When all of the services and data have been migrated to Exchange Server 2016, you can begin to decommission the legacy Exchange servers from your environment. Exchange servers must be correctly removed from an organization by uninstalling the application. If you simply shut down servers without cleanly uninstalling them, you’ll leave config data in Active Directory for the servers that will cause numerous issues in future. So you should always take the time to correctly decommission your Exchange servers.
For Not Real University, the organization is running in coexistence with Exchange Server 2010, 2013, and 2016. The goal is to remove all of the legacy servers, leaving only the Exchange 2016 Mailbox and Edge Transport servers in the environment.
Removing Edge Transport Servers
The Exchange 2013 Edge Transport server for Not Real University has already been shut down, but it’s worth taking a brief look at what steps you should perform to remove an Edge Transport server. The most important thing is to ensure no more mail flow is traversing the server. After removing the Edge Subscription, ensuring no MX records are still pointing at the server, and waiting a few hours or days, you can use protocol logs and message tracking logs to verify that no more SMTP connections are hitting the server and no more messages are being processed.
When you’re sure no more email is being processed by the server, you can shut it down for a few days as a final test. You can then power it back on when ready, and uninstall the Exchange Server application from the server.
Removing Other Server Roles
The recommended practice for Exchange 2010 or later is to install multi-role servers, however it’s possible that you have installed your server roles on separate servers, so let’s look at them individually.
Exchange 2010 Client Access
Client access services are no longer needed when there are no longer any mailboxes or public folders hosted on the legacy version of Exchange. The easiest way to verify that client connections are not hitting a server any more is to review the IIS logs. It’s normal to see some traffic in IIS logs from PowerShell connections, or server-to-server traffic (such as health probes), but as long as no regular users are showing up in the IIS logs on the server you can pretty safely consider it safe to remove.
Exchange 2010 Hub Transport
Exchange 2010 Hub Transport servers can be decommissioned when there is no more email routing through the server. If there are no send connectors that are configured to use the server as a source transport server, no MX records pointing at the server, and no DNS aliases for SMTP pointing at the server, then it is likely the server is no longer required for production mail flow.
However, it’s possible some internal mail flow is still passing through the server simple due to Exchange using all available routes that exist, and some traffic will still appear in message tracking logs. So as a precaution, you can pause the transport services on the server and see if that impacts your production mail flow.
Exchange 2013 Client Access
Exchange 2013 Client Access servers need to be reviewed in the same way as Exchange 2010 Client Access, by checking IIS logs for user connections. Exchange 2013 Client Access also performs Frontend Transport functionality, so you should also review the protocol logs on the server for any SMTP connections that might still be occurring.
Exchange 2013 Mailbox Servers (Transport)
Exchange 2013 Mailbox servers perform the same transport role as Exchange 2010 Hub Transport servers, so you should review them in the same way by using message tracking log searches to determine if any mail flow is still passing through the server. As with Exchange 2010, you can pause the transport services on an Exchange 2013 Mailbox server to gauge the impact (if any) on your production mail flow.
Exchange 2010/2013 Mailbox Servers (Databases)
Exchange 2010 and 2013 Mailbox servers can’t be uninstalled until they no longer host any mailboxes or public folders. They can still host empty databases, but setup will not allow the uninstall to proceed if any mailboxes or public folders still exist in those databases. Exchange 2010 setup will also block the uninstall if the server is still responsible for Offline Address Book generation. Since the Exchange 2010 OAB is not used for Exchange 2013 or later organizations, you can simply remove any Exchange 2010 OABs that still exist.
You can also dismount the databases to determine if their removal is going to cause any problems.
For DAG members the approach is a little different. The process involves:
- Removing database copies from the server (unless it is the last DAG member hosting the single copy of the databases)
- Removing the server from DAG membership
- Removing the databases from the standalone server
- Removing the DAG object from the organization when it has no more members
The uninstall of Exchange from the server can be initiated from the Control Panel, in Programs and Features or Add/Remove Programs, depending on your version of Windows Server. Exchange setup will warn you of any decommission steps that you’ve missed, and block you from proceeding with the uninstall if anything still needs to be addressed. When Exchange has been removed, you can complete the decommission of the Windows servers themselves by following your standard process.
After the legacy Exchange servers have been removed, your migration to Exchange 2016 is complete.
Hello Paul, After installing the second exchange server 2016 in the existing environment I am getting “The periodic heartbeat to the primary server (Server name) Failed” error from event logs and emails are being stuck in a queue of newly installed server and delivered after some time. Please help me to understand and fix this issue. Thank you.
Great info. Have you ever seen mailboxes get disconnected from the new exchange servers after decommissioning the old servers? We uninstall exchange on our old exchange 2013 servers and when it completed all my archive and some non archive mailboxes were disabled. Even though we had migrated these mailboxes to the new 2019 exchange environment. We had to re-connect the mailboxes to the AD accounts.
Off topic but I can’t tell you how many times I’ve been to this site for on prem and 365 migrations. This site got me through certifications. If you have meandered here for anything Exchange you have come to the right place.
i have just done a migration from 2013 to 2016, I use Mxgaurdgdog for my mail filter. Everything seems to be working fine. I am at the stage where I am shutting down the 2013 server to test mail flows for a few hours or days and decommission.
When I shut down the 2013 server I cannot see the send and receive connectors on the 2016 Server, please can you help with where I may be going wrong? I swap to server to the 2016 server in the EAC but as soon the 2013 server is down the connectors disappear
Hi, we have a strange issue. We had an Exchange 2013 server that for some unknown reason would not send out email. No updates done so no reason for it to stop. Restarted server no change. Email can be received but cannot be sent.
We were desperate and installed a 2016 server in the environment and when users were migrated to the 2016 server they could send. The problem we have now is when trying to decommission the existing 2013 server we can see that for some reason outbound mail flows via the 2013 first before doing as is expected in the outbound SMTP connector which is to use the 2016 server only.
Anybody seen this before?
This seems old but how did you resolve this issue?
Great series of articles! I am planning a migration and it is very helpful to see how it should flow from beginning to end.
I have a question about moving the system mailboxes from the Exchange 2010 server to the 2016 server. I didn’t see anything specifically about moving them but it seems like it would need to be done to be able to decommission the 2010 server. Should they be migrated as part of the user mailbox migration or is some other step more appropriate?
Hi, did you find out an answer for this. We are about to move all of our mailboxes and have the same question. Thanks
I recently migrated all mailboxes/public folders from exchange 2010 to 2016. In the guides it says to shutdown the old server for a little while before decommissioning.
While our old server is shut down we are experiencing some issues. Some sluggish behavior with outlook, and very slow initial setup when deploying new users on outlook.
I’m wondering if this is something that will be resolved after decommissioning the old server (like this could be some of the orphan effects).
While the old server is shutdown, i run a “test e-mail autoconfiguration” in outlook, and the log shows that it keeps trying to contact the old server, timesout, then connects to the new one. I’m sure this is where that sluggishness/delay is, but I’m not sure how to remedy this.
Any advice would be greatly appreciated. And thanks for the great guides.
Could you please recommend any article or any other source where is described what happens when the last legacy server is removed? (migration from 2010 to 2016)?
I mean changes in AD
Thank you very much!
Hi Paul, thanks for the article, you see, I´m in a weird scenario, some guy before me erased a Exchange Server Virtual Machine that never had some information as far as I know, the thing is that that server wasn´t decomissioned correctly, the VM was just erased and the Exchange wasn´t unistalled, I´ve been searching the way to remove this server and just found that the way to do it is with ASEDIT, what can I do for this problema?
PS: there´s no way to restore the old server.
The correct approach is to do a recovery install of the server, then do a clean uninstall.
Using ADSIEdit is not a supported approach.
I know this is late but I just encountered the same scenario. The recovery install worked just as documented.
You have great info on Exchange. Thanks for all you post.
I migrated Exchange 2010 to 2016. All is working except that when users logon, they get a cert error from the old server. I moved all of the certs (re-created) to the new server. How can I stop that?
Also, I am unable to do a “clean” remove of the old server as the 2010 was a VM and is no longer available. How can I remove that from the environment?
What does the certificate error say? If the old server is unavailable, how do you know the error is “from the old server”?
The supported way to remove a dead server is to reinstall it using a recovery install, and then cleanly uninstall it.
Sorry for the delay. The error that I get is – The name on the security certificate is invalid or does not match the name of the site.
It references the old server name.
I will try to reinstall it and bring it back up.
Sounds like your namespaces were never configured correctly. Also the improper removal of the old server causing problems.
Clients should not be trying to connect to a real server name at all.
I just installed Exchange server 2016 CU8 ,co-existance wiht Exchagne 2010.
For first day all was goging fine. but next day after updating the Virtual directories and had outlook testing i was able to connect to 2010 mail boxe and 2016 as well . But after couple of hours i notice the exchagne 2016 services are recclying and till this moment i am not able to start Exchange 2016 service some services start and stop again till now this is goign on. and it hit the exchagne 2010 servies as well. i am not able to connect any mail boxes on 2010 or 2016.
Exhcange servies cannot start.
Event log shows wired events. like cannot resolve AD topology . But if i restrat the Exchagne 2010 i see once AD servers are detected/AD toplogy is detecting AD serves, but after on Exchagne 2010 AD toplogy is not detecting or resolving AD servers.
CPU users goes 100% on Excahgne 2010. i have 1 CPU with 2 cores. i cannot connect to exchagne powershell on either of the exchange servers. i cann see DNS look up is resolving AD server names on both Exchange servers, they are on same subnet and AD site.
What is causing this, didn’t understand. How to remove-uninstall exchange 2016 to start using exchange 2010 as it was before adding exchange 2016. IT is still test environment. Exchange services on my test environment is down now. OS is Windows 2016 where i installed Exchange 2016CU8. Any help is appreciated.
After migrating mailboxes from Exchange 2010 to Exchange 2016, we were asked to temporally shutdown the Exchange 2010 and reuse the 2010 IP for the Exchange 2016 server. Everything works fine except outlook connectivity, which kept on prompting for password. A few troubleshooting steps showed that the AutodiscoverServiceInternal url is not returning the xml response with the Error code 600 on the browser as would be expected. Is there something we are missing.
What do you mean by “reuse the 2010 IP”? Why not just leave the 2016 server’s IP as it was?
It was a customer requirement. We could not help it.
yes, a customer requirement is for a good reason – they won’t have to change anything in firewall if the old exchange IP is reused.
I’ve been following your Pluralsight tutorial to migrate from Exchange 2010 to Exchange 2016 (very nice, by the way!), and I’ve finally gotten to the removal of 2010. When I run the uninstall, the prereqs check out, but the removal of the Mailbox role fails with a bunch of errors basically saying “Cannot index into a null array.”
I viewed the setup log, and it looks like setup is choosing the Server 2003 domain controllers from when Exchange 2010 was installed that have long since been (properly) demoted and decommissioned. There are no artifacts or stale metadata in ADSIEdit I can find pertaining to the old DCs.
I’ve also run the Set-ExchangeServer cmdlet to point the current and static DCs to our current domain controllers and the StaticExcludedDomainControllers to the former ones the setup insists on looking for with no success.
Do you have any ideas what to check or have you seen this before?
Actually, I figured it out. I left the C:\ExchangeSetupLogs folder on the server when Exchange 2010 was installed years ago, and the uninstaller was looking in there for old information.
When I renamed it to .old, the setup recreated a new folder, found the proper DCs, and ran the uninstall successfully.
…Wow, what an obsure glitch. Thanks again for the fantastic migration course!
That is a bit weird. Glad you sorted it out.
Just in case someone else runs into this error ” Cannot index into a null array” when uninstalling the Mailbox Role.
Renamed C:\ExchangeSetupLogs folder to C:\ExchangeSetupLogs.old
Uninstall again = Success! (Finally!!!)
Amazing series of articles. I’ve bookmarked each page in the 2016 migration series and several of the linked pages as well, all in a dedicated folder acting as a nice migration toolkit. This and the Exchange Deployment Assistant together make for a really well-looked-after feeling during migration projects.
Forgot to say “Thanks” and will add that the 70-345 courses on Pluralsight are incredibly well-done as well.
Thanks for the feedback.
I’m currently running Exchange 2013 and 2016 in my environment. Migrated fully to 2016 and now I’m at the stage to decommission my 2013 servers.
I’ve powered off my 2013 servers (2 CAS and 2 MBX nodes) and left it for a couple of days. No impact, no issues. I’m not using any Receive Connectors for 2013. I do have a Send Connector (which applies to all servers in the environment) and I’ve already removed the 2013 servers from the source.
Ok, so I figured I can now power the 2013 servers back online and then go through removing it cleanly. I reviewed the IIS logs on the 2013 servers, there’s nothing flowing through the CAS nodes, so that’s good. But then I look at the message tracking logs (filtered to -1 days) and there are still some emails hitting the MBX nodes (only showing emails since I powered the servers online). I’m sure the ReceiveConnectors are not configured for 2013, I’ve even gone through and checked all the default 2013 receive connectors for any weird settings. One of the emails in the log isn’t internal. I don’t have any MX pointing to the 2013 hub transport and no DNS alias or anything. Any ideas what else I can check?
As suggested in the article, you can pause the transport services on an Exchange 2013 Mailbox server to gauge the impact (if any) on your production mail flow.
Thanks for your reply Paul. I’ve already powered off the server, which effectively does the same thing as stopping the transport services. There were no impacts. Despite that, I think there is a problem:
– Powered off server for 4 days, no impact
– Power on server (so I can do a proper clean up)
– Checked Message Tracking logs for the past 4 days just to be sure, nothing shows up, that’s good
– Checked Message Tracking logs again, only about 2 hours later. Messages show up.
The issue is that there seems to be messages hitting the old servers. I’m not using any smarthost, all connectors are configured correctly. I’m just wondering if I missed something at this point.
You could be seeing shadow transport messages.
Please note that after the mailbox migration from exchange 2010 to exchange 2016. we are receiving the below error, “Outlook login fails after mailbox moves from Exchange 2010 to Exchange 2016′ and “Cannot open your default e-mail folders” kindly advise.
What have you already looked at in your investigations so far?
If a 2016 Exchange Server was installed as a trial alongside a 2010 exchange environment, is it safe to uninstall the 2016 server? We didn’t migrate anything or configure anything to point towards 2016. We basically just installed it to see if it would work first. We shut down the 2016 server and the entire 2010 environment is working fine. Curious if you think anything will break in 2010 environment if we uninstall 2016.