One of the more interesting changes to the ever changing Hybrid wizard is the ‘Hybrid Organization Configuration Transfer’ option that has appeared recently.
What Is It?
So what is this and why is it important? Why did Microsoft invest time and money on this feature for those moving to the cloud? Take a quick read here – https://blogs.technet.microsoft.com/exchange/2018/06/18/hybrid-organization-configuration-transfer/
Items included in this transfer:
- Retention Policy
- Retention Policy Tags
- OWA Mailbox Policy
- Mobile Device Mailbox Policy
- Active Sync Mailbox Policy
This change is important for those moving to Exchange Online because it helps simply the configuration of an Office 365 tenant migration. Quick breakdown on the above items:
Retention Policies and Retention Tags – previous to the change, if your organization used Retention Policies/Tags and these would be used in Exchange Online, there was a requirement to manually recreate them. Now, in a smaller environment this isn’t much of an issue. However, if there is a complex setup and lots of tags / policies, this could be a significant effort.
** Note ** that these retention Policies and Tags have to be created prior to a mailboxes is moved. This is done so that when a mailbox is moved to Exchange Online and the normal processes that run to tag items in a mailbox do not remove tags that it cannot reconcile. In other words, if there are emails that were tagged with Retention Tags that are not present in Exchange Online, then Exchange Online will remove them as they are foreign tags.
OWA Mailbox Policy: For those familiar with the configuration of any OWA Mailbox Policies, you will note that a lot of settings are not in the GUI or web interface of Exchange 2013 or 2016. In fact a lot of the settings can only be determined with PowerShell. As such, the job of documenting these and then transferring them to Exchange Online does require some bit of effort.
Mobile Device Mailbox Policy and ActiveSync Mailbox Policy: The same that was said for the OWA Mailbox Policy can also be said about these two policies in Exchange On-Premises. The effort to document and reproduce these in Exchange Online will be greatly streamlined with this new feature in the Hybrid wizard.
Real World Experience
So how does this act in the real world? Well, with a mixed Exchange 2013 and 2016 server environment that was previously configured with the Hybrid wizard, a simple re-running of the wizard on a new Exchange 2016 server went flawlessly like so:
Log File
Once the wizard ran I examined the Hybrid configuration log file to see what is logged for the changes
Near the top of the Hybrid Config log we see mention of the new process:
Here the wizard discovers that the Hybrid Configuration Transfer was not run last time:
Retention Tags not found in the cloud and added to Exchange Online:
Retention Policies not found in the cloud and added to Exchange Online:
OWA Mailbox Polices note found and added [Default OWA Policy – ‘OwaMailboxPolicy-Default’]
Two policies that were in Exchange are added to Exchange Online, for a total of three policies. Here are the current policies now:
New Retention Policies
New Retention Tags:
The future
As noted in the article there is a Phase 2 – “Copying of several new objects (Organization Config, DLP Policy, Active Sync Device Access Rule and Active Sync Organization Settings) from on-premises to cloud, the admin will be given a choice to update existing objects in the cloud if the attribute values are different from those on-premises.”
The key here is the ability to update existing values, do it is one thing to create new objects, but to be able to update existing ones enables the admin to have one ‘source’ for values and keep the two environments at a similar configuration level if you will. I like this possibility very much myself.
Deprecated Cmdlet Found in the logsI’ve written blog articles about PowerShell cmdlets in Exchange that are being deprecated, but it seems even Microsoft needs to update their scripts with the changes:
This error is a bit more surprising as this is a new feature and these cmdlets have been on the chopping block for years.