Exchange 2010 to office 365 cutover migration

Posted on 2013-12-09
Last Modified: 2014-11-09
Hi all,

We have an outsourced IT company helping us with something outside the scope of the Office 365 migration and they are pushing us (or really my boss) to give them that business as well. I think its something that is relatively easy (having experience doing a migration from 2003 to 2010) and want to keep them out of it, but they are claiming that people have all kinds of issues with this and its really difficult, you need people with expertise, ect ect.

Long story, but can anyone tell me some of things you might run into with a cutover migration. Just to give me some ammo with these guys.

Thanks in advance.
Question by:liminal
LVL 39

Assisted Solution

by:Adam Brown
Adam Brown earned 166 total points
ID: 39707822
Office 365 migration really is a bit of a pain, to be honest. They aren't just blowing smoke. The system changes very often and keeping up with it is difficult at best. Realistically, it all depends on what you want to *do* with office 365. Are you planning to be cloud only or are you going to be using Dirsync and ADFS?

Part of the stuff you'll run into is errors in migration. There are a lot of things that can fail during the actual migration of email to the cloud (it isn't as simple as a 2003 to 2010 migration) and knowing what the error messages mean is a lot of work, since they aren't particularly detailed or easy to understand. If you're going to be using Dirsync and ADFS, you're going to be dealing a lot with Active Directory attributes, which a lot of people don't have much experience with. There is also a lot of powershell work that needs to be done, so if you don't know powershell pretty well, you're more likely to run into major issues.

You should also consider whether you want to use the built in migration tools or third party tools to move mail over. You're not going to have an actual AD trust set up like you do with a 2003 to 2010 migration, so moving email securely is much different than what you may be used to.

As for what you can run into, it's very difficult to say, to be honest. The biggest pain I've run into is timing the actual cutover. MS disabled a lot of the capabilities in the migration tool that allows you to run syncs after your DNS records are moved, so you have to perform each DNS change over a period of up to 24 hours while taking a lot of care which order you perform the steps in. And each organization is different. I've never really run into the same problem twice (in about 10 or so migrations from various systems). Having an in-depth understanding of both Exchange and Office 365 is extremely useful if not necessary for succeeding without difficulty.
LVL 39

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 167 total points
ID: 39707870
Depends on your background. For anyone with a bit of Exchange experience, cutover migration should be a walk in the park. It requires almost no preparation and the whole process is very well documented:

The most common issue I've run into (on this site as well) is the post-migration Outlook config. Many people do not understand how Autodiscover works, especially in a domain environment, and have not prepared properly for the switch to Office 365. But even that one is relatively easy to fix, the only trouble is leaving the users with no mail access (or OWA only).

Plus, you can always call Office 365 support if you run into issues, after all support is part of the service you are paying for.

Author Comment

ID: 39710200
Thanks guys, I appreciate the advise. I think its going to be pretty easy.

This is what I have been looking @ and it looks quite simple as long as you don't run into problems ;) and then you have Office 365 Support.

This is quite a small environment with only about 120 mailboxes. 350GB of data...
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.


Author Comment

ID: 39710212
It actually looks simpler then the 2003 to 2010 migration to me.

Author Comment

ID: 39710249
Once thing that I haven't seen any info on is migrating mail enabled contacts.

Anyone have any info on that?

Author Comment

ID: 39710273
OK so the migration is simple, its the SSO thats the hard part right?

What's the difference between Dirsync and ADFS?

Which is better?
LVL 39

Expert Comment

by:Vasil Michev (MVP)
ID: 39710600
Cutover migration will migrate everything that is visible in the GAL, including contacts.

As for dirsync (I am assuming you are interested in password sync) and/or AD FS, review this article:

You cannot have dirsync running when performing cutover migration, you will have to enable it after the migration is over. For 120 users AD FS is probably an overkill, but if you need any of the functionality it offers, go for it.

Accepted Solution

ontech earned 167 total points
ID: 39716794
CutOver Migration best article to follow.

dirsync is Directory Synchronization Server.
It syncs your AD objects to Cloud.
Every AD objects has a unique GUID, So this GUID is synced to Office 365 with User object and called as Immunitable ID.

ADFS is Active Directory Federated Services.
It is used for Single Sign On.
When you install ADFS successfully, The users in Office 365 will be authenticated using your Active Directory, So when you enter your user name there is a dot dot running when you go to Password tab. It checks if the domain is federated, If your domain is federated it will be routed to ADFS server in your organization which will send the credentials to AD server and Authenticate you.
ADFS is used for SSO and security reasons.

You can also use DirSync Password Sync feature to sync the password of the users to Office 365. But over here the password will be stored in the cloud.

Hope this answers your question.

Rest In Next.


Author Closing Comment

ID: 39745454
Thanks so much guys,

Expert Comment

ID: 39928238
So not being able to have DirSync run / installed until after your migration is complete, what is the best way to deal with users logging in?

I think it sucks to give out temporary password to 100 users with a link to 365, have them login, then change their password (to match their AD).. That's just a lot of room for error on the user end..

Expert Comment

ID: 40431611
Would anybody have a fresh link for this

it seems to have been moved!

Many Thanks

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question