That's great information. Thanks for that. I would be interested to hear how your migrations go. I think the pain point for me is after user migration, autodiscover works and switches the mailbox to the cloud and prompts for username and password. Getting the users to put in [email protected]<mailto:[email protected]> will be a tough ask and I imagine a lot of calls to the help desk. If ADFS will resolve that then, this will need to be implemented too.
[cid:[email protected]] From: [email protected] [mailto:[email protected]] On Behalf Of Jonathan Raper Sent: Friday, 22 May 2015 10:17 AM To: [email protected] Subject: [Exchange] Re: Exchange Online O365 vs On-Premise Hi Todd, I can't speak to 2010 and DAG, however I am in the midst of a 2007 --> O365 Hybrid migration using Exchange 2013 with DirSync and ADFS (on server 2012 R2, so essentially ADFS 3.0). We skipped 2010 altogether. We also had a requirement to maintain rich coexistence for our end users (Free/Busy and Presence), and were not comfortable with a cutover migration....so we had no choice but to leverage Hybrid in order to maintain the rich coexistence. Had we opted for a staged migration, we would not have had the ability for our end users to be able to see free/busy and presence information from on-premise to cloud and vice versa. My mailbox that I am typing this email from is on O365 Exchange Online - most of the rest of my organization is running on-premise. We ran a pilot test for the better part of a month with 16 people, and start production migrations next week (the pilot has gone well). The pain point was actually getting to the point where I was able to turn hybrid mode on! (ESPECIALLY with Exchange 2007). From what I understand, you've got it a tad easier with being on 2010. As long as you are running with all of the latest patches and rollups, I do not believe that 2013 is a requirement for you to do a migration or a hybrid implementation. I would start here: Microsoft Exchange Server Deployment Assistant<https://technet.microsoft.com/en-us/exdeploy2013/Checklist?state=2419-W-AAAAAAAAQAAAAAEAAAAAAAA%7e> This will show you the three options you have, and ask you some questions - from there you'll get a better idea of what is best for your business. As for ADFS and DirSync.... Yes, DirSync does a password synchronization between on-premise and O365, however that is not TRUE single sign-on - rather, it is what Microsoft calls "Same sign-on". In other words, your users are not authenticating against Ad, but against a stored password hash that is updated from AD every 3 hours via DirSync. It is less complex than ADFS, however that method may not be desirable depending on your security needs. Yes, Single sign-on does work with Office 2010, no problem. You CAN actually use BOTH together, and as long as you know what to do if/when ADFS breaks, you can fail over to same sign on with minimal disruption, then fail back when ADFS is fixed/back online. The caveat in general is, with ALL of your clients - make sure that Office is completely patched prior to migration, otherwise your users will be in for some headaches that won't be straightened out until updates are applied. I cannot speak to the UM portion, as we are using cisco Unity Connection for voicemail - another fun venture in and of itself. Express Route - the last time I talked with Microsoft Tier 3 support about this (back in Q3 2014) they said they had not been getting many requests for it yet....I'm sure it will gain in popularity over time, but it is a relatively new feature. We're interested in it for our Azure tenant, however they don't support our Telco provider yet. I hope this has been helpful - let us know what other questions you have! Jonathan (I'm not an Exchange guy, but I play one at my job) ________________________________ From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> on behalf of Gannon, Todd <[email protected]<mailto:[email protected]>> Sent: Thursday, May 21, 2015 9:03 PM To: [email protected]<mailto:[email protected]> Subject: [Exchange] Exchange Online O365 vs On-Premise Hi - We currently have a Exchange on-premise 2010 environment in a DAG across two sites with 12 databases housing approx 2500 mailboxes and Unified Messaging hosting voice mail. Apart from some initial teething problems due to disk latency, the setup has worked great for the past 4 years, and Exchange has not missed a beat. I am now at the stage where I am considering upgrades to either Exchange 2013 on-premise or Exchange Online O365. As part of some POC testing I have set up a tenant in O365 and have moved some mailboxes and it is working fine. So I suppose I am looking for anyone who has gone through a similar experience with a hybrid scenario and if they can detail any gotchas with a O365 migration, and if they had their time again, would you choose to stay on-premise? I've read lots of technical documentation around this but I would like to hear any feedback from the real world to give me some idea of direction that I choose. On top of this, a couple of questions ADFS vs DirSync? I have dirsync set up. Is ADFS a benefit for O365? Does single sign on work for Outlook 2010+ or is there still credential pop up? Express Route - Are companies using this for Exchange online? Unified Messaging - I'm still getting my head around this part.. Any ideas or views appreciated! Thanks for that. Todd
