[Webinar] Streamline your web hosting managementRegister Today


Exchange 2010 to office 365 cutover migration

Posted on 2013-12-09
Medium Priority
Last Modified: 2014-11-09
Hi all,

We have an outsourced IT company helping us with something outside the scope of the Office 365 migration and they are pushing us (or really my boss) to give them that business as well. I think its something that is relatively easy (having experience doing a migration from 2003 to 2010) and want to keep them out of it, but they are claiming that people have all kinds of issues with this and its really difficult, you need people with expertise, ect ect.

Long story, but can anyone tell me some of things you might run into with a cutover migration. Just to give me some ammo with these guys.

Thanks in advance.
Question by:liminal
LVL 44

Assisted Solution

by:Adam Brown
Adam Brown earned 664 total points
ID: 39707822
Office 365 migration really is a bit of a pain, to be honest. They aren't just blowing smoke. The system changes very often and keeping up with it is difficult at best. Realistically, it all depends on what you want to *do* with office 365. Are you planning to be cloud only or are you going to be using Dirsync and ADFS?

Part of the stuff you'll run into is errors in migration. There are a lot of things that can fail during the actual migration of email to the cloud (it isn't as simple as a 2003 to 2010 migration) and knowing what the error messages mean is a lot of work, since they aren't particularly detailed or easy to understand. If you're going to be using Dirsync and ADFS, you're going to be dealing a lot with Active Directory attributes, which a lot of people don't have much experience with. There is also a lot of powershell work that needs to be done, so if you don't know powershell pretty well, you're more likely to run into major issues.

You should also consider whether you want to use the built in migration tools or third party tools to move mail over. You're not going to have an actual AD trust set up like you do with a 2003 to 2010 migration, so moving email securely is much different than what you may be used to.

As for what you can run into, it's very difficult to say, to be honest. The biggest pain I've run into is timing the actual cutover. MS disabled a lot of the capabilities in the migration tool that allows you to run syncs after your DNS records are moved, so you have to perform each DNS change over a period of up to 24 hours while taking a lot of care which order you perform the steps in. And each organization is different. I've never really run into the same problem twice (in about 10 or so migrations from various systems). Having an in-depth understanding of both Exchange and Office 365 is extremely useful if not necessary for succeeding without difficulty.
LVL 45

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 668 total points
ID: 39707870
Depends on your background. For anyone with a bit of Exchange experience, cutover migration should be a walk in the park. It requires almost no preparation and the whole process is very well documented:


The most common issue I've run into (on this site as well) is the post-migration Outlook config. Many people do not understand how Autodiscover works, especially in a domain environment, and have not prepared properly for the switch to Office 365. But even that one is relatively easy to fix, the only trouble is leaving the users with no mail access (or OWA only).

Plus, you can always call Office 365 support if you run into issues, after all support is part of the service you are paying for.

Author Comment

ID: 39710200
Thanks guys, I appreciate the advise. I think its going to be pretty easy.


This is what I have been looking @ and it looks quite simple as long as you don't run into problems ;) and then you have Office 365 Support.

This is quite a small environment with only about 120 mailboxes. 350GB of data...
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.


Author Comment

ID: 39710212
It actually looks simpler then the 2003 to 2010 migration to me.

Author Comment

ID: 39710249
Once thing that I haven't seen any info on is migrating mail enabled contacts.

Anyone have any info on that?

Author Comment

ID: 39710273
OK so the migration is simple, its the SSO thats the hard part right?

What's the difference between Dirsync and ADFS?

Which is better?
LVL 45

Expert Comment

by:Vasil Michev (MVP)
ID: 39710600
Cutover migration will migrate everything that is visible in the GAL, including contacts.

As for dirsync (I am assuming you are interested in password sync) and/or AD FS, review this article:


You cannot have dirsync running when performing cutover migration, you will have to enable it after the migration is over. For 120 users AD FS is probably an overkill, but if you need any of the functionality it offers, go for it.

Accepted Solution

ontech earned 668 total points
ID: 39716794
CutOver Migration best article to follow.

dirsync is Directory Synchronization Server.
It syncs your AD objects to Cloud.
Every AD objects has a unique GUID, So this GUID is synced to Office 365 with User object and called as Immunitable ID.

ADFS is Active Directory Federated Services.
It is used for Single Sign On.
When you install ADFS successfully, The users in Office 365 will be authenticated using your Active Directory, So when you enter your user name there is a dot dot running when you go to Password tab. It checks if the domain is federated, If your domain is federated it will be routed to ADFS server in your organization which will send the credentials to AD server and Authenticate you.
ADFS is used for SSO and security reasons.

You can also use DirSync Password Sync feature to sync the password of the users to Office 365. But over here the password will be stored in the cloud.

Hope this answers your question.

Rest In Next.


Author Closing Comment

ID: 39745454
Thanks so much guys,

Expert Comment

ID: 39928238
So not being able to have DirSync run / installed until after your migration is complete, what is the best way to deal with users logging in?

I think it sucks to give out temporary password to 100 users with a link to 365, have them login, then change their password (to match their AD).. That's just a lot of room for error on the user end..

Expert Comment

ID: 40431611
Would anybody have a fresh link for this http://help.outlook.com/en-us/140/Ff628719.aspx

it seems to have been moved!

Many Thanks

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
This article explains how to move an Exchange 2013/2016 mailbox database and logs to a different drive.
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question