Kristian Andaker
Group Program Manager of OWA, EAS, ExUM, and EWS Microsoft, Redmond, WA
If you can't migrate all your
users from Exchange Server 2003 or 2007 to Exchange Server 2010 over a
weekend, you'll probably want to have the two versions of Exchange
running alongside one another for a while. To make this coexistence run
seamlessly for your users, and to ensure that your users don't need to
manually reconfigure their e-mail clients or learn a new OWA URL, you
should use a legacy namespace.
The legacy namespace (such as legacy.contoso.com) should be set up to work exactly the same way as your main external Exchange namespace (owa.contoso.com)
works today. Before you start migrating anybody, you should ensure that
the legacy namespace can be used to access your Exchange Server 2003 or
2007 mailboxes through all the protocols in exactly the same way your
main external Exchange namespace works. This means you need to update
your SSL certificates (use of a "Subject Alternative Name," or SAN,
certificate is recommended) to include the legacy namespace, and that
you need to configure reverse proxies, firewalls, and so on to let
through the legacy namespace in exactly the same way your main external
Exchange namespace is already set up.
When the legacy namespace is set up and works, you're ready to switch over your main external Exchange namespace (owa.contoso.com)
to point to your new Exchange Server 2010 computers. When you do this,
all clients using this namespace in their configuration, and all users
who remember an OWA URL that includes this namespace, will start
accessing your Exchange Server 2010 computers.
For users who still have
their mailboxes on Exchange Server 2003 or 2007, the only thing Exchange
Server 2010 will do is authentication. After that their requests will
be redirected or proxied to the Exchange Server 2003 or 2007 computers.
For the redirection and proxying to work correctly for Exchange 2003
access, you need to configure the Exchange2003Url
parameter on the Exchange 2010 OWA virtual directory. For Exchange
ActiveSync (EAS) to be proxied correctly to Exchange Server 2003, you
need to configure the Exchange 2003 EAS virtual directory to allow
Windows Integrated authentication. Other Exchange services rely on the
Exchange Server 2007 internalURL and externalURL
parameters on virtual directories to redirect and proxy traffic as
appropriate for each service. For more information on this, see the
TechNet documentation on Exchange Server 2010 migration at http://technet.microsoft.com/en-us/library/ee332348.aspx for Exchange Server 2003 and http://technet.microsoft.com/en-us/library/dd351133.aspx for Exchange Server 2007.
In coexistence between
Exchange Server 2003 or 2007 with Exchange Server 2010, your end users
should never have to reconfigure their e-mail clients manually, or learn
a different OWA URL. When the Exchange servers are configured correctly
and the legacy namespace is deployed, all of the client configuration
your users use, and the OWA URL they already know, should continue to
work seamlessly.
At the time of this writing, a few mobile phones implementing Exchange ActiveSync (EAS) have a bug preventing them from
following EAS redirections correctly. Until these device bugs are
fixed, users of these devices will need to manually change the
configuration on the phone to use the legacy namespace. By the time you
read this, I hope there will be fixes for all mobile devices that have
this problem from the device manufacturers.
|