Office 365 and Dirsync: Why should you have at least one Exchange Server on-premises
For those of you involved in Office 365 migrations, the following question should sound familiar:
“Once all users are on Office 365, can we decommission all Exchange on-premises servers?”
I am writing this post. A few days ago We published an excellent article on Technet, describing several scenarios and explaining when should you keep an Exchange Server on premises: “How and when to decommission your on-premises Exchange Servers in a hybrid deployment”
I highly recommend that you read the entire article, to better understand the several scenarios, but I will give you also my personal insight on this.
Do you need an Exchange on-premises? Yes.. you should have one.
Why? Because you have Dirsync and your objects are being synced from on-premises to Office 365 - Directory synchronization and source of authority
What challenges will you face if you don’t have an Exchange on-premises?
Several, and it will depend on two factors. The first thing you need is to have your active directory schema on-premises extended for Exchange. Meaning that if you cannot edit the Exchange attributes off an object, on Office 365, because that object is being synced from the on-premises AD, you will need those attributes to exist on the on-premises AD so that you can edit them there. Makes sense? Have a look at this article describing one of the issues you might face. The second thing you need is a supported way to edit those attributes on premises. Probably some of you thought “Why can’t i use ADSIEdit to edit those attributes on premises?”. Well the answer is simple: It’s NOT SUPPORTED!
In the TechNet article you can read this:
“The question of whether a third-party management tool or ADSIEDIT can be used is often asked. The answer is you can use them, but they are not supported. The Exchange Management Console, the Exchange Administration Center (EAC), and the Exchange Management Shell are the only supported tools that are available to manage Exchange recipients and objects.”
So there’s your reason to have an Exchange on-premises. TechNet describes several scenarios on the article, for you to better understand what your requirements are. But basically it all comes down to:
Is Dirsync a requirement? If yes then you need Exchange on-premises.
Is ADFS a requirement? If yes then you also need dirsync, so same answer as above.
The key here is to understand if the Office 365 objects depend and are synced from the on-premises Active Directory,and if they are you need to have your on-premises Active Directory extended and you need to have a supported tool to edit those objects on-premises. It’s as simple as that! 🙂
The article also describes how to disable dirsync, if it’s not a requirement anymore, and with it you can also remove all your Exchange on-premises server.
What about the Exchange on-premises Server license? Do you need one?
Well if the following conditions apply you can request an Exchange Hybrid Server product key, with no additional costs:
- You have an existing, non-trial,Office 365 Enterprise subscription
- You currently do not have a licensed Exchange 2013 or Exchange 2010 SP3 server in your on-premises organization.
- You will not host any on-premises mailboxes on the Exchange 2013 or Exchange 2010 SP3 server on which you apply the Hybrid Edition product key.
See this article for more details.
To summarize this post, when and why to keep Exchange servers on-premises after moving to Office 365, is an excellent resource you can use, provided that you fully understand the reasons behind it.
Hope this post was helpful! Thanks!