Before migrating users from one Enterprise Vault (EV) managed Exchange server to a new Exchange server, an archiving/retrieval service/task must be created for the new Exchange server and also ensure that the Vault Service Account (VSA) has all the corresponding permissions necessary on the new Exchange server as it did on the old.
It can be useful to make EV automatically assign migrated mailboxes to existing archives.
There is a DWORD registry value, SynchInMigrationMode that controls whether the automatic association takes place. Create SynchInMigrationMode under the following registry key on the Enterprise Vault Server BEFORE starting the mailbox migration to the new Exchange server:
HKEY_LOCAL_MACHINE\Software\KVS\Enterprise Vault\Agents
If the Windows Servers operative system is 64 bit, add the key to the following path:
HKEY_LOCAL_MACHINE\Software\Wow6432Node\KVS\Enterprise Vault\Agents
0 — (Default.) Enterprise Vault does not assign new mailboxes to archives that are associated with the same legacyMbxDN values.
1 — Makes Enterprise Vault assign new mailboxes to archives that are associated with the same legacyMbxDN values.
2 — Creates new entries for the new mailboxes and renames the old entries by adding timestamps to the legacyMbxDN fields.
SynchInMigrationMode affects only the association between user mailboxes and archives; it does not affect the association between journal mailboxes and their archives.
This generally helps when migrating mailboxes from one server or mail store to another, in order to prevent duplication of entries in the ExchangeMailboxEntry table.
Note: Please refer to the EV Installing and Configuring guide for steps on adding & configuring the Exchange server services/tasks.
1. Configure the EV permissions on the new Exchange server. This can be completed before the move.
a. Make sure you add the VSA to the Local Administrators group on the new Exchange server(s).
b. Refer to the documentation for your Enterprise Vault version for applying Exchange server permissions. These can differ greatly between versions (for environments with Exchange Server 2007 or later you can use the PowerShell script from article http://www.symantec.com/docs/TECH138606).
c. Make sure the VSA is not part of any Active Directory (AD) Admin type groups. It should only be a domain user.
Reason: The domain admins group has explicit 'Send As' and 'Receive As' permissions DENIED.
2. Configure an Outlook profile on the EV server that can logon to the new exchange server.
3. Configure a new task under 'Tasks' to connect to the new server name.
4. Move the users.
a. Sync the users on the new server using the synchronization tab.
b. Check EV functionality. Verify the user can access their vaulted items and verify that the user can vault items if this is allowed.
Once migration of mailboxes has occurred EV will need to be synchronized against the new Exchange servers.
NOTE: If you apply the registry key AFTER migrating the account, then you need to follow the next steps after you add the key.
1. Restart Enterprise Vault Admin Service and it's dependencies
2. Go to the EV Console and enable the mailbox.
3. Run the Provisioning Task
4. Synchronize the desired mailbox on the Exchange Mailbox Archiving Task for the right Exchange server.
5. Double check on "Display Policies Assigned to Mailboxes" option that the user now belongs to the correct Exchange Server and the right policies and provisioning group.
