In this chapter:
- Account and User Data Migration Workspace
- What We Migrate
- Preparation
- Migration
- Post-migration
About On Demand Migration
Working with On Demand Migration
Tenants
Consents and Permissions
Throttling
Desktop Update Agent
Test and Pilot Migrations
Project Management
Project Dashboard
Reports
Working with Lists
Searching
Filtering
Templates
Task Management
Event Management
Account Migration
What We Migrate
Accounts and User Data Migration Workspace
Configuring Connections
Discovering Accounts
Exporting Accounts
Removing Accounts
Managing Accounts with Collections
Matching and Mapping Accounts
Collecting Statistics
Assessment
Migrating Accounts
Migrating Group Membership
Domain Coexistence
Mailbox Migration
Address Rewrite Service
Address Rewrite Service Considerations
Address Rewriting Scenarios
Provisioning the Address Rewrite Service
Selecting Mailboxes for Address Rewriting
Configuring SPF Record
Activating Address Rewriting
Deactivating Address Rewriting for Individual Mailboxes
Deactivating Address Rewriting
Calendar Sharing
What We Migrate
Mailboxes List View
Collecting Statistics
Assessment
Migrating Mailboxes
Migrating Meeting Links
Mail Forwarding
Switching Applications in a Domain Move Scenario
OneDrive Migration
What We Migrate
Prerequisites
Dashboard
OneDrive List View
Collecting Statistics
Migrating OneDrive
Assessment
Microsoft Teams Migration
What We Migrate
Prerequisites
Teams Migration Workspace
Discovering Teams and Groups
Discovering Teams
Managing Teams with Collections
Exporting Teams
Provisioning Teams
Mapping Teams
Removing Teams
Collecting Statistics
Premigration Assessment for Teams
Migrating Teams
Remigration
Renaming and Mapping Teams and Groups
Discovering Chats
Managing Chats with Collections
Migrating Chats
Microsoft 365 Groups Migration
What We Migrate
Prerequisites
Discovering Groups
Discovering Teams and Groups
Managing Groups with Collections
Exporting Groups
Provisioning Groups
Removing Groups
Collecting Statistics
Migrating Groups
Renaming and Mapping Teams and Groups
SharePoint Migration
What We Migrate
Limitations
Considerations
Prerequisites
SharePoint Migration Workspace
Configuring the Project
Discovering Term Store
Mapping Geo Located Term Stores
Discovering Sites
Mapping Geo Located Sites
Mapping Sites
Matching Sites
Collecting Statistics
Managing Sites with Collections
Discovering Site Contents
Mapping Webs
Mapping Lists
Migrating Term Stores
Migrating SharePoint Content
Migrating Permissions
Reviewing Migration Results
Exporting Site Collection Mapping
Removing Sites from the Migration Project
Public Folders Migration
What We Migrate
Public Folders Migration Workspace
Prerequisites
Discovering Public Folders
Removing Public Folders from the Migration Project
Provisioning Public Folders
Mapping Public Folders
Collecting Statistics
Migrating Public Folders
Power BI Migration
What We Migrate
Prerequisites and Limitations
Power BI Migration Workspace
Configuring the Project
Connecting to Power BI
Discovering Power BI Content
Collecting Statistics
Managing Power BI objects with Collections
Creating and Assigning Connection Profiles
Refreshing Permissions
Mapping Workspaces
Matching and Mapping Gateways
Provisioning Workspaces
Migrating Connections
Migrating Workspaces
Troubleshooting
Finalizing the Migration
Appendix A: Using PowerShell
Appendix B: How Queuing Works
Account Migration
What We Migrate
The On Demand Migration service for Accounts migration support for the listed attributes of user account types is indicated in the table below:
| Attribute | Non Mail Enabled User | Mail Enabled User | Mailbox Enabled User | Notes |
|---|---|---|---|---|
| AccountStatus | ✔ | ✔ | ✔ | |
| Alias | ✖ | ✔ | ✔ | |
| City | ✔ | ✔ | ✔ | |
| Country | ✔ | ✔ | ✔ | |
| Department | ✔ | ✔ | ✔ | |
| DisplayName | ✔ | ✔ | ✔ | |
| ExternalEmailAddress | ✔ | ✔ | ✔ | |
| Fax | ✔ | ✔ | ✔ | |
| HomePhone | ✔ | ✔ | ✔ | includes Business Phone and Mobile Phone. |
| LastName | ✔ | ✔ | ✔ | |
| MailNickname | ✔ | ✔ | ✔ | |
| Name | ✔ | ✔ | ✔ | |
| PhysicalDeliveryOfficeName | ✔ | ✔ | ✔ | |
| PostalCode | ✔ | ✔ | ✔ | |
| PreferredDataLocation | ✔ | ✔ | ✔ | |
| RecipientTypeDetails | ✔ | ✔ | ✔ | |
| StateOrProvince | ✔ | ✔ | ✔ | |
| StreetAddress | ✔ | ✔ | ✔ | |
| TelephoneNumber | ✔ | ✔ | ✔ | |
| UserPrincipalName | ✔ | ✔ | ✔ | |
| Visibility | ✔ | ✔ | ✔ | |
| UsageLocation | ✔ | ✔ | ✔ |
The On Demand Migration service for Accounts migrates discovered user accounts and the following types of discovered groups:
- Microsoft 365 Groups
- ownership (for accounts that have a pair on the target tenant )
- membership (for accounts that have a pair on the target tenant )
- email address for migrated Microsoft 365 Groups will be created in default target domain. See Microsoft Teams Migration for details on how to migrate Microsoft 365 Groups associated with Teams.
- Security groups
- ownership (for accounts that have a pair on the target tenant )
- membership (for accounts that have a pair on the target tenant )
- Mail-enabled security groups
- ownership (for accounts that have a pair on the target tenant )
- membership (for accounts that have a pair on the target tenant )
- membership approval
- delivery management
- message approval
- MailTip
- group delegation
- visibility in GAL
- Distribution lists
- ownership (for accounts that have a pair on the target tenant )
- membership ( for accounts that have a pair on the target tenant )
- membership approval
- delivery management
- message approval
- MailTip
- group delegation
- SendAs and SendOnBehalf group delegates
- visibility in GAL
Migrating distribution lists with group delegations
On Demand migrates distribution lists with group delegations like SendAs and SendOnBehalf, including scenarios where the distribution list in the target exists or does not exist, or exists and does or does not have group delegations. When the distribution list with group delegations exists in the target then only newly added group delegations are migrated, and group delegations are ignored if anything is deleted at the source. Existing SendAs and SendOnBehalf group delegations on the target, either preexisting before On Demand migration or migrated by On Demand will be left intact and merged with the one migrated from the source.
Delegated accounts are migrated as follows:
| Mail User | Mail Box | Mail Enabled Security Group | Distribution List | |
|---|---|---|---|---|
| SendAs | Y | Y | Y | |
| SendOnBehalf | Y | Y | Y | Y |
|
|
NOTE: Microsoft does not support the following delegated account types so they do not apply to the migration.
|
|
|
NOTE: The temporary Migration Service account of the target tenant will be added as an owner to all target mail-enabled security groups, distribution groups and Microsoft 365 Groups. |
Accounts and User Data Migration Workspace
In this topic:
|
|
NOTE: The Accounts and User Data migration workspace is common for the Accounts, Mailbox and OneDrive migration services, and the Desktop Agents. |
Dashboard
The components of the dashboard are as described below:
Notification panel - presents relevant information and shortcuts to migration activities.
Dashboard Menu - contains the following links to common activities in the migration process.
- Configure connections - You can configure granular permissions for the source and target tenants in addition to advanced configurations such as concurrent PowerShell connections and custom EWS URL specification. For more information see Configuring Connections.
- Discover accounts - Starts the New Account Discovery Task wizard to collect information about accounts in the source tenant. For more information see Discovering Accounts.
- Enable calendar sharing - Starts the New Calendar Sharing Task wizard to allow users to retrieve calendar availability information after migration. For more information see Calendar Sharing.
- Browse accounts - Opens the Accounts List view where you can search and filter for accounts, and manage all the account migration activities. For more information see
- Download agent - Allows you to download a lightweight user desktop application (update agent) for users workstations that is needed to complete a migration project.
Dashboard Tiles
- Getting Started - Presents quick start links to the various actions for preparing and migrating accounts.
- Accounts - Presents a summary of the accounts in various migration states. Click Show All to open the Accounts List view to inspect the accounts.
- Mailboxes - Presents a summary of the mailboxes in various migration states. Click Show All to open the Mailboxes List view to inspect the mailboxes.
- OneDrive - Presents a summary of users with OneDrive in various migration states. Click Show All to open the OneDrive List view to inspect the OneDrive information.
- Tasks - Displays the five most recent tasks that were completed in the Accounts and User Data migration workspace. The title displays the total number of tasks. Click Show All to open the Tasks List view.
- Events - Displays the five most recent events that were completed in the Accounts and User Data migration workspace. The title displays the total number of events. Click Show All to open the Events List view .
Accounts List View
The Accounts List View is comprised of the following components:
Notification panel - presents relevant information and shortcuts to migration activities.
Filter panel - consists of predefined filters for the Accounts List view and tabs to switch between the Accounts List view and the Assessment view. See Filtering for more information about working with filters. The predefined filters are:
- Account State - returns a list of Accounts by specific state values. See Account State column description in the List View below for a list of values.
- Matching - returns a list of Accounts by source accounts that are matched with a target account. Valid values are Any, Matched and Not matched.
- Source Type and Target Type - search by specific account types as defined in Active Directory.
- Any
- User accounts like Guest, Mailbox-enabled, Mail-enabled and Non-mail-enabled.
- Resource mailboxes like Equipment, Room, Scheduled and Shared.
- Groups like Distribution, Mail-enabled-security, Microsoft 365 Group - Dynamic, Microsoft 365 - Assigned, Security - Dynamic, Security - Assigned, Teams - Dynamic and Teams - Assigned.
- Environment - returns a list of Accounts by location of the Active Directory with which the account is synchronized. Valid values are Synced with Active Directory (synchronized with on-premise Active Directory) and In Cloud (synchronized with Azure Active Directory). This filter corresponds to the Sync Status column in the Accounts list.
- ODM Licensed - returns a list of Accounts by license utilization. Valid values are Yes, No, Not required.
List View Actions Menu - contains links to account migration activities and the search box. Each action is explained in greater detail in subsequent topics. See Searching for more information about working with the search box.
List View Columns - displays information about accounts in the source tenant and the migration status of each account. Some columns are hidden by default. Use Edit Columns to show or hide columns in the list. The columns are as described below:
|
|
NOTE: If you don't see the Sync Status or object description in the Type column, rerun the account discovery task as indicated in the Notification panel. |
- Sync Status - indicates whether the account is synchronized with the on-premise Active Directory or Azure Active Directory. The tool tip displays the status value.
- Name - name of the account
- Source Type - account type defined in Microsoft Active Directory for the source tenant. The account type can be one of the following:
- Any
- User accounts like Guest, Mailbox-enabled, Mail-enabled and Non-mail-enabled.
- Resource mailboxes like Equipment, Room, Scheduled and Shared.
- Groups like Distribution, Mail-enabled-security, Microsoft 365 Group, Security Group, Teams.
- Target Type - account type defined in Microsoft Active Directory for the target tenant. The account type can be one of the following:
- Any
- User accounts like Guest, Mailbox-enabled, Mail-enabled and Non-mail-enabled.
- Resource mailboxes like Equipment, Room, Scheduled and Shared.
- Groups like Distribution, Mail-enabled-security, Microsoft 365 Group, Security Group, Teams.
- ODM Licensed - indicates whether or not an On Demand Migration license has been consumed when the migration task is started. Values are Yes, No, Not required.
- Status - status of the most recent task that was run for this account. Valid values are New, Stopped, In Progress, Failed and Completed. The Status column displays a progress bar that tracks the update for each account when the Matching and Migration tasks are running.
- Account State - tracks the state of the account from discovery to migration from source to target tenant. The column values are as follows:
Column Value Description Discovered Account has been discovered in the source tenant. Match failed Account matching failed Matched Account has been successfully matched. Matching Account is being matched. Matching Stopped Account matching task was stopped by a user. Mapped Account mapping is complete and successful. Mapping Account mapping of this object has started. Mapping Failed Account mapping did not succeed. Mapping Stopped Account mapping task was stopped by a user. Migrated Account migration is complete and successful. Migrated with Issues Account migration completed with errors. Migrating Account migration of this object has started. Migration failed Account migration did not succeed Migration stopped Account migration canceled by the user - Source UPN - account name in the source tenant in the format of an email address based on the Internet standard RFC 822.
- Target UPN - account name in the target tenant in the format of an email address based on the Internet standard RFC 822.
- Source Mailbox - account mailbox in the source tenant.
- Target Mailbox - account mailbox in the target tenant.
- Source Group Type - group membership type in the source tenant. Valid values are Assigned or Dynamic.
- Assigned - indicates that members are manually added or removed from the group.
- Dynamic - indicates that users are added or removed dynamically once the membership rules are defined.
- Target Group Type - group membership type in the target tenant. Valid values are Assigned or Dynamic.
- Assigned - indicates that members are manually added or removed from the group.
- Dynamic - indicates that users are added or removed dynamically once the membership rules are defined.
- Title - Job title of the user account. Does not apply to group accounts.
- Department - department of the user account. Does not apply to group accounts.
- Country - country of the user account. Does not apply to group accounts.
- City - city of the user account. Does not apply to group accounts.
- Collections - indicates the most recent collection where the account is added and the number of additional collections that also contain this object.
Accounts Assessment
Contains summary reports about the discovered data to analyze your domain structure and track potential problems, misconfiguration, and risks that might adversely affect the migration. For more information see Assessment.
Account Details
When you select an account from the List View, the Account Detail pane opens. The information in the pane is described below:
- Source Email - email address of the selected account in the source tenant.
- Target Email - email address of the selected account in the target tenant.
- Source Type - account type defined in Microsoft Active Directory for the source tenant.
- Target Type - account type defined in Microsoft Active Directory for the target tenant.
- Status - status of the selected account. Valid values are New, In Progress, Failed and Completed.
- Account State - tracks the state of the account from discovery to migration from source to target tenant.
- Events - count of the events that occurred during account processing through one or more tasks.
- Collections - list of collections that contain the selected account.
- Tasks - list of tasks invoked for the selected account.
Configuring Connections
You can re-configure connections from the account migration Dashboard as described below.
|
|
NOTE: Multi-factor Authentication (MFA) is not supported for accounts whose credentials are entered explicitly when configuring connections for provisioning OneDrive on the target tenant. |
To configure connections for source and target tenants:
- Log in to Quest On Demand and choose an organization if you have set up multiple organizations.
- From the navigation pane, click Migration to open the My Projects list.
- Create a new project or open an existing project.
- Click Accounts. The Accounts and User Data migration workspace opens.. Then click Dashboard.
- Click Configure Connections from the Dashboard menu.
- From the Configure Connection wizard select the source or target tenant that you want to configure. Then click Edit.
- Configure the settings as described below:
- Specify the credentials of a user with the Global Administrator or SharePoint Administrator role (for target tenant only) - enter the credentials of a user account that has the Global Administrator or SharePoint Administrator role to activate the ability to provision OneDrive accounts in the target tenant.
- Specify the UserPrincipalName of an active user account - The account does not need any permissions. It cannot be an external or guest account, and must not be deactivated or deleted. The UserPrincipalName should not have any special characters. Allowed characters are (a to z, A to Z, 0 to 9, ._-@). This account is required for the following operations.
- Accounts (Discovery, Matching, Migration, Collect Statistics)
- Mail (X500, Permissions, Forwarding, Collect Statistics, Auto Replies, Calendar Sharing, Litigation Hold, Enable Archive)
- Custom EWS URL - specify custom EWS endpoint for connecting to Exchange Web Services (EWS), if you do not want to use EWS endpoint located by the Auto-discover service automatically.
- Specify the credentials of a user with the Global Administrator or SharePoint Administrator role (for target tenant only) - enter the credentials of a user account that has the Global Administrator or SharePoint Administrator role to activate the ability to provision OneDrive accounts in the target tenant.
- Click Save to commit your changes.
- When both source and target connections are configured, click Finish.
