SOLVED
Home

Why do we need to keep an Exchange Server on-premises when we move to the cloud?

%3CLINGO-SUB%20id%3D%22lingo-sub-254511%22%20slang%3D%22en-US%22%3EWhy%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-254511%22%20slang%3D%22en-US%22%3EDo%20you%20need%20to%20do%20keep%20an%20Exchange%20Server%20on-premises%20when%20you%20are%20finished%20moving%20your%20mailboxes%20to%20the%20cloud%3F%20The%20answer%20is%20all%20to%20do%20with%20your%20identity%20sync%20options%20and%20therefore%20it%20is%20very%20important%20not%20to%20confuse%20%22Exchange%20Hybrid%22%20with%20%22Hybrid%20Identity.%22%20In%20this%20theater%20session%20we%20look%20at%20the%20impact%20of%20user%20management%20in%20the%20cloud%20when%20you%20are%20syncing%20users%20from%20Active%20Directory%20and%20the%20impact%20that%20has%20on%20your%20Exchange%20deployment.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fmyignite.techcommunity.microsoft.com%2Fsessions%2F66438%3Fsource%3DTechCommunity%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3ECheck%20this%20session%20out%20in%20the%20Ignite%20Session%20Catalogue%3C%2FA%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-254511%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ETHR2145%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-275207%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-275207%22%20slang%3D%22en-US%22%3ESo%20in%20both%20cases%20you%20strictly%20do%20not%20need%20an%20Exchange%20Server%20on-premises%20for%20management%20purposes%20(SMTP%20relay%20is%20a%20different%20issue%2C%20but%20you%20could%20use%20any%20SMTP%20service%20for%20anonymous%20relay%2C%20but%20Exchange%20will%20give%20authenticated%20relay).%3CBR%20%2F%3E%3CBR%20%2F%3EFor%20management%20purposes%20though%20there%20are%20things%20that%20you%20get%20with%20Exchange%20Server%20that%20you%20do%20not%20get%20in%20Exchange%20Online.%20The%20primary%20one%20is%20email%20address%20policies.%20For%20example%20if%20you%20have%20a%20policy%20for%20first.last%40domain.com%20then%20Exchange%20Server%20can%20enforce%20this%20and%20if%20you%20change%20the%20first%20or%20last%20name%20using%20the%20Exchange%20Server%20tools%20you%20know%20email%20address%20will%20update.%20Manage%20this%20in%20the%20cloud%20and%20you%20need%20to%20write%20your%20own%20provisioning%20tools%20to%20achieve%20the%20same.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-270417%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-270417%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F157%22%20target%3D%22_blank%22%3E%40Brian%20Reid%3C%2FA%3E%3C%2FP%3E%3CP%3ESo%20-%20couple%20scenarios.%26nbsp%3B%20Tell%20me%20if%20I%20need%20an%20Exchange%20Server.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E1)%20Company%20is%20spinning%20off%20of%20Parent%20company.%26nbsp%3B%20Parent%20company%20is%20in%20O365%2C%20Company%20will%20be%20doing%20a%20Tenant%20to%20Tenant%20migration%20and%20won't%20even%20have%20an%20on-prem%20active%20directory%20to%20start%20with.%26nbsp%3B%20They%20will%20eventually%20have%20an%20on-prem%20Active%20Directory%2C%20but%20it%20will%20obviously%20have%20never%20had%20Exchange.%26nbsp%3B%20Since%20the%20AD%20Schema%20will%20not%20have%20been%20extended%20to%20include%20Exchange%20Attributes%2C%20I%20know%20for%20a%20fact%20that%20I%20can%20edit%20email%20addresses%20and%20all%20other%20Exchange%20Attributes%20in%20O365%20even%20after%20I%20start%20syncing%20with%20on-prem%20AD.%26nbsp%3B%20Do%20I%20need%20an%20Exchange%20Server%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E2)%20Company%20is%20considering%20moving%20from%20G-Suite%20to%20O365%20and%20has%20obviously%20never%20had%20on-prem%20Exchange.%26nbsp%3B%20They%20do%2C%20however%2C%20sync%20some%20of%20their%20distro%20groups%20from%20AD%20to%20G-Suite%2C%20which%20means%20they%20will%20either%20need%20to%20sync%20those%20to%20O365%20or%20delete%20from%20AD%20and%20recreate%20them%20in%20O365%20and%20manage%20in%20cloud.%26nbsp%3B%20Again%2C%20since%20the%20AD%20Schema%20was%20never%20extended%2C%20will%20I%20need%20an%20Exchange%20Server%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-266145%22%20slang%3D%22en-US%22%3ERe%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-266145%22%20slang%3D%22en-US%22%3EI%20was%20asked%20by%20three%20separate%20people%20in%20the%20question%20session%20after%20the%20talk%20about%20hybrid%20and%20saying%20how%20Exchange%20Server%202019%20did%20not%20support%20it.%20This%20was%20news%20to%20me%2C%20so%20I%20investigated.%20The%20answer%20is%20that%20Exchange%20Server%202019%20will%20not%20have%20a%20free%20license%20for%20hybrid%20functionality%2C%20it%20will%20still%20do%20hybrid%20and%20management%20etc.%20as%20described%20in%20this%20talk%20but%20needs%20to%20be%20licensed.%20Exchange%20Server%202019%20is%20designed%20for%20organisations%20who%20cannot%20go%20to%20the%20cloud%2C%20and%20not%20for%20those%20that%20have.%20Those%20that%20have%20keep%20Exchange%202016%20on-premises%20as%20their%20management%20server.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-265312%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-265312%22%20slang%3D%22en-US%22%3ESo%20you%20cannot%20both%20a)%20stay%20supported%20and%20b)%20remove%20your%20last%20Exchange%20Server%20on%20premises.%3CBR%20%2F%3E%3CBR%20%2F%3EWith%20AADConnect%20in%20place%2C%20you%20have%20a%20single%20source%20of%20authority%20for%20editing%20AD%20attributes.%20This%20is%20AD%20and%20not%20AAD%2C%20therefore%20you%20need%20the%20correct%20tools%20for%20editing%20the%20attributes%20of%20Exchange%20mailboxes%20in%20the%20cloud%20and%20these%20are%20stored%20in%20AAD%20and%20synced%20from%20AD%2C%20you%20need%20Exchange%20Server.%20More%20and%20why%20are%20in%20the%20video.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-264033%22%20slang%3D%22en-US%22%3ERE%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-264033%22%20slang%3D%22en-US%22%3EWith%20cloud%20eac%20editing%20of%20mail%20attributes%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-264032%22%20slang%3D%22en-US%22%3ERE%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-264032%22%20slang%3D%22en-US%22%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F153678%22%20target%3D%22_blank%22%3E%40Stephan%20Mey%3C%2FA%3E%20-%20In%20a%20supported%20setup%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-263886%22%20slang%3D%22en-US%22%3ERE%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-263886%22%20slang%3D%22en-US%22%3EI%20was%20unable%20to%20attend%20this%20THR%20session%20today%2C%20anywhere%20I%20can%20information%20about%20what%20was%20presented%3F%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-263770%22%20slang%3D%22en-US%22%3ERE%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-263770%22%20slang%3D%22en-US%22%3EStop%20AADConnect%2C%20Export%20AD%20Attributes%2C%20Uninstall%20last%20Exchange%20201x%2C%20Import%20Attributes%2C%20Start%20AADConnect%20again%20%3B-)))%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-263668%22%20slang%3D%22en-US%22%3ERE%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-263668%22%20slang%3D%22en-US%22%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F66428%22%20target%3D%22_blank%22%3E%40Ben%20Delamotte%3C%2FA%3E%20That's%20a%20good%20one%20%3A)%3C%2Fimg%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-263410%22%20slang%3D%22en-US%22%3ERe%3A%20Why%20do%20we%20need%20to%20keep%20an%20Exchange%20Server%20on-premises%20when%20we%20move%20to%20the%20cloud%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-263410%22%20slang%3D%22en-US%22%3ESo%20this%20is%20where%20we%20find%20out%20how%20to%20maintain%20hybrid%20%2F%20synchronised%20identity%20without%20the%20need%20for%20an%20exchange%20server%20on-premises%3F%3C%2FLINGO-BODY%3E
Highlighted
Community Manager
Do you need to do keep an Exchange Server on-premises when you are finished moving your mailboxes to the cloud? The answer is all to do with your identity sync options and therefore it is very important not to confuse "Exchange Hybrid" with "Hybrid Identity." In this theater session we look at the impact of user management in the cloud when you are syncing users from Active Directory and the impact that has on your Exchange deployment.

Check this session out in the Ignite Session Catalogue
Session Code
THR2145
Speaker
Brian Reid
Session Type
Theater: 20 Minute
Product
Show more
Audience
Personas
Topic
Modern Workplace-Simplified IT Management
Format
Community Session
Level
Intermediate (200)
Show less
10 Replies
So this is where we find out how to maintain hybrid / synchronised identity without the need for an exchange server on-premises?
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less
@Ben Delamotte That's a good one :)
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less
Stop AADConnect, Export AD Attributes, Uninstall last Exchange 201x, Import Attributes, Start AADConnect again ;-)))
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less
I was unable to attend this THR session today, anywhere I can information about what was presented??
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less
@Stephan Mey - In a supported setup
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less
With cloud eac editing of mail attributes
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less
Solution
So you cannot both a) stay supported and b) remove your last Exchange Server on premises.

With AADConnect in place, you have a single source of authority for editing AD attributes. This is AD and not AAD, therefore you need the correct tools for editing the attributes of Exchange mailboxes in the cloud and these are stored in AAD and synced from AD, you need Exchange Server. More and why are in the video.
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less
I was asked by three separate people in the question session after the talk about hybrid and saying how Exchange Server 2019 did not support it. This was news to me, so I investigated. The answer is that Exchange Server 2019 will not have a free license for hybrid functionality, it will still do hybrid and management etc. as described in this talk but needs to be licensed. Exchange Server 2019 is designed for organisations who cannot go to the cloud, and not for those that have. Those that have keep Exchange 2016 on-premises as their management server.
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less

@Brian Reid

So - couple scenarios.  Tell me if I need an Exchange Server.

 

1) Company is spinning off of Parent company.  Parent company is in O365, Company will be doing a Tenant to Tenant migration and won't even have an on-prem active directory to start with.  They will eventually have an on-prem Active Directory, but it will obviously have never had Exchange.  Since the AD Schema will not have been extended to include Exchange Attributes, I know for a fact that I can edit email addresses and all other Exchange Attributes in O365 even after I start syncing with on-prem AD.  Do I need an Exchange Server?

 

2) Company is considering moving from G-Suite to O365 and has obviously never had on-prem Exchange.  They do, however, sync some of their distro groups from AD to G-Suite, which means they will either need to sync those to O365 or delete from AD and recreate them in O365 and manage in cloud.  Again, since the AD Schema was never extended, will I need an Exchange Server?

Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less
So in both cases you strictly do not need an Exchange Server on-premises for management purposes (SMTP relay is a different issue, but you could use any SMTP service for anonymous relay, but Exchange will give authenticated relay).

For management purposes though there are things that you get with Exchange Server that you do not get in Exchange Online. The primary one is email address policies. For example if you have a policy for first.last@domain.com then Exchange Server can enforce this and if you change the first or last name using the Exchange Server tools you know email address will update. Manage this in the cloud and you need to write your own provisioning tools to achieve the same.
Session Code
Session Type
Product
Show more
Audience
Personas
Topic
Format
Level
Show less