If you would like to read the other parts in this article series please go to:
Exchange Hybrid Configuration Wizard
Creating and configuring a hybrid deployment with the Hybrid Configuration wizard is now a single process in Microsoft Exchange Server 2013. First, the wizard creates the HybridConfiguration object in your on-premises Active Directory. This Active Directory object stores the hybrid configuration information for the hybrid deployment and is updated by the Hybrid Configuration wizard. Next, the wizard gathers existing on-premises Exchange and Active Directory topology configuration data, Office 365 tenant and Exchange Online configuration data, defines several organization parameters and then runs an extensive sequence of configuration tasks in both the on-premises and Exchange Online organizations.
Use the following procedure to create and configure a hybrid deployment:
- In the EAC on an Exchange 2013 server in your on-premises organization, navigate to the hybrid node (Figure 1). Click enable to start the Hybrid Configuration wizard.
- At the prompt to log in to the Office 365 service (Figure 2), select sign in to Office 365 and enter the account credentials (Figure 3).
Figure 1: Exchange hybrid deployment setup
Figure 2: Exchange hybrid deployment setup
Figure 3: Sign in to Office 365
- Click yes to start configuring Exchange hybrid deployment (Figure 4).
Figure 4: Set up Exchange Hybrid
- Click Click to show text that can be copied… to copy to clipboard the domain proof token information for the domains you’ve selected to include in the hybrid deployment (Figure 5). Before continuing in the Hybrid Configuration wizard, you must use this info to create a TXT record for each domain in your public DNS. Click Next after the TXT records have been created and the DNS records have replicated.
- Select which server role you want to configure for bi-directional secure mail transport between the on-premises and Exchange Online organizations and click next (Figure 6):
- Configure my Client Access and Mailbox servers for secure mail transport (typical): Select this option to configure your on-premises Client Access and Mailbox servers for secure mail transport with the Exchange Online Protection (EOP) service included with Office 365 for enterprises.
- Configure my Edge Transport servers for secure mail transport: Select this option to configure your on-premises Edge Transport servers for secure mail transport with the EOP service included with Office 365 for enterprises.
- Enable centralized mail transport: Select this option if you want Exchange Online to send all outbound messages to external recipients to your on-premises transport servers. The on-premises transport servers will be responsible for delivering the messages to external recipients. This approach is helpful in compliance scenarios where all mail to and from the Internet must be processed by on-premises servers.
Figure 5: Set up Exchange Hybrid: domain validation
Figure 6: Set up Exchange Hybrid: on-premises mail transport
- Click browse to display a list of Client Access servers in your on-premises Exchange organization. Select one or more Client Access servers you want to configure a Receive connector for bi-directional secure mail transport between the on-premises Exchange and Exchange Online organizations. Click OK and then click next (Figure 7).
- Click browse to display a list of Mailbox servers in your on-premises Exchange organization. Select one or more Mailbox servers you want to configure a Send connector for bi-directional secure mail transport between the on-premises Exchange and Exchange Online organizations. Click OK and then click next (Figure 8).
Figure 7: Set up Exchange Hybrid: Receive connectors
Figure 8: Set up Exchange Hybrid: Send connectors
- Use the drop-down control to select the digital certificate to use for secure mail transport. This list displays the digital certificates issued by a third-party certificate authority (CA) installed on the Mailbox server(s) selected in the previous step (Figure 9). Click next.
- Enter the externally accessible FQDN for the on-premises Client Access server(s). The EOP service in Office 365 uses this FQDN to configure the service connectors for secure mail transport between your Exchange organizations (Figure 10). Click next.
Figure 9: Set up Exchange Hybrid: Certificate
Figure 10: Set up Exchange Hybrid: FQDN
- Enter your on-premises account credentials (Figure 11) and click next.
- Enter your Office 365 credentials (Figure 12) and click next.
Figure 11: Set up Exchange Hybrid: on-premises credentials
Figure 12: Set up Exchange Hybrid: Office 365 credentials
- Click update to start the configuration process (Figure 13). While the hybrid configuration process is running, the wizard displays the feature and service areas that are being configured for the hybrid deployment as they are updated (Figure 14).
- After the initial hybrid deployment configuration steps are complete, the wizard displays a message to complete the connection with Office 365 and configure Exchange OAuth authentication. Select Configure to connect to Office 365 and start the OAuth configuration wizard (Figure 15).
Figure 13: Set up Exchange Hybrid: update
Figure 14: Set up Exchange Hybrid: working
Figure 15: Set up Exchange Hybrid: Finish
- Select configure to start the OAuth authentication configuration wizard (Figure 16).
- When prompted, select Run to download and run the Microsoft Office 365 Support Assistant application (Figure 17). The wizard displays a completion message and the Done button is displayed (Figure 18). Click Done to complete the hybrid deployment configuration process and to close the wizard.
Figure 16: Set up Exchange Hybrid: OAuth
Figure 17: Set up Exchange Hybrid: OAuth configuration
Figure 18: Set up Exchange Hybrid: Complete
Enable Accounts to use Online Archive
We can finally start provisioning the cloud-based online archive to on-premises users. If the DirSync tool was set up and configured correctly you should now see synced users from the local Active Directory (Figure 19).
Follow these procedures to enable a cloud-based online archive to an existing mailbox:
- In the Office 365 admin center, navigate to USERS > Active Users (Figure 19). Select the desired user and in the actions pane click Edit under Assigned license.
- Set the user location from the dropdown box (Figure 20), select one eligible license for online archiving and then click SAVE.
Figure 19: Manage users in the Office 365 admin center
Figure 20: Manage users in the Office 365 admin center
- In the EAC console tree, navigate to Recipient Configuration > Mailbox. In the result pane, select the mailbox for which you want to enable a personal or cloud-based archive. In the action pane, click Enable under In-Place Archive.
- In the create in-place archive window (Figure 21), select Cloud-based archive and click ok. To check if this has worked, open the Exchange Management Shell and run the following cmdlet:Get-Mailbox JAmesB | fl *arch*
Notice the HostedPending state (Figure 22). It may take up to two hours for the cloud-based archive to be created and the status updated in your on-premises organization. After that time, the ArchiveState will change to HostedProvisioned (Figure 23).
Figure 21: Create cloud-based archive
Figure 22: Archive HostedPending
Figure 23: Archive HostedProvisioned
Opening Outlook for the user we have just configured will reveal the Online Archive additional mailbox (Figure 24).
Figure 24: Using the Online Archive with Outlook 2013
As we finish the provisioning process of an Online Archive for an on-premises user, we might conclude that it’s a little bit more complex than enabling on-premises In-Place Archiving. Nevertheless, although that’s true for the service configuration process, let’s not forget that on-premises requires hardware (disk storage, rack space, power, cabling) and cloud doesn’t. So, in the end, I’m convinced that the cloud-based archive is indeed simpler and quicker to implement.
In the last part of this series we’ll cover how In-Place Hold and eDiscovery work with both types of archives: on-premises and cloud-based.
If you would like to read the other parts in this article series please go to: