Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2011-10-31
You can use Microsoft Exchange Server 2010 Setup to install the first server running Exchange 2010 in an existing Exchange Server 2003 organization.
You can't perform an in-place upgrade from Exchange 2003 to Exchange 2010. However, you can install an Exchange 2010 server into the existing Exchange organization, and then move the Exchange resources, such as mailboxes, public folders, and connectors to Exchange 2010.
After you perform this procedure, your organization will be running in a coexistence mode. You can maintain this mode for an indefinite period of time, or you can immediately complete the upgrade to Exchange 2010 by moving all resources from Exchange 2003 to Exchange 2010, and then decommissioning the Exchange 2003 servers.
When you install Exchange 2010 in an existing Exchange 2003 organization, Setup performs the following coexistence-specific tasks:
- Creates the Active Directory universal security group
ExchangeLegacyInterop. This group is granted the permissions that
allow the Exchange 2003 servers to send e-mail messages to the
Exchange 2010 servers.
- Creates a two-way routing group connector between Exchange 2010
and a selected Exchange 2003 bridgehead server. Exchange 2010 and
Exchange 2003 use different routing topologies. You must configure
a routing group connector to enable mail flow between the Exchange
For information about performing a custom installation, see Install Exchange 2010 Using the Custom Installation Type. For information about installing Exchange 2010 in unattended mode, see Install Exchange 2010 in Unattended Mode.
Although it's a better practice to introduce Exchange 2010 into your Exchange 2003 organization and use Edge Subscriptions, you may want to start using Edge Transport servers before you start your upgrade. For more information, see Deploy the Edge Transport Server Role in an Existing Exchange 2003 Organization Before Upgrading to Exchange 2010.
Exchange Server 2010 Deployment Assistant
Exchange Server 2010 introduces the Exchange Server Deployment Assistant, or ExDeploy, a new Web-based tool that can help you with your Exchange deployment. ExDeploy asks you a few questions about your current environment and then generates a custom checklist and procedures that help simplify your deployment.
For more information, see Exchange Server Deployment Assistant.
You must ensure that each of the servers meets the appropriate prerequisites and system requirements before you begin your installation. For more information, see the following topics:
- Overview of
Exchange 2010 Server Roles
2010 System Requirements
|After you install Exchange 2010 on a server, you must not change the server name. Renaming a server after you have installed an Exchange 2010 server role is not supported.|
Install Exchange 2010
If this is the first instance of Exchange 2010 that you're installing into your existing organization, make sure that you install the Client Access server role first, followed by the Hub Transport server role, followed by the Unified Messaging server role, and last, the Mailbox server role. For more information about the Client Access server role, see "Configure the Client Access server" later in this topic.
To perform the following procedure, the account you use must be delegated membership in the Schema Admins group if you haven't previously prepared the Active Directory schema. If you're installing the first Exchange 2010 server in the organization, the account you use must have membership in the Enterprise Admins group. If you've already prepared the schema and aren't installing the first Exchange 2010 server in the organization, the account you use must be delegated the Delegated Setup role group.
|For information about preparing Active Directory for Exchange 2010, see Prepare Active Directory and Domains. For information about permissions in Exchange 2010, see Understanding Permissions and Understanding Role Based Access Control.|
- Insert the Exchange 2010 DVD into the DVD drive. When the
AutoPlay dialog box appears, click Run Setup.exe
under Install or run program. If the AutoPlay dialog
box doesn't appear, navigate to the root of the DVD and
double-click Setup.exe. Alternatively, browse to the
location of your Exchange 2010 installation files and double-click
- The Exchange Server 2010 Setup welcome screen appears. In the
Plan section, you can follow the links to read overview
information regarding Exchange 2010, deploying languages, and the
Exchange 2010 Deployment Assistant. In the Enhance section,
you can read more information about Forefront Protection 2010, and
install Microsoft Forefront Protection 2010. In the Install
section, the software listed for Step 1: Install .NET Framework
3.5 SP1 and Step 2: Install Windows PowerShell v2 was
installed with the Exchange 2010 prerequisites. However, if these
prerequisites aren't already installed, click the appropriate step
to install them.
For more information about Windows PowerShell installation, see Install Windows Management Framework.
Important: If you're installing Exchange 2010 on the Windows Server 2008 R2 operating system, don't use the downloadable .NET Framework package. Instead, use Server Manager in Windows Server 2008 R2 or run ServerManagerCmd -i NET-Framework.
- When Step 1 and Step 2 are shown as
Installed, click Step 3: Choose Exchange language
option to expand the Exchange language options, and then choose
the appropriate option:
- Install all languages from the language
bundle This option installs all the Exchange
2010 languages from an Exchange 2010 language bundle. You can
connect to the Internet to download the latest applicable language
bundle or to use a previously downloaded language bundle on a local
drive or network share. Internet connectivity is required for
Exchange Setup to download the language pack bundle.
- Install only languages from the
DVD This option installs only the languages
included with the Setup DVD. The installation of additional
language support requires installing the languages from the
For more information about Exchange language options, see Exchange 2010 Language Support.
- Install all languages from the language bundle This option installs all the Exchange 2010 languages from an Exchange 2010 language bundle. You can connect to the Internet to download the latest applicable language bundle or to use a previously downloaded language bundle on a local drive or network share. Internet connectivity is required for Exchange Setup to download the language pack bundle.
- After language installation is complete, click Step 4:
Install Microsoft Exchange. This option starts the Exchange
Server 2010 Setup wizard.
Note: After your installation is complete, you can return to Step 5: Get critical updates for Microsoft Exchange.
- On the License Agreement page, review the software
license terms. If you agree to the terms, select I accept the
terms in the license agreement, and then click Next.
- On the Error Reporting page, click Yes, and then
- On the Installation Type page, click Typical Exchange
Server Installation. If you want to change the path for the
Exchange 2010 installation, click Browse, locate the
appropriate folder in the folder tree, and then click OK.
Note: If you choose the Typical Exchange Server Installation option, you won't be able to install the Unified Messaging server role or Edge Transport server role during this installation. You can add additional server roles later if you don't install them during this installation.
- On the Configure Client Access Server external domain
page, enter a domain name to use to configure your Client Access
servers. Click Next. For more information about configuring
Client Access servers, see "Configure the Client Access Server"
later in this topic.
- On the Customer Experience Improvement page, choose the
appropriate selection for your organization, and then click
- On the Readiness Checks page, view the status to
determine whether the organization and server role prerequisite
checks completed successfully. If they completed successfully,
click Install to install Exchange 2010.
- On the Completion page, click Finish.
Configure the Client Access Server
If this is the first Exchange 2010 server you've installed in your Exchange 2003 organization, you need to perform several additional steps to configure your Exchange 2010 Client Access server.
- If your organization requires Outlook Anywhere access, enable
Outlook Anywhere as shown in the following example.
Enable-OutlookAnywhere -Server:<CAS2010> -ExternalHostName:mail.contoso.com -SSLOffloading $false
- If you didn't configure a primary external namespace during
setup, configure the virtual directories for the offline address
book (OAB), Exchange Web Services, Microsoft Exchange ActiveSync,
Microsoft Office Outlook Web App, and Exchange Control Panel
(ECP) as shown in the following examples.
This example configures the virtual directories for the OAB.
Set-OABVirtualDirectory <CAS2010>\OAB* -ExternalUrl "https://mail.contoso.com/OAB"
Set-WebServicesVirtualDirectory <CAS2010>\EWS* -ExternalUrl https://mail.contoso.com/ews/exchange.asmx
Set-ActiveSyncVirtualDirectory -Identity <CAS2010>\Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com"
Set-OwaVirtualDirectory <CAS2010>\OWA* -ExternalUrl https://mail.contoso.com/OWA
Set-EcpVirtualDirectory <CAS2010>\ECP* -ExternalUrl https://mail.contoso.com/ECP
- Configure the Exchange 2003 URL property on the /owa virtual
directory. This is necessary for Exchange 2003 and Exchange 2010 to
coexist. This example configures this property.
Set-OwaVirtualDirectory <CAS2010>\OWA* -Exchange2003Url https://legacy.contoso.com/exchange
Note: You must enable forms-based authentication on the Exchange 2003 front-end server to allow your users to access their mailboxes through a single sign-on during the coexistence period.
- Change the OAB generation server and enable Web distribution on
the Exchange 2010 Client Access server using the following
- Move the OAB as shown in this example.
Move-OfflineAddressBook "Default Offline Address List" -Server <MBX2010>
- Add the Exchange 2010 Client Access server as a Web
distribution point as shown in these examples.
Get-OABVirtualDirectory -Server <CAS2010>
Get-OfflineAddressBook "Default Offline Address List"
$OAB.VirtualDirectories and $OABVdir.DistinguishedName =
Set-OfflineAddressBook "Default Offline Address List" -VirtualDirectories $OAB.VirtualDirectories
- Move the OAB as shown in this example.
- Enable Integrated Windows authentication on the
Microsoft-Server-ActiveSync virtual directory on the Exchange 2003
back-end server. This allows the Exchange 2010 Client Access server
and the Exchange 2003 back-end server to communicate using Kerberos
authentication. Do one of the following:
- Install a hotfix. To download the hotfix, see Event ID 1036 is logged on an Exchange 2007
server that is running the CAS role when mobile devices connect to
the Exchange 2007 server to access mailboxes on an Exchange 2003
back-end server. Use Exchange System Manager to adjust the
authentication settings of the Exchange ActiveSync virtual
- Set the msExchAuthenticationFlags attribute to a value
of 6 on the Microsoft-Server-ActiveSync object within the
configuration container on each Exchange 2003 Mailbox server. For
an example script, see Server Build DVD Visual Basic Script Examples.
Important: Don't use IIS Manager to change the authentication setting on the Microsoft ActiveSync virtual directory, because the DS2MB process within the Microsoft Exchange System Attendant will overwrite the settings stored in Active Directory.
- Install a hotfix. To download the hotfix, see Event ID 1036 is logged on an Exchange 2007 server that is running the CAS role when mobile devices connect to the Exchange 2007 server to access mailboxes on an Exchange 2003 back-end server. Use Exchange System Manager to adjust the authentication settings of the Exchange ActiveSync virtual directory.
- Create a legacy host name in your external Domain Name System
(DNS) infrastructure and associate this host name with your
Exchange 2003 front-end server or with your proxy infrastructure.
See "Create a Legacy Host Name" later in this topic.
- Reconfigure your external DNS settings or the publishing rules
for your reverse proxy infrastructure to have your original
namespace of mail.contoso.com point to your Exchange 2010 Client
Access server or Client Access server array.
Create a Legacy Host Name
The exact steps for this procedure depend on your Internet service provider (ISP) and firewall configuration. Example steps for GoDaddy are provided to show you how this works. Your actual steps may vary. In general, you need to perform the following steps.
- Create a DNS host (A) record in your internal and external DNS
servers that points to the IP address of your legacy
Internet-facing Exchange server (for example, Exchange Server 2007
Client Access server or Exchange 2003 front-end server) in internal
DNS or the public IP address on your reverse proxy or firewall
solution (external DNS). The host name should be in the format of
legacy.domain.com (for example, legacy.contoso.com).
- Create a publishing rule for the legacy host name in your
reverse proxy or firewall solution to point to your legacy
Internet-facing Exchange server. Refer to your proxy or firewall
solution's user manual for instructions about how to do this.
- Configure the existing DNS host (A) record in your internal and
external DNS servers for your original host name (for example,
mail.contoso.com) to point to your Exchange 2010 organization, for
example, the IP address of your Client Access server or array
(internal DNS), or the public IP address on your reverse proxy or
firewall solution (external DNS).
For example, if your provider is GoDaddy.com, you can create a DNS host (A) record and associate it with your legacy Exchange infrastructure.
- From your GoDaddy account management home page, click Domain
Manager under the My Products heading in the left
- If prompted, log on to your account.
- In the Total DNS section of the Domain Manager
information screen, click Total DNS Control.
- In the A (Host) section of the Total DNS Control
screen, click Add new A record.
- Enter the host name, for example, legacy.contoso.com, and enter
the IP address of your legacy Exchange server in the Points to
IP address box.
- Choose a TTL (Time to Live) value. If you're performing
this step well in advance of your Exchange 2010 installation, you
can choose 1 day or 1 week from the drop-down list
box. Otherwise, choose the default of 1 hour or 1/2
- Click OK to complete your changes.
- From your GoDaddy account management home page, click Domain Manager under the My Products heading in the left sidebar.
Verify the legacy host name is accessible from the Internet
From outside your firewall, perform the following steps, using your specific domain name.
- Navigate to https://mail.contoso.com/owa, and then verify that
you can access Outlook Web App for a user whose mailbox is on
- Navigate to https://legacy.contoso.com/exchange, and then
verify that you can access Outlook Web App for a user whose mailbox
is on a legacy Exchange server.
- Navigate to https://mail.contoso.com/owa, and then verify that
you can access Outlook Web App for a user whose mailbox is on a
legacy Exchange server.
You can also use the Microsoft Exchange Server Remote Connectivity Analyzer to verify connectivity for the legacy namespace. To use the Remote Connectivity Analyzer, see Microsoft Exchange Remote Connectivity Analyzer.
Verify Installation and View Configuration Objects
To verify that Exchange 2010 installed correctly, see Verify an Exchange 2010 Installation. After installation is complete, you can view the Exchange 2010 configuration objects in the Exchange Management Console (EMC).
|You can only view and manage the Exchange 2010 configuration objects using the EMC in Exchange 2010.|
To verify that mail flow is working correctly, you can perform the following procedure:
- Configure your Hub Transport server. For more information, see
- Create a mailbox on the Exchange 2010 Mailbox server. For more
information, see Create a
- Send an e-mail message from the Exchange 2010 mailbox to a user
who has a mailbox that is located on an Exchange 2007 server.
Verify that the e-mail message is received.
- Send an e-mail message from a user who has a mailbox that is
located on an Exchange 2007 server to the new Exchange 2010 mailbox
user. Verify that the e-mail message is received.
You can also use the Exchange Remote Connectivity Analyzer to test Exchange connectivity.
Finally, be sure to perform the tasks described in Finalize Deployment Tasks that are required for the server roles that you have installed.
|Exchange 2010 now creates system address lists in a new
container. Recipients created or modified using Exchange 2003 or
Exchange 2007 management tools won’t be stamped with these system
address lists. As a result, they won’t be seen by the Exchange 2010
To fix this issue, you must enable Active Directory virtual list view (VLV). After you have completed the upgrade of an existing Exchange 2003 organization to Exchange 2010 and have decommissioned your Exchange 2003 servers, you must enable Active Directory VLV. To enable VLV for Exchange 2010, run the Enable-AddressListPaging cmdlet. For more information, see Enable-AddressListPaging.