Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2769
  • Last Modified:

Exchange 2010 to office 365 cutover migration

Hi all,

We have an outsourced IT company helping us with something outside the scope of the Office 365 migration and they are pushing us (or really my boss) to give them that business as well. I think its something that is relatively easy (having experience doing a migration from 2003 to 2010) and want to keep them out of it, but they are claiming that people have all kinds of issues with this and its really difficult, you need people with expertise, ect ect.

Long story, but can anyone tell me some of things you might run into with a cutover migration. Just to give me some ammo with these guys.

Thanks in advance.
3 Solutions
Adam BrownSr Solutions ArchitectCommented:
Office 365 migration really is a bit of a pain, to be honest. They aren't just blowing smoke. The system changes very often and keeping up with it is difficult at best. Realistically, it all depends on what you want to *do* with office 365. Are you planning to be cloud only or are you going to be using Dirsync and ADFS?

Part of the stuff you'll run into is errors in migration. There are a lot of things that can fail during the actual migration of email to the cloud (it isn't as simple as a 2003 to 2010 migration) and knowing what the error messages mean is a lot of work, since they aren't particularly detailed or easy to understand. If you're going to be using Dirsync and ADFS, you're going to be dealing a lot with Active Directory attributes, which a lot of people don't have much experience with. There is also a lot of powershell work that needs to be done, so if you don't know powershell pretty well, you're more likely to run into major issues.

You should also consider whether you want to use the built in migration tools or third party tools to move mail over. You're not going to have an actual AD trust set up like you do with a 2003 to 2010 migration, so moving email securely is much different than what you may be used to.

As for what you can run into, it's very difficult to say, to be honest. The biggest pain I've run into is timing the actual cutover. MS disabled a lot of the capabilities in the migration tool that allows you to run syncs after your DNS records are moved, so you have to perform each DNS change over a period of up to 24 hours while taking a lot of care which order you perform the steps in. And each organization is different. I've never really run into the same problem twice (in about 10 or so migrations from various systems). Having an in-depth understanding of both Exchange and Office 365 is extremely useful if not necessary for succeeding without difficulty.
Vasil Michev (MVP)Commented:
Depends on your background. For anyone with a bit of Exchange experience, cutover migration should be a walk in the park. It requires almost no preparation and the whole process is very well documented:

The most common issue I've run into (on this site as well) is the post-migration Outlook config. Many people do not understand how Autodiscover works, especially in a domain environment, and have not prepared properly for the switch to Office 365. But even that one is relatively easy to fix, the only trouble is leaving the users with no mail access (or OWA only).

Plus, you can always call Office 365 support if you run into issues, after all support is part of the service you are paying for.
liminalAuthor Commented:
Thanks guys, I appreciate the advise. I think its going to be pretty easy.

This is what I have been looking @ and it looks quite simple as long as you don't run into problems ;) and then you have Office 365 Support.

This is quite a small environment with only about 120 mailboxes. 350GB of data...
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

liminalAuthor Commented:
It actually looks simpler then the 2003 to 2010 migration to me.
liminalAuthor Commented:
Once thing that I haven't seen any info on is migrating mail enabled contacts.

Anyone have any info on that?
liminalAuthor Commented:
OK so the migration is simple, its the SSO thats the hard part right?

What's the difference between Dirsync and ADFS?

Which is better?
Vasil Michev (MVP)Commented:
Cutover migration will migrate everything that is visible in the GAL, including contacts.

As for dirsync (I am assuming you are interested in password sync) and/or AD FS, review this article:

You cannot have dirsync running when performing cutover migration, you will have to enable it after the migration is over. For 120 users AD FS is probably an overkill, but if you need any of the functionality it offers, go for it.
CutOver Migration best article to follow.

dirsync is Directory Synchronization Server.
It syncs your AD objects to Cloud.
Every AD objects has a unique GUID, So this GUID is synced to Office 365 with User object and called as Immunitable ID.

ADFS is Active Directory Federated Services.
It is used for Single Sign On.
When you install ADFS successfully, The users in Office 365 will be authenticated using your Active Directory, So when you enter your user name there is a dot dot running when you go to Password tab. It checks if the domain is federated, If your domain is federated it will be routed to ADFS server in your organization which will send the credentials to AD server and Authenticate you.
ADFS is used for SSO and security reasons.

You can also use DirSync Password Sync feature to sync the password of the users to Office 365. But over here the password will be stored in the cloud.

Hope this answers your question.

Rest In Next.

liminalAuthor Commented:
Thanks so much guys,
So not being able to have DirSync run / installed until after your migration is complete, what is the best way to deal with users logging in?

I think it sucks to give out temporary password to 100 users with a link to 365, have them login, then change their password (to match their AD).. That's just a lot of room for error on the user end..
Would anybody have a fresh link for this

it seems to have been moved!

Many Thanks
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now