In my yesterday's post in the migration to Exchange 2010 series, I wrote about deploying a Client Access server. By following my guide, you set the external namespace for the Exchange 2010 environment. For your users’ convenience, you might have chosen the same namespace you used for your legacy server. But assigning the same namespace for two different services usually causes a lot of trouble, so you might ask yourself how both Exchange versions can coexist under the same namespace.

Coexistence under the same namespace is not possible. When you provided the same namespace during the Client Access Server Role installation that you are using for your legacy Exchange installation, the setup routine automatically changes the namespace for the legacy server. If your users try to access Exchange using the URL they are used to, they connect to Exchange 2010. But that is what you want your users to do because Exchange 2010 Client Access can interoperate with legacy Client Access servers. If the Exchange 2010 Client Access server gets an access request it can’t handle, it simply redirects the query to the legacy server.

To make these redirections and the coexistence of both Exchange versions work, you have to assign a different external namespace (for example, to your legacy servers. The configuration of the legacy server is different for Exchange 2003 and Exchange 2007.

Coexistence with Exchange 2003 ^

First, create a DNS entry for the legacy namespace and point it to your Exchange 2003 front-end servers. If this new namespace is not included in the certificates of your legacy front-end servers, you have to create new certificates. After the entry is created, you have to configure every Exchange 2010 server to redirect to this address. You can do this with the following command:

Set-OwaVirtualDirectory “Contoso/owa (default Web Site)” –Exchange2003Url

If you use ActiveSync on your legacy Exchange servers, make sure that the Integrated Windows authentication is turned on. Last, but not least, if you use RPC over http, make Exchange 2010 the connection point and disable RPC over http on the Exchange 2003 server.

Coexistence with Exchange 2007 ^

First, create a DNS entry for the legacy namespace that points to the Exchange 2007 Client Access server. Update the external namespace on your Exchange 2007 Client Access server and install appropriate certificates. Next, change the Autodiscover path to point to your Exchange 2010 servers. The last step is to turn off Outlook Anywhere on the Exchange 2007 servers and enable it on the Exchange 2010 server.

Finalizing the configuration ^

The configuration of the Exchange side for the coexistence phase is now finished. But you must also adapt your firewall rules to the new environment. If you offer the same services on Exchange 2010 as on the legacy Exchange server, you just have to add the Exchange 2010 server to the rules and you are done. Otherwise you have to create a few new rules.

Subscribe to 4sysops newsletter!

When you are finished with these steps, not everything is working yet. However, you have an environment where at least the basic services work (Outlook Web Access, Outlook Anywhere, and ActiveSync), and the coexistence of Exchange 2010 with your legacy Exchange server will give you some time to finalize the configuration of Exchange 2010. One of the next steps would be to configure the Offline Address Book. For that purpose you need a mailbox server running at least Exchange 2007. I will cover that topic in a following post, but first I am going to write about deploying the Exchange 2010 Hub Transport and Mailbox Server Role.

  1. Rich 11 years ago

    I was wondering if you could elaborate on the certificates and mail flow in a coexistence environment. In what instances should you re-issue an existing cert (maybe add a name for your CAS array) or buy a new one altogether. Also, mailflow when you have 2007 and 2010 CAS/Hub Transport servers coexisting.


  2. Author
    Alexander Weiß 11 years ago

    If you use a wildcard cerificate (* you don't have to re-issue the certificate at all. But if your certificate was only issued for a specific namespace (e.g. and you want to continue to use this namespace for your Exchange 2010 Server your legacy Exchange Server hast to switch to another namespace (e.g. However, the old certificate is not valid for this namespace. So you have to create a new certificate for your legacy Exchange Server which is bound to the namespace

    The mailflow settings are part of my next article about the Deployment of the Hub Transport Server Role. It will be available in the next days.

  3. John Damone 11 years ago

    When you define the Exchange 2010 external namespace for the Client Access server, do you use the name of the Exchange 2003 server users are currently using for smartphones, and Microsoft Outlook 2003? I'm a little confused about whether to create a new namespace for the new server, or just use the current 2003 namespace when defining the external namespace for the Exchange 2010 environment.

  4. billybob 10 years ago

    John did you get an answer to this? I have the same query, if I enter the same namespace in the CAS setup does the 2k3 server change its namespace to legacy and stop working automatically?

Leave a reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *


© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account