Solved

Exchange 2010 to office 365 cutover migration

Posted on 2013-12-09
11
2,477 Views
Last Modified: 2014-11-09
Hi all,

We have an outsourced IT company helping us with something outside the scope of the Office 365 migration and they are pushing us (or really my boss) to give them that business as well. I think its something that is relatively easy (having experience doing a migration from 2003 to 2010) and want to keep them out of it, but they are claiming that people have all kinds of issues with this and its really difficult, you need people with expertise, ect ect.

Long story, but can anyone tell me some of things you might run into with a cutover migration. Just to give me some ammo with these guys.

Thanks in advance.
0
Comment
Question by:liminal
11 Comments
 
LVL 38

Assisted Solution

by:Adam Brown
Adam Brown earned 166 total points
ID: 39707822
Office 365 migration really is a bit of a pain, to be honest. They aren't just blowing smoke. The system changes very often and keeping up with it is difficult at best. Realistically, it all depends on what you want to *do* with office 365. Are you planning to be cloud only or are you going to be using Dirsync and ADFS?

Part of the stuff you'll run into is errors in migration. There are a lot of things that can fail during the actual migration of email to the cloud (it isn't as simple as a 2003 to 2010 migration) and knowing what the error messages mean is a lot of work, since they aren't particularly detailed or easy to understand. If you're going to be using Dirsync and ADFS, you're going to be dealing a lot with Active Directory attributes, which a lot of people don't have much experience with. There is also a lot of powershell work that needs to be done, so if you don't know powershell pretty well, you're more likely to run into major issues.

You should also consider whether you want to use the built in migration tools or third party tools to move mail over. You're not going to have an actual AD trust set up like you do with a 2003 to 2010 migration, so moving email securely is much different than what you may be used to.

As for what you can run into, it's very difficult to say, to be honest. The biggest pain I've run into is timing the actual cutover. MS disabled a lot of the capabilities in the migration tool that allows you to run syncs after your DNS records are moved, so you have to perform each DNS change over a period of up to 24 hours while taking a lot of care which order you perform the steps in. And each organization is different. I've never really run into the same problem twice (in about 10 or so migrations from various systems). Having an in-depth understanding of both Exchange and Office 365 is extremely useful if not necessary for succeeding without difficulty.
0
 
LVL 38

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 167 total points
ID: 39707870
Depends on your background. For anyone with a bit of Exchange experience, cutover migration should be a walk in the park. It requires almost no preparation and the whole process is very well documented:

http://help.outlook.com/en-us/140/Ff628719.aspx

The most common issue I've run into (on this site as well) is the post-migration Outlook config. Many people do not understand how Autodiscover works, especially in a domain environment, and have not prepared properly for the switch to Office 365. But even that one is relatively easy to fix, the only trouble is leaving the users with no mail access (or OWA only).

Plus, you can always call Office 365 support if you run into issues, after all support is part of the service you are paying for.
0
 

Author Comment

by:liminal
ID: 39710200
Thanks guys, I appreciate the advise. I think its going to be pretty easy.

http://help.outlook.com/en-us/140/Ff628719.aspx

This is what I have been looking @ and it looks quite simple as long as you don't run into problems ;) and then you have Office 365 Support.

This is quite a small environment with only about 120 mailboxes. 350GB of data...
0
 

Author Comment

by:liminal
ID: 39710212
It actually looks simpler then the 2003 to 2010 migration to me.
0
 

Author Comment

by:liminal
ID: 39710249
Once thing that I haven't seen any info on is migrating mail enabled contacts.

Anyone have any info on that?
0
Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

 

Author Comment

by:liminal
ID: 39710273
OK so the migration is simple, its the SSO thats the hard part right?

What's the difference between Dirsync and ADFS?

Which is better?
0
 
LVL 38

Expert Comment

by:Vasil Michev (MVP)
ID: 39710600
Cutover migration will migrate everything that is visible in the GAL, including contacts.

As for dirsync (I am assuming you are interested in password sync) and/or AD FS, review this article:

http://blogs.office.com/b/office365tech/archive/2013/07/26/password-hash-sync-simplifies-user-management-for-office-365.aspx

You cannot have dirsync running when performing cutover migration, you will have to enable it after the migration is over. For 120 users AD FS is probably an overkill, but if you need any of the functionality it offers, go for it.
0
 
LVL 4

Accepted Solution

by:
ontech earned 167 total points
ID: 39716794
CutOver Migration best article to follow.
http://help.outlook.com/en-us/140/Ff628719.aspx

dirsync is Directory Synchronization Server.
It syncs your AD objects to Cloud.
Every AD objects has a unique GUID, So this GUID is synced to Office 365 with User object and called as Immunitable ID.

ADFS is Active Directory Federated Services.
It is used for Single Sign On.
When you install ADFS successfully, The users in Office 365 will be authenticated using your Active Directory, So when you enter your user name there is a dot dot running when you go to Password tab. It checks if the domain is federated, If your domain is federated it will be routed to ADFS server in your organization which will send the credentials to AD server and Authenticate you.
ADFS is used for SSO and security reasons.

You can also use DirSync Password Sync feature to sync the password of the users to Office 365. But over here the password will be stored in the cloud.

Hope this answers your question.

Rest In Next.

Regards,
Jazz.
0
 

Author Closing Comment

by:liminal
ID: 39745454
Thanks so much guys,
0
 
LVL 1

Expert Comment

by:TBIRD2340
ID: 39928238
So not being able to have DirSync run / installed until after your migration is complete, what is the best way to deal with users logging in?

I think it sucks to give out temporary password to 100 users with a link to 365, have them login, then change their password (to match their AD).. That's just a lot of room for error on the user end..
0
 

Expert Comment

by:ComptechExpress
ID: 40431611
Would anybody have a fresh link for this http://help.outlook.com/en-us/140/Ff628719.aspx

it seems to have been moved!

Many Thanks
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
how to add IIS SMTP to handle application/Scanner relays into office 365.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now