Exchange at Ignite 2020 : Cross-Tenant Mailbox Migrations

There are many occasions with mergers of companies and organisations, where each establishment already has their own Microsoft 365 Tenant.  The requirement then is to move mailboxes to a different tenant to reach the final result of a single tenant for the merged organisation.

I’ve had personal experience of having to do this, with off-boarding three organisations back to Exchange on-prem, breaking hybrid connectivity, re-establishing hybrid connectivity to the destination tenant and then on-boarding the mailbox to the merged target tenant. 

This is a somewhat complex task, and isn’t looked upon favourably, when we have to re-introduce Exchange on-prem servers back into an organisation who have spent a lot of time and money in moving to Exchange Online already.

Good news….Cross-tenant mailbox migration is currently in preview.

The Source and Target tenants need to be prepared for these moves to take place.  Most of the preparation tasks have scripts provided by Microsoft.

Target Preparation

  • Create or use an existing Azure Resource Group
  • Create or use an existing Key Vault
  • Create a new Access Policy for the Office 365 Exchange Online Mailbox Migration app
  • Create or use an existing certificate to hold the secret to the Migration app
  • Create a new Azure AD App
  • Upload the Secret to the Migration app
  • Mailbox Migration permissions assigned to the Migration app
  • The Target Tenant admin needs to consent to the permissions given to the Migration app
  • An org relationship is created to the target tenant
  • A Migration endpoint is created to allow mailboxes to be transferred to the Tenant.

Source Preparation

  • The Source Tenant admin accepts consent to the Mailbox Migration App invitation sent by the target Tenant Admin
  • The Source Tenant admin creates a Mail Enabled Security group containing the mailboxes allowed to be moved by the migration app
  • An org relationship is created to the target tenant.

Moving The Mailboxes

This is performed using a migration batch created in the target tenant, in the same was as onboarding from Exchange on-prem to Exchange Online.

Final Thoughts

With the ever increasing number of mergers and acquisitions, this process will make Exchange Admins tasks of moving the mailboxes to different tenants much easier.

About the author