View
936
Download
4
Category
Tags:
Preview:
Citation preview
OFC312
Introduction
Are you ready to make the move
Identity
Email migrations
IMAP migrations
Exchange cutover and staged migrations
Exchange Hybrid
Microsoft Cloud Principles
Service Descriptions and Updates
http://technet.microsoft.com/en-us/library/jj819284.aspx
http://office.microsoft.com/en-nz/products/office-365-roadmap-FX104343353.aspx
http://technet.microsoft.com/en-us/library/office-365-system-requirements.aspx
http://blogs.office.com
http://deploy.office.com/
Network Requirements
http://technet.microsoft.com/en-us/library/jj688118.aspx
http://www.microsoft.com/en-us/download/details.aspx?id=19011
http://gallery.technet.microsoft.com/office/Exchange-Client-Network-8af1bf00
http://technet.microsoft.com/en-us/library/cc262952(v=office.12).aspx
http://onlinehelp.microsoft.com/en-us/office365-enterprises/hh416761.aspx
Connecting to Office 365
http://onlinehelp.microsoft.com/en-us/office365-enterprises/hh373144.aspx
http://technet.microsoft.com/en-us/exchangelabshelp/gg263350
http://go.microsoft.com/fwlink/?linkid=236301
http://office.microsoft.com/en-au/business/office-365-trust-center-cloud-computing-security-FX103030390.aspx
Office 365
http://www.microsoftvirtualacademy.com/
http://office.microsoft.com/en-au/support/office-365-administrator-resource-center-FX103995410.aspx
https://www.microsoft.com/learning/en-au/office365-training.aspx
http://ignite.office.com
http://summit.office.com
Introduction
Are you ready to make the move
Identity
Email migrations
IMAP migrations
Exchange cutover and staged migrations
Exchange Hybrid
Federated IdentityCloud IdentityDirectory & Password Synchronization*
Single identity in the cloud
Suitable for small organizations with no integration to on-premises directories
Single identity
Suitable for medium and large organizations without federation*
Single federated identity and credentials
Suitable for medium and large organizations
•
•
•
•
1.
2.
3.
Technical requirements4.
5.
6.
7.
Policy requirements8.
9.
10.
11.
Existing infrastructure
Introduction
Are you ready to make the move
Identity
Email migrations
IMAP migrations
Exchange cutover and staged migrations
Exchange Hybrid
MigrationIMAP migrationSupports wide range of email platformsEmail only (no calendar, contacts, or tasks)
Cutover Exchange migration Good for fast, cutover migrationsNo Exchange upgrade required on-premises
Staged Exchange migrationNo Exchange upgrade required on-premisesIdentity federation with on-premises directory
Not just migrationHybrid deploymentManage users on-premises and onlineEnables cross-premises calendaring, smooth migration, and easy off-boarding
IMAP
migration
and 3rd
party tools
Cutover
migration
Staged
migration Hybrid
Exchange 5.5 X
Exchange 2000 X
Exchange 2003 X X X X*
Exchange 2007 X X X X
Exchange 2010 X X X
Exchange 2013 X X X
Notes/Domino X
GroupWise X
Other X
Control Deployment Type Description
User driven
New mailbox
User receives new “green field”
mailbox – i.e. user is onboarded to
without data migration.
New mailbox + Outlook PST
User receives new mailbox and either
attaches or imports PST files for
access to pre-Office 365 data.
New mailbox + connected accounts
User receives new mailbox and
configures connected accounts
via OWA.
Admin driven New mailbox + PST Import
User receives a new mailbox and
admin uses the PST Capture Tool to
import PST data into the user’s
Exchange Online mailbox.
21 | Microsoft Confidential
DEPLOYMENT
PLANMigration
solution is part
of the plan
Source
server
Exchange
IMAP
Lotus Notes
Size
Large
Medium
Small
Identity
management
On-premises
Single sign-on
On-cloud
Provisioning
DirSync
Manual/Bulk Provisioning
Automatic Provisioning
Coexistence
requirement
Simple
Rich
Migration option decision factors
21
Migration solutions
Cutover
Staged
Hybrid
small medium largeOrganizational
size in users
<1 week 2 weeks 3 weeks several monthsTime for
migration
incl. planning
none mailflow/GALSync free/busy, archive in cloudFeatures
In EAC, select
recipients | migration
Start migration
wizard
Choose migration
type and follow
prompts
Set of Migration Cmdlets
New-MigrationBatch
Start-MigrationBatch
Get-MigrationBatch
Get-MigrationStatus
Complete-Migration
Test-MigrationServerAvailability
Introduction
Are you ready to make the move
Identity
Email migrations
IMAP migrations
Exchange cutover and staged migrations
Exchange Hybrid
Migrated Mail messages
(Inbox and other folders)
Maximum of 500,000 items
Possible to exclude specific
folders from migration
(e.g. Deleted Items, Junk E-
Mail)
Not Migrated Contacts, Calendars, Tasks, etc.
Excluded folders
Folders with a forward slash
( / ) in the folder name
Messages larger than 25 MB
Works with a large number of source mail systems
Works with on-premises or hosted systems
Users can be migrated in batches
On-premises migration tool is not required
Users + mailboxes must be provisioned prior to migration
IMAP – Requirements and Limitations
On-premises migration tool is not required
Access to IMAP ports (TCP/143/993)
Users + mailboxes must be provisioned prior to migration
Bulk provisioning, CSV parser, manual, etc.
SMTP domains configured in O365 tenant
Gather user credentials or setup admin credentials
Prepare a CSV file with list of users
EmailAddress, UserName, Password
Max of 50,000 rows
Max 10 MB in size
Migration CSV file
Delta
sync
every 24
hours
Mark
migration
as
complete
Change
MX
record
Gather
IMAP
creds and
prepare
CSV
IMAP – Migration Flow
Provision
users
+
mailboxes
in O365
(license
assigned)
Wizard:
Enter
server
settings
and
upload
CSV
Initial
sync
Final
sync and
cleanup
Introduction
Are you ready to make the move
Identity
Email migrations
IMAP migrations
Exchange cutover and staged migrations
Exchange Hybrid
Migrated Mail messages and folders
Rules and categories
Calendar (normal, recurring)
Out-of-Office settings
Contacts
Tasks
Delegates and folder perms
Outlook settings (e.g. favorites)
Not Migrated Security Groups, DDLs
System mailboxes
Dumpster
Send-As Permissions
Messages larger than 25 MB
Existing Exchange environment
(Exchange 2003 or later)
Office 365
Users, contacts & groups via Outlook Anywhere (NSPI)
Mailbox data via Outlook Anywhere (MAPI)
Accounts provisioning
Passwords
Existing Exchange environment
(Exchange 2003 or 2007)
Office 365
Mailbox data via Outlook Anywhere (MAPI)
Users, contacts & groups via Outlook Anywhere (NSPI)
Office 365 Active
Directory synchronization
Accounts provisioning Migration tool relies on DirSync to do provisioning
For every on-premises mailbox to be migrated there needs
to be a MEU or Mailbox in Office 365
Passwords Target mailbox passwords must be specified for all users
Administrators can force users to change passwords
on first login
C/SEM Migration Scope
Partial migrations are not possible (folder exclusion, time range)
Mailboxes enabled for Unified Messaging cannot be migrated
Existing cached-mode files (OST files) cannot be preserved
User Experience
Wizard:
Enter
server
settings
and admin
creds Delta
sync
every 24
hours
Mark
migration
as
complete
Change
MX
record
Initial
sync
Final
sync and
cleanup
License
users
Configure
Outlook
Anywhere
Test using
ExRCA
Assign
migration
perms
CEM
provisions
users
mailboxes
DLs
Contacts
SEM
configures
AD
attribute
Cutover
Cutover is designed for small/fast migrations to Office 365
As the name sounds it’s an “all at once” move
Limited to a maximum of 1000 mailboxes total
Mailbox and address book data is synced from on-premises to Exchange Online using Outlook Anywhere (RPC over HTTPS)
Staged
Staged uses the same migration engine as cutover but in conjunction with Office 365 directory synchronization to allow you to move a few users at a time
Mailbox data is copied via Outlook Anywhere
Users/contacts and groups are synchronized via Directory Sync
Exchange 2010 and later are not supported (because hybrid-based is used instead)
Mail routing: pre-coexistence
On-premises
Messa
ge filte
ring
MX Record:
contoso.com
User Object
Mailbox-enabled
ProxyAddresses:
SMTP: John.Doe@contoso.com
ExchangeActive Directory
SEM Mail flow: on-premises to Office 365
On-premises
Messa
ge filte
ring
MX Record:
contoso.com
ExchangeActive Directory
Office 365
MX Record:
contoso.onmicrosoft.com
contoso.mail.onmicrosoft.com
Exc
han
ge O
nlin
e P
rote
ctio
n
Exchange Online Online Directory
DirSync DirSync Web
Service
Logon Enabled User
Mailbox-enabled
ProxyAddresses:
SMTP: John.Doe@contoso.com
smtp: John.Doe@contoso.onmicrosoft.com
smtp: John.Doe@contoso.mail.onmicrosoft.com
User Object
Mail-enabled (not mailbox-enabled)
ProxyAddresses:
SMTP: John.Doe@contoso.com
TargetAddresses:
SMTP: John.Doe@contoso.mail.onmicrosoft.com
SEM Mail flow: Office 365 to on-premises
On-premises
Messa
ge filte
ring
MX Record:
contoso.com
ExchangeActive Directory
Office 365
MX Record:
contoso.onmicrosoft.com
contoso.mail.onmicrosoft.com
Exc
han
ge O
nlin
e P
rote
ctio
n
Exchange Online Online Directory
DirSync DirSync Web
Service
Logon Enabled User
Mail-enabled (not mailbox-enabled)
ProxyAddresses:
SMTP: Jane.Doe@contoso.com
smtp: Jane.Doe@contoso.onmicrosoft.com
smtp: Jane.Doe@contoso.mail.onmicrosoft.com
TargetAddresses:
SMTP: Jane.Doe@contoso.com
User Object
Mailbox-enabled
ProxyAddresses:
SMTP: Jane.Doe@contoso.com
Introduction
Are you ready to make the move
Identity
Email migrations
IMAP migrations
Exchange cutover and staged migrations
Exchange Hybrid
Delegated authentication for on-premises/cloud web services
Enables free/busy, calendar sharing, message tracking & online archive
Online mailbox moves
Preserve the Outlook profile and offline folders
Leverages the Mailbox Replication Service (MRS)
Manage all of your Exchange functions, whether cloud or on-premises from the same place: Exchange Admin Center
Authenticated and encrypted mail flow between on-premises and the cloud
Preserves the internal Exchange messages headers, allowing a seamless end user experience
Support for compliance mail flow scenarios (centralized transport)
On-premises Exchange organization
Existing Exchange environment
Exchange 2007 or later
Office 365 Active
Directory synchronization
Exchange 2013
Client Access &
Mailbox server
Office 365
User, contacts, & groups via Azure AD Sync
Secure mail flow
Mailbox data via Mailbox Replication Service (MRS)
Sharing (free/busy, Mail Tips, Archive, PF, etc.)
Hybrid deployment process
Sign up for
Office 365
Register
your
domains
with Office
365
Deploy
Office 365
Directory
Sync
Install
Exchange
2013 CAS &
MBX
Servers
(Edge opt)
Publish the
CAS Server
(Assign SSL
certificate,
firewall
rules)
Run the
Hybrid
Wizard
Exchange specific deployment
tasks (deep dive on next slide)
General Office 365 deployment tasks
autodiscover.contoso.com
mail.contoso.com
E2010 or
2007 Hub
E2010 or
2007 CAS
E2010 or 2007 MBX
E2013 CAS
E2013 MBX
E2013 EDGE Exchange 2010 or 2007 Servers
Intranet site
SP3/RU10 SP3/RU10
Internet-facing site
1. PrepareInstall Exchange SP and/or updates across the ORG
Prepare AD with E2013 schema
2. Deploy Exchange 2013 serversInstall both E2013 MBX and CAS servers
Set an ExternalUrl & enable MRSProxy on the Exchange Web
Services vdir
3. Obtain and deploy CertificatesObtain and deploy certificates on E2013 CAS servers & E2010
servers
4. Publish protocols externallyCreate public DNS A records for the EWS and SMTP
endpoints
Validate using Remote Connectivity Analyzer
5. Switch autodiscover namespace to E2013 CASChange the public autodiscover DNS record to resolve to
E2013 CAS
6. Run the Hybrid Configuration Wizard
7. Move mailboxes
EWS SMTP
From an existing Exchange 2007 or 2010 environment
On-Premises Exchange
Hybrid Configuration Engine
Desired state
Inte
rn
et
Step 5
Exchange
Management
Tools
Organization Level
Configuration
Objects(Exchange Federation Trust,
Organization Relationship,
Forefront Inbound
Connector, & Forefront
Outbound Connector)
Domain Level
Configuration
Objects(Accepted Domains &
Remote Domains)
Hybrid
Configuration
Object
Exchange Server Level
Configuration
(Mailbox Replication Service
Proxy, Certificate Validation,
Exchange Web Service
Virtual Directory Validation,
& Receive Connector)
Domain Level
Configuration Objects
(Accepted Domains,
Remote Domains, &
E-mail Address Policies)
Organization Level
Configuration Objects
(Exchange Federation Trust,
Organization Relationship,
Availability Address Space,
& Send Connector)
1
2 4 55
4
Step 1 The Update-HybridConfiguration
cmdlet triggers the Hybrid
Configuration Engine to start.
Based on the desired state,
topology data, and current
configuration, across both the
on-premises Exchange and
Exchange Online organizations,
the Hybrid Configuration Engine
establishes the “difference” and
then executes configuration tasks
to establish the “desired state.”
Step 4 The Hybrid Configuration
Engine discovers topology data
and current configuration from
the on-premises Exchange
organization and the Exchange
Online organization.
Step 3 The Hybrid Configuration Engine
connects via Remote PowerShell
to both the on-premises and
Exchange Online organizations.
Step 2 The Hybrid Configuration Engine
reads the “desired state” stored
on the HybridConfiguration
Active Directory object.
Remote
Powershell
Remote
Powershell3
3
Exchange Admin Center (EAC) is your one stop shop for managing Exchange Server 2013 on-premises, your Exchange Online tenant, hybrid settings, and mailbox migrations
EAC is 100% browser based, so you can manage on-premises and cloud from anywhere (subject to your access controls)
Support for a merged recipient views for helpdesk staff
External recipient
DAVID
On-premises mailbox
Exchange
CHRIS
Cloud mailbox
Third Party Email
Security System
Secure Mail
Encrypted &
authenticated mail flow
All email between Exchange on-premises and Exchange Online is encrypted and authenticated
Internal mail flow going from Exchange to Exchange must go direct and not through 3rd party gateways
External (Internet) mail can be routed to wherever you choose – on premises, 3rd party service, EOP
The MX record for the domain controls where inbound external email is received
The hybrid wizard’s “OnPremisesSmartHost” property controls the flow of internal mail from Exchange Online to Exchange on-premises
The FQDN defined within OnPremisesSmartHost can be:
A single Exchange 2013 CAS or 2010 Edge server
Multiple round robin Exchange 2013 CAS or 2010 Edge servers
Multiple load balanced Exchange 2013 CAS or 2010 Edge servers (recommended)
Exchange Topologies SupportedExchange 2013 RTM
Single Forest Model: Accounts and Mailboxes in single forest
Resource Forest Model: Multiple Account Forests, Single Resource Forest
1:1 relationship between Exchange Organization and single O365 tenant
Exchange 2013 Service Pack 1
Supports multiple Exchange Organizations configured against a single O365 tenant
Multiple forests, each containing accounts and Exchange organizations
Multi-Org Hybrid Support
N:1 relationship between Exchange Organization and single O365 tenant
Office 365
Hybrid
Office 365
Hybrid Hybrid
contoso.com fabrikam.comcontoso.com
R R R
Subscribe to our fortnightly newsletter
http://aka.ms/technetnz
http://aka.ms/msdnnz
Free Virtual Hands-on Labs
http://aka.ms/ch9nz
Free Online Learning
http://aka.ms/mva http://aka.ms/technetlabs
Sessions on Demand
Recommended