Strip down the old tenant
As a next step we remove of our business domains from the source tenant and add them to the target. In our example it is a single domain: jd0e.com
After removing opentechtips.com domain from the jd0e.onmicrosoft.com tenant we add that to agzsolt.onmicrosoft.com
Perfect!
Now to sort the public folders we simply create a jd0e.com subfolder in the local Public Folder database and import the PF.pst file there
Perfect!
Sorting the post-migration tasks: permissions check, distribution lists and contacts creation
Amazing news that the mailbox permissions are inherited, they were mirrored during the migration so we don’t need to worry about that
Send-as permissions are moved through as well:
Now we create the distribution groups with the right useraccounts
import-csv distro-list.csv | foreach {
$SAM=$_.SamAccountName
$name=$_.DisplayName
$win=$_.WindowsEmailAddress
New-DistributionGroup -Name $name -DisplayName $name -PrimarySmtpAddress $win -Type distribution -IgnoreNamingPolicy:$true -ModerationEnabled:$false -OrganizationalUnit "OU=DGs,OU=opentechtips.com,OU=My Business,DC=agzsolt,DC=com" -Confirm:$false
Set-DistributionGroup -Identity $win -RequireSenderAuthenticationEnabled:$false
}
Populate with the members:
import-csv distro.csv | foreach {
$group=$_.Group
$member=$_.PrimarySmtpAddress
Add-DistributionGroupMember -Identity $group -Member $member -Confirm:$false
}
And to finish the process, we create the contacts:
import-csv contacts.csv | foreach {
$name=$_.Name
$disp=$_.DisplayName
$fn=$_.FirstName
$ln=$_.LastName
$email=$_.WindowsEmailAddress
New-MailContact -Name $name -DisplayName $disp -FirstName $fn -LastName $ln -ExternalEmailAddress $email -OrganizationalUnit "OU=Contacts,OU=jd0e,OU=My Business,DC=agzsolt,DC=com" -Confirm:$false
}
From this point it’s a normal migration to the cloud scenario.
MIGRATE BACK TO THE CLOUD
That’s the easy and well documented part of our job, first we create the migration endpoint in the cloud server, just like we did the first time on the source tenant. This time we do the exact same steps, and we call this endpoint “agzsolt” as well.
An important thing is to move the OU that contains all the migrated accounts to an OU that is a synced OU so the users will appear in the tenant!
Move-ADObject -Identity "OU=opentechtips.com,OU=non-syncing,OU=My Business,DC=agzsolt,DC=com" -TargetPath "OU=synced,OU=My Business,DC=agzsolt, DC=com"
We create a file called UpToTheCloud.csv and start the migration batch:
UpToTheCloud.csv
EmailAddress Ross@jd0e.com Joey@jd0e.com Monica@jd0e.com Rachel@jd0e.com Chandler@jd0e.com Phoebe@jd0e.com Janice@jd0e.com CentralPerk@jd0e.com
Script:
New-MigrationBatch -Name "Up Back To The Cloud" -SourceEndpoint "agzsolt" -BadItemLimit unlimited -TargetDeliveryDomain agzsolt.mail.onmicrosoft.com -CSVData ([System.IO.File]::ReadAllBytes("C:\UpToTheCloud.csv"))
Start the migration
Now it’s time to complete the migration batch
After the batch is done we can see the mailboxes finally appearing in the cloud
I personally prefer changing the SCP record for autodiscover in the jd0e.com domain to https://autodiscover-s.outlook.com/Autodiscover/Autodiscover.xml which makes faster discovery at later profile creations, but this step can be omitted.
The clients will receive another notification of the background changes after which they need to restart Outlook again and we are done!
Tidying up
We still have a few things to sort:
- We assign the appropriate licenses to the migrated accounts
import-csv users.csv | foreach {
$fn=$_.FirstName
Set-MsolUser -UserPrincipalName "$fn@jd0e.com" -UsageLocation "GB"
Set-MsolUserLicense -UserPrincipalName "$fn@jd0e.com" -AddLicenses "agzsolt:ENTERPRISEPACK"
}
2. The public folders need to be moved to the cloud. Again, Microsoft’s solution is a pretty cumbersome way, since the mailbox database is pretty small I use a simple client to export them in a PST file and import it back to a cloud managed PF mailbox.
After migrating back to the cloud, the mobile phones will start working again. In few cases users are prompted for their passwords by the device after which the connection goes back to normal.
We are done!
Zsolt Agoston
17/02/2018