Micrososft Exchange Server 2010 Yukseltme Senaryolari

2,051 views

Published on

Microsoft Exchange Server 2010 Yükseltme Senaryoları

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,051
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes: This slide highlights the differences between Exchange Server 2003 and Exchange Server 2007 (these architectural changes roll forward with Exchange Server 2010).First and foremost, the key difference between Exchange Server 2003 and Exchange Server 2010 is the fact that we now have 5 distinct server roles, Edge Transport, Hub Transport, Client Access, Mailbox, and Unified Messaging. Exchange Server 2010 is also only shipping in 64-bit for both the server roles and the management tools. In addition, Exchange Server 2010 is built on top of PowerShell, which provides a rich platform by which we develop script-based management infrastructure for all Exchange specific tasks.Another architectural change was the move away from having a routing infrastructure for mail flow that was separate from the AD DS routing topology. In Exchange Server 2010, messaging routing leverages the existing AD DS routing topology for least cost route determination.Autodiscover is a component that allows certain clients, like Outlook, Exchange Web Services (Entourage), and ActiveSync devices to derive profile/client configuration settings from the Exchange infrastructure using only the user’s credentials and email address.We also made calendaring improvements in Exchange by implementing a web service, known as the Availability service, that replaces the Free/Busy (F/B) public folder architecture for newer clients. F/B information is now always up to date because the Availability Service will query the mailbox directly to obtain F/B information.
  • Slide Objective:Instructor Notes: There are also new features in Exchange Server 2010. You have the choice in continuing to leverage an on-premise solution for messaging, or utilize a hosted solution, Exchange Online.We’ve greatly simplified our high availability model in Exchange Server 2010. We now offer one high availability model, known as a Database Availability Group or DAG. A DAG is a high availability solution that leverages continuous replication and can host up to 16 copies of a given database. A DAG can be deployed in a single datacenter or stretched between datacenters without requiring AD DS site spanning. A key architecture change with the DAG is that failovers/switchovers are now at the database level, as opposed to the server level. Changes in the Extensible Storage Engine have also improved our storage flexibility, allowing you to deploy on disks that provide the most capacity at the lowest cost (tier-2/mid-tier SATA), as well as, with our high availability capabilities allow you to move away from leveraging RAID.As discussed in the Architecture webcast, one of the major changes in Exchange Server 2010 is the move to where all clients now connect to a new service, the RPC Client Access service, that is hosted on CAS. This allows us to move the active database between servers within a DAG without affecting the Outlook client’s profile.We’ve also deprecated a few more developer centric access methodologies like ExOLEDB, WebDAV, CDOEx, and ExCDO.
  • Slide Objective:Instructor Notes: From a client perspective, we have a wide variety. New in Exchange Server 2010 is that from a browser perspective, we now support 90% of the browser market for the OWA Premium Experience – Firefox 3.0, Safari 3.1, IE7/8.
  • Slide Objective:Instructor Notes: Autodiscover in Exchange Server 2007 SP2 has been updated to redirect Exchange Server 2010-versioned mailboxes to CAS2010 for Autodiscover lookups.Exchange Server 2007 SP2 adds the following features:Enhanced Auditing – New Exchange auditing events and audit log repository enable Exchange administrators to more easily audit the activities occurring on their Exchange servers. It allows the right balance of granularity, performance, and easy access to audited events via a dedicated audit log repository. This simplifies the auditing process and makes review of audited events easier by segregating audited events in a dedicated location. Exchange Volume Snapshot Backup Functionality – A new backup plug-in has been added to the product that will enable customers to create Exchange backups when a backup is invoked through the Windows Server 2008 Backup tool. Exchange Server 2007 didn’t have this capability on Windows Server 2008 and additional solutions were required to perform this task.  Dynamic Active Directory Schema Update and Validation – The dynamic AD schema update and validation feature allows for future schema updates to be dynamic deployed as well as proactively preventing conflicts whenever a new property is added to the AD schema. Once this capability is deployed it will enable easier management of future schema updates and will prevent support issues when adding properties that don’t exist in the AD schema.  Public Folder Quota Management – SP2 enables a consistent way to manage quotas by improving the current PowerShell cmdlets to perform quota management tasks. Centralized Organizational Settings – SP2 introduces new PowerShell option that enable centralized management of many of the Exchange organization settings. Named Properties cmdlets – SP2 enables Exchange administrators to monitor their named property usage per database. New User Interface for Managing Diagnostic Logging– SP2 enables Exchange administrators to easily configure and manage diagnostic logging from within the Exchange Management Console.
  • Slide Objective:Instructor Notes: From a topology perspective, we have the following pre-requisites in order to install Exchange Server 2010:From an Active Directory perspective, we require the forest to be in Windows Server 2003 Forest Functional Mode (or higher) and that all Active Directory servers that will be leveraged by Exchange to be at Windows Server 2003 SP2 or higher.Disjoint  (added in E2K7 SP1 )Provides support parity with Exchange Server 2007DiscontinuousProvides parity with E2K3.  For Exchange Server 2007, we created a process doc that users who really, really pushed for could do validation in their environment to prove everything was working then CSS would agree to support it because the process was blessed by the PG.  This is now part of the official test matrix for Exchange Server 2010.SLD In February 2008 we announced that Exchange Server 2007 would be supported on an SLD. At the same time we announced that the next version of Exchange would not be supported on an SLD.  We subsequently announced that this policy was under review, and now that we have added it to the test matrix, we intend to support it for Exchange Server 2010.
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes: One of the new features in Exchange Server 2010 setup is that when installing the CAS role you can specify the external hostname that will be used by your clients. Setup will take the value provided and configure the ExternalURL properties for all of the Exchange specific virtual directories.For Exchange Server 2003 migrations, setup will also ask you which Exchange Server 2003 server you would like to use for the routing group connector between the Exchange Server 2010 routing group and the legacy Exchange routing group. Note that while setup only allows you to specify a single Exchange Server 2003 server for the RGC, you can later update the routing group connector using the Exchange Management Shell.
  • Slide Objective:Instructor Notes: As you think about publishing Exchange services on the Internet, things have changed a little bit with each release. You can leverage this slide as a cheat sheet for when configuring your application layer firewalls or reverse proxies. As you can see as you move from left to right, generally as we added more functionality we included additional namespaces or paths – for example, the most notable in Exchange Server 2007 was the Autodiscover namespace. In addition, we also deprecated some functionality or changed its functionality in each subsequent release.
  • Slide Objective:Instructor Notes: The less certificates you have to manage, the better your life will be. So as a best practice, Microsoft recommends the use of a single certificate leveraging Subject Alternative Names for your Exchange infrastructure (potentially 1 per Internet Facing AD DS site or 1 per organization). In addition, you do not need to define the machine host names in the certificate list.
  • Slide Objective:Instructor Notes: If you want to geek out, you can use the cmdlet infrastructure to create/import and enable the certificate.
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes: One way you can reduce the number of hostnames, you as IT folks have to manage, and end users have to remember, is by leveraging split-DNS, or split-brain DNS. In short, split-brain DNS is about setting up separate “DNS Zones” so that DNS requests which come from intranet clients will get different DNS hostname->IP lookup answers than requests coming from Internet clients. In other words, if a client within the internal network attempts to resolve mail.contoso.com, the client will get the IP address associated with the CAS2010 array; whereas, if an external client attempts to resolve mail.contoso.com, the client will get the IP address associated with external proxy/firewall solution.
  • Slide Objective:Instructor Notes: Use load balancing both internally and externally for client requests.OWA and EWS require client to server affinity. This means during a session that every request from a given client must go the same CAS. The load balancing array can’t send those requests randomly to different CAS as that will break the client session/experience.To make Autodiscover work correctly, you need to make sure the Internal and External URL configurations are configured correctly for both your internal and external clients.In addition, since MAPI clients now connect to CAS, you can also configure them to utilize a host name associated with the load balanced array.
  • Slide Objective:Instructor Notes: Internally all domain-connected Outlook 2007/2010 clients will perform an LDAP request to retrieve the SCP records for Autodiscover.  As part of the Autodiscover configuration in your forest, for each CAS you should specify the AD DS sites you wish that CAS to be responsible for Autodiscover requests via the Set-ClientAccessServerAutoDiscoverSiteScope  property.  Also the default configuration has the AutoDiscoverServiceInternalUri property configured with the server's FQDN.   So by default, when a domain-connected Outlook 2007/2010 client performs an SCP request for Autodiscover it will then retrieve a list that specifies the CAS servers that are associated with the client's AD DS site.  The list is approximately in the order of oldest SCP records (based on creation date) first.  As a result, as long as the oldest CAS server is online, all clients will submit requests to that server (if that server is offline, the client will try the next one in the list and so on until all are exhausted).   In addition, if the mailbox in question is also located in the same AD DS site as the CAS server responding to the Autodiscover request, all Exchange Web Service (e.g. Availability Service) and OAB traffic will be handled by this server.  The result is that 100% of requests will go to a single CAS server and not be balanced across all CAS servers in the AD DS site for that local mailbox.   So this is what I recommend - that all requests (Autodiscover, EWS, OAB) traffic go through the load balancer so that the traffic can be equalized across all CAS servers.  This also requires changing the AutodiscoverServiceInternalURI value from the server’s FQDN to that of the NLB FQDN.
  • Slide Objective:Instructor Notes: Now that we are caught up on the high-level changes in Exchange Server 2010 from previous versions, let’s discuss the migration flow. This is a five step process beginning with the AD DS site that is Internet Facing (and/or owns the Autodiscover Internet entry point):The first step is to upgrade your existing Exchange servers to Service Pack 2. Note that if you are an environment that is already at Exchange Server 2007, you must upgrade all your CAS and UM servers within the organization to SP2 prior to introducing the first Exchange Server 2010 server.The second step is to deploy your Exchange Server 2010 servers. Start with CAS, then Hub, and then Mailbox.The third step is to create a legacy hostname for your FExchange Server 2003/CAS2007 environment. This will require creating a new certificate that has that namespace.The fourth step you are going to take is to switchover all your existing namespaces to CAS2010 and HUB2010, while activating the legacy namespace for FExchange Server 2003/CAS2007. At this point, all clients will access the CAS2010 and either be redirected or proxied to the legacy servers for mailbox access. We’ll cover this in depth later.Step 5 involves moving the mailboxes from legacy to 2010.Step 6 involves decommissioning the legacy servers that are no longer in use. Remember the order of uninstall is the reverse of install (MBX, Hub, UM, CAS).
  • Slide Objective:Instructor Notes: Before I go through the steps of the upgrade, I want to show a tool called the Exchange Remote Connectivity Analyzer. Use this tool every time you make a change for your Internet client connectivity to validate the changes are successful and non-impacting to clients.But instead of talking about it let’s demo it.
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes: First if you have Exchange Server 2007, you need to configure the ExternalURLs are configured with the legacy namespace. This is so that Autodiscover on CAS2010 will know where to send users that still exist in Exchange Server 2007.The last step is to perform the switchover. This is where you will configured your external DNS and/or reverse proxy infrastructure to have the mail and autodiscover namespaces go to CAS2010.
  • Slide Objective:Instructor Notes: So now that we’ve performed the demo, how does it work under the covers?It’s different under the covers experience depending on the service, the version, and the client. There are four ways:AutodiscoverHTTP redirect from CAS2010 to FExchange Server 2003 or CAS2007Proxying from CAS2010 to CAS2007Direct CAS2010 support to MBX2003 or MBX2007Redirect (with Single Sign-On for Forms-Based Authentication)
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes:
  • Slide Objective:Instructor Notes: Very similar story here with transport like client access.I start with Exchange Server 2003 environment and an Exchange Server 2007 environment. The dash lines here mean either one or the other (2003 or 2007) is the ingress/egress point; you won’t have both.First upgrade all servers to SP2.Introduce 2010 servers.If you have Edge Transport deployed, you will re-subscribe your Exchange Server 2007 Edge servers with Exchange Server 2010 Hub Transport. At this point your Edge synchronization will now be managed via Exchange Server 2010 HubThen install Edge 2010.And then finally switch the endpoint for mail flow.
  • Slide Objective:Explain Transport Rule Migration between Exchange Server 2007/Exchange Server 2010Instructor Notes:Automatic migration – performed during Exchange Server 2010 setup if the setup program detects the existence of legacy journal rules.Manual migration – performed using updated cmdlets to export and import transport rules between the two messaging platforms.The Exchange Server 2010 rules engine is backward compatible and is able to read and apply the legacy Exchange Server 2007 rules so the exact same transport rules are being applied to messages traversing either Exchange Server 2007 and/or Exchange Server 2010 hub servers.
  • Slide Objective:Explain Automatic Transport Rule Migration between Exchange Server 2007/Exchange Server 2010.Instructor Notes:Automatic migration During installation of the Exchange Server 2010 hub, the Setup program queries Active Directory Domain Services to identify if there are any Exchange Server 2010 transport rules (query for “TransportVersioned” container). This is done first because any rules imported from Exchange Server 2007 will overwrite existing Exchange Server 2010 rules.If there are no Exchange Server 2010 transport rules, the setup programs checks Active Directory to see if there are any Exchange Server 2007 transport rules (query for “Transport” container)If there are Exchange Server 2007 transport rules and no Exchange Server 2010 rules then the setup program will migrate all Exchange Server 2007 transport rules to Exchange Server 2010 by doing the following Runs the Export-TransportRuleCollectioncmdlet to export the legacy transport rules from the Transport container in Active Directory.Runs the Import-TransportRuleCollectioncmdlet to import the legacy transport rules and place them in the TransportVersioned container in Active Directory Domain ServicesDeletes the temporary file: temp.xml
  • Slide Objective:Explain Manual Transport Rule Migration between Exchange Server 2007/Exchange Server 2010Instructor Notes:Automatic migration of transport rules is only performed during the initial installation of an Exchange Server 2010 server. Any new transport rules created after the setup process has run are created in their respective Active Directory containers. So for example a new transport rule created using Exchange Server 2007 would be saved to the “Transport” container in Active Directory and would not appear in the “TransportVersioned” container which is read by Exchange Server 2010 and vice a versa. To overcome this limitation, Exchange administrators can manually migrate a Transport Rule collection from Exchange Server 2010 to Exchange Server 2007, or from Exchange Server 2007 to Exchange Server 2010 by using export-* and import-* Power Shell tasks. The –ExportLegacyRules parameter must be used when exporting Exchange Server 2010 transport rules for later import to Exchange Server 2007 hub servers. If any of the Exchange Server 2010 transport rules have been configured with 2010 specific predicates or actions, those rules will be automatically stripped out before creating the export file.Importing a transport rule collection will overwrite any pre-existing Exchange Server 2010 transport rules, except for one special case: If an existing Exchange Server 2010 transport rule has any 2010 specific predicate or action, then that Exchange Server 2010 rule will be left untouched. The remaining Exchange Server 2007 rules will be imported into the Exchange Server 2010 collection.
  • Slide Objective:Instructor Notes: There are two different scenarios for Unified Messaging.Either you have UM hooked up to your IP gateway or private branch exchange (PBX) infrastructure directly. Or you have UM hooked in with your Office Communication Servers infrastructure. The key difference between the two scenarios is that with OCS you need a new dial plan and you will have to move the users to the new dial plan when you move their mailbox to Exchange Server 2010.
  • Slide Objective:Describe how give administrators can use the new online move mailbox process to perform Exchange maintenance and migrations without sacrificing their evenings and weekends. Instructor Notes: SituationAdministrators commonly move mailboxes between servers and databases as part of maintenance activities or when migrating between Exchange versionsCurrently, moving mailboxes takes them offline -- end users experience an email outage for the duration of the moveAs mailbox sizes have grown, mailboxes take longer to move, and administrators have been forced to perform mailbox moves at night and on weekends to minimize disruptions for end usersTalking PointsIn Exchange Server 2010, mailbox moves can be done in online mode: users remain can send, receive, and read mail while the contents of their mailboxes are moved to a new locationMaintenance activities can now be performed during the day, rather than a nighttime or weekend maintenance windowMigration to Exchange Server 2010 can be accomplished faster and with less end-user disruptionFor E12- Exchange Server 2010 moves to be online your E12 server will require SP2 otherwise the move will be offline during migration ?Move requests are also asynchronous and are moved the Microsoft Exchange Mailbox Replication Service on all Client Access servers. “MRS” service resides at CAS.Can’t move it from E2K7 SP1 and E2000. “Client autodiscovers new database location” – after the user logs out and back in. They will get a message from Outlook telling them that the administrator has moved their mailbox and to log out and log back in. At RTM, this won’t be automagic.
  • Slide Objective:Instructor Notes:
  • Micrososft Exchange Server 2010 Yukseltme Senaryolari

    1. 1. Exchange Server 2010 Yükseltme<br />Mümin ÇİÇEK<br />Exchange – MVP<br />Çözümpark<br />
    2. 2. Ajanda<br />Microsoft® Exchange Server 2003/2007 veExchange Server 2010 Farklar<br />ExchangeServer 2010 Yükseltme için temel gereksinimler<br />Yükseltme Senaryoları<br />Client Access<br />Transport<br />Unified Messaging (UM)<br />Mailbox<br />2<br />
    3. 3. ExchangeServer 2003 veExchange Server 2007 Farklar<br />Front-End (FE)/Back-End (BE) ->Client Access/Mailbox/Hub Transport (Hub)/Edge Transport/Unified Messaging<br />64-bit sunucu desteği var sadece (32 bit test ve eğitim için geldi)<br />Routing Groups yerine Active Directory® Domain Services (AD DS) sites geldi<br />Autodiscover özelliği geldi<br />Public Folders seçeneği kurulum aşamasında belirleniyor<br />Availability Service: Free/Busy bilgisi direk olarak posta kutusundan okunuyor(Public Folderlardan değil)<br />Offline Address Book (OAB) Client Access Server (CAS)’dan indiriliyor<br />Yeni Yönetim Araçları geldi<br />Exchange Management Console veExchange Management Shell<br />Unified Messaging – Sesli postalar artık posta kutumuza düşüyor<br />Yeni Developer application program interface (API): Exchange Web Services (EWS)<br />3<br />
    4. 4. Exchange Server 2007 ve Exchange Server 2010 Farklar<br />Exchange Server kendi başına veya Exchange Online kullanılabilir<br />High Availability (HA) çözümlerinde Database taşınabilirliği geldi<br />Databaseavailability group (DAG) vedatabase copy özelliği geldi<br />Siteresilience vedisaster recovery<br />30 saniyede switchover/failover<br />Storagedesteğinde (Serial Analog Terminal Adapter (SATA) diskler, JBOD (Just a Bunch of Disks) konfigürasyonları desteklenir hale geldi) <br />Standbycontinuous replication (SCR), local continuous replication (LCR), single copy cluster (SCC) ve cluster continuous replication (CCR) Exchange Server 2010’da kalktı<br />Management Tools sadece 64-bit’tir<br />Remote procedure call (RPC) Client Access veAddress Book servisleri<br />High Availability çözümleri geliştirildi: Outlook MAPI direk olarak Client Access Serverlara bağlanarak posta kutusu ve directory işlemlerini gerçekleştirir<br />ExOLEDB, WebDAV ve CDOExgitti<br />“Entourage EWS” Exchange Web Services kullanır<br />4<br />
    5. 5. Client Access Yöntemleri<br />Outlook 2007<br />Outlook 2003<br />Desktop<br />Web<br />Mobile<br />POP/IMAP<br />5<br />
    6. 6. Yükseltme GereksinimleriÖnceki sürümler için gereksinimler<br />Exchange Server 2003 Service Pack 2 (SP2) ve/veyaExchange Server 2007 SP2 mutlaka yüklenmeli<br />SP2 bütün CAS 2007 ve UM 2007 sunucularında kurulu olmalıdır<br />SP2 bütün diğer Exchange Server 2007 sunucularında da kurulmalıdır<br />Exchange Server 2007 SP2’nin getirdikleri<br />Exchange Server 2010 ile birlikte çalışabilme<br />Exchange Server 2010 schema yükseltme<br />Audit işlemleri<br />Seçimlik olarak schema extension özelliği<br />VSS backup plug-in<br />6<br />
    7. 7. Yükseltme Gereksinimleri:ADDomain ServicesDomain Name System (DNS) gerekesinimleri<br />Active Directory Domain Services<br />Windows Server® 2003 SP2 global catalog server (veya daha üstü) her Exchange AD DS site yapısı<br />Windows Server 2008 AD DS şart değil<br />Windows Server 2003 forest functional level olmalı<br />Desteklenen alan adları (namespace)<br />Disjoint (E2K7 ile gelir ve E2K7 desteğini sağlar)<br />Single-label domains (Şubat 2008 E2K7 desteklendi,E14 de destekleniyor)<br />Discontinuous (E2K3 desteğini sağlar)<br />7<br />
    8. 8. Exchange Server 2010 Kurulum Gereksinimleri<br />Windows Server 2008 SP2 veyaRelease 2 (R2) 64-bit sürümleri<br />Standard, Enterprise olabilir<br />Windows Management Framework<br />Windows PowerShell v2.0<br />Windows Remote Management v2.0<br />.NET Framework 3.5 SP1 <br />Internet Information Services (IIS)<br />http://technet.microsoft.com/en-us/library/bb691354(EXCHG.140).aspx<br />8<br />
    9. 9. Kurulum<br />Kurulum sihirbazı ile adım adım kurulum yapılabiliyor<br />Komut satırından setup /mode:install /roles:HT,MB,CA vs...<br />Kurulum sihirbazı spesifik ayarları yapmanıza da olanak sağlar<br />Dış CAS hostname: mail.cozumpark.com<br />externalUrl ileautodiscoverconfigürasyonları<br />Exchange Server 2003 routing groupconnector (RGC): Exchange Server 2003 server<br />9<br />
    10. 10. Alan adları ve URL yapısıHostnames veinternete açık servisler<br />Exchange Server 2007<br />Exchange Server 2003<br />Exchange Server 2010<br />mail.cozumpark.com<br />Outlook Web Access<br />/owa<br />Exchange Web Services<br />/ews<br />Offline Address Book<br />/oab<br />Unified Messaging<br />/unifiedmessaging<br />Outlook Mobile Access<br />/oma<br />Autodiscover.contoso.com<br />Autodiscover<br />/autodiscover<br />mail.cozumpark.com<br />Outlook Web Access<br />Outlook Web App<br />Exchange Control Panel<br />/ecp<br />Unified Messaging<br />/unifiedmessaging<br />legacy.cozumpark.com<br />Exchange Server 2003/Exchange Server 2007 services<br />mail.cozumpark.com<br />Outlook Web Acccess (OWA)<br />/exchange, /exchweb, /public<br />Exchange ActiveSync<br />/microsoft-server-activesync<br />Outlook Anywhere<br />/rpc<br />POP/IMAP<br />Outlook Mobile Access<br />/oma<br />smtp.cozumpark.com<br />Clients and SMTP servers<br />NOT: Sanal dizinler /owa yönlendirmesi ile tecrübe edilecek<br />10<br />
    11. 11. Exchange Server 2010SSL Sertifikalar<br />Çoklu yapıları korumak için Subject Alternative Name (SAN) sertifikaları kullanabilirsiniz<br />Site resilience senaryosu: Bir datacenter için bakıldığında Certificate Principal Name bütün sertifikalar üzerinde aynı olmalıdır<br />Eğer msstd: (default matches OA RPC End Point) konfigürasyonunda Principal Name aynı olmaz ise Outlook Anywhere bağlantı sağlayamayacaktır.<br />Set-OutlookProvider EXPR -CertPrincipalNamemsstd:pioneer.exchange.microsoft.com<br />Eğer mümkünse sunucu isimlerini sertifikalarda listelememeye özen gösterilmelidir.<br />OCS sertifika gereksinimi<=1024 bit keys, ve server ismicertificate principal name üzerinde olacak<br />Best practice: Sertifikaların sayısını azaltın<br />CAS servers + reverse proxy + Edge/Hub sunucuları için 1 sertifika<br />OCS için ek bir sertifika olabilir<br />11<br />
    12. 12. Adım adım Sertifika işlemleri<br />New-ExchangeCertificate<br />-GenerateRequest<br />-SubjectName "c=TR, o=Cozumpark, cn=mail.cozumpark.com“<br />-DomainNamemail.cozumpark.com, autodiscover.cozumpark.com, legacy.cozumpark.com<br />-PrivateKeyExportable $true<br />Sertifika talep dosyasının oluşturulması<br />CA üzerinden sertifikanın talep edilmesi ve hazırlanması<br />import-ExchangeCertificatekomutumuz ile oluşturulan sertifikanın import edilmesi<br />Enable-ExchangeCertificatekomutu ileExchange servislerine sertifikanın uyarlanması<br />12<br />
    13. 13. Sertifika işlemleriSertifika Sihirbası<br />Exchange Server 2010 sertifika sihirbazına sahip<br />Server Configuration bölümünde mevcut<br />Adım adım ihtiyacınız olan senaryolar için sertifika üretmenize olanak sağlar<br />Neler var ?<br />Sertifika talebi oluşturmak<br />Sertifika import etmek ve servislere atamak işlemleri<br />13<br />
    14. 14. Exchange Server 2010Split-brain DNS<br />Best practice: Exchange Server istemcileri “Split DNS” (iç ve dış istemciler için ayrı DNS zone)<br />Hostname sayısı az olmalı<br />İç ve dış Exchange bağlantısı için mail.cozumpark.com gibi bir tanımlama yapılmalı<br />mail.cozumpark.com intranet/Internet DNS’te farklı IP adreslerine sahiptir<br />Diğer sunuculara servislere ait kayıtların da iç DNS üzerinde oluşturulmasına dikkat edilmeli<br />14<br />
    15. 15. Exchange Server 2010CAS Load Balancing<br />OWA veEWS load balancing içinClient<->Server ilişkisi olmalı<br />Client-IP tabanlıWindows Network Load Balancing (NLB) veyaLB aygıtı kullanılabilir<br />İstemcilerin Autodiscoveristekleri: Sanal dizinler üzerinde internalURLveexternalURLparametrelerini ayarlamak gerekir<br />Örnek: Set-WebServicesVirtualDirectory cas2010ews* -ExternalURL https://mail.cozumpark.com/ews/exchange.asmx<br />Outlook istemcilerinin intranet Messaging Application Programming Interface (MAPI) erişiminde nasıl hareket edeceklerini belirleyin<br />New-clientaccessarrayve set-mailboxdatabase<br />15<br />
    16. 16. Exchange Server 2010CAS Load Balancing<br />CAS AutoDiscoverServiceInternalUrlözelliğiNLB fully qualified domain name (FQDN) yapısına göre ayarlanmalı<br />Web Services özelliğine baktığımızdaInternalNLBBypassURL ise Server FQDN yapısına göre yapılmalı<br />Sanal Dizinleri Uniform Resource Locators (URL) ayarlarını aşağıdaki tabloya göre yapmalı;<br />16<br />
    17. 17. Kısaca Yükseltme işlemi<br />İnternete açık olan site ilk önce yükseltilmeli<br />2<br />Exchange Server 2010 sunucularının kurulumları<br />CAS önce; MBX en son<br /><ul><li>Basit bir şekilde başlayın
    18. 18. Daha fazla sunucu ekleyin ve mailbox databaseleri taşıyın</li></ul>Internete açıkAD DS Site<br />İç site yapısını ikinci olarak yükselt<br />4<br />Taşıma işlemi<br /><ul><li>Internet hostnames -CAS2010
    19. 19. UM phone number -UM2010
    20. 20. SMTP end point -HUB2010</li></ul>Internal AD DS Site<br />CAS-CAS<br />proxy<br />https://autodiscover.cozumpark.com<br />https://mail.cozumpark.com<br />5<br />CAS, HUB, UM,<br />MBX 2010<br />Internet<br />Mailbox taşıması<br />CAS, HUB, <br />UM, MBX<br />https://legacy.cozumpark.com<br />3<br />FE/CAS için ‘Legacy’ hostname <br /><ul><li>SSL sertifikasının temin edilmesi
    21. 21. Son kullanıcılar bu ismi görmez
    22. 22. FExchangeServer 2003/CAS2007 MBX2003/MBX2007 erişimine yönlendirmelerde son kullanıcılara bilgi verir (yönlendirir)</li></ul>1<br />FE, BE, CAS, HUB, UM, MBX 2003 or 2007<br />Varolan sunucuları SP2’ye yükselt<br />6<br />Eski sunucuları kaldırın<br />17<br />
    23. 23. Remote Connectivity Analyzer<br />https://www.testexchangeconnectivity.com/<br />Beta aşamasında<br />Test işlemleri<br />Exchange ActiveSync (EAS)<br />Outlook Anywhere (RPC/ HyperText Transfer Protocol (HTTP))<br />Autodiscover<br />Simple Mail Transfer Protocol (SMTP)<br />Daha fazlası da geliyor...<br />Yükseltme işlemlerinin her aşamasında kullanılabilir<br />18<br />
    24. 24. CAS2010 GeçişHazırlıklar<br />Gerekli hostname barındıran SSL sertifikasını temin ediyoruz<br />mail.cozumpark.com<br />autodiscover.cozumpark.com<br />legacy.cozumpark.com<br />Bütün Exchange serverları SP2’ye yükseltiyoruz<br />integratedWindows Authentication on Exchange Server 2003 MSAS virtual directory (KB 937031) aktif hale getirilir<br />CAS2010 serverların kurulumu ve konfigürasyonu yapılır<br />InternalURLsveExternalURLs konfigüre edilir<br />Outlook Anywhere aktif edilir<br />Exchange Server 2003URL parametresi tanımlanır;https://legacy.contoso.com/exchange<br />19<br />
    25. 25. CAS2010 GeçişHazırlıklar<br />CAS2010 load balanced array varsa dahil edilir<br />CAS2010 RPC Client Access Service array yapılandırılır<br />MAPI RPC veHTTPS portlarının yük dengelemesinin yapıldığından emin olun<br />HUB2010 ve MBX2010 serverları kurulur<br />routing coexistence yapılandırılır<br />offline address book (OAB) web-based distribution ayarlanır<br />DNS (internal/external) içinde Legacy kayıtları açılır<br />Legacy publishing kuralları reverse proxy/firewall üzerindeFExchangeServer 2003/CAS2007 array refere edicek şekilde yapılandırılır<br />ExRCAkullanarakLegacy namespace bağlantı testleri yapılır<br />20<br />
    26. 26. CAS2010Geçiş<br />autodiscover…<br />mail…<br />legacy…<br />Geçiş işlemi çok kısa kesintiye sebebiyet verebilir<br />internal DNS güncelle vemail.cozumpark.com kaydının CAS2010 array’i refere ettiğini kontrol edin<br />Autodiscoveryayınlama kuralını güncelleyerek yada yeniden oluşturarakCAS2010 array’i refere etmesini sağla<br />Mail yayınlama kurallarını güncelleyerekCAS2010 array’i refere etmesini sağlıyoruz<br />Exchange Server 2010 spesifik sanal diznlerini unutmuyoruz<br />Legacy Exchange üzerinde Outlook Anywhere devre dışı bırakıyoruz<br />CAS2010’unCAS2007’ye içeriden ve dışardan yönlendirildiğini test edin<br />ISA<br />1<br />2<br />2<br />Exchange Server 2010 CAS+HUB+MBX<br />E200x SP2<br />İstemciler Exchange Server 2010’aAutodiscover… vemail… üzerinden erişiyor<br />1<br />Exchange Server 2003/Exchange Server 2007’ye direkt yönlendirme ve proxy işlemleri<br />2<br />21<br />
    27. 27. Client Access Senaryoları<br />İstemciler önce CAS2010’a gelir<br />Exchange Server 2003/Exchange Server 2007 mailboxes için 4 farklı durum oluşur;<br />Autodiscover istemcilere CAS2007 ile haberleşmelerini bildirir<br />HTTP redirect FExchange Server 2003 veya CAS2007<br />ProxyingCAS2010 ‘dan gelen istekler CAS2007’ye<br />Direct CAS2010 supportBExchange Server 2003 ve MBX2007 servislerine karşı<br />22<br />
    28. 28. Outlook Web AccessExchange Server 2003/2010 Coexistence<br />OWA ExternalURL: https://mail.cozumpark.com<br />OWA ExchangExchange Server 2003URL: https://legacy.cocumpark.com/exchange<br />HTTPS Traffic (External)<br />HTTPS Traffic (Internal)<br />RPC Traffic (Internal)<br />legacy.cozumpark.com DNS içinde çözümlenir<br />HTTP Traffic (Internal)<br />Internet Facing AD Site<br />Non-Internet Facing AD Site<br />Exchange Server 2003<br />MBX<br />Exchange Server 2003<br />FE<br />Exchange Server 2010<br />CAS<br />Exchange Server 2010<br />MBX<br />Exchange Server 2003<br />MBX<br />SSO Redirect<br />SSO Redirect<br />23<br />
    29. 29. Outlook Web AccessExchange Server 2007/2010 Coexistence<br />OWA ExternalURL: https://mail.cozumpark.com<br />OWA ExchangExchange Server 2003URL: https://legacy.cozumpark.com/exchange<br />OWA ExternalURL: https://region.mail.cozumpark.com<br />HTTPS Traffic (External)<br />HTTPS Traffic (Internal)<br />RPC Traffic (Internal)<br />OWA ExternalURL: https://legacy.cozumpark.com<br />HTTP Traffic (Internal)<br />Internet Facing AD Site<br />Regional Internet Facing AD Site<br />Non-Internet Facing AD Site<br />Exchange Server 2007<br />CAS<br />Exchange Server 2010<br />CAS<br />Exchange Server 2010<br />MBX<br />Exchange Server 2007<br />CAS<br />Exchange Server 2003<br />MBX<br />Exchange Server 2007<br />CAS<br />Exchange Server 2007<br />MBX<br />Exchange Server 2007<br />MBX<br />Exchange Server 2007<br />MBX<br />Manuel Yönlendirme<br />Proxy<br />SSO Redirect<br />24<br />
    30. 30. Exchange Actvive Sync ClientExchange Server 2003/2010 Coexistence<br />HTTPS Traffic (External)<br />HTTPS Traffic (Internal)<br />EAS ExternalURL: https://mail.cozumpark.com<br />RPC Traffic (Internal)<br />HTTP Traffic (Internal)<br />Internet Facing AD Site<br />Non-Internet Facing AD Site<br />Exchange Server 2003<br />FE<br />Exchange Server 2010<br />CAS<br />Exchange Server 2010<br />MBX<br />Exchange Server 2003<br />MBX<br />Exchange Server 2003<br />MBX<br />Direct Connect<br />Direct Connect<br />25<br />
    31. 31. EAS ClientExchange Server 2007/2010 Coexistence<br />EAS ExternalURL: https://mail.cozumpark.com<br />HTTPS Traffic (External)<br />HTTPS Traffic (Internal)<br />RPC Traffic (Internal)<br />EAS ExternalURL: https://legacy.cozumpark.com<br />HTTP Traffic (Internal)<br />Internet Facing AD Site<br />Non-Internet Facing AD Site<br />Exchange Server 2007<br />CAS<br />Exchange Server 2010<br />CAS<br />Exchange Server 2010<br />MBX<br />Exchange Server 2007<br />CAS<br />Exchange Server 2007<br />MBX<br />Exchange Server 2003<br />MBX<br />Exchange Server 2007<br />MBX<br />Proxy<br />451 Redirect<br />Proxy<br />26<br />Direct Connect<br />
    32. 32. OA Client ExperiencesExchange Server 2003/2007/2010 Coexistence<br />ExternalURLs: https://mail.contoso.com<br />OA endpoint: https://mail.contoso.com<br />RPC/HTTPS Traffic (External)<br />EWS/OAB Traffic<br />Outlook RPC Traffic<br />ExternalURLs: https://legacy.contoso.com<br />Internet Facing AD Site<br />Non-Internet Facing AD Site<br />Exchange Server 2010<br />CAS<br />Exchange Server 2010<br />MBX<br />Exchange Server 2007<br />CAS<br />Exchange Server 2007<br />CAS<br />Exchange Server 2007<br />MBX<br />Exchange Server 2003<br />MBX<br />Exchange Server 2007<br />MBX<br />Direct Connect<br />Direct Connect<br />27<br />
    33. 33. SMTP TransportUpgrade<br />Mail akışını EdgeExchange Server 2010’a geçir<br />Internet SMTP Servers<br />5<br />4<br />Edge 2010 kur<br />Varolan Exchange Server 2003 veExchange Server 2007 serverlar SP2’li olacak<br />1<br />Exchange Server 2010 Edge<br />Exchange Server 2007 Edge<br />Her lokasyon için bu yapılabilir<br />Edge serverlar seçimliktir<br />Edge 2007 SP2 HUB2010 ile kullanılabilir<br />3<br />Edgesync+ SMTP’yi HUB2010’a yönlendir<br />AD Site<br />Exchange Server 2003 Routing Group<br />Exchange Server 2003<br />Bridgehead<br />Exchange Server 2010<br />HUB<br />Exchange Server 2007<br />HUB<br />2<br />HUB veMBX 2010 kurulumu<br />Exchange Server 2010 MBX<br />Exchange Server 2003<br />Back-End<br />Exchange Server 2007 MBX<br />28<br />
    34. 34. Transport Rule Migration (1) <br />Exchange Server 2010 İletim Kurallarını AD DS lokasyonunda tutar<br />Exchange Server 2007: CN=Transport, CN=Rules, CN=Transport Settings, CN=<org name>, CN=Microsoft Exchange, CN=Services<br />Exchange Server 2010: CN=TransportVersioned, CN=Rules, CN=Transport Settings, CN=<org name>, CN=Microsoft Exchange, CN=Services<br />İki farklı migration yöntemi mevcut:<br />Automatic – kurulum aşamasında gerçekleştirilir<br />Manual – komut satırından komutlarla gerçekleştirilir<br />Exchange Server 2010 rules engine geriye doğru uyumludur<br />Read & apply legacy Exchange Server 2007 rules<br />Exchange Server 2007 veyaExchange Server 2010 hub transport role üzerinden aynı kurallar mesajlara uyarlanır<br />29<br />
    35. 35. Transport Rule Migration (2) Otomatik<br />Exchange Server 2010 Setup AD DS var olanTransportVersionedcontainer sorgulamasını yapar<br />Exchange Server 2007 Rules ile ilgili sorgulama yapılır<br />Eğer Exchange Server 2007 kuralları varsa:<br />Export-TransportRuleCollectionkomutunu çalıştırır ve legacy transport rules (temp.xml) diye çıkarır<br />Import-TransportRuleCollection komutunu çalıştırılır ve legacy transport kuralları import edilerekTransportVersionedcontainer içine alınır<br />temp.xml silinir<br />30<br />
    36. 36. Transport Rule Migration(3) Manuel<br />Exchange Server 2010 setup yapılabilir durumda ise mgiration yapılabilir<br />Güncellenmiş Exchange Server 2010 cmdlets kullanılır<br />Export/Import-TransportRuleCollection<br />Export Exchange Server 2007  Import Exchange Server 2010 <br />Export Exchange Server 2010  Import Exchange Server 2007<br />import aşamasında varolan kuralların üzerine yazılabilir<br />31<br />
    37. 37. Unified Messaging Yükseltme<br />private branch exchange/gateways (PBX/GWs): 1 Dial Plan, Redirect<br />Office Communications Server: 2 Dial Plans, Direct<br />1.Adım :<br />UM 2010 ve var olan planı değerlendir<br />1.Adım :<br />UM 2010 ‘u yeni dial plan ,OVA# ile değerlendir<br />2.Adım :<br />Route IP GW/PBX çağrılarınıUM 2010 dial plan yönlendir<br />2.Adım :<br />UM 2007’yiUM-enabled mailboxes taşındıktan sonra kaldır<br />3.Adım :<br />UM 2007’yiUM-enabled mailboxes taşıması yapılınca kaldır<br />32<br />
    38. 38. Online Move Mailbox (Move Requests) <br />Posta kutuları taşınırken kullanıcılar online kalır (anlamazlar)<br />Taşıma sonunda:<br />Son mesajdan sonra kısa bir kesinti oluşur<br />Client yeni database yerini bulur otomatik olarak ve süreç devam eder<br />Artık mesai saatleri içinde bile taşıma işlemlerini rahatlıkla yapabiliriz<br />Online:<br />Exchange Server 2007 SP2, Exchange Server 2010 -> Exchange Server 2010, Exchange Online<br />Offline:<br />Exchange Server 2003 -> Exchange Server 2010<br />Exchange Server 2010 -> Exchange Server 2003/Exchange Server 2007<br />E-Mail Client<br />Client Access Server<br />Mailbox Server 1<br />Mailbox Server 2<br />33<br />
    39. 39. Önemli noktalar...<br />Exchange Server 2007 SP2 yeni bileşenler barındırır ve Exchange Server 2010 coexist için gereklidir<br />Exchange Server 2010 CAS direkt olarak mailbox verilerine erişime olanak verir (protokol ve mailbox versiyonuna göre)<br />Online mailbox taşıma işlemi sayesinde kullanıcıların mesaj akışını kesintiye uğratmadan yapabiliyoruz<br />34<br />
    40. 40. Teşekkürler...<br />

    ×