Preparing a cross-forest migration from Exchange 2013 to Exchange 2016. The migration itself will take a couple of weeks, so it's important that cross-forest availability is enabled and that autodiscover is functional. I've been reading several post and compiled a list of steps, could some check if these are correct?
Situation
Cross forest migration from contoso.local to internal.contoso.com
Source forest (single domain): contoso.local (Exchange 2013)
Target forest (single domain): internal.contoso.com (Exchange 2016)
SMTP domain: @contoso.com
- Check connectivity between the two forests
- Check that no ports are blocked
- Setup conditional forwarders or secondary zone
- Verify DNS functionality by pinging resources in and from both forestss
- Create a 2-way forest trust (transitive)
- Enable SID history on the forest trust
- Add the target forest domain admin in the built in admin group of source forest/domain.
- Install ADMT and the Password Export Service
- Install Exchange 2016 in the target forest
- Configure Exchange 2016 (send and receive connectors, add and bind the required certificates). Just like setting up a normal Exchange Server
- Set up an internal send connector on exchange2013.contoso.local to send email for contoso.com to exchange2016.internal.contoso.com
- Set up an internal send connector on exchange2016.internal.contoso.com to send email for contoso.com to exchange2013.contoso.local
- Ensure the receive connectors on both exchange2013.contoso.local and exchange2016.internal.contoso.com are configured for anonymous authentication and will accept connections from the other server.
- Set up a new accepted domain on exchange2016.internal.contoso.com for contoso.com and ensure it is set to internal relay.
- Test the Outlook Web Services and Outlook Connectivity
- Create GAL sync service account
- Add the serviceaccount to the recipient management group: ADD-RoleGroupMember "Recipient Management" –Member "Galsync"
- Enable remote PowerShell: Set-user -identity "GALSYNC" -RemotePowerShellEnabled $True
- Schedule GAL sync script, The script finds the mail-enabled users in one domain, and creates contacts for them in the other domain. Existing contacts will also be updated and deleted as needed.
- Verify connectivity to the Exchange 2016 server using testexchangeconnectivity.com
- Export the Autodiscover from the target forest to the source forest: Export-AutoDiscoverConfig -TargetForestDomainController <TargetForestDomainControllerName> -TargetForestCredential (Get-Credential)
- Add AvailabilityAddressSpace of shared domain to source forest: Get-ClientAccessServer | Add-ADPermission -AccessRights extendedright -ExtendedRights "ms-exch-epi-token-serialization" -User "<sourceforest\Exchange Servers>"
- Enable MRS service on the Exchange 2013 server in the source forest (Set-WebServicesVirtualDirectory -Identity “Exch2013.contoso.local\ews (default web site)” -MRSProxyEnabled $true)
- Verify MRS proxy by opening: https://<ews internal FQDN>/EWS/mrsproxy.svc
- Check if there’s enough space to write the logs, if not circular logging can be enabled
- Prepare the move request by running: .\Prepare-MoveRequest.ps1 -Identity “alias” -RemoteForestDomainController “sourceDC” -RemoteForestCredential $Rcred -TargetMailUserOU “OUDN”
- Move the mailbox to the Exchange 2016 server in the target forest: New-MoveRequest -Identity “alias” -Remote -TargetDatabase “DBName″ -RemoteGlobalCatalog “sourcedomainDC” -RemoteCredential $Rcred -TargetDeliveryDomain “DomainSuffix” -RemoteHostName “SourceexchangeEWSName”
- Migrate the user account using ADMT
- Verify mailflow, calendar sharing once the user and mailbox have been migrated
- Migrate distribution groups using ADMT, first export Exchange Attributes and import them into the target forest once the distribution groups have been migrated