SoCal Microsoft Technology User GroupUser Group Meeting 2013-05-06 – Thomas Stensitzki
SoCal Microsoft Technology User Group Meeting 2013-05-06IntroductionPage  2Thomas StensitzkiSenior Consultant, iCOMcept G...
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access S...
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access S...
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange 2007/2010 Server Role ArchitecturePage  6ADWebbrowserOut...
SoCal Microsoft Technology User Group Meeting 2013-05-06Anything wrong with the existing model? Exchange load balancing n...
SoCal Microsoft Technology User Group Meeting 2013-05-06The Exchange EvolutionSeparate roles for ease ofdeployment and mgm...
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange 2013 ArchitecturePage  9ForefrontOnlineProtection forExc...
SoCal Microsoft Technology User Group Meeting 2013-05-06Cross Server AccessPage  10E2010BannedServer A Server BProtocols,...
SoCal Microsoft Technology User Group Meeting 2013-05-06Changing Functional LayersPage  11Exchange 2013 ArchitectureHardw...
SoCal Microsoft Technology User Group Meeting 2013-05-06Putting it all togetherPage  12CASUserDAG1MBX-A MBX-BMBX-BMBX-A
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitecturClient Access Se...
SoCal Microsoft Technology User Group Meeting 2013-05-06What is CAS 2013?Page  14 CAS 2013 is comprised of three compone...
SoCal Microsoft Technology User Group Meeting 2013-05-06CAS 2013 Client Protocol ArchitecturePage  15CAS 2013MBX2013RPC C...
SoCal Microsoft Technology User Group Meeting 2013-05-06Outlook Connectivity What are the benefits?- Does not require a “...
SoCal Microsoft Technology User Group Meeting 2013-05-06Third-Party MAPI Products Third-party MAPI products will need to ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Client Protocol Connectivity FlowPage  18MBXCASLoad BalancerHTTP ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange Load Balancing OptionsPage  19Generalist IT admin Those ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Client Protocol BenefitsPage  20 Simplifies the network layer- N...
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitecturClient Access Se...
SoCal Microsoft Technology User Group Meeting 2013-05-06Mailbox Server RolePage  22 A server that hosts all the componen...
SoCal Microsoft Technology User Group Meeting 2013-05-06New Store Process Store is effectively made up of three processes...
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange IOPS TrendPage  24DB IOPS/MailboxExchange 2003 Exchange ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Large Mailboxes for the win!• Large Mailbox Size 100GB+• Aggregate...
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange Search Infrastructure Leverages Search Foundation- Commo...
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange IndexingPage  27Reduced Processing of Body and Attachmen...
SoCal Microsoft Technology User Group Meeting 2013-05-06Public FoldersPage  28Dawn of a New AgeArchitectural betPublic fo...
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access S...
SoCal Microsoft Technology User Group Meeting 2013-05-06Transport on Client AccessFront-End Transport Service Handles all...
SoCal Microsoft Technology User Group Meeting 2013-05-06Processing Inbound MessagesPage  31ExternalServerCAS MBX 1. New S...
SoCal Microsoft Technology User Group Meeting 2013-05-06Benefits of SMTP Front-End ServicePage  32 The SMTP Front-End Se...
SoCal Microsoft Technology User Group Meeting 2013-05-06Transport Components on MailboxPage  33 Transport in MBX 2013 ha...
SoCal Microsoft Technology User Group Meeting 2013-05-06Transport Components on MailboxResponsibilitiesPage  34 Receives...
SoCal Microsoft Technology User Group Meeting 2013-05-06Routing OptimizationsPage  35 Next hop selection is broken down ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Mail DeliveryPage  36CAS /MBXMBX-1DB2DB1TransportMailboxTransport...
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access S...
SoCal Microsoft Technology User Group Meeting 2013-05-06Service Availability Improvements Best copy selection now include...
SoCal Microsoft Technology User Group Meeting 2013-05-06Managed Availability Monitoring and recovery infrastructure isint...
SoCal Microsoft Technology User Group Meeting 2013-05-06Managed AvailabilityPage  40—OWA send—OWA failure—OWA failure det...
SoCal Microsoft Technology User Group Meeting 2013-05-06Transport High Availability Improvements Every message is redunda...
SoCal Microsoft Technology User Group Meeting 2013-05-06Summary New Building Blocks- Facilitates deployments at all scale...
SoCal Microsoft Technology User Group Meeting 2013-05-06Summary – Part II What is gone- Exchange Management Console and E...
SoCal Microsoft Technology User Group Meeting 2013-05-06QuestionsPage  44
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access S...
SoCal Microsoft Technology User Group Meeting 2013-05-06Page  46
SoCal Microsoft Technology User Group Meeting 2013-05-06What is it good for? Enhance service availability for messaging- ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Benefits Enterprise security and reliability- Numerous layers of ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Migration optionsPage  49IMAPmigrationCutovermigrationStagedmigra...
SoCal Microsoft Technology User Group Meeting 2013-05-06Additional onboarding optionsPage  50Control Deployment Type Desc...
SoCal Microsoft Technology User Group Meeting 2013-05-06Migration option decision factorsPage  5151 | Microsoft Confident...
SoCal Microsoft Technology User Group Meeting 2013-05-06DirSync Enables coexistence- Provisions objects in Office 365 wit...
SoCal Microsoft Technology User Group Meeting 2013-05-06Simple coexistence deployment Uses Directory Synchronization for ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid deployment Uses Directory Synchronization for GAL synchron...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid deployment Enables DirSync“Write Back”- Easily move mailbo...
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitecturClient Access Se...
SoCal Microsoft Technology User Group Meeting 2013-05-06IMAP features and benefits Works with a large number of source ma...
SoCal Microsoft Technology User Group Meeting 2013-05-06IMAP requirements and limitations Access to IMAP ports (TCP/143/9...
SoCal Microsoft Technology User Group Meeting 2013-05-06IMAP data migration scopePage  59Migrated Mail messages(Inbox an...
SoCal Microsoft Technology User Group Meeting 2013-05-06IMAP migration flowPage  60Finalsync andcleanupInitialsyncDeltasy...
SoCal Microsoft Technology User Group Meeting 2013-05-06CEM features and benefits Simple and quick migration solution Hi...
SoCal Microsoft Technology User Group Meeting 2013-05-06CEM requirements and limitations Outlook Anywhere service on sour...
SoCal Microsoft Technology User Group Meeting 2013-05-06CEM architecturePage  63Office 365On-premises Exchange orgUsers, ...
SoCal Microsoft Technology User Group Meeting 2013-05-06CEM accounts and passwords Accounts provisioning- Migration tool ...
SoCal Microsoft Technology User Group Meeting 2013-05-06CEM data migration scopePage  65Migrated Mail messages and folde...
SoCal Microsoft Technology User Group Meeting 2013-05-06CEM data migration scope Partial migrations are not possible(no f...
SoCal Microsoft Technology User Group Meeting 2013-05-06CEM user experience Admin needs to distribute new passwords to us...
SoCal Microsoft Technology User Group Meeting 2013-05-06CEM migration flowPage  68Finalsync andcleanupInitialsyncDeltasyn...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM features and benefits Simple and flexible migration solution...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM requirements Outlook Anywhere service on source system(must h...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM limitations SEM is not supported with Exchange 2010 and 2013...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM architecturePage  72Office 365On-premises Exchange orgUsers, ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Mail routingPre-coexistencePage  73On-premisesMessagefilteringMX ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Mail routingOn-premises to Office 365Page  74On-premisesMessagefi...
SoCal Microsoft Technology User Group Meeting 2013-05-06Mail routingOffice 365 to on-premisesPage  75On-premisesMessagefi...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM accounts and passwords Accounts provisioning- Migration tool ...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM batch file format CSV format- Email address, password, force ...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM data migration scopePage  78Migrated Mail messages and folde...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM data migration scope Partial migrations are not possible(no f...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM user experience Admin needs to distribute new passwords to us...
SoCal Microsoft Technology User Group Meeting 2013-05-06SEM migration flowPage  81Migrate BatchConvert on-premmailboxes t...
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access S...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid key features and benefitsPage  83• Delegated authenticatio...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature comparisonPage  84Feature Simple Hybri...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature exampleCross-premises free/busy and cal...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature exampleCross-premises MailTips Correct...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature exampleCross-premises mail flow Preser...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature exampleSingle OWA URL Ensures a good e...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid features and benefits summary Makes your on-premises organ...
SoCal Microsoft Technology User Group Meeting 2013-05-062013 hybrid requirements Exchange 2013 CAS/MBX server on-premises...
SoCal Microsoft Technology User Group Meeting 2013-05-062013 hybrid limitations Exchange 2003 is not supported Delegatio...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid user experience If configured for SSO (AD FS), users login...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid user experienceAutodiscoverPage  93Office 365On-premises s...
SoCal Microsoft Technology User Group Meeting 2013-05-062013 Hybrid Improvements 1/2 Adaptive Hybrid Configuration Wizard...
SoCal Microsoft Technology User Group Meeting 2013-05-062013 Hybrid Improvements 2/2 Flexible EOP connection and internet...
SoCal Microsoft Technology User Group Meeting 2013-05-062013 hybrid high-level architecturePage  96Office 365On-premises ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange 2013 hybrid deploymentPage  972. Deploy Exchange 2013 se...
SoCal Microsoft Technology User Group Meeting 2013-05-062013 hybrid deployment flowPage  982. Deploy Exchange 2013 server...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid configuration wizardPage  991) Start HWC from EAC2) Confir...
SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature example Exchange 2013 is only supporte...
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange 2010 hybrid support Exchange 2010 SP3 will be compatible...
SoCal Microsoft Technology User Group Meeting 2013-05-06Migration matrixPage  102On-premisesenvironmentExchange 2010-base...
SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access S...
SoCal Microsoft Technology User Group Meeting 2013-05-06Migration interfacesEACPage  104In EAC, selectrecipients | migrat...
SoCal Microsoft Technology User Group Meeting 2013-05-06Migration interfacesPowerShellPage  105Set of Migration Cmdlets> ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Migration architecturePage  106Office 365On-premises Exchange org...
SoCal Microsoft Technology User Group Meeting 2013-05-06QuestionsPage  107
SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange Server 2013 Exchange Server 2013 for IT Proshttp://bit.l...
SoCal Microsoft Technology User Group Meeting 2013-05-06Migrations Compare Migration Typeshttp://bit.ly/10jLrEZ Cutover ...
SoCal Microsoft Technology User Group Meeting 2013-05-06Tools Exchange remote connectivity analyzerhttp://www.exrca.com ...
Upcoming SlideShare
Loading in …5
×

SoCal User Group Meeting 2013-05-06

606 views

Published on

SoCal User Group Meeting: Exchange Server 2013 Architecture Changes and Exchange Hybrid Configuration

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
606
On SlideShare
0
From Embeds
0
Number of Embeds
36
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

SoCal User Group Meeting 2013-05-06

  1. 1. SoCal Microsoft Technology User GroupUser Group Meeting 2013-05-06 – Thomas Stensitzki
  2. 2. SoCal Microsoft Technology User Group Meeting 2013-05-06IntroductionPage  2Thomas StensitzkiSenior Consultant, iCOMcept GmbHMCM, MCSE, MCSA, MCITP, MCTS, MCSA, MCSA:M, MCPBlog: http://www.sf-tools.netEmail: thomas@sf-tools.netTwitter: apoc70
  3. 3. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  4
  4. 4. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  5
  5. 5. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange 2007/2010 Server Role ArchitecturePage  6ADWebbrowserOutlook(remote user)MobilephoneLine ofbusinessapplicationClient AccessClient connectivityWeb servicesOutlook (local user)Layer 7 LBExternalSMTPserversHub TransportRouting & policyForefrontOnlineProtection forExchangeMailboxStorage ofmailbox itemsEnterprise Network Phone system(PBX or VOIP)Unified MessagingVoice mail andvoice accessEdge TransportRouting and AV/AS5 major rolesTightly coupled• Functionality• Geo affinity• Versioning• User partitioning
  6. 6. SoCal Microsoft Technology User Group Meeting 2013-05-06Anything wrong with the existing model? Exchange load balancing not easy to configure- LB session affinity impacts scalability- Hardeware LB solutions tend to be expensive and therefore are a luxury to many Exchange customers Deployment based on dedicated server roles- Hardware stays unutilized or under-utilized- Real multi-role deployments are rare Too many namespaces (especially in site resilient designs) Exchange deployments are overly complicatedPage  7
  7. 7. SoCal Microsoft Technology User Group Meeting 2013-05-06The Exchange EvolutionSeparate roles for ease ofdeployment and mgmt.segmentationSupport cheaper storage2007Simplify for scale, balancedutilization, isolationIntegrate HA for all rolesSimplify networkarchitecture2013Separate HA solutions foreach roleIntroduced the DAGRich managementexperience using RBACLeaves resources on theground in each role2010Role differentiation throughmanual configurationHardware solutions for“reliability” ($$$$)ExExEx ExSAN2000/2003L7 LBCAS HTMBX MBXLB
  8. 8. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange 2013 ArchitecturePage  9ForefrontOnlineProtection forExchangeADWebbrowserOutlook(remote user)MobilephoneLine ofbusinessapplicationOutlook (local user)ExternalSMTPserversEnterprise NetworkPhone system(PBX or VOIP)Edge TransportRouting and AV/ASLayer4LBCASCASCASCASCASCAS ArrayMBXMBXMBXMBXMBXDAGForefrontOnline Protectionfor Exchange2 Building BlocksClient Access ArrayDatabase AvailabilityGroupLoosely coupled
  9. 9. SoCal Microsoft Technology User Group Meeting 2013-05-06Cross Server AccessPage  10E2010BannedServer A Server BProtocols,Server AgentsEWSRPC CATransportAssistantsMRSMRSProxyTransportAssistantsEWSRPC CAMRSMRSProxyBusiness LogicXSO Mail ItemOther APICTSXSO Mail ItemOther APICTSStorageStore Content indexFile systemESEStore Content indexFile systemESESMTPMRS proxy protocolEWS protocolCustom WS
  10. 10. SoCal Microsoft Technology User Group Meeting 2013-05-06Changing Functional LayersPage  11Exchange 2013 ArchitectureHardware LBCAS, HT, UMMBXL7 Load BalancerExchange 2010 ArchitectureAuthN, Proxy, Re-directProtocols, API, Biz-logicAssistants, Store, CIL4 Load BalancerAuthN, Proxy, Re-directCAS2013Store, CIProtocols, API, Biz-logicMBX2013
  11. 11. SoCal Microsoft Technology User Group Meeting 2013-05-06Putting it all togetherPage  12CASUserDAG1MBX-A MBX-BMBX-BMBX-A
  12. 12. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitecturClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  13
  13. 13. SoCal Microsoft Technology User Group Meeting 2013-05-06What is CAS 2013?Page  14 CAS 2013 is comprised of three components:- Client protocols (HTTP, IMAP, POP)- SMTP- UM Call Router Thin, stateless (protocol session) servers organized in a load balanced configuration- Session affinity NOT required at the load balancer Provides a unified namespace and authentication for clients Where the logic “lives” to route a specific protocol request to the “correct” destination end point- Capable of supporting legacy servers with redirect or proxy logic Is a domain-joined machine in the corporate forest
  14. 14. SoCal Microsoft Technology User Group Meeting 2013-05-06CAS 2013 Client Protocol ArchitecturePage  15CAS 2013MBX2013RPC CAIISRPS OWA, EAS, EWS, ECP, OABPOPIMAPTransport UMRpcProxyMDB MailQHTTP ProxyIISPOPIMAPSMTP UMTelephonyIMAP SMTPOWA EAS EACOutlook PowerShellLoad BalancerHTTP POPIMAPSMTPRedirectSIP+RTP
  15. 15. SoCal Microsoft Technology User Group Meeting 2013-05-06Outlook Connectivity What are the benefits?- Does not require a “RPC CAS array namespace” for the DAG- No longer have to worry about “The Exchange administrator has made a change that requires you to quitand restart Outlook” during mailbox moves or *over events- Extremely reliable and stable connectivity model – the RPC session is always on the MBX 2013 server hostingthe active database copy What changes?- RPC end point for Outlook client is now a GUID (and SMTP suffix)- Support for internal and external Outlook Anywhere namespacesPage  16
  16. 16. SoCal Microsoft Technology User Group Meeting 2013-05-06Third-Party MAPI Products Third-party MAPI products will need to use RPC/HTTP to connect to CAS2013 Exchange 2013 will be the last release that supports a MAPI/CDO download- Third-parties must move to EWS in the future The MAPI/CDO download will be updated to include support for RPC/HTTP connectivity- Will require third-party application configuration; either by programmatically editing a dynamic MAPI profileor setting registry keys- Legacy environments can continue to use RPC/TCPPage  17
  17. 17. SoCal Microsoft Technology User Group Meeting 2013-05-06Client Protocol Connectivity FlowPage  18MBXCASLoad BalancerHTTP ProxyIISDBProtocol HeadLocal Proxy RequestHTTPHTTPSiteBoundaryMBXCASLoad BalancerHTTP ProxyIISDBProtocol HeadHTTPOWA Cross-Site Redirect RequestHTTPMBXDBProtocol HeadHTTPCross-Site Proxy RequestHTTPSiteBoundary
  18. 18. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange Load Balancing OptionsPage  19Generalist IT admin Those with increasednetwork flexibilityThose who want tomaximize serveravailability+ Simple, fast, no affinity LB+ Single, unified namespace+ Minimal networking skillset- Per Server Availability+ Per protocol availability+ Single, unified namespace- SSL termination @ LB- Requires increase networkingskillset+ Simple, fast, no affinity LB+ Per protocol availability- One namespace per protocolSimplicityFunctionalityTrade-OffsWho’sitfor?
  19. 19. SoCal Microsoft Technology User Group Meeting 2013-05-06Client Protocol BenefitsPage  20 Simplifies the network layer- No longer requires session affinity at the load balancer- Just get the traffic to CAS 2013 and let it handle the affinity- CAS 2013 can be “farther away” from MBX2013 and still offer good client performance (because it is a 1:1proxy)- Removes the need for RPC Client Access arrays Deployment flexibility- CAS 2013 provides more deployment flexibility; for example, consolidate to fewer sites- Can deploy a single world-wide namespace Simplifies upgrade and inter-op- Designed to proxy to multiple Mailbox server versions, up and down level- DAGs can be replaced with Exchange 2013 at any desired pace
  20. 20. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitecturClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  21
  21. 21. SoCal Microsoft Technology User Group Meeting 2013-05-06Mailbox Server RolePage  22 A server that hosts all the components that process, render and store the data Clients do not connect directly to MBX2013 servers; connectivity is throughCAS2013 Evolution of E2010 DAG- Collection of servers that form a HA unit- Databases are replicated between servers in a given DAG- Servers can be in different locations, for site resiliency- Maximum of 16 Mailbox servers- 50 database copies / serverMBX1MBX2MBX16
  22. 22. SoCal Microsoft Technology User Group Meeting 2013-05-06New Store Process Store is effectively made up of three processes- Replication service- Store service process/controller- Store worker process Replication service initiates failovers and is responsible for issuing mount/dismount operations Store service process/controller manages the store worker processes Each database has its own Store worker processPage  23
  23. 23. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange IOPS TrendPage  24DB IOPS/MailboxExchange 2003 Exchange 2007 Exchange 2010 Exchange 201310.80.60.40.20+99%reduction!
  24. 24. SoCal Microsoft Technology User Group Meeting 2013-05-06Large Mailboxes for the win!• Large Mailbox Size 100GB+• Aggregate Mailbox = Primary Mailbox + ArchiveMailbox + Recoverable Items• 1-2 years of mail (minimum)• Increased knowledge worker productivity• Eliminate or reduce PST reliance• Eliminate or reduce third-party archive solutions• Outlook 2013 allows you to control OST size!• Gives more options around mailbox deploymentsPage  251 Day 150 11 MB1 Month 3300 242 MB1 Year 39000 2.8 GB2 Years 78000 5.6 GB4 Years 156000 11.2 GB
  25. 25. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange Search Infrastructure Leverages Search Foundation- Common, actively developed search platform used across Office server products- Does consume more memory (1/6 available memory) to improve query performance- FAST Search Provides- Significantly improved query performance compared to Exchange 2010- Significantly improved indexing performance compared to Exchange 2010 Feature parity with Exchange 2010 search Leverages the same cmdlets like Get-MailboxDatabaseCopyStatusPage  26
  26. 26. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange IndexingPage  27Reduced Processing of Body and AttachmentsMBX 2013TransportMailboxDB IdxExSearch CTSStore Index NodeTransport Content TransformationServiceLocal DeliveryLogReliableEventReadContentMBX 2013MailboxDB IdxPassiveLog
  27. 27. SoCal Microsoft Technology User Group Meeting 2013-05-06Public FoldersPage  28Dawn of a New AgeArchitectural betPublic folders are based on the mailbox architectureDetails• Hierarchy is stored in PF mailboxes (one writeable)• Content can be broken up and placed in multiplemailboxes• The hierarchy folder points to the target content mailbox• Uses same HA mechanism as mailboxes• No separate replication mechanism• Single-master model• Similar administrative features to current PFs (settingquota, expiry, etc.)• No end-user changes (looks just like today’s PFs)Not all public folder usage scenariosare best served by public foldersMBX 2013CAS 2013MBX 2013 MBX 2013PrivatelogonPubliclogonContent MailboxHierarchy MailboxPublic Logon
  28. 28. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  29
  29. 29. SoCal Microsoft Technology User Group Meeting 2013-05-06Transport on Client AccessFront-End Transport Service Handles all inbound and outbound external SMTP traffic for the organization, as well as clientendpoint for SMTP traffic- Does not replace the Edge Transport Server Role Functions as a layer 7 proxy and has full access to protocol conversation Will not queue mail locally and will be completely stateless All outbound traffic appears to come from the CAS2013 Listens on TCP 25 and TCP 587 (two receive connectors)Page  30
  30. 30. SoCal Microsoft Technology User Group Meeting 2013-05-06Processing Inbound MessagesPage  31ExternalServerCAS MBX 1. New SMTP Connection2. CAS performs envelope filtering3. CAS determines route to best MBXserver4. Message delivery begins1. If successful, CAS returns 250OK acknowledgement to externalserver2. If unsuccessful, CAS returns 421response
  31. 31. SoCal Microsoft Technology User Group Meeting 2013-05-06Benefits of SMTP Front-End ServicePage  32 The SMTP Front-End Service provides:- Protocol level filtering – performs connection, recipient, sender and protocol filtering- Network protection – centralized, load balanced egress/ingress point for the organization- Mailbox locator – avoids unnecessary hops by determining the best MBX 2013 to deliver the message- Load balanced solution for client/application SMTP submissions Scales based on number of connections – just add more servers
  32. 32. SoCal Microsoft Technology User Group Meeting 2013-05-06Transport Components on MailboxPage  33 Transport in MBX 2013 has been broken down into three components- Transport Service - Stateful and handles SMTP mail flow for the organization and performs contentinspection (Was previously referred to as “Hub Transport”)- Mailbox Transport Delivery Service - Receives mail from the Transport service and deliveries to the MailboxDatabase- Mailbox Transport Submission Service - Takes mail from the Mailbox Databases and submits to the Transportservice Mailbox Transport is stateless and does not have a persistent storage mechanism Mailbox Transport performs content conversion
  33. 33. SoCal Microsoft Technology User Group Meeting 2013-05-06Transport Components on MailboxResponsibilitiesPage  34 Receives all inbound mail to the organization (Proxied through CAS or direct) Submits all outbound mail from the organization (Proxied through CAS or direct) Handles all internal message processing such as Transport Rules, Content Filtering, and Anti-Virus Performs mail flow routing Queue messages Supports SMTP extensibility
  34. 34. SoCal Microsoft Technology User Group Meeting 2013-05-06Routing OptimizationsPage  35 Next hop selection is broken down into distinct delivery groups:- Routable DAG- Mailbox Delivery Group- Connector Source Servers- AD Site (Hub Sites; Edge Subscriptions)- Server list (DG expansion servers) Queuing is per delivery group, connector, or mailbox Once message is received at final destination, Transport will deliver the message via SMTP toMailbox Transport on the server hosting the active database copy Send/Delivery-Agent Connectors can have source servers from multiple DAGs or AD Sites, and canbe proxied through CAS
  35. 35. SoCal Microsoft Technology User Group Meeting 2013-05-06Mail DeliveryPage  36CAS /MBXMBX-1DB2DB1TransportMailboxTransportMBX-2DB2DB1TransportMailboxTransportDAGSMTPSMTPMAPISMTP
  36. 36. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  37
  37. 37. SoCal Microsoft Technology User Group Meeting 2013-05-06Service Availability Improvements Best copy selection now includes health of services when selecting best copy Failover time reductions Lagged copy enhancements Simpler site resilience strategy Managed AvailabilityPage  38
  38. 38. SoCal Microsoft Technology User Group Meeting 2013-05-06Managed Availability Monitoring and recovery infrastructure isintegrated with Exchange’s high availabilitysolution Detects and recovers from problems asthey occur and are discovered Is user focused – if you can’t measure it,you cannot monitor itPage  39
  39. 39. SoCal Microsoft Technology User Group Meeting 2013-05-06Managed AvailabilityPage  40—OWA send—OWA failure—OWA failure detected—OWA restart service—OWA restart complete—OWA verified as healthy—OWA send—OWA failure—OWA failure detected—OWA restart service—OWA restart service failed—Failover server’s databases—OWA service restarts—OWA verified as healthy—Server becomes “good” failovertarget (again)Managed Availability + Retries…“stuff breaks and the Experience does not”LB CAS-1CAS-2DAGMBX-1DB1 DB2MBX-2OWA DB1 DB2MBX-3OWA DB1 DB2OWAOWAOWAOWA DB1DB1
  40. 40. SoCal Microsoft Technology User Group Meeting 2013-05-06Transport High Availability Improvements Every message is redundantly persisted before its receipt is acknowledged to the sender Delivered messages are kept redundant in transport similar to active messages Every DAG represents a transport HA boundary and owns its HA implementation- If you have a stretched DAG, you also have transport site resilience Resubmits due to transport DB loss or MDB *over are fully automatic and do not require anymanual involvementPage  41
  41. 41. SoCal Microsoft Technology User Group Meeting 2013-05-06Summary New Building Blocks- Facilitates deployments at all scales – from self-hosted small organizations to Office 365- Provides more flexibility in namespace management Simplified HA- All core Exchange functionality for a given mailbox is served by the MBX 2013 server where that mailbox’s database iscurrently activated- Simplifies the network layer- Transport protection is built-in Simplified upgrade and inter-op- All components in a given server upgraded together- No need to juggle with CAS <-> MBX versions separately Aligned with hardware trends- Utilize CPU core increase, cheaper RAM- Utilize capacity effectively- Fewer disks/server => simpler server SKUsPage  42
  42. 42. SoCal Microsoft Technology User Group Meeting 2013-05-06Summary – Part II What is gone- Exchange Management Console and Exchange Control Panel- RPC/TCP access for Outlook clients- Support for Outlook 2003- OWA built-In spell-check (now relies on Browser)- Linked connectors- Forefront Protection for Exchange What is (currently) not available- S/MIME support in Outlook Web App- Public Folder support on Outlook Web App What is different- No uninstall option for CUs- Larger disk space requirements -> 30GB minimum (mostly due to Safety Net and Managed Availability logging)Page  43
  43. 43. SoCal Microsoft Technology User Group Meeting 2013-05-06QuestionsPage  44
  44. 44. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  45
  45. 45. SoCal Microsoft Technology User Group Meeting 2013-05-06Page  46
  46. 46. SoCal Microsoft Technology User Group Meeting 2013-05-06What is it good for? Enhance service availability for messaging- Mobile work force- Small / remote branch offices Reduce on-premise hardware costs- HA implementations are still expensive Online archiving- Avoid on-premise message archiving infrastructure Because we can and it is new cool stuffPage  47
  47. 47. SoCal Microsoft Technology User Group Meeting 2013-05-06Benefits Enterprise security and reliability- Numerous layers of security at Office 365 data centers- Stringent privacy policies- 99.9 percent uptime IT control and efficiency- Security updates and back-end systems upgradeshandled by Office 365- On-premise IT staff uses browser and PowerShell tomanage tenant User familiarity and productivity- Easy transitioning for employees- Always on experiencePage  48Benefits and risksRisks Contracts- Current contracts with UC vendors might interfere withnew UC deployments Regulations- Might not be suitable to certain laws an regulations(e.g. PCI) Customization- Limited SharePoint and Exchange customizationfeatures available
  48. 48. SoCal Microsoft Technology User Group Meeting 2013-05-06Migration optionsPage  49IMAPmigrationCutovermigrationStagedmigration2010hybrid2013hybridExchange 5.5 Exchange 2000 Exchange 2003    Exchange 2007     Exchange 2010    Exchange 2013   Notes/Domino GroupWise Other Additional options available with tools from migration partnersSimplemigrationsHybridIMAP migrationSupports wide range of email platformsEmail only (no calendar, contacts, or tasks)Cutover Exchange migration (CEM)Good for fast, cutover migrationsNo migration tool or computer required on-premisesStaged Exchange migration (SEM)No migration tool or computer required on-premisesRequires Directory Synchronization with on-premises ADHybrid deploymentManage users on-premises and onlineEnables cross-premises calendaring, smooth migration,and easy off-boarding
  49. 49. SoCal Microsoft Technology User Group Meeting 2013-05-06Additional onboarding optionsPage  50Control Deployment Type DescriptionUser drivenNew mailboxUser receives new “green field”mailbox – i.e. user is onboarded towithout data migration.New mailbox + Outlook PSTUser receives new mailbox andeither attaches or imports PST filesfor access to pre-Office 365 data.New mailbox + connected accountsUser receives new mailbox andconfigures connected accountsvia OWA.Admin driven New mailbox + PST ImportUser receives a new mailbox andadmin uses the PST Capture Tool toimport PST data into the user’sExchange Online mailbox.
  50. 50. SoCal Microsoft Technology User Group Meeting 2013-05-06Migration option decision factorsPage  5151 | Microsoft ConfidentialDEPLOYMENTPLANMigrationsolution is partof the planExchangeIMAPLotus NotesGoogleLargeMediumSmallOn-premisesSingle sign-onOn-cloudDirSyncManual/BulkProvisioningAutomaticProvisioningSimpleRich
  51. 51. SoCal Microsoft Technology User Group Meeting 2013-05-06DirSync Enables coexistence- Provisions objects in Office 365 with same email addresses as the objects in theon-premises environment- Provides a unified Global Address List experience between on-premisesand Office 365 Objects hidden from the GAL on-premises are also hidden from the GALin Office 365 Enables coexistence for Exchange Works in both simple and hybrid deployment scenarios Enabler for mail routing between on-premises and Office 365 with a shareddomain namespacePage  52
  52. 52. SoCal Microsoft Technology User Group Meeting 2013-05-06Simple coexistence deployment Uses Directory Synchronization for GAL synchronization- Enabler for mail routing between on-premises and Office 365 using a sharedDNS namespace- Provides a unified GAL experience Can be used with cloud identities or federated identities Does not require an on-premises Hybrid serverPage  53
  53. 53. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid deployment Uses Directory Synchronization for GAL synchronization- Enabler for mail routing between on-premises and Office 365 using a sharedDNS namespace- Provides a unified GAL experience Can be used with cloud identities or federated identitiesPage  54
  54. 54. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid deployment Enables DirSync“Write Back”- Easily move mailboxes back toon-premises (off-boarding)- Enables Safelist Aggregation(a.k.a. Filtering Coexistence)- Enables cloud archive Requires on-premises hybrid serverdeploymentPage  55Attribute FeatureSafeSendersHashBlockedSendersHashSafeRecipientHashSafelist Aggregation (a.k.a. FilteringCoexistence )enables on-premises filtering using cloudsafe/blocked sender infomsExchArchiveStatusCloud ArchiveAllows users to archive mail to the Office365 serviceProxyAddresses(cloudLegDN)Mailbox off-boardingEnables off-boarding of mailboxes back toon-premisescloudmsExchUCVoiceMailSettingsVoicemail Co-ExistenceUsed for Exchange Unified Messaging-Microsoft Lync Server 2010 integration toindicate to on-premises Lync Server thatthe user has voice mail in the cloud
  55. 55. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitecturClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  56
  56. 56. SoCal Microsoft Technology User Group Meeting 2013-05-06IMAP features and benefits Works with a large number of source mail systems Works with on-premises or hosted systems Users can be migrated in batches On-premises migration tool is not requiredPage  57
  57. 57. SoCal Microsoft Technology User Group Meeting 2013-05-06IMAP requirements and limitations Access to IMAP ports (TCP/143/993) SMTP domains configured in Office 365 tenant Users + mailboxes must be provisioned prior to migration Bulk provisioning, CSV parser, manual, etc. Gather user credentials or setup admin credentials Prepare a CSV file with list of users Email address, user name, password Max of 50,000 rows Max 10 MB in size Very limited data migration scopePage  58
  58. 58. SoCal Microsoft Technology User Group Meeting 2013-05-06IMAP data migration scopePage  59Migrated Mail messages(Inbox and other folders) Maximum of 500,000 items Possible to exclude specificfolders from migration(e.g. Deleted Items, Junk E-Mail)Not migrated Contacts, Calendars, Tasks, etc. Excluded folders Folders with a forward slash( / ) in the folder name Messages larger than 25 MB
  59. 59. SoCal Microsoft Technology User Group Meeting 2013-05-06IMAP migration flowPage  60Finalsync andcleanupInitialsyncDeltasyncevery 24hoursMarkmigration ascompleteChange MXrecordProvisionusers+mailboxesin O365(licenseassigned)Gather IMAPcredentialsand prepareCSVEACWizard:Enter serversettings andupload CSV
  60. 60. SoCal Microsoft Technology User Group Meeting 2013-05-06CEM features and benefits Simple and quick migration solution High-fidelity solution – all mailbox content is migrated Typically best suited to small and medium organizations Users are provisioned automatically during migration Works with Exchange 2003 and newer Works with on-premises or hosted Exchange systems Identity management in the cloud (at least initially) On-premises migration tool is not requiredPage  61
  61. 61. SoCal Microsoft Technology User Group Meeting 2013-05-06CEM requirements and limitations Outlook Anywhere service on source system(must have SSL certificate issued by a public CA) Migration Account with Full Access or Receive-As permissions to all mailboxes that will bemigrated SMTP domains configured in Office 365 tenant Directory Sync tool disabled in Office 365 tenant Up to 1000 mailboxes in source systemPage  62
  62. 62. SoCal Microsoft Technology User Group Meeting 2013-05-06CEM architecturePage  63Office 365On-premises Exchange orgUsers, Groups, Contacts viaOutlook Anywhere (NSPI)Mailbox Data via OutlookAnywhere (RPC over HTTP)Exchange 2003 or later
  63. 63. SoCal Microsoft Technology User Group Meeting 2013-05-06CEM accounts and passwords Accounts provisioning- Migration tool creates users, mailboxes, DLs and contacts- Migration enables replies to migrated messages(i.e. provision process brings over the Legacy DNs) Passwords- No access to passwords from source directory- New passwords created for all users- A link to download passwords is sent to admin- Users must change password on their first loginPage  64
  64. 64. SoCal Microsoft Technology User Group Meeting 2013-05-06CEM data migration scopePage  65Migrated Mail messages and folders Rules and categories Calendar (normal, recurring) Out-of-Office settings Contacts Tasks Delegates and folder perms Outlook settings (e.g. favorites)Not migrated Security Groups, DDLs System mailboxes Dumpster Send-As permissions Messages larger than 25 MB
  65. 65. SoCal Microsoft Technology User Group Meeting 2013-05-06CEM data migration scope Partial migrations are not possible(no folder exclusion, no time range selection, etc.) Mailboxes enabled for Unified Messaging cannot be migrated Hidden mailboxes (not visible to tool) cannot be migrated New cloud mailbox is created (new GUID) and data is copied Existing cached-mode files (OST files) cannot be preservedPage  66
  66. 66. SoCal Microsoft Technology User Group Meeting 2013-05-06CEM user experience Admin needs to distribute new passwords to users Users create their new Outlook profile using Office 365 username and new passwords(Autodiscover) All mail is downloaded from the Office 365 mailbox(i.e. the OST file must be recreated)Page  67
  67. 67. SoCal Microsoft Technology User Group Meeting 2013-05-06CEM migration flowPage  68Finalsync andcleanupInitialsyncDeltasyncevery 24hoursMarkmigrationascompleteChangeMXrecordEACWizard:Enter serversettingsand admincredentialsLicenseusersConfigureOutlookanywhereTest usingExRCAAssignmigrationpermissionsMigrationtoolprovisionsusersmailboxesDLscontactsin O365
  68. 68. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM features and benefits Simple and flexible migration solution High-fidelity solution – all mailbox content is migrated Typically best suited to medium and large organizations Users are provisioned with Directory Sync prior to migration No limit on the number of mailboxes Users can be migrated in batches (up to 1000 per batch) Works with Exchange 2003 and 2007 only, on-premises or hosted Identity management on-premises On-premises migration tool is not requiredPage  69
  69. 69. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM requirements Outlook Anywhere service on source system(must have SSL certificate issued by a public CA) Migration Account with Full Access or Receive-As permissions to all mailboxes that will bemigrated SMTP domain(s) configured in Office 365 tenant Directory Sync tool enabled in Office 365 tenant(i.e. requires simple coexistence)Page  70
  70. 70. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM limitations SEM is not supported with Exchange 2010 and 2013 Only simple coexistence is available(no sharing of free/busy, calendar, etc.)Page  71
  71. 71. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM architecturePage  72Office 365On-premises Exchange orgUsers, Groups, Contacts via DirSyncMailbox Data via OutlookAnywhere (RPC over HTTP)Exchange 2003 or 2007Office 365 DirectorySynchronizationapp
  72. 72. SoCal Microsoft Technology User Group Meeting 2013-05-06Mail routingPre-coexistencePage  73On-premisesMessagefilteringMX Record:contoso.comUser ObjectMailbox-enabledProxyAddresses:SMTP: John.Doe@contoso.comExchangeActive Directory
  73. 73. SoCal Microsoft Technology User Group Meeting 2013-05-06Mail routingOn-premises to Office 365Page  74On-premisesMessagefilteringMX Record:contoso.comExchangeActive DirectoryOffice 365MX Record:contoso.onmicrosoft.comcontoso.mail.onmicrosoft.comExchangeOnlineProtectionExchangeOnline OnlineDirectoryDirSync DirSyncWebServiceLogon Enabled UserMailbox-enabledProxyAddresses:SMTP: John.Doe@contoso.comsmtp: John.Doe@contoso.onmicrosoft.comsmtp: John.Doe@contoso.mail.onmicrosoft.comUser ObjectMail-enabled (not mailbox-enabled)ProxyAddresses:SMTP: John.Doe@contoso.comTargetAddresses:SMTP: John.Doe@contoso.mail.onmicrosoft.com
  74. 74. SoCal Microsoft Technology User Group Meeting 2013-05-06Mail routingOffice 365 to on-premisesPage  75On-premisesMessagefilteringMX Record:contoso.comExchangeActive DirectoryOffice 365MX Record:contoso.onmicrosoft.comcontoso.mail.onmicrosoft.comExchangeOnlineProtectionExchangeOnline OnlineDirectoryDirSync DirSyncWebServiceLogon Enabled UserMail-enabled (not mailbox-enabled)ProxyAddresses:SMTP: Jane.Doe@contoso.comsmtp: Jane.Doe@contoso.onmicrosoft.comsmtp: Jane.Doe@contoso.mail.onmicrosoft.comTargetAddresses:SMTP: Jane.Doe@contoso.comUser ObjectMailbox-enabledProxyAddresses:SMTP: Jane.Doe@contoso.com
  75. 75. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM accounts and passwords Accounts provisioning- Migration tool relies on DirSync to do provisioning- For every on-premises mailbox to be migrated there needsto be a Mail enabled user (MEU) or Mailbox in Office 365 Passwords- Target mailbox passwords must be specified for all users- Administrators can force users to change passwordson first loginPage  76
  76. 76. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM batch file format CSV format- Email address, password, force change password One user per line Max of 1000 users in each CSV Smart-check against the Office 365 directoryPage  77
  77. 77. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM data migration scopePage  78Migrated Mail messages and folders Rules and categories Calendar (normal, recurring) Out-of-Office settings Contacts Tasks Delegates and folder perms Outlook settings (e.g. favorites)Not migrated Security Groups, DDLs System mailboxes Dumpster Send-As permissions Messages larger than 25 MB
  78. 78. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM data migration scope Partial migrations are not possible(no folder exclusion, no time range selection, etc.) Mailboxes enabled for unified messaging cannot be migrated Hidden mailboxes (not visible to tool) cannot be migrated New cloud mailbox is created (new GUID) and data is copied Existing cached-mode files (OST files) cannot be preservedPage  79
  79. 79. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM user experience Admin needs to distribute new passwords to users Users create their new Outlook profile using O365 username and new passwords (Autodiscover) All mail is downloaded from the Office 365 mailbox(i.e. the OST file must be recreated)Page  80
  80. 80. SoCal Microsoft Technology User Group Meeting 2013-05-06SEM migration flowPage  81Migrate BatchConvert on-premmailboxes toMEUDeletemigrationbatch(optional)ChangeMXrecordEACWizard:Enter serversettings,admincredentials,batch CSVConfigureDirectorySyncLicense usersConfigureOutlookanywhereTest usingExRCAAssignmigrationpermissions
  81. 81. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  82
  82. 82. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid key features and benefitsPage  83• Delegated authentication for on-premises/cloud web services• Enables Free/Busy, calendar sharing, message tracking, onlinearchive, and moreFederation trust• Manage all of your Exchange functions, whether cloud or on-premises from the same place - Exchange AdministrationCenter (EAC)Integrated adminexperience• Online mailbox moves• Preserve the Outlook profile and offline file (OST)• Leverages the Mailbox Replication Service (MRS)Native mailbox move• Authenticated and encrypted mail flow• Preserves the internal Exchange messages headers• Support for compliance mail flow scenarios (central transport)Secure mail flow
  83. 83. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature comparisonPage  84Feature Simple HybridMail routing between on-premises and cloud (recipients on either side)  Mail routing with shared namespace (if desired) on both sides  Unified GAL  Free/Busy and calendar sharing cross-premises Out of Office understands that cross-premises is “internal” to the organization Mailtips, messaging tracking, and mailbox search work cross-premises OWA redirection cross-premise (single OWA URL for both on-premises and cloud) Single tool to manage cross-premises Exchange functions (including migrations) Mailbox moves support both onboarding and offboarding No outlook reconfiguration or OST resync required after mailbox migration Preserve auth header (ensure internal email is not spam, resolve against GAL, etc.) Centralized mail flow , ensures that all email routes inbound/outbound via on-prem 
  84. 84. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature exampleCross-premises free/busy and calendarsharing Creates the look and feel of a single,seamless organization for meetingscheduling and management of calendars Works with any supported Outlook clientPage  85
  85. 85. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature exampleCross-premises MailTips Correct evaluation of “Internal” vs.“External” organization context Allows awareness and correct Outlookrepresentation of MailTipsPage  86
  86. 86. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature exampleCross-premises mail flow Preserves internal organizational headers(e.g. auth header) Message is considered “trusted” and resolvethe sender to rich recipient information inthe GAL (not SMTP address) Restrictions specified for that recipientare honoredPage  87
  87. 87. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature exampleSingle OWA URL Ensures a good end-user experience asmailboxes are moved in-and-out of thecloud since OWA URL remains unchanged(points to on-premises “hybrid” CAS) Log in experience can be improved byadding domain name into your cloud URLso that you can access your cloud mailboxwithout the interruption of Go There pagePage  88
  88. 88. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid features and benefits summary Makes your on-premises organization and cloud organization work together like a single,seamless organization Offers near-parity of features/experience on-premises and in the cloud Seamless interactions between on-premises and cloud mailboxes Migrations in and out of the cloud transparent to end-userPage  89
  89. 89. SoCal Microsoft Technology User Group Meeting 2013-05-062013 hybrid requirements Exchange 2013 CAS/MBX server on-premises Hybrid configuration in place- On-premises config, Office 365 config, federation using Microsoft Federation Gateway (MFG), certificates, etc.- Much of the config is automated by the Hybrid Configuration Wizard SMTP domain(s) configured in Office 365 tenant Directory Sync tool enabled in Office 365 tenant Active Directory Federation Services (AD FS) in place- Can be utilized for any cloud based service which uses federated identities, i.e. SAP ByDesignPage  90
  90. 90. SoCal Microsoft Technology User Group Meeting 2013-05-062013 hybrid limitations Exchange 2003 is not supported Delegation coexistence cross-premises(delegate permissions are migrated when users are in the same batch) Migration of Send As/Full Access permissionsPage  91
  91. 91. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid user experience If configured for SSO (AD FS), users login with their AD credentials. Otherwise, admin needs todistribute new password to user. User’s current Outlook profile is updated with the Exchange Online server name viaAutodiscover. Offline files (OST files) do not have to be recreated. If using Outlook at the time of the mailbox move, user is prompted to close and reopen Outlook.Page  92
  92. 92. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid user experienceAutodiscoverPage  93Office 365On-premises systemsADForestExchange2013 CASRemote MailboxPrimary SMTP address:user@contoso.comRemote Routing address:user@contoso.mail.onmicrosoft.comMailboxPrimary SMTP address:user@contoso.comSecondary SMTP address:user@contoso.mail.onmicrosoft.comExchangeOnlineWhere is my mailbox?Local Exchange passes a redirect to“contoso.mail.onmicrosoft.com”Outlook attempts to discover endpoint through DNS record“autodiscover.contoso.mail.onmicrosoft.com”Request authenticationAuthentication successMailbox server informationOutlook profile updated.OST rebuild not required!
  93. 93. SoCal Microsoft Technology User Group Meeting 2013-05-062013 Hybrid Improvements 1/2 Adaptive Hybrid Configuration Wizard (HCW)HCW adapts to individual setup requirements and presents only necessary questions.Automatically gathers information whenever possible. Integrated support for EdgeHCW supports configuring Exch2010 Edge Transport servers directly within the wizard. Enhanced secure mailSimpler to configure and no longer dependent on static IP addresses in the connectorconfiguration.Page  94
  94. 94. SoCal Microsoft Technology User Group Meeting 2013-05-062013 Hybrid Improvements 2/2 Flexible EOP connection and internet mail routingSupport for updating MX and directing all inbound internet mail to EOP at any stage of the hybriddeployment – before, during or after hybrid configuration. Improved centralized mail transportAdded flexibility and capability – centralized mail transport is supported even when pointing MX toEOP. Integrated mailbox migration and move wizardOne wizard regardless of scenario – hybrid, staged, cutover, or IMAP.Page  95
  95. 95. SoCal Microsoft Technology User Group Meeting 2013-05-062013 hybrid high-level architecturePage  96Office 365On-premises Exchange orgUsers, Groups, Contacts via DirSyncExistingExchange2007 or laterOffice 365 DirectorySynchronizationappExchange2013 CASand MBXSecure Mail FlowSharing (free/busy, MailTips, archive, etc.)Mailbox Data via MRS
  96. 96. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange 2013 hybrid deploymentPage  972. Deploy Exchange 2013 serversInstall both E2013 MBX and CAS servers with CU1Set an ExternalUrl for the Exchange Web Services vdirE2010 or2007 HubInternet facing siteIntranet siteExchange 2010or 2007 servers1. PrepareInstall Exchange SP and/or updates across the ORGPrepare AD with E2013 CU1 schema4. Publish protocols externallyCreate public DNS A records for the EWS and SMTPendpointsValidate using Remote Connectivity Analyzer5. Switch autodiscover namespace to E2013 CASChange the public autodiscover DNS record toresolve to E2013 CAS6. Run the Hybrid Configuration WizardE2013CAS3. Obtain and deploy certificatesObtain and deploy certificates on E2013 MBX andCAS serversClientsautodiscover.contoso.commail.contoso.com1 23456E2010 or2007 CASE2010or 2007MBXE2013MBXSP/RUSP/RUOffice 3657. Move mailboxesAutodiscover & EWSSMTP7
  97. 97. SoCal Microsoft Technology User Group Meeting 2013-05-062013 hybrid deployment flowPage  982. Deploy Exchange 2013 serversInstall both E2013 MBX and CAS servers with CU1Install E2010 EDGE serversSet an ExternalUrl for the Exchange Web Services vdirE2010 or2007 HubInternet facing siteIntranet siteExchange 2010or 2007 servers1. PrepareInstall Exchange SP and/or updates across the ORGPrepare AD with E2013 CU1 schema4. Publish protocols externallyCreate public DNS A records for the EWS and SMTPendpointsValidate using Remote Connectivity Analyzer5. Switch autodiscover namespace to E2013 CASChange the public autodiscover DNS record to resolveto E2013 CAS6. Run the Hybrid Configuration WizardE2013CAS3. Obtain and deploy certificatesObtain and deploy certificates on E2013 MBX and CASservers & E2010 EDGE serversClientsautodiscover.contoso.commail.contoso.com1 23456E2010 or2007 CASE2010or 2007MBXE2013MBXSP/RUSP/RUOffice 3657. Move mailboxesAutodiscover &EWS SMTPE2010EDGE7
  98. 98. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid configuration wizardPage  991) Start HWC from EAC2) Confirm running the wizard3) Select hybrid domain*4) View/Copy domain proof token*5) Choose transport options6) Choose receive 2013 CAS server(s)7) Choose send 2013 MBX server(s)8) Select transport certificate9) Enter external FQDN 2013 CAS10) Enter Org Management AD account11) Enter Global Admin O365 account12) Choose Update to configure hybrid* Adaptive steps
  99. 99. SoCal Microsoft Technology User Group Meeting 2013-05-06Hybrid coexistence feature example Exchange 2013 is only supported againstthe next version of O365 tenant Current O365 tenants must be fullyupgraded to be compatible with Exchange2013 on-premises Exchange 2013 Setup and HCW include atenant version checkPage  100
  100. 100. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange 2010 hybrid support Exchange 2010 SP3 will be compatible with current and new Office 365 tenants Exchange 2010 based hybrid deployments will continue to support Exchange 2003 coexistencewith the new Office 365 tenants Once the new Office 365 service is launched, Exchange 2013 based hybrid is recommended forall new deployments(unless migrating from Exchange 2003)Page  101
  101. 101. SoCal Microsoft Technology User Group Meeting 2013-05-06Migration matrixPage  102On-premisesenvironmentExchange 2010-basedhybrid with tenantversion v14Exchange 2010-basedhybrid with tenantversion v15Exchange 2013-basedhybrid with tenantversion v15Exchange 2013 (CU1) Not supported1 Not applicable SupportedExchange 2010 SP3 Supported Supported Supported5Exchange 2010 SP2 Supported Not supported2 Not supportedExchange 2010 SP1 Supported Not supported2 Not supportedExchange 2007 SP3 RU10 Supported3 Supported4 Supported5Exchange 2007 SP3 Supported3 Not Supported Not supportedExchange 2003 SP2 Supported3 Supported4 Not supported1 Blocked in Exchange 2013 setup2 Tenant upgrade notification provided in Exchange Management Console3 Requires at least one on-premise Exchange 2010 SP2 server4 Requires at least one on-premise Exchange 2010 SP2 server5 Requires at least one on-premise Exchange 2013 (CU1) server
  102. 102. SoCal Microsoft Technology User Group Meeting 2013-05-06AgendaExchange Server 2013New Exchange ArchitectureClient Access Server 2013Mailbox Server 2013Transport ArchitectureService AvailabilityExchange and Office365 – HybridWhat is it good for?Migration scenariosHybrid deploymentMigrations interfacesPage  103
  103. 103. SoCal Microsoft Technology User Group Meeting 2013-05-06Migration interfacesEACPage  104In EAC, selectrecipients | migrationStart migrationwizardChoose migrationtype and followpromptsChoose hybridremote move andfollow prompts
  104. 104. SoCal Microsoft Technology User Group Meeting 2013-05-06Migration interfacesPowerShellPage  105Set of Migration Cmdlets> New-MigrationBatch> Start-MigrationBatch> Get-MigrationBatch> Get-MigrationStatus> Complete-Migration> Test-MigrationServerAvailabilityNew!> Get-MigrationBatch -DiagnosticMigration Batchcmdlets can alsostart a hybridmoveHybrid movecmdlets continueto be availableDiaginostic switchimprovestroubleshootingSet of Hybrid Move Cmdlets> New-MoveRequest> Get-MoveRequest> Get-MoveRequestStatistics> Suspend-MoveRequest> Resume-MoveRequest> Remove-MoveRequest
  105. 105. SoCal Microsoft Technology User Group Meeting 2013-05-06Migration architecturePage  106Office 365On-premises Exchange orgMigrationServiceMRSPowerShellMigrationBatchMoveRequestEACMRS1) Data injection2) Batch management3) Retry (manual and automatic)4) Source throttling5) Protocol agnostic (onboarding)6) Tenant fairness7) Reporting1) Hybrid data move2) Server level throttling
  106. 106. SoCal Microsoft Technology User Group Meeting 2013-05-06QuestionsPage  107
  107. 107. SoCal Microsoft Technology User Group Meeting 2013-05-06Exchange Server 2013 Exchange Server 2013 for IT Proshttp://bit.ly/18pQwlP Whats New in Exchange 2013http://bit.ly/12bGzUq Exchange 2013 Prerequisiteshttp://bit.ly/15kTB7V Exchange 2013 System Requirementshttp://bit.ly/128s8l8 Whats New in Exchange 2013 Hybrid Deploymentshttp://bit.ly/15kTObqPage  108Additional Resources – Exchange Architecture Microsoft Exchange Server Deployment Assistanthttp://bit.ly/10CqHqV Prepare Active Directory and Domainshttp://bit.ly/18pRrma Database Availability Groupshttp://bit.ly/13n9TJf Federated sharinghttp://bit.ly/10hyAYR Blackberry Enterprise Server and Exchange 2013http://bit.ly/10k57J4
  108. 108. SoCal Microsoft Technology User Group Meeting 2013-05-06Migrations Compare Migration Typeshttp://bit.ly/10jLrEZ Cutover Exchange Migrationshttp://bit.ly/Yqctxb Staged Exchange Migrationshttp://bit.ly/18NWXwp IMAP Migrationshttp://bit.ly/13cYqg0Page  109Additional Resources – Hybrid DeploymentsHybrid deploymentsExchange team blog Introduction to Hybridhttp://bit.ly/128pGLu Deploying Hybrid (Exchange 2013)http://bit.ly/13n4nGm Managing Hybrid (Exchange 2013)http://bit.ly/11c6UpX Decommissioning On-premise servershttp://bit.ly/10jNJnJ
  109. 109. SoCal Microsoft Technology User Group Meeting 2013-05-06Tools Exchange remote connectivity analyzerhttp://www.exrca.com Exchange client network bandwidth calculatorhttp://bit.ly/10hsgR4 PST Capture Tool 2.0http://bit.ly/Yqbyg5 PowerShell Deployment Scripts - Office 365http://bit.ly/16NQLrChttp://bit.ly/10htgok Glens Exchange Dev Blog – Powershell and EWShttp://bit.ly/10hEYzgPage  110Additional Resources – Hybrid Deployments Manage Your Organization - Office 365 forEnterpriseshttp://bit.ly/10em9Hu Manage Your Organization - Office 365 forProfessionals and Small Businesseshttp://bit.ly/10jMDs6

×