On Demand Migration Current - Active Directory Domain Move Quick Start Guide

Start the Domain Cutover (Step 1) Enable Email Relay (Step 2) Redirect MX (Step 3) Move Domain (Step 4) Restore MX (Step 5) Complete (Step 6) Validating the Result

Frequently Asked Questions

Can I use a wild card certificate for Advanced Email Relay Service? I am receiving an error during the remove addresses step related to duplicated addresses. How can I locate the duplicate accounts? The remove address step cannot continue because my hybrid objects in the cloud are still associated with my domain, what should I do? Can I remove Global Administrator from my account after creating my project? My company security policy does not allow the global administrator role to be assigned the account, can I still move my domain? Will my end-users have to update or recreate their target Outlook Profiles when their Primary Email address is updated during a domain move? I am using the Basic Mode Email Relay Service for my domain move project. What is the best method to hold the email during the domain move and resume the delivery after the domain is moved?

About us

Setup

This topic describes how to set up the On Demand Migration Domain Move Project, how to deploy the Directory Sync Agent and how to configure the Directory Sync Integration.

On Demand Project

This section explains how to add a Microsoft 365 tenant and configure a Migration project using On Demand Migration. During project setup an Office 365 Global Administrator account is initially required to add each tenant to the project.

How to add a Microsoft 365 tenant

Follow these steps to add each Microsoft 365 tenant for On Demand Migration. If there is an existing tenant from another project, it can be reused.

Log in to On Demand
Navigate to Tenants
Choose the Add Tenant button
On Demand supports both Commercial and GCC High tenants, for the purpose of this guide, select Commerical Tenant, and choose Add Commerical or GCC Tenant and choose OK.
Log in to Office 365 with a Global Administrator account for the source tenant.
Accept the requested Application Permissions
Choose Finish
Repeat steps 2 – 8 for the target tenant

Setting up the Domain Move Project

Follow these steps to setup the Domain Move Project.

Log in to On Demand
Navigate to Migration
Select an existing migration project
Click on Domain Move from the Project Dashboard
Once the On Demand Migration Active Directory module is loaded, click on the Domain Move icon in the main dash view.
Click the New Project button and bring up the project setup wizard
Provide a name and description for the project and click Next
Click on the New button to create a new environment or choose any existing environments from the list. Click Next once you have at least two environments selected.
Choose the source and target environments from the dropdown menu and click Next.
Configure the domain mapping for your project and click Next.

Lightbulb Important Tip: Domain Mapping will be used to match objects and allows On Demand Migration Active Directory to add the source domain to all matched target objects during the domain move.

Configure the attributes to use to match users and groups. Once complete, click Next

Lightbulb Important Tip: Multiple attributes can be selected and On Demand Migration will evaluate each one until it finds a matching source and target object. If more than one attribute is selected, the first attribute that matches is used.

Copy the Directory Sync agent Registration URL and Registration Key and click Next. NOTE: this information can be obtained again after the project is configured.
On Demand Migration for Active Directory offers two email relay service modes. For the purpose of this guide, select Advanced Mode and click Next.
Upload a SSL Certificate for each environment. On Demand Migration for Active Directory will ensure mail delivered during a domain move is always encrypted, secure and private by using this SSL Certificate. Click Next once the certificates are uploaded.

Lightbulb Important Tip: A single subject certificate with both private and public key must be used.

Review the project configuration settings and click Next
Enter an email address and click on Start Discovery to finish the project setup

Configure Directory Sync Agents

This section provides a step-by-step guide on how to deploy and configure the Directory Sync Agents.

Log in to On Demand
Navigate to Migration, select the project and click on Domain Move.
Select the Domain Move project previously configured.
Click on Directory Integration link via the hamburger menu.
Download the Directory Sync Agent.
Copy the agent file to a dedicated directory sync server for the source tenant and run the installer.
Click Next when the installer loads.
Accept the License agreement, Click Next.
Enter the domain, GC, and credential for the service account, click Next.
Enter the Registration URL and Registration Key for the agent associated with the source tenant, click Next.
Select Run as System Account option, click Next.
Skip the SID History Migration setting and Click Next.
Allow the agent to be installed and close the installer.
Repeat Steps 1-13 for the target tenant Directory Sync agent.

Configure Directory Integration

This section provides a step-by-step guide on how to deploy and configure the Directory Integration for Domain Move Project.

Log in to On Demand.
Navigate to Migration, select the project and click on Domain Move.
Select the Domain Move project previously configured.
Click on Directory Integration link via the hamburger menu.
Click Choose OUs to finish the On-Prem Active Directory integration.
In the pop-up window, click the Select OU button and choose an OU for the Users and Contacts in the target Active Directory. Click Next and choose the OU for the source Active Directory. Click Finish to close the pop-up window.

Lightbulb Important Tip: Domain Move projects will not create any objects in the source or target Active Directory; it simply requires this OU information to complete the project setup. We plan to make this step optional in a future release.

Validating Object Matches

This section provides a step-by-step guide on how to validate object matching.

Log in to On Demand
Navigate to Migration, select the project and click on Domain Move.
Select the Domain Move project previously configured.
From the Domain Move Project dashboard, verify the Users, Groups and Domain Matching information:
Click on the total users link to see all Users, then click on Filter and select the Matched checkbox.
Validate that the users are correctly matched, as shown below.
Repeat step 10 - 12 for Groups.

If the Domain Move project is unable to automatically match the users by attributes, you can upload a user list to be used as a mapping file. This process will only update the users found in the file and will not impact any other users in your project.

Uploading a CSV for User Matching

Click Update to open the CSV upload wizard.
Click Download Example List.
Use this example file to build your mapping list.
1. Populate the Source UPN and Target UPN columns with the desired mappings.
2. You can leave the Wave column blank.
3. The mapping list can contain a maximum of 1000 lines. You can create multiple mapping files and rerun the wizard to upload additional mappings.
4. After building your list, save as a CSV file.
Click Select File.
Locate the CSV file and click Next.
If there are errors within the file, click Fix Errors Now to review the errors.
1. Download the CSV file of users with errors.
2. Examine the file and fix any errors found.
3. Re-upload the modified file.
4. If errors are still found, you can repeat this process as necessary.
5. You can also click Proceed As Is to ignore the accounts with errors and map the remaining users.
If there are no errors within the file, the upload is complete.
Validate that the users are correctly matched.

Moving a Domain

This section explains how to move a domain between two Microsoft tenants using On Demand Migration.

Start the Domain Cutover (Step 1)

Log in to On Demand
Navigate to Migration, select the project and click on Domain Move.
Select the Domain Move project previously configured.
Select the Domain from the Domain Cutover Dashboard and click on Start Cutover.
Review the Before You Begin Guide in the pop-up window, and once finished click Start.
Review the Warning messages regarding unmatched objects and Click Next.
Select a replacement domain from the dropdown menu and then choose As Primary Address from the list of options below and click Next.

As Primary Address – Domain will be added as the primary email address and will replace the existing primary email address for matched objects.
As Secondary Address only – Domain will be added as a secondary email address for matched objects
Do not update – Domain will not be added for matched objects

Important Tip: This Target Address setting cannot be changed once the Domain Move begins.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.