This document will walk you through the environment preparation and MigrationWiz steps necessary to perform your migration from one Microsoft 365 Personal Archives instance to another Microsoft 365 Personal Archives instance.
If this is your first time performing a migration, we have created a Migration Planning & Strategy Guide to walk you through planning, set-up, and general migration best practices.
MigrationWiz is a migration tool, not a syncing tool. If changes are made at the source after migration, they will not sync to the destination, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and we cannot handle scenarios such as conflict resolution without user interaction.
App password usage and MFA/2FA are not supported for the admin account being used for this endpoint.
The maximum individual file size supported by MigrationWiz is 60GB.
Items located in the root folder of the source primary mailbox are not migrated. Only items located in the source archive mailbox are migrated.
Exchange Web Services (EWS) must be enabled for the mailboxes in the Exchange Online tenant for this migration type
Important: If the In-Place Archive mailbox being migrated is more than 100 GB in size and auto-expanding archiving is enabled for the In-Place Archive mailbox in the destination tenant, the migration may take 30 days or more to complete due to the auto-expanding archiving process not making space available immediately in the destination archive mailbox when moving data. More information on how auto-expanding works with archive mailboxes can be found outlined by Microsoft here: Office 365: Auto-Expanding Archives FAQ
If you have additional questions, please contact BitTitan support.
Below is a list of items that will and will not be migrated. Note that these items frequently change, so review this list before any and all migration projects.
- Server-Side Rules
- Folder Permissions
- Post (when the destination is Exchange or Microsoft 365)
- Calendar acceptance status emails
- Safe Sender/Block Lists
- In-line images in Tasks
Modern Authentication Requirements
The steps listed below apply to both the source and/or destination tenant when they are Exchange Online, in regards to Exchange Web Services (EWS) in mailbox, archive mailbox, and public folder projects. Use a Global Administrator for the configuration steps.
For setup steps that include images, see under Enabling Modern Authentication for EWS between MigrationWiz and your Exchange Online Tenant in the following KB: Authentication Methods for Microsoft 365 (All Products) Migrations
Important: Failure to perform the steps for your Microsoft 365 endpoints, can result in failed jobs with 401 errors like the following in your project: Http POST request to 'autodiscover-s.outlook.com' failed - 401 Unauthorized
The administrator account being used for the project needs to be excluded from any MFA/2FA policies or Conditional Access policies that can block access for the administrator account. This requirement does not apply to the items or users being migrated in the project.
Configuring Modern Authentication to work with MigrationWiz for mailbox, archive mailbox, and public folder projects in Exchange Online is now the default method after Microsoft discontinued support for Basic Authentication in Exchange Online after December 2022. The following Microsoft documentation outlines this change in more detail. Should you have additional questions on how this change may impact your tenant, please contact Microsoft to assist with providing that information: Deprecation of Basic authentication in Exchange Online
The Azure Security Defaults must also be disabled in the tenant. (This is often enabled by default for all new Exchange Online tenants and there is no workaround for this requirement). For steps on where to enable/disable the Azure Security Defaults, see Enabling security defaults in the following Microsoft documentation. To disable, set Enable Security defaults to No: Security defaults in Azure ADModern Authentication Steps
- Log in to the Azure AD admin console with a Global Administrator login.
- Select Azure Active Directory in the Azure Active Directory Admin Center.
- Select App Registrations, which is found under Manage.
- Select New Registration at the top of the screen.
- Give the app a distinct name. You can change this later if necessary.
- Select the Accounts in any organizational directory button.
- Under Redirect Uri, select Public Client (mobile & desktop) and set it to urn:ietf:wg:oauth:2.0:oob
- Click Register.
- Go back to App registrations.
- Select the App you just created.
- In the Overview, you will find a ClientId (aka Application) and Directory (Tenant) ID.
- Copy both of these to another application, such as Notepad, for use later in this process.
- Under the Manage menu, select Authentication.
- Set the option Allow public client flows to Yes.
- Click Save.
- From the Manage menu, select API permissions.
- If API permission named User.Read under Microsoft Graph is already present, this can be removed. The Microsoft Graph API is not applicable to this project type and is not used.
- Select Add a Permission.
Select APIs my organization uses
Scroll down and select Office 365 Exchange Online
Then select Delegated Permissions
- Check the box under EWS for EWS.AccessAsUser.All.
- Click Add permissions. This permission only allows the OAuth application (MigrationWiz) to be associated with EWS.
- Important: This does not grant access to all mailbox data.
- Click Grant admin consent.
- Click Yes to confirm the settings.
- In MigrationWiz, select the project that needs to be configured for Modern Authentication.
- Click the Edit Project menu.
- Select Advanced Options.
- Under Support Options enter the ClientID and TenantID information you saved earlier in the following format:
- If enabling Modern Authentication for the Source:
- If enabling Modern Authentication for the Destination:
- Enter the specific ClientID and TenantID for your tenant in place of the xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.
- These options can be entered for either the Source or the Destination, or both, depending on the settings on the tenants.
- These options need to be configured for each MigrationWiz project that needs to have Modern Authentication enabled.
- If enabling Modern Authentication for the Source:
- Run a Verify Credentials to confirm that MigrationWiz can connect using Modern Authentication.
- Click on the item that was verified. There will be a message in the MigrationWiz Migration Information page that Modern Authentication is being used. This message will show in the “Migration Errors” box; however, it is not an error. This is just a message confirming that Modern Authentication is now active and being used for the connection.
Prepare the Source Exchange Online Environment
If you have completed a mailbox migration project against this Source environment, these steps will already be complete. If not, create an administrator account in Microsoft 365 to use for this migration, or use the global admin account for the tenant.
- Create an administrator account in Microsoft 365 to be used for migration or use the global admin account for the tenant.
- (Optional) Export a list of users from the source tenant. This will be used to import the users to be migrated into the migration project. You can find instructions to export a list of active users here: Microsoft 365 Reports in the Admin Center – Active Users. The report can be exported as a CSV. You can then edit the CSV to add or remove users as needed.
Prepare the Destination Exchange Online Environment
If you have already completed a mailbox migration project against this Source environment, these steps will already have been completed. If not, create an administrator account in Microsoft 365 to use for this migration, or use the global admin account for the tenant.
Set up accounts
Set up accounts on Microsoft 365 and assign licenses. These can be created in several ways:
- Manually, one at a time. Microsoft instructions to add users individually
- By bulk import, via CSV file. Microsoft instructions to bulk add users
- By PowerShell script. TechNet article
If you have already completed a mailbox migration project against this Source environment, these steps will already have been completed. The endpoints that were created for your mailbox migration project can be used for your in-place archive migration project.
- Click the Add button in the top navigation bar
- Click the Add Customer button on the All Customers page
- In the left navigation pane, select the appropriate workgroup and then click All Customers.
- Click Add Customer.
- Enter the new customer’s information in the Add Customer form. Primary Email Domain and Company Name are required. The rest are optional.
- Click Save.
- Repeat steps 1 through 4 for each customer you want to add.
A User Migration Bundle license is required for this migration scenario. User Migration Bundle licenses allow multiple types of migrations to be performed with a single license. They also allow DeploymentPro to be used to configure Outlook email profiles. For questions on licensing, visit MigrationWiz Licenses
To purchase licenses:
- Sign in to your BitTitan account.
- In the top navigation bar, click Purchase.
- Click the Select button and choose User Migration Bundle licenses.
- Enter the number of licenses you want to purchase. Click Buy Now.
- Enter a Billing address if applicable.
- Click Next.
- Review the Order Summary and enter a payment method.
- Click Place Your Order.
Create a Migration Project
Create a Personal Archive Migration project.
- Click the Go to My Projects button.
- Click the Create Project button.
- Select Personal Archive Migration Project.
- Click Next Step.
- Enter a Project name and select a Customer.
- Click Next Step.
Endpoints are now created through MigrationWiz, rather than through MSPComplete. The steps for this section outline how to create the endpoints in MigrationWiz.
If you are selecting an existing endpoint, keep in mind that only ten endpoints will show in the drop-down. If you have more than ten, you may need to search. Endpoint search is case and character-specific. For example, Cust0mer will not show up if the search is customer. We recommend keeping a list of endpoints you have created, along with any unique spellings or capitalization you may have used.
You may either use existing endpoints (if ones for your mailbox project already exist) or create new ones.
To create a new endpoint: (Perform these steps for both the source and destination endpoints)
- Click New.
- Name the endpoint (It is highly recommended to create a unique name for your source and destination endpoints)
- Under Endpoint Type, select the endpoint from the options below that corresponds with the type of Microsoft 365 tenant being used:
- Microsoft 365 - (This is also used for GCC Commercial tenants)
- Microsoft 365 (China)
- Microsoft 365 (Germany)
- Microsoft 365 (US Government) - (Use this for GCC High tenants only)
Click Save and Go to Summary.
If the domain name is being migrated to the new destination tenant, it is strongly recommended that users in the migration project be migrated using the .onmicrosoft.com domain names for both the source and destination email addresses, rather than using the vanity domain.
To do this, you'll add the users using their Vanity Domain and once they're in the project, select all the users and click the Change Domains option in the menu to bulk change them to using the .onmicrosoft.com domain.
Add the user accounts that will be migrated to the project. This may be done in several ways, depending on the size of the project. Steps for each option are in the accordion below, simply click to show the option you select and follow the guidance there.
Add the user accounts that will be migrated to the project. This may be done in several ways, depending on the size of the project. Steps for each option are in the accordion below, simply click to show the option you select and follow the guidance there. The Autodiscover option is not available for this migration type.
For small migrations, it is easy to add users one at a time using the Quick Add option. The steps for this are below.
For larger migrations, we recommend either using the Bulk Add option.
Bulk Add uses a CSV containing the source and destination email addresses for the users to add the users to the project. If migrating only a specific group from a tenant, we recommend using the Bulk Add option.
MigrationWiz allows you to bulk import mailboxes into the system.
To import one or more mailboxes:
- Sign in to your MigrationWiz account.
- Select the Project for which you want to perform the bulk import.
- Click on Add.
- Click on Bulk Add.
- Follow the instructions on the page.
Set the Project Advanced Options
The following options are the most valuable for this migration scenario:
- Checkmark the Use impersonation at Source
- Checkmark the Use impersonation at Destination
- IMPORTANT: Set your preferred Destination. The default is to migrate into the primary mailbox, not the archive mailbox at the Destination. To change this, set Destination: Microsoft Office 365 > migrate to: Archive under the Source/Destination in the advanced options of the project.
- If this is a large migration project, the value for Maximum concurrent migrations, under the Performance section, can be set to a very high value, e.g., 250. There is no limit for this value (for cloud to cloud migrations) if using impersonation.
This is a required step for this type of migration. There are two variations of this option:
1) If the domain is remaining the same in the new destination tenant, use: "RecipientMappingfirstname.lastname@example.org->@destinationdomainname.com" (replace @sourcetenantname and @destinationdomainname with your domains).
2) If the domain is changing in the new destination tenant, use: "RecipientMapping=@sourcedomainname->@destinationdomainname" (replace @sourcetenantname and @destinationdomainname with your domains).
The RecipientMapping above is just an example. Do not copy this verbatim. It needs to be changed to reflect the sourcetenantname.onmicrosoft.com account name and the customer Destination domain name.
More than one remapping expression can be used.
This is a very important step for Microsoft 365 to Microsoft 365 migrations. It ensures that archived email has the ability to be replied to after migration because it will be mapped to the new Destination domain name rather than using the old sourcetenantname.onmicrosoft.com account name (which will no longer be available, once the tenant is retired).
Run Verify Credentials
- Sign in to your MigrationWiz account.
- Open the Project containing items you wish to validate.
- Select the items you wish to validate.
- Click on the Start button in your dashboard.
- Select Verify Credentials from the drop-down list.
Once complete, the results of the verification will be shown in the Status section.
Notify users that a migration is occurring. Send email to all users telling them the time and date of the migration.
For archive migrations, we recommend only running a Full Pass Migration, rather than following the Pre-Stage Migration strategy (typically used with mailbox migration projects).
Since the archive migration project is typically performed after the mailbox migration project has been completed (or at the same time), this guide does not include the steps for MX record cutover.
- Select the users
- Click the Start button from the top
- Select Full Migration
- Click Start Migration
Run Retry Errors
Look through the user list and click any red "failed migration" errors. Review the information and act accordingly.
If problems persist, contact Support.
Click the pie chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics.