Build your on-premise Exchange environment; if already exists add Exchange 2013 into the organization.
User updates Hybrid Configuration (Update-HybridConfiguration)Hybrid Configuration Engine reads the “new” desired stateConfig Engine compares current config On-Prem <> OnlineConfig Engine updates configuration with the differences between current and desired state
Image courtesy: the internet
Deploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 inHybrid ModeMichael Van HorenbeeckTechnology Consultant – Xylos, Exchange Server MVP@mvanhorenbeeckwww.pro-exchange.bemichaelvh.wordpress.com
Building a hybrid configurationExpectations… Reality (Ex2013)…
What is a hybrid deployment? “Virtual Exchange Organization” “The Internet” Exchange Exchange On-Prem Online (Office 365)
Why hybrid?• Long-term coexistence• Take advantages of features like e.g. Exchange Online Archiving• Large migrations where cutover isn‟t possible (e.g. EX2010 +)• Transparent mailbox moves (to or from Exchange Online) • “Online” Mailbox Moves • No OST resync!• Interaction with 3rd party applications • e.g. Fax Solutions
DirSync WritebackWrite-Back attribute Exchange "full fidelity" featureSafeSendersHash Filtering: Writes back on-premises filtering and onlineBlockedSendersHash safe and blocked sender data from clients.SafeRecipientHashmsExchArchiveStatus Online Archive: Enables customers to archive mail.ProxyAddresses Enable Mailbox: Off-boards an online mailbox back to(LegacyExchangeDN <online LegacyDn> as X500) on-premises Exchange. Enable Unified Messaging (UM) - Online voice mail: This new attribute is used only for UM-Microsoft Lync ServermsExchUCVoiceMailSettings 2010 integration to indicate to Lync Server 2010 on- premises that the user has voice mail in online services.
Introducing the „new‟ hybridconfiguration wizard• Single-step, adaptive configuration wizard• Enhanced mail-flow capabilities • Improved centralized mail flow • Easier setup of secure mail flow (no more whitelisting IP’s!)• Integrated support for Exchange 2010 Edge Transport server• Leverages Exchange Online Protection• Enhanced & more detailed logging
Hybrid Prerequisites• Directory Synchronization (DirSync)• “Hybrid Server”• Add Office 365 tenant to Exchange Admin Center• Certificates • Exchange Web Services • 3rd party certificates for TLS between Exchange Online & On-Premises • Self-Signed Certificate for use w/ Microsoft Federation Gateway (automatic)Optional:• ADFS (though recommended)• Edge Transport Server may make life easier (more about that later)
Supported topologies Office 365 (v 2010) Office 365 (v 2013) Office 365 (v 2013) w/ On-Prem 2010 w/ On-Prem 2013 Exchange 2003 SP2 (X) (X) Exchange 2007 SP2/SP3 (X) (X) Exchange 2007 SP3 Urx (X) (X) (X) Exchange 2010 SP1 X Exchange 2010 SP2 X Exchange 2010 SP3 X X X Exchange 2013 N/A X (X) = supported w/ dependencies X = supported
Deployment Considerations• Delegates • Migrated, but mailboxes must be moved at the same time• Mailbox Permissions • Cross-premises permissions NOT supported • Only explicit permissions get migrated to Exchange Online.• Multi-forest scenarios are not supported• Interaction with legacy / 3rd party applications • Web Services? • Use an SMTP gateway?• Bandwidth
Mailbox moves: user experience• When using SSO, moves to Exchange online are fully transparent• Without SSO, users get a new password• Outlook profile is updated automatically through Autodiscover
Common mistakes/issues• Certificates • Expired • Not from a trusted source • Missing/Wrong subject (alternative) name• Single Sign-On• Free/Busy not working• Peers not recognized as “internal”• Outlook-related (e.g. missing updates)
Key takeaways Mind the prerequisites! Check certificates. Use tools like ExDeploy and remote connectivity analyzer to plan and validate your deployment Review the hybrid configuration logs for more information.
Related Sessions• Tuesday • Office 365: Do’s and Don’ts (Ilse Van Criekinge) • Troubleshooting Federation, ADFS and More (John Craddock)• Wednesday • Office 365 ProPlus: Click-to-run deployment and management (Brian Shiers) • Office 365 Identity Management Options (Jethro Seghers, Michael Van Horenbeeck)
The resultIf you follow the advice from this session, you‟ll probably end up withsomething like this ;-) THANK YOU!