here are always two sides to a coin, in this situation as well. This blog is a set of the next steps for Office 365 Mailbox Migration. Target Office 365 Tenant is where the destination of the mailboxes is, which means this is the pull environment and Source Office 365 Tenant is the push environment. Please read this prerequisite blog for the Office 365 Mailbox Migration process. Fastest way of Mailbox Migration - Tenant to Tenant - ( Office 365 ) Prerequisites. In this blog, we are going to talk about steps that need to be performed on the Target Side.
- Cross Tenant Mailbox Migration Process.
- Download PowerShell Script.
- Validate Information.
- Tips & Tricks
- Execute PowerShell Script
Cross Tenant Mailbox Migration Process.
This is a fairly simple process designed by Microsoft, in this process, the key point of understanding is an organization reorganization between the Target and Source Office 365 Tenant.
Please see the below steps for the whole process of cross-tenant mailbox migration.
- Tenant Relationship App.
- Target Tenant Key (Vault Contains Tenant Friending App Secret).
- Source Tenant Admin Consent to Tenant Relationship App.
- Migration Endpoint ( ApplicationId, AppSecretKeyVaultURl, RemoteTenant )
- OrganizationRelationship with Source Tenant.
- Security Group Containing Mailboxes in Scope for a move to Target
- OrganizationRelationship in the source ( OAuthApplicationId & Mailbox Move Published Scope)
- Mailboxes are pulled from Source to Target
- from my side (Monitoring for the mailbox migration)
Download PowerShell Script.
Now, we can move to our next step, which is to download a ready-made script from Github. Release CrossTenant Exchange Mailbox Migration Setup Scripts (preview) · microsoft/cross-tenant (github.com)
After, downloading the scripts from the shared location. Let's focus on Target Script.
Validate Information.
Now, you have the PowerShell script to prepare your target office 365 tenant.
This is where you need to be ready for all the information to run the script with the key information.
- Note Tenant’s ID for source and target tenant, you would need it for the execution of PowerShell scripts.
- ResourceTenantAdminEmail – this is the email address for the source admin account.
- SubscriptionId – make a note for Target Azure Account’s Subscription Id where you want to create a resource group to store the key vault / Certificate.
- ResourceGroup – choose a name for the resource group creation.
Tips & Tricks
Great News, you have all the tools and information to run the script in the target Office 365 environment.
First thing is to check your Azure Account and make sure you have the access to create a resource group and a key vault to a valid azure location, Azure Location is a check in the script.
Second and most important point is to add another parameter to run the script as it would fail without it, "-UseAppAndCertGeneratedForSendingInvitation", adding this parameter would send the application invite separately. I have tested the script.
Third is from the source but you would need it in the target office 365, gather the mailbox size, item count, and each and every attribute. You never know which part of data you would need in your side of the migration process. If you still want to be precise about the collection of data from the source, there is a list in the Microsoft article link shared above.
Finally, the point is where you can use this migration process, as mentioned in the Microsoft article. You can use this migration process in Cloud only or in a Hybrid with On-premise exchange servers.
Execute PowerShell Script
Let's see how you are going to execute the downloaded target script.
Open PowerShell in Admin Mode and you would need to connect with the below-listed modules
Please install and connect to the listed modules.
- AzureAD Modules ( Install AzureAD PowerShell for Graph | Microsoft Docs )
- Az Modules ( Install the Azure Az PowerShell module with PowerShellGet | Microsoft Docs )
- ExchangeOnline Module ( About the Exchange Online PowerShell V2 module | Microsoft Docs )
To Connect to these modules, you can connect to it very simply as well post installing these modules.
- Connect-AzureAD
- Connect-AzAccount
- Connect-ExchangeOnline
Now, you would need to change the directory where you have the target script.
Example:-cd "C:\Powershell Script\Target"
In the next steps, you are going to execute the script. There is an example in the script for all the parameters.
You can run the script with all the parameter values defined already running the script. In one go, you can put values to all the required parameters. In this example, you don't have to put it down after you start the execution part of it.
After you execute the script, the first stoppage is where you would see the Admin consent links. You would need to copy the link for your domain first and consent to the application created.
Now the second link is for the source side of the migration, you can mail the link or check with the source admin if he received the email invite for the application.
I know a lot of things are blurred out but that is key information, you can see the below screenshot for your reference when you execute the target script.
In Conclusion, the script will finish after the creation of Migration endpoints. All the points are covered for the target office 365 Tenant.
(Standard Disclaimer: All the Information posted in the blog may be out of date in due time or updated by the relevant sources
Perform your due diligence and verify all the information posted here)