Cloudiway’s mail migration solution helps businesses perform elaborate technical migrations through a simple SaaS interface. As a result, mail migrations require no additional software installation or overhead, and migrations can be performed securely and quickly.
The Cloudiway platform is flexible enough to support all types of migration paths. Your migration strategy will depend on your business setup, type and size. Whichever migration path you choose, Cloudiway provides all the essential features including automatic account provisioning, license assignment, archive migration, mail routing and calendar coexistence (free/busy scheduling).
Two of the most common migration strategies are cutover and staged migrations. Cutover strategies involve migrating all mailboxes over a weekend, ready for your users on Monday morning. Staged strategies provide more flexible migration options, as discussed below.
1.1. Cutover migration
You migrate everybody over a weekend and perform a single migration pass. This strategy is the simplest to implement. After you have switched your MX records to point to the new system, you start mailbox migration.
Cutover migration is therefore a strategy where the entire company is switched at the same time.
1.1.1. Cutover migration benefits
1.1.2. Cutover migration considerations
You can combine your cutover migration with pre-staging, if required. In this case, during the days or weeks leading up to your cutover, you would migrate all mails up to a week or so ago along with calendars and contacts, then on the day of your cutover, you would run a quick delta pass to migrate the remaining items.
1.2. Staged migration
A staged migration allows you to migrate batches of mailboxes over the course of a few weeks or months. This strategy is useful for migrations with large volumes of data (very full mailboxes or many mailboxes) and you estimate that you won’t be able to do your migration over a single weekend.
Cloudiway offers you additional flexibility in your approach to a staged migration. For example, you could migrate the last six months of emails over a weekend and leave older emails and email archives to be migrated after cutover, explaining to users that their older emails will appear soon.
Prestaging is also an option on the Cloudiway platform. For example, you could perform a multi-pass migration where you migrate most mailbox items before performing the final cutover. During the days or weeks leading up to your cut-over, you would migrate all the mails up to a week or so ago along with calendars and contacts, then on the day of your cutover, you would run a quick delta pass to migrate the remaining items.
Cloudiway provides a number of options to help you find the best strategy for a staged mail migration. We provide coexistence services, plus mail routing, and batch migration of users, which you can define in any way you like. Basically, you can choose who, when and what gets migrated during each pass.
1.2.1. Staged migration benefits
1.2.2. Staged migration considerations
Staged migrations tend to be more complicated than single cutover migrations. Therefore, it’s important that you have planned your approach thoroughly prior to starting any migration.
1.3. Supplementary tools
Cloudiway has developed a number of tools to enable seamless migration for the most intricate migrations. Our supplementary tools include:
These tools are available as additional modules, and therefore incur an extra cost. Please contact us for more information on email@example.com.
1.3.1. Automatic provisioning
Automatic account provisioning is handled by the IAM module. It synchronizes your Active Directory infrastructure with Office 365 and lets you manage your cloud users from your local Active Directory. It synchronizes users, groups and contacts, and also provides real time password synchronization. It supports multi-domain and multi-forest environments and avoids costly directory consolidation projects. Visit cloudiway.com for more information, or contact us.
We take your privacy and security seriously at Cloudiway, and we have invested significant effort into making our platform and your data secure. Cloudiway provides a cloud-based application hosted in Windows Azure. It means that the software and data are centrally hosted and accessed by clients using a web browser and internet connection. In addition, Cloudiway’s SaaS benefits from Windows Azure’s certifications, ensuring security of the infrastructure, network and physical security layers of the Cloudiway cloud.
For total assurance, Cloudiway provides auditing tools, secure, authenticated data connections and a logging system. More specifically:
*For the delta pass mechanism, the messageID of each email is used. This ensures that no data is duplicated, and for efficiency, only the changes are propagated. We automatically delete inactive records after 90 days, or upon request.
In addition, because the Cloudiway platform needs credentials to connect to the source and the target, you define connectors to connect to them and enter credentials that will be used for the connection. These credentials are stored encrypted using AES 256.
For complete peace of mind, we recommend that you create a temporary migration account during your migration which you can delete at the completion of your project.
The Cloudiway platform uses all available resources to provide the fastest migration possible and can support both small and large migrations. The on-demand migration engine allocates the capacity that you need to migrate the volume of data of your choice in the time slot you have allocated.
However, there are limitations. Many mail systems can heavily throttle users. When you perform too many API calls, the remote server will begin throttling and decrease the number of calls that can be performed each minute, thus reducing the migration throughput. Cloudiway continuously attempts to migrate email at the maximum capacity allowed to achieve the highest throughput.
Lotus Notes limitations
Although mail migration from Lotus Notes is entirely monitored and triggered from the Cloudiway SaaS platform, a local agent must be downloaded and executed on a local Lotus Notes workstation (using a notes.id with access to all mailboxes). The agent is multi-threaded and can concurrently run 10 migrations by default. You can run the agent simultaneously on different Notes clients to increase throughput. To preserve bandwidth, you can limit the number of concurrent migrations.
Office 365 limitations
Office 365 uses throttling policies to limit the resources consumed by a single account. To maximize throughput and limit throttling, Cloudiway follows Microsoft best practice and uses impersonation.
An account that has impersonation privileges can impersonate 100 users concurrently to migrate 100 vaults in parallel. The platform uses EWS (Exchange Web services) protocol; Microsoft theoretically allows throughput of around 300 MB per user per hour. The Cloudiway platform typically sees throughput between 200 MB and 300 MB per vault per hour. This gives an average throughput of around 500 GB per day with a constant migration of 100 concurrent vaults.
For more speed, you can create distinct migration accounts and additional connectors . For example, if you create two target Office 365 connectors (each with its own distinct migration account), you can migrate 200 archives concurrently and reach a throughput of around 1 TB per day.
Mailbox item count is also a factor: because Office 365 throttling policies limit migration to 1500 to 1800 mails per user per hour. Therefore, a vault with 1,000,000 small emails will be slower to migrate than a mailbox with 1,000 large mails containing attachments.
Exchange On-Premises limitations
A major benefit of Exchange On-Premises is that you’re in control of all settings. If you’re migrating to Exchange, make sure your server(s) and network are optimized for maximum throughput.
Google limits migration to 2.5 GB per user per day. Usually, some extra data migration is possible before throttling begins. When it does begin, the Cloudiway platform will attempt to migrate 10 GB of data per user, then sleep for 6 hours and automatically restart the migration where it left off.
Amazon WorkMail limitations
Throttling may slow down migration, although exact measurements are not currently available.
4.1. What can be migrated
When migrating from Lotus Notes, the following mail-related items can be migrated:
Please note that migration has only been tested on Lotus Notes client version 8.0 and later, using .Net framework 4.0 with at least 4 GB RAM and 50 GB hard drive space.
4.2. Migration limitations
During migration, Outlook profiles are not recreated by default. Although this is the responsibility of the system administrators performing the migration, Cloudiway provides a free tool to perform this task. Please contact Cloudiway for more information.
It’s currently not possible to migrate delegations from Lotus Notes. Users will need to manually add any delegations after migration.
There are several important factors that you should be aware of before starting a mail migration.
Firstly, migration takes place between existing mailboxes. This means that mailboxes must exist in the target at the time of migration. Please ensure that all mailboxes to be migrated have had their target mailbox created in the target domain.
Secondly, to migrate a user, you must provide the primary source SMTP address and the primary target SMTP address. If you specify an alias, the mailbox migration will fail.
Personal contacts are stored in the personal address book of the users and reside in the desktops of each user. However, it’s possible to enable an option that will replicate the contacts to the mail databases of the users and personal contacts will become available on server side and Cloudiway will be able to migrate them.
Cloudiway migrates the archives of users hosted on the servers. It uses the default path defined in the address book (eg, archive\username). If archives are stored in a different location, you can use a specify this during configuration, and these steps are covered later in this guide.
This guide is aimed at experienced system administrators who are capable of connecting to remote systems and using a variety of administration tools.
Although we provide support for our own products, we do not provide support for third party products such as PowerShell or server administration of Lotus Notes or Exchange.
If you are concerned you might have any difficulty completing these steps, please consider a solution with our consulting team, contactable via firstname.lastname@example.org. This will ensure a fast, cost-effective and stress-free implementation.
5.1. Before you start
The following table contains a list of target mail migration prerequisites. You will only need the items associated with your chosen target. The sections below the table only need to be followed if they relate to your target. After the table, we provide steps to set up each prerequisite.
|Target: Office 365
Office 365 account with
|Used for impersonation to access mailboxes. This doesn’t have to be the tenant’s admin account. However, it must be an admin account if you wish to migrate permissions. The account must be able to bypass SSO and authenticate using username/password credentials with the format: email@example.com (with a password set to never expire).||Exchange Admin Center.
We recommend you create an account especially for migration. After migration, simply delete this account.
|Target: Exchange On-Premises
Exchange account and secure port
|Used for impersonation to access mailboxes. This doesn’t have to be the main admin account. However, it must be an admin account if you wish to migrate permissions. The account must be able to bypass SSO and authenticate using username/password credentials (with a password set to never expire). This is not required if self-migration is used. The Cloudiway platform needs to connect to Exchange securely. Use SSL port 443.||Your Exchange server.
We recommend you create an account especially for migration. After migration, simply delete this account.
|Target: G Suite
G Suite service account, API console and Admin console
|Required to enable APIs and to download the G Suite private (p12) key. This can be accessed via your Google Admin account.
The Admin console is where administrators manage Google services for people in an organization.
|Target: Amazon WorkMail
|Used for impersonation to access mailboxes. It can be any user. A migration account is a standard WorkMail user who has been given mailbox permissions for migration (details provided in this section).|| Amazon WorkMail Console.
We recommend you create a migration account especially for migration. After migration, simply delete this account.
5.2. Google Apps — Create and set up a service account
NOTE: Only follow the instructions below if your target is Google Apps.
You can create a project in your Google Apps service account, where you can enable APIs and create a project key. Cloudiway needs this key to open communication with Google Apps.
A message might appear prompting you to create credentials. If it does, you can simply ignore it for now (we’ll create them later).
5.3. Google Apps — Set permissions for the service account
NOTE: Only follow the instructions below if your target is Google Apps.
After you’ve created a service, you can use the Google Admin console to manage the service and its API calls. The following steps show you how to grant access permissions for the service account you created in the previous steps.
NOTE: 1. Each scope must be separated by a comma.
2. Some scopes require slashes (/) at the end and others don’t: please use the above strings.
3. If you add another scope later, existing scopes will be removed: you need to add the whole list at the same time.
5.4 Office 365/Exchange — Set up account with impersonation privileges
NOTE: Only follow the instructions below if your target is Office 365 (including Exchange servers).
An Office 365 account with impersonation can access up to 100 mailboxes concurrently. Therefore, Cloudiway allows you to migrate 100 concurrent users in an Office connector. If you wish to speed up migration, you should set up additional Office 365 target connectors on the Cloudiway platform and associate different accounts with admin access to each one. These can be connected to a single Lotus Notes source connector. If you don’t already have impersonation set up, follow these steps.
5.5. Set up an Exchange On-Premises account via PowerShell
NOTE: Only follow the instructions below if your target is Exchange On-Premises.
If you’re migrating from Exchange On-Premises, you can create a migration account with admin and impersonation permissions using your existing Exchange server interface or using the command line instructions shown in the steps below.
5.6. Set up an Amazon WorkMail account with mailbox permissions
NOTE: Only follow the instructions below if your target is Amazon WorkMail.
Below are the steps to show you how to set up impersonation using the Amazon WorkMail Console. We recommend that you create a user especially for mail migration at both your source and target.
Remember to make sure that all users, groups and resources are created on Amazon WorkMail prior to getting started with the Cloudiway migration platform. Mail migration can only begin if mail has a target inbox to be copied to.
6.1. Before you start
Before you start, you will need to ensure you have the details outlined in the following table.
|Cloudiway login||Stores details and provides communication between the systems you already use.||https://apps.cloudiway.com|
|Knowledge base access||Our extensive knowledge base is always accessible, with videos, troubleshooting tools, samples and more.||https://kb.cloudiway.com|
|A notes.id with access to all mailboxes||This ID will be used with the Cloudiway agent (downloadable in the steps below) to communicate with your Lotus Notes server.||Local PC with Lotus Notes client installed. Make sure your notes.ini file refers to this notes.id. We recommend you create a migration account and use its notes.id, then delete it after migration.|
6.2. Create your Lotus Notes source connector
Very little preparation is required on the Lotus Notes side. Before you start configuring the Cloudiway platform for mail migration, make sure you have:
To facilitate mail migration, the Cloudiway platform needs to be able to communicate with both your source and target domains. To do this, Cloudiway uses connectors, which are configured on apps.cloudiway.com. You will need to set up a connector for each source you wish to migrate and each target that mail should be migrated to.
As already discussed, a small agent must be downloaded for the connector to communicate with your Notes server, and this is also covered in the steps below which show how to configure a Lotus Notes source connector.
You can choose to manually set up your connectors, or you can use the simpler process of the wizard. The steps below will walk you through the manual process.
The source connector has now been set up. Next up is the target connector.
6.3. Create your target connector
With the source connector now configured on the Cloudiway platform, it’s time to create and configure the target connector. Follow the steps below to configure your connector.
Remember that some targets have throttling limitations, as discussed in section 3.
6.4. Office 365 — Create a partial archive from a normal inbox
If you’re migrating to Office 365, you might wish to consider archiving.
Creating a partial archive of emails provides a number of benefits. From a migration perspective, the biggest benefit is reduced bandwidth. End-users who access mail via Outlook have their mailbox locally cached (in .ost file format). After a mail migration, Outlook will download all migrated mailboxes the first time users access their mailboxes. Therefore, if many users are likely to access Outlook at around the same time after migration (for example, if you’ve completed a cutover migration one weekend before staff arrive at 9am Monday morning), your bandwidth might slow down due to a glut of downloads.
This can be avoided by partially migrating data to the online archive. For example, you could choose to migrate all items older than 30 days to a mail archive, which would be performed prior to the final cutover. The data will remain online and accessible from each user’s inbox as an In-Place Archive folder. The most recent 30 days of emails will be migrated and downloaded when each user first logs in, reducing overall bandwidth usage due to smaller mailbox sizes.
Note: you must ensure that In-Place archiving is switched on within your Exchange Admin center – you can bulk-activate using the instructions on TechNet as https://technet.microsoft.com/en-us/library/jj984357.aspx
6.5. Configure the global settings for migration
Now that you have set up at least one source and target connector, you’re ready to configure your global settings. Using the Cloudiway platform, this is simply a matter of selecting what you want to migrate.
By default, the global migration settings are configured to migrate everything but the Trash folder. You can toggle these and change the date and time settings from the Global Settings option on the Cloudiway platform.
Most of the options are self-explanatory. The Convert Email Address option needs further explanation. When activated, this option rewrites email addresses found in the header and replaces source email addresses with their corresponding target email addresses.
For example, if Bob sends an email to his colleague to Chloe from his source address firstname.lastname@example.org to email@example.com and a week later, after migration, firstname.lastname@example.org replies to Bob, the Cloudiway platform has already updated SMTP header in Bob’s original email in her inbox, so her reply will be sent to email@example.com.
For migrations where the only email address change is the domain name (such as Bob’s email address above), the Cloudiway platform uses the domain name defined in the target connector to convert source email addresses.
For migrations where both the domain name and the username change (for example, firstname.lastname@example.org becomes email@example.com), the Cloudiway platform already uses a mapping table to link each user. This mapping table is also used by the Convert Email Addresses option in this situation. Therefore, it’s important that all users exist in the mapping table before migration begins (this guide contains instructions).
Note that users in the mapping table do not require a license until you’re ready to migrate them. Therefore, you can assign the free ‘No license’ option to all your users prior to migration. Having a complete mapping table is also required if you plan to use Cloudiway’s free/busy calendar tool in conjunction with mail migration.
The Convert Email Address option is switched on by default (and is best left on). Make sure your user list is up to date to benefit from this functionality.
X.500 address migration
For X.500 email addresses (typically used in Exchange), SMTP email address translation can be enabled or disabled. However, X.500 email conversion is automatic between Exchange and Office 365 servers. During the migration of a mail, if an X.500 address is found, it is automatically converted to the SMTP address.
6.6. Import or create your users
There are two ways to add users that you wish to migrate. These include:
Regardless, each user will need to be assigned a license type — Trial (limited to 100 MB), Education, Standard, Archive, or No License (used for adding users to your mapping table regardless of migration plans). Shared mailboxes should also be added as standard users and assigned a license.
6.6.1 Option 1: CSV import
If you have a CSV file of all your users, you can upload the file to Cloudiway. The file must have the following fields in the header row:
Note that many browsers limit CSV file uploads to 5000 lines, so files larger than that should be split up and uploaded separately. Data already uploaded will not be overwritten, so you can upload as many files as required.
The BatchName field can be left blank. If required, you can use this field to name different batches so they can be run in a certain order. A sample CSV file is available for download during the steps outlined below.
6.6.2. Option 2: Single user creation details
Many of our first-time customers create a single user for testing purposes. This provides a means of watching the migration process without affecting all users. Single users can also be created for migrations affecting just a few users.
6.7. Add a list of any shared mailboxes
Shared mailboxes can be migrated from Lotus Notes to any target that supports shared mailboxes. As well as adding them as standard users and assigning them a standard mail license on the Cloudiway platform, you must also create a CSV file that tells Cloudiway where to find the shared mail files.
The CSV file must contain a header row with the following data:
The steps below cover explain this procedure in more detail.
6.8. Activate and monitor your migration
Now that you have performed all the pre-migration steps within your tenants and within Cloudiway, you’re ready to migrate. We recommend you run a test migration on a single user first to check that your configuration produces the outcome you expect.
To start your migration, select the users or batch you wish to migrate and click on the Start button. Your batch will be scheduled and will begin as soon as resources are available. By default, a hundred migrations can be run concurrently per connector.
The Cloudiway migration platform supports delta passes and that migrations are therefore incremental; every time you restart the migration of a mailbox, only items that haven’t already been copied to the target will be migrated. The platform does not duplicate items in the target.
7.1. Link calendar meeting entries
This task runs on all mailboxes defined in the user list, and tries to link meeting entries for owners and attendees. When completed, attendees and owners can send and receive updates on appointments.
NOTE: Remember, you can always check progress on the Mail Migration Dashboard
7.2. Migrate existing archive mailboxes
Archives can be entirely migrated to inboxes at any target as well as to the In-Place Archives folder within an Office 365 inbox (or a mix of inbox and In-Place Archives folder).
Before archive migration can be configured on the Cloudiway platform, you must ensure all archives are stored on your Domino server. The default path is archive\archivename.nsf but you can specify other server paths in a CSV file containing the list of archives. This list is needed by the Cloudiway platform to locate al archives due for migration.
The CSV file must contain a header row with the following data:
Users with more than one archive will be listed multiple times. Some examples could therefore be:
One other small configuration tweak is needed in the configuration.xml file that you downloaded earlier so that the archives are included in mail migration.
The steps below cover both the configuration change and the CSV file details needed to perform any mail archive migrations from Domino.
Once you’ve completed the steps, please contact Cloudiway who will complete the configuration and confirm when everything is ready for you to begin migration.
Cloudiway provides an extensive knowledge base with many resources, including common error messages, video guides and downloads.
Please visit the entire knowledge base here (where you can search for keywords or read through topics): https://kb.cloudiway.com/
The knowledge base also contains information on how you can ask for further support, should you require it.