Post decommissioning of Exchange hybrid setup after Office365 migration

We've completely migrated all our on-premises Exchange 2010 mailboxes to Office365 in a hybrid deployment scenario. We continue to use DirSync to keep online and on-premises AD in sync.

We are now looking to decommission all (or as much as possible) of the Exchange infrastructure as possible. I have some questions, especially in the context of the office decommissioning guidance provided here : https://technet.microsoft.com/en-us/library/dn931280(v=exchg.150).aspx (we fall in "Scenario two" for those interested).

Given the design flaw and unfortunate requirement of having to keep an Exchange 2010 server around (just for mailbox administrative tasks that cannot be performed otherwise due to source of authority constraints with on-premises AD), we have followed the recommendations and all that is left now is a single Exchange 2010 server on-premises.

  • Do we need to keep this server running, or can we start it up only when we need to perform administrative tasks? It may very well stay offline for months at a time - would that be OK?
  • If we do need to keep it running, can we remove the mailbox database from it?

  • Do we still need to include it in backups to release deleted mailboxes and other maintenance tasks?

Many thanks,
Jaans

September 6th, 2015 8:48am

Hi,

In most cases, we recommend that you leave at least one Exchange 2010 Server on-premises for mailbox management unless you are getting rid of the on-premises messaging and identity management dependencies all together. So I suggest you can keep the server running.

You can have a look at the below article to get more detailed information:

http://blogs.technet.com/b/exchange/archive/2012/12/05/decommissioning-your-exchange-2010-servers-in-a-hybrid-deployment.aspx

Regards,

David  

Free Windows Admin Tool Kit Click here and download it now
September 6th, 2015 10:47pm

Thanks David, but your reply is of little help. 

If you read my post a bit more attentively you'll notice that we are already running just running an Exchange 2010 server on-premises (as per the recommendation of the reference TechNet articles and your link).

That is not what we are seeking guidance about. What we need to know is the operational state of that server, AFTER decommissioning the hybrid deployment. Refer to the bullet-listed questions from my original post.

September 6th, 2015 11:13pm

Hi Jaans,

This is what I think:

  • Do we need to keep this server running, or can we start it up only when we need to perform administrative tasks? It may very well stay offline for months at a time - would that be OK?

That would be okay, depending upon your user change request pattern.

Data and Sync is happening via the DirSync I believe, you would have all send\conenctors etc moved already, hence there is no such dependancy. But I don't think you will not have any Exchange related work for months time. As per my view you get now and then requests that require you to manage exchange users that would require you to have the Ex2010 server online.

Please note many management tasks can be carried out without the Ex2010 consoles, directly using ADSIedit or PowerShell Module for AD, but its not recommended and quite a task to do so efficiently.

  • If we do need to keep it running, can we remove the mailbox database from it?

I don't think you need to keep the old databases, post your backup and retention policy of your company. You can keep a small temp DB, just for easier access or to run cmdlets succesfully, I have seen instances some cmds fail or user logins are rejected due to missing\dismounted DBs.

  • Do we still need to include it in backups to release deleted mailboxes and other maintenance tasks?

If you don't have DBs with valid users in it no point of backing it up, Just backup the system state and the temp small DB though, for easier recovery. But its not required as most of the data is stored in AD, and usually you don't need the Exchange level backups for anything else apart from DBs, except the certificates.

Free Windows Admin Tool Kit Click here and download it now
September 7th, 2015 6:11am

Hi Jaans,

is your mx record,autodiscover and mailflow still pointing to your on prem environment or is it pointing to Office365?

What is the reason you want to turn off Exchange server and only turn it on for administrative tasks?

September 7th, 2015 8:20am

As per the guidance documentation, MX, AutoDiscover, etc. are pointing to O365. All mailflow is to O365 and none is going through on-premise any more.

As for why turn off Exchange server? It's for a small client who is paying for O365 and not for on-premises mail services, but other than that, you can take your pick from any of these really:

  • Cost
  • Volatile power delivery on-premises
  • Maintenance
  • Backup
  • Administrative burden
  • Reducing wastage
  • Updates
  • Potential future AD schema prep when Exchange 2010 still remains

:-) 

Free Windows Admin Tool Kit Click here and download it now
September 8th, 2015 1:19am

Hi again Jaans,

updates and maintenance is a requirement in Hybrid environment. This is because it might cause issues if your on-prem is not up to date.

We are also in hybrid environment, but all mail flow goes thru On-prem environment and we manage user account a lot.

If you don't manage (edit, create or delete) user account that much then you can try to shutdown the On prem exchange for a couple of days and see how it goes.

Regarding database, you would need at least one.

If you don't have any critical mailboxes then no backup is needed.

You don't use On prem server for any kind of e-mail relay ?

September 8th, 2015 2:46am

Hi Jaans,

  • If you are not using the local credentials for PC login or anything specific you can migrate all Local AD users to Azure AD, then you should be able to Manage the on Clound users using O365 fully. No need for On-prem Exchange. (Considering users login using Home PC, workgroup local accounts, this will be going backwards in time)

  • Other option is keep the local AD without mailboxes and assign a second In Cloud account\mailbox to each user. This way you have local AD managements options and mailbox management using cloud no Exchange On-prem required.

But the second option doesn't give you the SSO and increases user level effort. Management have to decide the balance for money vs. user satisfaction

References:

Active Directory from on-premises to the cloud Windows Azure AD whitepapers:

Download link: https://www.microsoft.com/en-in/download/details.aspx?id=36391

Free Windows Admin Tool Kit Click here and download it now
September 8th, 2015 3:13am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics