Try the all-new QuickBooks Online for FREE.  No credit card required.

Exchange 2010 Deployment and Migration Best Practices

Document Sample
Exchange 2010 Deployment and Migration Best Practices Powered By Docstoc
					Exchange 2010 Deployment and
   Migration Best Practices

        Kieran McCorry
     Hewlett Packard Co Ltd
• Deployment scenarios
• Deployment prerequisites
  Deplo ment prereq isites
• Role configuration
•                  p y
  Virtualization deployment
• Migration and Coexistence
• Sizing

Server Deployment Scenarios
Small and Medium-Size Organizations
•   Small organizations
     ●   Exchange Online
     ●   Combined role servers – can run all roles on 2 servers (including High Availability
•   Mid-market – multiple servers to run
     ●   Active Directory (AD)
     ●   Dedicated Mailbox server role
     ●   Client Access server and Hub Transport server role – potentially combine
     ●                                 (optional,
         Unified Messaging server role (optional dedicated)
     ●   Combined roles
     ●   Can install Hub, CAS and/or UM on a Mailbox server that is part of Database
         Availability Group (DAG).
     ●   Cannot combine Edge Server role with other roles
     ●   UM combination only recommended in a single server deployment
     ●   Role combination is always a performance management exercise
Server Deployment Scenarios
Large and Complex Organization

• Large and/or complex organizations
  ●   Consider dedicated server(s) for:
       •   Mailbox server role
       •   Client Access server role
       •   Hub Transport server role
       •   Unified Messaging server role (optional)
       •   Edge Transport server role (must be dedicated)
  ●   Follow current best practices for Active
      Directory infrastructure
What’s Gone?
• Exchange Server 2007 features dropped from Exchange
  Server 2010
   ●   Local Continuous Replication (LCR)
   ●   Fax services
   ●   Single copy clusters (SCC) and along with them:
        • Shared storage
        • Pre-installing a cluster
   ●   Clustered mailbox servers
        • Running setup in cluster mode
        • Moving a clustered mailbox server
   ●   Storage groups
        • Properties moved to database objects
   ●   Two copy limitations of cluster continuous replication (CCR)
   ●   Streaming backups
The New CAS
•   All client connections are routed through a CAS server role
•   Outlook communicates with the CAS server for all workloads
    ●   Outlook Web Access (OWA)
    ●   Exchange Active Sync (EAS)
    ●   Outlook A   h
        O tl k Anywhere
    ●   POP3 and IMAP4
    ●   MAPI/RPC now uses RPC Client Access (aka MOMT)
•   You      th
    Y must have at least one CAS server role in each site where
                      tl     t                l i     h it h
    Exchange Server 2010 Mailbox server(s) exist
•   Outlook no longer connects to the mailbox server role
•   CAS server needs good network connection to Mailbox
    server role to facilitate RPC communication
Exchange 2010 Architecture
                                  Enterprise Network               Phone system
                                                                   (PBX or VOIP)

                Edge Transport                Hub Transport
                Routing & AV/AS               Routing & Policy

                                                 Mailbox           Unified Messaging
                                                Storage of            Voice mail &
     Mobile                                    mailbox items          voice access

                                              Client Access
                                             Client connectivity
browser                                        Web services

   Outlook                                                               Line of business
(remote user)                                                               application

                                  Outlook (local user)
More on CAS...
•          y        g
    Capacity planning
     ●   More load on Exchange Server 2010 CAS server than on Exchange
         Server 2007 CAS server
•   Never deploy CAS server in perimeter network
•   Authentication is performed by CAS server (EAS, OWA, Outlook
•   Client Migration
     ●   Outlook 2007 clients and higher will automatically be reconfigured by
         Autodiscover when the mailbox is moved from Exchange Server 2007 to
         Exchange Server 2010
     ●   Legacy clients will communicate with the RPC Proxy component on the
         CAS 2010 to access the mailbox
•   Utilize ISA Server for web publishing
    where possible
Exchange Server 2010 Prerequisites

• Active Directory
   ●   Windows Server 2003 SP2 or higher Global Catalog server is
       installed in each Exchange AD site
   ●   Windows Server 2003 or Windows 2008 forest functional level
        • W2000 native and W2003 interim not supported
   ●   Windows Server 2003 or Windows 2008 domain functional level
       for each domain hosting Exchange 2010 servers
                             g       g
        • W2000 mixed, W2000 native, W2003 interim not supported
   ●   AD RAP (Risk Assessment Program) is recommended
   ●   Schema Master FSMO should have the latest W2003 (W2003
       SP1 minimum) or W2008 OS
Installation Requirements

• Windows Server 2008 64-bit editions only
   ●   W2008 SP2 or R2
        • Standard Edition
        • Enterprise Edition
        • Datacenter Edition
• Exchange Edition determined by product key
   ●   Standard     Enterprise; but no downgrade
• Install W2008 pre-reqs for the appropriate server role
   ●                     ip Exchange Typical.xml
       ServerManagerCmd –ip Exchange-Typical.xml
Preparing To Install
• Validate existing environment
• DCDiag: basic domain
• NetDiag: domain controller
  network diagnostics
• REPLMon: replication monitor
• NETDom: domain and trust
• Windows Update
• Ensure media local
   ●   ‘An error occurred while copying
       the file... error code was 5.’
Preparing AD
●   Setup /PrepareSchema (/ps)
     ●   Requires Schema Administrator and
         Enterprise Administrator rights
     ●   Must be done from an Exchange server
     ●   Domain Administrators and Schema
         Administrators of the root domain
     ●   Verify Replication
     ●   Organization name not required
●   Setup /PrepareAD (/p)
     ●   Requires Enterprise Administrator
     ●   Exchange Organization Administrator rights
         if the enterprise administrators have been
         explicitly denied access to the Exchange
     ●   Requires /OrganizationName (/on)
●   Setup /PrepareDomain (/pd)
     ●   Requires Domain Administrator rights
●   Setup /mode:install /roles:H,C,M or via GUI
Client Access Server Role

• Verify the installation
• Secure the Client Access server messaging
   ●   Use the Security Configuration Wizard
   ●   Ensure that a valid third-party commercial SSL certificate or
       Windows PKI certificate is installed on the Client Access server
• Configure Autodiscover
• Configure OAB distribution point
• Optional: Configure Availability service for other
  Exchange organizations
• Optional: enable Outlook Anywhere
• Customize Exchange ActiveSync
  mailbox policies
Hub Transport Server Role

• Configure accepted domains
   ●   Create an accepted domain for each domain for which you will
       accept email
  Integrate with Edge Server (if present)
• I t    t   ith Ed S                  t)
• Configure Internet Mail Flow
   ●   Manual process if Edge is not configured
• Ensure at least one HUB role per Exchange/AD site
• Design for redundancy (exploit shadow routing)

• Use the PowerShell cmdlets to test CAS and HUB roles
   ●   SCOM 2007 R2 E2010 Mgt Pack
   ●   Test-OutlookWebServices, Test-Mailflow, etc.
Edge Transport Server Role

                      p      y
• Must be installed separately
   ●   Cannot have other roles installed
• Must NOT be member of the production AD forest
   ●   Can be a member of a perimeter network AD forest
• Uses Active Directory Lightweight Directory Services
   ●   ADLDS
   ●   Stores configuration and recipient information
Exchange 2010 Architecture
                                  Enterprise Network               Phone system
                                                                   (PBX or VOIP)

                Edge Transport                Hub Transport
                Routing & AV/AS               Routing & Policy

                                                 Mailbox           Unified Messaging
                                                Storage of            Voice mail &
     Mobile                                    mailbox items          voice access

                                              Client Access
                                             Client connectivity
browser                                        Web services

   Outlook                                                               Line of business
(remote user)                                                               application

                                  Outlook (local user)
Edge Transport Server Role Post Install

•   Verify successful role installation (setup logs, etc.)
•   Set Administrator Permissions (local)
•   Lock down via the Security Configuration Wizard
                               y       g
•   Configure agents for
    ●   antivirus and anti-spam protection
    ●   message policy
    ●   message security features
  Use Clone mechanism if i t lli additional Ed
• U Cl           h i     installing dditi l Edge
  Transport servers,
• Enable Edge synchronization
Edge Transport Server: EdgeSync

•   Edge synchronization is needed to use the Recipient Lookup and Safe
    Sender features
•   To enable Edge Synchronization you must:
     ● Export the Edge Subscription file on the Edge Transport server
     ● Copy the Edge Subscription file to the Hub Transport server
     ● Import the Edge Subscription file on the Hub Transport server
     ● Run EdgeSync and verify the synchronization completed
•   You can also have the Internet Send Connector created automatically as
    part of this process
•   Hub Transport server will provision certificates to secure Edge-Hub
•   You will need to repeat this process for each Edge Transport server that
    will receive Internet email
•   On an hourly schedule, the Hub Transport server role
    publishes recipient data to Edge Transport server role
Mailbox Server Role

•        y
    Verify successful installation of Mailbox server role
•   Configure permissions using the Exchange administrator roles
•   Create mailboxes for users in your organization as needed
•   Move mailboxes from an existing Exchange Server
                                      g        g
•   Configure public folders (optional)
•   Configure Messaging Records Management
•   Configure continuous replication for data and service availability
•   Configure backups for disaster recovery
•   Configure Calendar Concierge features
•             out of office
    Configure out-of-office features
•   Configure the spam confidence level (SCL) junk e-mail folder
Unified Messaging Server Role

• Unified Messaging server must be a member of a
  domain before the Unified Messaging server role
  is installed for a new Unified Messaging server
  object to be created during the installation
• Infrastructure placement: corporate network
                  p              p
• Requires Mailbox and Hub Transport server roles
  g     g          g
Migrating to Exchange 2010

     in place
• No in-place upgrades
  ●   Significant storage schema modifications (fewer,
      bigger IOs: table changes)
  ●   Many installations too complex
       • Third party product interactions
  ●   Legacy clustered systems
• Other Challenges
  ●   R        i legacy h d
      Re-purposing l    hardware
       • Not just servers, but disks and SANs
  g     g          g
Migrating to Exchange 2010

• Exchange Server 2010 cannot be installed if Exchange
  Server 5.5 or 2000 servers exist in the organization
• Cannot add Exchange Server 2007 servers to a new
  Exchange Server 2010 organization
• Exchange organization must be in native mode
• Minimum versions for legacy Exchange
   ●   Exchange Server 2003 SP2
        • RGC requirements and Outlook 2003 OAB/PF requirements
   ●   Exchange Server 2007 SP2 on all CAS servers where Outlook 14
       is the client and the mailbox is on Exchange Server 2010
   ●   Exchange Server 2007 SP2 on all Exchange
       Servers in any site that will contain Exchange
       Server 2010 servers
Transition Strategy

  To d l             l
• T deploy server roles,
  use this sequence:
  ●   Client Access server role
  ●   Hub Transport server role
  ●   Mailbox server role
  ●   Edge Transport server
      role (optional) on
      separate server
  ●   Unified Messaging server
      role (optional)
• Use Move Mailbox
    Remote Connectivity Analyzer
•    https://www.
•    Test
      ●   Exchange ActiveSync (EAS)
      ●   Exchange Web Services
      ●   Outlook Anywhere
      ●   Autodiscover
      ●   SMTP

•    Use it at every step of
  Online Move Mailbox
  Minimal user disruption
               E-Mail Client
                                                  •   Mailbox Replication Service
                                                       ●              g         p       p
                                                  •   Users remain online while
                                                      mailboxes are moved
                                                       ●   At end of move:
                                                             •   User is briefly disconnected as recently
                                                                 received messages are copied over
                                                             •   Client autodiscovers new
                                                                 database location

              Client Access                       •   Administrators can perform
                  Server                              migration and maintenance during
                                                      regular hours
                                                  •   Online:
                                                       ●   E2007, E2010 -> E2010, Exchange
                                                  •   Offline:
Mailbox Server 1               Mailbox Server 2
                                                       ●   E2003 -> E2010
Scale Out vs. Scale Up

• Strategic choice made by the product group
• Product group focused on supporting large
  mailboxes at low cost, goal to further
  decrease i       t/ t t        t    d    T t l
              input/output (I/O) to reduce Total
  Cost of Ownership (TCO)
• S li up i                i k that      t
                increases risk th t an outage or
  failure affects more users
  Scaling t          id             t it for high
• S li out provides an opportunity f hi h
  availability at low cost
Processor Core Scalability
• Single role servers
  ●   12 cores maximum
       • No benefit from moving to 16 cores
       • Known issues updating memory across cores
          – Code takes longer to execute; transaction costs
                       cross talk
          – Processor cross-talk
• High scale All-in-one server possibility
  ●   16 cores max
  ●   Multiple processes
       • Cross-talk less of an issue
Exchange Server 2010 Ratio
G id li
• Processor core ratios
  ●   Client Access Server (CAS) : Mailbox = 3 : 4
  ●   HUB transport server : Mailbox
       • = 1 : 7 (no A/V on Hub)
                 (            )
       • = 1 : 5 (with A/V Hub)
  ●   Edge guidance similar to Exchange Server
  ●   GC: Mailbox
       • = 1 : 4 (32–bit GC)
       • = 1 : 8 (64 bit GC)
Load Balancing
• Windows Network Load Balancing (NLB)
       • Not recommended above 8 nodes
• Hardware load balancer
  ●   Recommended for larger environments
  ●   All-in-one High Availability (HA) scenarios
Firewall/Proxy Guidelines
•   Internet Security and Acceleration (ISA) Server 2006
    ●   Kernel memory limitations imposed by the 32-bit
    ●   ISA:CAS ratio 3:1 (worst case)
         • Important when you have a large percentage of your users connected
           via Outlook Anywhere, as the ratio of Transmission Control Protocol
           (TCP) connections to users is much higher than you would see for
           Outlook Web Access (OWA), ActiveSync, POP, or IMAP traffic
• Beyond ISA 2006
    ●   Forefront Unified Access Gateway (UAG)
         • Next-generation secure remote access product and the future version
           of Microsoft Intelligent Application Gateway—native 64-bit
    ●   Forefront Threat Management Gateway (TMG)
         • Next-generation network security product and the future version of
                         Server—native 64 bit
           Microsoft ISA Server native 64-bit architecture
Guidance for Mailbox Role
• I/O reduced by 70% from Exchange Server 2007
   ●   Optimized for Serial Advanced Technology Attachment (SATA)
• Use 4 – 8 total cores for mailbox
   ●             h    decline in throughput on single role machines
       16 cores shows d li i th        h t      i l     l     hi
   ●   4GB random access memory (RAM) with 2-6 MB per mailbox
  Size                   correctly
• Si e and prepare disks correctl
   ●   Use storage calculator
   ●   JBOD or RAID?
• Use multiple 1GB or 10GB network speeds for HA
Client Access Server
• Removal of DSProxy
• Consolidation of store access paths
• MAPI on the Middle Tier (MoMT)
    ●   Remote procedure call (RPC) endpoint f O tl k
        R   t       d      ll         d i t for Outlook
• MAPI connection pool CAS                MBX
    ●   Connection limitation on store not a factor
• Hardware requirements increased
    ●                           (    )           g
        For additional features (MoMT) and Exchange Web
        Services (EWS) services
• Use 4 to 8 cores
    ●        RAM/                d d     i )
        2 GB RAM/core recommended (8 GB min)
    ●   CAS: Mailbox = 3:4 Cores
Transport Server
• With transport dumpster changes and
  Extensible Storage Engine (ESE)
  E t    ibl St      E i
  improvements, transport I/O operations per
  second (IOPS) requirements are targeted
  to be reduced by more than 50%
• Database compression
  ●   7-bit compression and XPRESS
• DB cache size 64 MB min and 1 GB max
• Large messages are supported without
  causing backpressure
Transport Server Guidance
• Use 4-8 cores
  ●   4-8 GB of RAM recommended
      • More than 8 GB is not shown to improve TCO or
• DB cache
      • Not needed to adjust at install
      • Improvements in DB cache usage
Unified Messaging (UM) Server
G id
• Use 4 core
  ●   4-8 GB of RAM recommended
       • More than 8 GB is not shown to improve TCO or
• Not recommended combining with other roles
  ●         q     y
      Audio quality can be affected
• Place close to the mailbox servers that host
  mailboxes of the UM enabled
• Voice mail preview
  ●   Need to adjust guidance based on this feature
All in one
All-in-one Server
• MBX, CAS and Transport roles
  ●   Not sure of UM combination at this time
• Use 8 core
  ●   8 GB RAM plus 2-6 MB mailbox recommended
  ●   Max recommended RAM 64 GB
Exchange Server 2010 Server Sizing
Processor and Memory Configuration

                     Max Processor   Recommended   Max Memory        Recommended
                     Configuration     Processor   Configuration        Memory

                                                                   1 GB per core or 8
Transport Servers      12 cores        4 cores        16 GB
                                                                     GB (minimum)

Client Access                                                      2 GB per core or 8
                       12 cores        8 cores        16 GB
Servers                                                              GB (minimum)
                                                                     4 GB plus 2-6
Mailbox Servers        12 cores        8 cores        64 GB        megabytes (MB) per

                                                                    8 GB plus 2-6 MB
All-In-One Servers     16 cores        8 cores        64 GB
                                                                       per mailbox

                                                                   2 GB per core or 4
Unified                                                                 ( i i
                                                                     GB (minimum) )
                       12 cores        4 cores        16 GB

                           Hyper V
• Windows Server 2008 Hyper-V Host
• Third party virtualization validated in the
  Windows Server Virtualization Validation
  Program (SVVP)
  Must      t ll deployment guidelines f
• M t meet all d l           t id li       for
  non-virtualized systems
• Storage Independent
  ●   DAS, iSCSI
  ●   Dedicated pass-through storage
•   Exchange Server 2010 support            •   Determine where virtualization
    stance                                      actually makes sense (branch
     ●   Hub Transport, Client Access           offices/decentralized
         Server, Mailbox and Edge               environments)
•         pp
    Not Supported                                • Large servers?
     ●   Unified Messaging                  •   Power-savings and cost
•   Not Recommended                             savings possible when
     ●   Mailbox Role                           Exchange storage moves from
          • Must meet processor and disk        SAN to DAS
                                            •   Separate LUNs for Root OS,
          • Yet they say there’s a 90% IO
            reduction from 2003?                guest OS VHDs, and Hyper-
                                                V/VM storage
•   May not make sense: Edge
    Server Role                             •   Good Host and Guest
                                                performance testing
                                            •   Flexible scaling?
                                            •   No SPOFs
Virtualized Exchange
• Sizing guidance will account for expected overhead
  from virtualization technology
• Exchange application is not virtualization aware
   ●    o plans o c a ge Setup experience
       No p a s to change Se up e pe e ce
• Fully assess the risks/benefits before deploying
  Exchange in a virtualized environment
   ●   Exchange i a b i
       E h                         iti l    li ti directly ff ti
                   is business critical application di tl affecting
       broad base of users every day
   ●   Virtualization can add complexity and risk to your
       environment   t
   ●   Sharing infrastructure is a bad thing
                                 g        prior to
• Build out virtual machine configuration p
  installing Exchange
  Virtual Scenarios
 • Small office, remote or branch office with High
     ●   Reduces physical servers
 • Mobile LAN
     ●   Complete network infrastructure deployed at a
         moments notice
     ●   Exchange, file, and domain infrastructure services
 • Disaster recovery
     ●   "Warm Site”
Should you virtualize Exchange?
http://msexchangeteam com/archive/2009/01/22/450463 aspx
Exchange Supportability Statement
Virtual Support Statements
• Supported
  ●   Microsoft and third party virtualization
      platforms within the Server Virtualization
      Validation Program (SVVP)
• Not supported
  ●   Unified Messaging (UM) Role
  ●   Hypervisor-provided clustering, migration or
      portability solutions (i.e. quick migration)
• Unknown
  ●                      (i e
      Windows 7 features (i.e. live migration)
HP Stance on virtualization
• Of course virtualization makes sense
• Must understand…
  ●   Physical server load
       • # VMs, disk I/O, memory, # network connections
  ●   Individual VM load
         IOPS, M
       • IOPS Memory, CPU
• Pick an HA solution
  ●   Exchange b
      E h            d
                based = DAG
  ●   Physical server based = Hyper-V HA (no DAG)
  ●   Don’t combine the two at this time!
      Don t
HP Sizing tools

• Not released yet for Exchange 2010
• Expect similar experience as with other sizing
  ●   All tools are on active answers
  ●   Exchange 2007

  ●   OCS
  ●   Hyper V
  ●   IIS
  ●   SharePoint
  ●   SQL
Capacity Planning Tools
• Profiling
  ●   Exchange Profile Analyzer (EPA)
  ●   Performance Monitor (Perfmon)
• Sizing
  ●   Exchange Server 2010 storage calculator
      (beta    in April)
      (b t was i A il)
       • Spreadsheet available to plan for the storage you
         need based on user profile
• Validation
  ●   Jetstress 2010
  ●   Exchange load generator “Loadgen”

•   Plan your needs carefully
•   Determine which model works best for you
•   U d t your l
    Update                 i     t
                legacy environment
•   Smooth migration to Exchange 2010
Your Feedback is Important

 Please fill out a session evaluation form
  drop it off at the conference registration

                Thank   !
                Th k you!