We just migrated a company to Microsoft Office 365 and we thought we would share our experience and troubleshooting tips. We hope this saves you some time and makes your migration as smooth as possible! Please share this article with everyone you know. I would have killed to have something like this three weeks ago. In our example, we were doing a migration from an on-premise Exchange 2007 server to Exchange Online. We did a cutover deployment, not a hybrid deployment. Our scenario also included making CRM 4.0 on-premise work with Exchange Online.
Microsoft Office 365 Migration Guide
We realize there are a lot of different deployment options, but there is definitely valuable information below for everyone.
Testing Recommendations and Preparation
I would advise checking out the 365 Readiness Tool.
I can’t stress to you enough how much testing is important. I pulled a 90 hour week during our migration. You will always find new things that you didn’t know existed that has to be fixed. So leave extra time allotted for that. Make a list of all of your business operations and if they have ties into email accounts, test them!
Here are some recommended things to check:
- Printers/copiers that scan to email? You will need an SMTP relay server. See more details below.
- .NET applications that send email? Again, SMTP Relay server.
- Avaya or other brand name phone system? Does it send .wav files to your employees emails?
- CRM server?
Also make sure you have the right version of Microsoft Office if you want to see the Online Archives in your Outlook client. Otherwise they are only viewable within OWA. See our article on this here: Outlook 2010 with 365 is not showing Online Archives.
If you are not doing a hybrid approach, we highly recommend working with a certified Microsoft partner which can run incremental syncs on your mailboxes up to the point of switching over. We worked with John at Zuba Solutions and can’t praise them enough for their help. There were nights that John was up at 2am helping me. Talk about customer service!
If you are working with a partner, they will need full access to your on-premise mailboxes. See our article here: http://theitbros.com/grant-full-access-to-all-mailboxes-in-exchange-2007-and-2010/
Manually Configure Outlook Client with 365 to Test
I recommend signing up for a trial account and configure an Outlook client manually with the 365 account. To setup your Outlook client manually you will actually need to export the GUID for the account to use in the server address field. Since you won’t have autodiscover working, this is the way you will have to do it.
Props to the guys at LiftOff who have a great video on how to do this. We will also outline the steps below as it is sometimes hard to follow with video. I’m all about copying and pasting.
To connect with Windows Powershell, right click on it and run it as administrator.
The first thing you will need to do is enter in your 365 credentials.
$LiveCred = Get-Credential
Now we need to start a new session.
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Now we need to import the session.
Now run the command from the video. This will export the list of accounts from 365 with the GUIDs.
get-recipient |export-csv c:\output1.csv
When it has finished remove your PS Session. If you connect a lot throughout the day you will start to receive errors if you don’t always close the session correctly.
Now open up the CSV file you exported. In column D locate the account you want to test with in Outlook. Highlight that row and scroll over to the CT column to find the GUID for that account. Go ahead and copy that somewhere, as we will need that later.
Now go to the Mail icon in the control panel and create a new profile to test with in Outlook. In my example, I am naming it 365.
On the next screen, select “Manual setup or additional server types.”
Select “Microsoft Exchange Server or compatible service.”
Now paste the GUID you save earlier in Step 7 and paste it into the server field. You will need to add your 365 domain onto the end of it. Ex: firstname.lastname@example.org. Then your full 365 email address in the User Name field.
Click on the “More Settings…” button, go to the Security tab, uncheck the Encryption option and change the Logon network security to Anonymous Authentication.
Now click on the Connection tab and check “Connect to Microsoft Exchange using HTTP.” Then click Exchange Proxy Settings… Then copy the settings like in the picture below.
Click Apply, click Next and you should be good to go. You will receive a prompt to finish, simply input your 365 email address and password. You have now configured Outlook to connect to 365 without autodiscover working. Test away!
Setting up the SMTP Relay Server
If you have anything that sends emails via an SMTP server, you will need to setup an SMTP Relay to continue emailing with 365. Basically how it works is the services still authenticate via SMTP, but your SMTP relay connects with a 365 account to send out the emails. You can still keep your FROM addresses as they were before as long as you have a distribution list or user mailbox in 365 with permissions for your SMTP service account to send as that user.
Example, setup an SMTP relay user account in 365. In our example, we will call it SMTP@domain.com. We will use that as a service account to connect with our SMTP relay which we have running on an internal Windows Server 2008 machine. There are a couple ways to do it, in the Exchange Admin Center for an account you wish to send as, simply add the SMTP service account in the “Send As” permission area.
We used this free little application here to run SMTP tests from the different servers: http://telnet25.codeplex.com/
Configuring CRM 4.0 to work with Exchange Online
Please read through and follow this tutorial here: http://support.microsoft.com/kb/2708706
You will need to use your POD URL in the email router configuration. This is no longer under Options in OWA for Exchange 2013 Wave 15. But you can see it in the URL if you login to OWA.
We ended up using our SMTP Relay server for our outgoing profile. You just have to make sure you add your SMTP service account as a sender under your CRM service account.
There is another great article here for reference: http://blogs.msdn.com/b/crm/archive/2009/12/07/configure-microsoft-dynamics-crm-online-e-mail-router-with-exchange-online.aspx This is for CRM online, but almost everything still applies for CRM 4.0 on premise.
Also for CRM 4.0 on-premise, you will need to manually setup a rule in OWA for your queue mailboxes, or setup a transport rule. Basically you are setting up a rule to forward the message as an attachment to your CRM service account. If it is set as “forward as an attachment”, CRM will be able to pick it up and turn it into cases. See example or rule below.
Adding your DNS Records
Once you get to that point of switching over, you will have to add the DNS records for our domain(s). In our example, we will be showing you how to do it with DNSMadeEasy. We got lucky and everything propagated within an hour. But this could definitely take longer.
You will need CNAME records for autodiscover, Lync, OWA, etc.
autodiscover | autodiscover.outlook.com. | 3600
lyncdiscover | webdir.online.lync.com. |3600
sip | sipdir.online.lync.com. |3600
This is a redirect so that you can have owa.yourdomain.com redirect to the 365 OWA login page. This is optional, but recommended for easy access.
owa | mail.office365.com. | 3600
yourdomain-com.mail.protection.outlook.com. | 0 | 3600
You will need a TXT record to confirm your domain and also one later for SPF.
Your confirmation TXT record will look something like this: MS=ms35491467.
And here is the SPF one:
“v=spf1 include:spf.protection.outlook.com -all” | 3600
_sip._tls | 100 | 1 | 443 | sipdir.online.lync.com. | 3600
_sipfederationtls._tcp | 100 | 1 | 5061 | sipfed.online.lync.com. | 3600
Make sure you also add your on-premise DNS records. Most likely this will be under DNS on your Windows Server.
Provide End Users Access to OWA
If you are working with a migration on a weekend, it can be helpful to give users access to OWA early so that they can start to use email again. Recommend setting random passwords before migration and giving them to the end users. There are other ways you could communicate it.
Please see our article here on changing a user’s password with Powershell: http://theitbros.com/change-password-in-office-365-via-powershell/
Or you could use the randomly generated passwords from OWA when doing a reset.
Converting User Mailboxes to Shared Mailboxes
If you have mailboxes that are used by multiple people, you can convert them to shared mailboxes and save yourself a license. The only limitation is 5GB total in data.
We used this command, connecting via Powershell to convert a user mailbox to a shared mailbox.
Get-Mailbox email@example.com | Set-Mailbox –ProhibitSendReceiveQuota 5GB –ProhibitSendQuota 4.75GB –IssueWarningQuota 4.5GB –type shared
Or converting a shared mailbox to a resource/room mailbox.
Get-Mailbox firstname.lastname@example.org | Set-Mailbox –type room
After you convert a mailbox, make sure you remove the license.
Sent Items not going to Shared Mailboxes Sent Items Folder
If you are running Microsoft Outlook 2010, then the sent messages will by default go to the primary mailbox’s sent items folder instead of the shared mailbox. To fix this, simply follow the article here: http://support.microsoft.com/kb/2843677
Search By License Type Filters
If you used any trial accounts in your migration, it sometimes is very helpful to make filters to view which users are on what licenses so that you can confirm that everyone is on a paid license. See our article here: http://theitbros.com/search-office-365-wave-15-by-license-type/
Address Book & GAL Errors
If you are receiving errors when trying to send from some mailboxes, it probably is because of autocomplete or the GAL/address book not updating. See our article here to fix it. http://theitbros.com/office-365-this-message-could-not-be-sent-try-sending-the-message-again-later/
Adding Calendar Permissions
One of the first things users always ask after email is back up is how do I access his or hers calendar? See our article here on adding calendar permissions. http://theitbros.com/add-calendar-permissions-in-office-365-via-powershell/
Disabling Autodiscover on old Exchange Server
Perhaps you want to keep your old Exchange Server up in case you need to export PST files, etc. Microsoft says that autodiscover can’t be disabled, but it can. See our article here: http://theitbros.com/disable-autodiscover-on-exchange-2007-server/
We also have a walk-through on exporting mailboxes to PST files here: http://theitbros.com/export-mailbox-to-pst-with-powershell-from-exchange-2007/
Disable Auto-mapping of Mailboxes when Adding Full Access Rights
By default in the new Exchange Online, whenever you add Full Access rights to another mailbox, it maps to their Outlook client. This can be a disaster if you starting adding 2 or more mailboxes. Not to mention slowing down sync times, crashing your Outlook, etc. What came in handy for us was to disable the auto-mapping and letting them switch mailboxes in OWA. To add permissions and disable the auto-mapping, see the Powershell command below.
Add-MailboxPermission -Identity email@example.com -User firstname.lastname@example.org -AccessRights FullAccess -AutoMapping:$false
In the example above, you are giving email@example.com full permission to open firstname.lastname@example.org’s mailbox. To open the other mailbox in OWA, simply click on your name at the top right and then click on “Open another mailbox…”
Troubleshooting Outlook Profile Issues
There is a tool made by Microsoft that is not widely publicized. It helped us solve a few issues with corrupt Outlook profiles. It is called the Outlook Configuration Analyzer Tool. You can download it free from here: http://support.microsoft.com/kb/2659007
There is also a great powershell command to get the total folder count for the mailbox.
Performance Issues with Shared Mailboxes
This is an area that we had problems with right after the migration. We have some people that have 2-3 shared mailboxes open at a time in their Outlook client. We were having multiple issues:
- Create a folder in the shared mailbox and it wouldn’t show up in client, but would in OWA
- Having to force update the folders in the shared mailbox to retrieve mail
- Colors and categories not working correctly in the shared mailbox
It turns out we were reaching the MAPI session limit, which is around 1000 in Exchange Online. To fix the issue, the only solution we have found so far is to uncheck the “Download Shared Folders” option on the shared mailbox. This way it goes into Online mode instead of caching with MAPI sessions. While it does run a little slow at first, it does catch up and is a good workaround for now. Otherwise, minimize the number of folders you have in the shared mailbox.
You can read more about performance problems with secondary mailboxes.
Avaya Voicemail Pro
If you are on an Avaya phone system, you are most likely running Voicemail Pro. To update the SMTP server, to your new SMTP relay, you will need to go to the System Preferences, click on the Email tab and then the SMTP Sender tab. Update with your SMTP relay server information.
Currently right now there is not a way to receive automatic replies (what used to be called Out of Office messages) if you are sending FROM a distribution list. This can be a problem for marketing managers. See our discussion here: http://community.office365.com/en-us/forums/148/p/169698/493592.aspx#493592
Recovering Deleted Items in Office 365
By default, you can recover deleted items in Office 365 for 14 days. However, you can put a litigation hold on the mailbox which would increase the recoverable items up to a storage capacity of 30GB (Assuming you have Exchange Online Plan 2). And this doesn’t count against your main 25GB mailbox. See our article here on how to recover our messages: http://theitbros.com/recover-deleted-items-in-office-365/
Don’t Archive Notes Folder
You want to be careful when setting up the retention policy and retention tags. By default, the notes folder is archived. From our experience, a lot of users still use notes. See our post on how not to archive notes: http://theitbros.com/dont-archive-notes-in-office-365/
To connect your mobile devices; cellphones and tablets all you need is a few pieces of information.
You use your full 365 email address.
Your current password.
For most up to date devices, the above will be enough. However, if it prompts you for a server address, simply use outlook.office365.com. You can usually leave the domain blank, otherwise use your email address again.
We hope at least some of this was helpful to you in your 365 migration. If you have other useful tips, please comment below and we will add them in the post. Lets help make everyone’s migrations smoother!