Tips for a cutover migration to Office 365 with ADFS and Single Sign-on

Here are some of my tips for a cutover migration to Office 365 with ADFS and Single Sign-on

When you read about converting mailboxes to mail-enabled users (MEUs) they don't mention Exchange 2010.  So I opened a ticket with Microsoft and they confirmed that everything for 2007 will work with 2010, and it did.
This is the wiki on that subject:
Convert Exchange 2007 mailboxes to mail-enabled users after a staged Exchange migration
Here are some problems I ran into converting mailboxes to MEUs:
  1. My primary smtp on Exchange 2010 still had a reference to skillsinc.local (along with after I changed all the UPNs from .local to .com and that was messing things up.  When I looked in Office 365 none of my migrated mailboxes had aliases!  Without that Federation will not work.  I used ADMODIFY from Codeplex to remove all reference to skillsinc.local from my local AD.  This blog does a great job detailing how to do that:  Then I wrote a powershell script that added the alias to all the inboxes using Set-MsolUserPrincipalName to fix this problem.  I will post that in another blog post.
  2. Make sure you are running your powershell commands and scripts in the correct window!  Some run on your local exchange shell and some in the Office 365 shell (Microsoft Online Services Powershell module).  Exchange2007MBtoMEU.ps1 must be run from your local exchange server shell to make the changes to your local Active Directory.
  3. Make sure you open the scripts and know what they are doing!  If you get errors, stop everything and figure out what went wrong.  Did you run it from the wrong shell?  Is there something wrong with the alias or the primary smtp in AD? Look at the output in cloud.csv and see if any information is missing.  Mine was missing the CloudEmailAddress because the alias was missing from all my cloud mailboxes. (See bullet point 1)


Popular posts from this blog

Add your Office 2016 KMS Keys to your Volume Activation Server

Solving WinRM Host connection errors in SCVMM - System Center Virtual Machine Manager 2012 R2

How to setup Google Authenticator 2FA with a Watchguard SSL VPN Client for FREE!