MICROSOFT 365 TO MICROSOFT 365 MAIL MIGRATION GUIDE
1. Microsoft 365 Mail migration with Cloudiway
Cloudiway’s mail migration solution helps businesses perform elaborate technical migrations through a simple SaaS interface. As a result, mail migrations require no additional software installation or overhead, and migrations can be performed securely and quickly.
The Cloudiway new platform is flexible enough to support all types of migration paths. Your migration strategy will depend on your business setup, type, and size.
Whichever migration path you choose, Cloudiway provides all the essential features including license assignment, archive migration, calendar coexistence (Free/Busy scheduling) and contact synchronization (GALSync).
Two of the most common migration strategies are cutover and staged migrations. Cutover strategies involve migrating all mailboxes over a weekend, ready for your users on Monday morning. Staged strategies provide more flexible migration options, as discussed on this page.
We’ve prepared a special article for you, click below to discover more about the features, benefits, cutover vs staged migration strategy, and more:
Furthermore, Cloudiway has developed a number of tools to enable seamless migration for the most intricate migrations. Our supplementary tools include:
To discuss any of these supplementary tools further, please get in touch with your existing Cloudiway contact.
Note: looking for Exchange to Office 365 migration? All the steps are similar except you need to create an Exchange On-Premises source connector, more info:
2. Security
For more information about security, please refer to this article.
3. Performance
For more information about migration performance, please refer to this article.
4. Microsoft 365 Mail migration scope
4.1. What can be migrated and what are the limitations?
You will find what can be migrated and the limitations between Microsoft Office 365 tenants on this page:
Moving a domain name between two Microsoft 365 tenants can be tricky: the domain name can only be attached to one Office 365 tenant at a time. Microsoft documents how to remove a domain and advises that it may take several hours. Therefore, you may have a downtime.
To avoid this downtime, Cloudiway provides a solution that makes the transition trouble-free. Cloudiway’s mail relay enables emails to continue to be received and delivered to the correct inboxes during a domain name change. Mail headers are not modified.
Once you’ve pointed your MX records to our mail relay, it will deliver incoming mails to the target. This will allow you to detach your domain without interruption.
During migration, Outlook profiles are not recreated. The creation of Outlook profiles is straightforward, this article describes how to create an Outlook profile.
4.2. Considerations
Migration takes place between existing mailboxes. This means that before starting a migration, mailboxes must exist in the target at the time of migration (steps are included in this guide).
4.3. Audience
This guide is aimed at experienced system administrators who are capable of connecting to remote systems and using a variety of administration tools.
Although we provide support for our own products, we do not provide support for third-party products such as PowerShell or server administration of Exchange.
If you are concerned you might have any difficulty completing these steps, please consider a solution with our consulting team, contactable via this page. This will ensure a fast, cost-effective, and stress-free implementation.
5. Pre-migration configuration
5.1. Before you start
Before you start, you need the following accounts.
| Name | Description | Location |
| Cloudiway | Account to configure the Cloudiway Platform for your migration. | https://portal.cloudiway.com |
| Office 365 Admins | Used to configure Azure Active Directory Application and associated permissions both in source and target tenants. | https://aad.portal.azure.com |
5.2. How it works
Cloudiway uses Exchange Web Services API (EWS) to migrate emails, contacts, and calendars. It is using PowerShell for mailbox permissions,shared, rooms and resources.
Note: all network operations are performed over TLS 1.2.
5.3. Source Prerequisites
5.3.1. Create source Office 365 service account
To perform the migration, we recommend creating an Office 365 account (service account) with impersonation privileges dedicated to the migration, that can be deleted once the migration is completed. This migration account is used to access the source mailboxes and needs to be provided in a Office 365 Connector. It must be configured with multi-factored authentication (MFA) and SSO (ADFS) turned off. To deactivate MFA On Your Office365 Migration Account (guide: https://help.cloudiway.com/article/deactivate-mfa-on-your-office365-migration-account/).
An Office 365 account can access up to 100 mailboxes concurrently. Therefore, by default, Cloudiway allows you to migrate 100 concurrent users in an Office connector. If you wish to speed up your migration, you should set up additional source Office 365 connectors on the Cloudiway platform and associate different source accounts with admin access to each one. Each source connector will be assigned to the corresponding source connector pool to automatically allocate connectors to 100 users.
5.3.2. Azure Active Directory Application
EWS API calls are performed through an Azure Active Directory Application which is granted specific permissions.
You can either create an Azure Active Directory Application manually or let the platform create one for you (if your migration account is global admin). You need to register one app in the source Azure Active Directories when creating the Office 365 Connector.
Please consult how to create the Azure Active Directory Application and associated permissions.
5.4. Target Prerequisites
5.4.1. Create target Office 365 service account
We recommend creating another Office 365 account (service account) with impersonation privileges dedicated to the migration, that can be deleted once the migration is completed. This migration account is used to access the target mailboxes and to make PowerShell calls when migrating mailbox permissions, shared mailboxes, rooms and equipments. It must be configured with multi-factored authentication (MFA) and SSO (ADFS) turned off. To deactivate MFA on your Office365 migration account (guide: https://help.cloudiway.com/article/deactivate-mfa-on-your-office365-migration-account/).
An Office 365 account can access up to 100 mailboxes concurrently. Therefore, by default, Cloudiway allows you to migrate 100 concurrent users in an Office connector. If you wish to speed up your migration, you should set up additional source Office 365 connectors on the Cloudiway platform and associate different source accounts with admin access to each one. Each source connector will be assigned to the corresponding source connector pool to automatically allocate connectors to 100 users.
5.4.2. Azure Active Directory Application
See above, section 5.3.2.
Please check it out if needed: how to create the Azure Active Directory Application and associated permissions.
5.4.3. Create your user mailboxes
Cloudiway migrates between existing user mailboxes and does not provide a tool to provision user mailboxes. Therefore, the user mailboxes must be created prior to the migration. You can set up user accounts on the target Microsoft 365 tenant in several ways. (The following links are to Microsoft documentation.)
5.4.4. Create a partial archive from a normal inbox
Creating a partial archive of emails provides a number of benefits. From a migration perspective, the biggest benefit is reduced bandwidth. End-users who access mail via Outlook have their mailbox locally cached (in .ost file format). After a mail migration, Outlook will download all migrated mailboxes the first time users access their mailboxes. Therefore, if many users are likely to access Outlook at around the same time after migration (for example, if you’ve completed a cutover migration one weekend before staff arrive at 9am Monday morning), your bandwidth might slow down due to a glut of downloads.
This can be avoided by partially migrating data to the online archive. For example, you could choose to migrate all items older than 1 year to a mail archive, which would be performed prior to the final cutover. The data will remain online and accessible from each user’s inbox as an In-Place Archive
folder. The most recent 1 year of emails will be migrated and downloaded when each user first logs in, reducing overall bandwidth usage due to smaller mailbox sizes.
Note: you must ensure that In-Place archiving is switched on within your Exchange Admin center (you can bulk-activate using the instructions on TechNet as https://technet.microsoft.com/enus/library/jj984357(v=exchg.150).aspx).
In-Place archives at the source are treated differently to standard mail and are not migrated by default. You can buy a mail archive quota package to perform an archive migration (see section 7.6.2).
5.4.5. Create your room and equipment mailboxes
Cloudiway provides a tool to provision and migrates room and equipment mailboxes in a separate menu. In the Mail Migration section of the tools, you will see a Room & Equipment option. This tool can be used to discover your room and equipment mailboxes and provision them to the target tenant so you don’t have to do it manually.
More details on how to use this feature can be found here:
5.4.6. Create your shared mailboxes
Cloudiway provides a tool to provision and migrates shared mailboxes in a separate menu. In the Mail Migration section of the tools, you will see a Shared Mailboxes option. This tool can be used to discover your shared mailboxes and provision them to the target tenant so you don’t have to do it manually.
More details on how to use this feature can be found here:
5.5. Mapping Table
During the migration, Cloudiway uses a mapping table to perform the conversion of email addresses in email headers, calendar items, and mailbox permissions.
Important: the mapping table must be exhaustive, any missing email address will not be converted, and would end up with loss of mailbox permissions, unrepayable emails and broken calendar items. Cloudiway automatically populates this mapping table when source mailboxes are discovered by Get List functionality explained below. However, make sure if the mapping table was populated automatically that you are not missing any email address.
6. Use the Cloudiway platform to migrate your mailboxes
6.1. Create Your Connectors
For Cloudiway to migrate your Mailboxes, it needs to be able to communicate with both your source and target Microsoft 365 tenants. To do this, Cloudiway uses connectors. You will need to set up a connector for each source tenant you wish to migrate and each target tenant that mail should be migrated to. Follow the steps from this page to configure your connectors.
For large projects, it’s possible to create multiple connectors that will be used in parallel from connector pools. Please contact Cloudiway consulting services if you need to set up such configuration.
6.2. Configure the global settings for migration
Now that you have set up at least one source and target connector, you’re ready to configure your global settings. Using the Cloudiway platform, this is simply a matter of selecting what you want to migrate.
From the Mails area of https://portal.cloudiway.com, click on Global Settings
Most of the options are self-explanatory.
The Convert Email Address option needs further explanation. The Convert Email Address option is switched on by default (and is best left on). When activated, this option rewrites email addresses found in the email headers, calendar items and mailbox permissions and replaces source email addresses with their corresponding target email addresses in the mapping table. Therefore, it’s important that all users exist in the mapping table before migration begins.
Archive Mails Older Than is to migrate the emails older than specified date and time in the past to the target archive mailbox and Migrate Everything to Archives is to migrate all the emails to the target archive mailbox. See the 7.6.2. Migration to archives section for further information.
Click on the Save button at the bottom of the screen to update your global settings.
6.3. Import or create your users into Cloudiway platform
There are a number of ways to add users that you wish to migrate. These include:
- CSV file import.
- Cloudiway’s mailbox discover tool (Get List).
- Create a single user.
Regardless, each user will need to be assigned a license type — Trial (limited to 100 MB), Education, Standard, Archive, or No License (used for adding users to your mapping table regardless of migration plans).
Note that importing users into Cloudiway won’t create the user mailboxes in the target tenant. See 5.4.3 Create your user mailboxes
6.3.1. Option 1: CSV file import
If you have a CSV file of all your users, you can upload the file to Cloudiway. The file must have the following fields in the header row:
FirstName;LastName;SourceEmail;TargetEmail;SourceRecipientType;TargetRecipientType;BatchName
If required, click on Download sample CSV and add your users to the CSV file using the sample headers (FirstName; LastName; SourceEmail; TargetEmail; SourceRecipientType; TargetRecipientType; BatchName)
3. When you have a complete CSV file with the correct headers, click on the BROWSE button
4. Locate your CSV file within your own file system, and double-click on it to select it
5. Select the appropriate connectors in the Source and Target fields
6. Click on the UPLOAD button.
If you see any error messages, check your CSV file to ensure it has seven columns, each with a separator (including the last) and try uploading again.
6.3.2. Option 2: Get List
Cloudiway’s Get List tool helps you to retrieve mailboxes from your source tenant. There are 5 Get List tools corresponding to the different sections:
- User List: to discover only user mailboxes.
- Shared Mailboxes: to discover only shared mailboxes.
- Room Equipment: to discover only room and equipment mailboxes.
- Distribution list: to discover only distribution lists.
- Archive: to discover only archive mailboxes.
Under each of those sections, go to Migration, and select Get List.
The tool requires you to enter the Source and Target Pool of connectors.
Then to specify:
- The Matching Rule:
- Mail Exact Match: the source email = the target email (bob.marley@sourcedomain.com > bob.marley@sourcedomain.com)
- Keep Email Prefix Same as Source: only the domain name changed (bob.marley@sourcedomain.com > bob.marley@targetdomain.com)
- FirstName.LastName (i.e. bob.marley@targetdomain.com)
- F.LastName (i.e. b.marley@targetdomain.com)
- FLastName (i.e. bmarley@targetdomain.com)
- LastNameF (i.e. marleyb@targetdomain.com)
- The Target Domain. Specify the target domain assigned to the target emails addresses in the list.
It will then add new users to the User List. You can monitor the progress of this task in the User List: Get List Logs.
6.3.3. Option 3: Create a single user
Many of our first-time customers create a single user for testing purposes. This provides a means of watching the migration process without affecting all users.
Click on MANAGE > Create User and enter the following details:
For more information regarding the different fields, check out this article. Repeat the process for any more users you’d like to create.
6.4. Activate and monitor your migration
Now that you have performed all the pre-migration steps within your tenants and within Cloudiway, you’re ready to migrate. We recommend you run a test migration on a single user first to check that your configuration produces the outcome you expect.
Cloudiway is an incremental migration platform that supports delta passes. Every time you restart the migration of a mailbox, only items that haven’t already been copied to the target will be migrated and for those already migrated items that have been modified in the source will be updated in the target. The platform, therefore, does not duplicate items in the target, just updates them.
The migration strategy usually consists of at least 2 migration passes, one before the cutover and another pass after the cutover:
- 1st migration pass: which migrates the majority of the mailbox. Select mailboxes, click on MIGRATION, then the Start button. Explained below in more detail.
- Cloudiway short-term mail routing service (optional): if you need to migrate your source domain to the target tenant you can enable this service to avoid NDRs. Explained below in more detail.
- MX Record Cutover: if you need to migrate your source domain to the target tenant, you have to manually remove the domain from the source tenant, attach it to the target tenant and change the MX record in your DNS server. This is not automated by Cloudiway.
- 2nd migration pass, delta pass: which migrates what hasn’t been migrated and updates modified items. Select mailboxes, click on MIGRATION, then the Start button. Explained below in more detail.
- 3rd migration pass, delta pass: 24 hours after cutover you can submit an additional delta pass to make sure no residual email is left behind due to DNS propagation delays. Select mailboxes, click on MIGRATION, then the Start button. Explained below in more detail.
Moving domains from Office 365 tenants can take up to 48 hours. During this time, domains are unavailable. As a consequence, emails sent to users in those domains will result in non-delivery reports. Cloudiway’s mail routing platform can be used to prevent delivery failures during the transition, ensuring all incoming mail is routed to the intended user regardless of the status of the domain. You can leverage our Cloudiway short-term mail routing service:
Short-Term Mail Routing For Google and Office 365 Cutover Mail Migration
If you have moved the source domain before performing one or more delta passes, the Switch Domain global action will need to be used:
You can submit as many migration passes as you want for 3 months and until consuming the amount of GBs allowed by the assigned licenses but usually, you only need one before the cutover and another after the cutover. Find out more about the delta migration passes:
What a migration pass takes to complete depends on a lot of factors. Find out more about the migration performance:
What a migration pass takes to complete depends on a lot of factors. Find out more about the migration performance:
You can create user batches from the Batches tab to easily group subset of mailboxes. Click on the + icon and enter a batch name:
After creating the different batch, under Users tab, select the users you want to assign to a specific batch, click on BATCH button and Add to Batch:
To start your migration, select the users or batch you wish to migrate.
- For users, under Users tab, select all the users you want to submit and click on MIGRATION, then the Start button.
- For user batch, under Batches tab, select the user batch you want to submit and click on MIGRATION, then the Start button.
Your migrations will be scheduled and will begin as soon as cloud resources are available.
NOTE: When migrating by user batches during a long period of time you may want to enable email forwarders.
For more information, please see this article:
7. Other migration options
7.1. Mailbox permissions migration
You can migrate mailbox permissions for mailboxes through the Cloudiway platform.
Migration of permission isn’t performed during the migration of the mailboxes but through a dedicated job.
The migration of the permissions will migrate permissions on the mailboxes, on the primary and secondary calendars.
If permissions were applied to mail-enabled security group, the mail enable security group must exist at the destination for the permission to be applied correctly.
Click on User List, select the users, go to MIGRATION, then click on Migrate Permissions
NOTE: Once you start the process of permissions migration, it cannot be stopped.
7.2. X500 addresses and LegacyExchangeDN migration
From the Transfer X500 section of Global Actions, you can migrate the X500 addresses and LegacyExchangeDN from your source mailboxes to your target mailboxes.
Select your Source and the Target, click on START.
You will see a Scheduled status, and Completed when the process is finished.
7.3. Shared mailbox migration
From the Shared Mailboxes section under Mail, you can recreate and migrate Shared mailboxes from your source tenant to your target tenant.
For more information, please see this article:
7.4. Rooms and Equipment mailbox migration
From the Rooms & Equipment section under Mail, you can recreate and migrate Rooms and Equipment mailboxes from your source tenant to your target tenant.
For more information, please see this article:
7.5. Distribution List migration
From the Distribution Lists section under Mail, you can recreate and migrate distribution lists from your source tenant to your target tenant.
For more information, please see this article:
7.6. Archive mailbox migration
7.6.1. Migration from archives mailboxes
To migrate your archives, create your users from the Archive menu.
Once complete, select your entries, go to MIGRATION then Start.
Note: by default, archives are migrated to archives. You can eventually decide to migrate an archive to a standard mailbox.
7.6.2. Migration to archive mailboxes
The Office 365 mailboxes can be migrated to the Office 365 online mailboxes, to the Office 365 archives, or to a mix of both.
During the migration, a single mailbox can be split into the online mailbox and archive.
Note: to migrate content to archives, In-Place archiving must be enabled for the user, learn more: https://technet.microsoft.com/enus/library/jj984357(v=exchg.150).aspx.
In the Cloudiway platform, you can migrate either only old emails or all the emails to the target archive mailbox. So 2 options:
- From the Global Settings section, Archive Mails Older Than is to migrate the emails older than specified date and time in the past to the target archive mailbox. Keep Migrate Everything to Archives disabled.
In this example emails older than April 7 2020 will be migrated to the archive mailbox:
Click on the Save button, when your migration starts, any emails older than the date you specified will be migrated to an In-Place archive. More recent items will be migrated to the target mailbox.
- From the Global Settings section, Migrate Everything to Archives is to migrate all the emails to the target archive mailbox. In the Mail Global Settings, enable Migrate Everything to Archives and all emails will be migrated to the target archive mailbox:
Click on the Save button, when your migration starts, all emails will be migrated to an In-Place archive.
8. Troubleshooting
Cloudiway provides an extensive Help Center, also known as knowledge base, with many resources, including common error messages, guides, and downloads.
Please visit the Help Center here (where you can search for keywords or read through topics): https://help.cloudiway.com/
The Help Center also contains information on how you can ask for further support.
