Migration Manager for Exchange 8.15 - Target Exchange 2010 Environment Preparation (Legacy)

Changing the Default Source/Target Exchange Account Granting Read Access to the Target Active Directory Domain Granting Membership in Server Local Administrators Group Granting Full Control on Organizational Unit (Target Exchange Account) Granting Full Control on the Microsoft Exchange System Objects Organizational Unit Granting Permission to Make Public Folders Mail-Enabled Granting Full Control on Exchange 2010 Mailboxes Granting Membership in Recipient Management Group

Setting Up the Target Active Directory Account

Changing the Default Source/Target Active Directory Account Granting Read Access to Active Directory Domain Granting Full Control on Organizational Unit (Target Active Directory Account) Granting Read Permission for the Microsoft Exchange Container

Setting Up Source/Target Agent Host Account

Changing the Default Target Agent Host Account Granting Membership in the Local Administrators Group on the License Server

Preparing the Target Exchange Environment for Exchange Migration

Backing Up Exchange Creating Aelita EMW Recycle Bin Public Folder (Optional) Creating Administrator Mailboxes for Public Folder and Free/Busy Synchronization Creating Administrator Mailboxes for Mailbox and Calendar Synchronization (Optional) Creating Custom Throttling Policies Installing the Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1 Configuring the NSPI Connection Limit Disable RPC Encryption on Target Exchange 2010 Servers (Optional)

Setting Up Connection with the Source Exchange Organization Using SMTP Connectors

Setting up Target Exchange Organization for Internet Mail Flow between Target and Source Exchange Organizations

Establishing Internet Mail Flow Directly Through a Hub Transport Server

Creating Send Connector Modifying Default Receive Connector Adding E-mail Domain Used for Redirection to the List of Accepted Domains on Hub Transport Server

Establishing Internet Mail Flow through a Subscribed Edge Transport Server

Export the Edge Subscription file from the Edge Transport Server Import the Edge Subscription file on the Hub Transport Server Force EdgeSync Synchronization

Configuring Target DNS Server for Mail Forwarding Testing the SMTP Connectors (Optional)

Appendix A: Exchange 2003 to Exchange 2010 Migration Restrictions

Granting Full Control on the Microsoft Exchange System Objects Organizational Unit

The Target Exchange Account used by Migration Manager for Exchange agents needs the Full Control permission on the Microsoft Exchange System Objects organizational unit (OU) in all domains in which target Exchange 2010 servers involved in public folder synchronization reside.

In the Active Directory Users and Computers snap-in, right-click the Microsoft Exchange System Objects OU and click Properties.

NOTE: If there is no Microsoft Exchange System Objects OU, you should select View | Advanced Features in the Active Directory Users and Computers snap-in.
On the Security tab, click Add, and select the Target Exchange Account (in our example, QMM_Trg_Ex).
Select the account name, and then enable the Allow option for the Full Control permission in the Permissions box.
Click the Advanced button. In the Advanced Security Settings dialog box, select the account you specified on step 2, and click Edit.
In the Permission Entry dialog box, select This object and all descendant (child) objects from the Apply to drop-down list.
Close the dialog boxes by clicking OK.

Granting Permission to Make Public Folders Mail-Enabled

Granting Permission to Make Public Folders Mail‑Enabled

If a public folder is mail-enabled in the source organization, the Public Folder Target Agent needs to be able to make it mail-enabled in the target organization as well. To achieve this, assign your Target Exchange Account permissions to run the Enable-MailPublicFolder cmdlet, as follows:

Add this account to the Public Folder Management group in the target Exchange 2010 organization:

In the Active Directory Users and Computers snap-in select the Microsoft Exchange Security Groups node.
In the right pane, right-click Public Folder Management group and click Properties .
On the Members tab click Add and select the Target Exchange Account (in our example, QMM_Trg_Ex).
Close the dialog boxes by clicking OK

Caution: If the Target Exchange Account is located in another trusted forest, you cannot add the account to the Public Folder Management group. In this case grant the following permissions for the Exchange Administrative Group (FYDIBOHF23SPDLT) container and its descendant (child) objects to the account in the Configuration partition using the ADSIEdit snap-in:

Modify public folder replica list permission
Modify public folder deleted item retention permission
Modify public folder quotas permission

Give the account the Full Control permission on the CN=<ExchangeOrganizationName>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<...>,DC=<...> container:

From the Start menu, select Run. In the Run dialog box, type ADSIEdit.msc. Click OK.

NOTE: If you have a Windows 2003 domain controller, the ADSIEdit utility, which is part of the Windows 2003 Support Tools, may not be installed. In this case install the Support Tools by running the Support\Tools\Suptools.msi file located on the Windows 2003 CD.

In the ADSIEdit snap-in, open the CN=<ExchangeOrganizationName>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<...>,DC=<...> container
Right-click the CN=<ExchangeOrganizationName> container and click Properties.
In the Properties dialog box, click the Security tab.
On the Security tab, click Advanced.
In the Advanced Security Settings dialog box, click Add.
In the Select User, Computer, Service Account, or Group (or similar) dialog box, select the Target Exchange Account (in our example, QMM_Trg_Ex) and click OK.
In the Permission Entry for dialog box, select This object and all descendant (child) objects from the Apply to drop-down list.
Allow Full Control permission for the Target Exchange Account.
Close the dialog boxes by clicking OK.

Granting Full Control on Exchange 2010 Mailboxes

The Target Exchange Account used by Migration Manager for Exchange agents needs the Full Control permission on each mailbox database involved in migration and on its associated public folder database if it exists.

To grant the required permissions to the <User> (in our example, LA\QMM_Trg_Ex), run the following two cmdlets in Exchange Management Shell:

Get-MailboxDatabase | Add-ADPermission -User <User> -AccessRights GenericAll -ExtendedRights Receive-As

Get-PublicFolderDatabase | Add-ADPermission -User <User> -AccessRights GenericAll -ExtendedRights Receive-As

To verify that all permissions for the Target Exchange Account are set correctly, select any mailbox involved in the migration in the Migration Manager Console and check that the Target Exchange Account has Full Access permissions for the mailbox.

Granting Membership in Recipient Management Group

To perform Move mailbox operations, the Target Exchange Account needs to be assigned permissions to run the following cmdlets:

New-MoveRequest
Get-MoveRequest
Remove-MoveRequest
Get-MoveRequestStatistics

To grant these permissions, add the account to the Recipient Management group in the target Exchange 2010 organization, as follows:

In the Active Directory Users and Computers snap-in select the Microsoft Exchange Security Groups node.
In the right pane, right-click Recipient Management group and select Properties from the shortcut menu.
On the Members tab click Add and select the Target Exchange Account (in our example, QMM_Trg_Ex).
Close the dialog boxes by clicking OK.

Please select your product:

To serve you better, please complete the Purpose of your Chat:

Recommended Solutions for Your Problem