Tweet
Exchange - On-Prem, hyrbid or cloud
Hi there,
More and more organizations are moving from Exchange On-Premise to hybrid or cloud.
To clear up some confusion about the three, we have summed up the 3 options:
I hope this makes it clearer on which setup you have configured and possibly gives you some insight on what to expect (and possibly to change in HelloID) when making a switch to Hybrid or Cloud.
More and more organizations are moving from Exchange On-Premise to hybrid or cloud.
To clear up some confusion about the three, we have summed up the 3 options:
- Full On-Premise: On-Premise AD and On-Premise Exchange (no Office 365/Exchange Online).
- To support this setup we use the built-in Microsoft Active Directory Target Connector and enable the Exchange Integration.
Here we will create the mailbox directly on the On-Premise Exchange environment (using the AD user) using the PowerShell command Enable-Mailbox.
The AD user is the source for the mailbox. So all settings on the mailbox must be set on the AD user and are synchronized from the user to the mailbox.
Are additional settings needed on the mailbox? Then an additional connector might be needed to manage the Exchange On-Prem mailbox: Tools4everBV/HelloID-Conn-Prov-Target-ExchangeOn-Premise: Exchange On-Premise - Target - Permissions (github.com)
- To support this setup we use the built-in Microsoft Active Directory Target Connector and enable the Exchange Integration.
- Hybrid: On-Premise AD, On-Premise Exchange (even if only still there for backups) and Office 365/Exchange Online.
- To support this setup we still use the built-in Microsoft Active Directory Target Connector and enable the Exchange Integration. Although now we also enable Use Hybrid/Remote Exchange Integration.
In this case we will create the mailbox on the On-Premises Exchange environment (using the AD user), but we will indicate it is a Cloud mailbox, using the PowerShell command Enable-RemoteMailbox. - The AD user is still the source for the mailbox. So all settings on the mailbox must be set on the AD user and are synchronized from the user to the mailbox.
Are additional settings needed on the mailbox? Then an additional connector might be needed to manage the Exchange Online mailbox: Tools4everBV/HelloID-Conn-Prov-Target-ExchangeOnline: Exchange Online - Target - Permissions (github.com)
- To support this setup we still use the built-in Microsoft Active Directory Target Connector and enable the Exchange Integration. Although now we also enable Use Hybrid/Remote Exchange Integration.
- Full Cloud: On-Premises AD and/or Azure AD and Office 365/Exchange Online.
- To support this setup we still use the Business Rules to assign the License Group.
We will not create any mailboxes with HelloID, only the AD user which will be synchronized to Azure AD (or directly the Azure AD user).
In this case we will assign a license group on the On-Premise AD that will be synchronized and make sure the Azure AD user gets an Office license (like e.g. E3).
Once an Azure AD user gets a license, the mailbox will be automatically created.- Please note! When switching from either option to the Full Cloud option, make sure that all employees, following the Business Rules, are assigned a license group, otherwise they will no longer have access to their mailbox and new users won't have a mailbox created for them without the assigned license group.
Best practice would be to first create the license group(s) and, using the Business Rules, assign the users to the group(s). First validate the members of the group and only when the members are validated you should make the switch to fully use the license groups. This way you can assure no users lose access to their mailbox or get a mismatch in license.
- Please note! When switching from either option to the Full Cloud option, make sure that all employees, following the Business Rules, are assigned a license group, otherwise they will no longer have access to their mailbox and new users won't have a mailbox created for them without the assigned license group.
- The AD/Azure AD user is still the source for the mailbox. So all settings on the mailbox must be set on the AD/Azure AD user and are synchronized from the user to the mailbox.
Are additional settings needed on the mailbox? Then an additional connector might be needed to manage the Exchange Online mailbox: Tools4everBV/HelloID-Conn-Prov-Target-ExchangeOnline: Exchange Online - Target - Permissions (github.com)
- To support this setup we still use the Business Rules to assign the License Group.
I hope this makes it clearer on which setup you have configured and possibly gives you some insight on what to expect (and possibly to change in HelloID) when making a switch to Hybrid or Cloud.