We are in the process of migrating our users to Office 365, and we are getting down to the point were we will migrate service accounts. Some of these service accounts have access permissions to other mailboxes to do custom tasks. I am having a hard time wrapping my head around how these service accounts will authenticate in a post migrated world.
We have federated accounts, so we cant just open our application and change the email address username and password in the app can we? I may be wrong though since the app is on prem it may still auth to AD somehow?
Options Ithought of:
Do we have to mail remove their properties on premises and create cloud only mail accounts and reassign permissions then reconfigure our applications?
Add a new UPN, Put the service account in a non federated domain then update the application with the new username?
Yeah that Might be the idea. We are almost done with our user migration and really only down to service accounts now. Ideally we would decommission all our exchange servers except a management server so we dont have that life cycle. And we want to get out of hybrid ASAP. With all mailbox users migrated to MSOL we wont been hybrid mode even if we leave a relay.