This document will walk you through the environment preparation and MigrationWiz steps necessary to perform your migration from one Microsoft 365 Personal Archives instance to another Microsoft 365 Personal Archives instance.
MigrationWiz
MigrationWiz is a migration tool, not a syncing tool. If changes are made at the source after migration, they will not sync to the destination, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and we cannot handle scenarios such as conflict resolution without user interaction.
First Migration?
If this is your first time performing a migration, we have created a Migration Planning & Strategy Guide to walk you through planning, set-up, and general migration best practices.
Prerequisites
It is important to highlight and meet the following prerequisites for a smooth migration project.
Licensing
We recommend that you purchase User Migration Bundle licenses for this migration scenario. User Migration Bundle licenses allow the performance of multiple migrations with a single license. For questions on licensing, visit MigrationWiz Licenses.
To use your license by following the next steps:
- Purchase Licenses.
- Create a Customer.
- Apply Licenses.
- Review Considerations.
Important
If you have already completed a mailbox migration project against this Source environment, steps two and three will already have been completed. The endpoints that were created for your mailbox migration project can be used for your in-place archive migration project.
Purchase licenses by following the steps below:
- Sign in to your BitTitan account.
- In the top navigation bar, click Purchase.
- Click the Select button and choose User Migration Bundle licenses.
- Enter the number of licenses you want to purchase. Click Buy Now.
- Enter a Billing address if applicable.
- Click Next.
- Review the Order Summary and enter a payment method.
- Click Place Your Order.
Create Customer on MSPComplete by performing these steps:
- Click the Add button in the top navigation bar
- Click the Add Customer button on the All Customers page
- Select the appropriate workgroup in the left navigation pane and click All Customers.
- Click Add Customer.
- Enter the new customer’s information in the Add Customer form. Primary Email Domain and Company Name are required. The rest are optional.
- Click Save.
- Repeat steps 1 through 4 for each customer you want to add.
Perform these steps on MSPComplete:
- Select the correct workgroup on the top of the left navigation pane.
Important
This is the workgroup which the customer and migration projects were created under. Your account must be part of the workgroup if the project was not created under your account. - Click Customers on the left navigation pane.
- Click the customer that employs the user to whom you want to use the User Migration Bundle license.
- Click the Users tab at the top of the page.
- Apply the license to the users by checking the box to the left of their emails.
- Click the Apply User Migration Bundle License button at the top of the page.
Tip
We recommend adding users to the Customer page with the vanity domain. Then apply the User Migration Bundle Licenses, before editing to show the .onmicrosoft domain, if the .onmicrosoft domain will be used for the migration. - Click Confirm if at least one unassigned User Migration Bundle license is available for each selected user.
Important
If there are no User Migration Bundle licenses currently available to be assigned and your role in the workgroup is Manager or higher, the form that appears provides all the necessary information and will walk you through the steps of purchasing User Migration Bundle licenses.
Licenses are released once payment has been received:
- Licenses are available immediately upon payment if you purchase via credit card.
- If you purchase via wire transfer (100+ licenses), the licenses will be available once payment is received and accepted.
- We do not accept purchase orders because of processing overhead.
In both cases, you will be notified by email that payment has been accepted and licenses are available in your account upon notification.
For more information on licensing, including coupon redemption and other licensing types, see our Licensing FAQ.
Limitations
- App password usage, MFA/2FA, and ADFS are not supported for the migration admin account/service account being used by this endpoint.
- The maximum individual file size supported by MigrationWiz is 60GB.
- Items located in the root folder of the source primary mailbox are not migrated. Only items located in the source archive mailbox are migrated.
- Exchange Web Services (EWS) must be enabled for the mailboxes in the Exchange Online tenant for this migration type
Important
If the In-Place Archive mailbox being migrated is more than 100 GB in size and auto-expanding archiving is enabled for the In-Place Archive mailbox in the destination tenant, the migration may take 30 days or more to complete due to the auto-expanding archiving process not making space available immediately in the destination archive mailbox when moving data.
More information on how auto-expanding works with archive mailboxes can be found outlined by Microsoft here: Office 365: Auto-Expanding Archives FAQ
If you have additional questions, please contact BitTitan support.
Below is a list of items that will and will not be migrated. Note that these items frequently change, so review this list before any migration projects.
Migrated Items
Please click the bars below to check the migrated and non-migrated items. We are constantly working to create a better migration experience for you so these items may change over time.
- Inbox
- Folders
- Contacts
- Calendars
- Tasks
- Journals
- Notes
- Server-Side Rules
- Folder Permissions
- Post (when the destination is Exchange or Microsoft 365)
- Safe Sender/Block Lists
- In-line images in Tasks
- Calendar acceptance status emails
Prepare the Source Exchange Online Environment
Modern Authentication Requirements
The steps listed in the Required Permission for Performing M365 Mailbox and Archive Migrations article apply to both the source and destination tenant when they are Exchange Online, in regards to Exchange Web Services (EWS) in the mailbox and archive mailbox. Use a Global Administrator for the configuration steps.
Please review the documentation before preparing the source.
Create an Administrator Account
Create an administrator account in Microsoft 365 to be used for migration or use the global admin account for the tenant. The administrator account must have full access to the user mailboxes, have the required API Permissions, or be granted impersonation rights.
We recommend adding the necessary API permissions to the Modern Authentication app you are using for your O365 mailbox or archive mailbox endpoint. You can follow the steps outlined in this guide, as this is BitTitan's recommended approach.
However, you can still use the BitTitan impersonation approach if you already have a service account with the Application Impersonation role already assigned. Microsoft is phasing out RBAC Application Impersonation in Exchange Online and no longer allows the assignment of this role to new accounts.
Prepare the Destination Exchange Online Environment
Modern Authentication Requirements
The steps listed in the Required Permission for Performing M365 Mailbox and Archive Migrations article apply to both the source and destination tenant when they are Exchange Online, in regards to Exchange Web Services (EWS) in the mailbox and archive mailbox. Use a Global Administrator for the configuration steps.
Please review the documentation before preparing the destination.
Create an Administrator Account
Create an administrator account in Microsoft 365 to be used for migration or use the global admin account for the tenant. The administrator account must have full access to the user mailboxes, have the required API Permissions, or be granted impersonation rights.
We recommend adding the necessary API permissions to the Modern Authentication app you are using for your O365 mailbox or archive mailbox endpoint. You can follow the steps outlined in this guide, as this is BitTitan's recommended approach.
However, you can still use the BitTitan impersonation approach if you already have a service account with the Application Impersonation role already assigned. Microsoft is phasing out RBAC Application Impersonation in Exchange Online and no longer allows the assignment of this role to new accounts.
Set up Accounts
Set up accounts on Microsoft 365 and assign licenses. These can be created in several ways:
- Manually, one at a time. Microsoft instructions to add users individually
- By bulk import, via CSV file. Microsoft instructions to bulk-add users
- By PowerShell script. TechNet article
- Enable Archiving for the destination mailboxes if that is your intended target.
MigrationWiz Steps
Create a Migration Project
Create a Personal Archive Migration project.
- Click the Go to My Projects button.
- Click the Create Project button.
- Select Personal Archive Migration Project.
- Click Next Step.
- Enter a Project Name and select a Customer.
- Click Next Step.
Endpoints
Endpoints are created through MigrationWiz. If you select an existing endpoint from the dropdown, it will only show ten endpoints. If you have more than ten, you may need to search it.
Consider that endpoint search is case and character-specific. For example, Cust0mer will not show up if the search is customer. We recommend keeping a list of endpoints you have created, along with any unique spellings or capitalization you may have used.
Create your Endpoints
Perform these steps for both the source and destination endpoints.
- Click New.
- Name the endpoint (It is highly recommended to create a unique name for your source and destination endpoints)
- Under Endpoint Type, select the endpoint from the options below that corresponds with the type of Microsoft 365 tenant being used:
- Microsoft 365 - (This is also used for GCC Commercial tenants)
- Microsoft 365 (China)
- Microsoft 365 (Germany)
- Microsoft 365 (US Government) - (Use this for GCC High tenants only)
- Enter the administrator username and password in the fields. This should be the corresponding global admin or the admin created in the steps for preparing the source or destination.
- Click Add.
- Complete the Application (client) ID, the Directory (tenant) ID, and the Client Secret fields. Keep in mind that for the destination endpoint, you must choose a Region of Destination Tenant.
Application (client) ID, Directory (tenant) ID, and Client Secret
For Microsoft 365 Mailbox and Archive migrations, MigrationWiz adds the Application (client) ID, Directory (tenant) ID, and Client Secret fields.
While the Application (client) ID and the Directory (tenant) ID are mandatory, the Client Secret field is not. It will depend on the permissions of the user account that performs the migration. Please review the following information before the creation of your M365 endpoints.
-
The client secret value is not mandatory if you use delegated permissions. Please leave the Client Secret field empty.
-
The client secret value is mandatory if you use the Application Impersonation using API Permissions approach.
- If you already have an admin account with the Impersonation role enabled (not using the Application Impersonation using API Permissions approach) the client secret value is not mandatory. Please leave the Client Secret field empty.
For more information about how to get the Application (client) ID and Directory (tenant) ID values from the Application Registration, please review step 3 of this article.
Region of Destination Tenant
MigrationWiz displays a dropdown to select the Preferred Region of the Tenant at the destination endpoint. This value updates the Preferred Region of the Destination Tenant field in the project's Advanced Options, and vice versa. You will notice that both values are always the same.
The Region of Destination Tenant feature optimizes the migration performance and speed when choosing the region closest to the destination tenant.
Tip
You can find the region of your destination tenant directly in the Microsoft Entra admin center by going to Identity > Overview > Properties, and using the Country or region or the Data location.
For more information on this topic, review this article.
Warning
If you do not complete this field you will not be able to save your project and the “This field cannot be left blank.” error will appear.Endpoint Validation
Once the information has been provided for both, the source and destination endpoint, and the customer selects Save and Go to Summary, MigrationWiz performs an endpoint validation check.
This validation tests the administrator credentials entered into the project and the Modern Authentication setup only. If there is an issue, the screen redirects to the endpoint and provides an error message or flyout that can be selected for more information regarding the error.
Common Errors when Configuring Your Endpoint
For more information on the AADSTS700016, AADSTS90002, and ADDSTS50126 issues review the Common Errors Using Modern Authentication page.
Add Users
Important
Suppose the domain name is migrated to the new destination tenant. In that case, it is strongly recommended that users in the migration project be migrated using the .onmicrosoft.com domain names for both the source and destination email addresses, rather than using the vanity domain. To do this, add the users using their Vanity Domain and once they are in the project, select all the users and click the Change Domains option in the menu to bulk change them to using the .onmicrosoft.com domain.
Add the user accounts that will be migrated to the project. This may be done in several ways, depending on the size of the project. Steps for each option are in the accordion below, simply click to show the option you select and follow the guidance there. The Autodiscover option is not available for this migration type.
Small Migrations
For small migrations, it is easy to add users one at a time using the Quick Add option. The steps for this are below.
Larger Migrations
For larger migrations, we recommend either using the Bulk Add option.
- An email address
- Login name
- Password
- Mailbox status
Bulk Add uses a CSV containing the source and destination email addresses for the users to add the users to the project. If migrating only a specific group from a tenant, we recommend using the Bulk Add option.
MigrationWiz allows you to bulk import mailboxes into the system.
To import one or more mailboxes:
- Sign in to your MigrationWiz account.
- Select the Project for which you want to perform the bulk import.
- Click on Add.
- Click on Bulk Add.
- Follow the instructions on the page.
Advanced Options
The following options are the most valuable for this migration scenario.
Support Tab
Required Settings
This is a required step for this type of migration. There are two variations of this option:
- If the domain remains the same in the new destination tenant, use: "RecipientMapping=@sourcetenantname.onmicrosoft.com->@destinationdomainname.com" (replace @sourcetenantname and @destinationdomainname with your domains).
- If the domain is changing in the new destination tenant, use: "RecipientMapping=@sourcedomainname->@destinationdomainname" (replace @sourcetenantname and @destinationdomainname with your domains).
The RecipientMapping above is just an example. Do not copy this verbatim. It needs to be changed to reflect the sourcetenantname.onmicrosoft.com account name and the customer Destination domain name. More than one remapping expression can be used.
This is a very important step for Microsoft 365 to Microsoft 365 migrations. It ensures that archived email can be replied to after migration because it will be mapped to the new Destination domain name rather than using the old sourcetenantname.onmicrosoft.com account name (which will no longer be available, once the tenant is retired).
Default Options for Microsoft 365 Endpoints
By default, some fields are view-only. In other words, you cannot edit or remove them from the support options page. To edit them, you need to edit the source or destination endpoint of your project.
Among these default options, you can find ModernAuthClientIdExport, ModernAuthTenantIdExport, ModernAuthClientSecretExport, ModernAuthClientIdImport, ModernAuthTenantIdImport, and ModernAuthClientSecretImport.
The support options above are required when configuring your endpoint.
Important
Keep in mind that the ModernAuthClientSecretExport and the ModernAuthClientSecretImport support options are text-masked.
Warning
You cannot update the default Advanced Options, in case you try to modify or add new ones the following message arises.
Source/Destination Tab
- Checkmark the Use impersonation at Source.
- Checkmark the Use impersonation at Destination.
Important
Set your preferred Destination. The default is to migrate into the primary mailbox, not the archive mailbox at the Destination. To change this, set Destination: Microsoft Office 365 > migrate to: Archive under the Source/Destination in the advanced options of the project. - If this is a large migration project, the value for Maximum concurrent migrations, under the Performance section, can be set to a very high value, e.g., 250. There is no limit for this value (for cloud-to-cloud migrations) if using impersonation.
Run Verify Credentials
- Sign in to your MigrationWiz account.
- Open the Project containing items you wish to validate.
- Select the items you wish to validate.
- Click on the Start button in your dashboard.
- Select Verify Credentials from the drop-down list.
Once complete, the results of the verification will be shown in the Status section.
Notify Users
Notify users that a migration is occurring. Send an email to all users telling them the time and date of the migration.
Run Migration
For archive migrations, we recommend only running a Full Pass Migration, rather than following the Pre-Stage Migration strategy (typically used with mailbox migration projects).
Since the archive migration project is typically performed after the mailbox migration project has been completed (or at the same time), this guide does not include the steps for MX record cutover.
Full Pass
- Select the users.
- Click the Start button from the top.
- Select Full Migration.
- Click Start Migration.
Run Retry Errors
Look through the user list and click any red "failed migration" errors. Review the information and act accordingly.
If problems persist, contact Support.
Request Statistics
Click the pie chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics.