Create a Remote Move Request that has Exchange 2010 in Both Forests
Applies to: Exchange Server 2010
Remote mailbox moves are also known as cross-forest mailbox moves. There are two types of remote mailbox moves that Exchange 2010 supports:
- Remote mailbox moves that have Exchange 2010 in both forests
In this scenario, one forest is an Exchange 2010 forest and the other forest has at least one Exchange 2010 Client Access server. You can use the Exchange Management Console (EMC) or the Exchange Management Shell to perform these mailbox moves. - Remote mailbox moves with a legacy Exchange forest
In this scenario, one forest contains Exchange 2010 and the other forest contains Exchange 2003 Service Pack 2 (SP2), Exchange 2007 SP2, or a combination of both. There is no Exchange 2010 Client Access server installed in the legacy forest. You can't use the EMC to perform these mailbox moves. You must use the Shell. For more information, see Create a Remote Legacy Move Request Where One of the Forests Doesn't Have Exchange 2010.
When you move Exchange 2003 mailboxes, the mailbox move will be offline. During the move, the users won't be able to access their mailboxes. When you move Exchange 2007 SP2 mailboxes or Exchange 2010 mailboxes, the move will be online, and the users can access their mailboxes during the move.
While performing remote mailbox moves, the Microsoft Exchange Mailbox Replication service (MRS) maintains the Send As and Receive As permissions. MRS then maps the trustee to the matching user in the destination forest. This functionality relies on the destination forest having all recipient objects being represented and having their corresponding msExchMailboxGUID attributes stamped. MRS then maps the trustee to the matching user in the destination forest.
Important
Maintaining permissions may not be possible in split-permission deployments. This is because in split permission deployments the ExchangeTrustedSubsystem group attribute isn't included in the Exchange Windows Permissions security group.
MRS also uses the msExchMailboxGUID attribute to attempt to maintain mailbox and mailbox folder permissions. MRS then maps the permissions to point to the matching user in the destination forest. The security identifiers (SID) in the access control entries (ACE) are replaced. If an SID is not mapped, then the permissions will not be maintained.
Looking for other management tasks related to move requests? Check out Managing Move Requests.
Prerequisites
For the complete list of prerequisites to move mailboxes across forests, see Prepare Mailboxes for Cross-Forest Move Requests.
What Do You Want to Do?
- Use the EMC to create a remote move request
- Use the Shell to create a remote move request
Use the EMC to create a remote move request
You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Mailbox moves" entry in the Mailbox Permissions topic.
If the source forest is an Exchange 2007 forest, the administrator performing the move must have the following remote credentials on the Exchange 2007 server:
- Exchange Server Administrator role
- Exchange Recipient Administrator role
Important
You can't move mailboxes by using the EMC if the source forest doesn't have at least one Exchange 2010 Client Access server installed. Instead, you must use the Shell to perform the task. For more information, see Create a Remote Legacy Move Request Where One of the Forests Doesn't Have Exchange 2010.
In the console tree, navigate to Recipient Configuration > Mailbox of the remote forest.
Note
All remote moves need to be initiated from the target forest.
In the result pane, select the one or more mailboxes that you want to move.
In the action pane, click New Remote Move Request.
On the Introduction page, view the mailboxes that you selected in the result pane. If you want to remove or add recipients, click Cancel, and then make the changes in the result pane.
> [!NOTE]
> The option to select a target database from the EMC isn't available. A target database will be automatically selected. For more information on how database auto-selection is determined, see <A href="dd298174(v=exchg.140).md">Understanding Move Requests</A>.
- On the Move Options page, specify the following settings:
- Source Forest This read-only field displays the source forest on which the mailboxes that you are moving reside.
- Target Forest Select the target forest from the list. This field will be populated with the forests that have been added to the EMC. If this field is blank, see View Forest Properties for information about how to add forests.
- FQDN of the Mailbox Replication Service proxy server in the source forest Type the name of the FQDN for the server on which the MRS proxy resides. This will be a Client Access server in the remote forest. For example, CAS01.contoso.com.
- Use the following source forest's credential To move mailboxes across forests, you must supply the credentials of a recipient administrator who has permission to move mailboxes from the source forest.
- User Name Type the domain name and password of a recipient administrator who has permission to move mailboxes from the source forest.
Password Type the administrator's password. - FQDN of the External E-mail Address that will be stamped in the source forest for the mail-enabled user when the move request is complete Type the FQDN of the external e-mail address that's created in the source forest for the mail-enabled user when the move request is complete. For example, the FQDN of the target forest. Mail-enabled users (MEU) must have a proxy address that has this FQDN as the SMTP domain of the address. At move completion, this proxy address will be stamped as the MEU's external e-mail address in the source forest to ensure that mail flow will return to the new mailbox.
- On the New Remote Move Request page, review the settings for this remote move request, and then click New.
- On the Completion page, review the following, and then click Finish to close the wizard:
- A status of Completed indicates that the wizard completed the task successfully.
- A status of Failed indicates that the task wasn't completed. If the task fails, review the summary for an explanation, and then click Back to make any configuration changes.
Use the Shell to create a remote move request
You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Mailbox moves" entry in the Mailbox Permissions topic.
If the source forest is an Exchange 2007 or Exchange 2003 forest, the administrator performing the move must have the following remote credentials on the Exchange 2007 or Exchange 2003 server:
- Exchange Server Administrator role
- Exchange Recipient Administrator role
Test whether a mailbox is ready to move across forests
This example uses the WhatIf switch to test whether a mailbox is ready to move across forests and if there are any errors within the command. When you use the WhatIf switch, the system performs checks on the mailbox. If the mailbox isn't ready, an error is returned. This command is run on the target forest.
New-MoveRequest -Identity 'tony@humungousinsurance.com -Remote -TargetDatabase DB02 -RemoteHostName 'CAS01.humungousinsurance.com' -RemoteCredential (Get-Credential Atlanta\Administrator) -TargetDeliveryDomain 'mail.contoso.com' -WhatIf
Move a mailbox from a remote forest
This example moves Tony Smith's mailbox into the forest where the command is running. When the move is completed, the new ExternalEmailAddress in the source forest will be Tony's proxy address with the SMTP domain mail.contoso.com.
New-MoveRequest -Identity 'tony@humungousinsurance.com -Remote
-TargetDatabase DB02 -RemoteHostName 'CAS01.humungousinsurance.com' -RemoteCredential $Cred -TargetDeliveryDomain 'mail.contoso.com'
Move a mailbox to a remote forest
This example pushes Tony Smith's mailbox to the remote forest. Use this command when you initiate the move from the source forest. When initiating moves from the source forest, you must use the RemoteTargetDatabase parameter to specify the database that you are moving the mailbox to. When the move is completed, the new ExternalEmailAddress in the source forest will be Tony's proxy address with the SMTP domain mail.contoso.com.
New-MoveRequest -Identity 'tony@humungousinsurance.com -Remote -RemoteTargetDatabase DB03 -RemoteHostName 'CAS01.humungousinsurance.com' -RemoteCredential $Cred -TargetDeliveryDomain 'mail.contoso.com'
Create a batch move request
This example creates a batched move request for all mailboxes in the source forest that are on the database DB01 and moves them to the target database DB02 in the target forest with the BatchName parameter value HumungousDB01ToContosoDB02.
Note
Creating a batch allows you to create a tag that identifies the mailboxes that are being moved. Each mailbox will be moved individually when an MRS instance becomes available to perform the move. You can then filter in searches using the BatchName in the Get-MoveRequest and Get-MoveRequestStatistics cmdlets.
Get-MailUser -Database DB01 | New-MoveRequest -Remote -RemoteHostName 'CAS01.humungousinsurance.com' -TargetDatabase DB02 -RemoteCredential $Cred -TargetDeliveryDomain 'mail.contoso.com' -BatchName HumungousDB01ToContosoDB02
Create a move request that suspends before completion
This example creates a remote move request for all mailboxes on the target forest that begin with the letter 'a'. The request will be suspended after all the initial content is moved, but before the mailbox is locked down and switched over to the new location. The move request will then need to be resumed by using the Resume-MoveRequest cmdlet.
Note
Creating a batch allows you to create a tag that identifies the mailboxes that are being moved. Each mailbox will be moved individually when an MRS instance becomes available to perform the move. You can then filter in searches using the BatchName in the Get-MoveRequest and Get-MoveRequestStatistics cmdlets.
Get-MailUser -ANR a* | New-MoveRequest -Remote -RemoteHostName 'CAS01.humungousinsurance.com' -RemoteCredential $Cred -TargetDeliveryDomain 'mail.contoso.com' -TargetDatabase DB02 -SuspendWhenReadyToComplete -BatchName "Aug28 - To be Completed at 11pm"
Create a move request that is processed by a specific server
This example creates a move request that is processed by the specific Client Access server CAS1.contoso.com, which has the Microsoft Exchange Mailbox Replication service installed.
Note
MRSServer parameter is reserved for debugging purposes. Use this parameter only if directed to by support personnel. If you use this parameter and the specified server is not functional, this move request will not be processed.
New-MoveRequest -Identity 'tony@humungousinsurance.com -RemoteHostName 'CAS01.humungousinsurance.com' -Remote -RemoteCredential $Cred -TargetDatabase DB02 -TargetDeliveryDomain 'mail.contoso.com' -MRSServer CAS1.contoso.com
Create a suspended move requests
This example creates a batch move request that is suspended for all mailboxes in the target forest where CustomAttribute1 is set to Monday. You may want to run this command if you want to create the move request now and then resume it in the evening, when e-mail traffic is low.
Note
Creating a batch allows you to create a tag that identifies the mailboxes that are being moved. Each mailbox will be moved individually when an MRS instance becomes available to perform the move.
Get-MailUser -Filter {CustomAttribute1 -eq 'Monday'} | New-MoveRequest -RemoteHostName 'CAS01.humungousinsurance.com' -Remote -RemoteCredential $Cred -TargetDatabase DB01 -TargetDeliveryDomain 'mail.contoso.com' -Suspend -SuspendComment "Resume after 11:00 p.m. PST" -BatchName "MondayMoves_HumungousToContoso"