Migration from SBS 2003 to SBS 2008 – part 3

Migration from SBS 2003 to SBS 2008 – part 3

August 02, 2011

Migration from SBS 2003 to SBS 2008 – part 3


Once you have finished the setup of SBS 2008 you will need to migrate data and settings over to the new SBS 2008 server. In the SBS 2008 Console there is a “Migrate to Windows SBS” wizard.
Work your way through these wizards and following the instructions. Note that migrating data and mailboxes will effect users so think carefully about when you run these.
These options are discussed further below.
  1. Change where to store data on the destination server

Use this to change where the users redirected folders are stored
  1. Configure the network

Use this to setup TCP/IP info
  1. Configure the Internet Address

This launches the “Setup Your Internet Address” wizard
  • In virtually all cases you will already have a domain name and be managing it externally
  • if you are using a different hostname than “remote” for OWA then you will need to specify this in the “advanced” settings
  1. Migrate network settings


  1. Migrate Exchange mailbox and settings

The Migrate Exchange Server mailboxes/settings will explain how to use the native exchange tools to migrate to SBS 2008. Moving mailboxes may take quite a while depending on how much data is held. If the servers are not connected via Gb connections then you may want to consider using a small gigabit switch to connect the servers to just for the data copy.
  • If desired move the Exchange database to another physical drive (there is a section in the migration wizard that does this)
  • Install the latest service pack – currently exchange 2007 sp3.
  • Enable anonymous connection on the exchange receive connector
  • If you need other systems to relay through this server (which in my experience happens most of the time) create an “allowed relays” receive connector for any smart hosts. Seehere for further info.
  • Check the recipient policy – make sure this matches the policy on the original SBS 2003 server.

  • If you don’t want your iphone users to be forced to create a passcode on their phone disable this options.
  • Move mailboxes
    • I recommend using the “sbs migration” account for this.
    • If you get errors try running the Exchange 2007 BPA permissions test.
  • I recommend backing up the public folders to a pst just in case. Use the export function in outlook for this.
  • Change the exchange server and DC used for recipient update to the new SBS server
  • Change the server that generates the offline address book to the new SBS server
Note – there is a section on decommissioning Exchange in part 4 of this guide.I believe this is best left to the end of the migration

  1. Remove Legacy Group Policy and logon settings

The below group policys are created by SBS2003 and should be removed – they may not all exist in your environment. I recommend just removing the links to them in Active Directory rather than deleting the policies completely. This means you can go back and recover the settings if needed.
  • Small Business Server Auditing Policy
  • Small Business Server Client Computer
  • Small Business Server Domain Password Policy
  • Small Business Server Internet Connection Firewall
  • Small Business Server Lockout Policy
  • Small Business Server Remote Assistance Policy
  • Small Business Server Windows Firewall
  • Small Business Server Windows Vista Policy
  • Small Business Server Update services Client Computer Policy
  • Small Business Server Update Services Common Settings Policy
  • Small Business Server Update Services Server Computer Policy
  1. Migrating Users Shared Data

You may want to switch off the reports if you don’t want your end users getting them.

For the group policies to apply to users and computers…
  • Please ensure all user accounts are found in the Active Directory OU MyBusiness – Users – SBSUsers
  • Likewise all computer accounts should be in MyBusiness – Computers – SBSComputers
Note – you need to run the role wizard for the user accounts to show up in the SBS console
  • Note that this is likely to change group membership. Make sure you make a note of group membership and test this before applying to all users.
  • On the Migrate groups page, click Next.
  • On the Migrate user accounts page, click Run the Change User Role Wizard.
  • Select the desired role and choose “add user permissions or settings”

Select the relevant users or users

  1. Migrate Sharepoint Website

  • Assuming the sharepoint site is in use then please follow the instructions on migrating to the new SBS 2008 server.
  • You can find further info here
    • Move the internal Web site for Windows SBS 2008 migration
    • Steps performed on the Source Server for Windows SBS 2008 migration
    • Steps performed on the Destination Server for Windows SBS 2008 migration

General – Migrating Shared Files and Folders

  • As with moving the mailboxes this may take a while. If the servers are not connected via gigabit connections it might be worth connecting the servers to a small gigabit switch just for the data copy.
  • You will need to copy over any file shares from the old SBS server to the new SBS server.
  • You will need to check the permissions on the new folders
  • To copy the data over I recommend using Richcopy if speed is an issue. This however will not copy file permission so if that is an issue I recommend using robocopy or xcopy (with the /H /E /C /Y /O) flags.
  • Once the shares are copied over you will need to edit any logon scripts or group polices that set mapped drives
  • Also I recommend either making the shares on the old SBS 2003 server read only or remove them completely. This ensures that no-one is editing data on the wrong server.

General – Migrate Printers & Scanners

  • Any printers shared off the old SBS 2003 server will need to be re-setup on the SBS 2008 server.
  • Please see my other article on deploying printers via a GPO.
  • Check for scanners that may have hard references to the old server name or IP
  • Please Click any of the following link
Create mail relay in Exchange 2007 & Exchange 2010

Create mail relay in Exchange 2007 & Exchange 2010

August 02, 2011


Create mail relay in Exchange 2007 & Exchange 2010



You may want to create an open mail relay in Exchange to allow other servers to relay mail through your exchange server.
There are 2 steps:-
1. Create a new receive connector in the management console. In the “permission groups” tab, check anonymous permission and put the IP address of the server that you want to permit relay from. In the example below I have called the receive connector “Allowed Relays”
2. Open the exchange management shell and enter the command: Get-ReceiveConnector “Allowed Relays” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

Also find
Migration from SBS 2003 to SBS 2008


Please Click any of the following link



Migration from SBS 2003 to SBS 2008 – part 2

Migration from SBS 2003 to SBS 2008 – part 2

August 02, 2011

Migration from SBS 2003 to SBS 2008 – part 2

This section covers the installation of the new SBS 2008 server. The migration of data is covered in part 3.

Step 1 – Create Answer File with Source Migration Tool

Connect a USB key to the SBS 2003 server and make sure the USB key is visible as a drive in my computer.
Then run the source migration tool on the SBS 2003 server. This is found in the SBS 2008 DVD in the tools folder.
Note – I have seen problems running this file from the hard drive. If you have issues then try running it from the DVD.
This will create an answer file on the USB key. It also allows for 2 SBS servers to exist in the same domain (for 21 days).
Note you may get an error about the number of network cards if RRAS is running. Stop the RRAS service to clear this error.
Once the preparation tool has completed you will get the below.
Select create an answer file. And fill out the answer file windows with the relevant details for your setup. For the domain administrator account use the “SBS migration” account you created earlier and not the default domain administrator account.
  • Once you have filled in all the necessary info including the source and destination server info, select save as and save the answer file to the USB key.
  • Note that the migration wizard will disable DHCP on the source server. If you are not building the new SBS 2008 server straight away then you will need another DHCP server.
  • I recommend unchecking run unattended so you can see what is happening.
  • Click finish, remove the USB key and installation DVD and reboot the source server.Letting the source server reboot with the USB key and installation DVD connected is a bad idea!

Step 2 – Install SBS 2008 on new Server

Note you may want to verify the physical drive configuration on the new SBS 2008 server before continuing. E.g. Do you want all drives in a RAID 5?
Connect the USB key to the SBS 2008 server and install windows as per normal.
If you look at Active Directory on the other SBS server you should see a new domain controller appear toward the end of the installation.
Note that the installation takes ages and frequently looks like its hanging – bear with it! It will also restart several times.

Post Install Checks

  • If there is more than one network adaptor in the server make sure the second one is disabled (as SBS only supports 1 NIC).
  • Check the DHCP service on the SBS 2008 server. Make sure all reservations are there and edit the IP scope if necessary.
  • The SBS 2008 install adds a number of group policies. It will set a password policy in the default domain policy. I recommend disabling these changes until after the install is complete (otherwise you are likely to get a number of password related queries).
  • Verify the SBS 2008 server holds all the FSMO roles – from a command prompt on the SBS2008 server run NETDOM QUERY FSMO
  • Run DCDiag and netdiag on the SBS 2008 server to check for errors
  • Check that the DNS server is listening on all IP interfaces (and not just IPv6)
  • Check shadow copies are enabled on any data drives
  • Run Windows/Microsoft Update
  • Make sure there is an DNS A record for autodiscover on your internal DNS range
  • Time – make sure the clocks between the old and new SBS servers are synchronised.
  • Check the new SBS server is a member of the active directory group “exchange domain servers”. If not add it and reboot.

Set User Profile Properties

Please be aware that if you create or associate an account with an SBS user role (more on this in the next section) then SBS will apply a set of default limits. For example it sets the maximum mailbox size to 2GB. To change these settings open the SBS console and go to the below.
Click ok to save your changes.
Please Click any of the following link


Migration from SBS 2003 to SBS 2008 – Part 1

Migration from SBS 2003 to SBS 2008 – Part 1

August 02, 2011

Migration from SBS 2003 to SBS 2008 – Part 1

Overview

This article covers the “Microsoft” method for migrating from SBS 2003 to SBS 2008. Following this method allows you to add a new SBS 2008 server to the existing domain allowing you to then gracefully migrate data across (you have 21 days until the SBS2003 server will shutdown). Following this method minimises the downtime for end users – the only downtime needed is when copying data/mailboxes across. I have written this guide whilst performing a number of real-world upgrades.
Alternatively you can use the “swing” method – see www.sbsmigration.com. This method allows you to build a new SBS 2008 server with the same server name as the SBS 2003 server. It’s not covered in
Below is a sample plan showing the timescales of the migration.
DayPartTask
1 – day (2 hours work)1Backup SBS 2003 server
Run all pre-requisite checks & updates
Generate answer file
1 – out of hours1Reboot SBS 2003 server
2 – day2Build SBS 2008 server with answer file
Install Updates
2 – out of hours3Migrate mailboxes
3 – day3Deal with any issues from Email migration
Continue migration (using SBS wizard)
3 – out of hours3Setup user accounts and folder redirection
Move shared folders and sharepoint
4 – day4Deal with any issues from data move
Decommission SBS 2003
As with all articles on this site this guide is for reference only. Please conduct your own research and testing.

Step 1 – Pre-requisite Checks

  • Note that SBS 2008 ONLY supports a Class C network – i.e. the subnet mask must be 255.255.255.0. If you are using another subnet mask then that is a problem!
  • If using Backup Exec 12 or earlier then you will need to upgrade.
  • If using a self issued SSL certificate then the end users are going to see certificate warnings on their PC/phones. I recommend buying a cheap SSL certificate for the new server (see my other article on this).
  • Check that any applications you plan on installing on the SBS 2008 server actually support SBS 2008 (i.e. 64-bit windows)
  • Run a full backup of the SBS 2003 server and verify that backup
The SBS 2003 server needs to have at least:-
  • Windows Server 2003 sp2
  • .net framework 2.0 – check in add/remove programs
  • Exchange 2003 SP2
  • SBS 2003 SP1 – Note that this is entirely separate to Windows SP1 and can be installed in addition to Windows SP2. Check HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SmallBusinesServer\ServicePackNumber
    If the value is 0×00000001, Service Pack 1 (SP1) for Windows SBS 2003 is installed.
  • Windows Sharepoint services 2.0 sp3 – Go to “Add or Remove Programs”. Select Microsoft Windows SharePoint Services 2.0, and then click “Click here for support information”. If the version number is 11.0.8173.0, SP3 is installed.
  • Verify that the CompanyWeb site is updated with sharepoint sp3 – click Administrative Tools | SharePoint Central Administration |Central Administration |Configure virtual server settings |Virtual Server Configuration section. On the Virtual Server List page, verify that the version for the CompanyWeb site is 6.0.2.8165
    MSXML 6.0 SP1
  • MS SQL server management studio express sp2
  • Microsoft Update – I would recommend running this to ensure the system is fully patched.

Step 2 – Raise functional levels

Exchange: Change to Native mode. There must be no exchange 2000 servers in your domain.
AD: Raise the forest functional level. Only do this if there are no Win2000 domain controllers in your domain.

Step 3 – Exchange

  • I would recommend exporting a list of email addresses used. Download this file, extract and and run the vbs script. It will create a text file called c:\proxyaddresses.txt
  • I would also recommend making a note of DHCP settings and their reservations. I have noticed that although the DHCP service is moved over to the new server the reservations are not.
  • Rename any postmaster accounts – make sure there is no postmaster@ address used in the company
  • Remove any mailbox management policies
  • Remove duplicate or incorrect SMTP addresses

Step 4 – Misc

  • Create an active directory user for migration (e.g. sbsmigration).
    • This account must have a strong password – mixture of case, 1 number and 1 symbol.
    • Must be a member of domain admins, enterprise admins and schema admins.
    • Make sure the primary group is domain users.
  • Disable WSUS services on the SBS 2003 server
  • If using ISA I recommend further reading. You could uninstall for the migration – obviously don’t leave your server connected to the internet unsecured.
  • If using an SSL certificate on the SBS 2003 server then export it (with the private key). You can import it on the SBS 2008 server later.
  • Reset the Active Directory Restore Mode password (MS KB322672). This is optional just in case the worst happens!
  • Try to identify any software that might have hard coded server entries
  • Where possible remove old users/mailboxes.
  • Shorten the DHCP lease time on the SBS 2003 server. This is to try and avoid IP conflicts when DHCP is moved over to the new SBS server.

Step 5 – Healthchecks

  • Run DCDiag and Netdiag – look out for any errors
  • Check event viewer for errors – in particular look out for JRNL_WRAP_ERRORS in the File Replication Service event log.
  • Run exchange BPA
  • Check SYSVOL and NETLOGON are available as shares (i.e. go start – run –\\servername)
  • Download and run the Microsoft IT environment health monitor
Please Click any of the following link


Install a GoDaddy SSL Certificate on SBS 2008

Install a GoDaddy SSL Certificate on SBS 2008

August 02, 2011
Install a GoDaddy SSL Certificate on SBS 2008


In the below example I am installing a GoDaddy SSL Certificate on SBS 2008

Step 1 – The trusted certificate wizard

From the SBS console run the “Add a trusted certificate” wizard
When you get to the information window make sure you enter the correct information. The key field is “Issued To” – this is the website address that you will use to connect to your Small Business Server.
In the example above I have entered remote.mycompany.com. I would recommend you setup a DNS record called remote.whateveryourdomainis.com for your SBS server. The method for creating a DNS record will vary according to your ISP if you are unsure how to do this then I would recommend calling your ISP and asking them.
I recommend copying the above request into a text document and saving it.

Step 2 – Buy Certificate with GoDaddy.com

I recommand GoDaddy SSL certificates as once you have bought them they allow for free rekeys and re-issues. Really useful if you make a mistake or have to re-installed for whatever reason.

Click on the above banner to go to the godaddy website and take advantage of this offer.
You want to purchase a standard SSL certificate for a single domain
Once you have bought this certificate on the godaddy website go to “my products” then “ssl certificates” select use credit and then continue as shown below.
You should then have the option to manage the certificate you have just bought as shown below.
This should launch the godaddy SSL management screen shown below. Select request certificate.
On the next screen you paste in the CSR code generated in step 1.
Click next. On the next screen confirm the details and if you are happy click next.
GoDaddy will now review the request – this may take a few hours. Godaddy use a number of methods of checking ownership of a domain. This first method they will try is sending an email to the email address list on the whois record for that domain. If there is no email address on the whois method then godaddy will send you an email explaining what else you need to do to prove ownership of the domain – usually its to create a specific DNS record or add a string to a webpage on your website. Below is an example of the domain verification email sent to the contact address in the whois record.
Once you have completed the domain verification process the certificate is issued.

Step 3 – Download the certificate

In the godaddy SSL certificate manager, click on your certificate and select download
Select the download type as IIS7 and download.
Unzip the file you have downloaded. There will be 2 files – a .p7b and a .crt file.

Step 4 – Install the Certificate

Go back to the SBS certificate wizard and select next. You will get the below screen
Choose “I have a certificate” and select next. On the next screen select the “browse” button and browse the the .crt file you extracted in step 3.
Click next and you have completed the install.

Step 5 – Test

to test this try to logon to your server from outside you company network. e.g. Open a browser and go to https://whateverdnsnameyouregistered
You should get a screen similar to the below and shouldn’t get any certificate warning messages.
Note the padlock. This indicates that there is an SSL certificate installed on this site.