Thursday, September 3, 2020

Office 365 Hybrid with Exchange 2010 Setup

Couldn't find a guide that actually gives you ALL of the steps required to setup a Hybrid organization with Exchange 2010 and Office 365, so here it is. This is not super technical, just the overall steps and things not mentioned/explained in other guides. This assumes you already have created a 365 tenant and added your domains to it.


Configure Azure AD Sync

Prep work: make sure you have added your primary email domain as an alternate UPN suffix (see Active Directory Domains and Trusts) and set all of your users UPNs to match their primary email addresses. This is not required but makes it cleaner


Next you need to synchronize your Active Directory to Office 365. Install the Azure AD Sync tool, and check the boxes for Password hash synchronization and Exchange hybrid deployment. You can check other boxes if you know what you're doing, otherwise best not to.


Important note: If you want to set this up with a group or OU based filtering, that's fine for testing. But be aware, any user NOT synced into 365 will be unroutable for sending email from 365 back to on-prem. So you really need to sync everyone.



Run the Hybrid Wizard

Grab it from https://aka.ms/HybridWizard or by logging into the 365 admin console, opening Exchange, and going to Hybrid. You should run this from an Exchange 2010 server.


When going through the settings, the defaults are typically going to be correct. If you need to adjust anything, go for it. The wizard will automatically create connectors for you and set up various things



Do the extra tasks they don't tell you about

  1. In the 365 Exchange Admin Console (EAC), navigate to Mail Flow > Accepted Domains and set your email domains to Internal relay. This is what allows 365 to route mail back to your on-premise environment
  2. If you haven't already, set your Azure AD Sync to push all of your Exchange users into Azure AD. You can verify this by going to Recipients > Contacts in the EAC, and you should see them all in there as type Mail user. If they are not, then stop and fix that. Again, this is for any user in Exchange, not just the ones you want to migrate.
  3. If you have assigned any licenses to users which grant Exchange access, you need to disable that or remove it. Users cannot be licensed for Exchange and also be migrated.


Migrate

At this point you can go to Recipients > migration and start a batch. Use the Remote move migration option and select whoever you want to migrate. I suggest just letting them auto-complete, but you can manually complete them if you wish. This takes a while. Once it's done, they may get a message in Outlook asking them to restart, however as long as they're on a newer client it should auto-reconfigure for 365 and you're done.

at No comments:
Subscribe to: Posts (Atom)