Preparing Lab for Exchange hybrid deployment
Dear All,
I would like to practice Exchange 2013 with office 365 lab environment(Hybrid deployment). I need
to prepare this lab setup without having internet connection.
Note :
Please find the below Hyper V servers which i am planning to use for hybrid deployment:
Onpremise servers:
1 Dc
1 Exch 2013
2 Adfs server
2 Adfs Proxy server
1 DRSync server & 1 TMG server
I need to create a Virtual Exchange online office 365 domain to make a hybrid connection with the onpremise servers.
How to acheive this setup.
Kindly Advise
Regards
kamparth
Follow the Exchange server deployment assistant(reference is mentioned above) that is available from Microsoft team and would be an appropriate approach for you.
Meanwhile, you may also walk through this another informative article that covers all the required aspects and provides step-wise instructions to accomplish this job :
http://www.msexchange.org/articles-tutorials/office-365/exchange-online/configuring-exchange-2013-hybrid-deployment-migrating-office-365-exchange-online-part1.html
Moreover, if you are still concerned about the data security, you may consider on this automated solution (http://www.exchangemailboxmigration.com/) that could be an appropriate solution to get this
job done in a hassle-free manner without having any interruption.
Similar Messages
-
Office 365: Configure Public Folder for a Hybrid Deployment
All,
I am going to sync the public folder from exchange 2010 to
office 365. We have a Exchange hybrid 2013. Based on this article below,
it states:
"If your public folders are on Exchange 2010 or
later servers, then you need to install the Client Access Server role on
all mailbox servers that have a public folder database. "
We
have HA CAS on Exchange 2010. I am not sure anything happens that I
install the CAS on mailbox server. Please give me your advices on this
situation.
on the other hand, I have ideas in my mind that I can
copy the public folders databases on Exchange 2010 to Exchange hybrid
2010 which has the CAS role and mailbox role.
Please assist me with these situations.
Thanks,
Hi,
Please see the step 1 in the following article:
Configure Legacy On-Premises Public Folders for a Hybrid Deployment
http://technet.microsoft.com/en-us/library/dn249373(v=exchg.150).aspx
Thanks,
Simon Wu
TechNet Community Support -
Error Preparing Schema for Exchange 2013
I recive this error when running the preparing AD for exchange 2013 on a 2012 r2 server.
Error:
The following error was generated when "$error.Clear();
# O15# 2844081 - Create PartnerApplication "Exchange Online" in DC and On-Premise
$exch = [Microsoft.Exchange.Data.Directory.SystemConfiguration.WellknownPartnerApplicationIdentifiers]::Exchange;
$exchApp = Get-PartnerApplication $exch -ErrorAction SilentlyContinue -DomainController $RoleDomainController | Where { $_.UseAuthServer };
if ($exchApp -eq $null)
$exchAppName = "Exchange Online";
$exchApp = New-PartnerApplication -Name $exchAppName -ApplicationIdentifier $exch -Enabled $RoleIsDatacenter -AcceptSecurityIdentifierInformation $false -DomainController $RoleDomainController;
# Create application account for Exchange
$appAccountName = $exchApp.Name + "-ApplicationAccount";
$appAccount = Get-LinkedUser -Identity $appAccountName -ErrorAction SilentlyContinue -DomainController $RoleDomainController;
if ($appAccount -eq $null)
$appAccountUpn = $appAccountName.Replace(" ", "_") + "@" + $RoleFullyQualifiedDomainName;
$appAccount = New-LinkedUser -Name $appAccountName -UserPrincipalName $appAccountUpn -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "UserApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "ArchiveApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "LegalHoldApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "Mailbox Search" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "TeamMailboxLifecycleApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "MailboxSearchApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
Set-PartnerApplication -Identity $exchApp.Identity -LinkedAccount $appAccount.Identity -DomainController $RoleDomainController;;
" was run: "Couldn't find a user with the identity "ESL.LOC/Users/Exchange Online-ApplicationAccount".".
Error:
The following error was generated when "$error.Clear();
# O15# 2844081 - Create PartnerApplication "Exchange Online" in DC and On-Premise
$exch = [Microsoft.Exchange.Data.Directory.SystemConfiguration.WellknownPartnerApplicationIdentifiers]::Exchange;
$exchApp = Get-PartnerApplication $exch -ErrorAction SilentlyContinue -DomainController $RoleDomainController | Where { $_.UseAuthServer };
if ($exchApp -eq $null)
$exchAppName = "Exchange Online";
$exchApp = New-PartnerApplication -Name $exchAppName -ApplicationIdentifier $exch -Enabled $RoleIsDatacenter -AcceptSecurityIdentifierInformation $false -DomainController $RoleDomainController;
# Create application account for Exchange
$appAccountName = $exchApp.Name + "-ApplicationAccount";
$appAccount = Get-LinkedUser -Identity $appAccountName -ErrorAction SilentlyContinue -DomainController $RoleDomainController;
if ($appAccount -eq $null)
$appAccountUpn = $appAccountName.Replace(" ", "_") + "@" + $RoleFullyQualifiedDomainName;
$appAccount = New-LinkedUser -Name $appAccountName -UserPrincipalName $appAccountUpn -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "UserApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "ArchiveApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "LegalHoldApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "Mailbox Search" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "TeamMailboxLifecycleApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
New-ManagementRoleAssignment -Role "MailboxSearchApplication" -User $appAccount.Identity -DomainController $RoleDomainController;
Set-PartnerApplication -Identity $exchApp.Identity -LinkedAccount $appAccount.Identity -DomainController $RoleDomainController;;
" was run: "Couldn't find a user with the identity "ESL.LOC/Users/Exchange Online-ApplicationAccount".".Hi,
Fist, please check if there is an account which is Exchange Online-ApplicationAccount via ADUC.
By default, this account is disabled, please enable it and re-run Setup /PrepareAD again. It should success. After preparing AD schema, please disable the account again.
Best regards,
Belinda
Belinda Ma
TechNet Community Support -
Preparing Domain for Exchange 2013 in an Exchange 2010 Organization
When preparing the domain for Exchange 2013, can we use the same Organizational Name as was used for Exchange 2010 or should we select a new variation?
When preparing the domain for Exchange 2013, can we use the same Organizational Name as was used for Exchange 2010 or should we select a new variation?
You dont have define the org name since it already exists.
Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied. -
Prepare schema for Exchange Online
Hi,
My company is going to use Microsoft Exchange Online and I first need to prepare schema for this (that's what I was told).
I have downloaded Microsoft Exchange 2013 and tried to run "setup.exe /PrepareSchema" but it says it needs WMF 3.0 to run the setup. But I have problems with installing it on my windows 2008 R2 SP1 server. Is it ok to try to install WMF 4.0 instead
of WMF 3.0?Hi,
From your description, I would like to clarify the following things:
1. Exchange Online is different from Exchange 2013.
2. If you want to install WMF 4.0, the Exchange version should be Exchange 2013 SP1, Exchange 2013 is not supported.
Here is a thread for your reference. Please see the System Requirements.
Windows Management Framework 4.0
http://www.microsoft.com/en-us/download/details.aspx?id=40855
Hope it helps.
Best regards,
Amy Wang
TechNet Community Support -
Hi
I need to migrate a few users from Exchange 2010 on premises to O365. I will be using Hybrid mode. I need to know what are the recommendations & Pre-requisites or limitations from Account\Mailbox perspective?Please suggest.Hello,
I think it will be more efficient to ask this question on Exchange Online forum:
http://social.technet.microsoft.com/Forums/msonline/en-US/home?forum=onlineservicesexchange
Thanks,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Simon Wu
TechNet Community Support -
Exchange 2013 Certificates for Hybrid Deployment Clarification
I have an Exchange 2013 servers (CAS and Mailbox on separate server) which I wanted to setup for Hybrid deployment. I already have a certificate acquired from 3rd party with 3 names (mail, autodiscover and owa). the certificate was installed in the
CAS server. As per the hybrid deployment documentation I need also to install a certificate in the mailbox server, questions:
1. Can I use the same certificate for installation in the mailbox server?
2. Can I also use the same certificate in the Hybrid Configuration wizard for the "certificate to use with securing the hybrid mail transport"?
3. Do I need to include the primary smtp domain (xxxxx.com) in the certificate since current configuration points to the mail.xxx.com as the certificate common name?Hi,
Here are my answers you can refer to:
1. It depends.
The certificate used for hybrid secure mail transport must be installed on all on-premises Exchange 2013 Mailbox and Client Access servers.
If you're configuring a hybrid deployment in an organization that has Exchange servers deployed in multiple Active Directory forests, you must use a separate third-party CA certificate for each Active Directory forest.
2. Yes. But we recommend that you use a dedicated third-party certificate for any optional AD FS server, another certificate for the Exchange services for your hybrid deployment, and if needed, another certificate on your Exchange servers for other needed
services or features.
3. Yes. Here are the minimum suggested FQDNs that should be included on certificates: domain.com, autodiscover.domain.com, edge.domain.com
For more information, you can refer to the following article:
http://technet.microsoft.com/en-us/library/hh563848(v=exchg.150).aspx
If you have any question, please feel free to let me know.
Thanks,
Angela Shi
TechNet Community Support -
Hello All:
I am receiving an error when I run the Manage Hybrid Configuration wizard - ERROR:Updating hybrid configuration failed with error 'Subtask NeedsConfiguration execution failed: Configure Recipient Settings. I have opened a SR, but figured I'd try the forums,
too. I have a wildcard certificate from GoDaddy (MS says they support wildcards from GoDaddy) & that cert has only the IIS service applied to it on the CAS. I've read in the Exchange Server Deployment Assistant that it should have the SMTP & IIS services
assigned to it, but my question is - SMTP on the CAS (separate server) or on the Mailbox/Hub Transport (separate server)? And what are the ramifications of assigning the SMTP service to, let's say, the CAS? We have had multiple issues every time the servers
get updated/changed; I do not want to disrupt services further, as the Manage Hybrid Configuration will be done during business hours.
If anyone can provide any assistance/clarification, it would be most appreciated.
Thank you.Hi,
We can enable a Wildcard certificate with SMTP service for Exchange Hybird Deployment. The SMTP service can be assigned to multiple certificates. For some Exchange services such as OWA, Ecp, ActiveSync, Autodiscover service, OOF, it is used with Exchange
certificate with IIS service. And there is usually only one certificate can be assigned with IIS service.
Please just make sure your Wildcard certificate can contain all namespaces which are used for all internal URL and External URL configuration in Exchange services. About how to import an existing wildcard certificate on the Exchange 2010 Hybird servers,
please refer to the Import & Enable Third Party Certificate on Hybrid Servers
part in the following article:
http://www.msexchange.org/articles-tutorials/office-365/exchange-online/configuring-exchange-hybrid-deployment-migrating-to-office-365-exchange-online-part9.html
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please
make sure that you completely understand the risk before retrieving any suggestions from the above link.
Regards,
Winnie Liang
TechNet Community Support -
Exchange 2013 Hybrid Deployment, on-premise to multiple Office 365 tenants
Hello, we are in the early stages of planning an Exchange 2013 hybrid deployment for a federation of education organisations.
We are planning to use a single on-premise Exchange organisation for staff mailboxes across all member organisations, each member already has it's own Office 365 tenancy for students, which we would like to maintain if possible.
My question is, is it possible (and supported) for an Exchange hybrid deployment with a single on-premise organisation with multiple Office 365 tenants, my understanding is that only a 1:1 deployment is supported, can somebody confirm or clarify this ?
ThanksI think if you have different AD sites then you can install the DirSync or ADFS for each of them and have one way replication. I 'd aks this question to Office365 Forum and support.
Where Technology Meets Talent -
Exchange 2013 Hybrid Deployment issues.
Hello.
i have an issue when configuring Exchange hybrid deployment in my environment.
when i complete the Exchange hybrid wizard and OAuth is finished our exchange environment will not receive emails from the "internet" as in senders outside the company.
mail will can be sent out and will flow between internal users.
when i check the message trace on 365 the emails were failing with the following error.
Users were also getting a bounce back saying
Diagnostic-Code: smtp;550 5.4.1 [[email protected]]: Recipient address rejected: Access denied
i wondered if it had anything to do with the MX record on our public DNS, i changed this to the one recommended by O365 domain DNS assistant, but this made no odds,
it looks like it could be a receive connector issue however i am new to exchange so i am still learning.
the only way to fix the issue was to run Remove-Hybridconfiguration on the Exchange 2013 server, when this finished and few moments had passed mail began being received from the internal again.
Any Suggestions on what could be caused
many thanksHello.
i have an issue when configuring Exchange hybrid deployment in my environment.
when i complete the Exchange hybrid wizard and OAuth is finished our exchange environment will not receive emails from the "internet" as in senders outside the company.
mail will can be sent out and will flow between internal users.
when i check the message trace on 365 the emails were failing with the following error.
Users were also getting a bounce back saying
Diagnostic-Code: smtp;550 5.4.1 [[email protected]]: Recipient address rejected: Access denied
i wondered if it had anything to do with the MX record on our public DNS, i changed this to the one recommended by O365 domain DNS assistant, but this made no odds,
it looks like it could be a receive connector issue however i am new to exchange so i am still learning.
the only way to fix the issue was to run Remove-Hybridconfiguration on the Exchange 2013 server, when this finished and few moments had passed mail began being received from the internal again.
Any Suggestions on what could be caused
many thanks
Make sure the accepted SMTP domains in the Office 365 EAC are set to Internal Relay rather then Authoritative.
Twitter!:
Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied. -
Is Reverse Proxy required for Hybrid deployment
Hi everyone,
We plan to deploy a new infrastructure on prem attached to O365.
The aim of this deployment is to create lync meeting on the on prem FE server which will be accessible by O365 Lync users. (FI: these meetings will be created on prem because the customer wants to cascade Lync conference with his Polycom video conferencing
infrastructure).
Some users are homed on-premises and some users are homed online, but the all users share the same SIP domain. Is Reverse Proxy on prem will be required for O365 users to join meetings created on the on-premise FE or the O365 architecture
can handle it?
The only functionality needed is meeting (not mobility). I saw this (https://social.technet.microsoft.com/Forums/en-US/cf4f63f9-355f-475b-8148-608633adfe86/is-reverse-proxy-necessary-for-lync-hybrid-deployment?forum=lyncdeploy) but the functionality asked
are different.
Many thanks for your help.
ThomasYou'll need a reverse proxy on premises to publish the external web services FQDN of your on-premises front end pool. Meet will use this behind the scenes regardless of where it's pointing. If you're hybrid, the DNS URLs should typically point
to your on-premises deployment however anyway:
https://technet.microsoft.com/en-us/library/jj205403%28v=ocs.15%29.aspx?f=255&MSPPError=-2147217396
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications
This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Exchange Server Deployment Assistant - Single Sign On Question
I'm running through the Exchange Server Deployment Assistant to help with a Hybrid deployment and for
right now, I don't want to be bothered with SSO. In the Assistant, when I answer
No to the Do you want all users to use their on-premises credentials when they log on to their Exchange Online mailbox? question when I get to the
Before You Begin section it always shows my answer to that question as being
Yes.
Any ideas? Can I simply ignore the sections that relate to AD FS as I work through the steps?
Thanks!Hi Adare,
I have tested on Exchange Server Deployment Assistant with "Hybrid"->"Exchange 2010 based hybrid", and get the same result as yours.
Information on "Do you want all users to use their on-premises credentials when they log on to their Exchange Online mailbox?" as below:
Single sign-on allows users in both the on-premises organization and the Exchange Online organization to access resources and features across the two organizations without being prompted for additional user credentials. Single sign-on is configured for
a hybrid deployment using identity federation and Active Directory synchronization. If you're planning to have on-premises users access Exchange Online accounts using the Outlook mail client or planning to implement Exchange Online Archiving,
we strongly recommend selecting Yes for this question and deploying single sign-on in your on-premises organization.
It seems that this is the reason why Yes has been selected.
Thanks
Mavis Huang
TechNet Community Support -
Hi,..
I am configuring Exchange Hybrid deployment with Office 365. On step Set up Exchange Hybrid wizard, I get an error message as bellow :
Need help please :)
Thanks,
IHHi,
Please make sure a federation trust is established. Creating a federation trust is one of several steps in setting up federated delegation in your Exchange organization.
And please use the MetadataURL parameter to specify the URL where WS-FederationMetadata is published by the Microsoft Federation Gateway to check result.
Besides, here is a related thread for your reference.
http://social.technet.microsoft.com/Forums/exchange/en-US/70baa989-87c2-4d3e-990a-0ff37a05c746/newfederationtrust-not-connecting
Hope this is helpful for you.
Best regards,
Belinda Ma
TechNet Community Support -
Need help on office 365 Exchange Hybrid
Hi Team,
I have question related to Planning that
I have Exchange 2013 Implemented in my on Premises. Now I also want to configure office 365 for Exchange Hybrid.
I am planning only to deploy DirSync server but not ADFS. I know the drawback as without ADFS the office 365 user will have two identity and also to log-on on office 365 A/C either Outlook/Lync the user need to sign in using office 365 ID.
My management have below requirement
1) The user Mailbox should reside in Office 365.
2) The user will be sending receiving mails using OUR domain suffix Ex :- abc.com
3) They do not want to built ADFS as the user logon dependency will increase again on our on premises servers.Hi,
According to your description, I understand that the question is about the deployment of Exchange 2013 and Exchange Online in Office 365. This forum focuses on the deployment of Office 365 ProPlus which
is the version of Office that comes with many Office 365 plans. Therefore, I suggest we can ask a question in Microsoft Exchange Online forum for more professional suggestions:
http://social.technet.microsoft.com/Forums/en-US/home?forum=onlineservicesexchange
Additionally, here is a reference about Microsoft server 2013 Hybird Deployments and hope it is helpful for you:
http://technet.microsoft.com/en-us/library/jj200581(v=exchg.150).aspx
Regards,
Winnie Liang
TechNet Community Support -
Certificate configuring for exchange 2013 and office 365 hybrid deployment
Please advise on what digital certificate requirements for hybrid deployment and to configure it.
Hi sphilip,
If you want to deploy AD FS with Single Sign-On(SSO), we need use certificate to establish secure trust between on-premises Exchange 2013 and Office online.
We can use and configure a trusted third-part CA within all on-premises Exchange 2013 Mailbox and Client Access servers to ensure secure mail transport, more details about
Office 365 Hybrid Configuration Certificate Planning, for your reference:
http://blogs.technet.com/b/neiljohn/archive/2011/08/25/office-365-hybrid-configuration-certificate-planning-adfs-exchange-web-services-owa-oa.aspx
Best Regards,
Allen Wang
Maybe you are looking for
-
Hi all, While doing Goods Receipt against an STO, the system shows the message: "MSSA-SATRA exceeded by 500 SET" I have done 351 movement to post the stock in stock in transit.The qty which is to be sent is correct. Please give some solution. Regards
-
I backed up my old phone to cloud. I can't get the data to transfer to my new phone yelp?
-
I am having trouble figuring out how to get a date to show on a report
Hi, I have a query with a structure on both my rows and columns. In my columns, I have my key figures and on them are period/year restrictions. For example, the first column is the current fiscal period/year - 1 period, the next column is the curren
-
ADF Mobile - Get network status
OS: OSX 10.8.5 JDEV: 11.1.2.4 ADF Mobile Extension version: 11.1.2.4.39.64.51 HI All, I'm currently in the middle of developing an ADF Mobile application and exploring the offline/online capabilities and have run into an issue where i'm trying to det
-
How to download photos from Galaxy 2 Jellybean to MacBook Pro OS 10.8.4 iPhoto?
Photos on Galaxy 2 Jellybean can be downloaded via USB cable & Kies app to MacBook Pro Photo file, but not iPhoto. How to download photos from Galaxy 2 directly into iPhoto?