# Office 365 Exchange Migration - Hybrid qrW@-\*5r2$+3BL3Qvm4\*lLS0 Review cutover document to see what applies as it is a more comprehensive list [365 Exchange Cutover Migration](onenote:#Office%20365%20Exchange%20Migration%20-Cutover§ion-id=%7B7E1835FA-F5B5-418D-A722-C4DAE6328A32%7D&page-id=%7BEC3E538F-C263-4F25-AAE3-A683A1339293%7D&end&base-path=X:%5CTier1%5COneNote%5CTech%20Information%5CTech%20Information%5CGeneric%20Tech%5COffice%20365.one) Create 365 domain ID Exchange domains that will be needed Add public domains as routable domains Add public domains to 365 Update SPF & related Create "365sync" group on premise Set as Universal Group Update users with email domain using script [Routable Domain](onenote:#routable%20domain§ion-id=%7B7E1835FA-F5B5-418D-A722-C4DAE6328A32%7D&page-id=%7B2C27DD64-91D2-4FC4-843D-CEB6EB5BF9EA%7D&end&base-path=X:%5CTier1%5COneNote%5CTech%20Information%5CTech%20Information%5CGeneric%20Tech%5COffice%20365.one) Setup sync between on-premise Include option for Hybrid Exchange Include SSO option Setup [SSO](onenote:#SSO§ion-id=%7B7E1835FA-F5B5-418D-A722-C4DAE6328A32%7D&page-id=%7BA3207E2D-B07B-4BED-BF98-32B1F13F473F%7D&end&base-path=X:%5CTier1%5COneNote%5CTech%20Information%5CTech%20Information%5CGeneric%20Tech%5COffice%20365.one) Run on-premise Exch commands to sync permissions between on-premise and cloud Set-OrganizationConfig -ACLableSyncedObjectEnabled $True Create 2 test accounts. One for on-premise testing, the second to migrate to 365 Cloud for testing Add all Exchange related accounts to "365sync" group or accounted for in other ways (duplicated in 365 EOL) Users Shared Mailbox Contacts Distribution groups Dynamic Distribution Groups On-premise need to add external email addresses 365 need to recreate groups and ensure external email addresses are included Set Default domain within 365 Monitor and clear out any sync errors Take documentation for rules, send connectors, receive connectors Update RULES in Exchange Online 365 for: Barracuda: '209.222.80.0/21' or '64.235.144.0/20' Accent Update 365 Security [https://security.microsoft.com/quarantinePolicies](https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Flinks.accentconsulting.com%2F%3Fref%3DgJkAAI9N2HFcUqH8NWsPUi35rJ0Tq4NTAQAAAE51OUEymyamG9k1HW0iHBKjhv6dsgexUfwopmCJVuevyt3zPjXnwqqe70GGgjLG4miEssoZNP12XW_n5s5PKnDIZrtMhUkc_ZlmssVrsk-LvdRIpZYIy0q40Q9YDSe6b_z2SL518rGx7m4xytu8L8IMR5ONuZsWM8K7-Ea0ErFAF5-ri20va8rHQKj8bzyB8z8RuKSmFKpyCvHuE7MUyRmLFQj_KBGf4NC0NnfGc_yR&data=04%7C01%7Ckeith.johnson%40accentconsulting.com%7C86dddc427e774b8416d708d9e19c059d%7Cb3505beedd8d4d90b8856d94317f097c%7C0%7C0%7C637788882528942916%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=hL7L68%2By%2BVossOwK42NEF9kvT0gTo1o1D8o957MKXDI%3D&reserved=0) [https://protection.office.com/antispam](https://protection.office.com/antispam) [https://protection.office.com/antiphishing](https://protection.office.com/antiphishing) Run Hybrid Configuration Wizard - Use correct link for download Run ELAVATED Run from Exchange Shell before wizard to prevent MRP endpoint problems Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -MRSProxyEnabled $false IISRESET Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -MRSProxyEnabled $true IISRESET [https://aka.ms/hybridwizard](https://aka.ms/hybridwizard) Update email address policy Ensure all email address policy have '%domain%.mail.onmicrosoft.com' added Run script to ensure all existing mailboxes that don't follow address policy get that email address [Add\_SMTP\_365\_Proxy\_Email.ps1](onenote:#Add_SMTP_365_Proxy_Email.ps1§ion-id=%7B7E1835FA-F5B5-418D-A722-C4DAE6328A32%7D&page-id=%7B094B2880-C26A-4EA8-B18C-5B86BB63B0E2%7D&end&base-path=X:%5CTier1%5COneNote%5CTech%20Information%5CTech%20Information%5CGeneric%20Tech%5COffice%20365.one) Duplicate related Exchange Rules from on-premise to 365 Update Firewall rules to allow secure connection between on-premise Exchange and MS 365 EOL/ [https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide](https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide) Purge all old Migration jobs Get-MoveRequest | ? {$\_.Status -eq "Completed"} | Remove-MoveRequest Migrate test account to cloud Test mail flow External <-> 365 cloud External <-> on-premise 365 clout <-> on-premise Get full listing of mailboxes Export On-Premise listing to CSV and provide to client with easy instructions on sorting purge/convert/keep Once you get listing back strip down to just email address and header is "EmailAddress" for quick import to 365 Exchange Migrate mailboxes Check licensing Be clear with client about expectations Time Outlook Problems Mobile device setup Outlook RULES Update settings so that "Sent items" go to the correct mailbox for delegated items. Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'SharedMailbox')} | set-mailbox -MessageCopyForSentAsEnabled $True Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox')} | set-mailbox -MessageCopyForSentAsEnabled $True Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'SharedMailbox')} | set-mailbox -MessageCopyForSendOnBehalfEnabled $True Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox')} | set-mailbox -MessageCopyForSendOnBehalfEnabled $True Update mail flow (MX records) Update Autodiscover [Office 365 Exchange Hybrid Migration -Decom](onenote:#Office%20365%20Exchange%20Hybrid%20Migration%20-Decom§ion-id=%7B7E1835FA-F5B5-418D-A722-C4DAE6328A32%7D&page-id=%7B55E0F54B-B606-4BE6-8F6B-8B3251BBDC9B%7D&end&base-path=X:%5CTier1%5COneNote%5CTech%20Information%5CTech%20Information%5CGeneric%20Tech%5COffice%20365.one) Related Documents https://docs.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps https://docs.microsoft.com/en-us/exchange/permissions Related commands AD<->ADD sync Start-ADSyncSyncCycle -PolicyType Delta