Forum Discussion
Resource Forest, Account Forest - Exchange Removal questions.
TonyRedmond Thanks again tony. BrianDesmond Paul Cunningham
I worked a little on the issue over the weekend, and setup a new test environment. Exchange 2013, new office 365 tenant. Setup a standard resource forest/account forest. I have been commenting on one of Jaap's posts. my comments all the way at the bottom.
https://jaapwesselius.com/2018/04/25/exchange-resource-forest-and-office-365-part-i/
- I wonder if ADMT might work here?
- How would one install Exchange in the Account forest? (To manage objects, once the Resource Forest is gone).
Since AD connect would be installed in the account forest and then connected to both Environment's Directories for sync purposes, I thought ADMT might do the job, but i just cant be sure. Tomorrow i am going to see if/what i can test.
Brian, Tony Redmond said you may be able to assist. Paul, you have provided valuable insight in the past which is why i suffered you into this. Thanks in advance.
Robert
Robert Bollingerif I follow what you want to do is remove the resource forest, which contains all of the Exchange attributes?
You'll need to copy all of those over to the objects in the account forest so they look like remote mailboxes there, and then you'll probably find it easier to setup a new AAD Connect that only talks to the account forest. There are various ways to copy the attributes over, but using a script is probably easiest. You can setup the new AAD Connect server in staging mode and look at the pending exports to make sure you have everything copied over.
Thanks,
Brian
- Thanks Brian. Yes. That is correct. The customer wants to completely remove the resource forest and the corresponding AD Domain as well.
However one last point to this is the customer also wants to be able to use Exchange in the Account Forest - to manage objects.
in my lab AD connect has been installed in the account forest and connected to the resource forest as well as the account forest (so 2 AD's). Was that the right thing to do? or should i have installed it in the Resource Forest?
Also, why cant i use ADMT to migrate the user accounts over and effectively merge them?
Thanks,
RobertIf you just take the attributes 1:1 from the resource forest to the account forest, you're not going to have what you want. You have (or had) linked mailboxes in the resource forest. You want a plain remote mailbox in the account forest.
ADMT also hasn't been updated in a very, very long time. It may or may not actually work for you regardless of the issue above.
You'll need to put an Exchange server in the account forest for this to work.
BrianDesmond Thanks again.
To be clear for myself on this process, and to make sure i have the order right, with all mailboxes already migrated to office 365, I should do the following:
- Install Exchange in the Account Forest, creating a new exchange org.
- Copy MSExchange Attributes over, I will work to copy the correct ones over as i know not all need to be copied. Account should show as "office 365" mailbox in EAC in the account forest, and should show as "RemoteUserMailbox" when checking in EMS.
- Uninstall Exchange from the Resource Forest
Is that about right? I will of course test everything in my lab, before making any changes on the customers environment, and may reach out to PFE for a design review to be doubly sure.
The customer also needs to migrate all their groups to office 365 as well, however for that i think the correct course of action is to create a script (or find one) that simply creates the groups in the cloud, re-assigns all group memberships and send as, send on behalf of settings, and group security settings.
The group portion would probably need to be done first, I would imagine.
Thanks again!!
Robert