“混合配置”向导Hybrid Configuration wizard

本主题为您提供了 Exchange 混合部署配置过程、 混合部署功能对您可用选项和混合配置引擎,这将执行核心操作所必需的同时配置和更新的概述混合部署。This topic gives you an overview of the Exchange hybrid deployment configuration process, hybrid deployment features and options available to you, and the Hybrid Configuration Engine, which executes the core actions necessary for both configuring and updating a hybrid deployment.

有关混合部署的详细信息,请查看Exchange Server 混合部署For more information about hybrid deployments, check out Exchange Server Hybrid Deployments.

混合配置过程Hybrid configuration process

下面是混合配置向导过程中的快速概述。首先,向导将在您的本地 Active Directory 中创建HybridConfiguration对象。此 Active Directory 对象存储在混合部署的混合配置信息,并更新混合配置向导。接下来,向导收集现有内部部署 Exchange 和 Active Directory 拓扑配置数据,Office 365 租户和 Exchange Online 配置数据、 定义几个组织参数,然后运行大量的配置的序列在本地和 Exchange Online 组织中的任务。Here's a quick overview of the Hybrid Configuration wizard process. First, the wizard creates the HybridConfiguration object in your on-premises Active Directory. This Active Directory object stores the hybrid configuration information for the hybrid deployment and is updated by the Hybrid Configuration wizard. Next, the wizard gathers existing on-premises Exchange and Active Directory topology configuration data, Office 365 tenant and Exchange Online configuration data, defines several organization parameters, and then runs an extensive sequence of configuration tasks in both the on-premises and Exchange Online organizations.

重要

有一些重要注意事项和系统必备组件,需要完成之前使用混合配置向导。您需要满足混合部署先决条件中概述的混合部署的要求。然后,您可以随时使用混合配置向导来配置混合部署 Exchange 组织。There are several important considerations and prerequisites that you need to complete before you use the Hybrid Configuration wizard. You need to meet the requirements for hybrid deployments outlined in Hybrid deployment prerequisites. Then you'll be ready to use the Hybrid Configuration wizard to configure your Exchange organization for the hybrid deployment.

混合部署配置过程的一般阶段是:The general phases of the hybrid deployment configuration process are:

  1. 验证先决条件和性能更优拓扑检查混合配置向导将验证您的本地和 Exchange Online 组织可支持混合部署。下面是一些向导验证,并检查在本地和 Exchange Online 组织中的项目:Verifying prerequisites and performing topology checks The Hybrid Configuration wizard verifies that your on-premises and Exchange Online organizations can support a hybrid deployment. Some of the items that the wizard verifies and checks in the on-premises and Exchange Online organizations are:

    • 内部部署 Exchange 服务器版本On-premises Exchange server versions

    • Exchange Online 版本Exchange Online version

    • Active Directory 同步状态和配置Active Directory synchronization presence and configuration

    • 联盟与接受域Federated and accepted domains

    • 现有联合身份验证信任和组织的关系Existing federation trust and organization relationships

    • Web 服务虚拟目录Web Services virtual directories

    • Exchange 证书Exchange certificates

  2. 测试帐户凭据指定在本地和 Office 365 的混合管理帐户访问内部部署组织与 Exchange Online 组织收集必备验证信息并进行参数配置更改,以启用混合部署的组织功能。检查混合配置向导的帐户具有适当的凭据,并且可以连接到内部部署和 Exchange Online 组织。在本地和 Office 365 组织的混合部署管理帐户需要混合配置向导成功完成这些任务的 Organization Management 角色组的成员。Testing account credentials Designated on-premises and Office 365 hybrid management accounts access the on-premises and Exchange Online organizations to gather prerequisite verification information and to make organization parameter configuration changes to enable hybrid deployment functionality. The Hybrid Configuration wizard checks that the accounts have the appropriate credentials and can connect to the on-premises and Exchange Online organizations. The hybrid deployment management accounts for both the on-premises and Office 365 organizations need to be members of the Organization Management role group for the Hybrid Configuration wizard to complete these tasks successfully.

  3. 进行混合部署配置更改检查举行的验证和拓扑测试的混合管理帐户,并收集向导过程中定义的配置信息,混合配置向导将配置更改,来创建和启用后混合部署中。对混合配置的所有更改自动都登录混合配置日志。默认情况下,混合配置日志位于在内部部署邮箱服务器上%UserProfile%\AppData\Roaming\Microsoft\Exchange Hybrid ConfigurationMaking hybrid deployment configuration changes After testing the hybrid management accounts, conducting the verification and topology checks, and gathering configuration information that you defined in the wizard process, the Hybrid Configuration wizard makes the configuration changes to create and enable the hybrid deployment. All changes to the hybrid configuration are automatically logged in the hybrid configuration log. By default, the hybrid configuration log is located on the on-premises Mailbox server at %UserProfile%\AppData\Roaming\Microsoft\Exchange Hybrid Configuration.

    重要

    入站邮件流控制通过组织的 MX 记录。为混合部署的入站的 Internet 电子邮件不是由混合配置向导配置。Inbound mail flow is controlled by your organization's MX record. Inbound Internet email for a hybrid deployment isn't configured by the Hybrid Configuration wizard.

混合配置功能Hybrid configuration features

“混合配置”向导每次运行时,在默认情况下会自动启用所有混合部署功能。如果想要禁用某个特定混合配置功能,需要使用 Exchange 命令行管理程序与 Set-HybridConfiguration cmdlet。默认情况下,该向导会启用以下混合部署功能:The Hybrid Configuration wizard automatically enables all hybrid deployment features by default each time it runs. If you want to disable specific hybrid configuration features, you need to use the Exchange Management Shell and the Set-HybridConfiguration cmdlet. The following hybrid deployment features are enabled by default by the wizard:

  • 忙/闲共享忙/闲共享功能启用要在本地和 Exchange Online 组织用户之间共享的日历信息。作为一部分的联合的共享和组织的内部部署和 Exchange Online 组织的关系配置启用忙/闲共享。有关详细信息Understanding Federated DelegationFree/busy sharing The free/busy sharing feature enables calendar information to be shared between on-premises and Exchange Online organization users. Free/busy sharing is enabled as part of the federated sharing and organization relationship configuration for the on-premises and Exchange Online organizations. Learn more at Understanding Federated Delegation.

  • 邮件提示邮件提示是其所撰写邮件时向用户显示的信息性消息。通过在混合部署中启用邮件提示,在本地和 Exchange Online 的发件人可以调整其所撰写的组织之间以避免意外情况或未送达报告 (Ndr) 的邮件。有关详细信息的邮件提示MailTips MailTips are informative messages displayed to users while they're composing a message. By enabling MailTips in the hybrid deployment, on-premises and Exchange Online senders can adjust messages they're composing to avoid undesirable situations or non-delivery reports (NDRs) between the organizations. Learn more at MailTips.

  • 在线归档联机存档启用主机用户电子邮件到 Exchange Online 组织的内部部署和 Exchange Online 用户的存档。有关详细信息配置 Exchange Online ArchivingOnline archiving Online archiving enables the Exchange Online organization to host user email archives for both on-premises and Exchange Online users. Learn more at Configure Exchange Online Archiving.

  • 在 web 重定向的 outlook在 web 重定向 outlook 提供了单一的公共 URL 以访问本地和 Exchange Online 邮箱。客户端访问服务器自动将 Outlook web 请求重定向到内部部署邮箱服务器,或为其邮箱 Exchange Onine 组织中向用户提供一个链接。Outlook on the web redirection Outlook on the web redirection provides a single, common URL to access both on-premises and Exchange Online mailboxes. Client Access servers automatically redirect Outlook on the web requests to on-premises mailbox servers or provides a link to users for their mailbox in the Exchange Onine organization.

  • Exchange ActiveSync 重定向从本地邮箱移动时 Exchange 组织到 Exchange Online,所有客户端的访问邮箱需要更新用于 Exchange Online;这包括 Exchange ActiveSync 设备。大多数 Exchange ActiveSync 客户端将立即自动重新配置当邮箱移至 Exchange Online。有关详细信息,请参阅Exchange 混合部署的 Exchange ActiveSync 设备设置Exchange ActiveSync redirection When you move a mailbox from your on-premises Exchange organization to Exchange Online, all of the clients that access the mailbox need to be updated to use Exchange Online; this includes Exchange ActiveSync devices. Most Exchange ActiveSync clients will now be automatically reconfigured when the mailbox is moved to Exchange Online. For more information, see Exchange ActiveSync device settings with Exchange hybrid deployments.

  • 安全邮件安全邮件启用内部部署组织与通过传输层安全性 (TLS) 协议的 Exchange Online 组织之间的安全邮件传递。在本地和 Exchange Online 组织进行相互身份验证通过数字证书使用者和电子邮件标头和跨组织保留格式文本消息格式。Secure mail Secure mail enables secure message delivery between the on-premises and Exchange Online organization via Transport Layer Security (TLS) protocol. The on-premises and Exchange Online organizations are mutually authenticated through digital certificate subjects and email headers and rich-text message formatting are preserved across the organizations.

混合配置选项Hybrid configuration options

“混合配置”向导允许选择某些方面的特定选项进行混合部署。如果混合部署完成最初配置之后,想要更新特定的混合配置选项,可以使用“混合配置”向导或 Exchange 命令行管理程序选择不同的配置选项。The Hybrid Configuration wizard allows you to select specific options in several areas for the hybrid deployment. If you want to update specific hybrid configuration options after initially configuring your hybrid deployment, you can use either the Hybrid Configuration wizard or the Exchange Management Shell to select different configuration options.

下表概括了“混合配置”向导修改和配置的主要选项。The table below outlines the main options that the Hybrid Configuration wizard modifies and configures.

配置方面Configuration area 说明Description
Domains 向导将接受的域添加到内部部署组织的混合邮件流和云组织的自动发现请求。此域,称为共存域作为辅助代理域添加到任何电子邮件地址策略具有_PrimarySmtpAddress_该模板的混合配置向导中选择的域。默认情况下,此域是<域>。 mail.onmicrosoft.com。您可以通过在的 Exchange Management Shell 中运行以下命令来查看接受的域 ' Get-accepteddomain Exchange Online。The wizard adds an accepted domain to the on-premises organization for hybrid mail flow and Autodiscover requests for the cloud organization. This domain, referred to as the coexistence domain, is added as a secondary proxy domain to any email address policies which have PrimarySmtpAddress templates for domains selected in the Hybrid Configuration wizard. By default, this domain is <domain>.mail.onmicrosoft.com. You can view the accepted domain by running the following command in the Exchange Management Shell in Exchange Online.```Get-AcceptedDomain
安全邮件证书Secure mail certificate 向导要求选择由第三方证书颁发机构 (CA) 颁发的特定证书。该机构负责验证和确保在内部部署与 Exchange Online 组织之间发送的邮件是安全的。The wizard requires you to select a specific certificate issued by a third-party Certificate Authority (CA) that's used to authenticate and secure email messages sent between the on-premises and Exchange Online organizations.
Exchange 联合共享Exchange federated sharing 该向导检查存在的现有 OAuth 身份验证关系或与内部部署组织的 Azure Active Directory 身份验证系统之间的联合身份验证信任。如果存在此参数,使用现有的 OAuth 身份验证或联合身份验证信任以支持混合部署。如果不存在,该向导配置 OAuth 身份验证,或创建内部部署组织的联合身份验证信任 Azure AD 身份验证系统,具体取决于内部部署 Exchange 配置的类型。向导还将添加到联合信任的混合配置向导中选择,如果需要的任何域。除了 OAuth 身份验证或联合身份验证信任配置,该向导还创建并配置为在本地和 Exchange Online 组织的组织关系。这些组织关系允许向导以启用几个混合部署功能,包括忙/闲共享上的 web 重定向,Outlook 和邮件提示。The wizard checks to see if there is an existing OAuth authentication relationship or a federation trust with the Azure Active Directory authentication system for the on-premises organization. If present, existing OAuth authentication or the federation trust is used to support the hybrid deployment. If not present, the wizard configures OAuth authentication or creates a federation trust for the on-premises organization with the Azure AD authentication system, depending on the type of on-premises Exchange configuration. The wizard also adds any domains selected within the Hybrid Configuration wizard to the federation trust if needed.In addition to the OAuth authentication or federation trust configuration, the wizard also creates and configures organizational relationships for both the on-premises and Exchange Online organizations. These organization relationships allow the wizard to enable several hybrid deployment features, including free/busy sharing, Outlook on the web redirection, and MailTips.
邮件流Mail flow 向导允许您选择和配置的 Exchange 服务器处理内部部署组织与 Exchange Online 组织之间的安全邮件传输。在 Exchange 2010 中,这是集线器传输服务器。在 Exchange 2013 中,这是客户端访问服务器。在 Exchange 2016 和更高版本,这是邮箱服务器。此向导将配置内部部署 Exchange 和 Exchange Online 组织的混合邮件路由。通过配置新的和现有发送,向导中的内部部署组织和入站接收连接器和 Exchange Online 中的出站连接器,使您可以选择是否出站邮件传递到 Internet 从 Exchange Online组织将发送给外部邮件收件人的直接或通过本地路由 Exchange 服务器在包含 > [!IMPORTANT]> 入站的邮件流控制通过组织的 MX 记录。 混合部署。为混合部署的入站的 Internet 电子邮件不是由混合配置向导配置。The wizard allows you to select and configure which Exchange servers to handle secure mail transport between the on-premises and Exchange Online organizations. In Exchange 2010, this is Hub Transport server. In Exchange 2013, this is a Client Access server. In Exchange 2016 and newer, this is a Mailbox server.The wizard configures your on-premises Exchange and Exchange Online organization for hybrid mail routing. By configuring new and existing Send and Receive connectors in the on-premises organization and Inbound and Outbound connectors in Exchange Online, the wizard allows you to choose whether outbound messages delivered to the Internet from the Exchange Online organization will be sent directly to external mail recipients or routed through your on-premises Exchange servers included in the hybrid deployment.> [!IMPORTANT]> Inbound mail flow is controlled by your organization's MX record. Inbound Internet email for a hybrid deployment isn't configured by the Hybrid Configuration wizard.

混合配置引擎Hybrid Configuration Engine

混合配置引擎运行所必需的配置和更新混合部署的核心操作。负责处理Update-HybridConfigurationcmdlet 操作,混合配置引擎比较_HybridConfiguration_ Active Directory 对象与当前的内部部署 Exchange 和 Exchange Online 配置设置的状态,然后运行任务,以匹配_HybridConfiguration_ Active Directory 对象中定义的参数的部署配置设置。如果当前在本地 Exchange 和 Exchange Online 部署配置状态已匹配_HybridConfiguration_ Active Directory 对象中定义的设置,不所做的更改混合配置引擎到在本地或 Exchange Online 组织。The Hybrid Configuration Engine runs the core actions necessary for configuring and updating a hybrid deployment. Responsible for processing the Update-HybridConfiguration cmdlet actions, the Hybrid Configuration Engine compares the state of the HybridConfiguration Active Directory object with current on-premises Exchange and Exchange Online configuration settings and then runs tasks to match the deployment configuration settings to the parameters defined in the HybridConfiguration Active Directory object. If the current on-premises Exchange and Exchange Online deployment configuration states already match the settings defined in the HybridConfiguration Active Directory object, no changes are made by the Hybrid Configuration Engine to either the on-premises or Exchange Online organizations.

当更新现有混合部署时,混合配置引擎会执行以下步骤:When updating an existing hybrid deployment, the Hybrid Configuration Engine performs the following steps:

  1. Update-hybridconfiguration cmdlet 触发混合配置引擎启动。The Update-HybridConfiguration cmdlet triggers the Hybrid Configuration Engine to start.

  2. 混合配置引擎读取上存储的"所需的状态" HybridConfiguration Active Directory 对象。The Hybrid Configuration Engine reads the "desired state" stored on the HybridConfiguration Active Directory object.

  3. 混合配置引擎发现拓扑数据和从内部部署 Exchange 组织的当前配置。The Hybrid Configuration Engine discovers topology data and current configuration from the on-premises Exchange organization.

  4. 混合配置引擎发现拓扑数据和 Exchange Online 组织中的当前配置。The Hybrid Configuration Engine discovers topology data and current configuration from the Exchange Online organization.

  5. 根据所需的状态、 拓扑数据和当前配置,混合配置引擎建立在本地 Exchange 和 Exchange Online 组织之间的"差异",然后执行配置任务建立所需的状态。Based on the desired state, topology data, and current configuration, the Hybrid Configuration Engine establishes the "difference" between the on-premises Exchange and Exchange Online organizations and then executes configuration tasks to establish the desired state.

下图显示了混合配置引擎如何检索和修改混合部署过程中的内部部署 Exchange server 和 Exchange Online 配置设置的摘要。The following figure shows a summary of how the Hybrid Configuration Engine retrieves and modifies on-premises Exchange server and Exchange Online configuration settings during the hybrid deployment process.

混合配置引擎流