Exchange OnPremise to Office 365 migration - Deployment and automation in a modern infrastructure

CIO objectives when migrating from Exchange to Office 365

• Service continuity and minimized downtime
• Data security and compliance (RGPD, PRA/PCA)
• Streamlined administration and automation

Technical prerequisites for a successful migration

• Inventory and mapping of the Exchange environment (versions, databases, DAGs, connectors, namespaces, certificates)
• Directory synchronization: implementation of Azure AD Connect (hybrid mode, OR filtering, attribute management)
• DNS preparation: domain validation, configuration of Autodiscover, MX, SPF, DKIM, DMARC records
• Security: TLS encryption, MFA, Conditional Access, external access management
• Licenses: allocation of Office 365 licenses (Exchange Online Plan 1/2, etc.)

Exchange OnPremise to Office 365 migration architecture

• Hybrid mode (Hybrid Modern Auth recommended): allows coexistence, gradual migration, centralized management of mailboxes and SMTP flows
• Exchange Hybrid Configuration Wizard (HCW): configuration of mail flows, delegation, free/busy, batch migration, etc.
• Object management: synchronization of shared boxes, resources, distribution groups, delegated permissions

Our approach to migrating from Exchange OnPremise to Office 365

1. Preparing the environment

• Exchange v20xx update (latest CU, security patches)
• AD health check, replication, obsolete object cleanup
• Virtual URL configuration (OWA, EWS, MAPI, Autodiscover)
• Deploying Azure AD Connect (with Password Hash Sync or Pass-Through Auth)

2. Hybrid mode configuration

• Running HCW (Hybrid Configuration Wizard)
• Publication of necessary services (EWS, Autodiscover) via reverse proxy or firewall
• Configuration of mail flow connectors (inbound/outbound) between Exchange Online and On-Prem
• Enable identity federation (if SSO required)

3. Mailbox migration

• Planning of migration batches (by department, site, criticality)
• Migration endpoints (MRS Proxy)
• Migration monitoring (logs, alerts, PowerShell reporting)
• Archive management, shared boxes, delegates, access rights

4. Post-migration and optimization

• Flow validation (mailflow, calendars, mobile access)
• Object cleaning, deactivation of empty bases
• Update administration scripts, documentation, runbooks
• Training of support teams and user communication

Security and compliance after Exchange Online migration

• MFA/Conditional Access: enhanced access to Exchange Online boxes
• Audit and traceability: mailbox audit activation, DLP alerts, log supervision
• Advanced protection: activate Exchange Online Protection (EOP), Defender for Office 365 (ATP)
• RGPD compliance: managing the right to be forgotten, retention, eDiscovery

Office 365 migration results

• Reduced attack surface (end of legacy on-prem, simplified patching)
• Flexibility and scalability (adding boxes, mobility, global access)
• Automation (PowerShell, Graph API, advanced reporting)
• Improved resilience (Microsoft SLA, native PRA/PCA)

Points to watch when migrating from Exchange OnPremise to Office 365

• Management of third-party applications using Exchange (fax, copiers, business applications)
• Migration of local archives (PST, third-party solutions)
• Governance of access rights and delegations
• Communication and change management

‍