Forum Discussion
Remove On Premises exchange Hybrid and go fully Online
Hi Keith,
Been through the comments in your thread and reminded me of my previous project where the customer stated to go fully online after moving the last mailbox to the cloud since they were using a hosted mailbox solution and had to continue paying if they wanted the hybrid to remain.
We did the following
1. Remove the hybrid relationship between the hosted exchange and the Office 365
2. Change DNS records to fully go O365 based ( autodiscover, SPF, DKIM, MX )
3. Update the AAD connect to only use the the current primary AD Forest for sync.
The customer's team had no issues in updating required attributes using AD. But Microsoft FastTrack came back stating that if we do the O365 with only an AAD Connect in place and no exchange server then it puts us in an Un-Supported platform when you call Microsoft for any help.
What they suggested is that you need to have Exchange installed atleast to make sure that your Schema supports the right attributes and that the exchange server should be used to provision the mail enabled accounts so that the right attributes are synced to the cloud.
I do have an email from FTC, but unfortunately cannot share it in public as the information contains customer sensitive information in it.
To end the story with that customer, we ended up installing a minimal exchange server and back to hybrid configuration to make sure that the configuration is still supported.
Not sure what you would gain by removing that exchange server unless its a high dependency on some resources, costs etc, i would suggest to leave the hybrid ON. It can also be used as an email relay within the organization. You can trim down the hardware and give just the bare necessary requirements in it.
Hope my previous situation and its outcome helps you.
Regards,
Prashant
I have a scenario somewhat similar. All mailboxes, DL's, and contacts are in the cloud. I'm using AADSync to sync passwords to Azure AD. All email management is done in the cloud, nothing in on-prem Exchange. What's the need to keep the on-prem Exchange other than Microsoft's "Because I said so"?
Some replies say that it's minimal, but it's more than that. It's an OS license, it's patch management, it's still uses resources, still needs to be backed up. There is still a lot of maintaining there. I want the on-prem gone since it's not being used.
Also, we don't use AD FS and all DNS records, MX, autodiscover, cname, etc, have been pointed to O365.
BrianSmith wrote:I have a scenario somewhat similar. All mailboxes, DL's, and contacts are in the cloud. I'm using AADSync to sync passwords to Azure AD. All email management is done in the cloud, nothing in on-prem Exchange. What's the need to keep the on-prem Exchange other than Microsoft's "Because I said so"?
Some replies say that it's minimal, but it's more than that. It's an OS license, it's patch management, it's still uses resources, still needs to be backed up. There is still a lot of maintaining there. I want the on-prem gone since it's not being used.
Also, we don't use AD FS and all DNS records, MX, autodiscover, cname, etc, have been pointed to O365.
I can only say that, so far, about 2 months into the transition I don't miss the on-premise Exchange server at all.
I've gotten used to simply managing our AD accounts using the attribute editor and syncing everything using AAD.
Of course, I don't know how things might eventually evolve over those next few years..maybe there'll be indeed a server-side change on Microsoft's part which would eventually require an on-premise Exchange server for necessary AD schema additions..but I'll cross that bridge when I come to it.
Like you said, keeping an on-premise Exchange around, even if just for management purposes, is just too much of a hassle and completely negates the primary motivation of moving everything to the cloud in the first place.
I really hope Microsoft corrects their stance on this particular issue, it really is quite bewildering.
Being that I still have an on-prem Exchange server, I have not had the need to edit any attributes. Without the on-prem, what attributes are needing to be edited?
Here is a decent writeup:
https://www.itpromentor.com/dirsync-no-hybrid/
- Basically, it’s for easier attribute creation and management and keep it a supported configuration according to Microsoft
We don't edit any of the attributes. And all management is done in the cloud. All I need AADSync for password sync so I don't have to manage another password system.
I'm trying to grasp why in my environment I still need Exchange outside of Microsoft saying I do. If AADSync handles the password sync to Azure AD, no attributes are modified, and all management is done in the cloud, I see no further use for the on-prem Exchange.
Hello Brian,
I have the same scenario all mailboxes are on office 365 , SMTP relay migrated as well. I am trying to decommission Exchange on-prem in a hybrid mode.
Question I have is
- Can I Just run Powershell on Exchange server to Remove-HybridConfiguration? by doing that will it create any issue to AD objects such as user and groups?
- After running the Remove-HybridConfiguration will my AD sync installed on a Domain controller work? or they have any connection with the Hybrid setup and mess thigs up?
Thanks
Krish
