Blog :: Configuration

How to Survive Your Office 365 Migration


An Office 365 migration can be a daunting task. We recently moved to the cloud to serve all our email needs. There were some learning pains and frustrations involved. I would like to pass on the life lessons based on my experience.

To begin, the best advice I can give you is to hire an expert to do your migration. It may cost a few thousand dollars, but it will save you time and (potential) downtime. But if this is not an option for you—or if you are fearless—let’s proceed.

Let’s begin your Office 365 migration

If you think that this process will take you 2 weeks to complete, tell your manager 8 weeks. Remember: underpromise, overdeliver. Give yourself some room for errors and learning. Your supervisor will be happy when you say “I thought this would take 8 weeks, but I was able to complete it in 3.” It’s also good to give yourself some wiggle room because Office 365 migration documentation is lacking and there will be unexpected hurdles where you have to stop and start over if you mess up a step.

Deploying Azure AD connect is easy. You will need two super users, though: one with admin privileges on your local AD server, and one with an admin account in Azure AD.



You MUST MUST MUST! disable certain attributes in your AD Connect:

  • msExchMailboxAuditEnable
  • msExchMailboxAuditlogAgeLimit
  • msExchMailboxGuid (THIS IS THE IMPORTANT ONE)

Azure AD attributes to be disabled

Now, let’s say you didn’t heed my warnings. You’ll need to disable the AD Sync, which can take at least 72 hours. You’ll also have to delete everything in Azure AD that has synced and start the sync again.

So once you’re synced, what do you do next?

We used a SkyKick migration and an MSP for this step.

All I had to do was give them a list of all our users and an admin password. It was done over the course of a weekend. This was by far the easiest part, so I can’t really give any insight.

Still with me?

So let’s recap. All your AD users are now synced and all your mail is synced to Exchange online mailboxes. The next step is cutover.

This is the scary step.

This is where you will change your DNS records and point all mail to the cloud (or to your spam filter then to the cloud).

If this goes well, then great! If this doesn’t, I feel your pain… the problem I had is it took our DNS over 4 hours to update.

There’s one last thing I would like to let you ponder: are you going to use Office 365 to serve as your spam filter or will you use another service? Be aware that by default, O365 has very minimal spam protection enabled. The basic spam protection seems to just let everything through. Do your research and change your settings before migrating.

If you’ve reached this point and you’ve made it through your Office 365 migration, that’s awesome.

But if you are looking through Google after some hardships with your migration, I feel your pain.

For more information on best practices and tips, see Alienor’s blog on patch management.