Transitioning from Exchange 2003: It's Harder Than You Think
Time is running out for organizations running Exchange Server 2003, but Microsoft hasn't made it easy for those wanting to move away from the decade-old mail server.
On April 8, 2014, Exchange Server 2003 will lose "extended" product support, just like Windows XP, which means there will be no more security patch support for it. After that date, Exchange 2003 will be open to attacks that won't get patched by Microsoft, leading to potential security issues for organizations.
Getting off Microsoft's aging mail server in a couple of months could pose difficulties for organizations, given all of the steps involved in carrying out a migration. Exchange 2003 use represented 16 percent of all Exchange Server deployments worldwide, accounting for 66 million mailboxes, according to a March 2013 report (PDF) by The Radicati Group. The research firm estimated in that report that 6.3 million small-to-medium businesses in North America were still using Exchange 2003.
Other time bombs on the horizon for some organizations are Outlook 2003, Exchange 2010 Service Pack 2, Office 2003 and Windows XP. They all lose extended product support on April 8, according to Microsoft's product lifecycle descriptions.
No Upgrade Path for Exchange 2003
Organizations running Exchange 2003 face a special problem in that they cannot perform an in-place upgrade to Exchange 2013, which is Microsoft's newest mail server product. The exception may be offerings from third-party software vendors, which promise to simplify such moves.
Exchange 2003 migrations to Office 2013 aren't simple because Microsoft did not create an upgrade path for it -- a typical Microsoft practice for its products that are three generations old. For instance, it's not possible to install Exchange 2013 so that it coexists with Exchange 2003 in a single Active Directory forest. Instead, migration from Exchange 2003 typically might entail upgrading to Exchange 2010 first. Next, if an organization wants to get to Exchange 2013, they'd have to repeat the upgrade steps all over again, according to Exchange expert J. Peter Bruzzese, in a Redmond article.
This lack of an upgrade path from Exchange 2003 to Exchange 2013 isn't explained in much detail by Microsoft. However, Microsoft MVP Ed Crowley does offer some advice in this Microsoft TechNet forum post. He also recommended moving to Exchange 2010 first. Analyst and consulting firm Gartner Inc. also advises that path as well.
"To move to Exchange 2013 from Exchange 2003 is a dual-hop migration because you have to move to Exchange 2010 first," explained Bill Pray, Gartner research vice president for technical professionals, in an e-mail. "For most organizations in this situation, that means migrating to Exchange 2010 and then stopping -- putting off a migration to Exchange 2013 until sometime in the future. The exception is that if they have a compelling business case to move to Exchange 2013 for the new archiving functionality."
Pray said that Gartner doesn't track overall Exchange use. However, the research and consulting firm does offer advice on deciding which Exchange version to select in its publication, "What's New in Exchange 2013, and Should You Move to It?" Organizations might also consider whether they are ready to use software-as-a-service e-mail solutions or not, instead of just weighing which Exchange Server version to move to, according to Pray.
An Exchange migration involves upgrading all Internet-facing Active Directory sites first, according to Microsoft's planning roadmap for Exchange 2003 upgrade and coexistence guide. The guide then broadly describes five more steps to carry out, including upgrading Exchange 2003 to Service Pack 2 first. This seemingly simple advice flies in the face of IT pro experience and advice, though, which paints a far more complicated picture.
For instance, Microsoft MVP Jaap Wesselius recommends moving to Exchange 2010 by first integrating it with an existing Exchange 2003 environment. He outlines the concepts in Part 1 and Part 2 of an Exchange migration article hosted by software tools maker Red Gate Software. The basic idea is to establish "coexistence" with Exchange 2003 by installing an instance of Exchange 2010. That installation takes place before trying to move mailboxes over to the new server, which can take a day to complete. Wesselius describes that process as performing an "intraorganizational migration," also known as "transitioning."
"Moving from Exchange Server 2003 to Exchange Server 2010 in the same Active Directory forest is called transitioning," Wesselius explained in Part 1. "Building a new Active Directory forest with a new Exchange Server 2010 organization and moving mailboxes from the old Active Directory to the new Active Directory is called migrating."
The final step is uninstalling the Exchange 2003 server. However, moving off Exchange 2003 turns out to involve a lot more than just five steps, with plenty of pitfalls along the way, according to Wesselius' account. In addition, IT pros may have to switch between management capabilities when Exchange 2003 is set up to coexist with Exchange 2010. Microsoft's planning roadmap publication explains that administrative groups are used in Exchange 2003, but they aren't used in Exchange 2010. That technology difference affects management tools use, as described in this TechNet article. For instance, System Manager in Exchange 2003 can't be used to manage Exchange 2010 objects.
Microsoft does provide some help for Exchange migrations. In addition to its TechNet resources, Microsoft provides a guidance tool in the form of the Exchange Server Deployment Assistant. This Web-based portal asks questions based on an organization's Exchange plans. It asks whether the installation is staying on premises, going to the cloud (Office 365) or based on a hybrid configuration. The Deployment Assistant then produces a report with steps to follow.
If an organization is skipping an Exchange version when transitioning to a newer version of Exchange, Microsoft warns that running the Active Directory prep process can make it impossible to use that skipped version in the future, should it be wanted. For example, upgrading to Exchange 2010 after skipping Exchange 2007 creates a "point of no return" for adding Exchange 2007 later. For those wanting flexility, Microsoft recommends running the skipped server version in a virtual machine with all of roles installed to create a production server option.
Office 365 Cutover Migrations
The nail-biting scenario of performing a double-hop migration from Exchange 2003 to Exchange 2013 contrasts with a somewhat more simplified move from Exchange 2003 to Office 365, which is Microsoft's cloud-based branding for its Exchange Online service. Typically, moving to Office 365 from Exchange 2003 would first involve setting up a hybrid network that taps both Microsoft's service and the premises-based server. However, smaller organizations can bypass that step when performing what Microsoft describes as a "cutover" or single-batch migration, which gets carried out from the Migration page of the Exchange Administration Center or Exchange Management Shell, according to this TechNet article. Microsoft describes three basic Exchange Server migration types (cutover, staged and hybrid) to consider before moving to Office 365.
Microsoft MVP Kelsey Epps claims that there is no need to establish a hybrid server first before performing a cutover migration from Exchange 2003 to Office 365 -- at least for smaller organizations. He clarifies in a step-by-step guide that such cutover migrations to Office 365 are only for organizations with "fewer than 1,000 mailboxes." He also warns against performing cutover migrations for organizations wanting to retain implemented single sign-on capabilities.
In any case, Epps describes a cutover migration as following a few steps via the Exchange Admin Center. Cutover migrations involve a synchronization process that "can take some time," he notes. Other steps in the process include migrating public folders, assigning Office 365 licenses, verifying DNS records and configuring desktops to use Office 365.
Third-Party Migration Solutions
Microsoft partner Dell offers Migration Manager solutions that promise to enable "single-step" migrations from older Exchange versions to Exchange 2013 or Exchange Online. The solutions include Dell's Migration Manager for Exchange and Migration Manager for Active Directory, which support migrations from versions as old as Exchange 2000. A new version of the Active Directory component will add Windows Server 2012 R2 support.
"Our Migration Manager for Exchange product will migrate to Exchange that's installed on Windows Server 2012 R2, but our Active Directory component won't migrate user accounts to Windows Server 2012 R2. That release is coming up in the next month or two," explained Ron Robbins, a product manager at Dell, in a phone call.
The Dell OnDemand Migration for Email solution is a tool for IT pros to migrate end users to Office 365, hosted Exchange and even premises-based Exchange. The company also has a new Dell Migration Manager for .PSTs to track down mailbox archives. Dell's tools also support migrations from GroupWise or Lotus Notes.
In Exchange migrations, the challenges that organizations face are minimizing the move impacts on end users, establishing coexistence of the Exchange versions, and synchronizing directories, calendars and public folders. The synchronization part is important so that when the service moves, users won't notice a difference, Robbins noted.
Dell's various tools offer a four-pronged approach for migrations. The tools enable preassessment, data migration, coexistence and management after the migration is completed. The tools can be used by anyone in an organization, but the migration solutions are delivered by Dell or its partners, according to Robbins. Dell claims to have migrated over 40 million mailboxes to Exchange.
CodeTwo, a Microsoft partner company based in Jelenia Góra, Poland and founded in 2007, is another maker of Exchange migration software, among other tools. The company makes a single-hop migration tool for moving from Exchange 2003 (and later Exchange versions) to Exchange 2013. There's also a tool for moving to Office 365, which is offered for free if CodeTwo is an organization's "partner of record" for Office 365.
CodeTwo's Exchange Migration tool gets installed on a workstation within the source Active Directory domain using the domain administrator's profile. The software is run by an IT pro -- there's no third-party support offered. The tool helps with specific problems associated with an Exchange migration.
For instance, CodeTwo claims its tool can help avoid.PST export and import issues. When exporting .PST files from Exchange 2003 and importing them into Exchange 2013, IT pros need to add the legacy Exchange domain name X500 addresses to each imported mailbox as "a proxy address in the target location," according to a CodeTwo blog post. IT pros can run a PowerShell script to do that, but CodeTwo's software sets that process up within a more user-friendly graphical user interface. However, CodeTwo warns that "exporting/importing .PST files across forests doesn't work in large companies."
Another problem for organizations migrating from Exchange 2003 is migrating public folders. That operation just isn't supported when moving from Exchange 2003 to Office 365, according to this TechNet library article. Public folders have to be moved to "Exchange 2007 SP3 RU10 or later" first, according to Microsoft. Likewise, migrating public folders from Exchange 2003 to Exchange 2013 isn't supported.
Given that public folder limitation, CodeTwo's blog offers another caveat if an organization chose to export and import .PSD files.
"Another important problem to consider while using the export/import PST option are public folders, if you use them," the blog states. "Re-importing them in the target location will not recreate the folder permissions and you will have to set them manually. If your organization uses a complex public folders structure, re-creating the permissions can obviously become a nightmare."
CodeTwo claims that its migration tool obviates the need to import .PST files. If so, it could bypass some of those migration headaches. The product has been reviewed by two Microsoft MVPs, which can be found at this blog post.
The CodeTwo Exchange Migration tool has a process that matches mailboxes on the source and destination sides of an Exchange migration. That process takes a while to run because of the amount of data transferred. CodeTwo's tool includes a scheduler to help set up that process for a time when end users are not at work.
There are a number of other third-party software migration solutions out there. BitTitan offers its MigrationWiz solution, which uses a cloud-based service to help migrate various e-mail systems to Exchange, Office 365 or Gmail. In addition, BitTitan offers a handy migration checklist at this page. BinaryTree offers its E2E solution to help with intraorganizational or interorganizational (cross-forest) Exchange migrations. Kerio has an Exchange Migration Tool that supports legacy Exchange moves, which the company describes as "fully automated." Priasoft offers its Migration Suite for Exchange that supports cross-forest migrations from legacy Exchange versions. IceWarp has an Exchange Migrator product designed for small-to-medium business and enterprise Exchange migrations. Lepide offers Exchange Migration and Exchange Recovery Manager software tools. Sherpa Software has a tool specifically designed to help locate and move .PST files for importation into a cloud-based repository or Exchange 2010.
The Office 365 Option
It's no secret that Microsoft has put its cloud services development efforts first, while promising a more frequent update cycle for IT pros managing on-premises Exchange instances. IT pros that manage hybrid Exchange deployments, in both the cloud and on premises, are actually required, per Microsoft's conception, to keep their Exchange patching up to date. Exchange updates now get released on a quarterly basis, but those releases haven't been without problems in the recent past.
Such a situation might be enough to drive some organizations toward Microsoft's Office 365 cloud, which installs updates automatically. So far, though, of Exchange users, 15 percent are using Exchange Online vs. 85 percent tapping Exchange Server deployments, according to 2013 stats from The Radicati Group.
Microsoft offers Office 365 subscriptions directly. The service is also sold by Microsoft's partners, often promising more enhanced support options than offered by Microsoft's plans. The top hosted Microsoft Exchange service providers include Microsoft, Intermedia, Apptix and SilverSky, according to a report (PDF) by The Radicati Group.
Intermedia, a provider of cloud services to small-to-medium businesses, outlines three main ways to move to hosted Exchange. First, it's possible for an organization to manage the move itself via a cutover migration, in some cases. Second, Exchange 2010 can be deployed first to create a hybrid scenario with Office 365. Lastly, organizations can hire a consultant or partner to manage the move.
Intermedia offers migration services, in addition to selling hosted solutions. The company claims to have performed more than 300,000 mailbox migrations since 2010. When performed using Intermedia's Cloud Concierge for Exchange 2003 team, there's no requirement to upgrade to Exchange 2010 first, the company claims. All of those Concierge team members have Microsoft certifications at the system administrator level, according to the company. In addition, if an organization wants to roll back the migration, Intermedia provides "offboarding" support, which is performed by the same team.
Running Exchange on premises offers control for organizations, but it also incurs certain costs. During a recent Webinar, Intermedia estimated the costs of migrating to Exchange 2010 or Exchange 2013 for a 25-user environment at $10,325 for hardware and labor plus $150 per month for additional expenses. That amounts to $17 per user per month, according to Intermedia, but there are other costs as well.
"What goes into an on-premise Exchange deployment? Most important: it's not just migrating Exchange server," said Marc Blakeney, marketing director for Exchange at Intermedia, during the Webinar. "The entire network topology is going to change and it's going to require an investment." He cited examples such as having a separate data storage server, establishing redundancy and failover, as well as having the right firewalls and encryption in place.
"I'm dumbfounded about how much expertise is needed and how complex Exchange is," said Ryan Barrett, vice president of security and privacy at Intermedia, during the Webinar. "The database servers, the DACs that are needed…I can't imagine trying to build that in a one- or two-man shop. If you're running Exchange 2003 and want to move to Exchange 2013, get a consultant…. Taking it on yourself is just crazy."
As for electing to use Exchange Online or any other cloud-based e-mail service, there are a few key considerations, according to Intermedia. Organizations should ask if a provider offers full migration services. They should check if the provider offers support during and after the migration. Service level agreements (SLAs) need to be investigated. Microsoft offers a 99.9 percent SLA for Exchange Online, which amounts to eight hours of downtime per year. The security of the service is another consideration.
Barrett noted that there are some risks to using Exchange Online because it's a multitenant solution. It's run from datacenters that host multiple clients simultaneously. He recommended asking about third-party audit reports, such as the more stringent SOC 2 reports, rather than SAS 70 or SSAE 16 reports.
"You should ask if the provider provides redundant firewalls," Barrett said. "Do they have multiple intrusion prevention systems employed for host and network?"