Zimbra to On-Premises Exchange (versions 2013+) Migration Guide

Introduction

This is the complete onboarding task flow for migrating mailboxes from Zimbra (version 6 and later) to On-Premises Microsoft Exchange versions 2013, 2016, or 2019. 

MigrationWiz no longer supports TLS 1.0.  TLS 1.2 is now required. Verify TLS version and update, if necessary, before starting the migration.

There are some tools and resources that will make the migration easier. We suggest reading through the following information and linked guides before beginning your migration. 

Exchange questions and troubleshooting

Our Exchange Mailbox FAQExchange Migration Setup and Planning, and Exchange Mailbox Migration Troubleshooting guides contain a number of common questions and concerns, along with more information, guidance, and steps to resolve issues such as throttling.

First migration?

We’ve created a guide on scoping, planning, and managing the migration process for your use. If this is your first migration, we recommend reading this guide carefully.

MigrationWiz

MigrationWiz is a migration tool, not a syncing tool. If changes are made at the source after migration, they will not sync to the destination, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and we cannot handle scenarios such as conflict resolution without user interaction.

MigrationWiz supports the capability to share migration projects across a Workgroup. When the Project Sharing feature is turned on, all Agents besides those who are Inactive can view all migrations projects. 

We are not able to support migrations with two-factor or multifactor authentication. 

 

Zimbra 6+

What items are and are not migrated?

Migrated

  • Inbox
  • Folders
  • Email
  • Contacts
  • Calendars
  • Tasks

Not Migrated

  • Zimbra Tags

Prepare the Source Environment

Users will need to enter usernames on the Zimbra side, even when using an admin account.

Export Users

Export the list of users to a CSV file. This will be used when adding users to your MigrationWiz mailbox project later in the migration.

  1. Open Zimbra Admin.
  2. Select Account.
  3. In the Search box, type the domain name to be exported.
  4. On the Toolbar Zimbra Admin, select the Download button.
  5. Save the CSV file generated.

Split Large Folders

Direct users to split up folders that have a very large number of items. Zimbra will exhibit poor migration performance for folders with a large number of items.

Calendar folders can be slower to migrate when the data is complex. For example, recurring calendar meetings result in a much higher number of calendar events.

Prepare Admin Credentials

Ensure that you have admin credentials available for use during the migration. If electing to assign the admin role through the Zimbra administrator portal instead of the below commands, the user needs to be granted Global Administrator. Assigning just Administrator will not work.


Options:

    • Use existing credentials.
    • Create a new admin account for migration. This will create an additional admin account with the password of 'test123':
      zmprov ca testadmin@domain.com test123 zimbraIsAdminAccount TRUE
    • Transform a normal existing user account into an admin account (in this example future-admin will become an admin):
      zmprov ma future-admin@domain.com zimbraIsAdminAccount TRUE

Test mailbox access

Make sure the necessary ports to connect to the Zimbra server are open. Access to SOAP web services is needed for migration. This is via both regular and admin user mode. Ports 80, 443, and 7071 are the common ports. 

There are two modes to connect to a Zimbra server, Regular mode and Admin User mode.

  1. In regular user mode, we need access to SOAP web services, which are typically the following:
    1. ​ on port 80 if it is an HTTP connection;
    2. on port 443 if an HTTPS connection.
  2. In admin user mode, we also need access to SOAP web services, typically:
    1. ​On port 80 and 7071 if the Zimbra URL is HTTP;​
    2. On port 443 and 7071 if the Zimbra URL is HTTPS.

You need to connect using both ports; some operations will go over the admin port, while others will go over the regular port.

Prepare the Destination Environment

Set up user accounts, then perform the following actions.

Set up admin account

To create an administrator account (e.g., MigrationWiz), perform the follow steps when logged into the Exchange Server.

  1. Open the Exchange Management Console.
  2. Expand the Recipient Configuration node.
  3. Right-click on the Mailbox node.
  4. Click on New Mailbox.
  5. Click on Next.
  6. Click on Next.
  7. Enter "MigrationWiz" as the first name.
  8. Enter "MigrationWiz" as the user logon name, and optionally select a user principal name (UPN) domain.
  9. Enter a password and confirm the password.
  10. Click on Next.
  11. Click on Browse to select a Mailbox database.
  12. Click on Next.
  13. Click on New.
  14. Click on Finish.

To grant the account access, perform the following from the Exchange Server machine:

  1. Open the Exchange Management Shell.
  2. Enter the following command:

Get-Mailbox -ResultSize Unlimited | Add-MailboxPermission -AccessRights FullAccess -Automapping $false -User MigrationWiz Notes:

  • In the PowerShell script above, change the -User account to match the name of the admin account that was set up for migration.
  • Any user account that is a part of the domain administrator, schema administrator, or enterprise administrator groups will not have any administrative rights to mailboxes, no matter how many permissions are granted. A security default of Exchange Server is to explicitly deny any user that is a member of these groups. This is why we recommend creating a new user account specific for migration.

Disable Throttling 

To disable all throttling parameters for an admin account called "MigrationWiz":

  1. Open the Exchange Management Shell.
  2. Type the following command and press Enter.

    New-ThrottlingPolicy MigrationWizPolicy

  3. Type the following command and press Enter.

    Set-ThrottlingPolicy MigrationWizPolicy -RCAMaxConcurrency Unlimited -EWSMaxConcurrency Unlimited -EWSMaxSubscriptions Unlimited -CPAMaxConcurrency Unlimited -EwsCutoffBalance Unlimited -EwsMaxBurst Unlimited -EwsRechargeRate Unlimited

  4. Type the following command and press Enter.

    Set-Mailbox "MigrationWiz" -ThrottlingPolicy MigrationWizPolicy

Test mailbox access

  1. Browse to https://testconnectivity.microsoft.com. This is a Microsoft-owned tool.
  2. If using Office 365, click on the Office 365
  3. Select Service Account Access (Developers)and click on Next.
  4. Specify the target mailbox email address.
  5. Specify the service account user name (if using admin credentials on the connector, enter the exact same user name).
  6. Specify the service account password (if using admin credentials on the connector, enter the exact same password).
  7. Check Specify Exchange Web Services URL and specify the URL (example: https://server/EWS/Exchange.asmx).
  8. If using Exchange Server, do not check Use Exchange Impersonation. If you are using Office 365, and using impersonation, do check the box.
  9. Check Ignore Trust for SSL.
  10. Click on Perform Test.
  11. Once results are displayed, check the overall result, and also click on Expand All.

It may be necessary to first grant permissions.

Prepare Tenant to Receive Large Items

Increase Message Size Limits

This is a two-step process. The reason for this is that if the message size limits of Exchange are increased, the IIS limits will also have to be increased to allow increased payloads. There are other non-standard settings that can also cause size restrictions for the IIS or EWS connections, but we are unable to troubleshoot or identify specific environment restrictions outside of these settings.

To display current message size limits:

  1. Open the Exchange Management Shell.
  2. Enter the following commands:

Get-TransportConfig | Format-List -Property MaxReceiveSize, MaxSendSize
Get-SendConnector | Format-List -Property Identity, MaxMessageSize
Get-ReceiveConnector | Format-List -Property Identity, MaxMessageSize
Get-MailBox | Format-List -Property PrimarySmtpAddress, MaxSendSize, MaxReceiveSize

To increase message size limits on the Exchange Server:

  1. Open the Exchange Management Shell.
  2. Enter the following commands:

Set-TransportConfig -MaxReceiveSize 150MB -MaxSendSize 150MB
Get-SendConnector | Set-SendConnector -MaxMessageSize 150MB
Get-ReceiveConnector | Set-ReceiveConnector -MaxMessageSize 150MB
Get-Mailbox | Set-Mailbox -MaxSendSize 150MB -MaxReceiveSize 150MB

 

Increase IIS Limits to Allow Accepting Payloads

There are three limits that should be increased in IIS:

  • maxRequestLength
  • maxAllowedContentLength
  • maxReceivedMessageSize

Follow these steps to increase the Exchange message size limits on your client access server:

  1. Open Windows Explorer.
  2. Navigate to %ExchangeInstallPath%FrontEnd\HttpProxy\ews\
  3. Open the file Web.Config in a text editor, such as Notepad.
  4. Find the XML tag starting with for each change.
  5. Change the existing value to maxRequestLength="200000" -- this occurs in one place in the Web.Config file.
  6. Change the existing values to maxAllowedContentLength="200000000" -- this occurs one place in the Web.Config file.
  7. Change the existing values to maxReceivedMessageSize="200000000" -- this entry occurs up to 12 times. This needs to be changed for each Authentication method.
    For example:
    <httpsTransport maxReceivedMessageSize="200000000" authenticationScheme="Anonymous" maxBufferSize="81920" transferMode="Streamed" />
    <httpsTransport maxReceivedMessageSize="200000000" authenticationScheme="Basic" maxBufferSize="81920" transferMode="Streamed" />
    etc.
  8. If you are running IIS7 and Windows 2008, it may be necessary to increase WCF settings.
  9. Save the file.
  10. IIS Reset is not needed, web.config changes are picked up by the next connection.

Follow these steps to increase the Exchange message size limits on your mailbox server:

  1. Open Windows Explorer.
  2. Navigate to %ExchangeInstallPath%ClientAccess\exchweb\ews\
  3. Open the file Web.Config in a text editor, such as Notepad.
  4. Find the XML tag starting with for each change.
  5. Change the existing value to maxRequestLength="200000" -- this occurs in one place in the Web.Config file.
  6. Change the existing values to maxAllowedContentLength="200000000" -- this occurs one place in the Web.Config file.
  7. Change the existing values to maxReceivedMessageSize="200000000" -- this entry occurs up to 12 times. This needs to be changed for each Authentication method.
  8. If you are running IIS7 and Windows 2008, it may be necessary to increase WCF settings.
  9. Save the file.
  10. IIS Reset is not needed, web.config changes are picked up by the next connection.
Increase Maximum Accepted Content Length

You may increase the maximum accepted content length by following these directions:

  1. Open Windows Explorer.
  2. Navigate to C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\ews
  3. Open the file Web.Config in a text editor such as Notepad.
  4. Go to the end of the file.
  5. Insert or edit the following XML code before the </configuration> tag:

    <system.webServer>
    <security>
    <requestFiltering>
    <requestLimits maxAllowedContentLength="104857600" />
    </requestFiltering>
    </security>
    </system.webServer>

If XML code is already present in the Web.Config file, edit it to match what is shown above.

Sample Web.Config before changes:

<configuration>
<system.web>
...
...
</system.web>
</configuration>

Sample Web.Config after changes:

<configuration>
<system.web>
...
...
</system.web>
<system.webServer>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="104857600" />
</requestFiltering>
</security>
</system.webServer>
</configuration>

 

Increase Maximum Received Message Size

If you are running IIS7 and Windows 2008, you may need to increase WCF settings:

  1. Open Windows Explorer.
  2. Navigate to C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\ews
  3. Open the file Web.Config in a text editor like Notepad.
  4. Find all XML tags starting with maxReceivedMessageSize=
  5. Change existing values to maxReceivedMessageSize="104857600"
  6. Save the file.
  7. Open a Command Prompt (cmd.exe).
  8. Type: cd %windir%\system32\inetsrv
  9. Type: appcmd.exe set config "Default Web Site/ews" -section:requestFiltering -requestLimits.maxAllowedContentLength:104857600
  10. Run: iisreset

MSPComplete Steps

Create the customer

Each customer you add will be displayed in your customer list unless you archive it. There are two ways to add customers.

From the All Customer Page

  1. Click the Add button in the top navigation bar
  2. Click the Add Customer button on the All Customers page
  3. In the left navigation pane, select the appropriate workgroup and then click All Customers.
  4. Click Add Customer.
  5. Enter the new customer’s information in the Add Customer form. Primary Email Domain and Company Name are required. The rest are optional.
  6. Click Save.
  7. Repeat steps 1 through 4 for each customer you want to add. 

Add Button

Add customers from the Add button in the top navigation bar

  1. In the left navigation pane, select the appropriate workgroup.
  2. Click Add in the top navigation bar, and then click Add in the drop-down list.
  3. Enter the new customer’s information in the Add Customer form.
  4. Click Save.

    Tip: When you click a customer in the list in the main pane, the name appears under Recent Customers in the left navigation pane.

Licensing

Purchase licenses. We recommend that you use the User Migration Bundle license for this migration scenario. 

  • These licenses enable multiple migrations of user mailboxes, documents, and in-place archives. It also allows the use of DeploymentPro to perform post-migration Outlook email profile configuration.
  • User Migration Bundle Licenses have unlimited data available per license.
  • User Migration Bundle Licenses are applied to the customer's users and expire 12 months after their purchase date. 
  • Document, Personal Archive, and DeploymentPro projects are all included when using User Migration Bundle Licenses.
  • This license type must be applied manually.

Apply licenses

  1. Sign in to MSPComplete at https://manage.bittitan.com.
    • When you sign in, make sure to select the MSPComplete button above the email field.
  2. Select the correct workgroup on the top of the left navigation pane. This is the workgroup that the customer and migration project were created under. Your account must be part of the workgroup if the project was not created under your account.
  3. On the left navigation pane, click Customers.
  4. Click the customer that employs the user to whom you want to apply a User Migration Bundle license.
  5. Click the Users tab at the top of the page.
  6. Check the box to the left of the email for the user(s) to whom you want to apply a license.
  7. Click the Apply User Migration Bundle License button at the top of the page. It is recommended that users be added to the Customer page with the vanity domain. Then have the User Migration Bundle Licenses applied, before editing to show the .onmicrosoft domain, if the .onmicrosoft domain will be used for the migration.
  8. If there is at least one unassigned User Migration Bundle license available for each selected user, click Confirm.
    Important: If there are no User Migration Bundle licenses currently available to be assigned and your role in the workgroup is Manager or higher, the form that appears provides all the necessary information and will walk you through the steps of purchasing User Migration Bundle licenses.

MigrationWiz Steps

Create a Mailbox Migration project

  1. Click the Go to My Projects button.
  2. Click the Create Project button.
  3. Click on the type of project that you wish to create. For this migration:
    • Mailbox: Mailbox projects are used to migrate the contents of the primary user mailbox from the previous environment to the new environment. Most mailbox migrations can migrate email, calendars, and contacts.

For mailbox migrations, use administrative credentials to access mailboxes​. In most migration scenarios, the admin account needs to have full access rights to the Source mailboxes. 

    1. Click Next Step.
    2. Enter a Project name and select a Customer.
    3. Click Next Step.

Endpoints

Endpoints are now created through MigrationWiz, rather than through MSPComplete. The steps for this section outline how to create the endpoints in MigrationWiz.

If you are selecting an existing endpoint, keep in mind that only ten endpoints will show in the drop-down. If you have more than ten, you may need to search. Endpoint search is case and character specific. For example, Cust0mer will not show up if the search is customer. We recommend keeping a list of endpoints you have created, along with any unique spellings or capitalization you may have used.

You may either use existing endpoints, or create new ones. 

To create a new source endpoint:

  1. Click Endpoints
  2. Click Add Endpoint
  3. Select Zimbra 6.5+
  4. Enter Zimbra server URL

  5. Click the Provide Credentials radio button, and enter the admin account credentials. These are either your existing admin credentials or the credentials for the account that was created under the "Prepare the Source Environment" section of this guide.

  6. Click Add
  7. Click Next Step

To create a new destination endpoint:

  1. Click Endpoints
  2. Click Add Endpoint
  3. Click + Find My Service Provider button
  4. Click the down arrow in the Service Provider field, and select the Hosted Exchange Provider (taking care to select the correct version of Exchange that the customer is running). This will auto-populate the Outlook Web Access URL with their verified URL.
  5. Or, instead of clicking on the + Find My Service Provider button, click the Exchange Server 2003+ button and manually enter the Outlook Web Access URL.
  6. It is necessary to add all domains that will be part of the migration on either the Source or the Destination. This means that, if there are users in one project with domain names Sourcedomain.com and Destinationdomain.com, it is important to ensure that both of these are added under “Your Domains” when creating the endpoints. When adding a domain, you need to click the "+" button.
  7. Click the Provide Credentials radio button and enter the admin account credentials. These are the credentials that you obtained from your Hosted Exchange Provider when following the steps under the "Prepare the Source Environment" section of this guide.
  8. Click Add
  9. Click Next Step

Add Users

Add the user accounts that will be migrated to the project. MigrationWiz allows you to bulk import mailboxes into the system. Note: The Username of the source mailbox needs to be for the user mailbox being migrated and not the Zimbra administrator account.

Use the Bulk Add option, and import from the CSV file that you prepared under the Prepare the Source section of this guide. 

  • If the list of mailboxes and passwords from the Hosted Exchange provider is not available, request that the users send these to MigrationWiz as part of the migration process.

To import one or more mailboxes:

  1. Sign in to your MigrationWiz account.
  2. Select the Project for which you want to perform the bulk import.
  3. Click on Add .
  4. Click on Bulk Add .
  5. Follow the instructions on the page.

Add Advanced Options

Under Support/Support options:

  • Set Maximum concurrent migrations. We recommend setting this to a very low value, such as 5, to ensure that server utilization does not go above 80%. If the Source Zimbra server is running low on resources, it can result in email being migrated as blank. If the Source server has enough server resources, set this parameter based on the bandwidth guideline of three (3) mailboxes per 1Mbps of bandwidth. Therefore, for example, if there is a 10Mbps connection, we recommend setting the maximum concurrent migrations parameter to be 30. If the Source server has very few available server resources (e.g., it is running low on memory or it has very high CPU utilization), we recommend setting this value to a lower number to avoid overwhelming the Source server with requests.
  • Add: ZimbraCalendarExpandInstances=1 This is to help prevent a known bug in Zimbra that can cause incomplete calendar data.

Run Verify Credentials

  1. ​Sign in to your MigrationWiz account​.
  2. Open the Project containing items you wish to validate​.
  3. Select the items you wish to validate.
  4. Click on the Start button in your dashboard.
  5. Select Verify Credentials from the drop-down list.

Once complete, the results of the verification will be shown in the Status section.​ 

Notify Users

Notify users that a migration is occurring. Send email to all users telling them the time and date of the migration.

Run Migration

Pre-Stage pass

  1. Select the users you wish to migrate
  2. Click the Start button from the top
  3. Select Pre-Stage Migration
  4. Under the Migration Scheduling section, from the drop-down list, select 90 days ago
  5. Click Start Migration.

MX Record Cutover

  • Change over MX records on the DNS provider's portal.
  • Also, include the AutoDiscover (CName) setting.
  • Set up Zimbra mail forwarding.

 

Full (Delta) pass

  1. Select the users
  2. Click the Start button from the top
  3. Select Full Migration
  4. Click Start Migration

Run Retry Errors

Look through the user list and click any red "failed migration" errors. Review the information and act accordingly.

If problems persist, contact Support.

 

Request Statistics

Click the pie chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics.

Was this article helpful?
1 out of 1 found this helpful