ITidiots.com

I am an admitted addict to early adoption of new technologies. My environment is really small and I don't have to worry about having hundreds of users angry with me if I break something.

A few years back I had done a dumb-a## by upgrading from Exchange 2003 to 2007, on a server that was also a domain controller. Well, the real truth is that at the time I couldn't afford to deploy a separate server and virtualization was sketchy when I decided to upgrade...

So my goal in my current project is to migrate all of my domain controllers to Windows 2003R2 and move my Exchange box off of my Domain Controller to a member server, while migrating to Exchange 2010. I also want to implement a double-stack IPv6.

You can't upgrade a Windows 2003 Domain controller with Exchange on it without breaking it, so I upgraded all my other 2008 boxes to R2. I then created a virtual 2008R2 server on a physical box that was also a DC. Installed Exchange 2010 and thats when the trouble began. First, I vaguely remember Nicky warned that you shouldn't ever put Hyper-V on a domain controller; but evidently it didn't stick in my head. Something with permissions gets very messed up in Exchange and I'm assuming other programs that rely on Active Directory Domain Services to function properly.

The first fix was to demote that domain controller and remove all roles except for Hyper-V. This still left alot of other things messed up because the installation process for Exchange 2010 has not been made idiot-proof. Exchange needs to have uninhibited access to an ADDS Global Catalog server and writes the first detected one all over in the registry...and guess what....the entries were all to the Domain controller I had demoted, so about a day later and a dollar short (or pound if you will), I was able to undo that mess....

After all of this, I still could not get Outlook 2007 clients to connect to the new Exchange Server. I first spent some time in DNS because usually in my experience connectivity problems point to DNS. Sure enough, there were some entries that hadn't been cleaned up from demoting my domain controller.Still no joy. I then had to call MS support and after a day and a half of troubleshooting the case was escalated to a second level support which helped me fix a couple of things as well as the connectivity problem....the biggest being that by default on Windows 2008 IPv6 is enabled in the network bindings; but is then hamstrung in the hosts file because there is a # sign before the ::1 localhost. Still no joy, we then tested connectivity by turning off the Windows Firewall.....Boom....Outlook connectivity problems went away!

I must say that the performance for Exchange 2010 is much improved, and I appreciated the new certificate wizard!

Take aways:

1 ) NEVER install Hyper-V on a Domain Controller
2) Healthy DNS = Healthy Active Directory
3) Healthy Active Directory = a healthy Exchange Server
4) Be sure that the kinks are out of all of the above BEFORE installing Exchange 2010
5) If you have IPv6 enabled on the NIC card, don't forget to remove the # in the hosts file.

Hope this will help somebody along the way......

I still have to move my Public Folders from 2007 to 2010.....if anyone would know of where I can find info on how to do this I would appreciate if they could pass it on to me.

Greg

p.s. I'm glad that I didn't move all the mailbox....maybe tomorrow.

Hi Jamie,

Working with Exchange really a little more complicated than doing a back-up and restore. Really my servers are used in production and others rely on the services (like mail) to get their jobs done. Sorry you got bored, the story was aimed more toward those who might have a similar experience and could learn from my experiences. Moving on.....