Solved

Exchange 2010 to Exchange Online migration if DirSync already exists?

Posted on 2014-01-16
5
1,119 Views
Last Modified: 2014-01-20
Hi All,

We've recently been given the green light to fully migrate our on-premise Exchange 2010 to Exchange Online, and I'm reading through the process, which has led me to discover something I consider quite alarming.

To set the scene, we've had Lync Online deployed for the last year or so (although it receives very little use), and due to that, have already deployed ADFS 2.0 and the DirSync tool within our organisation...

Now, I read that, because Exchange 2010 for some reason doesn't support Staged Migration to Exchange Online, our only real option is a Cutover migration (Hybrid doesn't really work for us, seeing as we want to actually do away with all on-premise Exchange infrastructure). However... I then read that, if you have already deployed DirSync within your org, then Cutover migration(s) will fail from the Exchange Online portal?

My question is, can we simply cancel our Lync Online subscription, remove our Vanity Domain from our existing Off365 account, remove DirSync/ADFS 2.0 and then create a brand new Off365 account, and setup the Vanity Domain from scratch, without having DirSync interfere? And if not, what are our options, please?

Thanks in advance

Dave
0
Comment
Question by:Ramsden-International
  • 3
  • 2
5 Comments
 
LVL 40

Accepted Solution

by:
Vasil Michev (MVP) earned 500 total points
ID: 39785495
I guess you really have a preference for over-complicating things? :)

Simply DISABLE dirsync for the time being and reenable it after the migration is over. All the details about cutover, including how to disable dirsync if needed can be found here:

http://help.outlook.com/en-us/140/Ff628719.aspx

http://technet.microsoft.com/en-us/library/dn144760.aspx

Of course you might run into some issues with objects not being updated in the cloud, etc, but you can happily live for weeks with dirsync disabled.
0
 

Author Comment

by:Ramsden-International
ID: 39785517
I am relieved to hear that, vasilcho, thankyou!

So I can keep our current Off365 account, and simply add Exchange Online licenses to it? (We are getting rid of Lync anyway, as it just isn't used)

It was my understanding that DirSync didn't work after a Cutover migration anyway? I didn't think you could use SSO without a Hybrid deployment in place? If you can now, then great! If not, then I guess there's no harm in removing DirSync anyway, because we wouldn't need it any longer.
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 39785542
SSO/ADFS and hybrid are two different things, you dont necessarily need them both. But yes, both depend on dirsync.

You can reenable dirsync once the migration is complete and continue using ADFS. Or you can use dirsync with password sync instead:

http://blogs.office.com/b/office365tech/archive/2013/07/26/password-hash-sync-simplifies-user-management-for-office-365.aspx
0
 

Author Comment

by:Ramsden-International
ID: 39785564
Ahh, I understand now, I think... :)

Looks like we are currently using an older version of DirSync, because I don't see the option to tick the box for password hashtag sync in our version. Also, we already deployed ADFS 2.0 when setting up Lync Online, as it appears it was required as part of the process back then.

Can we just remove ADFS and replace DirSync with the updated version?
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 39785681
Depends on your requirements, as explained in the article above some things are only available with ADFS. It also offers seamless experience for users in the domain environment (i.e. the user is never asked for credentials), whereas dirsync only offers SAME sign-on (password is the same but you still need to enter it every time). If that works for you, go for it, Dirsync is of course lot easier to configure and support.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question