Transcript University Of Oregon Exchange 2010 Briefing

UNIVERSITY OF OREGON
CAMPUS EXCHANGE 2010
BRIEFING
Fall 2011
Meeting Agenda

Outcomes
 Exchange
2010 Timeline Update
 Design Overview
 Demonstrate functionality
 Discuss administrative responsibilities
 Migration
 pre-requisites
 steps
 Next
steps for IT Units
Timeline Update
Active Directory Phase I
& II
Exchange 2010 Design
Exchange 2010
Planning
Exchange 2010
Production Pilot
Exchange 2010
Production
Requirements
Gathering
Testing Build
Production Build
Administrative
Approval
Scoping
Functional Testing
Email Forwarding
Changes
Production Migrations
Procurement
Performance Testing
Global Address List
Changes
Identity Management
Development
Go/No-Go Checkpoint
2003-2010 Pilot
Migrations
IMAP Pilot Migrations
Design Overview

Design Objectives
 Multi-site
high availability
 Consolidated management
 IDM Integration
 Distributed Administration
 Distributed Support
Hardware
Device
Role
2 x F5 Big IP LTM 3900
Production Load Balancer Pair
12 x Dell R610
CAS/Hub Server/Mailbox
4 x Netapp 3140
Production Storage
2 x Cisco 4948
Storage Network
6 x Cisco 2960 GS
Exchange Customer Network
Mailbox Database Layout
Storage Performance Testing
60
50
40
DB1
DB2
30
DB3
DB4
DB5
20
DB6
DB7
10
0
Load testing was at full production estimates. Subsequent tests at higher load levels showed no
increase in storage latency. Future plan to upgrade to 10G networking
DB8
DB9
Client Performance Testing
16000
14000
12000
10000
8000
6000
4000
2000
0
Test 1
Test 2
Online
Test 3
Cached
Test 4
OWA
SMTP
AS
Test 5
Test 6
IMAP
Total Client Connections
Test 7
Client testing shows results for 50% of total production environment (site redundancy)
Test 8
Service Level Agreement

Service Level Agreement will be posted shortly on IT website


http://it.uoregon.edu/systems/services/exchange/sla
Design target of 99.999% availability – 5-6 minutes of user-impacting unscheduled
downtime per year
Exchange 2010 Access URLs
Purpose
URL
Port/Protocol
Outlook Email Client
Support for Outlook 2007
and 2010
autodiscover.uoregon.edu
MAPI protocol (UOnet
only)
RPC over https (port 443)
Mobile support using
ActiveSync technology
sync.uoregon.edu
443
IMAPv4 access to
Exchange Mailboxes
exchange.uoregon.edu
993
Outlook Anywhere
exchange.uoregon.edu
443
Outlook Web Access
(OWA)
outlook.uoregon.edu
443
Live Environment Demo


Show live production environment
Show Outlook Web Access
https://outlook.uoregon.edu
 IE
 Firefox
 Safari
Upcoming Changes




Global Address List
Autodiscover
IDM synchronization
Mail flow/Routing into Production
Global Address List Changes







Administrative Approval Received
Development work necessary to ensure we are
protecting FERPA protected data
Announce changes one week in advance
GAL updates will propagate over a normal weekend
Send out announcement after all GAL changes are
complete
September 9th- 11th – GAL changes for all Staff and
Faculty goes live
Student GAL may be implemented during quarter 4 of
2011
Autodiscover Changes

The Autodiscover service does the following:
Provides access to Exchange features for Outlook 2007 or
Outlook 2010 clients that are connected to your Exchange
messaging environment.
 Uses a user's e-mail address and password to provide
profile settings to Outlook 2007 or Outlook 2010 clients
and supported mobile phones.


Autodiscover service is inconsistently functioning


Microsoft does not support autodiscover with 2003
mailboxes
On an announced date we will cutover autodiscover
URL to point to the production environment (go-live
date)
Exchange Mail Routing - Today
Exchange Mail Routing – Go-Live
SMTP
Controlled by
Identity
Manager
• @uoregon.edu
• IDM forwarding
Exchange
2003/2007
• @Legacy.uoregon.edu
Exchange 2010
Mail connector
• @Ad.uoregon.edu
Microsoft Exchange Support
Tier I Support Department
Tier II Support Department
• Software training
• Basic Troubleshooting
• Incident Reporting
• Mailbox management
• Advanced client troubleshooting
• Incident verification
•
•
•
Tier III Support – •
•
Information
•
Services
Change Control
Configuration Management
Performance monitoring
Availability Monitoring
Backups and Recoveries
Mailbox Migration
Supported Exchange Account Types

Phase I – Fall 2011
Account Type
Person Accounts
Non-Person Accounts with DuckID’s

Phase II – Winter 2011
Account Type
Mail enabled groups (Distribution Lists)
Public Folders
Resource Accounts
Exchange Administrator Approval Form
Role Base Access Control
IDM Integration

From the Exchange Scope and Vision
 “Centralized
Identity Management – consistent and
automated provisioning of client access through
integration with the central Identity Management
infrastructure.”
 “Identity Management: Access to Exchange must be
managed based on the rules and practices in use for
the current central email offering.”
Access by Affiliation
Affiliation
Earliest Available
Latest Allowed
Administrative Faculty
Start of employment
End of employment
Associate
By request
End of affiliation
Courtesy
Start of appointment
End of appointment
Emeritus
Start of affiliation
End of affiliation
Faculty
1 term prior to appointment
1 year after appointment
Fixed Term Enduring Faculty
2 weeks prior to appointment
1 year after appointment
Fixed Short Term Faculty
2 weeks prior to appointment
1 term after appointment
GTF
2 weeks prior to appointment
1 term after appointment
Retired
By request
End of affiliation
Sponsored
By request
Upon departure
Staff
Start of employment
End of employment
Student
Not available
Not available
Student Employee
Start of employment
End of employment
Temporary Employee
Start of employment
End of employment
Non-Person
By request
End of request period
NOTE: Sponsored accounts
have a 75 day access limit.
FERPA exclusions not supported
FERPA exclusions not supported
Provisioning




Departmental Exchange Administrator will
Exchange enable managed accounts in their OU
through the IDM interface
Mailbox is automatically created with a 2GB quota
– increases available upon request
.forward file is automatically updated to point to
the correct Hub Transport Server
At the end of the provisioning event, an email
notification will be sent to the Exchange Admin and
the OU Admin.
De-provisioning





Exchange access can be manually removed prior to
automatic de-provisioning.
De-provisioning of Exchange will happen automatically
when a users affiliation changes such that they no longer are
eligible for access.
De-provisioned accounts will have their mailboxes detached
and retained for 75 days
Exchange will automatically remove detached mailboxes
after 75 days.
Email notifications will be sent to the end user as Exchange
starts to de-provision from the end user. These will follow the
same configuration as the notifications associated with our
current Email role.
IDM Interface
Click here
IDM Interface
Click here
Migration


Pre-Requisites
Migration Types
 2003
to 2010 Migration
 IMAP to 2010 Migration
 Ongoing Migrations
Migration Pre-Requisites




Active Directory OU
IT Unit will assume Tier I and Tier II responsibilities
Designate a qualified and approved full-time IT
professional as delegated Exchange Administrator
Must have all email to be migrated stored in an
online 2003 mailbox or centrally managed IMAP
account
Migration Spreadsheet
2003 – 2010 Migration
IS will provide
initial
spreadsheets of
accounts
IT Department
communicates
changes to users
IT Department
indicates which
users should be
migrated
IS will perform
mailbox
upgrades to
users (OUTAGE)
Schedule
migration
date(s)
IT Department
coordinates
changes to
Active Sync
devices
IS will provide
list of users
successfully
migrated and
any accounts
with errors for
follow-up
IS moves
mailboxes in
batches to
2010 mailbox
servers
(OUTAGE)
Once complete
user will simply
login to Outlook
client or new
OWA URL
Exchange
2010
IMAP to 2010 Migration
New mailbox
will be
automatically
created, users
can access
immediately. All
new messages
route to new
mailbox
IT Department
will schedule
migration dates
and prepare
users with tools
to access
(Outlook, OWA
shortcuts)
IT Department
will provide
spreadsheet of
accounts to
migrate
IS will confirm all
accounts have
DuckID’s
IT Department
will individually
Exchange
enable each user
to be migrated
Legacy mailbox
access for users
with Exchange
will be removed
after a period
of time
Users will be
emailed
instructions to
new inbox for
how to selfmigrate any
legacy IMAP
email from their
old account to
their Exchange
account.
Exchange
2010
Ongoing Migrations


Users that have their mailboxes migrated from
Exchange to IMAP will also be subject to additional
migrations when affiliation status changes
Users will be given a self-remediation webaccessible tool to self migrate their email between
environments on affiliation changes
IMAP to Exchange Migration Tool
IMAP to Exchange Migration Tool 2
IMAP to Exchange Migration Tool 3
Migration Checklist
Caveats/Considerations



Only Exchange mailboxes with existing DuckID’s will
be supported for migration at go-live
Public Folders, Mail Enabled Groups (Distribution
Lists), and Resource accounts are Phase II
Some of these processes are subject change
More Information


http://it.uoregon.edu/systems/services/exchange
Questions?
Rene Rangle –
Microsoft Premier
Support
Gil Nickelson –
Microsoft Premier
Support
John Carter –
Netapp
Rick Howard - INX
Vendor Support
Don Harris – Vice
Provost for
Information
Services and CIO
Jim Bean - Provost
Senior Leadership
Tim Miller –
Director of IT VPFA
Einar Ingebretsen
– Operating
Systems Network
Analyst - LCB
Campus Representatives
David Bartlett –
Exchange
Administrator
Dylan Wiggins –
Active Directory
Administrator
Francisco Gray –
Systems
Infrastructure
Specialist
Noreen Hogan –
Assistant Director EAA
Jim Beard –
Enterprise Systems
Developer
Sara Stubbs –
Assistant Director –
Academic Services
Kevin Ehlers –
Network Engineer
IS Operations
Staff
Information Services
Acknowledgements