Exchange Server 2007: Doing a cross-forest migration with your hands tied behind your back.

How to solve migration issues using creative thinking and the default set of tools.

How do people typically do an Exchange Server 2007 cross-forest migration using the basic set of tools provided by Microsoft? Well, to summarize the process, most people tend to perform Active Directory object migration via ADMT and then "move" user mailboxes using the Move-Mailbox cmdlet. Or, at least that tends to be the path of least resistance. On the other hand, if the need should arise, there are also a number of other paths that can be taken to achieve the same goal.

Case in point, what if ADMT is for some reason not “migrating” a majority of an object’s attributes (like anything mail related). Compounding the issue, what if moving a single mailbox (without any data) using the Move-Mailbox cmdlet is taking 4 hours. Oh, did I mention that the entire migration has to be completed over the weekend. :>)

At this point, you might be turning to a third-party vendor to complete your migration (which might also encounter the same issues). However, what if I were to tell you there are other ways to complete a cross-forest migration using the same set of tools you have already been given. For example, did you know that you can use the mail recipient cmdlets in Exchange Server 2007 to examine information from an organization in a remote forest?

To better understand what I’m talking about, let’s look at the Get-Mailbox cmdlet. This cmdlet has two related parameters to our conversation: Credential and DomainController. By defining these parameters correctly, I can connect to a remote organization and pull information about the mailboxes in this organization.

Let’s take a look:

$SourceGC = ""

$AdminCred = Get-Credential

Get-Mailbox -DomainController $SourceGC -Credential $AdminCred

Shazam! You can now pull in mailbox information from a remote organization. But, how does this relate to performing a migration. Well… the scenario works like this.

  1. We will assume that you have some form of co-existence in place (contacts galore).
  2. Next, you perform the botched ADMT migration to ensure that you now have migrated accounts + sid-history within the target forest.
  3. Next, using a little PowerShell scripting arm grease you can do the following:
    • Read the information from the existing contacts in the target organization.
    • Read the remote organization’s recipient information.
    • Create dail-tone mailboxes for mail-enabled users, distribution groups, contacts in the target organization.
    • Remove the existing contacts from the target organization.
    • Using the remote recipient information and the target contact information correctly stamp your new recipients.
    • Lastly, clean-up the recipients from the source organization (needs to be executed from the source organization).

Yes, I’m skirting around topics such as mailbox data, profile redirection and such… But, even those have solutions as well. For instance, when tackling the mailbox data… Your first concern is to get mailbox access and mail flow going ASAP. Provided that is working, you could then export the existing data from all of the source organization mailboxes and then over time stream that data back into the dial-tone mailboxes that were just created. Or, just give the user the resulting PST file. :>)

Hopefully… this post spawns ideas when faced with wall. After all, walls are meant to be climbed. Lastly… for those of you who boulder… I’m slowly getting back to where I used to be. After today, I’m just about ready to cracked my first V4 and V5 since starting up climbing again. No beta please! Let’s just climb…

If you like this, check out some other posts from Tyson:

Or if you want, you can also check out some of Tyson's latest publications:

Lastly, visit the Microsoft Subnet for more news, blogs, and opinions from around the Internet. Or, sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert)

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: 10 new UI features coming to Windows 10