Options for Migrating from On-Premises Exchange
Start course

In this course, you will learn about Microsoft 365 Messaging Migrations and Deployments.

Learning Objectives

  • Email migration options
  • Migrating from on-premises Exchange environment to Microsoft Exchange Online
  • Coexistence between an on-premises Exchange environment and Exchange Online
  • Migrating from third-party mail solutions to Exchange Online

Intended Audience

  • This course is intended for those who wish to learn about messaging migrations and deployments in Microsoft 365


  • Have a basic understanding of Microsoft 365

Welcome to Migrating from On-Prem Exchange. In this lesson, we’ll cover the many different ways that you can get from an on-prem Exchange org to Exchange online. We’ll cover cutover migrations, staged migrations, and the different types of hybrid migrations.

Migrating mailboxes to Exchange Online Microsoft 365 allows you to migrate emails, calendar items, tasks, and contacts. Your organization and goals will dictate how you do this. Let’s start by taking a look at cutover migrations. The cutover migration is a good option if your organization plans to migrate all on-prem mailboxes to Microsoft 365 over a few days. In this type of migration, on-prem mail contacts and distribution groups are also migrated, in addition to mailboxes.

It’s important to note that to use a cutover migration, you need to be running Exchange 2003 or Exchange 2007, have fewer than 2000 mailboxes, and you must want to move all of your mailboxes all at one time. That said, I should mention that even though a cutover migration supports up to 2000 mailboxes, in reality, because of how long it can take to create and migrate 2000 users, it's more reasonable to use the cutover option only if you are migrating 150 users or fewer.

After performing a cutover migration, each user who has an on-prem Exchange mailbox also will be a new user in Microsoft 365. Because the migration won’t automatically assign a Microsoft 365 or Office 365 license to these users, you’ll need to assign licenses to users whose mailboxes are migrated.

Now, a staged migration is a good option if your organization plans to eventually migrate all on-prem mailboxes to Microsoft 365. This type of migration is used to migrate batches of on-prem mailboxes to Microsoft 365 over the course of a few weeks or months.

To perform a staged migration, you need to be running Exchange 2003 or Exchange 2007, and you should, ideally, have no more than 2000 mailboxes to be migrated. Although this mailbox count isn’t a hard and fast showstopper rule.

I should mention that when performing a staged migration, you have to first complete a one-time Active Directory synchronization to Microsoft 365 in order to create the recipients in Microsoft 365. Once the one-time sync is complete, you can start migrating batches of mailboxes to Microsoft 365. 

You start the batch migrations by identifying the users whose on-prem mailboxes need to be migrated to Microsoft 365. After grouping your users in batches, you create a CSV file for each batch of users, with each row in the CSV containing information about a separate on-prem mailbox.

Now, remember, I mentioned earlier that staged migrations are good when you have fewer than 2000 mailboxes to migrate. That said, this isn’t a hard and fast limit. In other words, the CSV file for a particular migration batch can only contain a maximum of 2,000 rows. This means that if you do need to migrate more than 2,000 mailboxes, you’ll need to create multiple CSV files and use each one to create a new migration batch.

During a staged migration, Microsoft 365, or really Exchange Online, more specifically, uses the SMTP address of each on-prem mailbox to create the email address for a new Microsoft 365 mailbox for each mailbox being migrated. Now, I should point out that before you run a staged migration, and even before you do a cutover migration for that matter, you’ll have to verify ownership of your on-prem email domain in your Microsoft 365 organization.

Once you’ve run a staged migration, the migrated users get new sign-in credentials for their mailboxes. This means that they will have to reconfigure their Outlook profiles and any other mail app profiles. You’ll also have to license the users after they're created in the staged migration. You’ll have a 30-day grace period to add these licenses before things start going south.

So, now, let’s talk about hybrid. An Exchange Hybrid deployment allows you to extend an existing on-prem Exchange org to the cloud, while retaining a seamless look and feel of a single Exchange org across both the on-prem org and Exchange Online. Companies will often use a hybrid deployment as a stepping stone to moving completely to Exchange Online. It’s important to note that there are three different hybrid migration options. These include a full hybrid migration, a minimal hybrid migration, and the express migration.

A full hybrid migration is best for larger organizations that plan to migrate thousands of mailboxes and will need rich integration between their on-prem Exchange organizations and Microsoft 365. During a full hybrid migration, the organization’s on-prem Active Directory is synchronized with Microsoft 365, and, probably more importantly, free/busy information can be exchanged between the on-prem mailboxes and the Exchange Online mailboxes. This free/busy exchange is often the reason that large orgs opt for full hybrid during lengthy migration periods. Enhanced mail flow options also become available when deploying a full hybrid solution.

A minimal hybrid migration is a good choice for medium-sized organizations that need to migrate maybe a few hundred mailboxes to a couple thousand mailboxes – and plan to complete the migration within a couple months. Just like the case with full hybrid, a minimal hybrid migration requires on-going synchronization of the on-prem Active Directory to Microsoft 365. In both instances, this helps with recipient administration. The main caveat with a minimal hybrid setup, however, is that the more advanced features, including that free/busy exchange that I mentioned, aren’t available. This often takes the minimal hybrid off the table, because companies usually rely on that free/busy exchange during the time that mailboxes exist both on prem and in the cloud. Without it, the user experience suffers somewhat.

And then we have the Express migration. The express migration option is good for the small organization that plans to complete the migration within a couple weeks. During an express migration, a one-time Active Directory synchronization is performed with Microsoft 365. This one-time sync sets up the recipients in Microsoft 365 and helps move their mailboxes to Microsoft 365. It’s important to note that there are no enhanced features available during an express migration, so it’s important to finish the migration quickly.

Now that we’ve touched on the different migration options, including hybrid, I want to just take a moment to mention the different hybrid migration topologies that are available. You have the Classic Hybrid topology and the Modern Hybrid topology. The Hybrid Configuration Wizard supports both.

A Classic Hybrid requires the internal Exchange servers to be accessible from Exchange Online via HTTPS. This is necessary to allow Exchange Online to connect to the internal Exchange organization to provide the hybrid capabilities. So, this means that in order to publish your internal Exchange Servers to the Internet, you’ll need a static public IP address, along with a 3rd party TLS certificate. In other words, no self-signed stuff. The Classic Hybrid topology includes Classic Full, Classic Minimal, and Classic Express options. We already talked about the full, minimal, and express options so I’m not gonna run through them again.

Modern Hybrid is a little different, because it doesn't require any inbound HTTPS connections from Exchange Online to the internal Exchange org. Instead, when you use Modern Hybrid, the Exchange Hybrid Agent connects the on-prem Exchange org to Exchange Online. This Exchange Hybrid Agent is a piece of software that you install on an on-prem server. It then runs as a service and connects to Exchange Online via an outbound HTTPS connection. The Agent supports free/busy requests from Exchange Online to the on-prem Exchange server and it supports mailbox migrations.

Microsoft generally recommends using Modern Hybrid when deploying a hybrid Exchange solution – mainly because you don't have to install extra components to allow incoming HTTPS connections. That said, there are some caveats. For example, if you use Microsoft Teams and want your Teams users to continue using their on-prem mailboxes, the Classic Full Hybrid would be the only viable option. The Modern Hybrid topology includes two options: Modern Full and Modern Minimal. Again, we’ve already covered full and minimal hybrid so no need to re-hash it.

So, when all is said and done, oddly enough, Classic Hybrid topology offers more flexibility over its Modern Hybrid counterpart. However, with that flexibility comes more setup and more operational requirements than are required by Modern Hybrid. Basically, Modern Hybrid’s main advantage is that it’s quicker to setup, so it allows migrations to be completed more quickly than Classic Hybrid migrations. The limited feature set is the price you pay for this speed and simplicity.

So, to wrap things up. There are several types of migration options available for migrating from on-prem Exchange to Exchange Online. You have cover cutover migrations, staged migrations, and several different types of hybrid migrations, including full hybrid, minimal hybrid, and express. You also have two different hybrid topologies. They are Classic Hybrid and Modern Hybrid. Be sure to understand each of these and how they compare to one another.


About the Author
Learning Paths

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.