Nov 17 2021
- last edited on
Feb 06 2023
Our company was recently acquired, and the desire is to migrate our tenant into theirs.
- we are in a Hybrid deployment (1 remaining OnPrem Exchange server** and using AzureAD Sync)
- we are a relatively small shop (~51 accounts w/<400GB total in mailboxes, 200GB in OneDrive, very little in SharePoint)
- we create users and mailboxes OnPrem and migrate them to O365 and manage them OnPrem
**In preparation and testing for this, I have taken our OnPrem Exchange server out of the mailflow, pointed the MX records to O365, disabled the connectors, etc and mail flows perfectly fine. I also created a test user in our LocalAD and synced that account to O365 (didn't create a mailbox on the local Exchange server), assigned licensing and let it create an ExchangeOnline mailbox and that mail flows fine as well.
- they are not hybrid - they are using Azure AD Sync. They create and manage users in their local AD and sync them to O365 (same as we do)
- they do not have any OnPrem Exchange, so all of their users mailboxes are created in the cloud automatically as licenses are applied.
The question is, what is the best approach?
We've looked at some third party utilities for the migration that look good, but the concern with that method is what happens then to my local AD and AzureAD Sync; managing the existing users that were created, synced and then migrated; and my local users authenticating to it, etc? Are we going to be able to fully decommission the last Exchange server and not lose the ability to manage our folks. I need them to authenticate to our Local AD so do I then point AzureAD Sync to the domain in the new tenant?
We talked about the possibility of simply creating the users manually in the other tenant, then exporting/importing their data to their new accounts (instead of migrating the account itself) to remove the need to maintain an OnPrem Exchange server if the users weren't created locally then migrated. How then does that affect them authenticating to our local AD since as I understand it, you cant sync from AzureAD back to a local AD.
What about the possibility (same as what I wrote in BOLD above) of recreating all of the users in my local AD (with a different UPN), not creating mailboxes locally, syncing them to 0365, assigning licensing and letting the ExchangeOnline mailbox be created automatically (no mailbox migration like we are currently doing). Then we could import their PST to their new mailbox. Now, the users WOULD exist in our localAD and when we migrate that new batch of users to the new tenant, we could point AzureAD Sync to the new tenant and it should sync. AND since they never had a mailbox on our OnPrem Exchange server, there would be no need to maintain it.
Appreciate any help on working through this!
Nov 17 2021 11:32 PM
Nov 18 2021 05:15 AM
@Vasil Michev Appreciate the reply.
Yes, I was planning on stripping out the hybrid model first. I don't see any continuing need at this point.
- Company1.com domain moved to Company2's tenant
- Company1's users and data are migrated into Company2's tenant and associated with Company1.com
- all Company1's mailboxes are in ExO within Company2's tenant
- decommission Company1's last OnPremEX
- Company1's local AD sync's with Company1.com in AAD in Company2's tenant
- Company1's users and local resources continue to authenticate as always (against Company1's local AD)
If we simply move our existing domain into Company2's tenant then migrate the users in Company1 (my company) into Company2's tenant (including all of their data) and associate them with my domain there, am I able to continue to use Company1's local AD to manage and maintain users by just pointing AD Sync to the domain within the new tenant? AND will the local AD for Company1 continue to function for local authentication as it currently is?
Nov 18 2021 07:32 AM
Nov 18 2021 07:34 AM
thanks @Vasil Michev
re-setting up sync isn't a big deal and we aren't ready to consolidate. I think this is the plan of attack we'll take.