Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!
Exchange 2010 - Office 365 Hybrid Migration - On-Premise to O365 not working
I read somewhere:
All of my Internal DNS MX Records are pointing to On-Premise. All of the Public DNS MX records are pointing to Office365.
Mail from O365 to On-Prem is fine.
Mail from On-Prem to O365 is stuck in the Queue for the Domain.
Error: 451 4.4.0 Primary Target IP address responded with: "421 4.2.1 Unable to Connect" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
Mail to: user@domain-a.com is getting sent to domain-0.com mail queue.
domain-0.com is the Primary O365 domain.
Here is the results of: get-hybridconfiguration | fl
As for MX records, these can be pointing to Office 365 or your On Premise Exchange environment, depending on your needs. As long as the Hybrid Configuration Wizard worked correctly, mail flow should be seamless between the two systems.
All of my Internal DNS MX Records are pointing to On-Premise. All of the Public DNS MX records are pointing to Office365.
Mail from O365 to On-Prem is fine.
Mail from On-Prem to O365 is stuck in the Queue for the Domain.
Error: 451 4.4.0 Primary Target IP address responded with: "421 4.2.1 Unable to Connect" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
Mail to: user@domain-a.com is getting sent to domain-0.com mail queue.
domain-0.com is the Primary O365 domain.
Here is the results of: get-hybridconfiguration | fl
[PS] C:\Windows\system32>get-hybridconfiguration | fl
RunspaceId : de34fead-a695-444b-44e7-44cc4444becb
ClientAccessServers : {}
TransportServers : {VSVR-EXCH2010}
SecureMailCertificateThumbprint : 4491AE94D3444C229CBCE4439CDF1444CCB44C244
OnPremisesSmartHost : mail.<domain-0>.com
Domains : {domain-a.com, domain-b.com, domain-b.com, autod:domain-0.com}
Features : {FreeBusy, MoveMailbox, Mailtips, MessageTracking, OwaRedirection, OnlineArchive, SecureMail}
ExternalIPAddresses : {<pub IP Address>}
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
Name : Hybrid Configuration
DistinguishedName : CN=Hybrid Configuration,CN=Hybrid Configuration,CN=myenm,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain-0,DC=com
Identity : Hybrid Configuration
Guid : 3d96cf44-6f44-4744-a044-dd83e946c344
ObjectCategory : domain-0.com/Configuration/Schema/ms-Exch-Coexistence-Relationship
ObjectClass : {top, msExchCoexistenceRelationship}
WhenChanged : 1/5/2018 5:17:03 PM
WhenCreated : 12/7/2017 12:12:37 PM
WhenChangedUTC : 1/6/2018 1:17:03 AM
WhenCreatedUTC : 12/7/2017 8:12:37 PM
OrganizationId :
OriginatingServer : ADDC.domain-o.COM
IsValid : True
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
HCW was run and was Successful. The send connector "Outbound to Office 365" is there as well as the "Inbound from Office 365" receive connector.
I have made the domains I'm working with along with the onmicrosoft.com domains 'Internal Relay' under accepted Domains.
The mail that is trying to be sent to domain-0.com is being sent to the Public IP address for the on-premise mail server. The on-premise mail server's default send connector does have the 'Use the External DNS lookup on the transport server' set and it is set to google's DNS.
I'm not sure why the email sent to domain-a.com is in the Queue for domain-0.com and not tenant.mail.onmicrosoft.co
Look like my External DNS for domain-0.com was set to the on-premise server. I changed the MX record to <domain-0.com>.mail.protec
I have yet to Migrate a user for a Domain that would have both on-premise and O365 users.
I have made the domains I'm working with along with the onmicrosoft.com domains 'Internal Relay' under accepted Domains.
The mail that is trying to be sent to domain-0.com is being sent to the Public IP address for the on-premise mail server. The on-premise mail server's default send connector does have the 'Use the External DNS lookup on the transport server' set and it is set to google's DNS.
I'm not sure why the email sent to domain-a.com is in the Queue for domain-0.com and not tenant.mail.onmicrosoft.co
Look like my External DNS for domain-0.com was set to the on-premise server. I changed the MX record to <domain-0.com>.mail.protec
I have yet to Migrate a user for a Domain that would have both on-premise and O365 users.
The send connector on-premises should indeed only feature the tenant.mail.onmicrosoft.co
Did you happen to select the "centralized mail transport" option when running the HCW?
Did you happen to select the "centralized mail transport" option when running the HCW?
he send connector on-premises should indeed only feature the tenant.mail.onmicrosoft.com domain
The send connector (Outbound to Office 365) does only have the <tenant>.mail.onmicrosoft.
Though it seems like when sending an email from on-Premise to O365 (user@domain-a.com) the email should be sent to user@<tenant>.mail.onmicro
So when sending to user@domain-a.com the mail ends up in the Queue for domain-0.com. It uses the default send connector which uses External DNS to send email email. It looked up the Public MX record for domain-0.com and is using that host to send the email. I had to change the Public DNS MX for domain-0.com to <domain-0.com>01e.mail.pro
Well if you havent yet migrated the mailboxes to O365 as you mentioned above, why would you expect the mail to be redirected to user@tenant.mail.onmicroso
Sorry, I'm testing with a Migrated user.
user@domain-a.com is on O365.
me@domain-d.com is on On-Premise
From: me@domain-d.com
To: user@domain-a.com
the email Ends up in the Mail Queue for domain-0.com (the users AD Account Domain, Primary Domain on O365 Domains List)
Seems like should of gone to user@tenant.mail.onmicroso
user@domain-a.com is on O365.
me@domain-d.com is on On-Premise
From: me@domain-d.com
To: user@domain-a.com
the email Ends up in the Mail Queue for domain-0.com (the users AD Account Domain, Primary Domain on O365 Domains List)
Seems like should of gone to user@tenant.mail.onmicroso
It should, *if* the targetaddress of the user is stamped with user@tenant.mail.onmicroso
Are you referring to the "Routing E-Mail Address" It is set to domain-0.com
Is this set in the Remove Move Request - Target Delivery Domain? I did select haydon-mill.com as that is the Primary Tenant Domain, though not the tenant name space.
(I'm sure you can tell I'm in over my Head! ;-)
Thanks!
Is this set in the Remove Move Request - Target Delivery Domain? I did select haydon-mill.com as that is the Primary Tenant Domain, though not the tenant name space.
(I'm sure you can tell I'm in over my Head! ;-)
Thanks!
as long as TargetAddress is stamped on user properties pointing to user@tenant.mail.onmicroso
You need to ensure that "onpremise to O365" connector contains all onpremise sending server IPs so that o365 would not reject the email.
You need to ensure that "onpremise to O365" connector contains all onpremise sending server IPs so that o365 would not reject the email.
so I changed the Routing E-Mail Address to the tenant.mail.onmicrosoft.co
SN1NAM04FT022.mail.protect
in O365 Portal I do not see the domain: tenant.mail.onmicrosoft.co
I do see tenant.onmicrosoft.com
To setup tenant.mail.onmicrosoft.co
SN1NAM04FT022.mail.protect
in O365 Portal I do not see the domain: tenant.mail.onmicrosoft.co
I do see tenant.onmicrosoft.com
To setup tenant.mail.onmicrosoft.co
if you navigate to exchange admin panel \ domains, you should see that domain at both places
how many hub transport servers are there who can send emails to outside, I think all servers are not added to onpremise to o365 connector" and hence O365 is rejecting the messages
also no need to add any dns records for microsoft domains, you cannot do that as it is controlled by MS
how many hub transport servers are there who can send emails to outside, I think all servers are not added to onpremise to o365 connector" and hence O365 is rejecting the messages
also no need to add any dns records for microsoft domains, you cannot do that as it is controlled by MS
Only one On-Premise Server.
On portal.office.com setup/domains I see my own domains and tenant.onmicrosoft.com
I do NOT see the tenant.mail.onmicrosoft.co
on On-Premise Exchange 2010 Server, Hub Transport I see:
Remote Domains:
My Own Domains
tenant.mail.onmicrosoft.co
tenant.onmicrosoft.com
Accepted Domains:
My Own Domains
tenant.mail.onmicrosoft.co
send connector:
Outbound to Office 365 - azureeandm.mail.onmicrosof
receive connector:
Inbound from Office 365 - has all of the MS IPs in it.
On portal.office.com setup/domains I see my own domains and tenant.onmicrosoft.com
I do NOT see the tenant.mail.onmicrosoft.co
on On-Premise Exchange 2010 Server, Hub Transport I see:
Remote Domains:
My Own Domains
tenant.mail.onmicrosoft.co
tenant.onmicrosoft.com
Accepted Domains:
My Own Domains
tenant.mail.onmicrosoft.co
send connector:
Outbound to Office 365 - azureeandm.mail.onmicrosof
receive connector:
Inbound from Office 365 - has all of the MS IPs in it.
in admin panel, navigate to admin center\exchange online and there go to domains, you should see the domain as accepted domain
also remove all internal MX records, those are not required, it may create issues as this is shared name space scenario and works on internal relay - TargetAddress mechanism
also remove all internal MX records, those are not required, it may create issues as this is shared name space scenario and works on internal relay - TargetAddress mechanism
Exchange admin center
Mail Flow
Accepted Domains
tenant.mail.onmicrosoft.co
tenant.onmicrosoft.com - Authoritative
Mail Flow
Accepted Domains
tenant.mail.onmicrosoft.co
tenant.onmicrosoft.com - Authoritative
If I do the remote move request I'm guessing I need to select the tenant.mail.onmicrosoft.co
If I select tenant.mail.onmicrosoft.co
Cannot convert the "Microsoft.Exchange.Mailbo
If I select tenant.mail.onmicrosoft.co
Cannot convert the "Microsoft.Exchange.Mailbo
either set targetaddress on user account manually OR
try beow article
http://www.amdocorp.com/movetocloudpowershell
try beow article
http://www.amdocorp.com/movetocloudpowershell
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
here is what happens if I use Powershell to move.
Looking up this it is implying that I should be doing this form Office365, which is that the New-PSSession is supposed to do.
[PS] C:\Windows\system32>$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
WARNING: Your connection has been redirected to the following URI: "https://ps.outlook.com/PowerShell-LiveID?PSVersion=2.0 "
[... lots of stuff...]
ModuleType Name ExportedCommands
---------- ---- ----------------
Script tmp_e4c285dd-498c-4f94... {Get-DeviceComplianceDetailsReportFilter, Get-PublicFolderMigrationReque...
[PS] C:\Windows\system32>New-MoveRequest -identity <user> -Remote -RemoteHostName 'on-premise.server.com' -TargetDeliveryDomain 'tenant.mail.onmicrosoft.com' -Remotecredential $OnPremisesCreds -Bad
VERBOSE: [23:30:25.651 GMT] New-MoveRequest : Active Directory session settings for 'New-MoveRequest' are: View Entire Forest: 'False', Default Scope: '<AD-Domain>', Configuration Domain Controller:
'ADDC.<AD-Domainn>', Preferred Global Catalog: 'addc2.<AD-Domainn>', Preferred Domain Controllers: '{ addc2.<AD-Domainn> }'
VERBOSE: [23:30:25.653 GMT] New-MoveRequest : Runspace context: Executing user: <AD-Domainn>/myOU/Scott, Executing user organization: , Current organization: ,
RBAC-enabled: Enabled.
VERBOSE: [23:30:25.655 GMT] New-MoveRequest : Beginning processing &
VERBOSE: [23:30:25.657 GMT] New-MoveRequest : Instantiating handler with index 0 for cmdlet extension agent "Admin Audit Log Agent".
WARNING: When an item can't be read from the source database or it can't be written to the destination database, it will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting that
Exchange not copy such items to the destination mailbox. At move completion, these corrupted items won't be available in the destination mailbox.
VERBOSE: [23:30:25.711 GMT] New-MoveRequest : Current ScopeSet is: { Recipient Read Scope: {{, }}, Recipient Write Scopes: {{, }}, Configuration Read Scope: {{, }}, Configuration Write Scope(s): {{, }, }, Exclu
Recipient Scope(s): {}, Exclusive Configuration Scope(s): {} }
VERBOSE: [23:30:25.738 GMT] New-MoveRequest : Searching objects "<user>" of type "ADUser" under the root "$null".
VERBOSE: [23:30:25.786 GMT] New-MoveRequest : Previous operation run on domain controller 'addc2.<AD-Domainn>'.
VERBOSE: [23:30:25.790 GMT] New-MoveRequest : Processing object "$null".
VERBOSE: [23:30:25.805 GMT] New-MoveRequest : Admin Audit Log: Entered Handler:OnComplete.
Target user '<user name>' already has a primary mailbox.
+ CategoryInfo : InvalidArgument: (<user>:MailboxOrMailUserIdParameter) [New-MoveRequest], RecipientTaskException
+ FullyQualifiedErrorId : 35586141,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest
VERBOSE: [23:30:25.835 GMT] New-MoveRequest : Ending processing &
Looking up this it is implying that I should be doing this form Office365, which is that the New-PSSession is supposed to do.
Cannot convert the "Microsoft.Exchange.MailboxReplicati onService. TargetDeli veryDomain MismatchPe rmanentExc eption" value of type "System.String" to type "System.Type".
Okay I figured this one out. My Company has about 20 Domain Names and I'm using some that are not widely used with employees for testing with email. I added email addresses with the test domains to old Employee accounts and then tried Migrating the accounts. Though I didn't remove the non-test domains from the accounts. So they still had email addresses with domains that were not validated for Office 365 yet. After removing the non validated domains I was able to Migrate users and resources.
To get the mail flowing I need to Add the tenant.mail.onmicrosoft.co
Once the Address Policy was in place I and removed the non-test domains from user accounts I was able to Migrate users and have mail flow from On-Premise to O365.
I still have another issue with sending form O365 to some On-Premise users though I will start another thread for that since it is not directly related.
Once the Address Policy was in place I and removed the non-test domains from user accounts I was able to Migrate users and have mail flow from On-Premise to O365.
I still have another issue with sending form O365 to some On-Premise users though I will start another thread for that since it is not directly related.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Office
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
Did you run hybrid configuration Wizard?
Did you properly configured DNS on your onprem server?