Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Open
  • Priority: Medium
  • Security: Public
  • Views: 63
  • Last Modified:

Problems with On-Premise exchange to Exchange online migration.

I am in the process of trying to move users mailboxes from our on premise exchange 2010 SP3 server to Exchange Online. I have already ran and installed the hybrid configuration wizard and everything looks like it completed successfully except for the following error message;

"The Legacy Email Address Policy cannot be automatically updated and must be manually upgraded"

I went ahead and ran the following in EMS get-emailaddresspolicy|update-emailaddresspolicy

When i go into Exchange admin center, recipients, migration then migrate to exchange online and select remote move migration no users appear in the add selection. Am i missing something? I also created a migration endpoint but that did not make a difference either.
0
natevelli2
Asked:
natevelli2
20 Comments
 
MaheshArchitectCommented:
you got error because you have upgraded exchange from previous exchange 2003 or 2007 and that time that email address policy is not updated
The command you used is correct and it should be run from EMS

after that you need to rerun hybrid configuration wizard and then try to migrate
0
 
Naveen SharmaCommented:
Follow this Microsoft KB:

https://support.microsoft.com/en-in/help/2821224/-the-legacy-email-address-policy-cannot-be-automatically-updated-and-m

Use EMS to update and fix this issue. However, for mailbox migration you can also use Kernel Migrator for Exchange to migrate easily.
0
 
natevelli2Author Commented:
Okay so I re-ran the hybrid configuration wizard again and no luck. At the very end I get the same message The Legacy Email Address Policy cannot be automatically updated and must be manually upgraded even though I already ran the command and it appeared to run successfully. Do i need to remove the federation trust and organization relationship and re-run the wizard?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
MaheshArchitectCommented:
can you check from EMS if still if it's locating legacy policy?

if not, you can re-run the wizard again and check

sometimes it takes time exchange to understand the updates
0
 
natevelli2Author Commented:
Okay so I ran the command again and noticed that i am getting the following error the recipient is invalid and cannot be updated. Also I ran Get-EmailAddressPolicy | ft Name,RecipientFilterType and all recipient types are showing as Legacy. Do I need to run the following commands?

Get-EmailAddressPolicy | Set-EmailAddressPolicy -IncludedRecipients AllRecipients
Set-GlobalAddressList "Default Global Address List" -RecipientFilter {(Alias -ne $null -and (ObjectClass -eq 'user' -or ObjectClass -eq 'contact' -or ObjectClass -eq 'msExchSystemMailbox' -or ObjectClass -eq 'msExchDynamicDistributionList' -or ObjectClass -eq 'group' -or ObjectClass -eq 'publicFolder'))}
Set-AddressList "All Users" –IncludedRecipients MailboxUsers
Set-AddressList "All Groups" –IncludedRecipients Mailgroups
Set-AddressList "All Contacts" –IncludedRecipients MailContacts
Set-AddressList "Public Folders" -RecipientFilter {RecipientType -eq "PublicFolder"}
0
 
MaheshArchitectCommented:
Yes above commands will help and should do the job, still check if any legacy policy exists, run below

Get-EmailAddressPolicy | where {$_.RecipientFilterType -eq "Legacy"}

Open in new window


If output returns any policy, update it with below cmdlet
Set-EmailAddressPolicy "Legacy Policy Name" -IncludedRecipients AllRecipients

Open in new window


then rerun hybrid wizard again
0
 
natevelli2Author Commented:
Okay so ran the EMS updates and then Get-EmailAddressPolicy | where {$_.RecipientFilterType -eq "Legacy"}

results where Alias -ne $null in recipient filter. Ran Hybrid wizard again and no error messages at the end. However when I go to migrate to exchange online no mailboxes appear still. You mentioned I might have to wait for changes to take affect. I was also looking into migrate PST option but it mentioned we needed AAD to acheive this. Do we also need AAD for this to work and thats why its not showing any mailboxes?
0
 
MaheshArchitectCommented:
What is AAD?

you already have azure ad connect installed and functional

you need endpoints in O365 so that migration of mailboxes can be triggered
http://www.checkyourlogs.net/?p=33963

At present are you able to see mail enabled users in O365 or not?
0
 
natevelli2Author Commented:
I am able to see mail enabled users but only the office 365 accounts not the on-premise accounts. I have not setup the az connect. Should this be federated? right now it is disabled.
0
 
MaheshArchitectCommented:
without azure ad connect you will not be able to populate onpremise accounts with O365 and also you cannot migrate mailboxes to O365
Azure AD Connect is mandatory
Federation is optional, if you want authentication to be happen from onpremise AD, federation is required
0
 
natevelli2Author Commented:
Okay here is an update. Good news and bad news. So configured the AAD Connect and now I am getting all the accounts to show available for migration. Bad news is majority of the user accounts were already setup on 365 and existed on-premise too. If I delete the account on 365 and migrate I will have to backup anyfiles they have on one drive and sharepoint. The other issue i saw after some testing with an account was once i migrated it all the mail transferred over to the 365 account as expected however my question is I am not looking to migrate all the users at once but piece by piece. The test account can send and receive emails but if sending an email to an internal account it is being sent to the 365 accounts which not everybody is migrated over to yet. How can i have users on the 365 server still reach users on-premise
0
 
MaheshArchitectCommented:
If your Ad connect is setup with default settings, you need to match onpremise users UPN with cloud user email ID
Then onpremise accounts will merge with cloud identities and that's it.

Now check with cloud identities , it should show synced with onpremise active directory
0
 
natevelli2Author Commented:
Not quite following you Mahesh. I setup users on the 365 before the migration so i have duplicate accounts which is a no no but i have to work through it. I need to one by one delete 365s and then migrate. However once migrated that user is basically stuck in office 365 and can only email other office 365 users and external but nobody on-premise.
0
 
MaheshArchitectCommented:
No need to delete
onpremise accounts will sync with cloud identity and then migrate

user will not get email onpremise as long as there is mailbox in cloud because whenever cloud user send mail to another user who have mailbox in cloud, the mail will get delivered locally and not getting forwarded to onpremise mailbox

if you delete cloud mailbox, what will happen to deleted mailbox data?
0
 
natevelli2Author Commented:
is there a setting that I need for this to happen. It appears all accounts are synced but the mailboxes do not sync unless i use the exchange migrations tool and move the users on-premise mailbox data over to the 365 data.
0
 
MaheshArchitectCommented:
with hybrid mailbox cannot sync between onpremise and O365, it happens in cutover migration

All you need to do is to sync account from onpremise to cloud and merge them and then use native O365 migration tool to migrate mailbox data from onpremise to o365
once mailbox migration is done, onpremise mailbox will get converted into mail enabled user and if anybody send mail from onpremise to that user, it will get delivered to his corresponding cloud mailbox
0
 
Brian MurphyIT ArchitectCommented:
Now that AD Connect exists, run ADFIX utility to check on-prem status of accounts.

You simply cannot move accounts without AD Connect when running in Hybrid mode.  Not by design.  It creates a proxy address for each user migrated and post complete migration you will find that user in Contacts as remote user and mailbox in deleted Mailboxes (30 days).  This is how the data in the mailbox is cutover and why the connector exists from onprem to O365.  

You might need to open ADSIEDIT to exam some of these parameters on certain examples.  EMS facilitates migration, only.  It does not replace AD Connect, ADFIX, or other prerequisites.
0
 
natevelli2Author Commented:
okay i am making progress but since we already have the accounts synced into office 365 and the account exists on premise it will not let me do migrations on those mailboxes unless i delete the account on 365 and then do the migration. Is there a workaround so that I do not have to delete every account?
0
 
natevelli2Author Commented:
When trying to remove a users account in the windows powershell it is not recognizing the command remove-msoluser so i cant migrate the on-premise accounts. I installed PowerShell Module for Azure AD and it will take the command Set-AzureADUser -ObjectId user1@domain.onmicrosoft.com -UserPrincipalName user1@domain.com. why wont it take the remove-msoluser ?
0
 
Marshal HubsEmail ConsultantCommented:
You can move users mailboxes from on premise exchange 2010 SP3 server to Exchange Online by using Stellar EDB to PST Converter. The software provides free demo version to check the preview of mailboxes before migration. Check this step by step guide: https://www.stellarinfo.com/support/kb/index.php/article/convert-offline-edb-to-office365
0

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now