question

Takumi-5549 avatar image
0 Votes"
Takumi-5549 asked lucafora answered

Exchange cutover migration will work with AAD connect sync user?

This Exchange cutover migration step works with synced Azure AD connect user?
https://docs.microsoft.com/en-us/exchange/mailbox-migration/cutover-migration-to-office-365#step-3-create-the-cutover-migration-batch

Now, customer uses local domain(aa.local) internally and uses another domain(aa.com) as email in Exchange server.
So, I plan to add mail attribute(user@aa.com) to each user.
And then, use email attribute as Azure AD user name when I sync user.



my estimated step
1. add email attribute to ad user
2. build AD connect server and sync user (365 username will be mail address(aa.com)
3. user Exchange cutover step and sync mail box to Azure AD connect synced user

Does this work well?

office-exchange-server-administrationazure-ad-connect
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

3 Answers

michev avatar image
1 Vote"
michev answered michev commented

No, this will not work. Generally speaking, dirsync is not supported for Cutover migration. The reason being, Cutover provisions accounts differently. As in, Cutover uses its own provisioning mechanisms and if an account already exists, it will throw an error. Also, the provisioning is based on a different attribute (mail/WindowsEmailAddress), compared to what dirsync uses, and can again cause troubles.

The "correct" way to do this is preform the cutover first, and only enable dirsync after the migration has been completed.

· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Takumi-5549 avatar image Takumi-5549 ·

Thank you for your answer.
Let me confirm some points.
1. dirsync means same as Azure AD connect?
2. the dirsync can detect existing user (created by cutover step) and use them as sync user?

0 Votes 0 ·
michev avatar image michev Takumi-5549 ·

1) Yes, same as AAD Connect
2) Yes, you can "match" existing users as detailed for example here: https://support.microsoft.com/en-us/topic/how-to-use-smtp-matching-to-match-on-premises-user-accounts-to-office-365-user-accounts-for-directory-synchronization-75673b94-e1b8-8a9e-c413-ee5a2a1a6a78

0 Votes 0 ·
joyceshen-MSFT avatar image
0 Votes"
joyceshen-MSFT answered

Hi @Takumi-5549

Agree with the suggestions above from michev, Azure AD Connect is the successor to DirSync and Azure AD Sync. It combines all scenarios these two supported.

And cutover migration doesn’t need AAD connect. After cutover migration, the on-premise organization is separated from Exchange Online, you could uninstall Exchange on-premise server this moment. Then prepare AD and use SMTP match to do directory synchronization via AAD connect. Here is a related link for your reference as well: Decommissioning Exchange Server with Azure sync In Place
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

lucafora avatar image
0 Votes"
lucafora answered

@michev @joyceshen-MSFT

Hi,
one question regarding the cutover: once the cutover has been completed and AAD Synch enabled and soft-matching has "fused" the relevant users, is it possible to somehow manage the Exchange Online attributes solely online without the On Prem server by additional attribute filtering or does the presence of AD Synch completely exclude this possibility? I know the official answer is no as you need an on prem Exc Server just for this, but I am wondering this due to the following reasoning.

For ex. if one never has installed Exchange On Prem and has O365 mailboxes and subsequently decides to enable AD Synch for management ease (password synch for ex.) and soft match the accounts, why would one not be able to administer the maibox properties solely online? It appears that the moment one implements any kind of AD synch the on Prem AD is in charge, even if there are no specific Exchange attributes present in the on prem AD schema.
So is it possible prior to the first AD Synch to implement specific attribute filters that will allow the administration of mailbox properties (such as additional SMTP addresses) through Exc online or does the AD Sync "enabling" exclude this completely?

Thanks!

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.