G Suite to Hosted Exchange Migration Guide

This is the complete onboarding task flow for migrating folders and documents from G Suite to Hosted Exchange.

This migration guide contains the necessary steps to perform the actual migration, but there are many steps to preparing for migration. If this is your first time performing a migration, we have created a Migration Planning & Strategy Guide to walk you through planning, set-up, and general migration best practices. If you have never performed a migration before, we suggest reading that before beginning the steps outlined in this scenario.

Some item types are not migrated. Click the bar below to expand the full list of what item types are and are not migrated. We are constantly working to create a better migration experience for you, so these items may change.

MigrationWiz is a migration tool, not a syncing tool. If changes are made at the source after migration, they will not sync to the destination, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and we cannot handle scenarios such as conflict resolution without user interaction.

OAuth administrative credentials will not function properly with G Suite for Business Legacy free accounts, G Suite Legacy free accounts, or Google Apps Legacy free accounts. Unfortunately, migration of Google Legacy free accounts is not supported. Migrating from a G Suite/Gmail endpoint requires an administrator email address which matches the end user domain.

Items and folders in "Shared with Me" will not be migrated. Only items in "My Drive" will be migrated. To migrate "Shared with Me" items, they must be added to "My Drive".

We are not able to support migrations with two-factor or multifactor authentication. 

Migrated Items

G Suite

Migrated - IMAP or G Suite (Gmail API) endpoints

  • Inbox
  • Folders/Labels
  • Email
  • Muted Email (as regular email)
  • Contacts
  • Calendars (including links for Google Hangouts within calendar meetings)
  • Calendar Notifications 

Links for Google Hangouts are a new default feature added to Google Meeting. Microsoft Office 365 doesn't have the corresponding property to map. Therefore, when migrating to Office 365, the links for Google Hangouts are added to the beginning of the meeting description body text on Office 365.

Not Migrated in Any Instance

  • Calendar Reminders
  • Appointments
  • Chat message attachments

Not Migrated As Source

  • Calendar Attachments
  • Calendar Reminders
  • Tasks
  • Chats and chat history
  • Google Groups for Business (including forums and collaborative inboxes)
  • Google Categories (i.e., the Google category flags: Social, Promotions, Updates, Forums)
  • Email attachments that are links to Google Drive
  • Some calendar colors

All color category meta tags are transferred over, but Office 365 does not have direct color mappings from Google G Suite, and so certain colors do not get mapped over, thus the colors are not displayed in Office 365 for the calendar entries.

Not Migrated As Destination

  • Calendar Attachments
  • Exceptions of recurring appointments
  • Google Groups for Business (including forums and collaborative inboxes)

Exchange

Not Migrated in Any Instance

  • Inactive mailboxes

Exchange Server 2003 (Source Only)

Migrated

  • Inbox
  • Folders
  • Email
  • Contacts
  • Calendars
  • Tasks
  • Journals
  • Notes
  • Post (when the destination is Exchange or Office 365)

Exchange Server 2007+

Migrated

  • Inbox
  • Folders
  • Email
  • Contacts
  • Calendars
  • Tasks
  • Journals
  • Notes
  • BCC Recipients
  • Post (when the destination is Exchange or Office 365)

Exchange Server 2010 SP1+

Migrated

  • Inbox
  • Folders
  • Email
  • Contacts
  • Calendars
  • Tasks
  • Journals
  • Notes
  • Post (when the destination is Exchange or Office 365)
  • Server-Side Rules
  • Folder Permissions

Not Migrated in any Exchange Instance

  • Email templates
  • Email flags (if the destination is G Suite)
  • Safe Sender/Block Lists
  • Mail Settings
  • Standalone documents stored in Public Folders (Example: IPM.Document item types)
  • System Public Folders
  • Sticky Note folders

Not migrated in Exchange 2003: Public Folders, BCC recipients on email items or optional attendees of calendar entries (Microsoft Exchange Web DAV API does not return this information for items)

Not Migrated in Exchange 2007: Public Folder Permissions

Step 1: Source & Destination Preparation

Prepare the Source Environment

  1. Grant MigrationWiz OAuth 2.0 access to G Suite. 
    Enable access to G Suite using OAuth 2.0

    BitTitan products use OAuth 2.0 to authenticate to G Suite and utilize the G Suite (IMAP) endpoint in MigrationWiz. This is applicable to both mailbox and document migration projects. In order to obtain access to your G Suite data, it is necessary to add specifically allowed API scopes to the MigrationWiz project.

    • These steps must be followed whenever there is a migration project either to or from G Suite that will utilize the G Suite (IMAP) endpoint. 
    • Enabling access is required for both G Suite mailbox and Google Drive document migration projects.
    • Mailbox migration projects require that a G Suite administrator grant access to the BitTitan client ID and scopes listed in this article.
    • Document migration projects require that a G Suite Super administrator grant access to the BitTitan client ID and scopes listed in this article and enable the API access. The steps to do this are included at the bottom of this article.

    Steps in the G Suite Admin Console

    Complete these steps to grant BitTitan client ID access to the appropriate scopes:

    1. Go to https://admin.google.com and authenticate as a Super Administrator.
    2. Click Security. If you do not see the security icon on your admin console home page, you do not have the necessary rights on your account to make these changes. Request Super Administrator access from the customer to implement these changes.
    3. Click Advanced settings. Google limits accessing and changing this setting to only G Suite Super Administrator accounts.
    4. You will now have one of two options, depending on whether your tenant has been updated to the new Google API or not. 
    5. Old Google Tenant:

      • Go to the G Suite admin page at google.com
      • Click on Security
      • Click on Advanced Settings
      • Click Manage API Client Access.

      Or If your account shows the latest UI updates from Google, as shown below:New_Google_Admin_APP_Access_Control.JPG

      • Go to the G Suite admin page at google.com
      • Click on Security
      • Click Advanced Settings
      • Under ‘Domain-wide delegation’, click Manage domain-wide delegation
      • On the Manage domain-wide delegation page, click Add new
      •  
    6. Click MANAGE DOMAIN WIDE DELEGATION.
    7. Click Add New.
    8. Enter 113321175602709078332 into the Client ID field. 
    9. Enter one of the following groups of scopes into the OAuth Scopes (comma-delimited) field, depending on whether G Suite is the Source or Destination.

      • G Suite as the Source (read-only scopes):
        https://mail.google.com/, https://www.google.com/m8/feeds, https://www.googleapis.com/auth/contacts.readonly, https://www.googleapis.com/auth/calendar.readonly, https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/drive, https://sites.google.com/feeds/, https://www.googleapis.com/auth/gmail.settings.sharing, https://www.googleapis.com/auth/gmail.settings.basic
      • G Suite as the Destination (full scopes):
        https://mail.google.com/, https://www.google.com/m8/feeds, https://www.googleapis.com/auth/contacts.readonly, https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/admin.directory.group, https://www.googleapis.com/auth/admin.directory.user, https://www.googleapis.com/auth/drive, https://sites.google.com/feeds/, https://www.googleapis.com/auth/gmail.settings.sharing, https://www.googleapis.com/auth/gmail.settings.basic
    10. Click Authorize. The client name is 113321175602709078332 (make sure there are no leading or trailing spaces, as this may cause the error "URL ends with an invalid top-level domain name."). This will grant BitTitan products access to the appropriate scopes.

     

    • If you are migrating from multiple domains, repeat these steps for each domain.
    • OAuth administrative credentials will not function properly with G Suite for Business Legacy free accounts, G Suite Legacy free accounts, or Google Apps Legacy free accounts. Unfortunately, migrating any Google Legacy free accounts is not supported.

  2. Ensure IMAP access is enabled for all users. For details on how to check this, refer to the Google support article here.
    How do I ensure G Suite folders containing more than 1000 messages will be migrated?

    IMAP access for desktop clients such as Thunderbird or Outlook Express

    You can either enable or disable POP and IMAP for your users via the simple process below. POP access is automatically enabled for your users. However, note that this action will apply to all users in your domain. If IMAP is disabled, users can no longer access their POP/IMAP settings in the Gmail interface, nor will they be able to access their mail via POP/IMAP (such as through Google Desktop), even if previously enabled.

    1. Sign in to the Google Admin console.
    2. From the dashboard, go to Apps > G Suite > Gmail > Advanced settings.
    3. In the Organizations section, select the organizational unit for which you want to configure settings.
    4. Under POP and IMAP Access, select or clear the checkbox for Disable POP and IMAP access for all users in the domain.

    It may take 15-30 minutes for IMAP and POP changes to take effect. As long as the box is cleared, users can configure POP and IMAP access for a host of clients.

    Removing folder size limits on IMAP folders

    G Suite has a setting that can limit the number of messages in an IMAP folder. If this is configured, this will restrict MigrationWiz so that it can only retrieve and migrate that number of messages from each folder.

    Follow these steps to see if this has been set by a user, and how to change it so that there is no limit set:

    1. Log in to the account.
    2. Click on the gear icon in the upper right-hand side of the window, and choose Settings.
    3. Click on the Forwarding and POP/IMAP tab.
    4. Under the IMAP Access heading, look for Folder Size Limits.
    5. Ensure that Do not limit the number of messages in an IMAP folder (default) is selected.

     To further clarify the implications of this setting: If the limit has been set (e.g., to 1,000 as per the default suggestion), then if folders contain more than 1000 items, they will be truncated at 1000 items. This means that MigrationWiz will only be able to migrate 1000 emails from each folder.

    Showing All Mail label and other labels in Gmail:

    1. Sign into your Gmail account.
    2. Click on the gear icon at the top right of the Gmail window.
    3. Click on Settings.
    4. Go to the Labels tab.
    5. Checkmark Show in IMAP for All Mail, and for any other label you want to include in an IMAP client, or migrate.Ensure the folder size limits on IMAP folders have been removed for all users. For each user, click the gear icon > Settings > Forwarding and POP/IMAP tab > Folder Size Limits > Select the radio button for Do not limit the number of messages in an IMAP folder (default). This is an end user setting, which can only be set on a per-user basis. Therefore, we recommend that you send instructions to your end users to check this setting. 
  3. Export mailboxes to CSV file(s). From Google Admin portal > Click Users > Click ⁝ (3 vertical dots) > Download Users > Download All Users > Click OK > Save.

Prepare the Destination Environment

  1. Set up user accounts.
  2. Ask the Hosted Exchange provider to create an account for migration that has full access permissions to all mailboxes.
    • If you do not provide an admin account when setting up your Destination endpoint, it will be necessary to provide SMTP email addresses, login names, and passwords when adding Destination users to your MigrationWiz project. If you do provide an admin account, you only need to provide the SMTP email addresses.
    • Below is an example PowerShell script which grants full access rights to an account called MigrationWiz. Your Hosted Exchange provider needs to change the user to match your admin account before running the script.
      Get-Mailbox -ResultSize Unlimited | Add-MailboxPermission -AccessRights FullAccess -User MigrationWiz

Step 2: Set up MigrationWiz 

The following steps will guide you through setting up your migration project in MigrationWiz. For all endpoints in this process, select or create the G Suite (Own Service Account) endpoint.

Create New Project

To create a new migration project:

    1. Click the Go To My Projects button.
    2. Click the Create Project button.
    3. Under Project Type, select Document Project. Document projects are used to migrate document drives from one cloud storage to another. Document migrations will maintain the folder hierarchy from the source to the destination.
    4. Enter a Project name and select a Customer. If you have not already added the customer into MSPComplete, you will need to click New to create the Customer.
    5. Click Next Step.
    6. Select the source endpoint from the Endpoint dropdown list, or create a new source G suite (Own Service Account) endpoint. If you are migrating from a Hosted Exchange provider, click the I know my service provider button. Select your service provider from the drop-down list. If it is not listed, select Exchange 2003+ as your Source and enter your OWA URL.
    7. Click Next Step.
    8. Select the destination Hosted Exchange endpoint from the Endpoint dropdown list, or create a new Hosted Exchange endpoint.
    9. Click Save and Go to Summary.
    10. On the Authorization page, click the Request Access Token button to open the Hosted Exchange authorization page.
    11. Enter the email address and password for the Hosted Exchange admin account and click the Sign In button. This generates the access token required by MigrationWiz for the MigrationWiz project and redirects back to the Authorization page of the MigrationWiz project.
    12. Click the Save Project button.
Manually set forwards during a migration, on a per-user basis and from the individual users' portal.

 

To deploy a manual forward rule to a Gmail/Google account:

  1. ​Sign in to your Gmail/Google account.​​​​
  2. ​Click Settings.
  3. Locate the Forwarding and POP/IMAP tab.
  4. Click Add a forwarding address.
  5. Enter the email address to forward to.
  6. A confirmation email will be sent to the forward mailbox.
  7. Validate the confirmation by logging in to the forward mailbox.
  8. Go back to your account.
  9. Select the forward mode.

We recommend not saving a copy locally, because when you migrate the mailbox to the Destination, you will end up with duplicates.

screenshot 

screenshot 

screenshot 

Add Items

Add the accounts (also referred to as "items") that will be migrated to the project. There are several ways to do this. 

Quick Add
This option allows you to add items one at a time. You have to enter an email address, login name, and password for each user if you didn't enter administrative credentials when setting up the project. You only have to provide an email address if you entered administrative credentials when setting up the project.
Bulk Add

MigrationWiz allows you to bulk import mailboxes into the system.

To import one or more mailboxes:

  1. Sign in to your MigrationWiz account.
  2. Select the Project for which you want to perform the bulk import.
  3. Click Add.
  4. Click on Bulk Add.
  5. Follow the instructions on the page.
Autodiscover

The Autodiscover process within MigrationWiz can be used to discover items from the Source environment, so that they can be imported into your projects.

There are few requirements in order for this to work:

  • The Source has to be Exchange 2007 or later, or Office 365, or G Suite. If you are using Autodiscover from G Suite, all G Suite domains must be added to the list of domains in the Endpoint.
  • The endpoint on the Source needs to use admin credentials.
  • For mailbox migration projects, the admin account that is specified within the Source endpoint needs to have a mailbox associated with it.
  • The admin mailbox must be listed in the public Global Address List (GAL).
  • The migration project type needs to be a Mailbox migration. For the exact steps to be followed during your migration, refer to the relevant Migration Guide. All Migration Guides can be found on the Help Center site.

One additional item to note here is that there is not a way to restrict the IP addresses that the connection will come from.  This means that the steps outlined in our IP Lockdown guide will not apply here.  If your environment requires that any IP addresses be whitelisted, it is recommended that items be added to your project using on of the other available options.

Autodiscover of items will not work while using Modern Authentication

Autodiscovery exposes the following items:

  • For mailbox migration, autodiscovery will list all mailboxes at the Source.

Steps to Run Autodiscover

  1. Navigate to the project you want to import users into.

  2. Ensure that you have created an endpoint for the source project.

  3. Once in the project, on the top navigation bar, click on the Add drop-down, then select Autodiscover Items. This will begin the Autodiscover process.

  4. Once discovered, click on the Import button, to import the items into your MigrationWiz project.

Set Advanced Options

Set the Project Advanced Options. These are customization options which help MigrationWiz perform within specific environments. 

Under Support/Support Options add:

  • InitializationTimeout=8 - This increases the initialization timeout window to eight hours. 
  • RemoveExistingPermissionsWhenUnspecified=1 There are no spaces on either side of the "=" sign, and the entries are case-sensitive, so pay special attention to the capital letters in the commands above.

Set the Advanced Option to send a notification to end users after the migration pass completes:

  • Notifications > Send successful migration and notification to: > Source email address (if users are still using G suite Gmail) or Destination email address (if users have already migrated from the G Suite gmail platform).
  • Customize the notification email. Checkmark the Customize "successful migration" email box. Add your own customization text and company name to this email.
  • Notifications should only be set up before the final pass. If performing a single, Full pass, set this up now. If you are following a Pre-stage migration strategy, only set this up prior to the final Full (Delta) pass.

Run Verify Credentials

You may verify the credentials of items in MigrationWiz without migrating data or consuming any licenses.

  1. Open the Project containing items you wish to validate​.
  2. Select the items you wish to validate.
  3. Click on the Start button in your dashboard.
  4. Select Verify Credentials from the drop-down list.

Once complete, the results of the verification will be shown in the Status section.​ 

Notify Users

Notify users that a migration is occurring. Send an email to all users telling them the time and date of the migration. During this time, they should not modify any documents in their G Suite accounts, because any modifications will not be included in the migration.

Step 3: Run Migration

Perform the migration, using one of the following strategies. More information on each strategy is included in the Migration Planning and Strategy Guide linked in the beginning of this guide. 

  • Full Migration strategy. For small migration projects that are less than 50 users, we recommend a Full Migration strategy. This is a single, full-pass migration, and requires licenses. This migration selection will migrate all identified and supported items.  
  • Pre-Stage Migration Strategy: This strategy includes a Pre-Stage pass and a Full (Delta) pass. This migration selection will migrate all identified and supported items before the selected date. This migration option requires a license of the appropriate type.

Additional Migration Types

  • Trial - Free migration pass. This migration selection is used to test the migration server.  It will migrate up to 10 items per folder or up to 5 MB of data per mailbox. A full migration with a license will pick up where the trial left off. 
  • Verify Credentials - Free migration pass. This migration selection will test to make sure that the credentials being used for migration are correct and will allow a successful connection. No data is migrated.
  • Retry Errors - Free migration pass. Once a Full or Pre-Stage migration has completed successfully, Retry Errors can be run to retry only failed items.

For large migration projects that are more than 50 users, we recommend a Pre-Stage Migration strategy. This is a multiple-pass migration.

G Suite All Mail Label Migration

Migrate all mail labels from G Suite

The best approach is to filter out the All Mail label until the very last pass. The reason for this is that Google has most items in individual labels, but also keeps a copy of all items in the All Mail label.

Without adding this filter, MigrationWiz will have to index the All Mail items label before it can migrate. This will typically be very large, and consequently will take a very long time to index.

We recommend that you first filter out All Mail, and migrate all the other labels during the Pre-Stage and Delta passes. Then, perform one last Delta pass, having removed the All Mail filter, so that it indexes the All Mail label during this pass and migrates any additional non-labeled items.

Here are the steps to follow to add the filter to your MigrationWiz project Advanced Options. This should be left in place for all passes, apart from the very last pass (where it is removed, as detailed at the bottom of this article).

  1. Log in to your MSPComplete dashboard.
  2. From the list of customers in the left hand navigation panel, select your customer.
  3. From the list of options in the top navigation bar, click on Projects.
  4. Click on the name of your Project in the list. This will launch the MigrationWiz portal for the selected project.
  5. In the top navigation bar, click on the Edit Project button.
  6. From the resulting drop-down list, select Advanced Options.
  7.  Under Filtering, add the following: (^All Mail$|^All Mail/). This will filter the All Mail folder and any subfolders of All Mail.
  8. Click Save

You can now perform your migration by following the steps in the migration guide that matches your scenario.

After you have completed all passes, you can perform one additional last pass, but with the filter removed. This pass can be performed after your users have already begun using the Destination account.

Follow these steps to remove this filter for the very last pass:

  1. From your MigrationWiz project dashboard, in the top navigation bar, click on the Edit Project button.
  2. From the resulting drop-down list, select Advanced Options.
  3.  Under Filtering, remove the previously added filter.

  4. Click Save

  5. Now you can select the items for migration, click Start and select Full Migration, and follow the prompts to start your migration pass. This pass will migrate any additional items that are in the All Mail folder, but not in any other label. This is normally just a few deleted items, and archived items (that have no label). Normally the user is unaware of these items, but it is still best to migrate, for completeness.

Once you have chosen your migration strategy: 

  1. Click on the name of the Project you want to run.
  2. Select one or more items to migrate by checking the box next to the item name. If you want to select all the items, click the checkbox to the left of Source Email.
  3. Click on the Start button and select the type of migration to run.
  4. If you want to delay your migration, then select the checkbox marked "Automatically start the migration at", and enter the date and time to have the migration start. To start a migration immediately, you do not need to select the scheduling option.
  5. Click Start Migration.

Request Statistics

Click the pie chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics. 

Post-Migration Steps

  1. To prevent users from inadvertently logging in and using their G Suite accounts, decommission the G Suite user accounts, or change their passwords.
  2. Notify users once the migration has completed. If you set the MigrationWiz Advanced Option for Notifications, they will receive an email upon completion of the migration. Assist them with setting up access to their Hosted Exchange accounts.
  3. Provide training to end users on Hosted Exchange.

 

Was this article helpful?
0 out of 0 found this helpful