Chat with us, powered by LiveChat

Blog

Back

How to Migrate Exchange to Office 365: Step by Step – Part 2

21 May 2019 by Steve Goodman

Illustration showing an IT professional taking his next step on the path to learning how to migrate Exchange to Office 365.

The full two-part guide is available to download here.

In the first part of this guide, we decided upon the migration approach from Exchange to Office 365, then performed the core steps to ensure identity – the core component for Office 365 sign-in – was set up correctly.

In the second part of this series, we’ll dive into the implementation of Exchange Hybrid and migrate mailboxes.

Implementing Exchange Hybrid

With identity in place, we are now ready to implement Exchange Hybrid. Because we are running Exchange 2010 or higher, we don’t need to add additional Exchange servers. We’ll choose to implement Full Hybrid rather than minimum (you can read more about both here).

To begin, we’ll access the Exchange Admin Center on-premises and navigate to the Hybrid tab. Then we’ll choose Configure:

Screen shot showing the 10th step in hot to migrate Exchange to Office 365 - step by step

Choosing Configure will download and start the Office 365 Hybrid Wizard. We’ll allow the wizard to choose an optimum server and then for most organizations choose My Office 365 organization is hosted by Office 365 Worldwide, then choose Next:

Screen shot showing the 11th step in Exchange to O365 migrations

We’ll then enter appropriate administrative credentials. In this example, we’ll use the administrator credentials for Exchange on-premises, and our Global Administrator credentials for Office 365:

Step 12 in how to migrate Exchange to O365

We’re going to plan for some longer-term co-existence and full mail routing, therefore we’ll choose a Full Hybrid Configuration on the Hybrid Features page.

We’ll also choose the Organization Configuration Transfer feature. This will make life easier when migrating to Exchange Online by copying on-premises configuration (detailed here) as part of the initial Hybrid configuration process:

How to migrate Exchange to Office 365 - Step by Step - 13

Crucially during the setup process, we’ll choose to use the new Preview feature for Exchange Modern Hybrid, as mentioned above. This will install a Hybrid Agent that simplifies publishing our Exchange Server to Office 365:

Screen shot showing the 14th step in an Exchange to Office 365 migration

Finally, we’ll select an On-Premises Account for Migration. This will be the account used to migrate mailboxes and must possess the Organization Management and Recipient Management role as detailed under Mailbox move and migration permissions on Microsoft Docs. The credentials specified here will be used to create a Migration Endpoint automatically that leverages the Hybrid Agent, making it simple for us to migrate mailboxes:

Step 15 in Exchange to O365 migrations

As a pre-requisite to the Hybrid Configuration itself, the Hybrid Agent will be installed and configured. As part of this process, you’ll need to provide your Office 365 credentials again, then after agreeing to licensing terms, the Hybrid Agent will be installed and configured:

Step 16 explaining Exchange to Office 365 migrations

Next, as part of the Hybrid Configuration, we will need to configure mail flow. For most organizations, we’ll choose to Configure my Client Access and Mailbox Servers for Secure Mail Transport rather than use Edge Servers. For Exchange 2010, this will be Hub Transport Roles. We’ll also choose to leave Centralized Mail Transport unticked. Only use this option if you want all outbound email from Office 365 to flow via Exchange Server on-premises.

The 17th step in migrating from Exchange to O365

On the next two pages of the wizard, we’ll define the servers used for inbound and outbound mail flow between Office 365 and on-premises Exchange Server. On the first page, we’ll choose the Receive Connector configuration. This will be the servers used to receive mail from Office 365, which includes messages from Office 365 mailbox back to mailboxes that are still hosted on-premises.

These servers will be those with valid SSL certificates installed and published to be available for inbound SMTP connectivity from Exchange Online Protection.

Step 18 in how to migrate Exchange to Office 365

 

On the Send Connector configuration page, we’ll select the servers that will be used as the last hop before sending onward to Office 365. Until we cut over our MX records entirely to Office 365, all mail to Office 365 recipients will flow out through these connectors, and these servers will need to be able to communicate via SMTP to Exchange Online Protection, and use valid SSL certificates:

 

A screen shot showing the 19th step in Exchange to Office 365 migrations

Next, we’ll need to select the SSL certificate to use for communications. The connectors created will expect to utilize this certificate both when negotiating a TLS-secured SMTP conversation with Office 365 and when Office 365 connectors validate the identity of our on-premises organization:

Finally, we’ll enter the Organization FQDN. This name will be the name you’ll configure when publishing SMTP externally. Office 365 will create a connector to send email to on-premises using this DNS name, which will then be used to initiate a connection over SMTP.

Migrating Exchange to O365 - Step 21

With our configuration defined, we’ll proceed to configure the Hybrid relationship. This may take some time, as it relies upon the Hybrid Configuration Wizard making changes to both Exchange Online and Exchange On-Premises. For larger organizations, expect to wait a substantial amount of time when tasks such as updating Email Address Policies take place.

Step 22 in migrating Exchange to Office 365

After the Hybrid Configuration wizard completes, we’ll expect the following key tasks to be complete:

  • The Hybrid Agent installed and configured, with an endpoint defined for Exchange Online to access our on-premises organization over HTTPS
  • The Mailbox Replication Service (MRS) Proxy enabled on all Exchange Web Services virtual directories, allowing Mailbox Moves to take place.
  • Federated Sharing enabled for Free/Busy between on-premises and Office 365 and to allow read-only Calendar sharing
  • Remote Domain configuration to define the email relationship between on-premises and Office 365 – in particular defining our mail.onmicrosoft.com domain as our Office 365 routing domain.
  • Email Address Policies updated, adding alias@tenant.mail.onmicrosoft.com as a secondary address to all Mailboxes and Mail Users who have policies applied – this will be used for mail routing from on-premises to Exchange Online when we migrate mailboxes.
  • A Send Connector configured from Exchange On-Premises to Exchange Online for our mail.onmicrosoft.com for secure mail routing outbound
  • Receive Connectors configured to accept mail securely from Exchange Online
  • Respective Inbound and Outbound Connectors in Exchange Online for secure SMTP between on-premises Send and Receive Connectors.
  • When Organization Config Transfer is selected, selected policies copied to Exchange Online.

 

Additional configuration after performing Exchange Hybrid configuration

For a basic migration to Exchange Online for smaller organizations, additional configuration may not be necessary.

However, you may need to add additional configuration if you need to enable:

  • Public Folder coexistence and migration
  • Read/Write access to Calendars cross-premises using existing permissions
  • On-Premises integration with Office 365, such as Teams integration using OAuth
  • Unified Messaging configuration

One area many organizations do need to make additional configuration changes is to Mailboxes. Any Mailboxes that have the Email Address Policy checkbox disabled will not get the additional Office 365 routing address (typically in the format alias@tenant.mail.onmicrosoft.com) added automatically. Without this, pre-requisite checks for migrations will fail, as it needs this address to stamp as the routing address after mailbox migration.

You can use the Exchange Management Shell on an Exchange Server to check for users with the Email Address Policy disabled using the following cmdlet:

Get-Mailbox -ResultSize Unlimited | Where {$_.EmailAddressPolicyEnabled -eq $False}

Migrating Exchange to O365

This should provide a list of Mailboxes that require remediation.

You can either use PowerShell to update mailboxes en-mass, or use the Exchange Admin Center (or Exchange Management Console on Exchange 2010) to add an additional email address:

Migrating Exchange to Office 365 - Step 25

As shown in the example below, this should match the existing format for the alias and then use the tenant name (for example contoso or in this case goodmanenterprises) followed by .mail.onmicrosoft.com, for example TestMailbox125@goodmanenterprises.mail.onmicrosoft.com:

Step 25 in Exchange to O365 migrations

If you aren’t sure what to add, examine another account that has automatically been updated to validate the address you will add. Once complete, this should show as a secondary address (with a lower-case smtp type):

Migrating Exchange to Office 365 step 25

Migrating Mailboxes

With our Hybrid Configuration in place, we will begin by testing migrations to Office 365 before actually migrating real users. The process we’ll use will be the same one we’ll use when we migrate the rest of our mailboxes.

The purpose of performing test migrations is to ensure that everything works well, once we move mailboxes. Even with good connectivity in place, the correct firewall rules configured and Office clients installed, things can still go wrong. Therefore to ensure any surprises are avoided, we’ll create test mailboxes to use to validate the migration experience and test everything works from a user perspective, too.

Migration works in Exchange Hybrid by Exchange Online making an outbound connection to our on-premises Exchange Servers over HTTPS and moving mailboxes using the Exchange-native Mailbox Replication Service. Normally this is an internal Exchange mailbox move mechanism, but for Office 365, the Hybrid Wizard enables the MRS Proxy within the Exchange Web Services virtual directory. This allows Remote Moves. To be able to create batches of mailboxes to migrate, we need to define the URL for the MRS Proxy within Exchange Online. Thankfully the Hybrid Agent enables the MRS Proxy Component, and creates a Migration Endpoint in Office 365.

We’ll begin by accessing the Exchange admin center, via the Office 365 Portal and navigating to Recipients>Migration.

From the Migration Tab, we’ll select the plus (+) menu and choose Migrate to Exchange Online.

Step 27 in Exchange to Office 365 migrations

The New Migration Batch wizard should appear. On the first page of the wizard, we’ll choose to create a Remote Move Migration, then choose Next:

How to migrate Exchange to Office 365 Step by Step - Step 28

On the next page of the wizard, we’ll select the users to add to the batch. We can either import a CSV file, or select on-premises mailboxes from the Global Address List. For our test migrations, we’ll select the Test Mailboxes from the GAL:

Step 29 in migrating Exchange to O365

On the next page of the wizard, we should see the Migration Endpoint pre-populated. This will have a GUID string, followed by .resource.mailboxmigration.his.msappproxy.net. This corresponds to the endpoint managed by the Hybrid Agent.

Step 30 - Migrating Exchange to Office 365

Next, we’ll choose a migration batch name. This should be descriptive as you’ll need to unique identify batches as you continue the migration. You’ll also need to choose a Target Delivery Domain. The target delivery domain is the Office 365 tenant domain, as set in our Email Address Policies and used for routing email from on-premises to migrated mailboxes. From a user perspective, this will not change their Primary SMTP address, though. If the domain in the format tenantname.mail.onmicrosoft.com is not selected by default, choose it from the drop-down list:

Step 31 in how to migrate Exchange to Office 365

On the final page of the wizard, we’ll select notification and completion settings. It’s good practice to pre-synchronize mailboxes first, then when you are ready to actually move mailboxes, perform a final synchronization and switchover. Therefore, we’ll choose the Manually Complete the batch option which will allow us to control the switchover timing:

Step 32 in migrating Exchange to O365

The new migration batch should be created, and show in the Migration tab of the Exchange Admin Center. As it begins, the status should change to Syncing. You can monitor the progress of all mailboxes within the batch by choosing the View details link:

Migrating Exchange to Ofice 365 - Step 33

By choosing View details we will see the status for individual mailboxes as they synchronize. For our test mailboxes in the batch below, we can select a mailbox and view progress, and if needed download a report detailing any errors or issues during the sync:

Step 34 in the migration from Exchange to Office 365

After all mailboxes in the batch have performed an initial sync, the status will change to Synced. Approximately every 24 hours, an additional sync will be performed to ensure content is up to date. At this stage, users will not see any changes as the sync has happened in the background.

When we are ready to switch over users within the migration batch, select the Complete this migration batch link:

Step 35 in migrating Exchange to Office 365

Within approximately 30 minutes (for most batches) the final synchronization and switch should occur.

Testing functionality

It’s crucial to test functionality both from a service perspective and from a client perspective after moving test mailboxes.

To test key service functionality provided by Exchange Hybrid, we’ll conduct two core tests:

  • Mail Flow
  • Address List lookup and checking availability

These two tests will ensure that in addition to moving mailboxes, we’ve got the ability to email between migrated and on-premises recipients, and aspects like booking meeting rooms or checking the availability of colleagues work. Under the hood, this tests the connectivity for SMTP and it tests the ability for both Exchange Server to connect to Office 365 HTTPS endpoints, and for Exchange Online to connect over HTTPS to our on-premises infrastructure via the Hybrid Agent.

You can perform basis email flow tests using Outlook on the web. Send emails from on-premises and the migrated mailboxes to test basic mail flow:

How to migrate Exchange to Office 365 - Step 36

To ensure secure mail flow is in place, set Out of Office replies for Internal recipients for the test mailboxes both on-premises and in Office 365. By validating that an Internet OOF reply is sent rather than an external one we check that the correct secured connectors are being used to send and receive mail between the two environments.

Next, ensure that the test mailboxes have existing meetings scheduled. Then, attempt to schedule a meeting from an Office 365 user checking the availability using the Scheduling Assistant of an on-premises user that has existing appointments. If this succeeds, connectivity via the Hybrid Agent is working as expected:

Migrating Exchange to Office 365 step 37

Perform the same test from on-premises, this time checking the availability of the migrated Office 365 account. This test will ensure that the Exchange Server can connect outbound over the internet to Exchange Online using HTTPS:

Exchange to Office 365 migrations - Step 38

In addition to the service tests, ensure you test clients that represent your environment. Recommended client tests include:

  • Pre/Post migration experience with Outlook users, using each version of Office deployed
  • New client setup experience with Outlook users, again using each version deployed
  • Repeat the above tests with domain-joined/network connected users and remote users
  • Mobile Device Management reconfiguration experience for Mobile Users
  • New mobile client setup using the Outlook Mobile App
  • Re-perform mail flow and availability tests at each stage

Ensure you document the results of tests and take screenshots. These will be useful should you need to troubleshoot later, and provide material to use for any training guides you wish to provide to users.

As you complete your testing it will be common at this stage to progress to a technical pilot. This is usually where a contained group within the IT team migrate to Exchange Online. While you create your migration plan, collect feedback from this group to help remediate any technical issues or improve any user documentation you create.

With the technical preparation complete for your migration, including pre-requisites, Hybrid setup and configuration and comprehensive testing, you need to plan your actual migration.

Plan your migration batches

When migrating mailboxes, plan to move people who share together, together. Although Shared Mailbox access will work across Hybrid, and it is possible to ensure Read/Write Calendar Access works, your users will have a better experience if you move their mailbox along with other colleagues and shared mailboxes at the same time. This ensures you don’t need to perform workarounds for areas like Outlook Delegate functionality.

You can use Microsoft FastTrack’s Find MailboxDelegates script to produce a file for use in Excel and Migration Batches to organize your batches and Microsoft’s Batch Analysis spreadsheet to understand relationships within the exports.

What you may find though is a big web of sharing within your organization, with many people within departments sharing, and some limited sharing between departments resulting in effectively one batch if you used sharing as the only guide.

Therefore, expect to use the output from Microsoft’s script as a starting point and look for areas such as departments where the majority of sharing takes place and use these to create batches. Then where there is overlap between those batches (for example, if two people in finance share with two people in HR) either plan to move the batches together or on consecutive migration windows.

Begin with a pilot and then ramp up quickly

Using the batches you create, select one or more batches to use as your pilot group. Ideally, your pilot group will be representative of the business so that you will gain the confidence to move ahead quickly with your migration. An ideal (though sometimes ambitious) target for a pilot is around 10% of users.

When deciding how to schedule, sync, monitor and migrate mailboxes you have several options.

  • If you qualify for FastTrack migration services (500 or more licences) you can provide your migration batches to Microsoft, and based on their conditions, choose when they will import the migration batches into your tenant, monitor their progress and complete them.
  • You can use third-party tools to automate the migration process, which is useful if you are also moving other data, i.e. migrating legacy archives or importing PST files.
  • Use the Migration Batch wizard we used earlier in this article and import your migration batches as CSV files.
    For most migrations of less than a few thousand mailboxes, this is the easiest option.

If you migrate using migration batches, then you might find that you need to migrate one or two VIP users in each batch separately as you may want to schedule white-glove support at a predictable time. To allow you to pick selected users out of batches, you can use the approach detailed in my Moving Mailboxes between Migration Batches for simpler Exchange to Office 365 Moves article on Practical365.

With a successful pilot behind you, plan to ramp up migration velocity quickly.

To enable you to ramp up quickly, plan to pre-sync batches as early as practically possible, though only one to two weeks before planned migration switchover dates. This will allow you to ramp up by completing multiple batches within the same migration window.

As an example, smaller organizations (less than 500 users) have completed all their migrations over one or two evenings. Even some larger organizations (less than 5000) have completed the entire migration over one or two batches. You will find that large organizations (10,000+ seats) will ramp up to over 1000 per night – for some very large companies this is the only practical way.

However, you must go at a pace that your organization can support. A successful pilot should mean that less than 1% of users require any sort of support.

Summary

In this two-part series, we’ve walked through the steps to set up pre-requisites, implement Exchange Hybrid and migrated mailboxes to Office 365. Wondering what you should do next? You can find out more about what you can decommission after a Hybrid mailbox migration is complete over on Practical365.

This guide has outlined the process for Exchange to Office 365 migrations, providing step-by-step advice to help your journey to the cloud. However, if you’re looking for an experienced partner to manage your move to Office 365, Quadrotech offer a range of fast, reliable migration services for both archive data and live mailboxes.

For more information, please complete our contact form and one of our data migration team will be in touch to discuss your project and offer a quote.

Steve Goodman is a Microsoft MVP for Office Apps & Services, specializing in Office 365, Exchange and Teams. He's also the Co-chief Editor of Practical365.com, and Principal Technology Strategist at Content and Code.
whois: Andy White Freelance WordPress Developer London