Migration to AzureAD

Frequent Contributor

We currently have an On-Premise Exchange Server (2010) and Active Directory. We are wanting to migrate everything to Cloud-First.  Over the past year and a half, we have migrated all of our Exchange Mailboxes to Exchange Online. All of our MX records are EOP and all on-premise services now use EOP for mail routing. So I feel we are ready to pull the plug on the Exchange Server. However, user accounts are still syncing and I know I read that in a hybrid, everything should be created on-premise.  So the next stage was to migrate all of desktop to AzureAD. That process has now been completed. All of our desktops and laptops are now running Windows 10-Oct 2018 (1809), AzureAD and Intune managed.  

 

So I assume we need to transfer the acting authentication over to AzureAD (now making it the primary)?  Removing the dreadful, this account is synced you have to managed it on premise crap.   Then after that, we should be able to shutdown the on premise Exchange server for good and continue migrating the few servers we have either to a local workgroup or to a Azure VM.  


Am I on the right path here? 

 

Thanks. 

2 Replies

So in a nutshell, every scenario involving DirSync requires you to keep at least one Exchange box for management purposes, if you want to stay in "supported" configuration. If the plan is to ditch DirSync altogether and manage objects directly in the cloud, you will have no trouble with this approach and will still be "supported".

 

Make sure you understand the limitations of Azure AD though - it's not a real replacement for AD, there are no OUs for example, no GPOs, etc.

Thanks for the confirmation. Yeah, we are wanting to ditch everything on-premise in favor of the Cloud. Management wants to reduce costs.  

 

We are a small business and while there are definitely limitations with AzureAD (like GPOs) most of what we *need* can be handled through Intune.  There are some things I would like to see and now they are starting to add better support for admin templates, I see a light at the end of that tunnel.  OUs are not as important for our size of a business. Nothing group memberships can not handle.  

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies