Configuring Exchange 2010 Hybrid
This document assumes that you already have a tenant on Microsoft online services, synchronized to your on-premises Active Directory forest and Exchange autodiscover / Outlook Anywhere up and running.
In addition, you need to check the following concepts available:
Compatible Exchange organization
On-premises Exchange organization must be Exchange 2003 or higher and there must be at least one Exchange 2010 or superior installed.
All Exchange servers must be running the latest version. Including service pack, rollup update, cumulative update, etc.
Verify Exchange 2010 prerequisites
Every domain you intend to use with Exchange Online must be registered using the Office 365 Administrative portal, or by optionally configuring Active Directory Federation Services (AD FS) in your on-premises organization.
Learn more at: Add your domain to Office 365
Active Directory synchronization
Active Directory synchronization working correctly and regularly is pre-requisite for Exchange Hybrid. You must ensure no synchronization errors affect Exchange objects and the Hybrid checkbox is selected on your synchronization engine.
Client Access and Hub Transport servers
You need at least one Exchange 2010 SP3 Client Access and Hub Transport servers in your on-premises organization. If you're configuring a hybrid deployment for an Exchange 2003 on-premises organization, you must also install the Mailbox Server role on at least one Exchange 2010 SP3 server added for the hybrid deployment. Consider using additional server for high availability.
Verify Internal and external URLs
For more information, click here.
Get-EcpVirtualDirectory | FL InternalURL, ExternalURL
Get-OabVirtualDirectory | FL InternalURL, ExternalURL
Get-OwaVirtualDirectory | FL InternalURL, ExternalURL
Get-WebServicesVirtualDirectory | FL InternalURL, ExternalURL
Get-ClientAccessServer | FL AutoDiscoverServiceInternalUri
Get-OutlookAnywhere | FL Server, ExternalHostname
Note: In this scenario we are using split DNS, so the external and internal URLs will be the same.
You can run the steps 2 and 3 again to verify the changes.
Here a sample of the seven commands to change all internal and external URLs
Set-ActiveSyncVirtualDirectory "SRV306\Microsoft-Server-ActiveSync (Default Web Site)" -InternalUrl https://mail.contoso.net/Microsoft-Server-ActiveSync -ExternalUrl https://mail.contoso.net/Microsoft-Server-ActiveSync
Set-ClientAccessServer SRV306 -AutoDiscoverServiceInternalUri https://mail.contoso.net/Autodiscover/Autodiscover.xml
Set-OutlookAnywhere -Identity "SRV306\Rpc (Default Web Site)" -ExternalHostname mail.contoso.net
Important: Restart your server after these changes
Autodiscover DNS records
For more information, click here.
Important: To validate the functionality, access this site Remote connectivity analyzer and test Outlook Autodiscover option. The test should complete successfully for the hybrid configuration to work.
Configure hybrid deployments with Exchange 2010
- Log on with a user account that has Organization Admin privileges on Exchange
- Open the Internet Explorer and access the url https://aka.ms/HybridWizard
- Wait for it to launch the application
- Click Install
- Click Run
- When the wizard starts, click next.
- After the wizard detects the best Exchange server, click next.
- Enter your Office 365 administrative credentials and click next.
- Click next after the wizard concludes the necessary validations.
- Click enable in order to allow calendar sharing tween users.
Note: the TXT record provided here will need to be added to your external DNS for each domain for ownership verification. If the DNS record is not created properly, the wizard will fail.
- Create a TXT record on your external DNS for each of the domains listed on the wizard with the exact text presented. Make sure you give it enough time to replicate across all of your DNS servers before moving to the next step.
- Check the box next to "I have created a TXT record for each token in DNS"
- Click verify domain ownership
- Click next.
- Select the Hub Transport servers that will handle the mail flow between Exchange Online e Exchange On-premises and click next.
Enter the public IP addresses of the transport servers and click next. Use comma to separate the items if you have more than one public IP address.
Important: These are the external/public IP address.
- Select the certificate that will be used to encrypt and authenticate the mail flow and click next.
- Enter the fully qualified domain name of the transport servers that will handle the mail flow from Exchange Online to Exchange on-premises end click next.
- Click update to start configuring the hybrid coexistence.
If the configuration finishes correctly, click close
Note: If the configuration fails, wait for five minutes and retry. This wizard performs a series of configurations both on-premises and online. Sometimes it takes some time for a specific configuration to become effective, casing the failure.
After three consecutive failed attempts, consider asking for support.