Friday, August 16, 2013

Exchange 2007 (SP3) - migration (staged) - Exchange Online (Office 365) - Part 5 - Mail migration


So where are we now?
Using DirSync, we have synchronized objects in our onsite Active Directory database with the Windows Azure Active Directory database. This process synchronizes user, contact and group objects. However, email has not yet been migrated to Exchange Online.
We can observe this in the Office 365 Portal and the EAC (Exchange Administrative Console) respectively.
First, let's note the URL for each of these interfaces.
Office 365 Portal:
If we look at "Users and Groups", then "Active Users" in the Portal, we can see the users synchronized during the DirSync process:

On the other hand, if we look at "recipients" and  "mailboxes" in the EAC, no mailboxes are yet present in Exchange Online.

Migrating the email of selected users to Exchange Online is the subject of this blog post.
Migration pre-requisites and "before and after"
We must make sure that several pre-requisites are met before attempting the migration. It is also useful to note the state of a particular attribute, the "targetaddress" attribute, before and after the migration. The value of this attribute, visible and editable under the "Attribute Editor" tab (see below), will be one indicator of a successful migration.
Access Rights
First, the user performing the migration must have "Full Access" (or "Receive As") permissions on the mailboxes to be migrated.
This can be accomplished with the Exchange 2007 EMC (Exchange Management Console) in the mailbox properties as shown here:

Note: for those not familiar with the interface, you simply click on the "Add" icon (green + sign) and search for the user.

Or with the EMS (Exchange Management Shell) using this Powershell cmdlet:

Add-MailboxPermission "Alannah Shaw" -user "admin" -AccessRights FullAccess

CSV file

Second, we must create a .csv file that includes the names of the mailboxes to be migrated.

Here is the .csv file we will use, in this case with two test users:

Note: before DirSync synchronized passwords, it was possible to indicate a temporary password and a value forcing the user to change the password on first login. The text would look like this:


Of course, any other email addresses would follow along with the values for Password and ForcePasswordChange.
Now that DirSync also synchronizes passwords, I have found that only the EmailAddress attribute is necessary.

The "targetaddress" attribute

Third, let's note the "targetaddress" attribute value of one of the mailboxes to be migrated:

Under the "Attribute Editor" tab of the mailbox properties, we can see that there is no value. This is expected (and correct). After the migration is complete, the value will indicate the Exchange Online email address of the mailbox user. This attribute allows mail sent to the onsite mail server to be forwarded to the mailboxes that have been migrated to Exchange Online. 
More generally, this configuration is what allows a staged migration to work. DNS records can still point to the onsite mail server (directly or indirectly via 1 to 1 NAT) and mailboxes still onsite will receive email as usual. On the other hand, mailboxes located in the Cloud will also receive email as it arrives because Exchange will forward it based on the "targetaddress" value.
Now let's perform the mailbox migration.
We perform the migration under the "migration" tab of the "r√©cipients" section in the Exchange Admin Center:

Select "Migrate to Exchange Online":

Select the "Staged Migration" option.

Browse to the .csv file presented above:

Note the number of mailboxes to be migrated:

Enter the credentials of a user with sufficient rights to perform the operation:

Note: this is one point where Outlook Anywhere must be functional for the migration to succeed. This is why we took the time to verify that it would work in an previous post.

Enter a name for the batch:

Select the user who should receive a report on the process:

Note the progress of the migration:

Details can be seen here:

Note the reference to Outlook Anywhere (above).

When the migration is finished, the status should display as follows:

Note: "total" and "synched" should be at 2 (in this case).


Now let's have a "before and after" comparison.

First, the mailboxes now appear in the EAC:

Second, the "targetaddress" value is now populated with the user's Exchange Online email address:

Now mail sent to Aisha Bhari will arrive onsite as usual but Exchange will see the populated "targetaddress" value and forward the messages to the mailbox in Exchange Online.

Of course, messages sent to a mailbox without the populated "targetaddress" attribute will not be forwarded.


This concludes the mailbox migration section.

No comments:

Post a Comment