When it comes to on-prem Exchange migrations to Office 365, I am a broken record. If you can use the Mailbox Replication Service (MRS) to migrate Exchange On-Prem Mailboxes to Exchange Online, you should. MRS migrations allow for a much easier migration with the following benefits:
- Reuse Outlook Cache
- Normally, no reconfiguration of Outlook / Outlook Mobile
- Normally, preservation of all mailbox permissions, including delegates
- No software to buy
That said, there are some situations where MRS isn’t the right option. These can include:
- Merger/Acquisition/Divestiture
- Companies that do not want to set up hybrid (they do exist)
- Mailboxes over 100GB
- High latency & slow links where MRS does not perform well
- End-of-life versions of Exchange
- Other very special situations (comment below, everyone loves a good story!)
It should be noted that if you are looking to Migrate Exchange 2010 to Office 365, you may choose not to use MRS. As of this writing, you can still do minimal hybrid with Exchange 2010, even though Exchange 2010 is end-of-life. You can read about minimal hybrid here: https://docs.microsoft.com/en-us/exchange/mailbox-migration/use-minimal-hybrid-to-quickly-migrate Some organizations do not want to do the hybrid setup because Exchange 2010 is end-of-life and the potential lack of support. This article, as in the one you are reading here and now, would apply to you if you are taking this stance.
What are my Mailbox Migration options?
The Mailbox Replication Service (MRS) is a core part of Microsoft Exchange. MRS is the method used for migrating mailboxes between databases. This also includes Exchange version upgrades where you migrate the mailboxes from the old server to the new one with a move request. When the option to migrate to Exchange Online became available, the MRS service was expanded to allow this. For quite a while, MRS was not known for speed. Performance over high latency connections can be quite a problem. That all said, you can get around a lot of these issues with good configurations and a healthy source environment.
Other migration options, with third-party tools, are typically item-by-item migrations, usually with MAPI or Exchange Web Services (EWS). I have some major bias here with my chosen profession, so we will stick to the concept here. Each tool is different and provides different functions and advantages. I did design the best tool on the planet, which was the best because I designed it, but I have been told that I could be biased on how awesome I may, or may not, be.
Some tools do provide automation around MRS instead of an item-by-item method or in addition to said method. For some organizations, this can add a lot of value and make running the project a lot easier and cheaper overall.
If you want to Migrate On-Prem Exchange to Office 365 Without Hybrid / MRS, you have to do an item-by-item method with a third-party tool. If you migrate a Mailbox doing an item-by-item method, you need to have a source and target mailbox, as well as reconfigure the users’ Outlook profile and mobile device. With MRS, this reconfiguration typically isn’t needed.
Concept
To be successful in an item-by-item migration, you need the user to only use the source mailbox until the switch occurs. In theory, you will need to do these migrations at night, and in batches, to avoid impacting users. How many you can do at a time will be environmental. Like anything, you start slow and add small amounts of users until you hit the capacity. For some it will be the volume of data; for others, it will be the number of users that can be supported. If you want to learn more about the issues with having two accounts, you can view my blog here: https://madmike.net/mergers-acquisitions-when-two-office-365-accounts-are-not-better-than-one/
Creating batches is a significant challenge for modern organizations. To be successful, you will need to group users together, so they stay with the mailboxes they need access to. This includes situations like delegates and shared mailboxes. I covered this back in 2019 in a blog, and it is still pretty accurate: https://blog.quadrotech-it.com/blog/office-365-migration-batches/
Part 1 – Rebranding
When migrating users, it is common for users to either take on the new branding, referred to as rebranding, or to maintain the old branding. What I mean by this is whether the users’ domain is going to change during the migration or stay the same. If a firm called Fabrikam is purchased by a firm called Contoso, are the users going to be rebranded to Contoso, or are they going to retain the Fabrikam branding?
In this article, I am going to cover the steps for a rebranding, as in the users moving to the Contoso branding. Again, this will be for the scenario where you want to Migrate On-Prem Exchange to Office 365 Without Hybrid / MRS.
In the part 2 blog, I will cover additional challenges when attempting to do this while maintaining branding. However, the process I cover today is the safest and easiest to execute.
Workflow
The main purpose of this article is to review a workflow that you can do for an item-by-item migration. You will need to practice this workflow with test accounts and ideally in a lab environment. These commands can guide you, but there is a genuine possibility that you will have something environmental that may need consideration as well.
These commands should work with Exchange 2019, Exchange 2016, Exchange 2013, and even Exchange 2010. If it isn’t working, comment below, and I can work to correct it 😊.
- Target: Clear Temp Objects
- If there is a mail contact for the user, remove it
- Remove-MailContact user@mjadmindomain.com or Remove-MailContact Alias
- If there is a mail user for the user, disable the mailuser, but keep the user’s login
- Disable-MailUser -identity user@domain.com
- Be careful here! Remove-MailUser will also delete the object, which isn’t the right step for most users
- You may want to retain the LegacyDN for the object and reassign it as an X500 address legacy address – see below
- If there is a mail contact for the user, remove it
- Target – Create Mailbox
- If the target is in hybrid mode:
- You will need to create the mailbox using this command in your on-prem Exchange Environment. During sync the mailbox will get created.
- Enable-RemoteMailbox
- After replication, you will want to license the user as well. There is a grace period on the Exchange mailbox when mailboxes are created using this method. If you do not license the user, the user will get locked out of the mailbox after 14 days. https://docs.microsoft.com/en-us/microsoft-365/enterprise/assign-licenses-to-user-accounts-with-microsoft-365-powershell?view=o365-worldwide
- If the target is not in hybrid mode you can simply license the object
- If the target is in hybrid mode:
- Target: License Object if Office 365
- If the target is not in hybrid mode, you can simply license the object based on your license needs: https://docs.microsoft.com/en-us/microsoft-365/enterprise/assign-licenses-to-user-accounts-with-microsoft-365-powershell?view=o365-worldwide
- Wait for provisioning and replication (less than 20 minutes for most environments)
- Customize the Target
- Modify & Add SMTP addresses
- Add user to Office 365 Groups/SPO Sites/Teams/Distribution Lists
- Assign policies & retention
- Source: Block access to mailbox
- Every org tends to handle this differently. This process prevents a userfrom getting into the mailbox while you are trying to sync.
- Set-casmailbox [SMTP Address Here] -MAPIEnabled:$false -PopEnabled:$false -ImapEnabled:$false -ActiveSyncEnabled:$false -OWAEnabled:$false -SmtpClientAuthenticationDisabled:$true -OutlookMobileEnabled:$false -UniversalOutlookEnabled:$false -OWAforDevicesEnabled:$false
- Every org tends to handle this differently. This process prevents a userfrom getting into the mailbox while you are trying to sync.
- Source: Wipe / Block Mobile Devices
- This is a good time to remove the account from mobile devices. This will be unique to your environment.
- Migrate!
- It is time to execute your third-party tool doing the migration and wait for it to be done.
- Source: Collect all SMTP addresses and Exchange Legacy DN
- It is best to do this on the fly or regularly refresh to get changes
- You can use this script I wrote a few years back to do this from an on-prem environment: https://blog.quadrotech-it.com/blog/what-is-the-x500-email-address/
- Source: Collect any mailbox permissions & delegates you want to preserve
- Source: Disable Mailbox
- Disable-Mailbox -Identity user@domain.com
- Source: Enable Mail-User & Re-Assign SMTP Address & X500
- This will facilitate the redirection of mail to the other tenant
- The target address should be the users’ new email address in the target tenant
- The other SMTP addresses should be the users’ old SMTP addresses
- When done correctly, this object will facilitate users using free/busy lookup in Outlook for meetings
- The same X500 article from above also discusses how to reassign these addresses back, including the syntax of commands. (https://blog.quadrotech-it.com/blog/what-is-the-x500-email-address)
- Reconfigure Endpoints
- The major drawback to not using MRS is that the users need to reconfigure Outlook. Many vendors provide a reconfiguration agent to ease this process.
This workflow:
- Facilitates forwarding of mail from the old account to the new account
- Forces the user to the correct mailbox
- Maintains directories so that free/busy continues to work
- Prevents NDRs from common calendaring issues
Close
In part 2, we are going to cover scenarios where branding will be maintained. This will include Mail Flow Challenges and maintain free/busy.
I hope you found this article helpful. You should always use MRS when you can. But there are some very valid reasons to Migrate On-Prem Exchange to Office 365 Without MRS. If you have other tricks you use in your workflow, comment below!