Forum Discussion

Keith Caines's avatar
Keith Caines
Copper Contributor
Jan 09, 2018

Remove On Premises exchange Hybrid and go fully Online

Hello,   I currently have a scenario where there is a Hybrid Exchange environment with 1 server. All my mailboxes have been migrated online.   I would like to completely remove dependency on ...
exchange
hybrid
On-Premises
adam deltinger's avatar
adam deltinger
MVP
May 07, 2019
Are you keeping your on premises AD?
DBVW_George's avatar
DBVW_George
Copper Contributor
May 08, 2019

adam deltinger 

Yes, we will keep on premises AD.  I would keep Exchange Server on premises except given our size and the new hardware requirements for Exchange 2019, and our upgrade cycle, it's now more cost-effective to move Exchange to the cloud.

  • adam deltinger's avatar
    adam deltinger
    MVP
    May 08, 2019
    Ok! Just do as Said above or do a cut over migration! Keep ad connect for synvinkel users, but keep in mind you Will run in a nån supported mode
    • wroot's avatar
      wroot
      Silver Contributor
      May 08, 2019
      In his first message he mentioned that he doesn't want AD Connect and rather would set passwords manually in Azure AD. But if local AD is left in place (i assume for some legacy apps), then without AD Connect he will have to manage same user twice in local AD and in Azure AD. Same goes with the passwords. I don't think this is feasible to have users to reset passwords themselves (as they would have to do this twice and also understand the difference). So all secrecy management will be in one person's hands. Not ideal, but hey, it's your company :) In that case running a non-supported mode without local Exchange is the least problem. And one can argue (i had a fierce back and forth recently with one allegedly working with MS in the past person, who claimed MS is not really enforcing non-supported policy in any way when investigating cases, but i'm not sure if you can trust someone on the internet claiming something). I have this unsupported version for a few years and Ms never asked me about it or declined support. Granted, we didn't have any critical issues.

      Also, i haven't used cutover migration, so i don't know if it can work this way (without identity sync between local AD and Azure AD), but from i have read about cutover, it must be done quickly all in one run and there can be delays with emails, when staged can be spread to weeks and months and you can move mailboxes in small batches without almost any disruption to users.
      • JeremyTBradshaw's avatar
        JeremyTBradshaw
        Steel Contributor
        May 15, 2019

        This seems like a great discussion to jump into:).. It's a debate that has been around for so long, and that will last forever (until Microsoft release the official answer someday as promised at Ignite 2017).

         

        Most people in the camp of removing the last server like Dominik on this thread, have small environments that they manage either all by themselves or with a small crew who are all quite savvy.

         

        As soon as your environment scales up, the ADSI Edit / Attribute Editor tab, other manual alternatives to EAC/EMC/ECP seem pretty burdensome.  Once you introduce a 3rd party tool, you're pretty much just as bad off as you would be with a single Exchange server, but less all of the benefits (such as Email Address Policies, super EASY SMTP relay server, EAC, super EASY offboard plan ready to go).

         

        Since AAD Connect is not a bother for most, the final Exchange server (with complimentary Hybrid product key) can just go onto the AAD Connect box.  If you wouldn't be using the SMTP relay capabilities, or anything else other than recipient administration, you could spec the server just based on AAD Connect and not even worry about Exchange server performance.

         

        I'm thinking (and this is where I change into speculation mode) Microsoft will introduce a new server role or new installation package for Exchange (or some awesome ClickOnce app like the HCW) that puts in place some kind of middle ground solution that will prevent every new wave of EXO customers from having this last-server-required-?!?! revelation and panicking about having to still keep Exchange alive.

         

        As a final point (so many points have been made in this thread, both good and bad :) ), I think there is no reason to feel any kind of shock that a final server will still be required after migrating all your mailboxes to the cloud.  The truth is that Exchange is a one of kind product that has continuously beat out the competition globally forever (in email land).  It has several unique characteristics, and most of all for this topic, Exchange Online integrates with on-premises AD like nothing else.  It's not Gmail, which has no such on-premises equivalent that over time had to be transformed into a cloud product (while still also being an on-premises product).  The hoops that Microsoft would have had to jump through to get Exchange to where it is.... I think trump the hoop of having to keep a single Exchange server around.