SlideShare a Scribd company logo
Exchange User Group Berlin 1
Exchange User Group Berlin
{Online Edition}
25. Mai 2020
Exchange User Group Berlin 2
Exchange Server Hybrid
Was ist das? Warum brauche ich das? Wie geht das?
Exchange User Group Berlin 3
Thomas Stensitzki
Enterprise Consultant
Granikos GmbH & Co. KG
MVP | MCT Regional Lead | MCSM
@stensitzki
thomas.stensitzki@granikos.eu
Exchange User Group Berlin 4
What is Exchange Hybrid?
 Trusted relationship between an on-
premises Exchange Organization and
Exchange Online
 Hybrid connections for mail flow
(SMTP), and client access (HTTPS) for
hybrid functionality
 Hybrid Configuration Wizard (HCW)
activates and configures the hybrid
mode of operation
On-Premises Exchange Organization
Microsoft 365
Exchange Online
Hybrid Configuration
Exchange User Group Berlin 5
Exchange Hybrid Benefits
 Free Busy lookups
 No recreating of Outlook Profiles
 Mailbox migrations without user interruption
 Seamlessly connect to on-premises & Exchange Online
 One Global Address List
 Secure Mail Flow between on-premises & Exchange Online
 Hybrid Modern Authentication
 Cloud based archiving
 And much more…
Exchange User Group Berlin 6
Exchange Hybrid | Two Variants – Three Modes
Hybrid Configuration
Classic
Express Minimal Full
Modern
Minimal Full
Exchange User Group Berlin 7
Classic Full Hybrid
 Active Directory Hybrid with Azure AD Connect
 Exchange Hybrid enabled
 SMTP Connection between On-Premises and
Exchange Online
 Separate hostname (e.g., smtp365.company.de)
 Additional public IP address
 TLS certificate for hostname
 Edge Transport Role in perimeter network (A)
 Alternatively, direct inbound connection (B)
 Inbound HTTPS connection to Client Access
Service
 Published by Reverse Proxy
 Additional public IP address
 Outbound HTTPS connections to Exchange
Online
 Exchange Server
On-Premises Exchange Organization
HybridConfiguration
Perimeter Network
Microsoft 365
Exchange Online Azure AD
Company LAN
SMTP
HTTPS
AB
Exchange User Group Berlin 8
Modern Full Hybrid
 Active Directory Hybrid with Azure AD
Connect
 Exchange Hybrid enabled
 SMTP Connection between On-Premises
and Exchange Online
 Separate hostname (e.g., smtp365.company.de)
 Additional public IP address
 TLS certificate for hostname
 Edge Transport Role in perimeter network (A)
 Alternatively, direct inbound connection (B)
 Outbound HTTPS connections to Exchange
Online
 Exchange Hybrid-Agent (Exchange Online to
Exchange on-premises communication)
 Exchange Server
HybridConfiguration
Perimeter Network
Microsoft 365
Exchange Online Azure AD
Company LAN
On-Premises Exchange Organization
HTTPS
SMTP
AB
Exchange User Group Berlin 9
Exchange Hybrid – The Differences
Full Full classic hybrid configuration, Exchange server published to the
internet (SMTP/HTTPS)
 permanent hybrid operation
Minimal Hybrid configuration, without rich coexistence to migrate
all on-premises mailboxes to Exchange Online
 temporary hybrid operation for a few weeks / months
Express Hybrid configuration, with Azure AD Connect Express settings, to
migrate all on-premises mailboxes to Exchange Online
 temporary hybrid operation for a few days / weeks
Full Full Modern Hybrid configuration, for new hybrid setups based on
Hybrid Agent deployment, with reduced hybrid functionality
 permanent hybrid operation
Minimal Modern Hybrid configuration, to migrate all on-premises mailboxes
to Exchange Online
 temporary hybrid operation for a few weeks / months
Exchange User Group Berlin 10
Exchange Server Hybrid
Was ist das? Warum brauche ich das? Wie geht das?
Exchange User Group Berlin 11
Why do you need Exchange Hybrid?
 Coexistence between on-premises Exchange Organization & Exchange Online
 Mailbox migration to/from Exchange Online
 Microsoft Teams with on-premises mailboxes
 Transition from on-premises Exchange to Exchange Online
 Optimal migration experience for end users
 Centralized mail flow for use of on-premises mail solutions and cloud-hosted
mailboxes
 Gateway-based S/MIME de-/encryption, disclaimer, archiving, journaling, …
 Hybrid mail flow providing Exchange relay functionality for on-premises legacy
applications and devices
 No access to the internet
 No support for TLS connection encryption
 No support for user authentication
Exchange User Group Berlin 12
Exchange Hybrid and Microsoft Teams
 On-Premises Exchange Server 2016 / 2019 hybrid endpoint
 Microsoft Teams backend uses AutoDiscover v2
 Client Access Endpoint for Microsoft Teams backend services
 Always run latest Exchange Server cumulative update
 Use Third-Party TLS-certificate
 Enable Hybrid Modern Authentication
 AutoDiscover public DNS resource records for SMTP domains
Exchange User Group Berlin 13
Exchange Server Hybrid
Was ist das? Warum brauche ich das? Wie geht das?
Exchange User Group Berlin 14
Exchange Hybrid Requirements
 Know the different hybrid variants and modes
 Know your target operation mode for Exchange hybrid
 Have your on-premises Exchange organization in good shape
 Latest cumulative updates installed
 Verify inbound connectivity to your Exchange organization using Remote
Connectivity Analyzer
 Have required IP addresses & DNS host names set up
 Edge Transport Server is subscribed to the Active Directory Site
 Have Edge TLS certificates installed on internal Exchange Servers for selection by
HCW
 Not enabled for any Exchange service
Exchange User Group Berlin 15
Hybrid Configuration Wizard
 Exchange Server Requirements
 Exchange 2010 SP3 + latest Update Rollup
 Exchange 2013 CU1 or later
 Exchange 2016 and Exchange 2019
 Supported modern Exchange Server setup requires latest CU (or N-1)
 Click-2-Run Setup
 https://aka.ms/HybridWizard
 Ensure that .application file extension is mapped to Internet Explorer
 Current Version 17.x
 Uninstall HCW 16.x first
 Verify that WinRM service is running and not controlled by GPO
Exchange User Group Berlin 16
Hybrid Configuration Wizard
 Note the HCW version information
 HCW is updated regularly
Exchange User Group Berlin 17
Hybrid Configuration Wizard
 Optimal Exchange Server detected
by HCW
 Specify a CAS server manually, if
needed
 Select Office 365 target
infrastructure
On-Premises Exchange Server Organization
Exchange User Group Berlin 18
Hybrid Configuration Wizard
 Connect to on-premises Exchange
and Exchange Online
 Adjust credentials as needed
 Check, if WinRM allows Basic
Authentication
Administrative Exchange Accounts
Exchange User Group Berlin 19
Hybrid Configuration Wizard
 Select hybrid features
 Minimal Hybrid
 Full Hybrid
 Enable Organization Configuration
Transfer
 One-time transfer of selected
configuration objects
Hybrid Features
Exchange User Group Berlin 20
Hybrid Configuration Wizard
 Select Hybrid Topology
 Classic Hybrid
 Modern Hybrid
Hybrid Topology
Exchange User Group Berlin 21
Hybrid Configuration Wizard
 Configure credentials for
on-premises Exchange Web
Service Endpoint
 Used for mailbox migrations
Migration Account
Exchange User Group Berlin 22
Hybrid Configuration Wizard
 Hybrid Agent Setup starts
automatically
 Download and install of Hybrid Updater
 Download and install of Hybrid Agent
Hybrid Agent Setup
Exchange User Group Berlin 23
Hybrid Configuration Wizard
 Configure hybrid mail flow
 Direct to/from internal Exchange Servers
 Edge Transport Servers in perimeter
network
 Centralized mail flow
 Route all mail flow to/from Exchange
Online via on-premises Exchange
Organization
Hybrid Mail Flow
Exchange User Group Berlin 24
Hybrid Configuration Wizard
 Select Exchange server used for
receiving email messages from
Exchange Online
 Select the Exchange Server published to
the Internet
 HCW configures the receive connector
Receive Connectors
Exchange User Group Berlin 25
Hybrid Configuration Wizard
 Select Exchange server for sending
email messages from the on-
premises Exchange Organization to
Exchange Online
 HCW configures Send Connectors
 Server needs outbound connectivity to
Exchange Online
Send Connectors
Exchange User Group Berlin 26
Hybrid Configuration Wizard
 Select TLS certificate to secure the
trusted mail flow between on-
premises Exchange and Exchange
Online
 With Edge Transport
 Ensure that the dedicated TLS certificate
is installed in the certificate store of one
of the internal Exchange servers
 Do NOT enable the TLS certificate for
any Exchange service
Transport Certificate
Exchange User Group Berlin 27
Hybrid Configuration Wizard
 Enter the external FQDN of the
Exchange Organization
 Hostname should match TLS certificate
Inbound SMTP Host Name
Exchange User Group Berlin 28
Hybrid Configuration Wizard
 Update and wait
 If it fails
 HCW provides access to full log files
 All configuration steps documented
 Remote Connectivity Analyzer to check
inbound connectivity
 Issues
 Remote connectivity
 Firewall, Proxy, DNS
 WinRM Windows service configuration
issues
Ready for Update
Exchange User Group Berlin 29
Q & A
Supportende
13. Oktober 2020
Exchange User Group Berlin 30
Ressourcen
 Exchange Server Hybrid Deployments
 Hybrid Deployment Prerequisites
 Hybrid Configuration Wizard FAQs
 How to configure Exchange Server on-premises to use Hybrid
Modern Authentication
 How Exchange and Microsoft Teams interact
 Configure OAuth authentication between Exchange and
Exchange Online organizations
 Remote Connectivity Analyzer

More Related Content

What's hot

Introduction to WCF
Introduction to WCFIntroduction to WCF
Introduction to WCF
ybbest
 
New mule 3.8 & studio 6.0 beta releases
New mule 3.8 & studio 6.0 beta releasesNew mule 3.8 & studio 6.0 beta releases
New mule 3.8 & studio 6.0 beta releases
D.Rajesh Kumar
 
Mule connectors
Mule  connectorsMule  connectors
Mule connectors
charan teja R
 
24 Hours Of Exchange Server 2007 ( Part 5 Of 24)
24  Hours Of  Exchange  Server 2007 ( Part 5 Of 24)24  Hours Of  Exchange  Server 2007 ( Part 5 Of 24)
24 Hours Of Exchange Server 2007 ( Part 5 Of 24)
guestef2a2b
 
Mule rabbitmq
Mule rabbitmqMule rabbitmq
Mule rabbitmq
Praneethchampion
 
24 Hours Of Exchange Server 2007 (Part 3 Of 24)
24 Hours Of Exchange Server 2007 (Part 3 Of 24)24 Hours Of Exchange Server 2007 (Part 3 Of 24)
24 Hours Of Exchange Server 2007 (Part 3 Of 24)
Harold Wong
 
24 Hours Of Exchange Server 2007 (Part 8 Of 24)
24 Hours Of Exchange Server 2007 (Part 8 Of 24)24 Hours Of Exchange Server 2007 (Part 8 Of 24)
24 Hours Of Exchange Server 2007 (Part 8 Of 24)
Harold Wong
 
Exchange BKF to PST
Exchange BKF to PSTExchange BKF to PST
Exchange BKF to PST
mark4044smith
 
24 Hours Of Exchange Server 2007 (Part 1 Of 24)
24 Hours Of Exchange Server 2007 (Part 1 Of 24)24 Hours Of Exchange Server 2007 (Part 1 Of 24)
24 Hours Of Exchange Server 2007 (Part 1 Of 24)
Harold Wong
 
Mule esb
Mule esbMule esb
Mule esb
charan teja R
 
Mule soap client demo
Mule soap client demoMule soap client demo
Mule soap client demo
Kaj Bromose
 
introduction to Windows Comunication Foundation
introduction to Windows Comunication Foundationintroduction to Windows Comunication Foundation
introduction to Windows Comunication Foundation
redaxe12
 
ESB Online Training Part 2
ESB Online Training Part 2ESB Online Training Part 2
ESB Online Training Part 2
Vince Soliza
 
Introduction to Windows Azure Service Bus Relay Service
Introduction to Windows Azure Service Bus Relay ServiceIntroduction to Windows Azure Service Bus Relay Service
Introduction to Windows Azure Service Bus Relay Service
Tamir Dresher
 
10135 b 12
10135 b 1210135 b 12
10135 b 12
Wichien Saisorn
 
Integration with Microsoft Azure using Mule ESB
Integration with Microsoft Azure using Mule ESBIntegration with Microsoft Azure using Mule ESB
Integration with Microsoft Azure using Mule ESB
Sanjeet Pandey
 
Microsoft Exchange 2013 architecture
Microsoft Exchange 2013 architectureMicrosoft Exchange 2013 architecture
Microsoft Exchange 2013 architecture
Motty Ben Atia
 
Exchange 2013 Architecture Details
Exchange 2013 Architecture DetailsExchange 2013 Architecture Details
Exchange 2013 Architecture Details
Huy Phạm
 
Shipping your logs to elk from mule app/cloudhub part 1
Shipping  your logs to elk from mule app/cloudhub   part 1Shipping  your logs to elk from mule app/cloudhub   part 1
Shipping your logs to elk from mule app/cloudhub part 1
Alex Fernandez
 
Wcf
Wcf Wcf

What's hot (20)

Introduction to WCF
Introduction to WCFIntroduction to WCF
Introduction to WCF
 
New mule 3.8 & studio 6.0 beta releases
New mule 3.8 & studio 6.0 beta releasesNew mule 3.8 & studio 6.0 beta releases
New mule 3.8 & studio 6.0 beta releases
 
Mule connectors
Mule  connectorsMule  connectors
Mule connectors
 
24 Hours Of Exchange Server 2007 ( Part 5 Of 24)
24  Hours Of  Exchange  Server 2007 ( Part 5 Of 24)24  Hours Of  Exchange  Server 2007 ( Part 5 Of 24)
24 Hours Of Exchange Server 2007 ( Part 5 Of 24)
 
Mule rabbitmq
Mule rabbitmqMule rabbitmq
Mule rabbitmq
 
24 Hours Of Exchange Server 2007 (Part 3 Of 24)
24 Hours Of Exchange Server 2007 (Part 3 Of 24)24 Hours Of Exchange Server 2007 (Part 3 Of 24)
24 Hours Of Exchange Server 2007 (Part 3 Of 24)
 
24 Hours Of Exchange Server 2007 (Part 8 Of 24)
24 Hours Of Exchange Server 2007 (Part 8 Of 24)24 Hours Of Exchange Server 2007 (Part 8 Of 24)
24 Hours Of Exchange Server 2007 (Part 8 Of 24)
 
Exchange BKF to PST
Exchange BKF to PSTExchange BKF to PST
Exchange BKF to PST
 
24 Hours Of Exchange Server 2007 (Part 1 Of 24)
24 Hours Of Exchange Server 2007 (Part 1 Of 24)24 Hours Of Exchange Server 2007 (Part 1 Of 24)
24 Hours Of Exchange Server 2007 (Part 1 Of 24)
 
Mule esb
Mule esbMule esb
Mule esb
 
Mule soap client demo
Mule soap client demoMule soap client demo
Mule soap client demo
 
introduction to Windows Comunication Foundation
introduction to Windows Comunication Foundationintroduction to Windows Comunication Foundation
introduction to Windows Comunication Foundation
 
ESB Online Training Part 2
ESB Online Training Part 2ESB Online Training Part 2
ESB Online Training Part 2
 
Introduction to Windows Azure Service Bus Relay Service
Introduction to Windows Azure Service Bus Relay ServiceIntroduction to Windows Azure Service Bus Relay Service
Introduction to Windows Azure Service Bus Relay Service
 
10135 b 12
10135 b 1210135 b 12
10135 b 12
 
Integration with Microsoft Azure using Mule ESB
Integration with Microsoft Azure using Mule ESBIntegration with Microsoft Azure using Mule ESB
Integration with Microsoft Azure using Mule ESB
 
Microsoft Exchange 2013 architecture
Microsoft Exchange 2013 architectureMicrosoft Exchange 2013 architecture
Microsoft Exchange 2013 architecture
 
Exchange 2013 Architecture Details
Exchange 2013 Architecture DetailsExchange 2013 Architecture Details
Exchange 2013 Architecture Details
 
Shipping your logs to elk from mule app/cloudhub part 1
Shipping  your logs to elk from mule app/cloudhub   part 1Shipping  your logs to elk from mule app/cloudhub   part 1
Shipping your logs to elk from mule app/cloudhub part 1
 
Wcf
Wcf Wcf
Wcf
 

Similar to Exchange Server Hybrid - Was, Warum und Wie

Take a Leap into the Connected Cloud; 3 Trending Hybrid Cloud Scenarios
Take a Leap into the Connected Cloud; 3 Trending Hybrid Cloud ScenariosTake a Leap into the Connected Cloud; 3 Trending Hybrid Cloud Scenarios
Take a Leap into the Connected Cloud; 3 Trending Hybrid Cloud Scenarios
Gina Montgomery, V-TSP
 
B2B Integration in the Cloud
B2B Integration in the CloudB2B Integration in the Cloud
B2B Integration in the Cloud
i8c
 
Microsoft Exchange 2013 Platform Options
Microsoft Exchange 2013 Platform OptionsMicrosoft Exchange 2013 Platform Options
Microsoft Exchange 2013 Platform Options
David J Rosenthal
 
HP: Implementácia cloudu s HP
HP: Implementácia cloudu s HPHP: Implementácia cloudu s HP
HP: Implementácia cloudu s HP
ASBIS SK
 
Building Enterprise Interoperability Applications Using Microsoft
Building Enterprise Interoperability Applications Using MicrosoftBuilding Enterprise Interoperability Applications Using Microsoft
Building Enterprise Interoperability Applications Using Microsoft
webhostingguy
 
microsoft-conferencing.ppt
microsoft-conferencing.pptmicrosoft-conferencing.ppt
microsoft-conferencing.ppt
Videoguy
 
microsoft-conferencing.ppt
microsoft-conferencing.pptmicrosoft-conferencing.ppt
microsoft-conferencing.ppt
Videoguy
 
Session 1: The SOAP Story
Session 1: The SOAP StorySession 1: The SOAP Story
Session 1: The SOAP Story
ukdpe
 
Building an integration agile digital ecosystem
Building an integration agile digital ecosystemBuilding an integration agile digital ecosystem
Building an integration agile digital ecosystem
Rohitha Liyanagama
 
Cloud Aware Large Scale Distributed SOA
Cloud Aware Large Scale Distributed SOACloud Aware Large Scale Distributed SOA
Cloud Aware Large Scale Distributed SOA
Christophe Hamerling
 
1. WCF Services - Exam 70-487
1. WCF Services - Exam 70-4871. WCF Services - Exam 70-487
1. WCF Services - Exam 70-487
Bat Programmer
 
Windows Server 2008 R2 Overview Jordan Remix
Windows Server 2008 R2 Overview Jordan RemixWindows Server 2008 R2 Overview Jordan Remix
Windows Server 2008 R2 Overview Jordan Remix
Jordan Remix
 
[Meetup] Building an Integration Agile Digital Enterprise
[Meetup] Building an Integration Agile Digital Enterprise[Meetup] Building an Integration Agile Digital Enterprise
[Meetup] Building an Integration Agile Digital Enterprise
WSO2
 
Office 365 Fast track
Office 365 Fast trackOffice 365 Fast track
Office 365 Fast track
Tommy Clarke
 
Integration on windows azure
Integration on windows azureIntegration on windows azure
Integration on windows azure
Sam Vanhoutte
 
Introduction to xch server.pptx
Introduction to xch server.pptxIntroduction to xch server.pptx
Introduction to xch server.pptx
kiflehaile4
 
Application integration framework & Adaptor ppt
Application integration framework & Adaptor pptApplication integration framework & Adaptor ppt
Application integration framework & Adaptor ppt
Aditya Negi
 
Survey on Client Tools, Server and Communication types
Survey on Client Tools, Server and Communication typesSurvey on Client Tools, Server and Communication types
Survey on Client Tools, Server and Communication types
ManjuShanmugam1593
 
P2P .NET short seminar
P2P .NET short seminarP2P .NET short seminar
P2P .NET short seminar
Giuliana Carullo
 
Exchange 2013 Migration & Coexistence
Exchange 2013 Migration & CoexistenceExchange 2013 Migration & Coexistence
Exchange 2013 Migration & Coexistence
Microsoft Technet France
 

Similar to Exchange Server Hybrid - Was, Warum und Wie (20)

Take a Leap into the Connected Cloud; 3 Trending Hybrid Cloud Scenarios
Take a Leap into the Connected Cloud; 3 Trending Hybrid Cloud ScenariosTake a Leap into the Connected Cloud; 3 Trending Hybrid Cloud Scenarios
Take a Leap into the Connected Cloud; 3 Trending Hybrid Cloud Scenarios
 
B2B Integration in the Cloud
B2B Integration in the CloudB2B Integration in the Cloud
B2B Integration in the Cloud
 
Microsoft Exchange 2013 Platform Options
Microsoft Exchange 2013 Platform OptionsMicrosoft Exchange 2013 Platform Options
Microsoft Exchange 2013 Platform Options
 
HP: Implementácia cloudu s HP
HP: Implementácia cloudu s HPHP: Implementácia cloudu s HP
HP: Implementácia cloudu s HP
 
Building Enterprise Interoperability Applications Using Microsoft
Building Enterprise Interoperability Applications Using MicrosoftBuilding Enterprise Interoperability Applications Using Microsoft
Building Enterprise Interoperability Applications Using Microsoft
 
microsoft-conferencing.ppt
microsoft-conferencing.pptmicrosoft-conferencing.ppt
microsoft-conferencing.ppt
 
microsoft-conferencing.ppt
microsoft-conferencing.pptmicrosoft-conferencing.ppt
microsoft-conferencing.ppt
 
Session 1: The SOAP Story
Session 1: The SOAP StorySession 1: The SOAP Story
Session 1: The SOAP Story
 
Building an integration agile digital ecosystem
Building an integration agile digital ecosystemBuilding an integration agile digital ecosystem
Building an integration agile digital ecosystem
 
Cloud Aware Large Scale Distributed SOA
Cloud Aware Large Scale Distributed SOACloud Aware Large Scale Distributed SOA
Cloud Aware Large Scale Distributed SOA
 
1. WCF Services - Exam 70-487
1. WCF Services - Exam 70-4871. WCF Services - Exam 70-487
1. WCF Services - Exam 70-487
 
Windows Server 2008 R2 Overview Jordan Remix
Windows Server 2008 R2 Overview Jordan RemixWindows Server 2008 R2 Overview Jordan Remix
Windows Server 2008 R2 Overview Jordan Remix
 
[Meetup] Building an Integration Agile Digital Enterprise
[Meetup] Building an Integration Agile Digital Enterprise[Meetup] Building an Integration Agile Digital Enterprise
[Meetup] Building an Integration Agile Digital Enterprise
 
Office 365 Fast track
Office 365 Fast trackOffice 365 Fast track
Office 365 Fast track
 
Integration on windows azure
Integration on windows azureIntegration on windows azure
Integration on windows azure
 
Introduction to xch server.pptx
Introduction to xch server.pptxIntroduction to xch server.pptx
Introduction to xch server.pptx
 
Application integration framework & Adaptor ppt
Application integration framework & Adaptor pptApplication integration framework & Adaptor ppt
Application integration framework & Adaptor ppt
 
Survey on Client Tools, Server and Communication types
Survey on Client Tools, Server and Communication typesSurvey on Client Tools, Server and Communication types
Survey on Client Tools, Server and Communication types
 
P2P .NET short seminar
P2P .NET short seminarP2P .NET short seminar
P2P .NET short seminar
 
Exchange 2013 Migration & Coexistence
Exchange 2013 Migration & CoexistenceExchange 2013 Migration & Coexistence
Exchange 2013 Migration & Coexistence
 

More from Thomas Stensitzki

19. Treffen der Teams User Group Berlin
19. Treffen der Teams User Group Berlin19. Treffen der Teams User Group Berlin
19. Treffen der Teams User Group Berlin
Thomas Stensitzki
 
Tech Talk 16 - Exchange Server 2019 CU12
Tech Talk 16 - Exchange Server 2019 CU12Tech Talk 16 - Exchange Server 2019 CU12
Tech Talk 16 - Exchange Server 2019 CU12
Thomas Stensitzki
 
18. Treffen der Teams User Group Berlin
18. Treffen der Teams User Group Berlin18. Treffen der Teams User Group Berlin
18. Treffen der Teams User Group Berlin
Thomas Stensitzki
 
Teams Nation 2022 - Securing Microsoft 365 data with service encryption
Teams Nation 2022 - Securing Microsoft 365 data with service encryptionTeams Nation 2022 - Securing Microsoft 365 data with service encryption
Teams Nation 2022 - Securing Microsoft 365 data with service encryption
Thomas Stensitzki
 
17. Treffen der Teams User Group Berlin
17. Treffen der Teams User Group Berlin17. Treffen der Teams User Group Berlin
17. Treffen der Teams User Group Berlin
Thomas Stensitzki
 
16. Treffen der Teams User Group Berlin
16. Treffen der Teams User Group Berlin16. Treffen der Teams User Group Berlin
16. Treffen der Teams User Group Berlin
Thomas Stensitzki
 
EXUSG - 2021 - Q4 - Exchange Emergency Mitigation Service
EXUSG - 2021 - Q4 - Exchange Emergency Mitigation ServiceEXUSG - 2021 - Q4 - Exchange Emergency Mitigation Service
EXUSG - 2021 - Q4 - Exchange Emergency Mitigation Service
Thomas Stensitzki
 
15. Treffen der Teams User Group Berlin
15. Treffen der Teams User Group Berlin15. Treffen der Teams User Group Berlin
15. Treffen der Teams User Group Berlin
Thomas Stensitzki
 
Tech Talk 13 - Teams Admin Center - Einführung
Tech Talk 13 - Teams Admin Center - EinführungTech Talk 13 - Teams Admin Center - Einführung
Tech Talk 13 - Teams Admin Center - Einführung
Thomas Stensitzki
 
14. Treffen der Teams User Group Berlin
14. Treffen der Teams User Group Berlin14. Treffen der Teams User Group Berlin
14. Treffen der Teams User Group Berlin
Thomas Stensitzki
 
Tech Talk 12 - Exchange Server Support Life-Cycle
Tech Talk 12 - Exchange Server Support Life-CycleTech Talk 12 - Exchange Server Support Life-Cycle
Tech Talk 12 - Exchange Server Support Life-Cycle
Thomas Stensitzki
 
12. Treffen der Teams User Group Berlin
12. Treffen der Teams User Group Berlin 12. Treffen der Teams User Group Berlin
12. Treffen der Teams User Group Berlin
Thomas Stensitzki
 
EXUSG - Exchange Server vNEXT
EXUSG - Exchange Server vNEXTEXUSG - Exchange Server vNEXT
EXUSG - Exchange Server vNEXT
Thomas Stensitzki
 
10. Treffen der Teams User Group Berlin
10. Treffen der Teams User Group Berlin10. Treffen der Teams User Group Berlin
10. Treffen der Teams User Group Berlin
Thomas Stensitzki
 
Tech Talk 9 - Exchange Server vNEXT
Tech Talk 9 - Exchange Server vNEXTTech Talk 9 - Exchange Server vNEXT
Tech Talk 9 - Exchange Server vNEXT
Thomas Stensitzki
 
Thomas' Tech Talk 7 - AD FS oder PTA
Thomas' Tech Talk 7 - AD FS oder PTAThomas' Tech Talk 7 - AD FS oder PTA
Thomas' Tech Talk 7 - AD FS oder PTA
Thomas Stensitzki
 
Thomas' Tech Talk 4 - Lohnt sich ein Wechsel zu Exchange Server 2019?
Thomas' Tech Talk 4 - Lohnt sich ein Wechsel zu Exchange Server 2019?Thomas' Tech Talk 4 - Lohnt sich ein Wechsel zu Exchange Server 2019?
Thomas' Tech Talk 4 - Lohnt sich ein Wechsel zu Exchange Server 2019?
Thomas Stensitzki
 
Thomas' Tech Talk 3 - Exchange Server Hybrid
Thomas' Tech Talk 3 - Exchange Server HybridThomas' Tech Talk 3 - Exchange Server Hybrid
Thomas' Tech Talk 3 - Exchange Server Hybrid
Thomas Stensitzki
 
Thomas' Tech Talk 2 - Migration von Exchange Server zu Exchange Online
Thomas' Tech Talk 2 - Migration von Exchange Server zu Exchange OnlineThomas' Tech Talk 2 - Migration von Exchange Server zu Exchange Online
Thomas' Tech Talk 2 - Migration von Exchange Server zu Exchange Online
Thomas Stensitzki
 
Externe Dienstleister und sicherer E-Mail-Versand
Externe Dienstleister und sicherer E-Mail-VersandExterne Dienstleister und sicherer E-Mail-Versand
Externe Dienstleister und sicherer E-Mail-Versand
Thomas Stensitzki
 

More from Thomas Stensitzki (20)

19. Treffen der Teams User Group Berlin
19. Treffen der Teams User Group Berlin19. Treffen der Teams User Group Berlin
19. Treffen der Teams User Group Berlin
 
Tech Talk 16 - Exchange Server 2019 CU12
Tech Talk 16 - Exchange Server 2019 CU12Tech Talk 16 - Exchange Server 2019 CU12
Tech Talk 16 - Exchange Server 2019 CU12
 
18. Treffen der Teams User Group Berlin
18. Treffen der Teams User Group Berlin18. Treffen der Teams User Group Berlin
18. Treffen der Teams User Group Berlin
 
Teams Nation 2022 - Securing Microsoft 365 data with service encryption
Teams Nation 2022 - Securing Microsoft 365 data with service encryptionTeams Nation 2022 - Securing Microsoft 365 data with service encryption
Teams Nation 2022 - Securing Microsoft 365 data with service encryption
 
17. Treffen der Teams User Group Berlin
17. Treffen der Teams User Group Berlin17. Treffen der Teams User Group Berlin
17. Treffen der Teams User Group Berlin
 
16. Treffen der Teams User Group Berlin
16. Treffen der Teams User Group Berlin16. Treffen der Teams User Group Berlin
16. Treffen der Teams User Group Berlin
 
EXUSG - 2021 - Q4 - Exchange Emergency Mitigation Service
EXUSG - 2021 - Q4 - Exchange Emergency Mitigation ServiceEXUSG - 2021 - Q4 - Exchange Emergency Mitigation Service
EXUSG - 2021 - Q4 - Exchange Emergency Mitigation Service
 
15. Treffen der Teams User Group Berlin
15. Treffen der Teams User Group Berlin15. Treffen der Teams User Group Berlin
15. Treffen der Teams User Group Berlin
 
Tech Talk 13 - Teams Admin Center - Einführung
Tech Talk 13 - Teams Admin Center - EinführungTech Talk 13 - Teams Admin Center - Einführung
Tech Talk 13 - Teams Admin Center - Einführung
 
14. Treffen der Teams User Group Berlin
14. Treffen der Teams User Group Berlin14. Treffen der Teams User Group Berlin
14. Treffen der Teams User Group Berlin
 
Tech Talk 12 - Exchange Server Support Life-Cycle
Tech Talk 12 - Exchange Server Support Life-CycleTech Talk 12 - Exchange Server Support Life-Cycle
Tech Talk 12 - Exchange Server Support Life-Cycle
 
12. Treffen der Teams User Group Berlin
12. Treffen der Teams User Group Berlin 12. Treffen der Teams User Group Berlin
12. Treffen der Teams User Group Berlin
 
EXUSG - Exchange Server vNEXT
EXUSG - Exchange Server vNEXTEXUSG - Exchange Server vNEXT
EXUSG - Exchange Server vNEXT
 
10. Treffen der Teams User Group Berlin
10. Treffen der Teams User Group Berlin10. Treffen der Teams User Group Berlin
10. Treffen der Teams User Group Berlin
 
Tech Talk 9 - Exchange Server vNEXT
Tech Talk 9 - Exchange Server vNEXTTech Talk 9 - Exchange Server vNEXT
Tech Talk 9 - Exchange Server vNEXT
 
Thomas' Tech Talk 7 - AD FS oder PTA
Thomas' Tech Talk 7 - AD FS oder PTAThomas' Tech Talk 7 - AD FS oder PTA
Thomas' Tech Talk 7 - AD FS oder PTA
 
Thomas' Tech Talk 4 - Lohnt sich ein Wechsel zu Exchange Server 2019?
Thomas' Tech Talk 4 - Lohnt sich ein Wechsel zu Exchange Server 2019?Thomas' Tech Talk 4 - Lohnt sich ein Wechsel zu Exchange Server 2019?
Thomas' Tech Talk 4 - Lohnt sich ein Wechsel zu Exchange Server 2019?
 
Thomas' Tech Talk 3 - Exchange Server Hybrid
Thomas' Tech Talk 3 - Exchange Server HybridThomas' Tech Talk 3 - Exchange Server Hybrid
Thomas' Tech Talk 3 - Exchange Server Hybrid
 
Thomas' Tech Talk 2 - Migration von Exchange Server zu Exchange Online
Thomas' Tech Talk 2 - Migration von Exchange Server zu Exchange OnlineThomas' Tech Talk 2 - Migration von Exchange Server zu Exchange Online
Thomas' Tech Talk 2 - Migration von Exchange Server zu Exchange Online
 
Externe Dienstleister und sicherer E-Mail-Versand
Externe Dienstleister und sicherer E-Mail-VersandExterne Dienstleister und sicherer E-Mail-Versand
Externe Dienstleister und sicherer E-Mail-Versand
 

Recently uploaded

UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Zilliz
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 

Exchange Server Hybrid - Was, Warum und Wie

  • 1. Exchange User Group Berlin 1 Exchange User Group Berlin {Online Edition} 25. Mai 2020
  • 2. Exchange User Group Berlin 2 Exchange Server Hybrid Was ist das? Warum brauche ich das? Wie geht das?
  • 3. Exchange User Group Berlin 3 Thomas Stensitzki Enterprise Consultant Granikos GmbH & Co. KG MVP | MCT Regional Lead | MCSM @stensitzki thomas.stensitzki@granikos.eu
  • 4. Exchange User Group Berlin 4 What is Exchange Hybrid?  Trusted relationship between an on- premises Exchange Organization and Exchange Online  Hybrid connections for mail flow (SMTP), and client access (HTTPS) for hybrid functionality  Hybrid Configuration Wizard (HCW) activates and configures the hybrid mode of operation On-Premises Exchange Organization Microsoft 365 Exchange Online Hybrid Configuration
  • 5. Exchange User Group Berlin 5 Exchange Hybrid Benefits  Free Busy lookups  No recreating of Outlook Profiles  Mailbox migrations without user interruption  Seamlessly connect to on-premises & Exchange Online  One Global Address List  Secure Mail Flow between on-premises & Exchange Online  Hybrid Modern Authentication  Cloud based archiving  And much more…
  • 6. Exchange User Group Berlin 6 Exchange Hybrid | Two Variants – Three Modes Hybrid Configuration Classic Express Minimal Full Modern Minimal Full
  • 7. Exchange User Group Berlin 7 Classic Full Hybrid  Active Directory Hybrid with Azure AD Connect  Exchange Hybrid enabled  SMTP Connection between On-Premises and Exchange Online  Separate hostname (e.g., smtp365.company.de)  Additional public IP address  TLS certificate for hostname  Edge Transport Role in perimeter network (A)  Alternatively, direct inbound connection (B)  Inbound HTTPS connection to Client Access Service  Published by Reverse Proxy  Additional public IP address  Outbound HTTPS connections to Exchange Online  Exchange Server On-Premises Exchange Organization HybridConfiguration Perimeter Network Microsoft 365 Exchange Online Azure AD Company LAN SMTP HTTPS AB
  • 8. Exchange User Group Berlin 8 Modern Full Hybrid  Active Directory Hybrid with Azure AD Connect  Exchange Hybrid enabled  SMTP Connection between On-Premises and Exchange Online  Separate hostname (e.g., smtp365.company.de)  Additional public IP address  TLS certificate for hostname  Edge Transport Role in perimeter network (A)  Alternatively, direct inbound connection (B)  Outbound HTTPS connections to Exchange Online  Exchange Hybrid-Agent (Exchange Online to Exchange on-premises communication)  Exchange Server HybridConfiguration Perimeter Network Microsoft 365 Exchange Online Azure AD Company LAN On-Premises Exchange Organization HTTPS SMTP AB
  • 9. Exchange User Group Berlin 9 Exchange Hybrid – The Differences Full Full classic hybrid configuration, Exchange server published to the internet (SMTP/HTTPS)  permanent hybrid operation Minimal Hybrid configuration, without rich coexistence to migrate all on-premises mailboxes to Exchange Online  temporary hybrid operation for a few weeks / months Express Hybrid configuration, with Azure AD Connect Express settings, to migrate all on-premises mailboxes to Exchange Online  temporary hybrid operation for a few days / weeks Full Full Modern Hybrid configuration, for new hybrid setups based on Hybrid Agent deployment, with reduced hybrid functionality  permanent hybrid operation Minimal Modern Hybrid configuration, to migrate all on-premises mailboxes to Exchange Online  temporary hybrid operation for a few weeks / months
  • 10. Exchange User Group Berlin 10 Exchange Server Hybrid Was ist das? Warum brauche ich das? Wie geht das?
  • 11. Exchange User Group Berlin 11 Why do you need Exchange Hybrid?  Coexistence between on-premises Exchange Organization & Exchange Online  Mailbox migration to/from Exchange Online  Microsoft Teams with on-premises mailboxes  Transition from on-premises Exchange to Exchange Online  Optimal migration experience for end users  Centralized mail flow for use of on-premises mail solutions and cloud-hosted mailboxes  Gateway-based S/MIME de-/encryption, disclaimer, archiving, journaling, …  Hybrid mail flow providing Exchange relay functionality for on-premises legacy applications and devices  No access to the internet  No support for TLS connection encryption  No support for user authentication
  • 12. Exchange User Group Berlin 12 Exchange Hybrid and Microsoft Teams  On-Premises Exchange Server 2016 / 2019 hybrid endpoint  Microsoft Teams backend uses AutoDiscover v2  Client Access Endpoint for Microsoft Teams backend services  Always run latest Exchange Server cumulative update  Use Third-Party TLS-certificate  Enable Hybrid Modern Authentication  AutoDiscover public DNS resource records for SMTP domains
  • 13. Exchange User Group Berlin 13 Exchange Server Hybrid Was ist das? Warum brauche ich das? Wie geht das?
  • 14. Exchange User Group Berlin 14 Exchange Hybrid Requirements  Know the different hybrid variants and modes  Know your target operation mode for Exchange hybrid  Have your on-premises Exchange organization in good shape  Latest cumulative updates installed  Verify inbound connectivity to your Exchange organization using Remote Connectivity Analyzer  Have required IP addresses & DNS host names set up  Edge Transport Server is subscribed to the Active Directory Site  Have Edge TLS certificates installed on internal Exchange Servers for selection by HCW  Not enabled for any Exchange service
  • 15. Exchange User Group Berlin 15 Hybrid Configuration Wizard  Exchange Server Requirements  Exchange 2010 SP3 + latest Update Rollup  Exchange 2013 CU1 or later  Exchange 2016 and Exchange 2019  Supported modern Exchange Server setup requires latest CU (or N-1)  Click-2-Run Setup  https://aka.ms/HybridWizard  Ensure that .application file extension is mapped to Internet Explorer  Current Version 17.x  Uninstall HCW 16.x first  Verify that WinRM service is running and not controlled by GPO
  • 16. Exchange User Group Berlin 16 Hybrid Configuration Wizard  Note the HCW version information  HCW is updated regularly
  • 17. Exchange User Group Berlin 17 Hybrid Configuration Wizard  Optimal Exchange Server detected by HCW  Specify a CAS server manually, if needed  Select Office 365 target infrastructure On-Premises Exchange Server Organization
  • 18. Exchange User Group Berlin 18 Hybrid Configuration Wizard  Connect to on-premises Exchange and Exchange Online  Adjust credentials as needed  Check, if WinRM allows Basic Authentication Administrative Exchange Accounts
  • 19. Exchange User Group Berlin 19 Hybrid Configuration Wizard  Select hybrid features  Minimal Hybrid  Full Hybrid  Enable Organization Configuration Transfer  One-time transfer of selected configuration objects Hybrid Features
  • 20. Exchange User Group Berlin 20 Hybrid Configuration Wizard  Select Hybrid Topology  Classic Hybrid  Modern Hybrid Hybrid Topology
  • 21. Exchange User Group Berlin 21 Hybrid Configuration Wizard  Configure credentials for on-premises Exchange Web Service Endpoint  Used for mailbox migrations Migration Account
  • 22. Exchange User Group Berlin 22 Hybrid Configuration Wizard  Hybrid Agent Setup starts automatically  Download and install of Hybrid Updater  Download and install of Hybrid Agent Hybrid Agent Setup
  • 23. Exchange User Group Berlin 23 Hybrid Configuration Wizard  Configure hybrid mail flow  Direct to/from internal Exchange Servers  Edge Transport Servers in perimeter network  Centralized mail flow  Route all mail flow to/from Exchange Online via on-premises Exchange Organization Hybrid Mail Flow
  • 24. Exchange User Group Berlin 24 Hybrid Configuration Wizard  Select Exchange server used for receiving email messages from Exchange Online  Select the Exchange Server published to the Internet  HCW configures the receive connector Receive Connectors
  • 25. Exchange User Group Berlin 25 Hybrid Configuration Wizard  Select Exchange server for sending email messages from the on- premises Exchange Organization to Exchange Online  HCW configures Send Connectors  Server needs outbound connectivity to Exchange Online Send Connectors
  • 26. Exchange User Group Berlin 26 Hybrid Configuration Wizard  Select TLS certificate to secure the trusted mail flow between on- premises Exchange and Exchange Online  With Edge Transport  Ensure that the dedicated TLS certificate is installed in the certificate store of one of the internal Exchange servers  Do NOT enable the TLS certificate for any Exchange service Transport Certificate
  • 27. Exchange User Group Berlin 27 Hybrid Configuration Wizard  Enter the external FQDN of the Exchange Organization  Hostname should match TLS certificate Inbound SMTP Host Name
  • 28. Exchange User Group Berlin 28 Hybrid Configuration Wizard  Update and wait  If it fails  HCW provides access to full log files  All configuration steps documented  Remote Connectivity Analyzer to check inbound connectivity  Issues  Remote connectivity  Firewall, Proxy, DNS  WinRM Windows service configuration issues Ready for Update
  • 29. Exchange User Group Berlin 29 Q & A Supportende 13. Oktober 2020
  • 30. Exchange User Group Berlin 30 Ressourcen  Exchange Server Hybrid Deployments  Hybrid Deployment Prerequisites  Hybrid Configuration Wizard FAQs  How to configure Exchange Server on-premises to use Hybrid Modern Authentication  How Exchange and Microsoft Teams interact  Configure OAuth authentication between Exchange and Exchange Online organizations  Remote Connectivity Analyzer