On-Premises Exchange 2003/SBS to On-Premises Exchange (versions 2013 and later) Migration Guide

Introduction

This is the complete onboarding task flow for migrating mailboxes from On-Premises Exchange 2003/SBS to On-Premises Exchange (v. 2013 or later). 

There are some tools and resources that will make the migration easier.

Exchange questions and troubleshooting

Our Exchange Mailbox FAQ, Exchange Migration Setup and Planning, and Exchange Mailbox Migration Troubleshooting guides contain a number of common questions and concerns, along with more information, guidance, and steps to resolve issues such as throttling.

First migration?

We’ve created a guide on scoping, planning, and managing the migration process for your use. If this is your first migration, we recommend reading this guide carefully.

DeploymentPro & DMA

DeploymentPro currently can only officially be used with migration projects where Office 365 is the Destination. If using DeploymentPro with Exchange (either On-Premises or Hosted) as a Destination, then a Proof of Concept should be run first. We do recommend using DeploymentPro in this scenario.

Exchange environments can have complex AutoDiscover settings, along with UPN and SMTP address mis-matches, which can require troubleshooting and reconfiguration before DeploymentPro can be made to work against such environments.

DeploymentPro is included with the User Migration Bundle license. DeploymentPro cannot be purchased as a standalone service license, and it cannot be added to the single-use mailbox migration license. If you wish to remotely configure Outlook mail profiles using DeploymentPro after a migration, purchase the User Migration Bundle license.

The DeploymentPro Guide and DeploymentPro FAQ will guide you through the proof of concept, as well as any other DeploymentPro questions, while the DMA Installation and Introduction to DMA articles provide resources and guidance on DMA.

MigrationWiz

MigrationWiz is a migration tool, not a syncing tool. If changes are made at the source after migration, they will not sync to the destination, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and we cannot handle scenarios such as conflict resolution without user interaction.

MigrationWiz supports the capability to share migration projects across a Workgroup. When the Project Sharing feature is turned on, all Agents besides those who are Inactive can view all migrations projects. 

We are not able to support migrations with two-factor or multifactor authentication. 

Prerequisites

  1. Set up the new AD forest.
  2. Configure forest trust.
  3. Run the Active Directory Migration Tool (ADMT) to migrate objects over to the new forest.
  4. Install Exchange destination server into the new forest.
  5. Create Exchange users on new Exchange server.

OWA Configuration

Set up router ports for OWA traffic. Set different OWA URLs for each environment, and configure the router ports to accept inbound/outbound mail traffic for those OWA URLs.

Multiple router ports
Set different OWA URLS for each environment. Example: SBS Exchange 2003 server has OWA = owa.Sourcedomain.com and Exchange 2013 server has OWA = webmail.Destinationdomain.com

Single router port

Most commonly found with smaller companies, this requires setting up port translation and port redirection to handle the traffic routing.
For example, port 4443 could be set to accept traffic for webmail.Destinationdomain.com and leave port 443 to accept traffic for owa.Sourcedomain.com.

  • Port translation would need to be configured on the router so that incoming traffic on port 4443 would then be translated to port 443.
  • Port redirection would need to be configured on the router so that after translation this traffic would then be redirected (using port redirection) to the new (Destination) Exchange 2013 server.
  • For traffic coming into port 443 there is no port translation. It is just redirected to the old Exchange 2003 (Source) server.

Prepare the Source Environment

Create Administrator account

Set up an administrator account for migration on the Source Exchange mailbox server. EWS must be working on the Source Exchange server.

To test:

  1. Close all browser instances. This ensures that all session state browser cache is flushed.
  2. Open a new browser instance.
  3. Navigate to your OWA login page.
  4. Log in to OWA.
  5. Once you see the inbox, copy the URL from the navigation bar of the browser. This is the exact OWA URL that should be entered into MigrationWiz​.

OWA

If you have not already done so, set up router ports for OWA traffic, following the steps in the Prerequisites section of this article. Set different OWA URLs for each environment and configure router ports to accept inbound/outbound mail traffic for those OWA URLs.

If you have followed through all the prerequisite steps of this guide, this step will already have been completed.

Test mailbox access

  1. Browse to https://login.microsoftonline.com.
  2. Log in as admin email address.
  3. Enter the exact same password as specified in MigrationWiz.
  4. Enter the Admin
  5. Click on Users, then Active Users.
  6. Search for users entered in MigrationWiz to make sure the admin email address and the end user´s email address specified in MigrationWiz are not misspelled by searching for them.
  7. Make sure all users have licenses assigned to them. All mailboxes on the Source system are created as mail users in Office 365. When you assign a license to the mail user, it will become a mailbox user. We need a mailbox at the Destination in order to be able to migrate data.
  8. If you are not using impersonation, make sure the admin account has a license assigned to it. This can even be a temporary trial license.

Configure Exchange

Configure the Exchange authentication method.

Increase MAPI named property limits

  1. Start the Registry Editor on the mailbox server.
  2. Locate the following registry key:
    • HKLM\SYSTEM\CurrentControlSet\Services\MSExchangeIS\<ServerName>\<Private-GUID>
  3. Set the following DWORD values or create new values if they do not exist.
    • NonMAPI Named Props Quota == 00007fff
    • Named Props Quota == 00007fff

You may either wait approximately 30 minutes for these values to take effect automatically, or reboot the server to take effect immediately.

Prepare the Destination Environment

  1. Create an admin account for migration that has full access permissions to all mailboxes.
  2. Set up a remote PowerShell session with Exchange 2010+.

Grant access

To manually grant administrative access for migration, execute the following PowerShell command in the Exchange PowerShell Console:
Get-Mailbox -ResultSize Unlimited | Add-MailboxPermission -AccessRights FullAccess -Automapping $false -User MigrationWiz

In the PowerShell script above, change the -User account to match the name of the admin account that was set up for migration.

Any user account that is a part of the domain administrator, schema administrator, or enterprise administrator groups will not have any administrative rights to mailboxes, no matter how many permissions are granted. A security default of Exchange Server is to explicitly deny any user that is a member of these groups. This is why we recommend creating a new user account specific for migration.

Disable Throttling

Disable throttling against the admin account.

To disable all throttling parameters for an admin account called "MigrationWiz":

  1. Open the Exchange Management Shell.
  2. Type the following command and press Enter.

    New-ThrottlingPolicy MigrationWizPolicy

  3. Type the following command and press Enter.

    Set-ThrottlingPolicy MigrationWizPolicy -RCAMaxConcurrency Unlimited -EWSMaxConcurrency Unlimited -EWSMaxSubscriptions Unlimited -CPAMaxConcurrency Unlimited -EwsCutoffBalance Unlimited -EwsMaxBurst Unlimited -EwsRechargeRate Unlimited

  4. Type the following command and press Enter.

    Set-Mailbox "MigrationWiz" -ThrottlingPolicy MigrationWizPolicy

Verify mailbox accessibility using EWS

  1. Browse to https://login.microsoftonline.com.
  2. Log in as admin email address.
  3. Enter the exact same password as specified in MigrationWiz.
  4. Enter the Admin
  5. Click on Users, then Active Users.
  6. Search for users entered in MigrationWiz to make sure the admin email address and the end user´s email address specified in MigrationWiz are not misspelled by searching for them.
  7. Make sure all users have licenses assigned to them. All mailboxes on the Source system are created as mail users in Office 365. When you assign a license to the mail user, it will become a mailbox user. We need a mailbox at the Destination in order to be able to migrate data.
  8. If you are not using impersonation, make sure the admin account has a license assigned to it. This can even be a temporary trial license.

Large Items

Increase Message Size Limits

This is a two-step process. The reason for this is that if the message size limits of Exchange are increased, the IIS limits will also have to be increased to allow increased payloads. There are other non-standard settings that can also cause size restrictions for the IIS or EWS connections, but we are unable to troubleshoot or identify specific environment restrictions outside of these settings.

To display current message size limits:

  1. Open the Exchange Management Shell.
  2. Enter the following commands:

Get-TransportConfig | Format-List -Property MaxReceiveSize, MaxSendSize
Get-SendConnector | Format-List -Property Identity, MaxMessageSize
Get-ReceiveConnector | Format-List -Property Identity, MaxMessageSize
Get-MailBox | Format-List -Property PrimarySmtpAddress, MaxSendSize, MaxReceiveSize

To increase message size limits on the Exchange Server:

  1. Open the Exchange Management Shell.
  2. Enter the following commands:

Set-TransportConfig -MaxReceiveSize 150MB -MaxSendSize 150MB
Get-SendConnector | Set-SendConnector -MaxMessageSize 150MB
Get-ReceiveConnector | Set-ReceiveConnector -MaxMessageSize 150MB
Get-Mailbox | Set-Mailbox -MaxSendSize 150MB -MaxReceiveSize 150MB

 

Increase IIS Limits to Allow Accepting Payloads

There are three limits that should be increased in IIS:

  • maxRequestLength
  • maxAllowedContentLength
  • maxReceivedMessageSize

Follow these steps to increase the Exchange message size limits on your client access server:

  1. OpenWindows Explorer.
  2. Navigate to %ExchangeInstallPath%FrontEnd\HttpProxy\ews\
  3. Open the file Web.Config in a text editor, such as Notepad.
  4. Find the XML tag starting with for each change.
  5. Change the existing value to maxRequestLength="200000" -- this occurs in one place in the Web.Config file.
  6. Change the existing values to maxAllowedContentLength="200000000" -- this occurs one place in the Web.Config file.
  7. Change the existing values to maxReceivedMessageSize="200000000" -- this entry occurs up to 12 times. This needs to be changed for each Authentication method.
    For example:
    <httpsTransport maxReceivedMessageSize="200000000" authenticationScheme="Anonymous" maxBufferSize="81920" transferMode="Streamed" />
    <httpsTransport maxReceivedMessageSize="200000000" authenticationScheme="Basic" maxBufferSize="81920" transferMode="Streamed" />
    etc.
  8. If you are running IIS7 and Windows 2008, it may be necessary to increase WCF settings.
  9. Save the file.
  10. IIS Reset is not needed, web.config changes are picked up by the next connection.

Follow these steps to increase the Exchange message size limits on your mailbox server:

  1. OpenWindows Explorer.
  2. Navigate to %ExchangeInstallPath%ClientAccess\exchweb\ews\
  3. Open the file Web.Config in a text editor, such as Notepad.
  4. Find the XML tag starting with for each change.
  5. Change the existing value to maxRequestLength="200000" -- this occurs in one place in the Web.Config file.
  6. Change the existing values to maxAllowedContentLength="200000000" -- this occurs one place in the Web.Config file.
  7. Change the existing values to maxReceivedMessageSize="200000000" -- this entry occurs up to 12 times. This needs to be changed for each Authentication method.
  8. If you are running IIS7 and Windows 2008, it may be necessary to increase WCF settings.
  9. Save the file.
  10. IIS Reset is not needed, web.config changes are picked up by the next connection.
Increase Maximum Accepted Content Length

You may increase the maximum accepted content length by following these directions:

  1. Open Windows Explorer.
  2. Navigate to C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\ews
  3. Open the file Web.Config in a text editor such as Notepad.
  4. Go to the end of the file.
  5. Insert or edit the following XML code before the </configuration> tag:

    <system.webServer>
    <security>
    <requestFiltering>
    <requestLimits maxAllowedContentLength="104857600" />
    </requestFiltering>
    </security>
    </system.webServer>

If XML code is already present in the Web.Config file, edit it to match what is shown above.

Sample Web.Config before changes:

<configuration>
<system.web>
...
...
</system.web>
</configuration>

Sample Web.Config after changes:

<configuration>
<system.web>
...
...
</system.web>
<system.webServer>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="104857600" />
</requestFiltering>
</security>
</system.webServer>
</configuration>

 

Increase Maximum Received Message Size

If you are running IIS7 and Windows 2008, you may need to increase WCF settings:

  1. Open Windows Explorer.
  2. Navigate to C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\ews
  3. Open the file Web.Config in a text editor like Notepad.
  4. Find all XML tags starting with maxReceivedMessageSize=
  5. Change existing values to maxReceivedMessageSize="104857600"
  6. Save the file.
  7. Open a Command Prompt (cmd.exe).
  8. Type: cd %windir%\system32\inetsrv
  9. Type: appcmd.exe set config "Default Web Site/ews" -section:requestFiltering -requestLimits.maxAllowedContentLength:104857600
  10. Run: iisreset

 

MSPComplete Steps

Create Customer

  1. Click the Add button in the top navigation bar
  2. Click the Add Customer button on the All Customers page
  3. In the left navigation pane, select the appropriate workgroup and then click All Customers.
  4. Click Add Customer.
  5. Enter the new customer’s information in the Add Customer form. Primary Email Domain and Company Name are required. The rest are optional.
  6. Click Save.
  7. Repeat steps 1 through 4 for each customer you want to add. 

Purchase licenses

We recommend that you purchase the User Migration Bundle license for this migration scenario. User Migration Bundle licenses allow multiple types of migrations to be performed with a single license. They also allow DeploymentPro to be used to configure Outlook email profiles. For questions on licensing, visit MigrationWiz Licenses

To purchase licenses:

  1. Sign in to your BitTitan account. 
  2. In the top navigation bar, click Purchase.
  3. Click the Select button and choose User Migration Bundle licenses.
  4. Enter the number of licenses you want to purchase. Click Buy Now.
  5. Enter a Billing address if applicable.
  6. Click Next.
  7. Review the Order Summary and enter a payment method.
  8. Click Place Your Order.

Deploy DMA to users

To deploy the BitTitan Device Management Agent (DMA) through email, you ask users to manually install the agent.

We recommend installing DMA through a group policy object because it’s automated and non-intrusive.

To deploy DMA through email:

  1. Click  Customers   on the navigation sidebar.
  2. Click the customer name for which you wish to deploy DMA.
  3. Click  Users .
  4. Add a checkmark next to the user(s) that should receive the email.
  5. Click the  Enable Device Management Through Email  button.
  6. In the Enable Device Management via Email panel, enter your email address in the  Reply-To Address  field.
  7. Confirm that all of the users you chose are listed in the To field.
  8. To personalize the email message that the customer's users will receive, type your changes into the message body text box. If the customer's computers use a proxy, you must add instructions to run the DMA installer with command line parameters that ensure DMA is able to transmit data through the proxy. 
  9. Click  Send Agent Email .

The customer’s users will receive the email asking them to manually install the agent.​ The users and their computer information will start populating in MSPComplete under the customer’s context soon after the agent is installed and running.

Once DMA has been deployed to users, check the Users tab in MSPComplete. This will be populated with the user accounts that have DMA installed. DMA can be deployed by these options:

DeploymentPro Steps

  1. Launch DeploymentPro.
    1. Go to All Products > Device Management, click on DeploymentPro on the far left and follow the prompts to launch.
    2. Select a customer from the list by clicking on the customer name. The status column will show Enabled when a customer account has had DMA deployed to users.
    3. Configure customer DeploymentPro module:
    4. Enter the Domain.
    5. Select the Destination endpoint.
    6. Checkmark the Auto-populate
    7. In the Client Interface Configurations section, upload your company logo and add supporting text. We strongly recommend doing this because this is the logo and text that end users will see in a desktop pop-up when they are prompted to reconfigure their Outlook profiles. If you do not upload your own logo, the default BitTitan logo will be included instead.
    8. Save and continue.
  2. Activate DeploymentPro module for users by either selecting all users (by check-marking the box to the left of the Primary Email column heading), or select individual users (by check-marking the boxes to the left of the user email addresses).
  3. Click the Schedule Cutover
  4. Schedule the profile cutover date.
  5. Set the date and time for the Outlook profile configuration to occur, and click the Schedule Cutover 
    1. The DeploymentPro module will install on user devices immediately and then run silently until this date.
    2. The profile cutover date should be set to a date and time that is shortly after MX record cutover.
    3. On the profile cutover date, users will be guided through the reconfiguration of their Outlook profile.

MigrationWiz Steps

Create a Mailbox Migration project

  1. Click the Go to My Projects button.
  2. Click the Create Project button.
  3. Click on the type of project that you wish to create. For this migration:
    • Mailbox: Mailbox projects are used to migrate the contents of the primary user mailbox from the previous environment to the new environment. Most mailbox migrations can migrate email, calendars, and contacts.

For mailbox migrations, use administrative credentials to access mailboxes​. In most migration scenarios, the admin account needs to have full access rights to the Source mailboxes. 

  1. Click Next Step.
  2. Enter a Project name and select a Customer.
  3. Click Next Step.
  4. Select a Source Endpoint or create a new endpoint.
  5. To create a new source endpoint:
    1. Click New
    2. Name endpoint
    3. Select type Exchange Server 2003+
    4. Enter the OWA URL
    5. Provide credentials: Click the Provide Credentials radio button, and enter the admin account credentials for the account that was set up under the “Prepare the Destination Environment” section of this guide.
    6. Click Add
    7. Click Next Step
  6. Select or create a new destination endpoint.
  7. To create a new destination endpoint:
    1. Click New
    2. Name endpoint
    3. Select type Exchange Server 2003+
    4. Enter the OWA URL
    5. Provide credentials: Click the Provide Credentials radio button, and enter the admin account credentials for the account that was set up under the “Prepare the Destination Environment” section of this guide.
    6. Click Add
  8. Click Next Step
  9. Click Save and Go to Summary.

Add Users

Add the user accounts that will be migrated to the project. This may be done in several ways, depending on the size of the project. Steps for each option are in the accordion below, simply click to show the option you select and follow the guidance there.

Small Migrations:

For small migrations, it is easy to add users one-at-a-time using Quick Add. The steps for this are below. 

Larger Migrations:

For larger migrations, we recommend either using the Autodiscover or Bulk Add option.

Autodiscover will add all users found on the source tenant. This can then be edited in the project to remove users not being migrated. All users will be added with the source and destination email addresses set to match the source email. This can be changed by using the Change Domain Name button at the top of the project page. If the usernames are changing during the migration, we recommend using the Bulk Add option.

Bulk Add uses a CSV containing the source and destination email addresses for the users to add the users to the project. If migrating only a specific group from a tenant, we recommend using the Bulk Add option.

Quick Add
This option allows you to add items one at a time. You have to enter an email address, login name, and password for each user if you didn't enter administrative credentials when setting up the project. You only have to provide an email address if you entered administrative credentials when setting up the project.
Bulk Add

MigrationWiz allows you to bulk import mailboxes into the system.

To import one or more mailboxes:

  1. Sign in to your MigrationWiz account.
  2. Select the Project for which you want to perform the bulk import.
  3. Click on Add .
  4. Click on Bulk Add .
  5. Follow the instructions on the page.
Autodiscover

​The Autodiscover process within MigrationWiz can be used to discover items from the Source environment, so that they can be imported into your projects.

There are few requirements in order for this to work:

  • The Source has to be Exchange 2007 or later.
  • The endpoint on the Source needs to use admin credentials.
  • For mailbox migration projects, the admin account that is specified within the Source endpoint needs to have a mailbox associated with it.
  • The admin mailbox must be listed in the public Global Address List (GAL).

One additional item to note here is that there is not a way to restrict the IP addresses that the connection will come from.  This means that the steps outlined in our IP Lockdown guide will not apply here.  If your environment requires that any IP addresses be whitelisted, it is recommended that items be added to your project using on of the other available options.

Autodiscover of items will not work while using Modern Authentication

Autodiscovery exposes the following items:

  • For mailbox migration, autodiscovery will list all mailboxes at the Source.

Steps to Run Autodiscover

  1. Navigate to the project you want to import users into.

  2. Ensure that you have created an endpoint for the source project.

  3. Once in the project, on the top navigation bar, click on the Add drop-down, then select Autodiscover Items. This will begin the Autodiscover process.

  4. Once discovered, click on the Import button, to import the items into your MigrationWiz project.

Add Advanced Options

  1. The following options are most valuable for this migration scenario:
    • Set Maximum concurrent migrations. If the Source server has enough server resources, set this parameter based on the bandwidth guideline of three (3) mailboxes per 1MBPS of bandwidth. Therefore, for example, if there is a 10MBPS connection, we recommend setting the maximum concurrent migrations parameter to be 30. If the Source server has very few available server resources (e.g., it is running low on memory or it has a very high CPU utilization), we recommend setting this value to a lower number to avoid overwhelming the Source server with requests.

Run Verify Credentials

  1. ​Sign in to your MigrationWiz account​.
  2. Open the Project containing items you wish to validate​.
  3. Select the items you wish to validate.
  4. Click on the Start button in your dashboard.
  5. Select Verify Credentials from the drop-down list.

Once complete, the results of the verification will be shown in the Status section.​ 

Notify Users

Notify users that a migration is occurring. Send email to all users telling them the time and date of the migration.

Run Migration

Pre-Stage pass

  1. Select the users you wish to migrate
  2. Click the Start button from the top
  3. Select Pre-Stage Migration
  4. Under the Migration Scheduling section, from the drop-down list, select 90 days ago
  5. Click Start Migration.

MX Record Cutover

Change over MX records on the DNS provider's portal.

Also, include the AutoDiscover (CName) setting.

Send email to end users to let them know what to expect for their Outlook profile reconfiguration. 

Full (Delta) pass

  1. Select the users
  2. Click the Start button from the top
  3. Select Full Migration
  4. Click Start Migration

Run Retry Errors

Look through the user list and click any red "failed migration" errors. Review the information and act accordingly.

If problems persist, contact Support.

Outlook Configuration

If not using DeploymentPro, then users must now create new Outlook profiles, and set up their signatures again, and reattach any PST files that were attached to their previous profile.

Request Statistics

Click the pie chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics.

Was this article helpful?
0 out of 0 found this helpful