Solved

Exchange 2010 to Office 365 Migration

Posted on 2013-10-31
14
1,117 Views
Last Modified: 2013-11-06
We are wanting to migrate a customer to Office 365.  We have on-premises Exchange 2010 SP2.

We want to set it up hybrid so that we can slowly move users over.

We are in the planning stages with this.  Does anyone have any good clean walkthroughs that we might use?

I have seen a few walk throughs on google that just arent very clean.  I already have two ADFS servers set up and load balanced.

If anyone can provide insight of what we should look out for or anyone have any good walk throughs, that would be great.

This is our first migration and I am experienced with Exchange on-premises, just never used Office 365.
0
Comment
Question by:considerscs
  • 7
  • 3
  • 2
  • +1
14 Comments
 
LVL 2

Assisted Solution

by:ServerService
ServerService earned 143 total points
ID: 39615047
In your case if its first time I would make a demo first but here are my walk through.

You must be expert level of domain and have expeerionce with dns , as you will make records to point to the MS online server.

1. https://portal.microsoftonline.com/        
Choose minimum Office 365 Small Business Premium - to work with exchange.

2. When you create your demo account you have 31 days but be aware that when you move records your process have started for moving to the cloud solution .

In there you start the wizard its a complete walkthrough online in 5 steps.

1. Choose the mail domain name for your off365 and confirm ownership
2. On webhost. Create mx or tx record that points to the MS server online - and you have the adress in the wizard.
THEN WAIT FOR DNS TO RESOLVE - up to 2 days
3. Connect the off365 to the mail domain - it will answer when dns is resolving.
4. Create users
5. Migrate maildata - can be done from the pc and you find many guides about it .. good luck

I have at total complete guide but in Danish - and I keep it safe , but theese are the steps.
0
 
LVL 1

Author Comment

by:considerscs
ID: 39615107
I have alot of experience with AD and DNS.  Im comfortable with that.

I am just having problems with understanding exactly what is needed for my instance.

Do I need to use ADFS to keep SSO up to date, or just let the Windows Azure Directory Synchronization do the password updating?

I need to use the hybrid deployment as we have large mailboxes and I will not be doing a cut over with that much data.
0
 
LVL 38

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 143 total points
ID: 39615252
This is the definitive guide for hybrid:

http://technet.microsoft.com/en-us/exdeploy2013/

Make sure to review it in details. If you have any additional questions ask.
0
 
LVL 2

Assisted Solution

by:ServerService
ServerService earned 143 total points
ID: 39615255
Ok so on the office 365 cloud you dont really have a copy of Ad implemented so your rights are setup online.

I dont think its possible to keep your local exchange working as you move your pointing mx record towards office online solution - unless something I dont know.

You can synchronize maildata from a local pc in outlook to the off365 online.
To migrate the pst data you simple recopy it on the pc in outlook and let the pc to renew data this way. http://office.microsoft.com/client/helppreview14.aspx?AssetId=HA102505743&lcid=1033&NS=OUTLOOK&Version=14&tl=2

When I connected my outlook to the off365 online I had all my data there from the exchange connection , also calendar og contacts so it was really not necessary to recopy the maildata.

If you want to work with file synchronization also you use the sharepoint online.
On my page you can see the screenshots of maildata - and all is synchronized from a local pc to off365 with exchange connection . Its not to make pr but the pics show what is possible. http://server-service.dk/office365

I dont know how you would do a hybrid deployment but maybe other experts will help.
I guess to make it possible you have to point your exchange to the off365 as well - it sounds like an exiting project :)
0
 
LVL 1

Author Comment

by:considerscs
ID: 39615268
one problem i am having is even though I have set up the dns records as microsoft requests, i cannot change my default domain.

Its not even an option in the dropdown menu.
0
 
LVL 1

Author Comment

by:considerscs
ID: 39615281
I see that a federated domain cannot be set up as a default domain in office 365.

So with a hybrid deployment, your mail domain has to be a federated domain.

Anyone see a way around this?
0
 
LVL 38

Assisted Solution

by:Adam Brown
Adam Brown earned 214 total points
ID: 39615563
The default domain is what is used when creating new users *in the cloud*. It is not necessary to change the default domain in Office 365, since all users that are created in your Hybrid environment will be created from the On-Premise environment, then the changes are synced to the cloud with DirSync.

I would most definitely attempt to create a Test Hybrid setup before doing a full production setup if you've never done it before. Hybrid coexistence with Exchange 2010 is very tricky, and you need to make sure you have accurate, up to date information when you do it.

ServiceService is incorrect. A hybrid configuration will allow you to continue using your existing MX records that point to your on-premise server without any issues.

Basically, you need things in place to do a Hybrid setup for Exchange 2010 and Office 365.

1. All Office 2010 CAS servers should be updated to Exchange 2010 SP3
2. ADFS
3. DirSync - You can get this by configuring Office 365 to use dirsync. It will give you a Link to download the software.

There is a lot of configuration you have to have in place, but the majority of the work is done by the Hybrid Configuration Wizard in Exchange 2010 SP3, which is located in Organization Management in the EMC. You'll also need to connect to Office 365 in the EMC by adding another forest and selecting Exchange Online. Vasilcho's link to Microsoft will give you all of the configuration information you need, but if you have Exchange 2010 SP3, ADFS, and Dirsync, you have all the pieces. You just need to put them together.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 1

Author Comment

by:considerscs
ID: 39615738
Ok thanks for that.  I did see a little earlier that I need to go from SP2 to SP3.  I am currently doing that now.

I think that may be where I was going wrong the whole time.  I will use the Hybrid Configuration Wizard afterwards to get it all pieced together.

I have dirsync working.  ADFS is being a tad tricky.  I think its a load balancing issue though.

For ADFS, do yall use Unicast or Multicast on the NLB configuration?
0
 
LVL 38

Assisted Solution

by:Adam Brown
Adam Brown earned 214 total points
ID: 39615931
Multicast if the servers have one NIC, Unicast if they have two, generally. ADFS is tricky in general. It takes some patience.
0
 
LVL 1

Author Comment

by:considerscs
ID: 39617225
I am seeing that first hand.  Its very irritating to say the least.

I am having an issue with the Exchange Migration wizard.

It will not authenticate my ownership of my domain.

I have domain.com that has the corresponding txt record in the public DNS.  If I check the record it is resolved, even on the exchange server itself.

I cannot get it to go past this step.

Any ideas?
0
 
LVL 1

Author Comment

by:considerscs
ID: 39624291
Ok I have Office 365 working with a test domain and a test user.

Federated servers work flawlessly inside for Single Sign-On with the web portal.

Only problem now is that when I open a test users account that was migrated from the on-premises exchange to the cloud, outlook asks for a password upon opening it.  When i enter the password it works fine, I just want to get outlook to not prompt for credentials as the DirSync and ADFS work fine.

Does anyone know how to get outlook to not prompt for credentials since the credentials match what the user is logging into their desktop with?
0
 
LVL 38

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 143 total points
ID: 39624317
Use credentials manager.

Outlook will send basic authentication credentials over SSL to Exchange Online and Exchange Online will then proxy this authentication request to the AD FS 2.0 federation service on behalf of the client. Selecting the "remember" checkbox will only store the username, so you need to use the credentials manager to store the password.
0
 
LVL 38

Accepted Solution

by:
Adam Brown earned 214 total points
ID: 39624600
Open Internet Options from control panel or from Internet Explorer. From there, go to the Security tab and select Local Intranet. Click Sites, then Advanced, then add *.outlook.com, *.microsoftonline.com, and the external FQDN of your ADFS server to that list. This will cause Outlook to use the Local Intranet security settings which is configured to send credentials automatically by default.
0
 
LVL 1

Author Comment

by:considerscs
ID: 39624913
Now outlook will not accept the username or password.

I think its a problem with my ADFS from the outside.

I have one internet connection.  The ADFS server sit with the domain/exchange on-premise server.

Since this is hybrid and I am moving over slowly, 443 is used for my mobile devices to connect back to exchange.

Autodiscover will not work externally or internally when a test user is migrated.

How could I get ADFS to work externally for Office 365 to be able to use ADFS without having to take 443 away from my exchange server?
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…
This Experts Exchange lesson shows how to use VBA to loop through rows in Excel.  In order to sort, filter, and use database features, there needs to be a value in each column for every row. When data arrives with values missing, code to copy values…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now