Exchange 2003 to Exchange 2010 Step by Step Deployment Guidance
Step 11: Install the Edge Transport server role
The Edge Transport server performs anti-spam and antivirus filtering, and it also applies messaging and security policies to messages in transport. The Edge Transport server role can’t coexist on the same computer with any other Exchange server role. You must deploy the Edge Transport server role in the perimeter network and outside the secure Active Directory forest.
Learn more at: Overview of the Edge Transport Server Role
How do I do this?
The Exchange Server 2010 Setup wizard helps you install the Edge Transport role.
- Insert the Exchange 2010 DVD into the DVD drive. When the AutoPlay dialog appears, click Run Setup.exe under Install or run program. If the AutoPlay dialog doesn’t appear, navigate to the root of the DVD and double-click Setup.exe. Alternatively, browse to the location of your Exchange 2010 installation files and double-click Setup.exe.
- The Exchange Server 2010 Setup welcome screen appears. In the Install section, the software listed for Step 1: Install .NET Framework 3.5 SP1 and Step 2: Install Windows PowerShell v2 was installed with the Exchange 2010 prerequisites. If these prerequisites aren’t already installed, click the appropriate step to install them.
- When Step 1, Step 2, and Step 3 are listed as Installed, click Step 4: Install Microsoft Exchange.
- On the Introduction page, click Next.
- On the License Agreement page, review the software license terms. If you agree to the terms, select I accept the terms in the license agreement, and click Next.
- On the Error Reporting page, select Yes or No to enable the Exchange Error Reporting feature, and click Next.
- On the Installation Type page, select Custom Exchange Server Installation. To optionally change the installation path for Exchange 2010, click Browse, locate the appropriate folder in the folder tree, and then click OK. Click Next.
- On the Server Role Selection page, select the Edge Transport Role, and click Next. The Management Tools option, which installs the Exchange Management Console and the Exchange Management Shell, will also be selected and installed.
- On the Customer Experience Improvement Program page, optionally join in the Exchange Customer Experience Improvement Program (CEIP). The CEIP collects anonymous information about how you use Exchange 2010 and any problems that you encounter. To join the CEIP, select Join the Customer Experience Improvement Program, choose the industry that best represents your organization, and then click Next.
- On the Readiness Checks page, review the Summary to determine if the system and server are ready for the Edge Transport role to be installed. If all prerequisite checks completed successfully, click Install. If any of the prerequisite checks failed, you must resolve the displayed error before you can proceed with installing the Edge Transport role. In many cases, you don’t need to exit Setup while you’re fixing issues. After you resolve an error, click Retry to run the prerequisite check again. Also, be sure to review any warnings that are reported.
- The Progress page displays the progress and elapsed time for each phase of the installation. As each phase ends, it’s marked completed and the next phase proceeds. If any errors are encountered, the phase will end as incomplete and unsuccessful. If that happens, you must exit Setup, resolve any errors, and then restart Setup.
- When all phases have finished, the Completion page displays. Review the results, and verify that each phase completed successfully. Clear the check box for Finalize this installation using the Exchange Management Console, and then click Finish to exit Setup.
- When you’re returned to the Setup welcome screen, click Close. On the Confirm Exit prompt, click Yes.
- Restart the computer to complete the installation of the Edge Transport role.
Step 12: Subscribe the Edge Transport server
You can use the Exchange Management Shell or the Exchange Management Console on the Hub Transport server to configure Internet mail flow when your organization sends and receives Internet e-mail by using a subscribed Edge Transport server.
To establish Internet mail flow, you subscribe the Edge Transport server to an Active Directory site. This process automatically creates the following Send connectors, which are required for Internet mail flow:
- A Send connector configured to send e-mail to all Internet domains.
- A Send connector configured to send e-mail from the Edge Transport server to the Hub Transport server.
Before you complete these steps, ensure that network communications over the secure LDAP port 50636/TCP are enabled through the firewall that separates the perimeter network containing the Edge Transport server from the internal Exchange organization.
Learn more at: Understanding Edge Subscriptions
How do I do this?
Use the following steps to subscribe the Edge Transport server to an Active Directory site:
- On the Edge Transport server, run the following command in the Shell.
New-EdgeSubscription -FileName “C:\EdgeSubscriptionInfo.xml”
- Copy the resulting XML file to a Hub Transport server in the Active Directory site to which you want to subscribe the Edge Transport server.
- On the Hub Transport server, open the EMC, navigate to Organization Configuration > Hub Transport, and select the Edge Subscriptions tab.
- In the Actions pane, click New Edge Subscription to start the New Edge Subscription wizard.
- In the Active Directory site field on the New Edge Subscription page, click Browse to select the Active Directory site to which you want to subscribe the Edge Transport server.
- In the Subscription file field, click Browse to select the EdgeSubscriptionInfo.xml file that was copied to the Hub Transport server in Step 2.
- Leave as selected the Automatically create a Send connector for this Edge Subscription check box, and click New to create the Edge Subscription.
- On the Completion page, review the task results and verify that the subscription was successfully created. The wizard will display a warning indicating that the Hub Transport servers in the subscribed site must be able to resolve the IP address for the Edge Transport server and to connect to TCP port 50636 on the Edge Transport server. Before proceeding with the next step, I recommend you verify this connectivity.
- On the Hub Transport server, run the following command in the Shell.
For more information, see: Import an Edge Subscription File to an Active Directory Site
How do I know this worked?
After you create a new Edge Subscription, the Edge Transport server referenced in the Edge Subscription file is associated with the Hub Transport servers in an Active Directory site.
To verify that replication of the new Edge Subscription was successful, you can run Get-EdgeSubscription in the Shell.
Step 13: Configure Send connectors (Do this step ONLY IF YOU ARE NOT USING EDGE TRANSPORT SERVERS)
During your upgrade from Exchange 2003 to Exchange 2010 you will move outbound Internet mail flow from Exchange 2003 to Exchange 2010. If you’re using an Edge Transport server and have completed the steps described for installing the Edge Transport server role and subscribing the Edge Transport server, then outbound Internet mail flow is already configured in Exchange 2010, and all you will need to do is delete the Exchange 2003 SMTP Connector.
If you’re not using an Edge Transport server, then you must create at least one Send connector configured with the appropriate address space, and then delete the existing Exchange 2003 SMTP connector(s).
Learn more at: Understanding Send Connectors
How do I create a Send connector?
You can use the New Send Connector wizard in the Exchange Management Console to perform this procedure.
- In the Console tree, expand Organization Configuration and select Hub Transport.
- In the result pane, click the Send Connectors tab.
- In the Actions pane, click New Send Connector. The New SMTP Send Connector wizard starts.
- On the Introduction page, follow these steps:
- In the Name field, type a meaningful name for this connector. Specify a name for the Send connector that helps you distinguish this Send connector from other Send connectors in your configuration.
- In the Select the intended use for this connector field, select Internet and click Next.
- On the Address space page, click Add.
- In the Address field, enter * and click OK. Click Next.
- On the Network settings page, review the available options and select how to send e-mail with the Send connector. (If you need more information about the settings, click F1.)
- Select the Use the External DNS Lookup settings on the transport server check box if you want to use a specific list of DNS servers instead of the DNS server(s) configured for the Hub Transport server’s network adapter. After you finish, click Next.
|Verify that you have configured the external DNS servers list by using the Set-TransportServer cmdlet, or by using the External DNS Lookups tab in the properties of the Hub Transport server.|
- If you’re using a smart host, the Configure smart host authentication settings page appears. By default, no authentication is used. To configure the smart host authentication settings, click Change. Select the method you want to use to authenticate to the smart host, and then click Next.
|Here are some things to be aware of if the smart host requires Basic authentication. Basic authentication requires that you provide a user name and password. I strongly recommend that you use an encrypted connection if you’re using Basic authentication because the user name and password are sent in clear text. Select the Basic Authentication over TLS check box to enable encryption on the connection. Also, if you specify more than one smart host for this Send connector, all the specified smart hosts must accept the same user name and password.|
- On the Source Server page click Next.
- On the New Connector page, review the configuration summary for the connector. If you want to modify the settings, click Back. If the summary is correct, click New to create the Send connector.
- On the Completion page, review the following, and then click Finish to close the wizard:
- A status of Completed indicates that the wizard completed the task successfully.
- A status of Failed indicates that the task wasn’t completed. If the task fails, review the summary for an explanation, and then click Back to make any configuration changes.
- Repeat steps 3-10 for each Send connector you want to create (for example, custom, Internal, Partner).
How do I delete an Exchange 2003 SMTP connector?
- When each Send connector is created and verified, the corresponding SMTP connector can be deleted.
- In Exchange System Manager, expand the Organization node, expand Administrative Groups, expand <AdministrativeGroupName>, expand Routing Groups, expand <RoutingGroupName>, and then select Connector.
- In the right-hand pane, right-click the connector you want to delete and select Delete.
- Click OK to confirm the deletion.
- Rockin’ the CASB – What you need to know about Cloud Access Security Brokers …
- Cloud Tweaks Blog … What Do You Know About Cloud Security?
- Security Awareness @ ISC2 Security Congress 2015
- Secure the Power of the Cloud … (and get certified while doing it)
- Announcing Exchange Server 2016 Preview!
- VMware Scripting Overview – A quick look under the hood
- Checklist: Use AD FS to implement and manage single sign-on with Server 2012/R2
- Checklist: Setting up a Federation Server (ADFS) for use with Office 365 on Windows Server 2008/R2
- The (ISC)² CISSP Domain Refresh … Are you prepared?
- vSphere 6.0 is on the way !!! …. Are you ready???