Forum Discussion

Curious_Kevin16's avatar
Curious_Kevin16
Iron Contributor
Apr 20, 2023

Exchange Hybrid Clarifications

I currently have a single Exchange 2016 server and planning to migrate to 365 by deploying an additional Hybrid server. Have a couple of questions with regards to Hybrid deployment and appreciate if ...
2016
exchange online
Exchange Server
hybrid
Dan_Snape's avatar
Dan_Snape
Bronze Contributor
Apr 20, 2023
Is there a reason you want an additional server? The existing server can function as the hybrid server just fine as long as it's had the latest CUs installed and it's patched...this will save a lot of work and compute resources.
A wildcard certificate is fine, and gives you a bit of flexibility in the namespace you use for hybrid connectivity.
  • Curious_Kevin16's avatar
    Curious_Kevin16
    Iron Contributor
    Apr 21, 2023

    Dan_Snape,

    Thanks for your response!.

    A second server (dedicated for Hybrid) Is simply because the current server runs Windows Server 2012. Apparently the minimum supported Windows for Hybrid is 'Windows Server 2012 R2'. I just wanted to stay out of 'In-place upgrade' and a migration to a new server which takes even more effort.

    Wildcard cert - Thanks for that Dan. Happy days then I can easily use the existing cert with no modifications to SANs given it covers the domain entirely.

    Additional Question though - In terms of Autodiscover record, I should be able to leave it as is (continue to point to the current Mailbox server) and let the new server solely act as the Hybrid EndPoint for 365 connectivity, I suppose? should there be any DNS record level modifications o to point to the Hybrid Server in this scenario ?

    Thank you so much again Dan !

    • Andres-Bohren's avatar
      Andres-Bohren
      Steel Contributor
      May 01, 2023

      Curious_Kevin16 

       

      >A second server (dedicated for Hybrid) Is simply because the current server runs Windows Server 2012.

      >Apparently the minimum supported Windows for Hybrid is 'Windows Server 2012 R2'.

      >I just wanted to stay out of 'In-place upgrade' and a migration to a new server which takes even more effort.

       

      On what OS are you running Exchange 2016?

      Supported OS are from 2008 R2 up to Windows Server 2022.

      https://learn.microsoft.com/en-us/exchange/plan-and-deploy/system-requirements?view=exchserver-2016 

      The Problem would most likely be that the OS is running out of Support. The Extended Support for Windows Server 2012 R2 ends in October 2023.

      https://learn.microsoft.com/en-us/lifecycle/products/windows-server-2012-r2 

       

      If you want to upgrade Exchange to a newer OS you will need to install a new Server with Exchange and make a Swing Migration from Exchange 2016 (with old OS) to Exchange 2016 (with new OS).

       

      Don't be confused with  "Hybrid Server" - such a Role does not exist. It's just a Configuration that applies to the whole Exchange Organization and makes sure Mailflow, Free/Busy and EWS Access (for Mailtips and Migration) are configured correctly.

       

      Make sure you run a supported Version of AAD Connect

      https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history 

       

      And also make sure that all Servers have TLS1.2 enabled

       

      Regards

      Andres Bohren

    • Dan_Snape's avatar
      Dan_Snape
      Bronze Contributor
      Apr 27, 2023
      I don't believe there is a server OS requirement for Exchange hybrid, only requirements for the version of Exchange itself https://learn.microsoft.com/en-us/exchange/hybrid-deployment-prerequisites
      You can leave autodiscover pointing at the existing server, however generally it's best practice to have all connectivity going through the server with the latest version of Exchange installed. Exchange online will need a namespace in external DNS to connect to the on-prem hybrid server via https (port 443), and your network needs to be configured to facilitate that. You can create a new namespace specifically for that (ie hybrid.domain.com) or reconfigure something you already have to point to the new hybrid server (you might use webmail.domain.com for OWA already and this can be used by Exchange Online)