How do people typically do an Exchange Server 2007 cross-forest migration using the basic set of tools provided by Microsoft? Well, to summarize the process, most people tend to perform Active Directory object migration via ADMT and then "move" user mailboxes using the Move-Mailbox cmdlet. Or, at least that tends to be the path of least resistance. On the other hand, if the need should arise, there are also a number of other paths that can be taken to achieve the same goal.
Case in point, what if ADMT is for some reason not “migrating” a majority of an object’s attributes (like anything mail related). Compounding the issue, what if moving a single mailbox (without any data) using the Move-Mailbox cmdlet is taking 4 hours. Oh, did I mention that the entire migration has to be completed over the weekend. :>)
At this point, you might be turning to a third-party vendor to complete your migration (which might also encounter the same issues). However, what if I were to tell you there are other ways to complete a cross-forest migration using the same set of tools you have already been given. For example, did you know that you can use the mail recipient cmdlets in Exchange Server 2007 to examine information from an organization in a remote forest?
To better understand what I’m talking about, let’s look at the Get-Mailbox cmdlet. This cmdlet has two related parameters to our conversation: Credential and DomainController. By defining these parameters correctly, I can connect to a remote organization and pull information about the mailboxes in this organization.
Let’s take a look:
Let’s take a look:
$SourceGC = "sourcedc01.mydomain.com"
$AdminCred = Get-Credential
Get-Mailbox -DomainController $SourceGC -Credential $AdminCred
Shazam! You can now pull in mailbox information from a remote organization. But, how does this relate to performing a migration. Well… the scenario works like this.
- We will assume that you have some form of co-existence in place (contacts galore).
- Next, you perform the botched ADMT migration to ensure that you now have migrated accounts + sid-history within the target forest.
- Next, using a little PowerShell scripting arm grease you can do the following:
- Read the information from the existing contacts in the target organization.
- Read the remote organization’s recipient information.
- Create dail-tone mailboxes for mail-enabled users, distribution groups, contacts in the target organization.
- Remove the existing contacts from the target organization.
- Using the remote recipient information and the target contact information correctly stamp your new recipients.
- Lastly, clean-up the recipients from the source organization (needs to be executed from the source organization).
Yes, I’m skirting around topics such as mailbox data, profile redirection and such… But, even those have solutions as well. For instance, when tackling the mailbox data… Your first concern is to get mailbox access and mail flow going ASAP. Provided that is working, you could then export the existing data from all of the source organization mailboxes and then over time stream that data back into the dial-tone mailboxes that were just created. Or, just give the user the resulting PST file. :>)
Hopefully… this post spawns ideas when faced with wall. After all, walls are meant to be climbed. Lastly… for those of you who boulder… I’m slowly getting back to where I used to be. After today, I’m just about ready to cracked my first V4 and V5 since starting up climbing again. No beta please! Let’s just climb…
If you like this, check out some other posts from Tyson:
- When a computer science degree matters, and when it doesn't
- Since when did cloud computing become/need a manifesto?
- Why would one phish using a Certificate Authority (CA) as bait?
- Would I trust you, if everyone else trusted you?
- Here is a good question: Is scripting programming or just systems administration?
- PowerShell boy and the case of the missing cmdlets!
- Fun with PowerShell 2.0 Eventing!
- Creating a custom 404 page to handle link redirection for ASP.NET web applications
Or if you want, you can also check out some of Tyson's latest publications:
- Windows PowerShell Unleashed (2ndEdition)
- Windows Server 2008 Unleashed (Yes, I did help on this book)