Friday, August 8, 2014

Exchange 2010 (SP3) - Migration - Part 4 - Send and Recieve Connectors, Transport Rules

In the context of a migration (or more correctly, a "transition") from Exchange 2007 to 2010, most of the Hub Transport settings at the Organization configuration level, will be migrated automatically. These settings are stored in the Configuration partition of Active Directory. When the Exchange 2010 server is installed, it will query Active Directory and these settings will populate the tabs such as "Remote Domains", "Accepted Domains", "Email Address Policies" and so forth.

However, there are some exceptions and particularities that should be taken into consideration...


Send Connectors

In particular, this is true of the Send Connector settings. However, there is at least one major exception. If we look under the "Source Server" tab of the Send Connector properties, we will notice that the new Exchange 2010 server is not present (only EX1, the Exchange 2007 server).




This is sometimes forgotten and someone will ask, on the Technet forums for example, why they can send mail internally from the new server but not externally (they also remark that existing servers can send email both internally and externally).

First, let's remember that Exchange has ïmplicit connectors for internal email trafic. These connectors do not need to be configured and cannot even be accessed in the normal interface for configuration. They just work "as is".

Second, it's simply a matter of adding the Exchange 2010 server to the Source Server list.



Of course, we can add another server using Powershell as well:

Set-SendConnector -SourceTransportServers 'ex1','EX13-1' -id 'MYNET-SendConn-1' 

Note: with the Powershell cmdlet, we must indicate all servers after the -SourceTransportServers parameter. If we only list EX13-1, only EX13-1 will be included.

Lastly, on the subject of send connectors, if there is a second (or third, etc.) Exchange 2010 server, we must add it also. It will not be added automatically.


Receive Connectors

Unlike Send Connectors, Receive Connector settings exist at the Server Configuration level and must be configured on each server, manually or with a script. One parameter in particular requires attention : the Permission Groups tab.



By default, "Anonymous users" are not allowed to connect to the Receive Connector. This prevents external users from sending email to the organization, since they have no means to authenticate (they would have no username or password, much less a smart card or security token). If we want to receive messages from the outside world, we must check the appropriate box above.


Transport Rules

Transport rules are a special case. The rules existing on the Exchange 2007 server are migrated to the 2010 server when we install the latter but that's it. There is no further synchronization. So, if we create a new transport rule on either the Exchange 2007 or 2010 server AFTER the installation of Exchange 2010, that rule will only exist on the server on which we created it.

This is because transport rules are stored in different locations. For Exchange 2007:

CN=Transport,CN=Rules,CN=Transport Settings,CN=MYNET,CN=Microsoft Exchange,CN=Services

And for Exchange 2010:

CN=TransportVersioned,CN=Rules,CN=Transport Settings,CN=MYNET,CN=Microsoft Exchange,CN=Services

Here's an example.

On my Exchange 2007 server, I created a transport rule to test something for someone that asked a question about blocking spam (the details of the rule are not essential for this discussion).


Note the Exchange 2007 icon in the upper left-hand corner.

This rule was migrated to the Exchange 2010 server:


Note the Exchange 2010 icon in the upper left-hand corner.

Now I create a new rule (TR2) on the Exchange 2007 server...



And a new rule (TR3) on the Exchange 2010 server...



Neither replicate to the other server (which we can observe on the Exchange 2010 server above: the rule TR2 does not appear, only TR3 which was created on the Exchange 2010 server).

***

At this point, mailbox users that will be migrated to the Exchange 2010 server should be able to send email to both internal and external recipients and also receive email from both internal and external senders.

No comments:

Post a Comment