EXCHANGE TO MICROSOFT 365 MIGRATION GUIDE

1. Exchange to Microsoft 365 Migration Overview

Exchange to Microsoft 365 Migration

Exchange to Microsoft 365

For more information about security, please refer to this documentation.

For more information about migration performance, please refer to this article.

During the Exchange to Microsoft 365 migration, Outlook profiles are not recreated. The creation of Outlook profiles is straightforward, this article describes how to create an Outlook profile.

Migration takes place between existing mailboxes. This means that before starting a migration, mailboxes must exist in the target at the time of migration.

This guide is aimed at experienced system administrators who are capable of connecting to remote systems and using a variety of administration tools.

Although we provide support for our own products, we do not provide support for third-party products such as PowerShell or server administration of Exchange.

If you are concerned you might have any difficulty completing these steps, please consider a solution with our consulting team, contactable via this page. This will ensure a fast, cost-effective, and stress-free implementation. 

2. Exchange to Microsoft 365 Migration Scope

3. Exchange to Microsoft 365 Migration Prerequisites

Cloudiway uses Exchange Web Services API (EWS) to migrate emails, contacts, and calendars.

It is using PowerShell for mailbox permissions,shared, rooms and resources.

All network operations are performed over TLS 1.2.

You can migrate from Exchange On Premises in 3 different ways:

  • Impersonation: a migration account must have impersonation rights, meaning it can impersonate all users.
  • Delegation: a migration account has the right to access user mailboxes (you must give him Full access to each mailbox you want to migrate).
  • Self Service: Access to the mailbox with the username and password of each user (Used for hosted exchange environments where the hosting company cannot give you the above permissions).

In the majority of cases, we recommend to create an Exchange On Premises account (service account) and give it impersonation privileges. This migration account will be used to access the source mailboxes.

To activate impersonation on an account, run this PowerShell command:

New-ManagementRoleAssignment -Role ApplicationImpersonation -User <admin_user_name>

More information about this PowerShell command can be found here.

Open the Exchange Management Powershell prompt and run the following command :

				
					New-ThrottlingPolicy CloudiwayPolicy
				
			

Then Run :

				
					Set-ThrottlingPolicy CloudiwayPolicy -RCAMaxConcurrency $null -RCAPercentTimeInAD $null -RCAPercentTimeInCAS $null -RCAPercentTimeInMailboxRPC $null -EWSMaxConcurrency $null -EWSPercentTimeInAD $null -EWSPercentTimeInCAS $null -EWSPercentTimeInMailboxRPC $null -EWSMaxSubscriptions $null -EWSFastSearchTimeoutInSeconds $null -EWSFindCountLimit $null -CPAMaxConcurrency $null -CPAPercentTimeInCAS $null -CPAPercentTimeInMailboxRPC $null -CPUStartPercent $null
				
			

Then Run :

				
					Set-Mailbox "Cloudiway" -ThrottlingPolicy CloudiwayPolicy
				
			

The steps above will remove throttling policies against all user accounts at your Source. You still need to enable impersonation so that the migration account can impersonate any user during migrations.

We recommend creating a Microsoft 365 account with impersonation privileges dedicated to the migration, that can be deleted once the migration is completed. This migration account is used to access the target mailboxes and to make PowerShell calls while migrating mailbox permissions, shared mailboxes, rooms and equipments. 

It must be configured with multi-factored authentication (MFA) and SSO (ADFS) turned off

To deactivate MFA on your Microsoft 365 migration account, see :

 https://help.cloudiway.com/article/deactivate-mfa-on-your-office365-migration-account/

EWS API calls are performed through an Azure Active Directory Application which is granted specific permissions.

You can either create an Azure Active Directory Application manually or let the platform create one for you (if your migration account is global admin). You need to register one app both in the target Azure Active Directories when creating the Microsoft 365 Connector.

Please consult how to create the Azure Active Directory Application and associated permissions.

Cloudiway migrates between existing user mailboxes and does not provide a tool to provision user mailboxes. Therefore, the user mailboxes must be created prior to the migration. 

You can create your users in several ways:

Creating a partial archive of provides a number of benefits.

From a migration perspective, the biggest benefit is reduced bandwidth. End-users who access their emails via Outlook have their mailbox locally cached (in .ost file format). After the migration, Outlook will download all the emails the first time that the users access their mailboxes. Therefore, if many users are likely to access Outlook at around the same time after migration (for example, at 9am Monday morning), your bandwidth might slow down due to a glut of downloads.

This can be avoided by partially migrating data to the online archive. For example, you could choose to migrate all items older than 1 year to the online archive. The data will remain online and accessible from each user’s inbox as an In-Place Archive folder. The most recent 1 year of emails will be migrated and downloaded when each user first logs in, reducing overall bandwidth usage due to smaller mailbox sizes.

Note: you must ensure that In-Place archiving is switched on within your Exchange Admin center : See Enable archive mailboxes for Microsoft 365.

In-Place archives at the source are treated differently to standard mail and are not migrated by default. You can buy a mail archive quota package to perform an archive migration.

4. Additional provisioning

Cloudiway provides a tool to provision and migrate the room and equipment mailboxes in a separate menu. In the Mail Migration section of the tools, you will see a Rooms & Equipment option. This tool can be used to discover your room and equipment mailboxes and provision them to the target tenant so you don’t have to do it manually.

Cloudiway provides a tool to provision and migrate the shared mailboxes in a separate menu. In the Mail Migration section of the tools, you will see a Shared Mailboxes option. This tool can be used to discover your shared mailboxes and provision them to the target tenant so you don’t have to do it manually.

Cloudiway provides a tool to provision and migrates the distribution lists in a separate menu. In the Mail Migration section of the tools, you will see a Distribution Lists option. This tool can be used to discover your Distribution lists and provision them to the target tenant so you don’t have to do it manually.

5. Mapping Table

During the migration, Cloudiway uses a mapping table to perform the conversion of email addresses in email headers, calendar items, and mailbox permissions.

Important: The mapping table must be exhaustive : any missing email address will not be converted, and would end up with loss of mailbox permissions, unreplyable emails and broken calendar items. Cloudiway automatically populates this mapping table during the discovery process. However, it remains your responsibility to make sure that the mapping table is not missing any email address in case the discovery doesn’t find everything.

6. Exchange to Microsoft 365 Mailbox Migration process

The exchange to Office  365 migration is a five step process. 

  1. Create the connectors for connecting to the source and the target .

  2. Configure the Global Settings.

  3. Run a Discovery (GetList) or upload your list from a CSV file.

  4. Verify the Mapping Table.

  5. Run the migration.

For Cloudiway to migrate your mailboxes, it needs to be able to communicate with both your source Exchange On Premises server and your target Microsoft 365 tenant. 

To do this, Cloudiway uses connectors. You will need to set up a connector for the Exchange On Premises server and for the target tenant that mail should be migrated to. Follow the steps from this page to configure your connectors.

In particular check:

Create your Exchange On-Premises connector

Create your Microsoft 365 connector

Under the Migration / Mails menu, Click on Global Settings.

Most of the options are self-explanatory.

Date From and Date To: Filter the emails to extract from the source mailbox. If none are set, everything is migrated.

The Convert Email Address option needs further explanation. The Convert Email Address option is switched on by default (and is best left on). When activated, this option rewrites email addresses found in the email headers, calendar items and mailbox permissions and replaces source email addresses with their corresponding target email addresses in the mapping table. Therefore, it’s important that all users exist in the mapping table before migration begins.

If Migrate to Archives is Enabled, it defines which mails go to the Archive and which mails go to the online mailbox. It is used to route mails between the mailbox and the archive.

Archive Mails Older Than migrates the emails older than specified date and time to the target archive mailbox. The more recent mails are migrated to the mailbox.

Migrate Everything to Archives  will migrate all the emails to the archive.

Archive Location:  You can archive the mails to the Microsoft 365 Online Archive or to a PST file that will be uploaded to the OneDrive of the user.

 

Note: Only the mails extracted from the source mailbox (defined by Date From and Date To) are eventually archived: Mails are extracted from the source based on the Date From and Date To filter and are then routed to the mailbox or to the Archive based on the  Archive Mails Older Than settings. 

Click on the Save button at the bottom of the screen to update your global settings.

There are a number of ways to add users that you wish to migrate. These include:

  1. CSV file import.
  2. Cloudiway’s mailbox discover tool (Get List).
  3. Create a single user.

Note that importing users into Cloudiway won’t create the user mailboxes in the target tenant.

CSV Import

If you have a CSV file of all your users, you can upload the file to Cloudiway.

See How to fill the csv import file for more details.

From the Main menu in the User Mailboxes List, Select Manage / Import.

If required, click on Download sample CSV and add your users to the CSV file using the sample headers (FirstName; LastName; SourceEmail; TargetEmail; SourceRecipientType; TargetRecipientType; BatchName)

Upload your CSV file.

Select the appropriate connectors in the Source and Target fields

Click on the UPLOAD button.

If you see any error messages, check your CSV file to ensure it has the required columns, each with a separator (including the last) and try uploading again.

Cloudiway’s Get List tool helps you to retrieve mailboxes from your source tenant. There are 5 Get List tools corresponding to the different sections:

  • User List: to discover only user mailboxes.
  • Shared Mailboxes: to discover only shared mailboxes.
  • Room Equipment: to discover only room and equipment mailboxes.
  • Distribution list: to discover only distribution lists.
  • Archive: to discover only archive mailboxes.

Under each of those sections, go to Migration, and select Get List.

Get Mail Migration UserList

Select your source and target connector, the recipient Type, then specify:

  • The Matching Rule:
    • Mail Exact Match: the source email = the target email (bob.marley@sourcedomain.com > bob.marley@sourcedomain.com)
    • Keep Email Prefix Same as Source: only the domain name changed (bob.marley@sourcedomain.com > bob.marley@targetdomain.com)
    • FirstName.LastName (i.e. bob.marley@targetdomain.com)
    • F.LastName (i.e. b.marley@targetdomain.com)
    • FLastName (i.e. bmarley@targetdomain.com)
    • LastNameF (i.e. marleyb@targetdomain.com)
  • The Target Domain. Specify the target domain assigned to the target emails addresses in the list.

The discovery job will start and add your users to the User List. You can monitor the progress of this task in the User List: Get List Logs.

Get List Log

Many of our first-time customers create a single user for testing purposes. This provides a means of watching the migration process without affecting all users.

Click on MANAGE > Create User and enter the details:

Now that you have performed all the pre-migration steps within your tenants and within Cloudiway, you’re ready to migrate. We recommend you run a test migration on a single user first to check that your configuration produces the outcome you expect.

Cloudiway is an incremental migration platform that supports delta passes. Every time you restart the migration of a mailbox, only items that haven’t already been copied to the target will be migrated and for those already migrated items that have been modified in the source will be updated in the target. The platform, therefore, does not duplicate items in the target, just updates them.

The migration strategy usually consists of at least 2 migration passes, one before the cutover and another pass after the cutover:

  • 1st migration pass: which migrates the majority of the mailbox. Select mailboxes, click on MIGRATION, then the Start button. Explained below in more detail.
  • Cutover: You have to manually remove the domain from the source tenant, attach it to the target tenant and change the MX record in your DNS server. This is not automated by Cloudiway.
  • 2nd migration pass, delta pass: which migrates what hasn’t been migrated and updates modified items. Select mailboxes, click on MIGRATION, then the Start button. Explained below in more detail.
  • 3rd migration pass, delta pass: 24 hours after cutover you can submit an additional delta pass to make sure no residual email is left behind due to DNS propagation delays. Select mailboxes, click on MIGRATION, then the Start button. Explained below in more detail.

You can submit as many migration passes as you want for 3 months and until consuming the amount of GBs allowed by the assigned licenses but usually, you only need one before the cutover and another after the cutover. 

 

Start the migration:

 To start your migration, select the users or batch you wish to migrate and  under the Migrate Menu, Click On Start.

If you have defined batches, you can start the migration of a batch. It will automatically schedule the migration of the members of the batch. Under Batches tab, select the user batch you want to submit and click on MIGRATION, then the Start button.

7. How to Manage batches

You can simplify your migration from Exchange On-Premises to Microsoft 365 by using batches and easily group subset of mailboxes together.

To create a batch, under the batch tab, Click on the + icon and enter a batch name:

After creating the different batch, under Users tab, select the users you want to assign to a specific batch, click on BATCH button and Add to Batch:

Exchange to Microsoft 365 migration by batches

8. Additional migration Options

8.1. Mailbox permissions migration

Your Exchange to Microsoft 365 migration wouldn’t be complete without the permission of the migrations. You can start the migration of the permissions at any time. But we do recommand to do it only one time at the end of your project.

Migration of permission isn’t performed during the migration of the mailboxes but through a dedicated job.

The migration of the permissions will migrate permissions on the mailboxes, on the primary and secondary calendars.

WarningIf permissions were applied to mail-enabled security group, the mail enable security group must exist at the destination for the permission to be applied correctly.

Click on User List, select the users, go to MIGRATION, then click on Migrate Permissions

Migration Permission

NOTE: Once you start the process of permissions migration, it cannot be stopped.

8.2. X500 addresses and LegacyExchangeDN migration

From the Transfer X500 section of Global Actions, you can migrate the X500 addresses and LegacyExchangeDN from your source mailboxes to your target mailboxes.

Select your Source and the Target, click on START.

Global Actions X500 Starts

You will see a Scheduled status, and Completed when the process is finished.

8.3. Archive mailbox migration

8.3.1. Migration from archives mailboxes

To migrate your archives, create your users from the Archive menu.

Archive mailboxes

Once complete, select your entries, go to MIGRATION then Start.

Note: by default, archives are migrated to archives. You can eventually decide to migrate an archive to a standard mailbox.

Archive Entry Standards
Archive Mails

In this example emails older than April 7 2020 will be migrated to the archive mailbox:

Calender

Click on the Save button, when your migration starts, any emails older than the date you specified will be migrated to an In-Place archive. More recent items will be migrated to the target mailbox.

  • From the Global Settings section, Migrate Everything to Archives is to migrate all the emails to the target archive mailbox. In the Mail Global Settings, enable Migrate Everything to Archives and all emails will be migrated to the target archive mailbox:
Archive mails

Click on the Save button, when your migration starts, all emails will be migrated to an In-Place archive.

9. Troubleshooting

Cloudiway provides an extensive Help Center, also known as knowledge base, with many resources, including common error messages, guides, and downloads.