Managing Exchange 2003 and Exchange 2007 in mixed mode

Get best practices for managing Exchange 2003 and Exchange 2007 in mixed mode and performing administration tasks in their different management consoles.

Native mode concepts have been eliminated from Exchange Server 2007, creating headaches for organizations that plan to operate in mixed mode, and gradually migrate their messaging platforms. Because Exchange 2003 and Exchange 2007 offer varied functionality and use different management interfaces, administrators running mixed-mode Microsoft email environments must be able to differentiate which tools to use in which situations. This...

tutorial offers several rules of thumb for managing mixed-mode Exchange environments running both Exchange 2003 and Exchange 2007 servers.

 

 


MANAGING EXCHANGE 2003 AND EXCHANGE 2007 IN MIXED MODE

 Management tool changes in Exchange 2007
 Rules for choosing a mixed-mode Exchange management tool
 Using Active Directory Users and Computers in mixed mode
 Create mailboxes in Exchange 2007 without the RUS
 Managing global objects in Exchange 2003 and Exchange 2007
 Configuring and editing mail-enable groups in mixed mode
 Moving mailboxes between Exchange 2003 and Exchange 2007
 Exchange 2007 compatibility with Exchange 2000

 

 

 

Management tool changes in Exchange 2007

Exchange Server 2007 is radically different from Exchange 2003. Routing groups and administrative groups have been removed, and two new management interfaces were added -- the Exchange Management Console and Exchange Management Shell. Exchange System Manager, the primary administration tool in Exchange 2003 was eliminated from Exchange 2007.

Another tool in Exchange 2003 that was eliminated from Exchange 2007 is the Active Directory Users and Computers (ADUC) console.

 
Understanding Microsoft Exchange 2007

 

What's missing from Exchange Server 2007?

 Fortunately, after Exchange 2007 is introduced into an organization using Exchange 2003, both Exchange System Manager and ADUC still exist and can interact with Exchange 2007 servers.

Exchange 2007's Exchange Management Console and Exchange Management Shell can also interact with legacy Exchange servers in your organization though. So it can get confusing when trying to figure out which management tool you should be using to execute a specific Exchange administration task.

Return to Top

 

 

Rules for choosing a mixed-mode Exchange management tool

 

  • Use Active Directory Users and Computers to create or modify mailboxes on Exchange 2003 servers.

     

  • Use the Exchange Management Console or Exchange Management Shell to create or modify mailboxes stored on an Exchange 2007 server.

     

  • Use the Exchange Management Console or Exchange Management Shell to make Exchange 2003 and Exchange 2007 organization-level changes, unless they involve a feature that has been discontinued in Exchange Server 2007, such as routing groups or administrative groups.

     

  • Use the Exchange Management Console or Exchange Management Shell for any management tasks performed against Exchange 2007 servers.

     

  • Use the Exchange System Manager for any management tasks performed against Exchange 2003 servers.

     

Return to Top

 

 

Using Active Directory Users and Computers in mixed mode

The Active Directory Users and Computers console can be used to create or modify mailboxes on Exchange Server 2003, but shouldn't be used for this purpose in Exchange 2007 mailboxes. In reality, mailboxes aren't always created at the same time as user accounts. So you can use ADUC to create a user account, regardless of which Exchange version will host the user's mailbox. The Exchange Management Console contains a provision to create a mailbox for an existing user.

 

 

Exchange Server and Active Directory FAQs

 

Exchange 2007 mailboxes have attributes that didn't exist in previous versions. If you create an Exchange 2007 mailbox using Active Directory Users and Computers, only the attributes that existed in Exchange Server 2003 will be created. Remaining attributes will be omitted, preventing the mailbox from fully functioning.

For example, if you use the ADUC console to create an Exchange 2007 mailbox, then the user cannot use Outlook Web Access (OWA). Additionally, if this console is used to modify an Exchange 2007 mailbox that was created correctly, then the modification tends to corrupt some of Exchange 2007-specific attributes.

Return to Top

 

 

Create mailboxes in Exchange 2007 without the RUS

Neither the Exchange Management Console nor the Exchange Management Shell should be used to create Exchange 2003 mailboxes. Exchange 2007 management tools can't be used to create Exchange 2003 mailboxes because the Recipient Update Service (RUS) is missing from Exchange 2007.

The RUS periodically checks the Exchange organization for changes, and writes information related to those changes to Active Directory. If you use Active Directory Users and Computers to create an Exchange mailbox, it assumes that the RUS will process the new mailbox, and will periodically be run against the mailbox to check for changes. If the mailbox is created on Exchange 2007, which doesn't use the RUS, then the assumption is incorrect and the mailbox may not be fully functional.

Return to Top

 

 

Managing global objects in Exchange 2003 and Exchange 2007

As a general rule, you should manage Exchange Server 2003 objects using either the Exchange System Manager or Active Directory Users and Computers console. Exchange Server 2007 objects should be managed using the Exchange Management Console or Exchange Management Shell. But exceptions exist, and some objects aren't server-specific.

All servers in an Exchange organization typically use global objects, so you can use any Exchange management tool to manage them. Keep in mind that global objects usually reside in Active Directory, and each version of Exchange applies its own set of changes to Active Directory schema.

 

 

Tutorial: Managing Exchange Server 2003 recipient objects

 

What does this mean from a management perspective? Suppose that you install Exchange 2007 into an organization that is running Exchange 2003. In most cases, Exchange 2007 will make changes to the various global objects. Exchange 2003 will be aware of some of these changes, but the newer version of Exchange tends to use some object attributes that the previous version didn't use.

Exchange 2003 may not have a problem recognizing various global objects, but if you use the Exchange System Manager to modify an object, you risk erasing any attributes Exchange 2003 is aware of. If you need to create or modify a global object, you should use any management tools that were supplied by the highest-installed version of Exchange in your organization.

Return to Top

 

 

Configuring and editing mail-enabled groups in mixed mode

A single group can contain objects from multiple Exchange servers, running multiple versions of Exchange. Therefore, it may be difficult to know which management tool to use when dealing with mail-enabled groups. I recommend using the management tool that was included with the Exchange version running on the server that stores the object. You can use either the Exchange Management Console or Exchange System Manager. Keep in mind: This assumes that you're working with a simple, static group. Be careful when managing dynamic distribution groups.

Exchange 2003 is designed to "mail-enable" user accounts that reside in Active Directory. Thus, query-based distribution lists perform LDAP queries against an Active Directory to determine which users should be included in the distribution list.

 
Working with Exchange 2003 query-based distribution groups

 

How to configure dynamic distribution groups in Exchange Server 2007

In Exchange 2007, Microsoft renamed query-based distribution groups to dynamic distribution groups (DDGs), and changed the way that these groups work. DDGs no longer use LDAP queries, but instead use OPATH queries. OPATH is the filtering language that PowerShell and the Exchange Management Shell use. Exchange 2007 uses OPATH filtering for mailboxes, global address lists and email address policies.

Microsoft most likely switched to OPATH queries in Exchange 2007 to maintain some consistency within the Exchange Management Shell. From a management standpoint, this difference means that if the dynamic distribution group will reside on an Exchange 2007 server, then you must create it using either the Exchange Management Console or Exchange Management Shell.

A mail-enabled contact is not an Exchange mailbox, but instead points to an external mailbox. Although most organizations don't often use mail-enabled contacts, both Exchange 2003 and Exchange 2007 support their use. You may need to create a mail-enabled group that includes people outside of your Exchange organization. If so, you can create a mail-enabled contact for those users, and then place the contact into your mail-enabled distribution group.

The mail-enabled contact doesn't have a mailbox within the Exchange organization, so there are few attributes associated it. As such, you can use the Exchange System Manager, Exchange Management Console or Exchange Management Shell to create or edit mail-enabled contacts without damaging them.

Return to Top

 

 

Moving mailboxes between Exchange 2003 and Exchange 2007

If you're moving an Exchange 2007 server to an Exchange 2003 environment, you may want to move some mailboxes off of an older-version server and onto the Exchange 2007 server. To do this, you should use the Exchange 2007 move mailbox tool or the MOVE-MAILBOX command in the Exchange Management Shell.

Exchange 2007 knows which attributes are used in both Exchange 2007 and Exchange 2003. As such, it can reliably move mailboxes from Exchange 2003 to Exchange 2007, and vice versa. If moving a mailbox involves an Exchange 2007 server, then you should use the move mailbox tools from Exchange 2007. If you're moving mailboxes between two Exchange 2003 servers, then you can continue to use the Exchange System Manager, even if Exchange 2007 servers exist in the organization.

Return to Top

 

 

Exchange 2007 compatibility with Exchange 2000

While Exchange Server 2007 can't exist in the same environment as Exchange 5.5, it can run alongside an Exchange 2000 server. Because Exchange 2000 is equipped with a rudimentary version of the Exchange System Manager, it can view and modify objects located on an Exchange 2007 server.

Exchange 2003's System Manager is designed to use object version numbers, while Exchange 2000 is not. This means that, in some

 

 

Step-by-Step Guide: Test driving Exchange 2007

 

 cases, the Exchange 2003 version is intuitive enough know that an object was created on a server running a more recent version of Exchange, and will stop users from modifying an object located on an Exchange 2007 server. The Exchange 2000 version of Exchange System Manager won't stop this, which could result in serious, and possibly catastrophic, mistakes.

Microsoft created the Exchange 2000 Post-service Pack 3 Update Rollup, which enables Exchange 2000 to use object-version numbers. Note: Although this patch adds support for object-version numbers, avoid using Exchange System Manager for Exchange 2007 objects.

Return to Top

 

 

ABOUT THE AUTHOR:   
 
Brien M. Posey, MCSE
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com.
 

This was first published in December 2007

Dig deeper on Exchange Server Deployment and Migration Advice

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchWindowsServer

SearchEnterpriseDesktop

SearchCloudComputing

SearchSQLServer

Close