지금 지원 담당자와 채팅
지원 담당자와 채팅

On Demand Migration Current - Active Directory Domain Rewrite Quick Start Guide

How does Mail Flow work with Domain Rewrite?

NOTE: Microsoft 365 Advanced Threat Protection default settings may cause issues with Domain Rewrite for inbound messages.  Please ensure that Automatic forwarding is set to On in the Outbound spam filter policy for your source or target tenant depending on the rewriting scenario you choose.

Rewrite with Express Setup Outbound Messages
  • When a user sends an email as user@source.com, the Transport Rules in the Source Tenant check whether the message is in scope for Domain Rewrite
  • At least one external recipient in To or Cc
  • Sender and/or at least one recipient in To or Cc is Domain Rewrite Enabled
  • If the message is in scope for Domain Rewrite and there are multiple internal and external recipients, the message will be bifurcated and:
    • Copy of the message sent to external recipient will be securely redirected to the Quest Rewrite Service using the Outbound Connector in the Sender Tenant.
    • Copy of the message sent to internal recipient is delivered by Exchange Online at the Source tenant with unchanged addresses.

      IMPORTANT: Messages directed to internal recipient(s) will not be processed by Quest Rewrite Service.

  • When the Domain Rewrite Service receives the message from user@source.com, it processes it by rewriting @source.com to @target.com for every user that has Domain Rewrite enabled. The addresses in
  • From, To, and Cc of the email message are rewritten for all external recipients.
  • The Domain Rewrite Service securely (via the certificate uploaded during project setup) redirects it to the Rewrite Address Domain Tenant using the Inbound Connector configured in the tenant.
  • Exchange Online at the Rewrite Address Domain Tenant sends the message to external recipients as if it was sent by user@target.com, and all addresses of message recipients in To and Cc that have Domain Rewrite enabled appear as @target.com for external recipients.

Rewrite with Express Setup Inbound Messages
  • External recipient is not aware about end user’s @source.com address and replies (or create a new email), instead the @target.com address will be used.
  • When the reply or a new mail arrives at the @target.com mail domain, the Transport Rules in the Target Tenant check whether any recipients are in scope for Domain Rewrite
  • If the message is in scope for Domain Rewrite, it is securely redirected to the Quest Rewrite Service using the Outbound Connector in the Target Tenant
  • If the message is in scope for Domain Rewrite and there are multiple internal (recipients in the source tenant) and external recipients (recipients in the @source.com tenant with Rewrite Service enabled), the message will be bifurcated and:

    NOTE: Messages directed to internal recipient(s) will not be processed by Quest Rewrite Service.

    • Copy of the message sent to external recipient (recipients in the @source.com tenant with Rewrite Service enabled) will be securely redirected to the Quest Rewrite Service using the Outbound Connector in the Source Tenant.
    • Copy of the message sent to internal recipient is delivered by Exchange Online at the source tenant with unchanged addresses.
  • When the Quest Rewrite Service receives the message addressed to user@target.com, it processes it by rewriting @target.com back to @source.com for every user that has Domain Rewrite enabled
  • The Quest Rewrite Service signs the message and securely (via the certificate uploaded during project setup) sends to the Source Tenant using the Inbound Connector
  • Source recipient gets the message as if it was addressed to user@source.com

Rewrite with Advance Setup Outbound Messages
  • When a user sends an email as user@source.com, the Transport Rules in the Source Tenant check whether the message is in scope for Domain Rewrite
  • At least one external recipient in To or Cc
  • Sender and/or at least one recipient in To or Cc is Domain Rewrite Enabled
  • If the message is in scope for Domain Rewrite and there are multiple internal and external recipients, the message will be bifurcated and:
    • Copy of the message sent to external recipient will be securely redirected to the Quest Rewrite Service using the Outbound Connector in the Sender Tenant.
    • Copy of the message sent to internal recipient is delivered by Exchange Online to the Source tenant with unchanged addresses.

      IMPORTANT: Messages directed to internal recipient(s) will not be processed by Quest Rewrite Service.

  • When the Domain Rewrite Service receives the message from user@source.com, it processes it by rewriting @source.com to @target.com for every user that has Domain Rewrite enabled. The addresses in
  • From, To and Cc of the email message are rewritten for all external recipients.
  • The Domain Rewrite Service a new DKIM-Signature (align with the Rewrite Address domain DKIM) to the message and securely (via the certificate uploaded during project setup) redirects it back to the Original Sender Tenant using the Inbound Connector configured in the tenant.
  • Exchange Online at the Original Sender Tenant sends the message to external recipients as if it was sent by user@target.com, and all addresses of message recipients in To and Cc that have Domain Rewrite enabled, appear as @target.com for external recipients.

Rewrite with Advance Setup Inbound Messages
  • External recipient is not aware about end user’s @source.com address and replies (or create a new email), instead the @target.com address will be used.
  • When the reply or a new mail arrives at the @target.com mail domain, the Transport Rules in the Target Tenant check whether any recipients are in scope for Domain Rewrite
  • If the message is in scope for Domain Rewrite, it is securely redirected to the Quest Rewrite Service using the Outbound Connector in the Target Tenant
  • If the message is in scope for Domain Rewrite and there are multiple internal (recipients in the source tenant) and external recipients (recipients in the @source.com tenant with Rewrite Service enabled), the message will be bifurcated and:

    NOTE: Messages directed to internal recipient(s) will not be processed by Quest Rewrite Service.

    • Copy of the message sent to external recipient (recipients in the @source.com tenant with Rewrite Service enabled) will be securely redirected to the Quest Rewrite Service using the Outbound Connector in the Source Tenant.
    • Copy of the message sent to internal recipient is delivered by Exchange Online at the source tenant with unchanged addresses.
  • When the Quest Rewrite Service receives the message addressed to user@target.com, it processes it by rewriting @target.com back to @source.com for every user that has Domain Rewrite enabled
  • The Quest Rewrite Service signs the message and securely (via the certificate uploaded during project setup) sends to the Target Tenant using the Inbound Connector
  • Exchange Online forwards the rewritten message to @source.com tenant.
  • Source recipient gets the message as if it was addressed to user@source.com

How do I install and configure Directory Sync agents?

A Directory Sync agent must be installed in every forest that is attached to a tenant used in a Domain Rewrite project.

Manage Agents in On Demand Domain Rewrite Project
  • Log in to On Demand
  • Navigate to Migration, select the project and click on Domain Rewrite.
  • Select the Domain Rewrite project previously configured.
  • Click on the Settings icon in the upper right.
  • Click the Directory Integration tab
Download and install the agent 

From this page, you can download the agent installer, check the status of your current agents, add new agents, archive old agents, and view the run history for each agent. The Registration URL and the Registration Key are displayed so that you can copy and paste them during the install of the agent.

TIP: The downloadable executable is the same for all projects, the Registration URL is unique to each On Demand region, and the Registration Key is unique to each local environment.

When installing the agent on a server that meets the On Demand requirements, you will enter the credentials of the Domain Account that has read/write access to the domain along with the Registration URL and Registration Key copied previously.

How do I install and configure Directory Sync agents?

A Directory Sync agent must be installed in every forest that is attached to a tenant used in a Domain Rewrite project.

Manage Agents in On Demand Domain Rewrite Project
  • Log in to On Demand
  • Navigate to Migration, select the project and click on Domain Rewrite.
  • Select the Domain Rewrite project previously configured.
  • Click on the Settings icon in the upper right.
  • Click the Directory Integration tab
Download and install the agent 

From this page, you can download the agent installer, check the status of your current agents, add new agents, archive old agents, and view the run history for each agent. The Registration URL and the Registration Key are displayed so that you can copy and paste them during the install of the agent.

TIP: The downloadable executable is the same for all projects, the Registration URL is unique to each On Demand region, and the Registration Key is unique to each local environment.

When installing the agent on a server that meets the On Demand requirements, you will enter the credentials of the Domain Account that has read/write access to the domain along with the Registration URL and Registration Key copied previously.

How do I uninstall an agent?

How do I uninstall an agent?  

If you need to uninstall an agent from any machine, you must first delete the registry folder located at HKEY_LOCAL_MACHINE> SOFTWARE> Quest > Agent and then uninstall.

If you need to reinstall the agent, create a new agent from the Directory Integration screen in the On Demand Domain Rewrite project, which will generate a new Registration Key.  Then you can reinstall on the same machine or on a different machine. The old agent (with the old registration key) can be archived in On Demand.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택