Zimbra Collaboration Suite and MS Exchange on the same domain

Published on February 15, 2019

Zimbra Collaboration Suite and MS Exchange on the same domain

    Despite the fact that the migration process from MS Exchange to Zimbra with the help of the ZCS Migration Wizard is quite simple and very fast, it will not be suitable for every enterprise. Not every company can afford to rush into the pool with its head, suddenly replacing one of the main working tools for another. Due to various factors, be it a high number of employees or their low technical literacy, many companies are gradually switching from Exchange to Zimbra. In this regard, IT managers of such enterprises need to support the work of two e-mail systems on the same domain at once, and now we will tell how to achieve this using the example of an enterprise migrating from Exchange to Zimbra.

    image

    The initial conditions are fairly typical for Russian enterprises: access to e-mail and collaboration tools is provided by MS Exchange and Active Directory running on separate servers. As part of the cost reduction, it was decided to migrate to the Zimbra Collaboration Suite with the additions of the Zextras Suite. Such a transition allows the company to significantly reduce the costs associated with licensing and maintaining the mail server. A one-time transition to a new server obviously created serious risks for the continuity of business processes, in connection with which a decision was taken on a phased transition, in which both mail systems were to function on the same domain name, and the first users to completely switch on the use of Zimbra, were employees of the IT department of the enterprise.

    Immediately after installing Zimbra, Active Directory was connected to it as external LDAP and GAL, and auto-tuning of users was enabled according to instructions from our previous article. Now a new user on the Zimbra server is created automatically when you try to log in with login and password from AD. MS Exchange, working on the domain mail.company.ru, it was decided to leave the main. It was decided to make Zimbra a secondary mail system and place it on zimbra.company.ru. With this configuration, it was necessary to:

    • Letters from the outside came to Exchange users
    • Letters from the outside came to Zimbra users
    • Exchange users could send emails to other Exchange users.
    • Exchange users could send emails to Zimbra users
    • Exchange users could send letters to the external Internet
    • Пользователи Zimbra могли отправлять письма другим пользователям Zimbra
    • Пользователи Zimbra могли отправлять письма пользователям Exchange
    • Пользователи Zimbra могли отправлять письма во внешний интернет

    In other words, the IT department was required to ensure the full functioning of both mail systems in order to gradually transfer users from one mail system to another.

    This task is solved by properly configuring both MS Exchange and Zimbra Collaboration Suite. So, in MS Exchange you need to configure connectors for sending and receiving e-mail. The fact is that exactly Exchange will be the primary mail system, which means it will be the one to route emails.

    The connector for sending mail is configured in the Exchange Administration Center, where you first need to select the Mail flow item and then Send connectors . There, using the Add button, you need to start creating a new connector. There, in the Network settings section , set the “Forward mail through intermediate nodes” option and specify the ip-address of your Zimbra server. In the Address space field, you must specify the local subdomain on which Zimbra works (in our case, this is zimbra.company.ru). The final step is to specify the address of the Exchange server in the Source Server field .

    Connector to receive mail is configured in a similar way. In the Remote network settings field, you must specify the address of the Zimbra MTA server, and then in the settings of the already created connector you must set the authentication mechanism - External protection. In addition, in the Permission groups field , checkbox Anonymous users and Exchange servers .

    After all the connectors are configured, it's time to associate Zimbra users with accounts in AD. This is done using the following command in PowerShell: Enable-MailUser -Identity 'admin@company.ru' -Alias ​​'admin' -ExternalEmailAddress 'SMTP: admin@zimbra.company.ru' -PrimarySMTPAddress 'admin@zimbra.company.ru' . A similar account binding must be made for each user migrating from Exchange to Zimbra. Mailbox contents and other account data were transferred from Exchange to Zimbra using the ZCS Migration Wizard.

    After all the settings on the Exchange side have been completed, you should proceed to the settings on the Zimbra side. It is assumed that the Zimbra MTA will accept all emails that are addressed to accounts hosted on the Zimbra server, but redirect to the main mail server those emails that are addressed to accounts hosted on MS Exchange. To do this, you need to enter three commands:

    zmprov md company.ru zimbraMailCatchAllAddress company .ru
    zmprov md company.ru zimbraMailCatchAllForwardingAddress company .ru
    zmprov md company.ru zimbraMailTransport smtp: mail.company.ru: 25

    After that, we just have to disable DNS detection and redirect all mail from Zimbra through the main mail system. This can be achieved by entering the commands:

    zmprov mcf zimbraMtaRelayHost mail.company.ru:25
    zmprov mcf zimbraMtaDnsLookupsEnabled FALSE

    After entering these commands, it is important not to forget to restart Postfix using the postfix stop and postfix start commands for the changes to take effect. Now you just have to create a binding for each new account on the Zimbra server, that it could receive mail from the Exchange server. This is done with the help of a command like zmprov aaa admin@company.ru admin@zimbra.company.ru

    After both email servers were set up for peaceful coexistence, the IT department of the company needed only to gradually transfer accounts from Exchange to Zimbra. Due to the fact that Zimbra and Exchange business calendars are incompatible with each other, migration to the new mail system was done at once by entire departments, because the situation in which some department employees work in one calendar, and some in another, creates significant risks for business. That is why, for moral preparation of employees for migration, a small memo and training video was released on where in Zimbra are the functions most in demand by the employees of the enterprise.

    After the migration was successfully completed, the server with MS Exchange was disconnected, it became necessary for the enterprise to make the Zimbra Collaboration Suite the only mail system. In order to accomplish this, it was enough for only five teams:

    md domain.com zimbraMailCatchAllAddress zmprov
    zmprov md domain.com zimbraMailCatchAllForwardingAddress
    zmprov md domain.com zimbraMailTransport the smtp: mail.company.ru: 25
    zmprov mcf zimbraMtaRelayHost
    zmprov mcf zimbraMtaDnsLookupsEnabled to TRUE

    After restarting Postfix, all incoming messages will be sent directly to Zimbra, and outgoing mail will also be sent from Zimbra. At the same time, thanks to the zimlet of Zextras Mobile, email and calendars are available to employees both on mobile devices and in their usual MS Outlook.