Forum Discussion

Azuriste01's avatar
Azuriste01
Copper Contributor
Jul 19, 2019
Solved

Best Practices to administer hybrid exchange 2016

Hello ,

 

we use an Exchange administrator synced from AD to manage  botj Local Exchange and Exchange Online .our security teams push us to use a cloud account to manager exchange online and not with synced one .

i'm thinking is there a task that needs a Local Exchange Administer and Exchange Online to be with the same account ,Like migrate mailbox from onpremise to office 365 .is there another common tasks must be used with the same account for example? because i'm not hot for this idea from our security teams

 

Regards

exchange
migration
office 365
  • Brian Reid's avatar
    Brian Reid
    Jul 21, 2019
    Your permissions determine what the account can do. There are no real common tasks though. If your mailboxes are all in the cloud and you are in hybrid mode for AD then you create remote mailboxes on premises and set all AD related settings on premises and in the cloud set all the license, MFA etc. You don't tend to do the same thing in both places even if it's the same account synced for admin or different accounts

5 Replies

  • Brian Reid's avatar
    Brian Reid
    MVP
    Jul 20, 2019
    You can use two separate accounts. They don't need to be the same. The migration uses an account built into the migration endpoint setup, so you don't need an on premises on to move mailboxes, but better is an on premises one that can make new-remotemailbox objects
    • Azuriste01's avatar
      Azuriste01
      Copper Contributor
      Jul 21, 2019

      Brian Reid  thanks . do you know is there any common tasks that can be used with same accoun in onpremise and in o365 ?

       

      Regrds

      • Brian Reid's avatar
        Brian Reid
        MVP
        Jul 21, 2019
        Your permissions determine what the account can do. There are no real common tasks though. If your mailboxes are all in the cloud and you are in hybrid mode for AD then you create remote mailboxes on premises and set all AD related settings on premises and in the cloud set all the license, MFA etc. You don't tend to do the same thing in both places even if it's the same account synced for admin or different accounts
  • Ste_Prescott's avatar
    Ste_Prescott
    Copper Contributor
    Jul 19, 2019

    Azuriste01

     

    Hi, the best way i do this is by using my domain account that has global admin rights on the admin center and making sure that this account is in the Organization Management group in active directory. this way you can run a migration from on-premise to office 365 exchange 

    hope this helps you, Ste

     

  • Rnishat0786's avatar
    Rnishat0786
    Iron Contributor
    Jul 19, 2019

    Azuriste01 

     

    So you mean that you have admin access to only Exchange Online not on Exchange On Prem..?

     

    If yes, you definitely need an Admin account to manage Exchange On Prem & Online mailboxes....

     

    As you wont be able to do much with an account that is Exchange online only... 

     

    Thanks

     

    Ronie Nishad

    Sr Consultant

Resources