Dec 23 2022 10:00 AM
Greetings!
This particular environment is new to me and I'm assigned the task of migrating to Exchange Hybrid. After an initial assessment, I concluded that I require your feedback since the environment needs some changes first (or so I at least believe), before it's ready to be migrated to hybrid via the HCW.
Scenario:
Current EX: 2019 CU12
Mail Flow inbound: Internet > Smarthost > Exchange Server
Mail Flow outbound: Exchange Server > Smarthost > Internet
MX Record is pointing to the smarthost.
3 MX records for subdomains are setup separately, also pointing to the smarthost.
My concerns, and the items I believe need attention, are:
I want to avoid running the HCW and basically crippling the Exchange environment because it wasn't ready to be migrated. I have heard that HCW errors out if something isn't ready, however, I've also ready horror stories of it completing, just to find yourself in a mess.
Thank you,
Dec 23 2022 11:25 AM
SolutionHello @Lussy150
here is Ahmed a community visitor ;)
Let me try to help you :)
There are a few steps you can take to ensure that your environment is ready for the migration:
Configure external URLs for all virtual directories: You can use the Exchange Management Console or the Exchange Management Shell to configure external URLs for all virtual directories. This will allow Exchange Online to communicate with your on-premises Exchange server.
Configure Autodiscover: You can use the Exchange Management Console or the Exchange Management Shell to configure Autodiscover so that it is reachable from both on-premises and off-premises. You may also want to consider using a split DNS configuration to ensure that Autodiscover is reachable from both on-premises and off-premises.
Obtain a certificate: You will need to obtain a certificate that includes the required subject alternative names (SANs) for your Exchange server. The SANs should include your Exchange server's public FQDN, as well as the Exchange Online domains. You can use a publicly signed certificate from a trusted certificate authority (CA) such as Let's Encrypt, or you can use a self-signed certificate.
Configure DNS records: You will need to update your DNS records to reflect the new configuration of your Exchange server. This may include updating the MX records for your domain and subdomains to point to Exchange Online.
Run the Hybrid Configuration Wizard: Once you have completed the above steps, you can run the Hybrid Configuration Wizard (HCW) to complete the migration to.
Best of the best :)
Ahme:D
Dec 28 2022 07:48 PM
Thank you for your reply.
Only a few more questions left which I would appreciate help with.
Thanks!
Dec 29 2022 03:08 AM
Hello @Lussy150,
Thanks for updating me...
I'v checked for you:
Configure Autodiscover: You can use the Exchange Management Console or the Exchange Management Shell to configure both an internal and an external Autodiscover URL. This will ensure that Autodiscover is reachable from both on-premises and off-premises. You may also want to consider using a split DNS configuration to ensure that Autodiscover is reachable from both on-premises and off-premises.
Obtain a certificate: You will need to obtain a certificate that includes the required subject alternative names (SANs) for your Exchange server and Exchange Online. The SANs should include the FQDNs for both your on-premises Exchange server and the Exchange Online domains. It is generally recommended to use a publicly signed certificate from a trusted certificate authority (CA) rather than a self-signed certificate.
I hope I could answer your questions! Otherwise, please let me know!
Best of the Best:)
Ahme:D
Dec 29 2022 08:14 AM
I do have one more question for which I couldn't find a clear answer.
Regarding on-prem domain joined clients and Autodiscover. Would, with Exchange 2019, an internal Autodiscover URL and DNS entry even be required? Or would AD DS SCP lookup work anyways without any additional configuration?
Because if so, wouldn't it be almost impossible to break on-prem Autodiscover for domain joined clients since the first thing the clients query for, before any URL's, is the SCP?
Thanks!
Dec 29 2022 09:00 AM
Jan 03 2023 10:36 AM
I did some testing and changed all the virtual directory url's to mail.domain.com and also replaced the Exchange certificate to a new one signed by an official CA.
They were then accessible just fine and https worked.
However, upon starting Outlook, it through an SSL name mismatch error. Outlook is still trying to connect to the old mail.localdomain.local, but of course now with the new certificate, that will not authenticate.
Is it the receive connectors "FQDN:
Specify the FQDN this connector will provide in response to HELO or EHLO." in the SCOPE tab that needs to be manually changed from the (current) mail.localdomain.com to mail.domain.com?
Thank you,
Jan 03 2023 09:31 PM
Dec 23 2022 11:25 AM
SolutionHello @Lussy150
here is Ahmed a community visitor ;)
Let me try to help you :)
There are a few steps you can take to ensure that your environment is ready for the migration:
Configure external URLs for all virtual directories: You can use the Exchange Management Console or the Exchange Management Shell to configure external URLs for all virtual directories. This will allow Exchange Online to communicate with your on-premises Exchange server.
Configure Autodiscover: You can use the Exchange Management Console or the Exchange Management Shell to configure Autodiscover so that it is reachable from both on-premises and off-premises. You may also want to consider using a split DNS configuration to ensure that Autodiscover is reachable from both on-premises and off-premises.
Obtain a certificate: You will need to obtain a certificate that includes the required subject alternative names (SANs) for your Exchange server. The SANs should include your Exchange server's public FQDN, as well as the Exchange Online domains. You can use a publicly signed certificate from a trusted certificate authority (CA) such as Let's Encrypt, or you can use a self-signed certificate.
Configure DNS records: You will need to update your DNS records to reflect the new configuration of your Exchange server. This may include updating the MX records for your domain and subdomains to point to Exchange Online.
Run the Hybrid Configuration Wizard: Once you have completed the above steps, you can run the Hybrid Configuration Wizard (HCW) to complete the migration to.
Best of the best :)
Ahme:D