Solved

Exchange 2010 to Office 365 Cutover Migration - Questions

Posted on 2014-01-02
9
388 Views
Last Modified: 2015-03-30
Hi Experts,

I am preparing to cutover.

I have some questions...but first here is my set up:

2 exchange servers in DAG  and  Casarray...  no load balancing.
both servers hold all roles. CAS, HUB, Mailbox
Exchange 2010 sp3 and Windows Server 2008 R2 on all machines involved.
One database - approx. 19GB
135 Users
no public folders
Single Forest and Domain
I have a barracuda spam filter.

I will not be using AD FS or DirSync.
I am going to require them to sign in separately to Office 365 from the local network.

First questions.... (more to come)

Is keeping it totally separate the best idea? .. or should I consider DirSync for other reasons (besides Same Sign On) ?

My users are in both mail enabled security groups and distribution groups.
How will the cutover affect this?
Will it convert the mail enabled security groups to dist. groups?

thanks in advance...
0
Comment
Question by:SeaSenor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 3

Accepted Solution

by:
mijared earned 250 total points
ID: 39753357
Hello,

I found in some cases there is no need to use dirsync or ADFS. Mainly I used this when the users were remote or mobile users.

If the majority of your users are office based, you might as well use Dirsync. In the most recent version it will now sync the passwords also to the cloud. Meaning that the same username and password onsite will work for office 365. There is a small amount of work to be done on the AD first to setup the UPN in the same domain name as in office 365.

The main problem with using Dirsync and a pre existing exchange environment is, when you sync the users to the cloud, the user object has entries for an exchange mailbox and one in office 365 is not created. You would need to "move mailboxes to the cloud" from the onsite exchange server.

Same for the security group, you would need to make sure they have an email address and then it will create a distribution group in office 365.

Best regards,
Michael
0
 
LVL 8

Author Comment

by:SeaSenor
ID: 39766130
ok.. I think I understand what you are saying.

although, I am not concerned with Dirsync. They can sync their passwords manually every few months.
Also, if I understand, I would have to disable dirsync for the cutover anyway, so I'll have the option on setting it up later after the cutover.

My main focus is a smooth transition, and knowing exactly what steps to take with my set up.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 39792872
Also, if I understand, I would have to disable dirsync for the cutover anyway, so I'll have the option on setting it up later after the cutover.

What are you currently using DirSync for?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 39792894
Everything you need to know is in this article:

http://help.outlook.com/ms.exch.ecp.emailmigrationwizardexchangelearnmore.aspx

The process goes over the GAL and migrates everything that is visible there. Here is also another article that explicitly lists what is migrated:

http://help.outlook.com/en-us/140/hh553234.aspx

Dirsync will certainly help you manage the users after the migration, and password sync will help you reduce the workload after the migration.

Here are also the requirements for synchronizing groups:

http://support.microsoft.com/kb/2256198#How
0
 
LVL 8

Author Comment

by:SeaSenor
ID: 39797126
@diggisaur... I'm not currently using it. Just my understanding that if I set it up, I would have to disable it anyway to do the cutover. So after the cutover, I will have the option of whether or not to use it.

This article made me wonder if I should use it, hence part of the reason I questioned it:

http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2013/07/12/five-things-you-need-to-know-about-using-dirsync-with-password-sync.aspx

@vasilcho... your comment:
"Dirsync will certainly help you manage the users after the migration, and password sync will help you reduce the workload after the migration"

I understand somewhat, but can you expand on that please? In what ways will it help manage users?
And according to the article, the password thing may be "6 one, half a dozen the other" in regards to password convenience and the administrators workload.

thanks to all so far.

Another question:  should I break the DAG and CAS array prior to the cutover?  What would be the pros/cons ?
0
 
LVL 40

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 250 total points
ID: 39797169
Because you will have a central point to manage objects. If you dont have dirsync, any change in the user attributes will have to be applied by the admin both on-prem and in the cloud. And even for small businesses, changes in name/position/manager/etc are common.  Also new accounts, you will have to provision them both on-prem and in the cloud.

Same for the passwords, most users will have trouble working with different sets of credentials. Even if you match the passwords, the different policies you have on-prem vs in the cloud will most certainly lead to different passwords at the end. You can always set the passwords to never expire, but this is a security risk.

It's up to you at the end, dirsync is not a requirement to use O365, it's just additional tool.
0
 
LVL 8

Author Comment

by:SeaSenor
ID: 39797193
again.. thanks.

Aside from Dirsync, should I leave the DAG and CAS array or should I remove them prior to the cutover?

Once the cutover migration has initially replicated, I should have enough redundancy (at least in respect to DAG).... to keep only one mailbox server. CAS would be a benefit until the cutover is completed and the batch removed.

thoughts on that?
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question