Forum Discussion

Keith Caines's avatar
Keith Caines
Copper Contributor
Jan 09, 2018

Remove On Premises exchange Hybrid and go fully Online

Hello,   I currently have a scenario where there is a Hybrid Exchange environment with 1 server. All my mailboxes have been migrated online.   I would like to completely remove dependency on ...
exchange
hybrid
On-Premises
Prashant Divakaran's avatar
Prashant Divakaran
Brass Contributor
Jun 04, 2018

Hi Keith,

 

Been through the comments in your thread and reminded me of my previous project where the customer stated to go fully online after moving the last mailbox to the cloud since they were using a hosted mailbox solution and had to continue paying if they wanted the hybrid to remain.

 

We did the following

1. Remove the hybrid relationship between the hosted exchange and the Office 365

2. Change DNS records to fully go O365 based ( autodiscover, SPF, DKIM, MX )

3. Update the  AAD connect to only use the the current primary AD Forest for sync.

 

The customer's team had no issues in updating required attributes using AD. But Microsoft FastTrack came back stating that if we do the O365 with only an AAD Connect in place and no exchange server then it puts us in an Un-Supported platform when you call Microsoft for any help.


What they suggested is that you need to have Exchange installed atleast to make sure that your Schema supports the right attributes and that the exchange server should be used to provision the mail enabled accounts so that the right attributes are synced to the cloud.

 

I do have an email from FTC, but unfortunately cannot share it in public as the information contains customer sensitive information in it.

 

To end the story with that customer, we ended up installing a minimal exchange server and back to hybrid configuration to make sure that the configuration is still supported.

 

Not sure what you would gain by removing that exchange server unless its a high dependency on some resources, costs etc, i would suggest to leave the hybrid ON. It can also be used as an email relay within the organization. You can trim down the hardware and give just the bare necessary requirements in it.

 

Hope my previous situation and its outcome helps you.


Regards,

Prashant

Carlos Viscarra's avatar
Carlos Viscarra
Copper Contributor
Nov 01, 2018

Hi Prashant.

 

In the scenario you described and concluded by asking "Not sure what you would gain by removing that exchange server" I would like to in turn ask what do you gain or lose by removing that server?

 

We want to remove as much of our On-Prem as possible and my task is to decommission our On-Prem Exchange altogether and rely solely on the cloud. 

 

Thanks,

Carlos

  • Spiros Karampinis's avatar
    Spiros Karampinis
    Brass Contributor
    Nov 09, 2018

    Hello Carlos,

     

    it is pretty clear at the moment that maintaining one last Exchange server just for management purposes is the supported way to go when you like to synchronize your active directory users and their attributes to Azure AD. 

     

    Sure many guys are going to say that you can use ADSI, third-party tools or even nothing to manage your Exchange users in Office 365 BUT the question is, is it really bothering you to keep a last virtual machine with 2 CPUs and 4 GB RAM to be in a supported scenario for your business critical application like mailing ? It will be also more comfortable for your exchange administrators or even just system administrators to manage your exchange objects, even those are in the cloud, Office 365, or on-premises like function mailboxes. Keep in mind that for that purpose the Microsoft provides an Exchange hybrid key to license your on-premises Exchange server. That on-premises server could also be used as SMTP server for on-premises devices like FAX or printers or even on-premises applications that need an SMTP server to send e-mails, think about your NAS System, your firewall etc. 

     

    If on the other hand, you would like to go FULL Cloud there is also an option for "small" companies called Microsoft 365 Business. With that license you can join your devices to Azure AD, your mailboxes are hosted in the cloud, you don't have to synchronize anything and you can manage your computers and devices through Microsoft Intune. Almost no server at all on-premises, but again, it depends on your environment, the use case and what are you trying to achieve. 

     

    If you don't mind to provide me few more information around your environment, even in a personal message, and I would be glad to share with you my experience and talk about what were the best options for your environment. 

     

    Kind regards

    Spiros

    • Dominik Wagner's avatar
      Dominik Wagner
      Copper Contributor
      Nov 15, 2018

      I'm in the last steps of our migration from on-premise Exchange Server 2016 to Office 365.

       

      I am honestly very surprised that demoting your on-prem Exchange server after moving all content to the cloud is an unsupported scenario.

      For me at least, reducing our on-premise Windows and Exchange server footprint was one of the major reasons for migrating to the cloud in the first place.

       

      Keeping a resource hog and patch management nightmare like Exchange server around in order to manage my cloud email accounts seems to defeat the entire purpose of moving to the cloud in the first place.

       

      I'll go the unsupported path, decommission the on-prem Exchange and simply manage my user accounts using the attribute editor from Active Directory Users and Computers.

       

      The handful of instances where I had to rely on Microsoft's paid support were really not worth the bother, so nothing ventured, nothing gained, I guess? 

      • CublaInc's avatar
        CublaInc
        Copper Contributor
        May 03, 2019

        Dominik Wagner I agree completely with the idea that moving to the cloud and decommissioning the on-premise Exchange server regardless of whether or not Azure AD sync is enabled or being used should be a supported scenario. I mean my lord MS has done nothing but shove moving to the cloud down our throats so why not create a scenario where we can succumb to this methodology once and for all and get rid of our on-premise servers completely? Makes no sense. I think, in the future, we will see this very thing they're just ignoring the obvious for now as they figure it out. Also, for the record, I like Azure AD sync for one reason and one reason only: single sign-on for our users with their new O365 licenses and applications for all their devices. We setup Azure AD sync immediately and then start buying subscriptions and pushing out the applications to the users. We can say "use your normal email address and password to activate" and the users can manage this without a support ticket being created. This is the REAL benefit of Azure AD sync. Sure, all my clients have on-premise Exchange currently and I'm trying to figure out the best method for upgrading to the cloud and all of this seems WAYYY to f****** complicated for what should be a simple process. They want the recurring monthly revenue model, yet still make it a pain in the a** to migrate!

         

        I have several Exchange servers in Hybrid configuration and I now believe this was a mistake. I should have simply created the cloud account(s), added the subscriptions, created the mailboxes and configured their Outlooks (after updating DNS records). Then I could just import their PST files. I did this exact scenario last week for a two user client and it worked perfectly. So for a 25 user or less client this is the method I would choose moving forward. However, now I have several Exchange servers that I'm scared to death to uninstall the Hybrid Config or decommission because I followed (blindly) the MS migration instructions and did as they said. STUPID and I should have known better. My way worked much better and faster. I guess I could manually cleanup Azure AD and delete all the accounts and start completely over with the clients I've already setup under Hybrid after removing Azure AD Connect and Hybrid Exchange, but seriously?? Has anybody tried to back out of this configuration yet and just start over? Something tells me THAT is definitely not supported. ha!  

  • Prashant Divakaran's avatar
    Prashant Divakaran
    Brass Contributor
    Nov 08, 2018

    Hi Carlos,

     

    Like you have mentioned, the only gain is to have 1 / 2 less server (s) to manage.

     

    Downsides : - have seen them happen with customers

    1. When we remove the server, then the SD or L1 guys who were used to provisioning mailbox/remote-mailbox or mail user with the exchange console will have to resort to manually populating the attributes (ADSIEDIT), which can be bothersome and some SD agents who are really beginners may not be comfortable doing that.

     

    2. have had a detailed email from the FTC (fast track center) {we had planned and executed this for one customer like that} that removing the last server may be technically feasible, but MS PSS does not support when a customer has removed the last exchange server in hybrid and they "informed" in the email that to be supported by MS PSS we would have to re-install the hybrid server again.

     

    Personally, if you ask me i would retain 1 single machine (which these days can be a high end laptop/desktop) to be in supported model rather than have nasty surprises when calling MS when you are in deep trouble with EMAIL system for something else.

     

    Regards,

    Prashant D

    • Pete Harrison's avatar
      Pete Harrison
      Copper Contributor
      Nov 08, 2018

      I have found this thread very interesting. We are in a situation where our on prem server is so old it's no longer supported. Therefore, we've been looking at decommissioning it. So we're partly not supported anyway!

       

      Regards 

      Pete

Resources