To analyze and prepare your on-premises environment for an Office 365 deployment, use the Microsoft Office 365 Deployment Readiness Tool in accordance with the Microsoft Office 365 Deployment Guide.
To get the Microsoft Office 365 Deployment Guide for Enterprises, go to http://community.office365.com/en-us/f/183/p/1541/5095.aspx. The tool can be downloaded from http://community.office365.com/en-us/f/183/p/2285/8155.aspx.
You need to add each email domain you want to migrate to Microsoft Office 365 as an accepted domain of your Microsoft Office 365 tenant. The migration service will then use the SMTP addresses of your on-premises mailboxes to create the corresponding email addresses for the new Office 365 mailboxes.
For information on adding company domains to Microsoft Office 365, read Adding domains and users to Office 365 article.
You need to create at least four separate administrative accounts which will be used during migration for one of the following tasks:
| Task | Requirement | More Info |
|---|---|---|
| Provisioning user accounts in Office 365 |
|
Refer to the Requirements for provisioning user accounts in Office 365 |
| Synchronizing calendars |
|
Refer to the Requirements for synchronizing mailboxes, calendars and public folders in Office 365 |
| Migrating mailboxes | ||
| Synchronizing public folders |
|
Refer to the Requirements for synchronizing mailboxes, calendars and public folders in Office 365 and to the Additional Configuration for the Public Folder Synchronization Account |
The administrative account must have the Exchange administrator, User Administrator user roles and ApplicationImpersonation and Mail Recipients roles in the Microsoft Office 365 tenant. A Microsoft Exchange Online license must be issued for this administrative account. This account must have the default UPN suffix <tenant_name>.onmicrosoft.com. To create the administrative account you should perform the following:
To grant existing account the User Administrator and Exchange Administrator user roles
Grant the account User Administrator and Exchange Administrator user roles:
Import-Module MSOnline
$cred = Get-Credential
Connect-MsolService -Credential $cred
Add-MsolRoleMember -RoleName 'User Administrator' -RoleMemberEmailAddress <User E-mail address>
Add-MsolRoleMember -RoleName 'Exchange Administrator' -RoleMemberEmailAddress <User E-mail address>
|
|
Note: The role object IDs can be used instead of the role name: Add-MsolRoleMember -RoleObjectId 'fe930be7-5e62-47db-91af-98c3a49a38b1' -RoleMemberEmailAddress <User E-mail address> Add-MsolRoleMember -RoleObjectId '29232cdf-9323-42fd-ade2-1d097af3e4de' -RoleMemberEmailAddress <User E-mail address> |
$proxy = New-PSSessionOption –ProxyAccessType IEConfig
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $cred -Authentication Basic –AllowRedirection -SessionOption $proxy
Import-PSSession $session
New-RoleGroup -Name 'QMMAD Accounts' -Roles 'ApplicationImpersonation', 'Mail Recipients' -Members <User>
Remove-PSSession $session
A Microsoft Exchange Online license must be issued to these administrative accounts. These accounts must have the default UPN suffix <tenant_name>.onmicrosoft.com. Also they must have the User Administrator, Mail Recipients and ApplicationImpersonation roles in the Microsoft Office 365 tenant. There are two options how to grant the required roles:
|
|
Note: For speeding up migration performance, you will need to use multiple administrative accounts for calendar synchronization and mailbox migration. Using the script allows automating account creation and role assignment. |
To create administrative accounts with User Administrator user role using the CreateQSGranularPermissionAdminAccountsInMSOLModule.ps1 script
You can create the accounts via PowerShell with the minimum required permissions acceptable.
To download CreateQSGranularPermissionAdminAccountsInMSOLModule.ps1 script and see step-by step usage instructions refer to Migration Manager for Exchange Knowledge Base article: https://support.quest.com/migration-manager-for-exchange/kb/255600/how-to-create-o365-service-accounts-with-required-permissions.
|
Caution: The user account that you specify for the Create-QSGranularPermissionAdminAccountsInMSOL cmdlet must have the Global Administrator role in Microsoft Office 365. |
The administrative accounts specified in .CSV file will be created in Microsoft Office 365 and granted the User Administrator, Mail Recipients, and ApplicationImpersonation user roles.
For the account you are going to use for public folder synchronization by legacy Exchange agents, the following steps are also required:
Create a new PowerShell session with Office 365:
$cred = Get-Credential
$proxy = New-PSSessionOption
$session = New-PSSession
Import-PsSession $session
Add the necessary account and assign it the Owner role. Select the Apply changes to this public folder and all its subfolders option and save your changes.
|
|
Caution: At this time, the account you specify in the properties of your Office 365 target organization is used for public folder synchronization. By default, this account registers Microsoft Office 365 as the migration destination. |
For the account you are going to use for public folder synchronization by MAgE refer to Public Folder Synchronization (MAgE) document.
Refer to the Public Folder Synchronization (MAgE) Reference Guide for instructions on how to perform public folder synchronization with the enhanced Migration Agent for Exchange (MAgE).
© ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center
