This article describes the various kinds of mailbox permissions that can be granted and how those permissions are granted in Microsoft Exchange Online and in Microsoft Outlook in Microsoft Office 365 dedicated/ITAR. There are several kinds of mailbox permissions that can be granted. Each permission is administered separately. Get the essential productivity tools that just keep getting better with Microsoft 365. Exchange Online is a hosted solution that you can get by itself or with a Microsoft 365 subscription. Exchange Server 2019 is an on-premises solution. See plans & pricing.
This full step-by-step guide is available as a PDF. Please click here to download!
If you are planning an Exchange to Office 365 migration, then it can be quite confusing to understand the steps you need to take and in which order.
In this article, we’ll walk through the steps and decisions you need to take when migrating to Exchange Online. In part one we’ll consider the two most important first steps – deciding upon a migration approach and performing the core steps for identity. In part two, we’ll perform the Exchange Hybrid configuration and perform the migration of Mailboxes.
And, although we’re going to cover a lot of information in a short amount of time, you’ll find detailed guidance linked throughout.
Preparing your Exchange to Office 365 Migration
Before you begin a migration, it’s important to make sure that the source environment you are migrating from is in a good state.
If the Exchange environment you are running today isn’t healthy, then often that can serve as the motivator to move. After all, what can be an easier solution to bad day-to-day Exchange performance than moving to Office 365?
Unfortunately if you are experiencing day-to-day issues with Exchange, such as user issues accessing Exchange remotely, error messages and slow access times to mailboxes – or worse, database corruption – then moving to Office 365 will most likely be another source of trouble; not just for people accessing the environment you are trying to migrate from, but also when migrating as it’s likely you’ll experience failures along the way.
Your first step before beginning a migration should be to ensure that the environment is reasonably error free and correct any underlying issues prior to migration.
Read More: Patching your Exchange Environment
Hybrid migration or tool-based migration?
If you are thinking about moving your Exchange environment to Office 365 then you’re probably aware there are many options available.
From Microsoft, you have options for a Staged Migration and a Cutover Migration as well as a Hybrid Migration, and from third-party vendors a large number of different tools on the market for email archive migrations.
In general, if you have a version of Exchange Server that’s supported by Microsoft (Exchange Server 2010 and above) and it is part of your Active Directory then your default option should be an Exchange Hybrid Migration.
An Exchange Hybrid is based on either minimal or full Exchange Hybrid and creates a relationship between your on-premises Exchange servers and Exchange Online. This allows native mailbox moves, similar to between on-premises Exchange servers, with Outlook clients natively switching over without even needing to re-download offline copies of email. With full Hybrid, this also extends to secure mail flow between the two environments and co-existence functionality like free/busy and calendar sharing.
Azure AD
Azure AD Connect complements Exchange Hybrid, and you should expect to use Hybrid if you plan to synchronize your identity to the cloud. Azure AD Connect synchronizes your local Active Directory domain to Office 365, creating a copy of local AD accounts in Azure Active Directory that link back to the master copies. Azure AD Connect is also the part of the puzzle that maintains a consistent Global Address List between on-premises and the cloud.
Because AD and Azure AD Connect understand when there’s an existing Exchange organization in place, existing mailboxes on-premises won’t have mailboxes created in Office 365. You’ll be expected to use Exchange Hybrid to move mailboxes.
With a tool-based migration, the same rules do not apply. A fully Microsoft-supported Exchange Hybrid migration provides an excellent experience. However, especially in multi-forest environments it can be complex to set up correctly, hosted environments often do not allow for Azure AD Connect or Exchange Hybrid to be configured; and if you have legacy versions of Exchange it can involve installing additional servers running Exchange 2010 or higher which include the Hybrid components. Therefore, there are valid uses for a bespoke tool to migrate email to Office 365 – but in this article, we’ll assume you’ve made the decision to use Exchange Hybrid.
Read More: Methods for migrating to Office 365
Understanding pre-requisites and dependencies
Once you’ve decided that migrating to Office 365 using Exchange Hybrid is suitable for your organization, and you have a healthy environment to migrate, then you need to ensure you’ve completed necessary planning activities.
Many organizations who begin this journey will at this point ensure they have a design in place to support the changes that will take place. However, as you aren’t designing Office 365 or Exchange Online and instead designing the bridge to Office 365 then the design is often not as detailed as a full Exchange migration.
Instead, you are focusing on the changes necessary to your existing environment to make sure it is ready for the changes. In this article, we won’t cover this, but it’s worth remembering that most organizations, large and small, don’t just head into the unknown without making plans first.
The key pre-requisite for migrating to Exchange is ensuring the correct identity model is in place, first. There is a variety of options available when choosing an identity, but the most common scenario will be to utilize Azure AD Connect with synchronized identities and password hash sync.
Prior to this, we’ll perform a number of key tasks.
First, we’ll ensure that we’ve added all of our custom domains to our Office 365 tenant. These will need to match the email domains we use on-premises:
<Portal Domain
To add a new domain, choose <Path> and Add Domain. You’ll need to follow the steps, and verify each domain using a TXT record, similar to the one shown below:
Use your DNS provider’s control panel to add the corresponding TXT record to each domain, then continue the verification process.
Once you reach the point to add additional DNS records, it’s important you choose to Skip adding records such as Autodiscover or MX record changes.
This is crucial because at this point in the process your email is still looked after by on-premises systems, and you do not want to redirect clients to Office 365. The Hybrid relationship we create will manage this for us, later on.
We’ll sign-in to Office 365 using a login ID in the same format as an email address. In an Exchange Hybrid relationship, we expect this to match the Active Directory UserPrincipalName for each user. However, in many organizations, the login IDs are not in a format that will be suitable
| On-Premises Login ID | On-Premises UserPrincipalName | Primary SMTP address | Resulting Office 365 Login ID |
| CONTOSOusername | username@contoso.local | username@contoso.com | username@contoso.onmicrosoft.com |
In the above example, the issue is with the UserPrincipalName (UPN) suffix – the contoso.local part that typically matches the full AD Forest Name. To resolve this, we’ll add a UPN suffix to match our email domains registered with Office 365 in Active Directory Domains and Trusts:
We’ll then update the UserPrincipalName value for each user using Active Directory users and computers (or, ideally, PowerShell) to match the email address:
In most cases, this will not cause any user issues with sign-in, as nearly all organizations still expect users to login with the Pre-Windows 2000 / CONTOSOusername format. However, you should always validate this before making changes. After making these changes, the formats for login IDs will be similar to below:
| On-Premises Login ID | On-Premises UserPrincipalName | Primary SMTP address | Resulting Office 365 Login ID |
| CONTOSOusername | username@contoso.com | username@contoso.com | username@contoso.com |
We’ll also run the Microsoft IDFix tool against the domain. This step will highlight other issues within your Active Directory relevant to the domain sync. IDFix identifies errors, such as invalid email addresses (known as Proxy Addresses), invalid characters in usernames and other data and common issues, like using an invalid UPN suffix.
Use the list of issues identified by ID to make the corrections recommended, then install Azure AD Connect. In the example below, we’ve chosen Use Express Settings:
Office 365 Exchange Email
We’ll then follow the wizard steps to connect both as a global administrator to our Azure AD/Office 365 tenant, and to our local Active Directory. You’ll remember above though we added an additional UPN suffix to our local AD due to it not being a valid domain to use with Office 365. This will be highlighted during the installation wizard, however, because we’ve dealt with this it will be safe to continue:
Office 365
Because we chose the Express Settings the wizard has pre-selected that we’ll use Password hash synchronisation. Our final choice is to ensure that an Exchange Hybrid Deployment is selected before beginning the install. This will ensure Azure AD Connect writes-back Exchange-related attributes to our local AD:
Once initial synchronization completes, you should be able to access the Microsoft 365 Admin Center and navigate to Users>Active Users and see synchronized accounts. You’ll see your AD users with a Sync Type of Synced with Active Directory:
Further Reading:
Other areas you’ll need to consider
In addition, before you migrate mailboxes to Office 365, you need to consider other pre-requisites. Key areas you need to consider include:
Legacy Archiving
If you currently use a solution like Veritas Enterprise Vault for archiving or journaling email then this configuration will not work as-is with Office 365. Instead, the most common approach is to move archives to Exchange Online after migrating mailboxes.
In this scenario, stubs (or shortcuts, to use the EV term) will be re-hydrated with the original archive messages; or moved to archive mailboxes in Exchange Online. Quadrotech’s Archive Shuttle can handle this task and works well with an Exchange Hybrid migration.
Outlook clients
You’ll need to run a supported version of Outlook when connecting to Office 365. The following versions of Outlook are supported:
- Office 365 ProPlus
- Outlook 2019
- Outlook 2016
- Outlook 2013
Ideally, use the newest version (Office 365 ProPlus) that you have available. Outlook 2013, 2016 and 2019 will work with Office 365. If you are running Outlook 2010 today, then this can work with Exchange Online but for security reasons you will most likely want to block the protocols it uses.
Mobile devices
If you use Microsoft ActiveSync today to connect to Exchange on-premises, then you can allow mobile devices to continue to use this protocol when connecting to Exchange Online. Expect though in all but the most unusual circumstances to need to reconfigure ActiveSync devices to work with Exchange Online.
Instead, consider deploying the new Outlook mobile client to devices. If you choose to move to Microsoft Intune, then you can also use Intune to deploy and configure the new Outlook client. This supports additionally functionality to ActiveSync including the ability to schedule Teams meetings directly from the client, and new functionality like Focused Inbox. From a security perspective it can ensure that you have control over data, such as attachment downloads.
Internet Publishing
The way you publish Exchange Server to the internet is important for a Hybrid deployment. This used to be crucial for all implementations, however, the new Hybrid Agent means that we can avoid many of the more complex areas for Exchange firewall and SSL certificate configuration for simple deployments.
There are a number of areas you must consider though:
- Autodiscover – In a Hybrid environment the Autodiscover service on-premises will be used by both on-premises mailboxes and Exchange Online mailboxes in Office 365. If you are moving to a model where users can access their mailboxes anywhere, then you will need to publish Autodiscover externally.
- Mail Flow – The Hybrid Agent removes the need to publish Exchange over HTTPS for mailbox moves and free/busy access. However, we’ll still need to allow mail flow between on-premises and Exchange Online. This requires TCP/25 connectivity both to and from Exchange Online Protection.
- Outbound access from Exchange servers to Exchange Online. Although the Hybrid Agent will allow access from Exchange Online to on-premises servers, your servers will still need to connect outbound for both the Hybrid Agent itself, and for requests such as free/busy.
- Client Access to Office 365. You’ll also need to ensure that all Office 365 clients like Outlook can access the service. Ideally this will be direct connection (instead of via a proxy server) accessing Office 365 by the fewest number of hops to the closest Microsoft Point of Presence. Use the Office 365 Network Onboarding Tool as a standing point.
In our example Exchange Organization, we’ve got a valid, third-party SSL certificate configured for Exchange Server for both our SMTP namespace (smtp.exchangelabs.co.uk) and HTTPS (autodiscover.exchangelabs.co.uk and outlook.exchangelabs.co.uk). We’ve allowed direct connectivity outbound on HTTPS to the required Office 365 and Exchange Online IP address ranges and SMTP connectivity to and from Exchange Online Protection.
Summary
In part one, we’ve selected the migration method to use for migration to Exchange Online, focusing on a Hybrid migration. We’ve then performed the core pre-requisite step for Exchange Hybrid – synchronizing Active Directory using Azure AD Connect. Finally, we’ve examined other areas, such as archiving, clients and connectivity.
In part two, we’ll implement Exchange Hybrid and perform mailbox moves.
Alternatively, you can download the full step-by-step guide here.
The purpose of using Exchange Server and Office 365 in small and medium sized businesses to manage their documents, files access of applications, communication. Although, they contrast each other on the basis of their costs, limitations, certain features and conditions.
But the actual issue is to choose right cloud service for the business, in this article we will compare the features and the difference between Exchange Server and office 365.
Microsoft Office 365 offers cloud based services to all types of business from very small to medium level and for large businesses. It makes enable businesses to save their time, money and also free up the resources. Office 365 cloud service offers services such as Microsoft Exchange Online , Office Online, Skype. User can connect and access these services with the mere availability of network.
There is different office 365 Plan are available, organization can subscribe the best suited plan for them. The office 365 service is available for Businesses, Education and for Government organization. Users can download their data from O365 Cloud using Office 365 Backup Software in Microsoft Outlook Data File (PST) format.
However, In Microsoft hosted Exchange service server site is provided in rent. Exchange Server is only a mail server and calendaring server. Even user can get Exchange server as a part of an Office 365 plan. when user deploy Exchange account, email messages are delivered and saved in Exchange Server mailbox. It enables businesses to take benefits of Exchange server by eliminating all expanses spend on management and maintenance of hardware and software.
Exchange Server and Office 365
As we have seen little intro about Microsoft Exchange Server and Office 365, so lets proceed to have a look for the difference between both.
- Office 365 provides larger space then hosted Exchange a generous. Office 365 offers 50GB mailbox size per user which is usually very larger than any hosting providers. In addition, if user subscribe the Office365 Plan 2 or E3 package, user will get an unlimited email archive.
- Admin can set the size limit on email mailbox of Hosted Exchange. However this size limitation can be raised when needed.
- When talking about security certifications, office 365 offers more security certificates as compares to Hosted Exchange service.
- In a Hosted Exchange more security features can be added after paying cost
- With Hosted Exchange, users have the information about the location of their data, where data has been stored. Whereas, in Office 365 it’s get difficult for user to know the exact location of stored data.
Hosted Exchange Server
Multiple version choice
User can run Hosted Exchange on it’s any version. user can can stay on the desired version as long as they want. However, there exist a end-of-life dead which is a one point, where provider will be forced to phase it out. In addition If the users will choose the older the version, the higher the costs they needs to pay.
Email Service
Exchange server mainly provides email services and it offers unlimited mailbox size whether user wants to access it with Outlook, webmail or with both. User can subscribe from different packages which includes services like Hosted Lync (Skype for Business),Email Encryption, Archiving Hosted SharePoint, Online Backup, and more.
Migration Assistance
Exchange server provider may not charge anything for migration. With the assistance of provider, one can make smooth transition to a newer environment.
Office 365 Over Exchange
Runs On Latest Version
Office 365 bring new features and enhancements with every new release. Office 365 always runs on it’s latest version.
Free to Upgrade
User no need to pay extra charge other then monthly subscription fees. The automatic upgrade of software takes place itself in the system.
Available with lots of Apps
There are many applications available in office 365 service other then emails. Office 365 offers collaborative platform which includes applications such as Office suit, Project Server, Yammer, Skype, Sway, etc.
Conclusion
As we have discussed about Exchange Server and Office 365 in this article. Therefore according to that if we take look on both the cloud service, Office 365 emerges as better option as it offers multiple number of applications and features with auto maintenance a. However, for deploying cloud service only for mailing purpose , hosted Exchange service is a better option that user can opt.