Migration Manager for Exchange 8.15 - Source Exchange 2010 Environment Preparation

Changing the Default Source/Target Exchange Account Granting Membership in Server Local Administrators Group Granting Full Control on Organizational Unit Granting Full Control on the Microsoft Exchange System Objects Organizational Unit Granting Permission to Make Public Folders Mail-Enabled Granting Full Control on Exchange 2010 Mailboxes Granting Membership in Recipient Management Group Granting Application Impersonation Role

Setting Up the Source Active Directory Account

Changing the Default Source/Target Active Directory Account Granting Read Access to Active Directory Domain Granting Read Permission for the Microsoft Exchange Container

Setting Up Source/Target Agent Host Account

Changing the Default Source Agent Host Account Granting Membership in the Local Administrators Group on the License Server

Preparing the Source Exchange Environment for Exchange Migration

Backing Up Exchange Creating Aelita EMW Recycle Bin Public Folder (Optional) Creating Administrator Mailboxes for Public Folder and Free/Busy Synchronization Creating Administrator Mailboxes for Mailbox and Calendar Synchronization (Optional) Creating Custom Throttling Policies Installing the Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 Configuring the NSPI Connection Limit

Setting Up Connection with the Target Exchange Organization Using SMTP Connectors

Setting up Source Exchange Organization for Internet Mail Flow between Source and Target Exchange Organizations

Establishing Internet Mail Flow Directly Through a Hub Transport Server

Creating Send Connector Modifying Default Receive Connector Adding E-mail Domain Used for Redirection to the List of Accepted Domains on Hub Transport Server

Establishing Internet Mail Flow through a Subscribed Edge Transport Server

Export the Edge Subscription file from the Edge Transport Server Import the Edge Subscription file on the Hub Transport Server Force EdgeSync Synchronization

Configuring Source DNS Server for Mail Forwarding Testing the SMTP Connectors (Optional)

Granting Permission to Make Public Folders Mail-Enabled

If a public folder is mail-enabled in the target organization, the Public Folder Source Agent needs to be able to make it mail-enabled in the source organization as well. To achieve this, assign your Source Exchange Account permissions to run the Enable-MailPublicFolder cmdlet, as follows:

Add this account to the Public Folder Management group in the source Exchange 2010 organization:

In the Active Directory Users and Computers snap-in select the Microsoft Exchange Security Groups node.
In the right pane, right-click Public Folder Management group and click Properties .
On the Members tab click Add and select the Source Exchange Account (in our example, QMM_Src_Ex).
Close the dialog boxes by clicking OK.

Caution: If the Source Exchange Account is located in another trusted forest, you cannot add the account to the Public Folder Management group. In this case grant the following permissions for the Exchange Administrative Group (FYDIBOHF23SPDLT) container and its child objects to the account in the Configuration partition using the ADSIEdit snap-in:

Modify public folder replica list permission
Modify public folder deleted item retention permission

Modify public folder quotas permission

Give the account the Full Control permission on the CN=<ExchangeOrganizationName>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<...>,DC=<...> container:

From the Start menu, select Run. In the Run dialog box, type ADSIEdit.msc. Click OK.

NOTE: If you have a Windows 2003 domain controller, the ADSIEdit utility, which is part of the Windows 2003 Support Tools, may not be installed. In this case install the Support Tools by running the Support\Tools\Suptools.msi file located on the Windows 2003 CD.

In the ADSIEdit snap-in, open the CN=<ExchangeOrganizationName>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<...>,DC=<...> container
Right-click the CN=<ExchangeOrganizationName> container and click Properties.
In the Properties dialog box, click the Security tab.
On the Security tab, click Advanced.
In the Advanced Security Settings dialog box, click Add.
In the Select User, Computer, or Group (or similar) dialog box, select the Source Exchange Account (in our example, QMM_Src_Ex) and click OK.
In the Permission Entry for dialog box, select This object and all child (descendant) objects from the Apply onto drop-down list.
Allow Full Control permission for the Source Exchange Account.
Close the dialog boxes by clicking OK.

Granting Full Control on Exchange 2010 Mailboxes

The Source Exchange Account used by Migration Manager for Exchange agents needs the Full Control permission on each mailbox database involved in migration and on its associated public folder database if it exists.

To grant the required permissions to the <User> (in our example, sourcedomain\QMM_Src_Ex), run the following two cmdlets in Exchange Management Shell:

Get-MailboxDatabase | Add-ADPermission -User <User> -AccessRights GenericAll -ExtendedRights Receive-As

Get-PublicFolderDatabase | Add-ADPermission -User <User> -AccessRights GenericAll -ExtendedRights Receive-As

To verify that all permissions for the Source Exchange Account are set correctly, select any mailbox involved in the migration in the Migration Manager Console and check that the Source Exchange Account has Full Access permission for the mailbox.

Granting Membership in Recipient Management Group

To perform Move mailbox operations, the Source Exchange Account needs to be assigned permissions to run the following cmdlets:

New-MoveRequest
Get-MoveRequest
Remove-MoveRequest
Get-MoveRequestStatistics

To grant these permissions, add the account to the Recipient Management group in the source Exchange 2010 organization, as follows:

In the Active Directory Users and Computers snap-in select the Microsoft Exchange Security Groups node.
In the right pane, right-click Recipient Management group and select Properties from the shortcut menu.
On the Members tab click Add and select the Source Exchange Account (in our example, QMM_Src_Ex).
Close the dialog boxes by clicking OK.

Granting Application Impersonation Role

Granting ApplicationImpersonation Management Role

To grant the ApplicationImpersonation management role to the <User> (in our example, LA\JohnSmith), run the following cmdlet in Exchange Management Shell:

New-ManagementRoleAssignment -Role ApplicationImpersonation -User LA\JohnSmith

Please select your product:

To serve you better, please complete the Purpose of your Chat:

Recommended Solutions for Your Problem