Hybrid migration to Office 365 allows you to seamlessly migrate on-premises mailboxes to Exchange Online.
In a hybrid environment, you establish co-existence between your on-premises environment and the cloud environment.
There are two aspects of a hybrid Office 365 environment:
- Hybrid Active Directory.
- Hybrid mail flow.
Hybrid Active Directory
A hybrid Active Directory service involves the continuous synchronization between your on-premises Active Directory and the Azure (cloud) Active Directory.
Microsoft offers a free service, Azure AD Connect, that handles the synchronization of AD objects. Using Azure AD Connect to glue together your hybrid environment provides a single-sign-on experience and will (to some extent) save you the trouble of managing dual identities.
For many companies, a hybrid Active Directory will be used for many years due to the complexity of migrating third-party applications to Office 365.
Since the management of hybrid AD is quite complex, it makes good sense to use Easy365Manager to consolidate AD and Office 365 management.
With Easy365Manager, you can perform all daily user and Office 365 mailbox management directly from AD user properties.
You can synchronize Azure AD Connect and even perform complex management tasks like calendar delegation, which otherwise require some nasty PowerShell scripting:
Hybrid Mail Flow
To perform a hybrid migration to Office 365, you must also integrate your on-premises and Office 365 mail flow.
This integration will allow you to migrate your mailboxes in batches while keeping your mail flow intact (as opposed to the more risky big-bang approach).
Contrary to the hybrid Active Directory, the hybrid mail flow is usually a temporary state.
When all mailboxes and all mail flow from third-party applications and scan-to-email devices have been migrated to Office 365, you can cut the on-premises Exchange server out of the mail flow entirely.
By removing the hybrid configuration from Exchange, you get a simpler and more robust mail setup. The on-premises Exchange Server will only be used to manage mail attributes and mailbox provisioning.
Actually, with Easy365Manager, you can altogether remove your on-premises Exchange Server.
Apart from the direct savings, this will also protect you from future zero-day exploits specifically targeting Exchange on-premises. Unfortunately, more and more are appearing: Hafnium, CVE-2021-42321, CVE-2022-41082, and CVE-2022-41040.
How to Perform a Hybrid Office 365 Migration
The following is an overview of the high-level steps needed to perform a hybrid Office 365 migration:
- Synchronize your on-premises AD with Azure AD.
- Inject Office 365/Exchange Online in your mail flow.
- Migrate mailboxes from on-premises Exchange to Exchange Online.
- Eliminate on-premises Exchange from your mail flow (third-party apps + MFPs).
- Clean up hybrid mail flow configurations.
Observe that without Easy365Manager, you’ll face very complex management involving your on-premises Exchange Server and multiple diverse web-based admin consoles.
With Easy365Manager, you can perform all daily management directly from AD user properties, and you can remove your on-premises Exchange Server.
The following shows how easily you can create a shared mailbox and delegate access:
1. Synchronize Your On-Premises AD With Azure AD
Hybrid Active Directory is implemented by synchronizing your on-premises AD with Azure AD.
The most popular tool to perform this synchronization is Azure AD Connect Server, which you can download for free from Microsoft.
Read this article for more details on Azure AD Connect.
Before implementing Azure AD Connect, you should check if your user accounts meet the requirements for synchronization.
You can use IdFix to verify your domain configuration.
2. Inject Office 365/Exchange Online Into Your Mail Flow
Once all users and groups are synchronized to Azure AD, you move on to integrate Office 365 into the mail flow.
With the hybrid mail flow, you ensure that emails can be sent and received by all recipients, whether based on on-premises Exchange or Exchange Online.
To set up hybrid Exchange, you must download and run the Hybrid Configuration Wizard.
The Hybrid Configuration Wizard will set up the necessary configurations in on-premises Exchange and Exchange Online, including inbound/outbound connectors, organization relationships, and accepted domains.
You need to be running Exchange 2010 SP3 or later to run the Hybrid Configuration Wizard. If you have earlier versions of Exchange, you should either upgrade to a supported version or use an alternative migration path, e.g., big bang using .pst export/import if the user count is low.
3. Migrate Mailboxes From On-Premises Exchange to Exchange Online
When the hybrid Exchange setup is in place, you can start the migration of mailboxes.
The hybrid mail flow combined with targetAddress forwarding will ensure that emails are correctly routed to recipients no matter where their mailbox is currently located.
As mailboxes can now co-exist in both environments, you can spend as much time as you need to migrate mailboxes while ensuring both end-users and the helpdesk can cope with any issues.
4. Eliminate On-Premises Exchange From Your Mail Flow
You can start rewiring your applications and MFP mail flow in parallel with or after the mailbox migration.
There are different options for this, but if your applications and MFP devices support TLS-authenticated SMTP, the best option is to create one or more service accounts that have delegated access to relevant shared mailboxes.
You can find a proof-of-concept approach typed up in PowerShell here to get you started.
You also need to move your inbound email from your on-premises Exchange Server to Exchange Online.
The specific actions needed depend on your current mail flow, e.g., if you’re using an external smart host for mail scanning.
This article will give you some hints on how to ensure the complete mail flow is migrated to Office 365.
5. Clean Up Hybrid Mail Flow Configurations
When you have verified that Exchange on-premises is no longer involved in any email processing, you can remove the hybrid configurations from Exchange Online.
This includes service connection points, inbound and outbound connectors, and the organization relationship.
With Exchange 2019, you have the option to shut down your last on-premises Exchange Server and use PowerShell to manage recipients.
With Easy365Manager, you get the ability to manage recipients from an intuitive graphical user interface integrated with AD Users & Computers.
Easy365Manager will save your helpdesk a lot of time and enable you to offload complex tasks to first-level support.
You can install Easy365Manager on any PC or server running AD Users & Computers.
Easy365Manager does not make any changes to your infrastructure and only takes a few minutes to install and configure.
Download a fully-functional 30-day trial of Easy365Manager here.