Throughout a Hybrid Migration, there is a major step that occurs during the initial Hybrid Configuration Wizard. This is where the On-Premises mailboxes get 'stamped' with an additional proxy address.
Generally, this is their SAMAccountName or Alias, at the tenantname.mail.onmicrosoft.com. This leads a mailbox to have a possible entry looking like this.
alias@tenantname.mail.onmicrosoft.com
This is an important step as it means that the mail flow during the Hybrid Migration will work effectively. As this is stamped locally in Exchange, it will make its way into Microsoft Entra ID with the normal AADC linkage.
Problems
As the address is stamped on the account with the 'Default Address Policy' there could be a very real situation whereby some mailboxes do not get this additional proxy address on their accounts. If for some reason they do not have the policy applied then it will not appear. If they do not have the proxy address on their Microsoft Entra account then they will FAIL a migration attempt.
What this script does, is provide a way to connect via PowerShell into the Migration Wiz backend and automatically check that all the mailboxes that are in the batches do have a proxy address matching the appropriate mail.onmicrosoft.com domain.
It provides a report at the end of any mailboxes that will cause you problems if the migration goes ahead.
Prerequisites
You will need to download and install the Bit Titan PowerShell SDK from this link.
After this, the main function however is to get the connection to Office 365 running in the first place. To do this you need to start up ‘Windows Powershell ISE’ from your desktop and Run As Administrator. Running as administrator is very important as it will not connect if you do not.
You will need to install the Microsoft Office 365 Online Sign-In Assistant. You can find the executable here.
Also, the Microsoft Entra ID modules can be downloaded here. The short version of these instructions is to simply type the following command in the Powershell console
install-module azureadpreview
To import these modules into your Powershell sessions after you have installed them, type these commands in the Powershell console.
import-module msonline
import-module azureadpreview
If this is the very first time you have run this type of script on your machine, you will need to start by executing this command as a ‘one-off’.
Set-ExecutionPolicy RemoteSigned
The new need here is to import and install the new Exchange Online Management cmdlets. This can be done with the following commands.
Install-Module -Name ExchangeOnlineManagement
Import-Module ExchangeOnlineManagement; Get-Module ExchangeOnlineManagement
Update-Module -Name ExchangeOnlineManagement
Download
Download the Hybrid Pre-Flight script file - Check the attachment at the bottom of this guide.
Running the Script
The script itself uses the location of C:\Scripts as its main working directory, with a subdirectory from that called C:\Scripts\Logs
Using a 'Run as Administrator' PowerShell window, navigate to the C:\Scripts directory and run the 'Hybrid-PreFlightCheck.PS1' file.
As it starts, you will need to provide two sets of credentials.
- Your Bit Titan Migration Wiz login credentials
- The account with Admin Rights ( that you set up for the Hybrid Project ) for your Office 365 tenant
Once connected, you will be presented with a list of Migration Wiz Workgroups and Migration Wiz Customers that you can use. If you have only one workgroup it will automatically default to this. After you have selected the customer, the script will connect and read all of the mailboxes in the Hybrid Project.
You will be prompted for the 'onmicrosoft.com' prefix from your Azure Tenant. The script will then parse each of these accounts and check against your Microsoft Entra ID for the Proxy Addresses.
After completion, a simple CSV report will show all of the accounts that have issues with the Proxy Addresses. The reports are in the format of
File Name | File Type | Contents |
Date-Time-HybridPreFlightChecks | TXT | The Main Log file |
Date-Time-HybridPreFlightChecks-Output | CSV | The CSV file with problem accounts |