Install Exchange 2010 in an Existing Exchange 2003 Organization
Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
You can use Microsoft Exchange Server 2010 Setup to install the first server running Exchange 2010 in an existing Exchange Server 2003 organization.
You can't perform an in-place upgrade from Exchange 2003 to Exchange 2010. However, you can install an Exchange 2010 server into the existing Exchange organization, and then move the Exchange resources, such as mailboxes, public folders, and connectors to Exchange 2010.
After you perform this procedure, your organization will be running in a coexistence mode. You can maintain this mode for an indefinite period of time, or you can immediately complete the upgrade to Exchange 2010 by moving all resources from Exchange 2003 to Exchange 2010, and then decommissioning the Exchange 2003 servers.
When you install Exchange 2010 in an existing Exchange 2003 organization, Setup performs the following coexistence-specific tasks:
Creates the Active Directory universal security group ExchangeLegacyInterop. This group is granted the permissions that allow the Exchange 2003 servers to send e-mail messages to the Exchange 2010 servers.
Creates a two-way routing group connector between Exchange 2010 and a selected Exchange 2003 bridgehead server. Exchange 2010 and Exchange 2003 use different routing topologies. You must configure a routing group connector to enable mail flow between the Exchange versions.
For information about performing a custom installation, see Install Exchange 2010 Using the Custom Installation Type. For information about installing Exchange 2010 in unattended mode, see Install Exchange 2010 in Unattended Mode.
Although it's a better practice to introduce Exchange 2010 into your Exchange 2003 organization and use Edge Subscriptions, you may want to start using Edge Transport servers before you start your upgrade. For more information, see Deploy the Edge Transport Server Role in an Existing Exchange 2003 Organization Before Upgrading to Exchange 2010.
Exchange Server 2010 Deployment Assistant
Exchange Server 2010 introduces the Exchange Server Deployment Assistant, or ExDeploy, a new Web-based tool that can help you with your Exchange deployment. ExDeploy asks you a few questions about your current environment and then generates a custom checklist and procedures that help simplify your deployment.
For more information, see Exchange Server Deployment Assistant.
You must ensure that each of the servers meets the appropriate prerequisites and system requirements before you begin your installation. For more information, see the following topics:
After you install Exchange 2010 on a server, you must not change the server name. Renaming a server after you have installed an Exchange 2010 server role is not supported.
Install Exchange 2010
If this is the first instance of Exchange 2010 that you're installing into your existing organization, make sure that you install the Client Access server role first, followed by the Hub Transport server role, followed by the Unified Messaging server role, and last, the Mailbox server role. For more information about the Client Access server role, see "Configure the Client Access server" later in this topic.
To perform the following procedure, the account you use must be delegated membership in the Schema Admins group if you haven't previously prepared the Active Directory schema. If you're installing the first Exchange 2010 server in the organization, the account you use must have membership in the Enterprise Admins group. If you've already prepared the schema and aren't installing the first Exchange 2010 server in the organization, the account you use must be delegated the Delegated Setup role group.
For information about preparing Active Directory for Exchange 2010, see Prepare Active Directory and Domains. For information about permissions in Exchange 2010, see Understanding Permissions and Understanding Role Based Access Control.
Insert the Exchange 2010 DVD into the DVD drive. When the AutoPlay dialog box appears, click Run Setup.exe under Install or run program. If the AutoPlay dialog box doesn't appear, navigate to the root of the DVD and double-click Setup.exe. Alternatively, browse to the location of your Exchange 2010 installation files and double-click Setup.exe.
The Exchange Server 2010 Setup welcome screen appears. In the Plan section, you can follow the links to read overview information regarding Exchange 2010, deploying languages, and the Exchange 2010 Deployment Assistant. In the Enhance section, you can read more information about Forefront Protection 2010, and install Microsoft Forefront Protection 2010. In the Install section, the software listed for Step 1: Install .NET Framework 3.5 SP1 and Step 2: Install Windows PowerShell v2 was installed with the Exchange 2010 prerequisites. However, if these prerequisites aren't already installed, click the appropriate step to install them.
For more information about Windows PowerShell installation, see Install Windows Management Framework.
If you're installing Exchange 2010 on the Windows Server 2008 R2 operating system, don't use the downloadable .NET Framework package. Instead, use Server Manager in Windows Server 2008 R2 or run ServerManagerCmd -i NET-Framework.
When Step 1 and Step 2 are shown as Installed, click Step 3: Choose Exchange language option to expand the Exchange language options, and then choose the appropriate option:
Install all languages from the language bundle This option installs all the Exchange 2010 languages from an Exchange 2010 language bundle. You can connect to the Internet to download the latest applicable language bundle or to use a previously downloaded language bundle on a local drive or network share. Internet connectivity is required for Exchange Setup to download the language pack bundle.
Install only languages from the DVD This option installs only the languages included with the Setup DVD. The installation of additional language support requires installing the languages from the language bundle.
For more information about Exchange language options, see Exchange 2010 Language Support.
After language installation is complete, click Step 4: Install Microsoft Exchange. This option starts the Exchange Server 2010 Setup wizard.
After your installation is complete, you can return to Step 5: Get critical updates for Microsoft Exchange.
On the License Agreement page, review the software license terms. If you agree to the terms, select I accept the terms in the license agreement, and then click Next.
On the Error Reporting page, click Yes, and then click Next.
On the Installation Type page, click Typical Exchange Server Installation. If you want to change the path for the Exchange 2010 installation, click Browse, locate the appropriate folder in the folder tree, and then click OK. Click Next.
If you choose the Typical Exchange Server Installation option, you won't be able to install the Unified Messaging server role or Edge Transport server role during this installation. You can add additional server roles later if you don't install them during this installation.
On the Configure Client Access Server external domain page, enter a domain name to use to configure your Client Access servers. Click Next. For more information about configuring Client Access servers, see "Configure the Client Access Server" later in this topic.
On the Customer Experience Improvement page, choose the appropriate selection for your organization, and then click Next.
On the Readiness Checks page, view the status to determine whether the organization and server role prerequisite checks completed successfully. If they completed successfully, click Install to install Exchange 2010.
On the Completion page, click Finish.
Configure the Client Access Server
If this is the first Exchange 2010 server you've installed in your Exchange 2003 organization, you need to perform several additional steps to configure your Exchange 2010 Client Access server.
If your organization requires Outlook Anywhere access, enable Outlook Anywhere as shown in the following example.
Enable-OutlookAnywhere -Server:<CAS2010> -ExternalHostName:mail.contoso.com -SSLOffloading $false
If you didn't configure a primary external namespace during setup, configure the virtual directories for the offline address book (OAB), Exchange Web Services, Microsoft Exchange ActiveSync, Microsoft Office Outlook Web App, and Exchange Control Panel (ECP) as shown in the following examples.
This example configures the virtual directories for the OAB.
Set-OABVirtualDirectory <CAS2010>\OAB* -ExternalUrl "https://mail.contoso.com/OAB"
This example configures the virtual directories for Exchange Web Services.
Set-WebServicesVirtualDirectory <CAS2010>\EWS* -ExternalUrl https://mail.contoso.com/ews/exchange.asmx
This example configures the virtual directories for Exchange ActiveSync.
Set-ActiveSyncVirtualDirectory -Identity <CAS2010>\Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com"
This example configures the virtual directories for Outlook Web App.
Set-OwaVirtualDirectory <CAS2010>\OWA* -ExternalUrl https://mail.contoso.com/OWA
This example configures the virtual directories for the ECP.
Set-EcpVirtualDirectory <CAS2010>\ECP* -ExternalUrl https://mail.contoso.com/ECP
Configure the Exchange 2003 URL property on the /owa virtual directory. This is necessary for Exchange 2003 and Exchange 2010 to coexist. This example configures this property.
Set-OwaVirtualDirectory <CAS2010>\OWA* -Exchange2003Url https://legacy.contoso.com/exchange
You must enable forms-based authentication on the Exchange 2003 front-end server to allow your users to access their mailboxes through a single sign-on during the coexistence period.
Change the OAB generation server and enable Web distribution on the Exchange 2010 Client Access server using the following steps.
Move the OAB as shown in this example.
Move-OfflineAddressBook "Default Offline Address List" -Server <MBX2010>
Add the Exchange 2010 Client Access server as a Web distribution point as shown in these examples.
Get-OABVirtualDirectory -Server <CAS2010>
Get-OfflineAddressBook "Default Offline Address List"
$OAB.VirtualDirectories and $OABVdir.DistinguishedName =
Set-OfflineAddressBook "Default Offline Address List" -VirtualDirectories $OAB.VirtualDirectories
Enable Integrated Windows authentication on the Microsoft-Server-ActiveSync virtual directory on the Exchange 2003 back-end server. This allows the Exchange 2010 Client Access server and the Exchange 2003 back-end server to communicate using Kerberos authentication. Do one of the following:
Install a hotfix. To download the hotfix, see Event ID 1036 is logged on an Exchange 2007 server that is running the CAS role when mobile devices connect to the Exchange 2007 server to access mailboxes on an Exchange 2003 back-end server. Use Exchange System Manager to adjust the authentication settings of the Exchange ActiveSync virtual directory.
Set the msExchAuthenticationFlags attribute to a value of 6 on the Microsoft-Server-ActiveSync object within the configuration container on each Exchange 2003 Mailbox server. For an example script, see Server Build DVD Visual Basic Script Examples.
Don't use IIS Manager to change the authentication setting on the Microsoft ActiveSync virtual directory, because the DS2MB process within the Microsoft Exchange System Attendant will overwrite the settings stored in Active Directory.
Create a legacy host name in your external Domain Name System (DNS) infrastructure and associate this host name with your Exchange 2003 front-end server or with your proxy infrastructure. See "Create a Legacy Host Name" later in this topic.
Reconfigure your external DNS settings or the publishing rules for your reverse proxy infrastructure to have your original namespace of mail.contoso.com point to your Exchange 2010 Client Access server or Client Access server array.
Create a Legacy Host Name
The exact steps for this procedure depend on your Internet service provider (ISP) and firewall configuration. Example steps for GoDaddy are provided to show you how this works. Your actual steps may vary. In general, you need to perform the following steps.
Create a DNS host (A) record in your internal and external DNS servers that points to the IP address of your legacy Internet-facing Exchange server (for example, Exchange Server 2007 Client Access server or Exchange 2003 front-end server) in internal DNS or the public IP address on your reverse proxy or firewall solution (external DNS). The host name should be in the format of legacy.domain.com (for example, legacy.contoso.com).
Create a publishing rule for the legacy host name in your reverse proxy or firewall solution to point to your legacy Internet-facing Exchange server. Refer to your proxy or firewall solution's user manual for instructions about how to do this.
Configure the existing DNS host (A) record in your internal and external DNS servers for your original host name (for example, mail.contoso.com) to point to your Exchange 2010 organization, for example, the IP address of your Client Access server or array (internal DNS), or the public IP address on your reverse proxy or firewall solution (external DNS).
For example, if your provider is GoDaddy.com, you can create a DNS host (A) record and associate it with your legacy Exchange infrastructure.
From your GoDaddy account management home page, click Domain Manager under the My Products heading in the left sidebar.
If prompted, log on to your account.
In the Total DNS section of the Domain Manager information screen, click Total DNS Control.
In the A (Host) section of the Total DNS Control screen, click Add new A record.
Enter the host name, for example, legacy.contoso.com, and enter the IP address of your legacy Exchange server in the Points to IP address box.
Choose a TTL (Time to Live) value. If you're performing this step well in advance of your Exchange 2010 installation, you can choose 1 day or 1 week from the drop-down list box. Otherwise, choose the default of 1 hour or 1/2 hour.
Click OK to complete your changes.
Verify the legacy host name is accessible from the Internet
From outside your firewall, perform the following steps, using your specific domain name.
Navigate to https://mail.contoso.com/owa, and then verify that you can access Outlook Web App for a user whose mailbox is on Exchange 2010.
Navigate to https://legacy.contoso.com/exchange, and then verify that you can access Outlook Web App for a user whose mailbox is on a legacy Exchange server.
Navigate to https://mail.contoso.com/owa, and then verify that you can access Outlook Web App for a user whose mailbox is on a legacy Exchange server.
You can also use the Microsoft Exchange Server Remote Connectivity Analyzer to verify connectivity for the legacy namespace. To use the Remote Connectivity Analyzer, see Microsoft Exchange Remote Connectivity Analyzer.
Verify Installation and View Configuration Objects
To verify that Exchange 2010 installed correctly, see Verify an Exchange 2010 Installation. After installation is complete, you can view the Exchange 2010 configuration objects in the Exchange Management Console (EMC).
You can only view and manage the Exchange 2010 configuration objects using the EMC in Exchange 2010.
To verify that mail flow is working correctly, you can perform the following procedure:
Configure your Hub Transport server. For more information, see Transport Server Post-Deployment Tasks.
Create a mailbox on the Exchange 2010 Mailbox server. For more information, see Create a Mailbox.
Send an e-mail message from the Exchange 2010 mailbox to a user who has a mailbox that is located on an Exchange 2007 server. Verify that the e-mail message is received.
Send an e-mail message from a user who has a mailbox that is located on an Exchange 2007 server to the new Exchange 2010 mailbox user. Verify that the e-mail message is received.
You can also use the Exchange Remote Connectivity Analyzer to test Exchange connectivity.
Finally, be sure to perform the tasks described in Finalize Deployment Tasks that are required for the server roles that you have installed.
Exchange 2010 now creates system address lists in a new container. Recipients created or modified using Exchange 2003 or Exchange 2007 management tools won’t be stamped with these system address lists. As a result, they won’t be seen by the Exchange 2010 Get-Recipient cmdlet.
To fix this issue, you must enable Active Directory virtual list view (VLV). After you have completed the upgrade of an existing Exchange 2003 organization to Exchange 2010 and have decommissioned your Exchange 2003 servers, you must enable Active Directory VLV. To enable VLV for Exchange 2010, run the Enable-AddressListPaging cmdlet. For more information, see Enable-AddressListPaging.
© 2010 Microsoft Corporation. All rights reserved.