none
Decommission Hybrid but not on premises Exchange or AAD or ADFS RRS feed

  • Question

  • Hi,

    we have migrated all mailboxes to O365.

    I will remove all but one exchange server 2013 on premises or I will install exchange 2016.

    I would like to remove hybrid configuration, but stay with ADFS + sso.

    There will be no on-premise mailboxes.

    So plan on exchange is :

    DNS : Point all to O365

    On Prem:

    Remove-OrganizationalRelationship

    Remove-FederatedDomain

    Remove-FederationTrust

    Remove-SendConnector

    Remove-HybridConfiguration

    On cloud :

    Remove-OrganizationalRelationship

    Remove Outbound send connector  O365 to Your organization.

    What I would left on prem :

    Domains : they will all be left  on premises, so that when I create  a mailbox, information  regarding user objects attributes, will be sync to azure AD. I will use PowerShell to move newly created user “object”  mailboxes  to O365 and assign a license.

    On premise Exchange  server. On premise exchange server will be  used as relay server. So I will left inbound send connector in O365 to be used  as relay connector.

    I believe that I should not run AAD sync configuration and remove hybrid check.  

    All other articles are telling that I should remove ad sync AAD, but I do not want to decommission. 

    Br,

    stane

    Tuesday, April 17, 2018 12:06 PM

All replies

  • Hi Stane,

    For your current situation, I recommend to keep hybrid environment since the AAD Connect Sync and SSO remain be used now.

    Moreover, check the article below if you want to remove On-premise Exchange:
    Office 365 and Dirsync: Why should you have at least one Exchange Server on-premises
    How and when to decommission your on-premises Exchange servers in a hybrid deployment

    Best Regards,
    Allen Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Wednesday, April 18, 2018 8:14 AM
    Moderator
  • Hi, I can not,

    There will be  domain reorganization and split.  I have  one forest, and two domain tree. In each tree  there is exchange .  And this domain and this Exchange  server will be migrated to new forest.  Other domain will stay and this exchange server will  create a new hybrid.

    So I’m force to move all mailboxes in cloud and  remove hybrid.  And this migration  will take  a while, and  problem is, that  first domain, currently has not enough license, and they are first domain in forest.  Domain that I’m going to migrate, is second domain, and   when I will setup new forest with new  Exchange server, sever will have only minimal  resources. Only for creating and managing “mail” related objects.  Until, the switch I would  like to keep sso.  

    Br,

    Stane.

    Wednesday, April 18, 2018 8:36 AM
  • Hi Stane,

    ---> "Domain that I’m going to migrate, is second domain"
    In AAD Connect, we can use Domain filter to sync this migrated domain to Office 365 only.

    ---> "when I will setup new forest with new  Exchange server, sever will have only minimal  resources"
    Do you mean a new forest or others?
    As we known, it's a single Exchange organization in one AD forest environment.

    Best Regards,
    Allen Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, April 23, 2018 2:10 AM
    Moderator
  • HI Allen Wang,

    Do you mean a new forest or others?

    Yes, I will create new forest and use ADMT to move to new forest.

    Problem is, that  management is in a hurry, so I have to  migrate  all mailboxes from Domain B in Forest A, so  Domain A in Forest A can establish Hybrid.  Domain A and original forest A will stay.

    New Forest B for Domain B will not be prepared to switch AAD to new forest.  So because I have  AAD + ADFS setup for Domain B, I will have to disable only  Hybrid.  Domain A will have only password sync.

    Domain A and Domain B are two Doman trees in same forest. Domain A is first domain in Forest A. 

    Br,

    Stane

    Monday, April 23, 2018 5:08 AM
  • Hi Stane,

    Sorry for delay.

    It seems fine to decommission hybrid environment from Forest A, and AAD Connect can use domain filter to sync only Domain A account to Office 365.

    Best Regards,
    Allen Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Wednesday, May 2, 2018 2:07 AM
    Moderator
  • Hi,

    Sorry to interrupt your again.
    I just want to check the current status of your question.
    Is there any update or any other assistance I could provide on this issue? 

    Please feel free to mark responses as the answer and/or vote them helpful as appropriate.
    Thank you for your understanding and patience! 

    Best Regards,
    Allen Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Thursday, May 3, 2018 3:15 PM
    Moderator