Need Some Help Setting Up Exchange 2016 in a Hybrid Configuration
Some time ago, I worked with CDW to move to Office 365 / Hosted Exchange Server from our on-prem Exchange 2013 server. They had me use Skykick to migrate my mailboxes to the cloud. I don't recall working with them to configure our on-prem Exchange 2013 server in a hybrid configuration.
The on-prem Exchange Server remained online and part of our domain; partly because I was not told by Skykick to decommission it after the migration and partly because I got side-tracked with other projects.
Some time later, I learned that I needed to keep an on-prem Exchange server to take advantage of mail-enabled security groups and other features that were not yet available in a hosted Exchange environment. This was the first time that I learned about a hybrid environment and that Microsoft provided you with a free copy of Exchange to run when using a hybrid configuration.
Fast forward to today, I am deploying a new VM running Server 2016 and Exchange 2016 to replace our old Exchange 2013 server. I was able to get Exchange 2016 installed and also installed Azure AD Connect. It seems that everything synced as my user mailboxes now show up in Exchange 2016.
I am now running the Office 365 Hybrid Configuration tool. I am at the point where the wizard is asking me if I want a "Minimal Hybrid Configuration" or a "Full Hybrid Configuration." I am not sure which option to select. What do you suggest?
I am pretty confident that all of our Exchange data currently exists in the cloud as we have been using the hosted Exchange Server for a number of years. As I set up this Exchange 2016 server in a hybrid configuration, is there any risk of some form of "syncing" taking place that would wipe out all of the data in a user's mailbox that is on the hosted Exchange server?
The on-prem Exchange Server remained online and part of our domain; partly because I was not told by Skykick to decommission it after the migration and partly because I got side-tracked with other projects.
Some time later, I learned that I needed to keep an on-prem Exchange server to take advantage of mail-enabled security groups and other features that were not yet available in a hosted Exchange environment. This was the first time that I learned about a hybrid environment and that Microsoft provided you with a free copy of Exchange to run when using a hybrid configuration.
Fast forward to today, I am deploying a new VM running Server 2016 and Exchange 2016 to replace our old Exchange 2013 server. I was able to get Exchange 2016 installed and also installed Azure AD Connect. It seems that everything synced as my user mailboxes now show up in Exchange 2016.
I am now running the Office 365 Hybrid Configuration tool. I am at the point where the wizard is asking me if I want a "Minimal Hybrid Configuration" or a "Full Hybrid Configuration." I am not sure which option to select. What do you suggest?
I am pretty confident that all of our Exchange data currently exists in the cloud as we have been using the hosted Exchange Server for a number of years. As I set up this Exchange 2016 server in a hybrid configuration, is there any risk of some form of "syncing" taking place that would wipe out all of the data in a user's mailbox that is on the hosted Exchange server?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
FYI. You can avail Exchange 2016 hybrid license.
ASKER
MAS,
I am now to the part in the Hybrid Config Tool that is asking me to select "Use Exchange Classic Topology" or "Use Exchange Modern Hybrid Topology." I am not sure which to select. I did some brief reading online and couldn't find an answer that didn't make my head spin. Once of the things that I did read was that if using Teams then they suggest Exchange Classic Hybrid. What are your thoughts?
I am now to the part in the Hybrid Config Tool that is asking me to select "Use Exchange Classic Topology" or "Use Exchange Modern Hybrid Topology." I am not sure which to select. I did some brief reading online and couldn't find an answer that didn't make my head spin. Once of the things that I did read was that if using Teams then they suggest Exchange Classic Hybrid. What are your thoughts?
You don't need it as you don't have mailboxes onprem.
ASKER
MAS,
This Exchange Server is fighting me every step of the way. When running the Office Hybrid Configuration Tool, I get to the step "Hybrid Agent Setup" and when it attempts to "validate hybrid agent for exchange usage" I get an error. When checking the log file, it states:
2021.05.04 20:35:14.739 10341 [Client=UX, Page=HybridConnectorInstall, Step=TestOrgRoute, Thread=6] FINISH Time=316.0s Results=Failed The connection to the server '386cdb84-3558-4940-a649-82647316ddda.resource.mailboxmigration.his.msappproxy.net' could not be completed., The call to 'https://386cdb84-3558-4940-a649-82647316ddda.resource.mailboxmigration.his.msappproxy.net/EWS/mrsproxy.svc' failed. Error details: The HTTP request was forbidden with client authentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden.., The HTTP request was forbidden with client authentication scheme 'Negotiate'., The remote server returned an error: (403) Forbidden.
2021.05.04 20:35:14.766 *ERROR* 10349 [Client=UX, Page=HybridConnectorInstall, Thread=6] The connection to the server '386cdb84-3558-4940-a649-82647316ddda.resource.mailboxmigration.his.msappproxy.net' could not be completed., The call to 'https://386cdb84-3558-4940-a649-82647316ddda.resource.mailboxmigration.his.msappproxy.net/EWS/mrsproxy.svc' failed. Error details: The HTTP request was forbidden with client authentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden.., The HTTP request was forbidden with client authentication scheme 'Negotiate'., The remote server returned an error: (403) Forbidden.
2021.05.04 20:35:14.776 10390 [Client=UX, Page=HybridConnectorInstall, Thread=6] Test duration 00:05:16.0462889
2021.05.04 20:47:11.097 10044 [Client=UX, Thread=1] Opening C:\Users\Administrator.mydomain\AppData\Roaming\Microsoft\Exchange Hybrid Configuration\20210504_202633.log
This Exchange Server is fighting me every step of the way. When running the Office Hybrid Configuration Tool, I get to the step "Hybrid Agent Setup" and when it attempts to "validate hybrid agent for exchange usage" I get an error. When checking the log file, it states:
2021.05.04 20:35:14.739 10341 [Client=UX, Page=HybridConnectorInstall, Step=TestOrgRoute, Thread=6] FINISH Time=316.0s Results=Failed The connection to the server '386cdb84-3558-4940-a649-82647316ddda.resource.mailboxmigration.his.msappproxy.net' could not be completed., The call to 'https://386cdb84-3558-4940-a649-82647316ddda.resource.mailboxmigration.his.msappproxy.net/EWS/mrsproxy.svc' failed. Error details: The HTTP request was forbidden with client authentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden.., The HTTP request was forbidden with client authentication scheme 'Negotiate'., The remote server returned an error: (403) Forbidden.
2021.05.04 20:35:14.766 *ERROR* 10349 [Client=UX, Page=HybridConnectorInstall, Thread=6] The connection to the server '386cdb84-3558-4940-a649-82647316ddda.resource.mailboxmigration.his.msappproxy.net' could not be completed., The call to 'https://386cdb84-3558-4940-a649-82647316ddda.resource.mailboxmigration.his.msappproxy.net/EWS/mrsproxy.svc' failed. Error details: The HTTP request was forbidden with client authentication scheme 'Negotiate'. --> The remote server returned an error: (403) Forbidden.., The HTTP request was forbidden with client authentication scheme 'Negotiate'., The remote server returned an error: (403) Forbidden.
2021.05.04 20:35:14.776 10390 [Client=UX, Page=HybridConnectorInstall, Thread=6] Test duration 00:05:16.0462889
2021.05.04 20:47:11.097 10044 [Client=UX, Thread=1] Opening C:\Users\Administrator.mydomain\AppData\Roaming\Microsoft\Exchange Hybrid Configuration\20210504_202633.log
Did you sort out?
ASKER
MAS,
I was able to get passed that particular issue and get the Hybrid Configuration Tool to complete (I think). I did receive the following message after completion:
Configure Mail Flow
HCW8103 - The certificate provided (exchange-02) does not match a verified domain inside the Office 365 tenant.
Beyond that error, I don't believe that I have things configured correctly.
exchange-01 is my old Exchange 2013 server that I would like to decommission.
exchange-02 is my new Exchange 2016 server.
With exchange-01 running:
1. On exchange-02, I open ECP – https://localhost/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2flocalhost%2fecp%2f%3fExchClientVer%3d15
2. Log in with Admin credentials and the browser opens Exchange Admin Center
3. Under Servers / Virtual Directories, there is two entries for every name (Autodiscover, ecp, ews, mapi, etc.). One entry for “exchange-01” and the other for “exchange-02.”
4. When I open up the entry for ECP (Default Website) for “Server 2013” the internal and external URL is https://mail.mydomain.com/ecp. The same is for EWS, OAB, OWA, etc.
5. When I open up the entry for ECP (Default Website) for “exchange-02” the internal URL is https://server2016.mydomain.com/ecp. There is no External URL entered. The same is for EWS, OAB, OWA, etc.
With exchange-01 powered off:
1. On exchange-02, I open ECP – https://localhost/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2flocalhost%2fecp%2f%3fExchClientVer%3d15
2. I type in my credentials and try to log in.
3. I get an HTTP 500 Internal Server Error and the page doesn’t load.
I was able to get passed that particular issue and get the Hybrid Configuration Tool to complete (I think). I did receive the following message after completion:
Configure Mail Flow
HCW8103 - The certificate provided (exchange-02) does not match a verified domain inside the Office 365 tenant.
Beyond that error, I don't believe that I have things configured correctly.
exchange-01 is my old Exchange 2013 server that I would like to decommission.
exchange-02 is my new Exchange 2016 server.
With exchange-01 running:
1. On exchange-02, I open ECP – https://localhost/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2flocalhost%2fecp%2f%3fExchClientVer%3d15
2. Log in with Admin credentials and the browser opens Exchange Admin Center
3. Under Servers / Virtual Directories, there is two entries for every name (Autodiscover, ecp, ews, mapi, etc.). One entry for “exchange-01” and the other for “exchange-02.”
4. When I open up the entry for ECP (Default Website) for “Server 2013” the internal and external URL is https://mail.mydomain.com/ecp. The same is for EWS, OAB, OWA, etc.
5. When I open up the entry for ECP (Default Website) for “exchange-02” the internal URL is https://server2016.mydomain.com/ecp. There is no External URL entered. The same is for EWS, OAB, OWA, etc.
With exchange-01 powered off:
1. On exchange-02, I open ECP – https://localhost/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2flocalhost%2fecp%2f%3fExchClientVer%3d15
2. I type in my credentials and try to log in.
3. I get an HTTP 500 Internal Server Error and the page doesn’t load.
ASKER
MAS,
I am very green when it comes to setting up an Exchange Server. Can you elaborate a bit more when you state "configure your server VDs." Do I need to do this on exchange-02? Do I need to configure them to match what is already configured for exchange-01?
I am very green when it comes to setting up an Exchange Server. Can you elaborate a bit more when you state "configure your server VDs." Do I need to do this on exchange-02? Do I need to configure them to match what is already configured for exchange-01?
-->Do I need to do this on exchange-02?
In new server.
-> Do I need to configure them to match what is already configured for exchange-01?
yes
Appreciate if you can ask the same in a new question which will help others.
In new server.
-> Do I need to configure them to match what is already configured for exchange-01?
yes
Appreciate if you can ask the same in a new question which will help others.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Split:
-- 'MAS' (https:#a43282959)
-- 'MAS' (https:#a43282952)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Split:
-- 'MAS' (https:#a43282959)
-- 'MAS' (https:#a43282952)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
ASKER
I am reading through the comments in the first link that you provided. Someone stated:
"If you don’t need any mail relay from on premises and have no need for on premises mailboxes after a migration, moving to a minimal Hybrid makes sense."
I planned on using the on-prem Exchange server to relay email from our ERP system, and possibly our Multi-Function Copiers. Do I need a Full Hybrid Configuration to do this or can I still relay email in a Minimal Hybrid setup?