Question : Migrating Exchange from SBS2003 to Exchange Standard 2010

I am working with a company who has had a SBS 2003 domain with about 45 users. They wanted to add about 60 additional users and quickly ran into the 75 user limit in SBS 2003. I have been given the task of migrating them to a Server 2008 Enterprise R2 domain with Exchange 2010 Standard. I will state up front that I have virtually zero exchange experience, so obviously have run into some hurdles.

I have two main problems at this moment. I cannot connect to the OWA interface with ANY user. I have tried https://localhost/owa and do get the page but every login attempt is denied with invalid user/pass. I did go back and make sure that Outlook Anywhere is enabled, I selected 'Use forms-based authentication', set it to use user name only and selected the logon domain. Still cannot log in.

The second problem is that I cannot move the mailbox for a few users. I keep getting this error:

Error:
Active Directory operation failed on server.domain.local. This error is not retriable. Additional information: Insufficient access rights to perform the operation. Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights

I am doing this request as the domain administrator, and it worked on 42 of the other mailboxes, just not these 3. Same error.

Just to be thourough, here is my detail of this whole operation:

I installed a fresh copy of Server 2008 Enterprise R2. I did not give it any FSMO roles, nor DNS or GC. I ran adpromo /forestprep on the SBS2003 box, then ran DCPROMO on the 2008 server promoting it to a DC.

Next, I installed another fresh copy of Server 2008 Enterprise R2 on another server. I joined it to the domain but did not make it a DC. I then installed Exchange 2010 Standard and gave it all the roles availabe (mailbox, hub transport, unified messaging, can't remember the others. pretty much everything but edge transport I believe) I then performed a mailbox move on all the mailboxes, with the exception of the three that failed with the above error.

I forwarded ports 25, 80, 110, 143, 443, 587, and 995 to the server. Later it will have a direct connection to the internet but I am keeping it behind a firewall for now.

That's as far as I have made it. OWA connects but no user accounts can log in. It connects via localhost, or from a host outside the firewall. Outlook cannot seem to connect from outside the firewall. I do not have a host with outlook inside the firewall I can test that part with.

My intention once Exchange is working is to transfer the FSMO roles to the new 2008 DC I created then remove the SBS2003 server from the domain. Any help would be GREATLY appreciated. Especially if you see something I have done wrong. At the moment, the two issues I mentioned previously are my immediate hurdles.

Answer : Migrating Exchange from SBS2003 to Exchange Standard 2010

Hi arstacey,

Just to get some more information, is this everything related to the same domain and exchange organization ? Or is it a subdomain or another Exchange Organization ?

Since everything else works except the owa the problem might be within your IIS. I assume that you get the default log in page for OWA ? but you get access denied everytime you try to logon, and you've tried with several users ?

On IIS Manager locate Default Web Site \ Owa and set authentication to Basic Enabled ( with all the others disabled ). Also disable SSL, since i assume that you do not have a valid SSL certification at the moment =).

Go to Exchange Management Console -> Server Configuration -> Client Access -> Outlook Web App -> Double klick on it and check the Internal and External URL have been set to (https://mail.contoso.com/owa) or whatever your URL has been set to. Go to authentication and click "Use forms-based authentication" and choose user name only and browse your logon domain.

After this do the following -> start -> run -> cmd -> typ "iisreset /noforce"

If your problem still persists go to Microsofts homepage and download the Update Rollup 4, for Exchange Server 2010

Restart your server and see if the issue persists,

If it STILL does:

Check: http://technet.microsoft.com/en-us/library/bb691354.aspx and see if you've met the requierments if not you will need to run this command at powershell:

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy,Desktop-Experience -Restart

Let me know how this goes

/Regards

Random Solutions

Net Use returns "System error 64 has occurred. The specified network name is no longer available."

Ajax compatibility problem with IE and Firefox

WRT54G2 Linksys router - reset password saving actual configuration

Sorry, VMware GO doesn't currently support ESXi servers with multiple datastores.

Javascript - how to add number to field name (dynamic field add script)

OS X Server 10.5 and OS X Laptops Joining accounts to Open Directory?

LZMA compress / expand buffer api?

Hyper-V P2V VM Continuous Blue Screen

Proliant ML110 G4 Lost RAID and Randomly gives Error 0251