Exchange Cross Forest Mailbox Move

Question

Hello Folks,

I need some suggestion on moving the mailboxes in cross forest.

Source Server : Exchange 2013

Target Server: Exchange 2016

New-MoveRequest –Identity 'Mailbox1@careexchange.in' –Remote –Remotehostname 'sourceExchange.CareExchange.in' -RemoteCredential $RemoteCredentials –TargetDeliverydomain 'targetexchange.in'

1. I am using the above command and getting some error like increase timeout ( Seems like need to increase the timeout in
   MRS proxy on source exchange server
2. Source forest has internal load balancer so do we need to increase the timeout value on there as well
3. Also one more query in the above command in the section of -remotehostname which parameter we have to enter its the
   server FQDN ( like example exchange01.abc.com )or the URL name of the EWS virtual Directory ( like example
   mail.abc.com )

Note: I have entered the FQDN of the server and got the error like certificate is invalid and SSL/TLS issue then tried entering the mail.abc.com after 55% mailbox move failed and now getting the timeout error.

Appreciate your quick feedback folks.

Thanks,
Arif

Answer 1

Hi anonymous user ,

Are there any error messages after the migration failed? If so, please share them by covering your personal information.
Have you finished the preparation for the cross-forest moves? Based on my knowledge about Cross-Forest migration, the New-MoveRequest command needs you to create a mail user on the target server that have some mandatory attributes.

Before the migration, you should do the preparation first: Prepare mailboxes for cross-forest move requests
Also you can use Prepare-MoveRequest.ps1 script to do the migration: Use the Prepare-MoveRequest.ps1 script to prepare mailboxes for cross-forest moves

I am using the above command and getting some error like increase timeout

According to my research, you can modify the receiveTimeout manually: Open the MsExchangeMailboxReplication.exe.config(\ExchangeInstallPath\Bin):

The default value is 50 seconds, you can modify it to a larger number like 20 minutes.

Source forest has internal load balancer so do we need to increase the timeout value on there as well

Yes, you can increase the receive and send Timeout values to 20 minutes to prevent migration timeout.
And also increase the DataImportTimeout value in Exchange 2013, it’s 5 minutes by default in Ex 2013 and 20 mins in Ex 2016.

Also one more query in the above command in the section of -remotehostname which parameter we have to enter its the

server FQDN ( like example exchange01.abc.com )or the URL name of the EWS virtual Directory ( like example
mail.abc.com )
The RemoteHostName should be the FQDN of the source forest. As you got the Certificate Invalid error, I think you should check the Certificate first.

You can use Test-MigrationServerAvailability -ExchangeRemoteMove -Remoteserver "Source.Domain.com” to have a test of connectivity. If the test failed, you can check the ErrorDetail, it could be like this:

This example shows us that this is a certificate issue.
You can also share the failed test ErrorDetails for a further research(also cover your personal information like Server FQDN and Mailbox name).

Regards,
Lou

---

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

Hi @Xzsssss ,

Thanks for your reply !!

My steps for migrating the users mailbox from source to target exchange

Step1: PrepareMoveScript.ps1 to copy the user attributes and ensure mail enabled user object is created in target domain

Step2: Move the security groups via ADMT tool

Step3: Move the user with password, SID history, fix group membership via ADMT tool

Step4: Mailbox move request after creating a migration end point

Step5: Complete and finalize the migration job for the mailbox

Noted: Moved pilot mailboxes and its completed successfully but one time i got transientfailuresource

Issues faced:

SSL certificate issue as the target exchange doesn't have internet access

TransientFailureSource while moving the mailbox, Could be the issue with load balancer session timeout or the MRS proxy timeout.

Also i will make the load balancer session as persistent.

Note: I will apply the changes on the timeout value as suggested by you on the load balancer and MRS proxy on the source exchange server

Regards,
Arif

Answer 3

Hi anonymous user ,

Thank you for sharing these steps!

For the SSL Certificate Issue, if you use the self-signed certificate, you need to export the root certificate from legacy Exchange and import to the target Exchange certificate root.

1. Export from the Source forest certificate root
   
2. Copy the .Cer file to Target forest.
3. Install certificate to local computer -> trusted root certificate authorities.
   
   You can try to open https://<SourceServerFQDN>/EWS/mrsproxy.svc form the target forest, if there is no certificate issue, it will directly ask for your account and password.

As for the TransientFailureSource failure, does the migration go well after you changed the MRS proxy timeout and DataImportTimeout?
And does the Test-MigrationServerAvailability cmdlet succeed? I think if it’s a success, you can do the migration as expected.

Looking forward to your good news!

---

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.