Managing Accessibility of OST files through Cloud-based Platforms

Implementing Cloud-based Platform Migration

Cloud-based migration is a next generation migration option that readily reduces the chances of corruption and makes accessibility of files quite easy. As far as OST files are concerned, they are also preferred to be migrated in the same platform without any worries. Doing so makes them all time available back-up of required files. Moreover, the cloud can be accessed from anywhere at any time and can be even used for bulk migration. 

Thus, the required OST files become safe and handy on few clicks. However, few questions protrude while we think of OST files. It relates to “What happens if OST files get corrupt?” “Will it anyhow affect the existence of PST?” If how, then what will be the concerning factors?

To make the picture clearer it must be clear that the initial focus is to rescue the damaged OST files content and try to keep data hierarchy unchanged without any issues. To be answerable in such unexpected circumstances it is necessary to avail some technical assistance from reliable third-party tool. 

Managing spoilt OST files

There is high probability of getting OST files affected by corruption. However, the severity of OST file corruption is beyond the scope of the topic, but its impetus may somehow put a massive effect on entire file structure. 

Implementing Cloud-based Platform Migration

Cloud-based migration is a next generation migration option that readily reduces the chances of corruption and makes accessibility of files quite easy. As far as OST files are concerned, they are also preferred to be migrated in the same platform without any worries. Doing so makes them all time available back-up of required files. Moreover, the cloud can be accessed from anywhere at any time and can be even used for bulk migration. 

Thus, the required OST files become safe and handy on few clicks. However, few questions protrude while we think of OST files. It relates to “What happens if OST files get corrupt?” “Will it anyhow affect the existence of PST?” If how, then what will be the concerning factors?

To make the picture clearer it must be clear that the initial focus is to rescue the damaged OST files content and try to keep data hierarchy unchanged without any issues. To be answerable in such unexpected circumstances it is necessary to avail some technical assistance from reliable third-party tool. 

Managing spoilt OST files

There is high probability of getting OST files affected by corruption. However, the severity of OST file corruption is beyond the scope of the topic, but its impetus may somehow put a massive effect on entire file structure. 

image

Figure 1 Dialog Box presenting technical issue.

You must be introduced to the dialog box that displays the inaccessibility information. It is not the single note; moreover, there are ample of them that convey the same message in other manner. 

However, assistance from third-party proved to be helpful. Kernel for OST to PST is the most convenient and user-enabled third-party tool, which is often recommended for this purpose. This OST to PST tool simply scans for damaged/corrupt OST files and repairs them keeping OST file hierarchy and data structure unchanged. Moreover, the tool provides an option either to directly migrate the OST files to cloud-based platforms or convert same to PST and other file formats like DBX, MBOX, MSG, EML, TXT, RTF, HTML, MHTML, & PDF.

What takes for restructuring lost OST files?

Kernel for OST to PST makes use of inbuilt QFSCI algorithm to regain the lost file structure of OST files, it also includes resurrection of OST files content. So, to restructure the damaged OST files Kernel for OST to PST makes use of few essential steps, which include selection of concerned OST files, their preview post conversion and their migration/conversion as per user’s choice. The entire process is done within few clicks and conversion/migration entirely depends upon user’s choice.

Cloud-based Migration-User’s choice

Being a choice of next generation, cloud-based migration is being effectively used and recommended by many users.  Kernel for OST to PST provides such option in addition to the conventional methods of saving OST files in other formats. The screenshot of the tool clearly shows the effectiveness of the tool in handling the OST data in conventional process and cloud-based migration that involves email servers, webmails and Office 365.

 

image

Figure 2 Screenshot of Kernel for OST to PST presenting different options.

 

About Kernel for OST to PST

Kernel Data Recovery has designed a more secure way than conventional methods that were quite risky and time consuming. A more dedicated tool – Kernel for OST to PST has been crafted for this purpose. Kernel for OST to PST uses a secure way to convert OST files to other file format. Thus, it brings a clear picture to the user that OST files can be saved in other formats as well with same dedication and precision as it does for PST file format. Even if the obtained files are large in size, then it can be split in required size. For lost OST files Kernel for OST to PST provides ‘Search’ option. The ‘Preview’ option lets user to make sure that entire conversion has been perfectly taken place. This option provides preview of converted items. 

With the below mentioned descriptive figure you can understand the exact functioning of the tool. 

image

Figure3.Making file selection and uploading.

image

Figure4.Details of concerned files and different saving option.

image

Figure5. Saving Path of desired file.

For perfect conversion process to initiate, the user system must have Pentium class processor, minimum 64 MB RAM, 50 MB space for software installation and some space to save results. The tool supports all versions of MS Exchange Server, MS Outlook, Outlook Express, Windows Server and Windows OS. 

Securing OST files-An Ultimate Aim

For secure OST migration to cloud-based platforms it is recommended to take assistance from reliable third-party tool like Kernel for OST to PST. Due to provision of secure migration and conversion, this tool is highly advised. Since cloud-based migration provides effective and convenient access to OST files; therefore, it is regarded as future cloud for MS Outlook users.

You could download the copy from the below location

http://www.nucleustechnologies.com/exchange-ost-recovery.html

RecoveryFix for Exchange Server Recovery

One of the most important component of the Exchange server is the database and it stores the user’s mailbox with emails, contacts, calendar, tasks, notes etc.

MS Exchange is considered as mission critical application as most of the business transaction happens over email. Hence, it is very important that the database are protected. Exchange server provides multiple native option to protect the database. Exchange backups, multiple database copy, LAG database copy are the common ways to protect database with minimum or no data loss.

In spite of multiple options and complex configuration, there is always a possibility of exchange database getting corrupt and cause a major downtime for the users with data loss. Exchange native tool ‘ESEUTIL’ could be used to fix the database corruption, but in most of the occasions, it take enormous amount of time to fix the corruption. Alternatively, you could restore data from the backups but it is subjected to data loss between the backup time and the restore time.

Lepide software Pvt. Ltd. offers RecoveryFix for Exchange Server Recovery tool, it helps to recover Exchange database from corruption. It works on all version of Exchange database file starting from Exchange 5.5 to latest version of Exchange. It is a very simple, easy and efficient tool.

RecoveryFix for Exchange Server Recovery tool accepts the database file .edb and .stm (for legacy database only) as source files.

 

image

Image: Selecting Corrupted database to recover

 

Operating the software, once the source database file is selected then it provides three different recovery mode options:

1. Automatic Analyze and recover: It is the recommended and fastest mode to restore the corrupted database. It scans through the database, fixes the corruption and lists all the recovered mailboxes in the database. Recovered mailboxes from the database can be exported to the .pst files.

2. Advance Scan: It is selected when database is severely corrupted and ‘Automatic Analyze and Recover’ option fails. This mode performs deep scanning of the database and it takes some time to recover the database. Once the database is fixed, it lists all the recovered mailboxes in the database. Recovered mailboxes from the database can be exported to the .pst files.

3. Rebuild corrupted database: This option reduces unnecessary efforts of exporting the user’s mailbox to .pst file and sharing with the users. It creates/rebuilds a new clean database by fixing the corruption in the database. The new recovered database is ready to mount on the Exchange servers.

 

image

Image: Recovery Modes to Recover Corrupted Database

 

Automatic analyze and recover and Advanced scan are the most common options, when you have bigger database and large number of mailboxes to recover. Once scanning process is done, it proves effective in fixing all the corruption and allows administrator to view/validate the mailboxes and its content.

image

Image: RecoveryFix for Exchange Server Console

Administrator can save all the recovered mailboxes into .pst file format. These .pst files can be imported into the target user’s mailbox or any other temp mailbox. Administrators can also share the .pst with users and can be accessed through their MS Outlook.

Saving the recovered mailboxes can be done easily by selecting ‘Save’ button from the top ribbon bar. Saving option provides some great flexibility to filter only the necessary emails based on date.

Administrator can easily filter emails based on predefined date or custom date. Finally at the end, one just got to define the path of the destination folder to save the recovered .pst files.

 

image

Image: Saving Option to export the .pst

 

Conclusions:

I think it’s a great tool to fix the corrupted Exchange database and at the same time can save your efforts and time. I recommend this tool for all the Exchange Server administrators. You can download the copy of the software from the Recoveryfix Website – http://www.recoveryfix.com/exchange-server-recovery.html

LepideMigrator for Exchange (LME)

Exchange migration involves a lot of effort and time; it is one of the most complex migrations to perform. After doing tons of exchange migration, I realized that not every environment is the same and not every migration is the same. During an exchange migration, everyone’s mailbox will be moved from one version of Exchange to the latest version or to the other organization. With the upgrade of Exchange servers, it is important that client outlook version is also upgraded to the latest level or to the level of Exchange servers. Thus, in a way everyone has to undergo some kind of changes with learning, while adopting a new Exchange environment into the organization.

LepideMigrator for Exchange (LME) is the new latest Exchange migration tool from Lepide which helps in performing a migration from one Exchange Environment to another which is either located locally or another network or even in the Office 365 or Exchange hosted solution in the cloud environment. It supports different migration scenarios, like

· Exchange 2003 / 2007 and Exchange 2010

· Exchange 2003 / 2007 and Exchange 2013

· Exchange 2010 and Exchange 2013

· Migration from any Exchange Server to Office 365

· Public Folder Migration

· Intra-forest Exchange Migration

· Cross-forest Exchange Migration

Given below are a few interesting features of the products.

1. Innovative technique to migrate the large number of mailboxes from source Exchange server to the target which enhances the performance. It can be installed on multiple computers and increase migration volume depending on the requirement. We can also schedule the mailbox move by creating schedule jobs. It provides rich filtering options to filter unwanted email and migrate only necessary email to the target and can also provide the option to undo or rollback the mailbox migration, if necessary.

2. Exchange migration is a time-consuming process which needs a lot of effort and time. To reduce the migration efforts, we can sync the complete source mailbox to the target much ahead of time and just do an incremental sync only before the final cutover. This helps in avoiding any kind of data loss and outage to the users.

3. Report is very important for the migration and helps in tracking migration history and plan for the future migration. Notification helps administrator to notify the status of the migration status with email alerts for the job status, job completion, or job cancelation.

Migrations of the mailbox using LepideMigrator for Exchange is a very easy process and let’s understand on how easy it is to configure and to migrate a mailbox from one forest to another.

Given below is the Setup of my lab

1. Source forest Green.com

2. Target Forest blue.com

3. Creating DNS forwarding and trust between green.com and blue.com

Given below is a step-by-step instruction to perform cross forest migration.

1. Install LepideMigrator for Exchange at the source or target forest. In this scenario, the tool is installed on the source forest green.com. It is installed on the Windows 7 machine with outlook client installed

2. To perform the configuration, start the LepideMigrator for Exchange, Right click on All projects -> click on ‘Add Project’ -> provide the name to the Mailbox migration project

image

3. Then, create the new Job for the mailbox migration and provide the name for the same and click on ‘Next’

image

4. Connect to the source forest domain control by providing the IP address and administrator credentials. Then click on ‘Next’

image

5. Select all the necessary required users to migrate into the target domain and click on ‘Next’

image

6. Input the target domain controller IP address and the admin credentials. Make sure to specify ‘Different Domain’ for cross forest migration scenario and then click ‘Next’. You can also pull down ‘Migrate To’ to select the different options like same domain or office 365.

image

7. It also provides the filters to include or exclude the message based on date and folder. Click on ‘Next’ to continue

image

8. Here, we need to map the source mailbox with the target forest mailbox. It provides the option to map the source mailbox to target pre-created mailbox automatically. If not, we could provide the CSV file specifying the source and target mailbox mapping.

image

9. Another option could also be to create the target mailbox using the tool itself. Select all the source mailbox and click on message icon, then click on ‘Start’.

image

10. Once the target mailbox is created, then you could see the mapping done automatically for each of the source mailbox with the target. Click on ‘Next’ to continue.

image

11. Specify option to Skip the Bad item count or if you just want to do only the mailbox content synchronization, and then click on ‘Next’.

image

12. Specify the email address to receive various notifications for Job start, Job stop, Job completion, mailbox migration start / finish etc.

image

13. Notification configuration needs the SMTP address and other necessary configurations. Please provide the same and continue with the ‘Next’.

image

14. Specify the time duration to deny or permit the migration for the specific time period. It is important to make sure that migration is not done at the production hours, which could have the user performance impact. Click on ‘Next’ to continue.

image

15. Then schedule the migration depending on the requirement and click on ‘Next.

image

16. Finally, verify the summary details and click on ‘Finish’ to complete the Job creation.

image

17. It’s now the time to generate the license file and upload it to http://www.lepide.com/lepide-migration-for-exchange. It generates the generate activation file, download the import it to activate the same.

image

18. Once the license is activated, we are ready to start the mailbox migration by right clicking on the Job and select the option ‘Start Job’.

Report Console

1. Report console helps to generate the migration statistics report. It helps to analyze the migration details and also to track the status. This report has the complete statistics of the migration performed using the server. It has details of number of jobs, with the domain details and the Exchange version specifications.

To start the report console

2. Start the LepideMigrator for Exchange

3. Click on tool -> click on Report Console

image

4. Login with the account and password as ‘lepadmin’

image

5. To understand the details of each of the migration job, click on the Job name. It gets the detailed information with number of mailboxes, total folders, migrated messages and status. Below is the reference screen shot.

image

6. You could also generate some quick reports in html or pdf file using the options available in the bottom left corner of the LepideMigrator for Exchange tool.

image

Conclusion:

This migration could take some time depending upon factors like the size of the source mailbox, bandwidth, source and target server performance, etc. Migration using a ‘LepideMigrator for Exchange’ is much simpler to configure and manage than a native migration tool. It provides option to migrate the account with SID History and also copy the password from the source to target account, which is very important for the cross forest migration scenario. It also provides option to migrate public folders and also apply the settings like mailbox rights, send as permission, public folder administration rights send on behalf, message delivery restriction, and public folder client permission.

I believe, LepideMigrator for Exchange is a compressive tool to perform migration under various scenario. This tool has all the features to perform end to end migration.

You can find the detailed information about the tool at http://www.lepide.com/exchangemigrator/ and  also download the trial version from http://www.lepide.com/exchangemigrator/download.html

Kernel for Exchange Server Recovery

Exchange Server is one of the most business critical applications in an organization; accessed by everyone in the organization, everyday and round the clock. It can be from their outlook client, tabs, mobile devices etc. Exchange Server emails are also considered to be legal and many organizations retain the user’s mailbox data for compliance and regulatory requirement with legal hold option in Exchange Servers. This adds a lot of pressure on the IT Department to make sure that emails servers are protected from various unforeseen situations like DB failure, Server failure and AD site failure. The latest version of Exchange Server offers some high availability and site resiliency with DAG. These options can only protect the database from different physical failures or physical corruption, but they cannot protect it from logical corruption. Logical corruption could be due to physical hard drive errors, file size errors, JET errors, human errors, virus attacks, hardware problems, etc. During the logical corruption we may have to rely on the backups to restore the database and this is subject to data loss for the users.

Kernel Exchange Server Recovery and EDB Repair Tool can easily perform database recovery without any data loss from the corrupted database. It can not only connect to the corrupted database repairs corrupt, damages but also allow exporting of the user mailbox data into the PST. Again, it can even copy the content to the user’s mailbox in the live exchange servers.

It is an easy to use to tool with simple GUI which can connect to any database file from Exchange 2000 to Exchange 2013.

image

It provides the option to perform a standard or advanced scan. Generally, scan is used but advance scan mode is used only when a DB is severely corrupted and unable to recover it using the standard scan.

image

Once it is connected, it scans through the entire EDB file, fixes the corruption and displays the entire mailbox in the EDB file. Right click on the EDB file and save the contents of all the mailbox into individual users .PST or it can even connected to the live exchange server mailbox. If required, you can also export the content of the individual mailbox only to the .PST or to the live exchange server, depending on the requirement.

 

image

It also provides the option to perform advance search for the individual mailbox and export the contents.

image

It is a great life-saving tool for Exchange administrators who can even recover the items which are permanently deleted from the deleted items folder. It also support public folder and provides the option to export the public folder content into PST. It provides options to export the individual emails to MSG, EML, RTF, HTML, TEXT and PST files. It can even export the mailbox bigger than 2 GB and in case there is no 2GB mailbox size limitation, it can split the mailbox, which is more than 2 GB into multiple PST files.

I think this is a great and handy tool for all Exchange administrators and would recommend this tool for the all Exchange administrators to explore this product and when there is a critical server’s database corruption. Also, the free trail can saves/export 25 items per folder. Please check download page for more information.

http://www.nucleustechnologies.com/Exchange-Server-Data-Recovery.html

http://www.nucleustechnologies.com/download-exchange-server-recovery.php

Office 365 Hybrid Configuring Using Windows Azure – Part 6

I tried to keep this article series as brief as possible and cover end-to-end configuration of Exchange and Office 365. This should give you a complete understanding to take the base on-premises exchange environment and integrate with the Office 365 in the hybrid mode.

This is the final and last part of this article series. We will continue with the discussion on the topics mentioned below.

I. Provisioning Office 365 mailbox from on-premises Exchange Admin center

II. Accessing provisioned mailbox using Single Sign On(SSO)

III. Migrating mailbox from on-premises to Office 365

Other part of the Articles can be found at below link

Office 365 Hybrid Configuring Using Windows Azure – Part 1

Office 365 Hybrid Configuring Using Windows Azure – Part 2

Office 365 Hybrid Configuring Using Windows Azure – Part 3

Office 365 Hybrid Configuring Using Windows Azure – Part 4

Office 365 Hybrid Configuring Using Windows Azure – Part 5

Provisioning Office 365 mailbox from Exchange Admin Center

It is recommended to provision all the mailbox for both on-premises and Office 365 through On-premises Exchange Admin Center.

1. Login to on-Premises Exchange admin Center

2. Click on recipients -> mailboxes and click on ‘ + ‘ to select ‘Office 365 mailbox’

1

3. Provide all the necessary new user details and save to create the mailbox in Office 365

2

4. This will create an AD object at on-premises active directory and create the mailbox at Office 365. Given below is a reference snapshot of Exchange EAC with the new Office 365 mailbox.

3new

5. The newly created object at on-premises has to be synced with Office 365. Scheduled synchronization happens every 3 hours. Follow the steps given below to force the directory synchronization immediately and allow users to login with the new accounts.

a. Login to the Dirsync server – Krisdirsync.cloudapp.net with the admin credentials

b. Access windows explore and navigate to the path “%programfiles%\Windows Azure Active Directory Sync”

c. Double-click on DirSyncConfigShell.psc1 to open a Windows PowerShell window with the cmdlets loaded.

d. In the Windows PowerShell window, type Start-OnlineCoexistenceSync, and then press ENTER

4new

6. With force synchronization, we should be able to see the new account at Office 365 portal and given below is the reference screen shot.

These accounts need to be activated and assigned the license to allow users to login to their mailbox. Select the required ‘synced with Active Directory’ user and click on ‘Active Synced user’

5new

7. Active the user by specifying the user location , assigning the required licenses and click on ‘Next’

6

8. The ‘Send result in email’ page is to send the mailbox creation with password detail to the authorized person. Since we have synced the objects from active directory, passwords are not reset for the users. Click on ‘Active’ to active the mailbox.

7

9. The ‘Results’ page has the mailbox activation confirmation with the message ‘The password wasn’t reset because its user’s password is synced with your on-premises’

8

Accessing provisioned mailbox using Single Sign on (SSO)

1. Login to the client machine and connect to the Office 365 portal via explore. Sign in with the new account rajesh.kumar@checkwhatsin.com and use the TAB key

9

2. Office 365 portal will check for ‘checkwhatsin.com’ SSO configuration and it will immediately redirect to the organization sign-in page

10

3. Input the domain\username and password and click on ‘Sign In’ to authenticate

11

4. The welcome page is ‘Get started with Office 365 page’, with all the necessary information to connect to Outlook, Outlook Web App, installing Office client software’s setting up the mobile device etc.

Click on ‘Outlook’ on the top ribbon to access the Outlook Web App

12

5. Shown below is the new and first look for users Outlook Web App

13

Migrating mailbox from on-premises to Office 365

The idea of having a hybrid environment is to have some or the majority of mailboxes in Office 365 and others in on-premises. Let understand how to migrate users from on-premises to Office 365 and understand as to how they continue to access their emails

1. Connect to the Exchange on-premises EAC with Organization admin credentials

2. The Mailbox Replication Proxy (MRSProxy) service is installed on every Microsoft Exchange Server Client Access server. MRSProxy helps to facilitate cross-forest move requests and it runs on the local Exchange Client Access server. However, MRSProxy is disabled by default.

3. To Enable MRS Proxy select Servers -> Virtual directories -> Double click on “EWS (Default Web Site)”

14

4. Select ‘Enable MRS Proxy endpoint’. This is the important configuration to allow cross forest migration of users from on-premises to Office 365.

15

5. Identify the user for the migration to Office 365 and click on “To Exchange Online” under ‘Move Mailbox’ to start the move mailbox wizard.

16

6. Confirm the migration endpoint with the Remote MRS Proxy server. Internet facing CAS server with MRS proxy enabled is Krisexch.cloudapp.net and the Internet alias name for the same is mail.checkwhatsin.com. Specific the ‘Remote MRS proxy server’ and click on ‘Next’

17

7. Specify the ‘New migration batch name’, ‘Target delivery domain’ name and other necessary details. In our case, Target delivery domain is ‘checkwhatsin.mail.onmicrosoft.com’. Specify the same and click on ‘Next’

18

10. Specify the account to deliver the batch competition status report. Also select the preferred option to start and complete the batch. Click on ‘New’ to start the migration batch

19

11. Click on ‘Yes’ to go to the migration dashboard to see the status of the migration batch.

20

12. This will automatically redirect the page to Office 365 Migration page with details of the migration batch status as syncing.

Syncing: The migration batch has been started, and mailboxes in the migration batch are being actively migrated.

21

13. Once synchronization of the selected mailbox is completed, click on ‘Complete this migration batch’ to perform the final migration process.

22

14. Confirm with ‘Yes’ to start the process.

23

15. Wait for the completed status to make sure the mailbox is migrated from on-premises to office 365.

24

16. Once mailbox is migrated to Office 365, users should start to use the Office 365 portal to connect to Outlook Web App application. Users can still connects to on-premises OWA portal to connect to the Office 365 OWA

25

17. Once you login to on-premises OWA, it determines the location of the mailbox in Office 365 and specifies the Office 365 portal URL to access their mailbox.

26

18. Click on the link to open then the new Office 365 authenticate page. This URL can be saved in the favorites for the further usage. Enter the user email address and press the Tab key

27

19. Since, Federated SSO is configured for the domain checkwhatsin.com, it will redirect to the on-premises reverse proxy server for authentication

28

20. Once authenticated using on-premises credentials, it will redirect back to Office 365 OWA page

29

21. Accessing Office 365 OWA seems to be a bit completed with the redirection happening forth and back in the hybrid mode. It is not the same experience for outlook users and user can continue to access the same profile and OST without changing the profile configuration

22. Once the migration is completed, the user will lose connection and it prompts the user to restart outlook.

23. When outlook is started again, it will prompt for the basic authentication popup. Input the user UPN(username@checkwhatsin.com) and password then click on ‘OK’

30

24. This will allow outlook to communicate, authentic and connect office 365 for email access. Below snap has the details of outlook with ‘Connected to Exchange server’ status.

31

25. We can connect to ‘Outlook Connection Status’ to verify the Office 365 connection. We should be able to see the connection proxy server as outlook.office365.com, which are office 365 servers.

32

With this we have come the end of the article series. I suppose if you want to learn Office 365 and configure Hybrid, then this is one of the best and easiest ways to learn it. Hope you have got some sound understanding as to how to build and configure Office 365 hybrid environment using Windows Azure.

It was a great experience for me to work on this article series and hope it will help you greatly to deploy and configure Office 365 hybrid mode in the production environment.

Other part of the Articles can be found at below link

Office 365 Hybrid Configuring Using Windows Azure – Part 1

Office 365 Hybrid Configuring Using Windows Azure – Part 2

Office 365 Hybrid Configuring Using Windows Azure – Part 3

Office 365 Hybrid Configuring Using Windows Azure – Part 4

Office 365 Hybrid Configuring Using Windows Azure – Part 5

Office 365 Hybrid Configuring Using Windows Azure – Part 5

We are almost done with the preparation of the environment to work in the hybrid mode. In this part, we will be performing the final configuration of enterprise on-premises Exchange servers and Office 365 to work in the hybrid mode.

Given below is a list of activities to be performed in this series:

I. On-premises hybrid configuration verification and tweaking

II. Office 365 hybrid configuration verification and tweaking

Other part of the Articles can be found at below link

Office 365 Hybrid Configuring Using Windows Azure – Part 1

Office 365 Hybrid Configuring Using Windows Azure – Part 2

Office 365 Hybrid Configuring Using Windows Azure – Part 3

Office 365 Hybrid Configuring Using Windows Azure – Part 4

Office 365 Hybrid Configuring Using Windows Azure – Part 6

On-premises hybrid configuration verification and tweaking

Hybrid configuration has made the necessary configuration changes in the on-premises exchange organization and Office 365. Let us verify some of these configurations and also make necessary changes to suit the requirement.

1. Login go krisexch.green.com with the organization admin credential and connect to the Exchange admin center.

2. Click on Mail flow -> Email address policies. Hybrid configuration wizard updates the email address policy with the secondary email address as alias@checkwhatsin.mail.onmicrosoft.com. Hence forth every mailbox object created will also get the secondary email address stamped with the domain checkwhatsin.mail.onmicrosoft.com

1

3. Click on mail flow -> accepted domains. We should see that the new entry checkwhatsin.mail.onmicrosoft.com has added an accepted domain and it is marked ‘Authoritative’.

2

4. Authoritative accepted domain is to allow exchange organization to accept emails and deliver them within the exchange organization. This is not the desired configuration at on-premises for the domain checkwhatsin.mail.onmicrosoft.com. Since it is the authority’s domain at Office 365, change the checkwhatsin.mail.onmicrosoft.com as internal relay.

Internal Relay: If the target mailbox resides locally, then it will be delivered. If the target mailbox is in a remote organization, then it will use a send connector to route email to the remote office 365 domain.

3new

5. Let us verify the connector to send an email to Office 365. The hybrid configuration creates a new “Outbound to Office 365” connector to route emails to the remote Office 365 domain.

To verify the same, click on mail flow -> send connectors.

4new

6. Hybrid configuration does not make any configuration changes or additions to the receive connector to accept email from Office 365. Default <Servername> receive connector  will be used to accept email on port 25 from Office 365

6

7. Organization sharing settings allow everyone in the organization to share free/busy and calendar information between the federated exchange organizations.

7

Office 365 hybrid configuration verification and tweaking

Hybrid configuration has made some necessary configuration changes in the Office 365 to work with exchange on-premises organization. It allows the mail flow, free/busy and other calendar information between the organizations.

Let us verify some of the configuration and make the necessary changes, if required.

1. Connect to the ‘Office 365 Exchange admin center’ and click on ‘mail flow’ -> ‘accepted domains’.

2. Hybrid configuration adds the new authoritative accepted domain as checkwhatsin.com

8

3. Authoritative accepted domain is to allow exchange organization to accept emails and deliver them within the exchange organization. This is not the desired configuration for the domain checkwhatsin.com. Since, its authoritative domain is at on-premises domain.

In the Part 4 of the article series, we have changed checkwhatsin.com MX record to point to Office 365. If checkwhatsin.com is marked ‘Authoritative’, then only will it deliver to the target mailbox in Office 365. If it is not able to find the target mailbox in office 365, then it will send an NDR message to the sender

This is not the desired configuration since, all the mailbox for checkwhatsin.com is residing on on-premises. Hence, it has to be set to ‘Internal relay’. If the target mailbox is not found in Office 365 then, it will be routed to the on-premises exchange organization, via an outbound connector

9

4. Hybrid configuration also creates Inbound and outbound connects at Office 365 to send /receive email from premises exchange servers.

The Inbound connector is to accept email from on-premises Exchange Send connectors for the recipients with the email address @checkwhatsin.mail.onmicrosoft.com

The Outbound connects is to send emails to on-premises exchange receive connector for the recipients with the email address @checkwhatsin.com

10

5. Office 365 Inbound connector can be tweaked to accept emails only from the specific on-premises exchange server and domain

The snapshot shown below has the details with sender domain set to checkwhatsin.com and sender IP address set to the IPaddress Exchange 2013 server. (It’s a Krisexch01.cloupdapp.net windows Azure IP address)

11

6. With this configuration , we should be able to send and receive emails between office 365 and on-premises exchange organization

Email flow from cloud on non-Premises

12

Mail flow from on-premises to cloud.

13

Thus, we have completely prepared and configured on-premises and Office 365 to work on a hybrid mode.

In the next and final part of the article service, we shall be trying to understand how to make provision for a mailbox in the hybrid mode, and in that series, how to migrate the mailbox from on-premises to Office 365

Other part of the Articles can be found at below link

Office 365 Hybrid Configuring Using Windows Azure – Part 1

Office 365 Hybrid Configuring Using Windows Azure – Part 2

Office 365 Hybrid Configuring Using Windows Azure – Part 3

Office 365 Hybrid Configuring Using Windows Azure – Part 4

Office 365 Hybrid Configuring Using Windows Azure – Part 6

Office 365 Hybrid Configuring Using Windows Azure – Part 3

In the first part of the article series, we have configured the windows Azure lab and office 365 account and in the second part, we had configured ADFS and ADFS Proxy server.

Now, in this part of the series we will be configuring Single Sign on (SSO) and Directory synchronization between the On-Prem and Office 365.

I. Configuring SSO between office 365 and Exchange 2013 On-Premises

II. Configuring Directory Synchronization between Office 365 and Exchange 2013 On-Premises

Other part of the articles are be found below

Office 365 Hybrid Configuring Using Windows Azure – Part 1

Office 365 Hybrid Configuring Using Windows Azure – Part 2

Office 365 Hybrid Configuring Using Windows Azure – Part 4

Office 365 Hybrid Configuring Using Windows Azure – Part 5

Office 365 Hybrid Configuring Using Windows Azure – Part 6

Configuring SSO between Office 365 and Exchange 2013 On-Prem

1. Connect to server krisadfs.cloudapp.net and login with the domain admin credentials.

2. ‘Microsoft online service sign-in Assistant’ is a prerequisite for installing ‘Windows Azure Active Directory Module’ to configuring Single Sign On

Download and perform the default installation of Microsoft Online Services Sign-In Assistant for IT Professionals

1

3. Login to the Office 365 portal using Internet Explorer and click on “users and group” on the left pane and click on Single Sign-on “Set up”

2

4. Scroll down to select Windows 64-Bit version of ‘Windows Azure Directory module for Windows PowerShell’. Click on ‘Download’ to get the file into the local computer.

3

5. Perform the default installation of ‘Windows Azure Active Directory Module for Windows PowerShell’ by clicking ‘Next’

4

6. Click on ‘Finish’ to complete the installation.

5

7. To configure federation between Office 365 and On-Premise, run the ‘Windows Azure Active directory PowerShell’ shortcut from the desktop

6

8. Connect to Office 365 by executing the PowerShell Connect-MSOLService’ cmdlet. This execution will prompt for the credentials. Input the credentials as admin@checkwhatsin.onmicrosoft.com with password and click on ‘OK’

7

9. Once it is connected to the Office 365, we can manage it using PowerShell. Execute the command given below to get the details of all the domain registered in Office 365.

Get-MSolDomain

8

10. We also get a detailed information of the domain by executing the command. Since, we have not configured federation yet, authentication status is as ‘Managed’ for the domain checkwhatsin.com. Once federation is configured between Office 365 and on-premises, then the authentication status will change from managed to federated for the domain checkwhatsin.com

Get-MSolDomain –Domainname Checkwhatsin.com |fl

9

11. The Convert-MSOLDomainToFederated cmdlet converts the specified domain from standard authentication to single sign-on. To convert the domain checkwhatsin.com as Federated, execute the command that is given below.

Convert-MSolDomaintoFederation –DomainName checkwhatsin.com

10

12. Successful execution details can be verified using the command given below and the screen has the authentication details changed to Federated.

Get-MSolDomain –Domainname Checkwhatsin.com |fl

11

13. To verify if the ADFS federation is working , access the office 365 portal page from the browser and input the user name as admin@chekcwhatsin.com and just hit the tab button

12

14. This should automatically start the redirection process

13

15. Finally, this should connect us to the URL https://sts.chekwhatsin.com for the user authentication prompt

14

With this we have successfully completed the configuration of SSO between On-prem and Office 365.

Configuring Directory Synchronization between Office 365 and Exchange 2013 On-Prem

DirSync (Directory Synchronization) is a tool in making copies of local on-premises directory object into the Office 365 environment in a hybrid cloud deployment. DirSync service synchronizes object only from on-premises to Office 365 and it runs for every three hours to publish the changes from the on-premises to Office 365.

In this section, we will create a service account to configure Dirsync server on the server krisdirsync.cloudapp.net

Creating and configuring Service account for DirSync

1. Login to the Office 365 portal with the organization admin account and click ‘users and groups’ from the left pane and click on + symbol to create a new account

15

2. Input the service account name and other necessary details and click on ’Next’

16

3. Select the Assign Role as ‘Global Administrator’ and input other details like ‘Alternative email address, ‘location’ and click on ‘Next’.

17

4. Since, this is a service account, it does not need a mailbox/license. Do not select any license and click on ‘Next’ to continue

18

5. Click on ‘Create’ button to create a new service account and send the service account details to the admin.

19

6. New account has to be logged in once to activate the account and set the new password. Hence, login to the Office 365 portal using the new service account

20

7. This will prompt us for a password change. Update the new password and re-confirm the same password. Click on ‘Save’ to set the new password for the service account.

21

8. Office 365 has a password expiration policy set on all the accounts. Service accounts needed comply with the password expiration policy and they have to be disabled. To disable the password expiration, connect to the Office 365 Windows Azure Active Directory module for PowerShell and execute the below PowerShell cmdlet to set the password never expires to $false.

Get-MsolUser –UserPinrcipalName svr-dirsync@checkwhatsin.onmicrosoft.com | set-MsolUser –PasswordNeverExpires $false

22

Configuring Directory Synchronization between Office 365 and Exchange 2013 On-Prem

1. Login to Directory Synchronization server krisdirsync.cloupdapp.net with the domain admin credentials

2. Install .net Framework 3.5 Features from add ‘Roles and features’ wizard or we can use the below PowerShell cmdlet to install the same

Install-WindowsFeature NET-Framework-Core

3. To start the active directory synchronization , connect to the office 365 portal from the browser and click on users and group and select Active Directory Synchronization :Set Up

23

4. Select ‘Activate’ button to ‘Activate Active Directory synchronization’

24

5. Confirm the activation process by clicking on the ‘Activate’ button again

25

6. Once it is activated, we should be able to download the Directory Sync tool to and save the copy desktop

26

7. Dirsync is a small executable file, which needs to be setup to synchronize from an on-premises Active Directory to Microsoft Office 365

27

8. Start the installation of Dirsync by double clicking on it and click on ‘Next’ at the Welcome page.

28

9. Accept the licenses, default installation path and click on ‘Next’ to continue

29

10. Click on ‘Finish’ to complete the installation and make sure to “Start Configuration Wizard now” is checked to start the configuration immediately.

30

11. Start the Windows Azure Active Directory Sync tool configuration wizard with the click ‘Next’ on the Welcome page.

31

12. Provide Office 365 admin credentials at ‘Windows Azure Active Directory Credentials’ and click on ‘Next’

32

13. Type on-premises domain admin credentials at ‘Active Directory Credentials’ page and click on ‘Next’

33

14. Since we are configuring Hybrid between Office 365 and on-premises, we need to make sure that the ‘Enable Hybrid Deployment’ is checked and then click on ‘Next’

34

15. We do not need a password sync for SSO configuration. We create object at on-premises Active Directory and provision mailbox for the on-premises objects at Office 365. Hence, make sure to ‘Enable password Sync’ is unchecked and click on ‘Next’

35

16. Wait for the ‘Configure complete’ status on the configuration page and click on ‘Next’

36

17. Click on ‘Finish’ at the wizard and make sure to select ’Synchronize your directories now’.

37

18. The active directory sync will immediately synchronize the objects from on-premises to Office 365. Then, click on ‘OK‘

38

19. Login to the Office 365 portal to verify the synchronization of On-prem objects as “Synced with Active Directory” at users and groups. Shown below is the reference snap with marked red has the details of the objects ‘Synced with Active Directory’

39

With this we have come to the end of this article series, where we have successfully configured SSO and Directory synchronization between on-premises and Office 365. We are almost ready with the Windows Azure environment to configure Hybrid setup.

In the next part we will be creating and configuring Hybrid between Windows Azure and Office 365.

Other part of the articles are be found below

Office 365 Hybrid Configuring Using Windows Azure – Part 1

Office 365 Hybrid Configuring Using Windows Azure – Part 2

Office 365 Hybrid Configuring Using Windows Azure – Part 4

Office 365 Hybrid Configuring Using Windows Azure – Part 5

Office 365 Hybrid Configuring Using Windows Azure – Part 6