Jul 01 2020 12:45 AM
Hi All,
We are about to decomission our on-premises Exchange server after moving all our mailboxes to Office 365.
We have quite lot of devices and applications are configured with smtp.mydomain.com relay address.
So how do i keep the same name and relay emails without changing?
AS
Jul 01 2020 02:02 AM
Are you synchronising your AD with Azure AD or are your O365 accounts now cloud only?
If you are still syncing using Azure AD Connect, then Microsoft recommended and supported practice is to leave 1 Exchange On-Premises server to manage attributes, and act as the SMTP relay.
If you are cloud only now, then you have the following options available to you.
Jul 02 2020 12:08 AM
Jul 02 2020 12:19 AM
As you are using hybrid identity, I strongly recommend that you leave a single Exchange server in place to manage attributes and SMTP relay. This is what Microsoft both recommend and more importantly will support. If you have have some O365 E1 or E3 licences on your tenant, you qualify for a free Exchange 2016 hybrid licence key, and you can install Exchange 2016 to handle all this for you and retire your older Exchange 2010 server(s). Definitely the path of least resistance and will keep you in a supported position.
Jul 02 2020 12:48 AM
Jul 02 2020 01:05 AM
Jul 02 2020 11:26 PM
Hi Peter,
We have ADFS setup and few service mailboxes so do you have good guid for me to upgrade a Hybrid Exchange 2010 Server to 2016?
As
Jul 02 2020 11:52 PM
You need to first ensure that any Exchange 2010 servers that you have in your environment are fully service packed and up to date before you install your Exchange 2016 server and update your hybrid configuration.
You will need to install the prerequisites for Exchange 2016 on your new server which include running the following in PowerShell;
Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS
Install the Microsoft Unified Communications Managed Api 4.0 on the Exchange 2016 server from -
https://www.microsoft.com/en-gb/download/details.aspx?id=34992
Install the Microsoft Visual C++ 2013 redistributable (x64) on the Exchange 2016 server from - https://www.microsoft.com/en-gb/download/details.aspx?id=40784
Install the .Net 4.7.2 framework onto the Exchange 2016 server from - https://dotnet.microsoft.com/download/dotnet-framework/net472
Next, you need to extend your AD schema for the Exchange 2016 attributes. This is done as follows;
Connect to Exchange Online PowerShell as below;
$Cred=GET-CREDENTIAL
$s = NEW-PSSESSION -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $Cred -Authentication Basic -AllowRedirection
$importresults=import-pssession $s
Export the tenantconfig.xml file by running the following;
Get-OrganizationConfig | Export-Clixml -Path TenantConfig.XML
Next, prepare the schema as below - setting the folder path to where you saved the xml file.,
./Setup.exe /PrepareAD /TenantOrganizationConfig c:\temp\TenantConfig.xml /IAcceptExchangeServerLicenseTerms
Then, prepare the domains
./Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseterms
Export the public SSL cert from your Exchange 2010 onto your Exchange 2016 server
Then you can run the Exchange server installation setup wizard. Once complete, logon to the Exchange Admin Centre and import the SSL cert and bind to the required services.
Set the virtual directories and the client access service.
Reboot the server.
Now you can re-run the hybrid configuration wizard and update your hybrid config for Exchange 2016.
Move the arbitration mailbox and other system mailboxes from Exchange 2010 to Exchange 2016.
Create receive connector in Exchange 2016 for SMTP relay. Test thoroughly, then when happen all is working as expected you may decommission your Exchange 2010 servers by removing Exchange 2010 via the control panel.
Job done!
Jul 03 2020 07:16 PM - edited Jul 03 2020 07:16 PM
Hi Peter,
Thanks for the steps . But i think we need to do some more steps due to Ad Sync server and two adfs servers with this hybrid design?
AS
Jul 04 2020 12:26 AM
No, ADFS and AD sync is supported in this method. If you have this setup already then you are good to go.
I would consider reviewing your requirement for ADFS however. Ask yourself if you still need it. You may be able to consider switching to pass-through authentication instead.
Jul 06 2020 03:43 AM
Hi Peter,
We have only one exchange server. Server IP is 192.168..0.10
smtp1.mydomain.com -->192.168.1.50
smtp2.mydomain.com ---> 192.168.1.50
I can see the DNS entries. So where do i see this configuration?
as
Jul 06 2020 12:10 PM
Jul 06 2020 07:53 PM
Hi Peter,
I'm going to add the Exchange 2016 and migrate Exchange 2010. But trying to understand the mail flow setup in here. I'm new to the business.
All the devices and applications are set up to below SMTP addresses? ( smtp1.mydomain.com) but this SMTP IP's are different to Exchange server.
Look like SMTP relay using a different way?
As
Jul 07 2020 06:05 AM
Ah I get you. When you create your Exchange 2016 server, you will need to create a new receive connector in the Exchange Admin Center. You will have a similar one in Exchange 2010 for SMTP relay.
Once it's set, you need to switch one of your devices / software over to it to test, and then slowly change everything over to it.
Jul 07 2020 06:57 AM
Hi Peter,
Thanks, But no receive connector with those IP's or SMTP name? I think smtp.mydomain.com is not relaying via Exchange. No edge subscription in exchange 2010? I'm confused.
As
Jul 07 2020 10:30 AM
Ah OK, you would need to either change your internal DNS record for your SMTP name to be the IP address of the Exchange 2016 server when you were ready. Alternatively, you could switch the IP addresses and give the new Exchange 2016 server the same IP as the current Exchange 2010 SMTP relay server.
Jul 07 2020 11:58 PM - edited Jul 08 2020 02:58 AM
HI Peter,
Thank you so much for your information. Yes, I can do that. One more question.
How do we set up redundancy for SMTP Relay? We have one Exchange 2016 Server and Windows AD servers in Azure. So if this server goes down, how we handle the notification emails from our devices and applications?
I think allowing on-premise SMTP traffic to AWS is not a good idea.
As
Jul 08 2020 07:04 AM
Solution
My pleasure!
If you want some redundancy, what I normally suggest is to spin up a second Exchange 2016 server and add the same connector. If you needed to flip over to it, you could change your internal smtp dns entry to point to the IP of the backup.
Jul 14 2020 05:11 AM
@PeterRising Hi Peter,
Are you recommend to set up this Exchange 2016 server in on-premise or Cloud ( AWS)
if it is in AWS, can I use the free Exchange License?
As
Jul 08 2020 07:04 AM
Solution
My pleasure!
If you want some redundancy, what I normally suggest is to spin up a second Exchange 2016 server and add the same connector. If you needed to flip over to it, you could change your internal smtp dns entry to point to the IP of the backup.