Server 2008R2 Domain w/Exhcange 2010 Migration to Server 2012R2 w/Exchange 2013

Well, where I currently work I was told when I was hired I needed to obtain some certifications. I’ve been slacking. Partially due to alot going on in my life and partially from a lack of hardware. All that changed a few weeks ago when my old boss (Yes Steve, that’s you) provided me access to a Dell PowerEdge 1900 … granted it’s from 2007 and only has a single quad core Xeon … but it supports VTX and has a SAS Perc5i (bonus!) I promptly upgraded the thing to 16GB RAM (max) and dropped some SATA2 HD’s in it (I’m not paying for SAS drives for a learning machine.)

I started out with a single instance of MS Server 2008R2 Enterprise for using HyperV (for my 2012 certs I wanted to be able to do everything in VM form so I could trash stuff and it wouldn’t matter.) I also had another system, just a core2duo, running MS Server 2008R2 as a domain controller with Exchange 2010 on it (yes Matt, I know, this is NOT best practice.)

To get myself moving, I started by creating a 2012R2 VM and putting it on a VLAN and subnet seperate from my home network so I could follow along with the Train Signal training videos. Me being who I am this was just not enough. So I made the decision to try to migrate my existing 2008 infrastructure to 2012 … and I must say it went off fairly well …

First, I created a new VM on my regular subnet/VLAN using 2012R2 Std. I promoted it to a DC and gave it 8 hours to replicate everything. Once it was done replicating, I grabbed the FSMO roles (and MAN is that EASY in 2012), and then demoted the 2008R2 DC.

Next, I created another 2012R2 Std VM and installed Exchange 2013. I followed the guide below and was able to migrate the data and discontinue the old 2010 one with very little effort.

http://www.petenetlive.com/KB/Article/0000788.htm

Now, as anyone knows, rarely does a migration go off without a hitch and I did hit a few …

Once everything was done, I quickly found that my Barracuda SPAM-100 was no longer passing mail to Exchange … so, I logged into the Exchange Admin Center and located my normal receive connector that handles port 25 traffic and allow anonymous connections. Now, I know what you’re thinking, “ARE YOU NUTS!? No authentication on port 25?! You’ll become a spam hub!” and normally you’d be correct. The exception here is NO traffic comes in on 25 (more on that later.) And, this of course didn’t fix the issue … Barracuda still says connection refused … well, I’m stupid … I forgot that my DC (which was x.x.x.2 and is now x.x.x.3) no longer handles Exchange, so changing the Barracuda to go from pointing at the old 2008R2 on .2 to the new 2012 on .3 is rather pointless … perhaps I should trying pointing it at the 2012 on .5 which is now Exchange … HEY! wouldn’t you know it that worked! Mail is again flowing happily.

Oh, that ‘more on that later thing’ … I setup Exchange mainly to make it easier to sync my POP ISP account between my laptop, phone, ipad, etc … so I use the POP connector on the Barracuda to fetch my email, filter it, and pass it to Exchange. Exchange sends mail via a smarthost by connecting to my ISP’s SMTP server. So, I never have 25 open to the world.

So, now email is up, the domain is migrated, everyone is happy right? Wrong. DNS internally was fast as could be, but externally it was taking forever … so I started researching and there were tons of ‘do this’ and ‘do that’ kind of results, but one caught my eye … link is below … but in essence, they had removed a DC and still had a forwarder to it on the replacement server under DNS … could it be that easy? Yes, yes it can. Open the DNS panel, look under forwarders, and BAM! x.x.x.2 is there; remove that and we are golden!

http://blog.netnerds.net/2007/04/fix-slow-external-dns-resolution-in-microsoftactive-directory-dns-server/

And that’s how I spent my evening and last night …

Leave a Reply

Your email address will not be published. Required fields are marked *