On Demand Migration provides the “Domain Rewrite” or Email Rewrite (ERS) functionality. This powerful feature allow end users to communicate from a common email domain from Day One—on both inbound and outbound mail—so you present as a unified, cohesive brand. And, you get all of this without downtime — so you won’t have critical gaps in communication.
This step-by-step guide walks through how to configure On Demand Migration Domain Rewrite service between two Microsoft 365 tenants.
This guide covers the following topics:
Domain Rewrite project requirements
Configuring an On Demand Migration Domain Rewrite Project
Enabling the Rewrite
Email Rewrite validation
Disabling the Rewrite
Frequently Asked Questions
Client is licensed for On Demand Migration Domain Rewrite
Azure AD Application Account
An account with Global Administrator Role is required for each Microsoft 365 tenant to grant permissions and establish connection when adding a Cloud Environment.
Azure AD PowerShell Accounts
Three (3) PowerShell accounts are automatically created to read and update objects in the cloud. To do this an OAuth token is used from the account used to add the Cloud Environment.
These PowerShell accounts do not require any Microsoft 365 licenses.
One dedicated server for each On-Premise Active Directory to install the Directory Sync agent
Permissions to download and install Directory Sync agent
Local Active Directory Account
Agent installer will prompt for a domain account with permission to read and write on-premises Active Directory.
The local agent must meet the following minimum hardware requirements:
At least one (1) Windows Server 2012 R2, 2016 or 2019
Additional Windows servers may be deployed; limit of 5.
CPU: 4 Cores
Memory: 4GB Free
Disk: 40GB Free Disk Space excluding Operating System.
Important Tip: Do not install local agents on AD domain controllers in a production environment.
The local agent must meet the following minimum software requirements:
Windows Server 2012 R2, 2016 or 2019
.NET 4.7.2. NOTE: .NET will automatically be installed if needed.
TLS 1.2 or higher
2012 R2 or 2016
Directory Sync web interface use TCP port 443 (HTTPS).
Agent web connections use port 443 to Directory Sync host application.
DCs use TCP ports 139, 389 (UDP), 445, and 3268.
This topic describes how to set up the On Demand Migration Domain Rewrite Project.