Solved

Exchange 2010 to Exchange Online migration if DirSync already exists?

Posted on 2014-01-16
5
1,130 Views
Last Modified: 2014-01-20
Hi All,

We've recently been given the green light to fully migrate our on-premise Exchange 2010 to Exchange Online, and I'm reading through the process, which has led me to discover something I consider quite alarming.

To set the scene, we've had Lync Online deployed for the last year or so (although it receives very little use), and due to that, have already deployed ADFS 2.0 and the DirSync tool within our organisation...

Now, I read that, because Exchange 2010 for some reason doesn't support Staged Migration to Exchange Online, our only real option is a Cutover migration (Hybrid doesn't really work for us, seeing as we want to actually do away with all on-premise Exchange infrastructure). However... I then read that, if you have already deployed DirSync within your org, then Cutover migration(s) will fail from the Exchange Online portal?

My question is, can we simply cancel our Lync Online subscription, remove our Vanity Domain from our existing Off365 account, remove DirSync/ADFS 2.0 and then create a brand new Off365 account, and setup the Vanity Domain from scratch, without having DirSync interfere? And if not, what are our options, please?

Thanks in advance

Dave
0
Comment
Question by:Ramsden-International
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 41

Accepted Solution

by:
Vasil Michev (MVP) earned 500 total points
ID: 39785495
I guess you really have a preference for over-complicating things? :)

Simply DISABLE dirsync for the time being and reenable it after the migration is over. All the details about cutover, including how to disable dirsync if needed can be found here:

http://help.outlook.com/en-us/140/Ff628719.aspx

http://technet.microsoft.com/en-us/library/dn144760.aspx

Of course you might run into some issues with objects not being updated in the cloud, etc, but you can happily live for weeks with dirsync disabled.
0
 

Author Comment

by:Ramsden-International
ID: 39785517
I am relieved to hear that, vasilcho, thankyou!

So I can keep our current Off365 account, and simply add Exchange Online licenses to it? (We are getting rid of Lync anyway, as it just isn't used)

It was my understanding that DirSync didn't work after a Cutover migration anyway? I didn't think you could use SSO without a Hybrid deployment in place? If you can now, then great! If not, then I guess there's no harm in removing DirSync anyway, because we wouldn't need it any longer.
0
 
LVL 41

Expert Comment

by:Vasil Michev (MVP)
ID: 39785542
SSO/ADFS and hybrid are two different things, you dont necessarily need them both. But yes, both depend on dirsync.

You can reenable dirsync once the migration is complete and continue using ADFS. Or you can use dirsync with password sync instead:

http://blogs.office.com/b/office365tech/archive/2013/07/26/password-hash-sync-simplifies-user-management-for-office-365.aspx
0
 

Author Comment

by:Ramsden-International
ID: 39785564
Ahh, I understand now, I think... :)

Looks like we are currently using an older version of DirSync, because I don't see the option to tick the box for password hashtag sync in our version. Also, we already deployed ADFS 2.0 when setting up Lync Online, as it appears it was required as part of the process back then.

Can we just remove ADFS and replace DirSync with the updated version?
0
 
LVL 41

Expert Comment

by:Vasil Michev (MVP)
ID: 39785681
Depends on your requirements, as explained in the article above some things are only available with ADFS. It also offers seamless experience for users in the domain environment (i.e. the user is never asked for credentials), whereas dirsync only offers SAME sign-on (password is the same but you still need to enter it every time). If that works for you, go for it, Dirsync is of course lot easier to configure and support.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question