Migration from hosted Exchange server to Exchange 2019/2016
I. Pre-migration activities
Below you will find a list of key points to be considered:
Step 1: Prepare a clean target Exchange environment in a new Active Directory forest
The following points need to be revised:
- Send/receive connectors (Exchange 2019)
- Accepted domains (Exchange 2019)
- Default email address policy (Exchange 2019)
- External URLs (Exchange 2019)
- Internal URLs (Exchange 2019)
- Server's certificates (Exchange 2019)
Learn more about the above in Exchange 2016.
Step 2: Make sure that the account used to connect to the source server can impersonate other users
Check if your admin account on the hosted Exchange server is assigned the ApplicationImpersonation role for the mailboxes you intend to migrate. See this article to learn how to assign the impersonation rights manually.
If you cannot assign the necessary permissions by yourself, ask your hosted Exchange provider for assistance.
Step 3: Prepare domain accounts on the target server
- Create appropriate mailbox-enabled accounts manually in the target forest.
- During the mailboxes matching step, you can also set the program to create the mailboxes and the corresponding users automatically.
If you choose either to manually create the mailboxes or allow the program to prepare them for you, be advised that the account data (such as permissions) will not be migrated. However, if you set the program to automatically create a new mailbox-enabled user in the target environment, there is an option to copy main AD attributes from the source user account. Learn more
Step 4: Verify the configuration and rights of the admin account that will be used to connect to the target Exchange server
Make sure that the target admin account is assigned the necessary management roles and that this account is mailbox-enabled.
Verify the following:
- Check if the target admin account has the following roles assigned:
- View-Only Recipients
- View-Only Configuration
- Public Folders*
- Mail Recipient Creation*
- Mail Recipients*
Please note that the Public Folders role is only required if you plan to migrate public folders. Moreover, the Mail Recipient Creation and Mail Recipients roles are required to create new users and mailboxes. Therefore, it's not required to assign them to the admin account if you are migrating data to the mailboxes that already exist on the target server.
- check which roles are assigned to a specific user. To do that, run the Exchange Management Shell on the target server and enter the following cmdlet: Get-ManagementRoleAssignment -RoleAssignee “UserName”, where instead of UserName you need to enter a valid Name or Alias of your mailbox-enabled AD user; or
- check which users are assigned a specific role. To do that, run the Exchange Management Shell on the target server and enter the following cmdlet: Get-ManagementRoleAssignment –Role “RoleName”, where instead of RoleName you need to enter a specific role, e.g. ApplicationImpersonation.
- Access to the target server's EWS service using IP or Domain Name, e.g. https://[Exchange_IP]/EWS/Exchange.asmx or https://[Exchange_Name]/EWS/Exchange.asmx
- To connect to EWS from the outside of the local network you need to have the external EWS URL correctly configured:
- Open the Exchange Management Shell on the target server and check if the ExternalUrl is defined: Get-WebServicesVirtualDirectory | fl
- If there's no address in the ExternalUrl line it needs to be defined. Execute the following script: Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -ExternalUrl https://[Target server's internet name]/EWS/Exchange.asmx
Step 5: Adjust the EWS throttling settings and change the maximum size limit of sent mail to decrease the time of migration processing
Step 6: Prepare a CSV file containing a list of already matched source and target mailboxes
The CSV file needs to contain the following data:
- Source mailbox email address
- Source mailbox ID (the ExchangeGuid property value)
- Target mailbox email address
- Target mailbox ID (the ExchangeGuid property value)
Optionally, you can also include the following data:
- Source mailbox first name
- Source mailbox last name
- Source mailbox display name
If necessary, contact your hosted Exchange server provider to supply you with the necessary data.
Step 7: Install and activate CodeTwo Exchange Migration
You can install CodeTwo Exchange Migration on any machine within your organization. However, we recommend that you install the software and required components on the target Exchange server to maximize the upload speed.
The following additional components will also be installed, as they are required for CodeTwo Exchange Migration to run properly:
- .NET Framework 4.5 or higher (required on all systems),
- Windows PowerShell 3.0 (required on all systems),
The installation wizard will guide you through the whole installation process. After the installation is finished, remember to activate the program.
II. Migration process
Step 1: Connect to the source server
Make sure that the software user who runs the migration is a local administrator.
Once you start the program, you will see the Dashboard tab. Click Create a new migration job link on the How to start card. Select the source server type: Exchange Server. The Create Exchange migration job wizard will open. Set the name of the job and select The program is installed outside the source Exchange server domain (the Migrate mailboxes using a CSV file containing a list of already matched source and target mailboxes checkbox will be selected automatically). Next, proceed to the Mailboxes step. If this is your first migration job, you will need to configure a connection to a hosted Exchange server. Click Add new source connection in the Source server drop-down meu and a wizard will open. You need to go through these steps:
- Server connection – in this step, provide your server’s FQDN or IP address. Options that are unavailable for this connection method, e.g. the Autodiscover feature, are greyed-out.
- Admin account – here, you need to enter the primary SMTP address and password of the admin account that will be used to access mailboxes on the source server. Remember that the admin account must be assigned the ApplicationImpersonation role to the mailboxes you want to migrate (as specified in Pre-migration activities - Step 2 above).
- Configuration – this process configures your connection based on the settings provided in the previous steps. With the Check the impersonation settings button, you can check beforehand if the admin account is actually assigned the ApplicationImpersonation role for a given source user mailbox.
Click Finish to close the server connection wizard.
Step 2: Connect to the target server
After successfully configuring the source connection, you will get back to the Mailboxes step of the migration job wizard. Now, set up a new target server connection by choosing Add new target connection from the Target server drop-down menu. A simple wizard will open:
- In the Server connection step, choose either Autodiscover Exchange Server (default option) to automatically find the proper target server or configure the connection manually.
If you decided to configure the target connection manually, be aware that using an IP address will make granting impersonation rights and creating mailboxes impossible unless you configure PowerShell Virtual Directory in IIS to allow basic authentication.
- Admin account – provide a valid UPN and password of the account that will access the target server (remember that the admin account must fulfill the requirements specified in Pre-migration activities - Step 4 above). Click Next to move on to the Configuration step.
- Configuration – this process configures the target Exchange server connection and checks whether the account provided in the previous step has the necessary roles assigned. If not, the program will attempt to assign them automatically. In such a case, you might be asked to provide the credentials of another account that belongs to the Organization Management role group. This account will not be used to connect to the target server, but only to assign the missing roles.
Once the configuration ends successfully, you will see green check marks. If any errors appear, see Troubleshooting.
Click Finish to go back to the Mailboxes step.
Step 3: Import a CSV file with a list of mailboxes between which the migration will take place
Click Import from CSV and select the CSV file containing a list of already matched source and target mailboxes. The Import matched mailboxes window opens. You now need to map the columns from your CSV file with headings (parameters) used by the program. If the data shown in Step 2 – Review your data is not displayed correctly, adjust the CSV file formatting options, such as fields delimiter or file encoding. Learn more
Click Import when done and continue with the migration job wizard configuration.
Step 4: Customize all necessary aspects of the migration job
You can configure the following additional options:
- Scheduler - allows you to set the job to be automatically started in the desired time periods, so you do not have to control it manually.
- Time filter - is used to exclude items that are older or newer than a particular date
- Folder filter - may completely exclude specific folders from the migration process
- Advanced settings - provides an option to define how many mailboxes should be migrated at the same time. This number should correspond to the number of logical processors. You can also define the maximum size of items to be migrated.
Step 5: Start the migration
Review your migration job in the Job summary step. Click Finish to close the wizard.
Move on to the JOBS tab and click Start on the toolbar to begin the migration. Once you start the migration, all items from the source mailboxes will be migrated to their corresponding target mailboxes.
The migration processing time depends on several different factors, e.g. the number of mailboxes and items, the speed of internet connection, EWS throttling settings. See this article for details.
Step 6: Check if the number of items migrated in the target mailboxes matches the number of items in the source server mailboxes
If you notice any missing items in the target mailbox, restart the migration by using the Run delta migration option.
Please be aware that the program does not migrate some specific folders at all. Those are e.g. Sync Issues or ones created while putting a mailbox on litigation hold.
If any problems appear during the migration process, they will be visible on the JOBS tab in the Migration status column or on the Job bad news card. Details of the problems can be checked in the diagnostic files.
Step 7: Check if there are any new items in the source mailbox after migration
Once the migration is finished and you have noticed that some new items appeared in the migrated source mailbox, just restart the migration by using the Run delta migration option. Please keep in mind that this feature migrates only new items, not the modified ones. Delta migration can also be used to resolve issues with any items that failed to migrate on the first attempt.
III. Post-migration cleanup
Step 1: Change DNS records (MX, Autodiscover)
You need to change MX records to enable mail flow to new servers. Additionally, you should also set up Autodiscover record to facilitate connecting migrated mailboxes with a mail client (e.g. Outlook). Detailed information on how to do so on Exchange Server 2019 and 2016 can be found in this Microsoft article. Please note that this process may take several hours.
If any new items appear in a source mailbox while the MX records are being changed, it is possible to migrate these items after the records migration process is completed. It can be done by using the Run delta migration option.