混合組態精靈Hybrid Configuration wizard

本主題為您提供 Exchange 混合式部署組態程序、可用的混合式部署功能和選項,以及執行設定和更新混合式部署所需核心動作之「混合組態引擎」的概觀。This topic gives you an overview of the Exchange hybrid deployment configuration process, hybrid deployment features and options available to you, and the Hybrid Configuration Engine, which executes the core actions necessary for both configuring and updating a hybrid deployment.

如需混合式部署的相關資訊,請參閱Exchange Server 混合部署For more information about hybrid deployments, check out Exchange Server Hybrid Deployments.

混合組態程序Hybrid configuration process

以下是混合組態精靈程序的簡要概觀。首先,此精靈會在您的內部部署 Active Directory 中建立 HybridConfiguration 物件。這個 Active Directory 物件會儲存混合式部署的混合組態資訊,並透過混合組態精靈進行更新。接著,此精靈會收集現有的內部部署 Exchange 和 Active Directory 拓撲組態資料、Office 365 租用戶和 Exchange Online 組態資料,定義數個組織參數,然後同時在內部部署和 Exchange Online 組織中執行一系列組態工作。Here's a quick overview of the Hybrid Configuration wizard process. First, the wizard creates the HybridConfiguration object in your on-premises Active Directory. This Active Directory object stores the hybrid configuration information for the hybrid deployment and is updated by the Hybrid Configuration wizard. Next, the wizard gathers existing on-premises Exchange and Active Directory topology configuration data, Office 365 tenant and Exchange Online configuration data, defines several organization parameters, and then runs an extensive sequence of configuration tasks in both the on-premises and Exchange Online organizations.

重要

使用混合組態精靈之前,有幾個重要的考量事項和先決條件需要先完成。您需要符合 混合部署必要條件 中所述的混合式部署需求。然後,您就可以使用混合組態精靈針對混合式部署設定 Exchange 組織。There are several important considerations and prerequisites that you need to complete before you use the Hybrid Configuration wizard. You need to meet the requirements for hybrid deployments outlined in Hybrid deployment prerequisites. Then you'll be ready to use the Hybrid Configuration wizard to configure your Exchange organization for the hybrid deployment.

混合式部署組態程序的一般階段包括:The general phases of the hybrid deployment configuration process are:

  1. 驗證必要條件並執行拓撲檢查 混合組態精靈會驗證您的內部部署和 Exchange Online 組織是否可支援混合式部署。此精靈在內部部署和 Exchange Online 組織中驗證及檢查的一些項目包括:Verifying prerequisites and performing topology checks The Hybrid Configuration wizard verifies that your on-premises and Exchange Online organizations can support a hybrid deployment. Some of the items that the wizard verifies and checks in the on-premises and Exchange Online organizations are:

    • 內部部署 Exchange Server 版本On-premises Exchange server versions

    • Exchange Online 版本Exchange Online version

    • Active Directory 同步處理目前狀態和組態Active Directory synchronization presence and configuration

    • 同盟和公認的網域Federated and accepted domains

    • 現有的同盟信任和組織關係Existing federation trust and organization relationships

    • Web 服務虛擬目錄Web Services virtual directories

    • Exchange 憑證Exchange certificates

  2. 測試帳戶認證 指定的內部部署和 Office 365 混合管理帳戶會存取內部部署和 Exchange Online 組織,以收集必要條件驗證資訊並進行組織參數組態的變更來啟用混合式部署功能。混合組態精靈會檢查該帳戶是否具有適當的認證,以及是否可連接到內部部署和 Exchange Online 組織。內部部署和 Office 365 組織的混合式部署管理帳戶必須是組織管理角色群組的成員,混合組態精靈才能順利完成這些工作。Testing account credentials Designated on-premises and Office 365 hybrid management accounts access the on-premises and Exchange Online organizations to gather prerequisite verification information and to make organization parameter configuration changes to enable hybrid deployment functionality. The Hybrid Configuration wizard checks that the accounts have the appropriate credentials and can connect to the on-premises and Exchange Online organizations. The hybrid deployment management accounts for both the on-premises and Office 365 organizations need to be members of the Organization Management role group for the Hybrid Configuration wizard to complete these tasks successfully.

  3. 進行混合式部署組態變更 測試混合管理帳戶、進行驗證和拓撲檢查,以及收集您在精靈程序中定義的組態資訊之後,混合組態精靈會進行組態變更以建立和啟用混合式部署。混合組態的所有變更都會自動記錄在混合組態記錄檔中。依預設,混合組態記錄檔位於內部部署信箱伺服器上的 %UserProfile%\AppData\Roaming\Microsoft\Exchange Hybrid ConfigurationMaking hybrid deployment configuration changes After testing the hybrid management accounts, conducting the verification and topology checks, and gathering configuration information that you defined in the wizard process, the Hybrid Configuration wizard makes the configuration changes to create and enable the hybrid deployment. All changes to the hybrid configuration are automatically logged in the hybrid configuration log. By default, the hybrid configuration log is located on the on-premises Mailbox server at %UserProfile%\AppData\Roaming\Microsoft\Exchange Hybrid Configuration.

    重要

    輸入郵件流程是由組織的 MX 記錄所控制。混合式部署的內送網際網路電子郵件不是由混合組態精靈所設定。Inbound mail flow is controlled by your organization's MX record. Inbound Internet email for a hybrid deployment isn't configured by the Hybrid Configuration wizard.

混合組態功能Hybrid configuration features

混合組態精靈預設會在每次執行時,自動啟用所有混合式部署功能。如果您要停用特定的混合組態功能,則需要使用 Exchange 管理命令介面 和 Set-HybridConfiguration Cmdlet。依預設,精靈會啟用下列混合式部署功能:The Hybrid Configuration wizard automatically enables all hybrid deployment features by default each time it runs. If you want to disable specific hybrid configuration features, you need to use the Exchange Management Shell and the Set-HybridConfiguration cmdlet. The following hybrid deployment features are enabled by default by the wizard:

  • 空閒/忙碌資訊共用 空閒/忙碌資訊共用功能可讓行事曆資訊在內部部署和 Exchange Online 組織使用者之間共用。空閒/忙碌資訊共用會在進行內部部署和 Exchange Online 組織的同盟共用和組織關聯性組態設定時啟用。若要深入了解,請參閱 Understanding Federated DelegationFree/busy sharing The free/busy sharing feature enables calendar information to be shared between on-premises and Exchange Online organization users. Free/busy sharing is enabled as part of the federated sharing and organization relationship configuration for the on-premises and Exchange Online organizations. Learn more at Understanding Federated Delegation.

  • 郵件提示 郵件提示是使用者在撰寫郵件時,對使用者顯示的資訊性訊息。藉由在混合式部署中啟用郵件提示,內部部署和 Exchange Online 寄件者即可調整他們正在撰寫的郵件,以避免組織間出現不希望發生的狀況或未傳遞回報 (NDR)。若要深入了解,請參閱 MailTipsMailTips MailTips are informative messages displayed to users while they're composing a message. By enabling MailTips in the hybrid deployment, on-premises and Exchange Online senders can adjust messages they're composing to avoid undesirable situations or non-delivery reports (NDRs) between the organizations. Learn more at MailTips.

  • 線上封存 線上封存可讓 Exchange Online 組織為內部部署及 Exchange Online 使用者兩者主控使用者的電子郵件封存。若要深入瞭解,請參閱 設定 Exchange Online 封存Online archiving Online archiving enables the Exchange Online organization to host user email archives for both on-premises and Exchange Online users. Learn more at Configure Exchange Online Archiving.

  • 網頁型 Outlook 重新導向網頁型 Outlook 重新導向提供單一的通用 URL,可存取內部部署信箱和 Exchange Online 信箱。Client Access Server 會自動將 網頁型 Outlook 要求重新導向至內部部署信箱伺服器,或為 Exchange Onine 組織的使用者提供其信箱的連結。Outlook on the web redirection Outlook on the web redirection provides a single, common URL to access both on-premises and Exchange Online mailboxes. Client Access servers automatically redirect Outlook on the web requests to on-premises mailbox servers or provides a link to users for their mailbox in the Exchange Onine organization.

  • Exchange ActiveSync 重新導向 當您將信箱從您的內部部署 Exchange 組織移至 Exchange Online 時,所有存取信箱的用戶端都必須更新為使用 Exchange Online;其中包括 Exchange ActiveSync 裝置。大部分的 Exchange ActiveSync 用戶端即將在信箱移至 Exchange Online 時自動重新設定。如需詳細資訊,請參閱 Exchange ActiveSync 裝置設定與 Exchange 混合式部署Exchange ActiveSync redirection When you move a mailbox from your on-premises Exchange organization to Exchange Online, all of the clients that access the mailbox need to be updated to use Exchange Online; this includes Exchange ActiveSync devices. Most Exchange ActiveSync clients will now be automatically reconfigured when the mailbox is moved to Exchange Online. For more information, see Exchange ActiveSync device settings with Exchange hybrid deployments.

  • 安全郵件 安全郵件可透過傳輸層安全性 (TLS) 通訊協定,在內部部署和 Exchange Onine 組織之間啟用安全郵件傳遞。內部部署和 Exchange Onine 組織會透過數位憑證主體和電子郵件標頭進行相互驗證,而 RTF 郵件格式則在各組織間予以保留。Secure mail Secure mail enables secure message delivery between the on-premises and Exchange Online organization via Transport Layer Security (TLS) protocol. The on-premises and Exchange Online organizations are mutually authenticated through digital certificate subjects and email headers and rich-text message formatting are preserved across the organizations.

混合組態選項Hybrid configuration options

混合組態精靈可讓您選取混合式部署中多個範圍的特定選項。如果您要在初次設定混合式部署之後更新特定混合組態選項,可以使用混合組態精靈或 Exchange 管理命令介面 選取不同的組態選項。The Hybrid Configuration wizard allows you to select specific options in several areas for the hybrid deployment. If you want to update specific hybrid configuration options after initially configuring your hybrid deployment, you can use either the Hybrid Configuration wizard or the Exchange Management Shell to select different configuration options.

下表概述混合組態精靈修改及設定的主要選項。The table below outlines the main options that the Hybrid Configuration wizard modifies and configures.

組態範圍Configuration area 描述Description
網域Domains 此精靈會為混合式郵件流程將公認的網域加入到內部部署組織,並為雲端組織新增自動探索要求。此網域稱為「共存網域」,會當做次要 Proxy 網域新增到任何具有混合組態精靈中所選取網域之 PrimarySmtpAddress 範本的電子郵件地址原則。依預設,此網域為 <domain>.mail.onmicrosoft.com。 您可以在 Exchange Online 上的 Exchange 管理命令介面 中執行下列指令來檢視公認的網域。```Get-AcceptedDomainThe wizard adds an accepted domain to the on-premises organization for hybrid mail flow and Autodiscover requests for the cloud organization. This domain, referred to as the coexistence domain, is added as a secondary proxy domain to any email address policies which have PrimarySmtpAddress templates for domains selected in the Hybrid Configuration wizard. By default, this domain is <domain>.mail.onmicrosoft.com. You can view the accepted domain by running the following command in the Exchange Management Shell in Exchange Online.```Get-AcceptedDomain
安全郵件憑證Secure mail certificate 此精靈會要求您選取協力廠商憑證授權單位 (CA) 發行的特定憑證,用來驗證內部部署和 Exchange Online 組織之間傳送的安全電子郵件。The wizard requires you to select a specific certificate issued by a third-party Certificate Authority (CA) that's used to authenticate and secure email messages sent between the on-premises and Exchange Online organizations.
Exchange 同盟共用Exchange federated sharing 此精靈會檢查與內部部署組織的 Azure Active Directory 驗證系統之間,是否存在現有的 OAuth 驗證關係或同盟信任。如果存在,則會使用現有的 OAuth 驗證或同盟信任來支援混合式部署。如果不存在,此精靈會設定 OAuth 驗證或建立內部部署組織與 Azure AD 驗證系統的同盟信任,視內部部署 Exchange 組態的類型而定。此精靈也會視需要將混合組態精靈中選取的任何網域加入至同盟信任。除了 OAuth 驗證或同盟信任組態之外,此精靈還會為內部部署和 Exchange Online 組織建立和設定組織關聯性。這些組織關聯性可讓精靈啟用多個混合式部署功能,包括空閒/忙碌資訊共用、網頁型 Outlook 重新導向及郵件提示。The wizard checks to see if there is an existing OAuth authentication relationship or a federation trust with the Azure Active Directory authentication system for the on-premises organization. If present, existing OAuth authentication or the federation trust is used to support the hybrid deployment. If not present, the wizard configures OAuth authentication or creates a federation trust for the on-premises organization with the Azure AD authentication system, depending on the type of on-premises Exchange configuration. The wizard also adds any domains selected within the Hybrid Configuration wizard to the federation trust if needed.In addition to the OAuth authentication or federation trust configuration, the wizard also creates and configures organizational relationships for both the on-premises and Exchange Online organizations. These organization relationships allow the wizard to enable several hybrid deployment features, including free/busy sharing, Outlook on the web redirection, and MailTips.
郵件流程Mail flow 此精靈可讓您選取及設定欲使用哪些 Exchange 伺服器來處理內部部署和 Exchange Online 組織之間的安全郵件傳輸。在 Exchange 2010 中,此為 Hub Transport server。在 Exchange 2013 中,此為 Client Access server。在 Exchange 2016 及更新版本中,此為信箱伺服器。此精靈可設定您的內部部署 Exchange 及 Exchange Online 組織以進行混合郵件路由。透過在內部部署組織中設定新的和現有的傳送和接收連接器,以及在 Exchange Online 中設定輸入和輸出連接器後,此精靈便可讓您選擇要將從 Exchange Online 組織傳遞到網際網路的輸出郵件直接傳送給外部郵件收件者,或是要透過包含在混合式部署中的內部部署 Exchange 伺服器進行路由。> [!IMPORTANT]> 輸入郵件流程是由組織的 MX 記錄所控制。混合式部署的內送網際網路電子郵件不是由混合組態精靈所設定。The wizard allows you to select and configure which Exchange servers to handle secure mail transport between the on-premises and Exchange Online organizations. In Exchange 2010, this is Hub Transport server. In Exchange 2013, this is a Client Access server. In Exchange 2016 and newer, this is a Mailbox server.The wizard configures your on-premises Exchange and Exchange Online organization for hybrid mail routing. By configuring new and existing Send and Receive connectors in the on-premises organization and Inbound and Outbound connectors in Exchange Online, the wizard allows you to choose whether outbound messages delivered to the Internet from the Exchange Online organization will be sent directly to external mail recipients or routed through your on-premises Exchange servers included in the hybrid deployment.> [!IMPORTANT]> Inbound mail flow is controlled by your organization's MX record. Inbound Internet email for a hybrid deployment isn't configured by the Hybrid Configuration wizard.

混合組態引擎Hybrid Configuration Engine

「 混合組態引擎會執行時所需的設定及更新混合部署的核心動作。負責處理Update-HybridConfiguration指令程式動作,「 混合組態引擎會比較_HybridConfiguration_ Active Directory 物件目前的內部 Exchange 與 Exchange Online 組態設定的狀態並加上 then執行工作以符合_HybridConfiguration_ Active Directory 物件中所定義的參數之部署組態設定。如果目前的內部部署 Exchange 與 Exchange Online 部署設定狀態已符合_HybridConfiguration_ Active Directory 物件中所定義的設定,「 混合組態引擎會有任何變更為內部部署或 Exchange Online 組織。The Hybrid Configuration Engine runs the core actions necessary for configuring and updating a hybrid deployment. Responsible for processing the Update-HybridConfiguration cmdlet actions, the Hybrid Configuration Engine compares the state of the HybridConfiguration Active Directory object with current on-premises Exchange and Exchange Online configuration settings and then runs tasks to match the deployment configuration settings to the parameters defined in the HybridConfiguration Active Directory object. If the current on-premises Exchange and Exchange Online deployment configuration states already match the settings defined in the HybridConfiguration Active Directory object, no changes are made by the Hybrid Configuration Engine to either the on-premises or Exchange Online organizations.

更新現有的混合式部署時,「混合組態引擎」會執行下列步驟:When updating an existing hybrid deployment, the Hybrid Configuration Engine performs the following steps:

  1. Update-HybridConfiguration Cmdlet 會觸發「混合組態引擎」使其啟動。The Update-HybridConfiguration cmdlet triggers the Hybrid Configuration Engine to start.

  2. 「 混合組態引擎 」 會讀取所需的狀態 」 儲存於HybridConfigurationActive Directory 物件。The Hybrid Configuration Engine reads the "desired state" stored on the HybridConfiguration Active Directory object.

  3. 「混合組態引擎」會探索內部部署 Exchange 組織的拓撲資料和目前的組態。The Hybrid Configuration Engine discovers topology data and current configuration from the on-premises Exchange organization.

  4. 「混合組態引擎」會探索 Exchange Online 組織的拓撲資料和目前的組態。The Hybrid Configuration Engine discovers topology data and current configuration from the Exchange Online organization.

  5. 根據需要的狀態、拓撲資料和目前的組態,「混合組態引擎」會在內部部署 Exchange 和 Exchange Online 組織間建立「差異」,然後執行組態工作以建立需要的狀態。Based on the desired state, topology data, and current configuration, the Hybrid Configuration Engine establishes the "difference" between the on-premises Exchange and Exchange Online organizations and then executes configuration tasks to establish the desired state.

下圖概略說明在混合式部署程序進行期間,「混合組態引擎」擷取及修改內部部署 Exchange 伺服器和 Exchange Online 組態設定的方法。The following figure shows a summary of how the Hybrid Configuration Engine retrieves and modifies on-premises Exchange server and Exchange Online configuration settings during the hybrid deployment process.

混合式組態引擎流程