Solved

Office 365 staged migration with dummy forest using adfs and dirsync

Posted on 2013-06-13
2
997 Views
Last Modified: 2013-07-11
we are planning a migration to office 365 from current on premises exchange 2007, then plan is as below

-to support multiple forest 365 scenario (which MS dont support at present in one tenant) for other parts of business we will create dirsync forest which should allow us to add the first company.local forest to 365 without limiting options for adding our other forests to the 365 tenant in future, so this will act as the consolidation point for all company forests.
-install adfs and adfs proxies and dirsync into this empty forest
-then create a domain trust from this forest to our existing forest of company1.local
-setup 365 tenant as the company.com (the dirsync forest) and then add the company1.local's external domain of company1.com into tenant (which are presently set as the UPN in the company1.local forest)
-obviously any users in the new sync forest can be synced easily with dirsync but does FIM2010 or something else need to be used to allow DirSync to "know" about the users in the other forests (i.e. the company1.local forest)
-if all sounds ok to here can i then confirm the adfs SSO will then allow login using the sync forest as it will have a AD trust to the .local domain
-now at this point we need to migrate mailboxes to 365 by installing exchange 2010 into company1.local to allow for coexistance as 2007 not supported in staged migration, would this cause any issue as it would be connecting direct to 365 rather than via the dirsync forest?

my question is can anyone see any major issues with this idea or give any advice on any points. i know its a pretty hefty ask maybe need 1000points for this
0
Comment
Question by:active8it
2 Comments
 
LVL 40

Accepted Solution

by:
Vasil Michev (MVP) earned 500 total points
ID: 39246693
You have two options, sync your forests into new one and dirsync from the new one to Office 365. Or, use FIM, which is the better option as it can take care of overlapping objects. I strongly advise contacting Microsoft or at least some major partner for help with this.

There are also 3rd party solutions which offer this, but I'd go with Microsoft support :)
0
 
LVL 2

Author Comment

by:active8it
ID: 39272256
can you provide any documentation or a case study that shows the consolidation forest / usage of FIM. i presume using this method the users will all be created on the new forest automatically by FIM.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what the Office 365 disclaimer function is, why you would use it and its limited ability to create Office 365 signatures.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question