Complex Acquisition with a Hybrid
The goal of this migration is to merge objects from the source environment with dedicated Exchange forest into the target hybrid environment. This also entails a change of domain name for the objects that are migrated. The primary SMTP addresses for the objects from source environment are to be changed to match the target ones.
The typical use case for this scenario is when one company buys another, and the newly-acquired company needs to merge in its directory and mail system.
Migration Manager provides an ability to migrate users' mailboxes from the acquired company directly to Microsoft Office 365 without the need to firstly migrate them to on-premises Exchange organization.
Prerequisites
- The source environment uses a separate Exchange resource domain in addition to an account domain.
- The target environment is an Exchange hybrid deployment.
Procedure
Pre-migration task: Establish Mail Flow to Source Exchange Organization
- On-Premises Directory Migration: Synchronizing Users
- On-Premises Directory Migration: Migrating Passwords
- On-Premises Mailbox Migration
- Cloud Directory Migration
- User Matching
- Cloud Mailbox Migration
Establish Mail Flow to Source Exchange Organization
Since additional domains (for instance, source.local) will be used for mail redirection purposes, the corresponding Exchange connectors should be set up to establish proper mail flow.
Mail redirection from target to source on-premises organization
In order to enable mail redirection from the target to the source on-premises organization using @source.local namespace, add a new send connector on the target on-premises Exchange server with the following settings:
Mail redirection from Microsoft Office 365 to source organization
Enabling mail redirection from Microsoft Office 365 to the source organization depends on the domain suffix that will be used for the cloud-related mail redirection purposes. If the domain name is publicly available (MX records are registered in public DNS and point to source Exchange server) no additional connectors are required.
In case the domain suffix is not publicly available, the corresponding connector in Microsoft Office 365 should be created to relay mail to the on-premises target Exchange server which, in its turn, should relay mail to the source Exchange server.
On-Premises Directory Migration
On-Premises directory migration consists of two major steps:
- Synchronizing Users
- Migrating Passwords
Synchronizing Users
Migrate users from the source resource domain to the target Active Directory domain (the one that is synchronized with Microsoft Office 365).
What will you achieve
- Mail-enabled users that have the targetAddress attribute pointing to source mailboxes will be created.
- Mail sent to newly created mail-enabled users using on-premises Global Access List (GAL) will be delivered to the corresponding source mailboxes
How do you do that
Configure directory synchronization from the source resource domain to the target Active Directory domain so that the target GAL is populated with the objects from the source domain.
For that, take the following steps:
- Open Migration Manager for Active Directory Console.
|
Note: Ensure that the current open project is not the one that is intended for migration to Microsoft Office 365. |
- Install a new Directory Synchronization Agent instance if none installed already. For details, see the Agent Manager topic of the Migration Manager for Active Directory User Guide.
- Create a domain pair of the source resource domain and the target Active Directory domain. For information on how to do that, see the Domain Pairs section in the Migration Manager for Active Directory User Guide.
- Configure a new synchronization job for the domain pair according to the Configuring the Synchronization Job topic of the Migration Manager for Active Directory User Guide. Set the following specific options for the synchronization job:
- The Synchronize passwords option must be cleared.
- Under User Principal Name handling, set the domain suffix of the UPNs to the appropriate domain matching federated domain used in hybrid.
- Select Use custom add-in and specify add-in located at <Migration Manager installation folder>\Active Directory\CopyTargetAddress.xml.
- Click Attributes to Skip and select to skip all attributes that should not be migrated from resource domain to avoid overwriting attributes during migration.
- Specify Exchange Options:
- Select the Mail-enabled users option
- Specify the target SMTP address template (e.g. target.local)
- Specify the source SMTP address template (e.g. source.local)
|
Note: Since the source.local redirection domain will be also used in Microsoft Office 365, it should be publicly available, or the corresponding connectors should be created in Microsoft Office 365 to establish mail flow. |
- Start the configured directory synchronization job as described in Starting and Stopping Directory Synchronization topic of the Migration Manager for Active Directory User Guide, and wait until initial synchronization completes.
How do you verify that step worked
- Create a test mailbox in the target on-premises organization.
- Using GAL, send a test message to any mail-enabled user created by Directory Synchronization Agent (DSA).
- Open the source user's mailbox and check that the message is delivered successfully.
- Reply that message and ensure that it arrived to the target mailbox.
- Repeat the above steps using any mailbox outside your organization to check that original and reply messages are delivered successfully.
Additional information
For details, see the following topics in the Migration Manager for Active Directory User Guide:
- Pre-Migration Activities
- Directory Synchronization
Migrating Passwords
Migrate passwords for the users from the source account domain to the target Active Directory domain.
What will you achieve
Users will be able to log on to the target on-premises domain with their source account passwords.
How do you do that
Configure a new migration session from the account domain to target Active Directory domain so that users' passwords become in sync.
For that, take the following steps:
- In Migration Manager for Active Directory select service attributes different from ones used in user synchronization for the domain pair that consists of the source account domain and the target Active Directory domain. For information on how to do that, see the Domain Pairs section in the Migration Manager for Active Directory User Guide.
- Create a new migration session according to the Creating a Migration Session topic of the Migration Manager for Active Directory User Guide. Set the following specific options for the migration session:
- Select Source Objects: Click Import and provide a plain-text file that contains pairs of distinguishedName attributes from the source account domain and the corresponding mail attributes from the target on-premises domain for each user, one per line.
- Set Security Settings:
- Under User Principal Name handling, set the domain suffix of the UPNs to the appropriate domain matching federated domain used in hybrid.
- Set Password handling to Copy account password so that source account password will be copied to the target Active Directory domain. That is required to enable access to Microsoft Office 365 with the same password through SSO.
- Select the Enable target accounts option so that migrated accounts will be able to access target Active Directory domain as well as Microsoft Office 365 with the same password through SSO.
- Click Attributes to Skip and select to skip displayName attribute as well as other attributes that should not be migrated from account domain to avoid overwriting attributes during migration.
3 Complete the wizard to start the migration session.
How do you verify that step worked
Once migration session completes, log on to any migrated user account using the same password as the user has in the source organization.
Additional information
For details, see the following topics in the Migration Manager for Active Directory User Guide:
- Pre-Migration Activities
- Account Migration
On-Premises Mailbox Migration
If you need to migrate some of mailboxes to the on-premises part of the target hybrid, you can do that now. For detailed information on how to do that, refer to Migration Manager for Exchange User Guide.
|
Note: Before performing on-premises mailbox migration in Migration Manager for Exchange console, ensure that the current open project is not the one that is intended for migration to Microsoft Office 365. |