Decommission Hybrid Exchange 2013 / O365 with AD Sync and ADFS

Highlighted
Occasional Contributor

Hi all,

 

I've been reading for some time about decommissioning a hybrid exchange 2013 environment.

 

Our scenario;

We have a new customer and their wish is to get rid of as many servers as possible.

Their current email situation is;

- Exchange 2013 with Hybrid Office365 deployment

- ADFS (2 servers hosted in Azure)

- AD Connect (installed on one of the ADFS servers).

- All mailboxes exist in O365

- All DNS records point to O365

 

A local DC will still be needed so let's say a DC1 will be on-premise.
We want to get rid of the Exchange 2013 and both ADFS servers, but do want to use AD Connect, so we could install this on the DC1.


From what I've been reading on this page; HTTPS://docs.microsoft.com/en-us/exchange/decommission-on-premises-exchange if we still want to use AD Connect we require the Exchange 2013 server for mailbox management. Is this correct?

 

What other ways can we approach? Some things I think about:

- Don't use AD Sync and manage all mailboxes in O365 completely.

- Create new local domain, new O365 tenant, setup AD Sync and perform a tenant to tenant migration.

- Keep ADFS / AD connect and Exchange 2013 as is..

 

I have a lot of Office365 and Exchange experience but unfortunately not in hybrid configuration.

Any help is appreciated.

3 Replies
Highlighted

That's correct. The only *supported* method of managing Exchange-related objects and their attributes is via the Exchange tools. The catch here is "supported". If you don't care about staying into a supported configuration, and you know what you are doing, you can manage them just fine via the AD tools. But if you run into an issue, Microsoft can potentially deny you support.

Highlighted

@Vasil Michev Thanks for your reply, do you know the technical reason for this? Objects exist in O365 right? What makes is 'look' for on prem details?

 

So only option to get rid of ADFS and Exchange servers is create new local AD-domain, setup new tenant, perform tenant to tenant migration and setup AD Connect from this new AD-domain?

 

Cheers.

Highlighted

That wont make a difference. Every scenario involving AAD Connect has the same restrictions in terms of supportability. It's not a technical restriction, again you can manage the attributes just fine with other tools. But if you want to be in supported configuration, you need to manage Exchange related objects is via the Exchange tools.