Windows 2000 domain controller not running any previous version of Exchange Server and joining an existing site, SRS automatically uses TCP port 379 to avoid LDAP port conflicts with Active Directory.

Server-to-Server Communication and Message Transfer

As discussed in Chapter 3, "Microsoft Exchange 2000 Server Architecture," the mechanisms for server-to-server communication in Exchange 2000 rely primarily on SMTP and the extended Windows 2000 SMTP service. This is different than previous Exchange Server versions, where directory services performed directory replication and Message Transfer Agents (MTAs) provided the native messaging transport between servers in a site and message transfer to servers in other sites.

Server-to-Server Communication

Within sites, computers running previous versions of Exchange Server communicate with each other using RPCs. When integrating Exchange 2000 Server in a site, the new system must comply with this tradition and use RPCs as well. Specifically, SRS will contact remote Exchange directory services for directory replication, and the MTA of Exchange 2000 Server will transfer messages with legacy MTAs. The MTA of Exchange 2000 Server works similar to the old MTA, with minor enhancements and the exception that the new MTA uses LDAP instead of Directory API (DAPI) to perform directory lookups.

NOTE

---

If you install two or more Exchange 2000 servers in a site, these servers will detect each other through Active Directory and route messages to one another using the SMTP service rather than the MTA.

RPCs and Authentication Dependencies

All Exchange servers in a site must validate each other using a common Site Services account before server-to-server communication is allowed. Servers not using the correct Site Services account will not be able to communicate. Therefore, Exchange 2000 Server must use the common Site Services account for its communication with previous versions of Exchange Server as well.

When joining an existing site, you will be prompted for the Site Services account information. You can correct or change the Site Services account password within the Exchange System snap-in when displaying the properties of the administrative group that represents your site (such as BLUESKY-OLD-10, which can be found under Administrative Groups). Click Modify on the General property sheet to change the information displayed under Exchange 4.0/5.x Service Account For This Site.

NOTE

---

The Site Services account specified in the properties of an administrative group is only used for communication with legacy Exchange systems. Exchange 2000 servers use the LocalSystem account for their native communication.

Intersite and Gateway Message Transfer

Exchange 2000 Server can utilize any existing connector installed in the site because SRS, in conjunction with the ADC, replicates configuration information, including information about connected sites and gateways, to Active Directory. Likewise, information about existing Exchange 2000 connectors is replicated to all Exchange directories. Earlier versions of Exchange Server can, therefore, also use new connectors for message transfer (see Figure 6.12).

Figure 6.12 Intersite message transfer and gateway connections

NOTE

---

Through directory replication, routing information from servers running previous Exchange Server versions is placed in the Exchange 2000 Server link state table. This allows Exchange 2000 Servers to include any existing connectors in its routing decisions.

Proxy Addresses

Proxy address definitions must be preserved on Exchange 2000 Server so that all users in a site or administrative group have the same proxy addresses generated. Consequently, when joining an existing site, the proxy address definitions (SMTP, X.400, Lotus cc:Mail, and MS Mail) must be copied to a recipient policy for the administrative group that represents a particular site in Exchange 2000 Server. You can view the definition of the recipient policy in the Exchange System snap-in. In the console tree, open the Recipients container, and then select Recipient Policies. In the details pane, you will find an object with a name that corresponds to your site (such as BLUESKY-OLD-10) that has the highest priority. When you display the properties of this policy object, you will find a Filter Rule in the General property sheet that activates the policy for all objects with a LegacyExchangeDN attribute set to the organization and site name of the site that you joined with the Exchange 2000 server.

Upgrading Outlook Web Access

It is important to note that Outlook Web Access (OWA) will be replaced entirely when upgrading to Exchange 2000 Server. If you have customized the .asp pages of OWA to implement your own Web-based messaging solution, this solution will not work with Exchange 2000 Server, because OWA in Exchange 2000 Server has been entirely redesigned. The rendering process is handled directly by an Internet Server API (ISAPI) component (DAVEX.DLL) and other DLLs, instead of .asp pages. The new architecture is explained in Chapter 22, "Microsoft Outlook Web Access."

To preserve your customized solution, install Exchange 2000 Server on a separate computer running Windows 2000, and then use the move-mailbox approach to migrate mailboxes and public folders. Leave the old server running to front end Exchange 2000 Server with OWA from Exchange Server 5.5. When users connect to their mailboxes via HTTP and the legacy OWA version, the location of the mailbox is determined from the Exchange directory.

NOTE

---

You cannot front end a computer running Exchange Server 5.5 with OWA from Exchange 2000 Server.

Switching from Mixed Mode to Native Mode

As outlined in Chapter 5, it is advantageous to switch an Exchange 2000 Server organization into native mode as soon as all earlier versions of Exchange Server are upgraded. This gives you full control over the configuration of administrative and routing groups and eliminates mixed mode limitations. However, as long as computers running previous Exchange Server versions exist in your organization, changing to native mode is impossible. Consequently, the Change Mode button in the General property sheet of the organization (for example, Blue Sky Airlines [Exchange]) is deactivated in the Exchange System snap-in.

IMPORTANT

---

To switch an organization to native mode, all computers running previous Exchange Server versions must be upgraded or removed. Switching to native mode disables interoperability with previous versions, which is an irreversible process.

Exercise 5: Performing a Move-Mailbox Upgrade and Finalizing the Migration

In this exercise you will complete the migration of the test environment to Exchange 2000 Server by using the move-mailbox approach. As soon as all resources are on BLUESKY-PDC, you will remove the legacy system and switch the organization to native mode.

To view a multimedia demonstration that displays how to perform this procedure, run the EX5CH6*.AVI files from the \Exercise_Information\Chapter6 folder on the Supplemental Course Materials CD.

Prerequisites

• Make sure several mailboxes exist on BLUESKY-BDC, as outlined in the installation description provided in the "Getting Started" section of "About This Book."
• Complete Exercise 4, earlier in this lesson.
• Log on as Administrator to BLUESKY-PDC and BLUESKY-BDC.

To perform a move-mailbox upgrade and finalize the migration

1. On BLUESKY-PDC, start the Active Directory Users and Computers management tool and open the Users OU.
2. Right-click Users, point to All Tasks, and then select Find.
3. In the Find Users, Contacts, And Groups dialog box, switch to the Exchange tab, and then select the Show Only Exchange Recipients and Users With Exchange Mailbox check boxes.
4. Click Find Now and then select all accounts listed at the bottom of the dialog box.
5. Right-click the selected accounts, and from the shortcut menu, select Enable Account. You need to enable the user accounts; otherwise, you will experience problems moving the mailboxes.
6. In the Active Directory dialog box informing you that all selected user objects are enabled, click OK.

   NOTE

   ---

   The Active Directory Connector adds a description of Disabled Windows User Account to each disabled object that it creates for an Exchange Server 5.5 mailbox. When enabling these accounts, the description is not changed automatically. In a production environment, you have to update this information manually (or using LDIFDE for batch operation) to avoid confusing account descriptions in Active Directory.

7. Right-click the selected accounts again, and from the shortcut menu, select Exchange Tasks.
8. On the Exchange Task Wizard welcome screen, click Next.
9. On the Available Tasks wizard screen, select Move Mailbox, and then click Next.
10. On the Move Mailbox wizard screen, under Server, select Blue Sky Airlines/BLUESKY-OLD-10/BLUESKY-PDC.
11. Under Mailbox Store, make sure First Storage Group/Private Information Store (BLUESKY-PDC) is displayed, and then click Next.
12. A Task In Progress wizard screen will appear, informing you about the mailbox move. After that a final wizard screen will be displayed summarizing the process. Click Finish and then close Active Directory Users and Computers.

    At this point, you have successfully moved all mailbox resources to the new Exchange 2000 server (see Figure 6.13). You would also have to replicate existing public folder instances to the new server, which is not required in the test environment because public folders were not created. Public folder replication is covered in Chapter 18, "Public Folder Replication."

13. On BLUESKY-BDC, insert the Exchange Server 5.5 installation CD into the CD drive, launch Setup in maintenance mode, and remove the Exchange Server installation.
14. On BLUESKY-PDC, start the Exchange System snap-in from the Microsoft Exchange program group.
15. In the console tree, open Administrative Groups, then BLUESKY-OLD-10, then Servers. Verify that the server BLUESKY-BDC still exists in the Active Directory information. Note that you cannot delete the server from within the Exchange System snap-in.
16. From the Microsoft Exchange program group, start the Exchange 5.5 Administrator program.
17. From the File menu, select Connect To Server. In the Connect To Server dialog box, type BLUESKY-PDC, and click OK.
18. Expand the directory information tree and, under Servers, select BLUESKY-BDC.

    

    Figure 6.13 Moving mailboxes to Exchange 2000 Server

19. From the Edit menu, select Delete. In the Microsoft Exchange Administrator dialog box asking whether you are sure to delete the server with all its resources, click Yes (see Figure 6.14).
20. In the Microsoft Exchange Administrator dialog box asking whether you are sure to delete all corresponding public folder instances, click Yes.
21. In the final Microsoft Exchange Administrator dialog box informing you that the server was deleted successfully, click OK, and then close the Exchange Administrator program.

    

    Figure 6.14 An Exchange 2000 organization in native mode

22. Open the Active Directory Connector tool from the Microsoft Exchange program group. Select the configuration connection agreement Config CA_ BLUESKY-OLD-10_BLUESKY-PDC, right-click on it, and, from the shortcut menu, select Replicate Now to immediately transfer the changes from the SRS database to Active Directory. After the replication is complete, close the Active Directory Connector tool.
23. Switch to the Exchange System snap-in, and refresh the view by pressing F5. Notice that the server BLUESKY-BDC disappears.
24. Open the Tools container, then open Site Replication Services. Right-click Microsoft Exchange Site Replication Service (BLUESKY-PDC).
25. From the shortcut menu, select Delete and, in the Exchange System Manager dialog box, click Yes to delete the replication service.
26. Open the Active Directory Connector tool again, and note that the configuration connection agreement was deleted automatically. Delete the user connection agreement CA for Blue Sky Airlines as well. Confirm all warning messages with OK.
27. Switch to the Exchange System snap-in, right-click on the organization object Blue Sky Airlines (Exchange), and, from the shortcut menu, select Properties.
28. In the General property sheet, click on the Change Mode button. In the Exchange System Manager dialog box informing you that this process is irreversible, click Yes, and then click OK.

    At this point, you are operating a native mode Exchange 2000 organization that cannot integrate earlier versions of Exchange Server, which is indicated by the missing Site Replication Service container that once was available under Tools in mixed mode.

Exercise Summary

Although the move-mailbox upgrade represents an interesting alternative to the in-place approach, a complete migration requires numerous manual configuration steps. After you have removed a server running an earlier version of Exchange Server from the site, you need to delete its references from Active Directory using the Exchange Administrator program. The last Exchange server must be deleted from the SRS database manually because no other Exchange directory service exists in the site that could accomplish this via directory replication.

Active Directory Cleanups

Upgraded users now working with mailboxes on Exchange 2000 Server will notice subtle changes in the structure of the address book because they now connect to a Global Catalog server for address lookups, as explained in Chapter 2, "Integration with Windows 2000." However, users might sometimes see duplicate accounts in the address book. These duplicate accounts, which might be generated during the migration process, require a dedicated cleanup using the Active Directory Account Cleanup Wizard.

Duplicate Account Generation

The procedures outlined in this chapter rely on a Windows NT and Exchange Server in-place upgrade, which implicitly prevents the generation of duplicate accounts because the user accounts are converted to Windows 2000 accounts first and then synchronized with Exchange Server 5.5 mailbox information. However, depending on the complexity of your Windows NT domain environment, it might be necessary to synchronize Exchange Server 5.5 mailbox information before upgrading Windows NT user accounts, in which case user connection agreements of the ADC create Windows 2000 accounts for all those mailboxes for which user account information was missing in Active Directory. This may happen, for instance, when users work with Exchange Server mailboxes that reside in different domains and all PDCs could not be upgraded to Windows 2000. If ADC user connection agreements generated Windows 2000 accounts for those Windows NT users' mailboxes, and you upgrade these users to Windows 2000 at a later time, you will end up with duplicate accounts (see Figure 6.15).

TIP

---

To avoid the generation of duplicate accounts in your environment, upgrade all existing PDCs to Windows 2000 before configuring user connections agreements with the ADC.

Using the Active Directory Cleanup Wizard

If you need to remove numerous duplicate accounts from Active Directory, you will find the Active Directory Cleanup Wizard a very helpful tool. It is available in the Microsoft Exchange program group. This utility searches through the Active Directory forest for possible duplicate Windows NT accounts and displays a list of duplicates that were found, giving you the opportunity to review and adjust the cleanup procedure. It is also possible to manually match duplicates that were not found and merge duplicate accounts into a selected destination account. Merging duplicate accounts preserves group and distribution list membership and access permissions to existing resources. You can find more information about the Active Directory Cleanup Wizard in the Microsoft Exchange 2000 Server online documentation.

Figure 6.15 Duplicate account creation

NOTE

---

It is not possible to perform cleanups or merge operations across multiple Active Directory forests.