Migration of multiple domains (more then 70, all part of single AD, single Exchange onprem) to O365.

Hello Experts. My company has more then 40 different domains in our 1 AD, 1 Exchange 2013 env, with about 3000 users world wide, with more then 70 office locations. We are looking to move to O365, azure. My questions are:

1. Is it possible to have more then 70 site to site vpn(tunnels) connections to azure to a single tenant? Is there a limit on the number of connections that can be made to a tenent?

2. Since we have so many authoritative domains in on prem, will o365, and azure be able to handle this in a single tenant?

3. We have a forever retention policy, is it possible to mantain this in O365, if so how?

4. How are signatures handled in O365?

5. Is it possible to assign multiple smtp addresses from same domain and from different domains to a single user in O365, so they can receive emails from multiple domain email addresses?

6. Some of the companies that are under us, child companies (we only control their email), if they already have their domain added in Azure, i know we cannot add the same domain to multiple tenants, can we take their domain and add it to our tenant, with all of their settings mentained? and delegate out some control to the individual companies for their own tasks, and hide exchange from them?

7. How would enterprise mobility (active sync) work for users that have been migrated to O365?

 8. Im sure i already know the answer to this, but is it possible to connect a single AAD Connect to miltiple tenents in azure, or O365?

9. How are distribution groups different from O365 groups, and how about security groups in Azure?

Please let me know, and thanks in advance.
Newguy 123Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vasil Michev (MVP)Commented:
1) VPN (to Azure) has nothing to do with O365. O365 is available from anywhere, anytime, and there are no restrictions in terms of users
2) No problem there, only when you get to few hundred domains there might be some issues
3) It is. By using the same process as on-premises
4) Same as on-premises. If you are using some 3rd party tools that offer better signature functionality, you should check with the vendor whether they are supported in O365
5) Yes
6) Yes and no. You can certainly move the domain to a different tenant, but "settings" will not be kept and you will have to reconfigure them. For Exchange Online, you have almost the same controls as on-premises in terms of RBAC or GAL segregation. When it comes to the other workloads though, things are harder to achieve and you might be better using a 3rd party management tool
7) What do you mean how? ActiveSync works just fine in O365 and you have the same controls. Even more with Intune
8) https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnect-topologies/
9) O365 Groups are a "combination" of a mailbox, site, Team even. They are intended to be self-managed. Read the documentation: https://support.office.com/en-us/article/Learn-about-Office-365-groups-b565caa1-5c40-40ef-9915-60fdb2d97fa2

I would strongly advice you to split the question to multiple parts next time, so we can give you some more detailed answers. Or do some research - there is tons of documentation out there for everything you asked. Or hire a partner to help you with the process. Experts on EE are volunteers, respect their time/effort.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MaheshArchitectCommented:
Some more explanation on few of your questions:

Q1 and Q8:
you don't need to add any server to azure (AD Connect and ADFS) since you have single AD forest and must be having connectivity from root domains to all other domains (tree domains / child domains) and Azure AD Connect can fetch info from all domains from one place, simply install azure ad connect in root domain onpremise

Q7:
Enterprise mobility (Intune / EMS) is solution developed for cloud users (O365) only and have better control than standard O365 MDM solution which ships with O365
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Office

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.