Tenant To Tenant Migration Office 365 (Back-Out Plan Included)

This is a complete guide to perform the tenant to tenant migration Office 365.

2 or more weeks before migration

1. Check the domain ownership and capture the information and save.
2. Capture all the DNS records using this website.
3. Identify and capture the DNS records which are relevant to Exchange (if performing a domain transfer) – TXT, MX and SPF.
4. On each MX record take note of the TTL value

• We need to request that the TTL value is reduced to a smaller number eg 5 minutes.
• If the TTL cannot be lowered to 5 minutes, make note of the lowest value. Example, if the lowest value is 4 hours, the MX record will have to be changed 4 hours before your migration begins.
• Request the TTL is updated at least 8 hours before migration.

5. Check the domain availability using this link.

• This checks if you@domainname.onmicrosoft.com is already in use in another tenant.  It checks SharePoint Online, but nine out of ten times if SharePoint Online is using the domain you can be sure Exchange and or UPN Suffixes are in use also.

• If you try to add the domain in our tenant when it’s already taken as a domain name in another tenant, you get an error saying it’s already in use.

6. Determine which Microsoft 365 services are required for the domain.

• Exchange Online (TXT, MX, SPF, CNAME)
• Microsoft Teams
• Mobile Device Management

7. Decision Needed – Discuss Domain and DNS requirements

Domain Name:

• To transfer the domain name registration to tenant B (destination tenant), initiates a transfer request.
• This generates an email to the current domain (tenant A – source tenant) owner requesting approval for the transfer.
• The current owner needs to ensure the domain is unlocked for transfer and may need to generate an authorization code.
• Once the transfer is accepted the process could take between 24-48 hours to complete.
• Any services tied to the domain names which are hosted at the old registrar will stop working.

DNS Records:

Copy of ALL (not just Exchange) records so that setup the records on the destination DNS servers.

8. Discuss with the project team what items do NOT get migrated using the BitTitan migration tool.

9. Request domain admin rights to O365 Admin Portal at Source

Admin rights is required as part of the process we need to remove the domain from the admin portal at Source and then add the domain to Destination.

10. Log into O365 Admin Portal at Source and review EXO Mail Rules and Connectors

11. Check the domains / IP addresses are NOT blacklisted using mxtoolbox blacklists.

Important:  If blacklisted, when we whitelist the domains / IP addresses.

12. Log into O365 Admin Portal at Source and export Accepted Domains, Groups, Mailboxes, Resources, Shared Mailboxes and list of Users into EXCEL.

13. Review the size of each mailbox to be migrated.

• BitTitan can only migrate up to 50Gb per license.
  If the mailboxes are larger you may require additional licenses.

14. Review the mail setup

• Are there any forwarding rules?
• Delegate access
• Proxy addresses

15. Finalize the List of Users, Groups and the shared mailboxes to be migrated

16. Create all user mailboxes, shared mailboxes, distribution groups, security groups, contacts and resources at destination.

17. Add delegate access to Mailboxes / Calendars at destination

• Go to Exchange admin center
• Add delegate access to mailboxes/calendars

18. Create user communications

• This just needs to be noted
• Project Manager manage these communications

19. Create 2 Test Accounts at Source

• Request that two test accounts are created at the Source. 
• BitTitan will be used to migrate those test accounts to Destination.
• Make sure that the tenantname.onmicrosoft.com account is attached to each mailbox in Microsoft 365
• Global Admin account will be given full permissions (later in doc)

20. Populate the 2 Test Accounts at Source with the following data

• Email
• Folders
• Calendar (single and repeating appointments)
• Contact
• Tasks

21. Create 2 Test Accounts at Destination

• Request that two test accounts are created at the Source. 
• BitTitan will be used to migrate those test accounts to Destination.
• Global Admin account will be given full permissions (later in doc)

22. Grant Global Admin account full access to mailboxes:

Get-Mailbox -ResultSize unlimited | Add-MailboxPermission -User “admin account” -AccessRights FullAccess -InheritanceType All -AutoMapping $false

23. EWS must be working on the Source Exchange server

• BitTitan uses EWS to access Source and Destination domains.
• Without access there will be no migration.

24. Test mailbox access by opening any other mailbox with the admin account using OWA

• Open the browser to https://office.com
• When prompted for credentials, enter the user name and password of the account to be used to access the mailbox.
• If using administrative credentials, open a new tab and paste the OWA URL: (https://outlook.office365.com/owa/user@example.com)

25. Add tenantname.onmicrosoft.com account as a proxy address to each mailbox at Source.

We need to perform this we will be removing the domain email addresses from all mailboxes before we can remove the domain from the tenant.

26. Connect to EXO Powershell at SOURCE

27. Export and update proxy addresses to include @tenantname.onmicrosoft.com

Get-Mailbox -ResultSize Unlimited -Filter “emailaddresses -notlike ‘*@tenantname.onmicrosoft.com'” | select alias,primarysmtpaddress,emailaddresses |export-csv -NoTypeInformation “C:\Temp\mailboxes_output.csv”

Import-csv C:\Temp\mailboxes_output.csv| ForEach-Object {
$ID = $_.PrimarySmtpAddress
$alias = $_.Alias
$365Email = $alias + “@tenantname.onmicrosoft.com”
Set-Mailbox -Identity $ID -EmailAddresses @{add = $365Email}
}

28. Confirm all mailboxes have been updated. Results should be zero.

Get-Mailbox -ResultSize Unlimited -Filter “emailaddresses -notlike ‘*@tenantname.onmicrosoft.com'” | select alias,primarysmtpaddress,emailaddresses

29. Grant admin account full access to mailboxes at Destination

30. Connect to EXO Powershell at Destination

Grant full mailbox access to BitTitan service account over all acquired domain mailboxes at destination.

Add-MailboxPermission -Identity “Destination mailbox -User “BitTitan service account” -AccessRights FullAccess -InheritanceType All -AutoMapping $false

31. Test mailbox access by opening any other mailbox with the admin account using OWA

• Open the browser to https://office.com
• When prompted for credentials, enter the user name and password of the BitTitan service account to be used to access the mailbox.
• If using administrative credentials, open a new tab and paste the OWA URL:
  (https://outlook.office365.com/owa/user@example.com)

32. BitTitan license requirements

• 1 license per mailbox where the mailbox needs to be less than 50GB.  If the mailbox is greater than 50Gb then it will require 2 licenses.
• Determine the total number of mailboxes to migrate and obtain the required number of licenses.

Note:

A license can be used up to 10 times per mailbox. This assumes the end point doesn’t change.
If you are testing BitTitan migration with test accounts, ensure you include the total number of test accounts needed in in the license count.

33. Redeem licenses

• Log into BitTitan console
• On the top right-hand corner, click on the down arrow beside your name
• Select “Redeem Coupon”
• Enter the coupon code then click “Apply”
• A toast will appear indicating the coupon has been redeemed

Note:  Register for a BitTitan account if you don’t have an account, ensure your account is active by verifying your email address.

34. Create BitTitan project

• Log into BitTitan console
• Click “Go to My Projects” -> “Create a Mailbox Project” -> “Create a Mailbox Project” -> “Next Step”
• Enter the Project Name
• At Customer Name click “New” then add information.
• Click “Next step”

35. At Source Settings:

• Click “New”
• Enter an Endpoint name
• Select the End Point at the Source Domain
• Enter the Admin credentials
• Click “Add”
• Click “Next Step”

36. At Destination Settings:

• Click “New”
• Enter an Endpoint name
• Select the End Point at the Destination Domain
• Enter the BitTitan Admin credentials
• Click “Add”
• Click “Next Step”

37. At Tenant to Tenant Migration

• Do not select “Enable Tenant to Tenant Coexistence”
• Click “Save And Go To Summary”
• Click “Save Project”

38. Migrate Test accounts to Destination using BitTitan – Pre-Stage Migration

• Log into BitTitan console
• Select the Project Name
• Click on the drop-down arrow beside “Add” and select “Quick Add”
• At Source enter the email address of the test account
• At Destination enter the email address of the test account
• Click “Save Item And Add Another”
• Repeat again for the other test accounts
• Click “Save Item And Close”

39. Perform a Pre-Stage Migration

• Select ALL Test accounts
• Click on the down arrow beside “Start” and select “Pre-Stage Migration”
• In the “Pre-Stage Migration” window review the settings
• At “Select what to migrate” confirm “Mail” is selected
• At “Migration Scheduling” click on the down-arrow and select “Specific Time”
• Select an appropriate date and time
• Click “Start Migration”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

Important:

• Allow time for the migration to complete.
• The Pre-Stage migrates emails only.
• Calendars, contacts, journals, notes, and tasks will only migrate during a full migration.

40. Resolve any BitTitan error messages

• Select the accounts that errored
• Click on the down arrow beside “Start” and select “Retry Errors”
• In the “Retry Errors” window, review the settings
• Click “Retry Errors”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

41. Use OWA to confirm the mailboxes contain the migrated data

• Open the browser to https://office.com
• When prompted for credentials, enter the user name and password of the account to be used to access the mailbox.
• If using administrative credentials, open a new tab and paste the OWA URL (https://outlook.office365.com/owa/user@example.com)

42. At Source:  Use OWA to send and receive additional email

43. Perform a full migration

• Log into BitTitan console
• Select the Project Name
• Select ALL Test accounts
• Click on the down arrow beside “Start” and select “Full Migration”
• In the “Full Migration” window
• Review the settings
• At “Select what to migrate” confirm ALL options are selected
• At “Migration Scheduling” do nothing
• Click “Start Migration”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

44. Resolve any BitTitan error messages

• Select the accounts that errored
• Click on the down arrow beside “Start” and select “Retry Errors”
• In the “Retry Errors” window, review the settings
• Click “Retry Errors”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

45. Use OWA to confirm the mailboxes contain the migrated data

• Open the browser to https://office.com
• When prompted for credentials, enter the user name and password of the account to be used to access the mailbox.
• If using administrative credentials, open a new tab and paste the OWA URL (https://outlook.office365.com/owa/user@example.com)

46. Liaise with the business and confirms date and time of migration. Confirm other resources are available for migration

47. If the decision was made to take ownership of the domain and DNS before migration, initiate the transfer

1 week before migration

Export Exchange objects from Source:

48. Log into EXO Powershell at Source

49. Mailboxes:  Export UPN, Alias, SMTP and Proxy addresses

Get-Mailbox -ResultSize Unlimited | select userprincipalname,alias,primarysmtpaddress,emailaddresses | export-csv -NoTypeInformation “Backup_Source_Mailboxes.csv”

50. Groups: Export Alias, SMTP and Proxy addresses

Get-DistributionGroup -ResultSize Unlimited | select alias,primarysmtpaddress,emailaddresses | export-csv -NoTypeInformation “Backup_ Source_Groups.csv”

51. Calendar Delegation:

Get-Mailbox | foreach {
write-host -fore green “Processing $_”
Get-MailboxFolderPermission -Identity “$($_.alias):\Calendar” | where {$_.User -notlike “Anonymous” -and $_.User -notlike “Default”}} | select Identity,User,@{name=’AccessRights’;expression={$_.AccessRights -join ‘,’}} | Export-Csv -NoTypeInformation “Backup_ Source_Calendar_Delegation.csv”

Export Exchange objects from Destination:

52. Log into EXO Powershell at Destination

53. Contacts: Export Name and Email addresses

Get-Recipient -Filter {RecipientType -eq “MailContact” -and EmailAddresses -like ‘domainname‘} | select DisplayName,RecipientType,ExternalEmailAddress,EmailAddresses | export-csv -NoTypeInformation “Backup_Destination_Contacts.csv”

54. Mailboxes: Export Forwarding

For each mailbox:

get-Mailbox -Identity | select UserPrincipalName,DeliverToMailboxAndForward,ForwardingAddress,ForwardingSmtpAddress | export-csv -notypeinformation ‘Backup_Destination_Forwarding.csv’ -append

55. Pre-Stage Migration of all Mailboxes – email older than 10 days

Important: For the Source, use the onmicrosoft.com address

Select the Project Name
Click on the drop-down arrow beside “Add” and select “Bulk Add”
Click on “Select File”, locate the CSV file created in step 1 then click “Open”
The contents of the CSV will get imported and displayed on screen, click “Save”

Pre-stage migration:

• Select ALL the accounts that were imported
• Do not select the test accounts that were migrated previously
• Click on the down arrow beside “Start” and select “Pre-Stage Migration”
• In the “Pre-Stage Migration” window review the settings
• At “Select what to migrate” confirm “Mail” is selected
• At “Migration Scheduling” click on the down-arrow and select “Specific Time”
• Select an appropriate date and time
• Click “Start Migration”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

Important:

Allow time for the migration to complete
The Pre-Stage migrates emails only
Calendars, contacts, journals, notes, and tasks will only migrate during a full migration

56. Resolve any BitTitan error messages

• Select the accounts that errored
• Click on the down arrow beside “Start” and select “Retry Errors”
• In the “Retry Errors” window, review the settings
• Click “Retry Errors”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

57. Add the domain then request a TXT record to verify we own the domain

• In the Microsoft 365 admin center, go to Settings > Domains
• Choose Add domain
• Enter the name of the domain you want to add, then click Next
• At Verify by, select the “TXT record” tab
• Take a note of the TXT Name, TXT Value and TTL values. 
• Click Save and close (do not click Verify)

58. Setup IM federation so you have chat communications during pre-cutover

Important: Cannot migrate any IM contacts to Microsoft Teams.

59. 1 day before migration

Migrate mailboxes – Full migration

• Log into BitTitan console
• Select the Project Name
• Full Migration
• Select ALL accounts
• Click on the down arrow beside “Start” and select “Full Migration”
• In the “Full Migration” window review the settings
• At “Select what to migrate” confirm ALL options are selected
• At “Migration Scheduling” do nothing
• Click “Start Migration”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

Important: Allow time for the migration to complete.

60. Resolve any BitTitan error messages

• Select the accounts that errored
• Click on the down arrow beside “Start” and select “Retry Errors”
• In the “Retry Errors” window, review the settings
• Click “Retry Errors”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

61. Migration day

[Optional] Change the TTL value on each MX record

• We should request that the TTL value is reduced to a smaller number eg 5 minutes
• If the TTL cannot be lowered to 5 minutes, make note of the lowest value. Example, if the lowest value is 4 hours, the MX record will have to be changed 4 hours before your migration begins.
• Request the TTL is updated at least 8 hours before migration

Remove domain dependencies from Source:

62. Log into Azure AD and EXO Powershell at Source

[Optional] Change FEDERATED domains to MANAGED, if applicable.

63. Run the following cmdlet to determine which domains are FEDERATED or MANAGED

Get-MsolDomain

If FEDERATED change to MANAGED:

Set-MsolADFSContext -Computer ADFS_Server_FQDN

Convert-MsolDomainToStandard -DomainName “Domain Name Here” -SkipUserConversion:$true -PasswordFile C:\passwords.txt

64. Run the following cmdlets to verify the domains are managed

Get-MsolDomain

[If Applicable] Disable the directory synchronization

Set-MsolDirSyncEnabled -EnableDirSync $false

[If Applicable] SharePoint Online public website

65. If you had also set up your domain with a SharePoint Online public website, then before you can remove the domain, you first have to set the website’s URL back to the initial domain.

[If Applicable] Teams

Remove all Teams licenses from the users in the source tenant. This will remove the SIP attribute from their proxy addresses.

66. Set the default domain in source tenant to domainname.onmicrosoft.com

• In the Microsoft 365 admin center, go to Settings > Domains.
• On the Domains page, choose the domain you want to set as the default for new email addresses.
• Choose Set as default.

67. Change all Mailboxes UPNs to domainname .onmicrosoft.com domain. Replace the domainname with your domain name.

Get-MsolUser -all | select-object UserPrincipalName,ObjectID | export-csv -NoTypeInformation “User.csv”

Import-csv User.csv| ForEach-Object {
$ID = $_.UserPrincipalName
$ObjectID = $_.ObjectID
$365Email = $ID.Split(“@”)[0] + “@ domainname.onmicrosoft.com”
Set-MsolUserPrincipalName -ObjectId $ObjectID -NewUserPrincipalName $365Email}

68. Confirm the UPNs have been updated

Get-MsolUser -all | select-object UserPrincipalName,ObjectID

69. Change all Distribution Groups Primary SMTP address to domainname.onmicrosoft.com domain. Replace the domainname with your domain name.

Get-DistributionGroup -ResultSize Unlimited | select-object PrimarySMTPAddress | export-csv -NoTypeInformation “DL.csv”

Import-csv DL.csv| ForEach-Object {
$ID = $_.PrimarySmtpAddress
$365Email = $ID.Split(“@”)[0] + “@domainname.onmicrosoft.com”
Set-DistributionGroup -Identity $ID -primarysmtpaddress $365Email}

70. Confirm the primary smtp’s have been updated

Get-DistributionGroup -ResultSize Unlimited | select-object PrimarySMTPAddress

71. As we changed every mailboxes UPN, the primary SMTP addresses has also been updated to domainname.onmicrosoft.com. Now remove all aliases from every mailbox using this script:

$users = Get-Mailbox -ResultSize Unlimited | Where {$_.Emailaddresses.count -gt 1}
foreach ($user in $users) {
foreach ($email in $user.emailaddresses){
if ($email -ne “SMTP:”+$user.PrimarySmtpAddress){
Set-Mailbox -Identity $user.name -EmailAddresses @{Remove=$email}
}
}
Write-host $user.primarysmtpaddress “has been processed”
}

72. Confirm the Primary and Alias addresses are both domainname.onmicrosoft.com ONLY

Get-Mailbox | select PrimarySmtpAddress,EmailAddresses

73. Remove all aliases from every distribution group

$groups = Get-DistributionGroup -ResultSize Unlimited | Where {$_.Emailaddresses.count -gt 1}
foreach ($group in $groups) {
foreach ($email in $group.emailaddresses){
if ($email -ne “SMTP:”+$group.PrimarySmtpAddress){
Set-DistributionGroup -Identity $group.name -EmailAddresses @{Remove=$email}
}
}
Write-host $group.primarysmtpaddress “has been processed”
}

74. Confirm the Primary and Alias addresses are both domainname.onmicrosoft.com ONLY

Get-DistributionGroup | select PrimarySmtpAddress,EmailAddresses

[If Required] O365 Groups: User the cmdlets below to remove the domain:

Get-UnifiedGroup -Identity “name” | select primarysmtpaddress,emailaddresses

Set-UnifiedGroup -Identity “name” -PrimarySMTPAddress name@domainname.onmicrosoft.com
Set-UnifiedGroup -Identity “name” -EmailAddresses @{remove=”smtp:name@domain.com”}

75. Confirm all dependencies have been removed. Replace the domainname with your domain name.

Get-MsolUser -DomainName domainname.com -all

Important:

• If the results identify a user that is NOT licensed and STILL has an alias
• Assign the user a license
• Go into EXO and set their primary address to onmicrosoft.com then remove all aliases
• Remove the license
• Remove Domain from Source

76. Remove the domain from the source Microsoft 365 tenant

• In the Microsoft 365 admin center, go to Settings > Domains
• Open the domain you wish to remove
• Click Remove
• At “Are you sure you want to remove this domain” click Remove
• Confirm the domain was removed successfully then click Close

Important:

• Allow up to 60 minutes before adding the domains into the destination tenant.
• O365 may still think the domain is still in use.

77. Add Mail Rules and Connectors at Destination

[If required]

• In the Microsoft 365 Defender portal, go to Email & Collaboration > Policies & Rules > Threat policies > Anti-spam in the Policies section.
• On the Anti-spam policies page, select Connection filter policy (Default) from the list by clicking on the name of the policy.
• Click Edit connection filter policy to allow or deny messages from the IP addresses.

78. Verify the domain

• In the Microsoft 365 admin center, go to Settings > Domains
• Open the domain previously added.
• Click Start setup
• Click Verify
• At Set up your online services select I will manage my own DNS records then click Next
• At Choose your online services select the required services then click Next
• You will see a page with all the required DNS records
  Update the DNS records
  Allow time for the DNS changes to propagate globally ~ 20 mins
• Click Verify
• Confirm there are green tick marks beside the MX and TXT records
  If no CNAME, the overall verification process will fail
  Instead click Ignore incorrect DNS
• Click Finish – you’re done!

79. Verify changes

• Go to Microsoft 365 admin center and click on Domains from Settings.
• Select the domain you have just added and click on ‘View DNS Settings’

80. Check Domain

To check everything is setup as it should be, wait around an hour for all updates to take effect then launch the central ops website to verify.
Type in the domain name and check all records are set as in ‘View DNS Settings’ above.

81. Remove Email Forwarding at Destination

Log into Exchange Online PowerShell at Destination and run the following cmdlets for each user:

Set-Mailbox -Identity “DestinationUserEmailAddress” -ForwardingAddress $null -DeliverToMailboxAndForward $false

82. Add aliases for each user at Destination:

• Log into the on-premises Exchange server
• Run Exchange powershell and execute the following cmdlets:

Set-RemoteMailbox -Identity “username@domainname.com” -EmailAddresses @{Add=”smtp:name1@domain”,”smtp:name2@domain”}

83. For each GROUP: 

• Log into the on-premises Exchange server
• Run Exchange powershell and execute the following cmdlets:

Set-DistributionGroup -Identity “groupname” -EmailAddresses @{add=”name1@domain.com”}

84. Change the TTL value on each MX record back to the original setting eg 1 hour

85. Migrate Mailboxes – Final Migration

• Log into BitTitan console
• Select the Project Name
• Select ALL accounts
• Click on the down arrow beside “Start” and select “Full Migration”
• In the “Full Migration” window review the settings
• At “Select what to migrate” confirm ALL options are selected
• At “Migration Scheduling” do nothing
• Click “Start Migration”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

Important: Allow time for the migration to complete

86. Resolve any BitTitan error messages

• Once resolved
• Select the accounts that errored
• Click on the down arrow beside “Start” and select “Retry Errors”
• In the “Retry Errors” window, review the settings
• Click “Retry Errors”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

87. Delete Contacts at Destination

Connect to EXO at Destination and run the following cmdlet:

Import-csv “Backup_Destination_Contacts.csv”| ForEach-Object {
$DisplayName = $_.DisplayName
Remove-MailContact -Identity $Displayname}

88. Confirm the Contact has been deleted:

Import-csv “Backup_Destination_Contacts.csv”| ForEach-Object {
$DisplayName = $_.DisplayName
Get-MailContact -Identity $Displayname}

89. Set the default email address at Destination

For each USER:

• Log into the on-premises Exchange server
• Run Exchange powershell and execute the following cmdlets:

Set-RemoteMailbox “username@domainname.com” -PrimarySmtpAddress “name@domain.com”

90. For each GROUP:

• Log into the on-premises Exchange server
• Run Exchange powershell and execute the following cmdlets:

Set-DistributionGroup -Identity ‘DisplayName’ -PrimarySmtpAddress “name@domain.com” -EmailAddressPolicyEnabled $false

91. For each SHARED MAILBOX:

• Log into the on-premises Exchange server
• Rename the display name back to the original display name

Important: Allow time for all changes to sync to O365.

Post-Migration Activities

92. Verify delegates / aliases have been correctly populated

• Open Microsoft Admin Portal and both Source and Destination
• Compare Users / Shared Mailboxes etc to confirm delegates and aliases have been added correctly.

Migrate Mailboxes – Final Migration

• Log into BitTitan console
• Select the Project Name
• Full Migration
• Select ALL accounts
• Click on the down arrow beside “Start” and select “Full Migration”
• In the “Full Migration” window review the settings
• At “Select what to migrate” confirm ALL options are selected
• At “Migration Scheduling” do nothing
• Click “Start Migration”
• Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

Important: Allow time for the migration to complete.

93. Resolve any BitTitan error messages

Select the accounts that errored
Click on the down arrow beside “Start” and select “Retry Errors”
In the “Retry Errors” window, review the settings
Click “Retry Errors”
Click on the “Refresh list” icon to get a status of the migration or click on the dashboard on the left-hand side menu

94. Execute End User Test Plan

Launch Outlook at Destination and verify the contents of the following:

Email
Contacts
Calendar
Send and Receive emails INTERNALLY and verify emails have been received
Send and Receive emails EXTERNALLY and verify emails have been received
Verify the sender’s email address
Send and Receive emails form a SHARED MAILBOX and confirm emails have been received.
Verify the sender’s email address
Send a test Calendar invite to a colleague and confirm the invite was received

95. Log into Exchange Online PowerShell at Destination

For each mailbox, remove the service account

Remove-MailboxPermission -Identity “User1” -User “BitTitan service account” -AccessRights FullAccess -InheritanceType All

96. Take ownership of Domain and DNS records

[If not already actioned] – If the current owner made the required changes to DNS, take ownership of the domains and DNS records.

Back-out Plan

97. Change default email address back to old email address

• Log into the on-premises Exchange server
• Run Exchange powershell and execute the following cmdlets:

Set-RemoteMailbox “username@domainname.com” -PrimarySmtpAddress “name@domain.com”

98. For each USER:

Log into the on-premises Exchange server
Run Exchange PowerShell and execute the following cmdlets:

Set-RemoteMailbox “username@domainname.com” -EmailAddresses @{remove=”name@domain.com”}

99. For each GROUP:

Log into the on-premises Exchange server
Run Exchange PowerShell and execute the following cmdlets:

Set-DistributionGroup -Identity “groupname” -EmailAddresses @{remove=”name@domain.com”}

100. Verify attributes have been updated:

• Log into the on-premises Exchange server
• Run Exchange powershell and execute the following cmdlets:

Get-RemoteMailbox -Identity | select userprincipalname,alias,primarysmtpaddress,emailaddresses

101. Re-create Contacts at Destination:

Log into EXO Powershell at Destination and run the following cmdlets:

Import-csv “Backup_Destination_Contacts.csv”| ForEach-Object {
$DisplayName = $_.DisplayName
$Email = $_.EmailAddresses
New-MailContact -Name $Displayname -ExternalEmailAddress $Email}

102. Enabling forwarding from Destination to CONTACT

Log into EXO Powershell at Destination
Run the following cmdlets:

Set-Mailbox -Identity “username@domainname.com” -DeliverToMailboxAndForward $true -ForwardingAddress “name@domain.com”

103. Reverse DNS changes

104. Confirm all dependencies have been removed. Replace the domainname with your domain name.

Get-MsolUser -DomainName domainname.com -all

105. Remove the domain from the destination Microsoft 365 tenant

• In the Microsoft 365 admin center, go to Settings > Domains
• Open the domain you wish to remove
• Click Remove
• At “Are you sure you want to remove this domain” click Remove
• Confirm the domain was removed successfully then click Close

Important:

Allow up to 60 minutes before adding the domains into the destination tenant
O365 may still think the domain is still in use

106. Add the domain at Source then request a TXT record to verify we own the domain

• In the Microsoft 365 admin center, go to Settings > Domains
• Choose Add domain
• Enter the name of the domain you want to add, then click Next
• At Verify by, select the “TXT record” tab
• Take a note of the TXT Name, TXT Value and TTL values.
• Click Save and close (do not click Verify)

107. Verify the domain

• In the Microsoft 365 admin center, go to Settings > Domains
• Open the domain previously added.
• Click Start setup
• Click Verify
• At Set up your online services select I will manage my own DNS records then click Next
• At Choose your online services select the required services then click Next
• You will see a page with all the required DNS records
• Update the the DNS records
• Allow time for the DNS changes to propagate globally ~ 20 mins
• Click Verify
• Confirm there are green tick marks beside the MX and TXT records
• If no CNAME, the overall verification process will fail
• Instead click Ignore incorrect DNS
• Click Finish – you’re done.

108. Verify changes

• Go to Microsoft 365 Admin Center and click on Domains from Settings.
• Select the domain you have just added and click on ‘View DNS Settings’

109. Check Domain

To check everything is setup as it should be, wait around an hour for all updates to take effect then launch the central ops website to verify.
Type in the domain name and check all records are set as in ‘View DNS Settings’ above.

110. If applicable, add all Teams licenses from the users in the Source tenant. This will add the SIP attribute to their proxy addresses.

111. Restore original proxy address for all users:

• Open “Backup_Mailboxes.csv” in Excel
• In the EmailAddresses column ensure there is a comma between each email address and not a space eg SMTP:name@domain1.com,smtp:name@domain2.com
• Log into EXO powershell at Source
• Compose and run the cmdlet below for each user:

Set-Mailbox -Identity “alias” -EmailAddresses SMTP:name@domain1.com,smtp:name@domain2.com

• This will replace their proxy addresses and set the default smtp email address.

112. Restore the UPN for all users:

Import-csv “Backup_Mailboxes.csv”| ForEach-Object {
$NewUPN = $_.PrimarySmtpAddress
$alias = $_.Alias
$OldUPN = $alias + “@vivacityhealth.onmicrosoft.com”
Set-MsolUserPrincipalName -UserPrincipalName $OldUPN -NewUserPrincipalName $Newupn
}

113. Verify UPN, Email and Proxy Address have been updated:

Get-Mailbox -Identity | select userprincipalname,alias,primarysmtpaddress,emailaddresses

114. Change all Distribution Groups SMTP address to domainname.onmicrosoft.com domain. Replace the domainname with your domain name.

Get-DistributionGroup -ResultSize Unlimited | select-object PrimarySMTPAddress | export-csv -NoTypeInformation “DL.csv”

Import-csv DL.csv| ForEach-Object {
$ID = $_.PrimarySmtpAddress
$365Email = $ID.Split(“@”)[0] + “@domainname.onmicrosoft.com”
Set-DistributionGroup -Identity $ID -primarysmtpaddress $365Email}

115. Remove all aliases from every distribution group

$groups = Get-DistributionGroup -ResultSize Unlimited | Where {$_.Emailaddresses.count -gt 1}
foreach ($group in $groups) {
foreach ($email in $group.emailaddresses){
if ($email -ne “SMTP:”+$group.PrimarySmtpAddress){
Set-DistributionGroup -Identity $group.name -EmailAddresses @{Remove=$email}
}
}
Write-host $group.primarysmtpaddress “has been processed” $
}

That’s how tenant to tenant migration Office 365 works.