Sunday, August 25, 2013

Exchange 2003 - Exchange Online Co-Existence



A customer recently asked me how do we enable co - existence between Exchange 2003 and Exchange Online wave 15. The upgrade path from 2003 to 2013 on premise or Exchange online can take a few too may steps. So as per my previous blog posting , I have chosen Quest On Demand as my migration tool of choice for moving customers to Exchange Online.

A cut over migration using the Exchange Online native migration tools is often not practical for enterprise customers , simply because of the volume of data , amount of users , bandwidth.

So Quest on Demand comes to the rescue.
In this example I will using contoso.com as the external email domain and will not be using windows azure directory sync and will describe in sequence the steps required for co-existence.

  1. Add contoso.com to the domains section in your exchange online tenant , verify ownership of the domain and then set the domain usage to use exchange online.
  2. On the exchange 2003 server, browse to exchange system manager , expand mailboxes and then in the actions menu , export to list. This will export a list as a text file which you can then open in Excel. I normally then present this excel file to my customer and ask them to remove users that do not require migration. Once that has been done , we have our user list for migration.
  3. The next step is to bulk create exchange online external contacts. The method for creating exchange online contacts is described HERE in an Office365 Wiki Page. We will use the user list that was exported from exchange 2003 to populate the csv for external contacts. I normally create contacts for all existing mail users.
  4. We then Create an Outbound Connector for Contoso.com with the following configuration.
    Name: Contoso.com
    Connection Type: on premise
    Retain Service Headers on Transmission: True
    Connection Security: Opportunistic TLS
    Outbound Delivery: Route mail through smart host
    (add in the name of the mx record value for contoso.com)
    Domains: Contoso.com
  5. * Lets say we were migrating 50 users per evening.
  6. We would delete the external contacts for the users that we want to migrate and run the following commands in the windows azure active directory module for powershell Get-MsolUser –ReturnDeletedUsers | Remove-MsolUser –RemoveFromRecycleBin -force
  7. We would then create the users in Exchange Online via the sample user csv and populate the csv with the user details we obtained from exporting user details from exchange online.
  8. We would then set the usage location with the following command  in the windows azure active directory module for powershell
    Get-MsolUser -UnlicensedUsersOnly |Set-MsolUser -UsageLocation IE
  9. We would then assign a license to the users we created  in the windows azure active directory module for powershell.
    Get-MsolUser -UnlicensedUsersOnly | Set-MsolUserLicense -AddLicenses “Contoso”:EXCHANGESTANDARD
  10. Now we are ready to use Quest On Demand. We use the same user names that we just created to create the Quest On Demand migration text file.
  11. Quest on Demand will also allow us to set the forwarding per user. The on premise user's mailboxes will forward mail to each user@contoso.onmicrosoft.com. When email arrives at the Exchange 2003 server , if the user is an exchange online user then then mail is forwarded to the user's proxy address.
  12. Lastly add : spf.protection.outlook.com to your existing SPF record.
And that is it. 

Exchange online users can browse the global address list and send email to users and not know where the mailbox is located in Exchange online or Exchange 2003 on premise.

Exchange 2003 users can browse their global address list and send email to users and not know where the mailbox is located in Exchange online or Exchange 2003 on premise.

Note:
When an Exchange 2003 mailbox has been migrated to Exchange online the user must have a minimum Outlook client version of Office 2007 SP3 should they wish to use a full Outlook client.