Well hello there! Its been a while hasn’t it, ok its been bloody ages since I last added a new post. What can I say I have been busy living!
So all Exchange and Exchange Online lovers, I feel like I should extend this greeting to Exchange Online lovers! Todays blog post is all about migrating G-Suite mailboxes to Exchange Online.
Let me tell you that Google are not keen for you to move a mailbox to Exchange Online, nope not keen at all. In fact under the guise of increased security they actually make it a little challenging, not because of the technical complexities of how to perform the migration but more around how
well it is documented.
Did I say documented? That’s basically a lie because whilst there are some articles that provide some trinkets of information there isn’t, not that I have been able to find a definitive approach to migrating mailboxes away from Gmail. The instructions provided by Microsoft are fairly good but don’t really cover all of the steps required.
Lets make a start. The migration that I am performing is for a very small number of users and so therefore we will not be using any custom tools. It’s worth pointing out that should you be looking at undertaking a migration of this type on a larger scale that it would be well worth investing in some third party tools to assist you with the process.
The first step in the G-Suite migration is to ensure that the user has been setup in the on-premises domain controller.
Once the new user has been configured, the account will be synced up to Azure AD via the Azure Active Directory Connect application.
Check User Account, License & verify Email Addresses
- Open the Office365 portal using a Global Administrators account credential.
- Browse to the Users menu, select Active Users.
- Locate the new user created in the section above, and click on the account to make changes.
- Next to Product Licenses, select Edit to apply a license to the new user.
- Choose location as Australia, and turn the Office 365 Business Premium slide switch to on. Doing this will license the user and begin the provisioning process for an Exchange online mailbox.
There are multiple steps that need to be completed prior to performing a migration to Exchange Online.
There are 3 primary configuration changes that need to be applied:
- Less Secure Apps needs to be enabled from a Domain Administration level, this setting is enabled tenant wide. – This only needs to be changed once.
- 2 factor authentication needs to be setup for each user being migrated to Exchange Online. Keep in mind this will send ALOT of text messages to whichever number you plug in, you might want to use your own phone first.
- An App password is required to enable O365 to open the contents of the Gmail mailbox and begin the syncing process.
- Browse to the G-Suite Admin portal page, open Security. You will need to make sure that this is the administrator account, you cannot turn on secure apps without this account as its a change that is made tenant wide.
- Browse down to the bottom of the Security settings section and select Less Secure Apps.
- Choose Turn on in the options page.
- Open Gmail for the user being migrated.
- Select My Account from the menu in the top-right corner.
- Choose the Sign-in & Security menu, browse to the Signing in to Google section, and select 2-Step Verification.
- Choose Get started in the following window. Google will prompt for the password to the account again before opening the 2-step Verification wizard.
- Enter the phone number to be used with the account, and select Next.
- Google will process the provided mobile number, and will send a verification code which will need to be entered into the next window. Choose Next.
- On completion Google will advise that it worked and will prompt to Turn on 2-Step Verification. Choose Turn On to complete the wizard.
The final step is to setup an app password. This password will be recorded in the CSV file detailing all of the users to be migrated to Exchange Online, and will enable O365 to securely connect to the G-Suite Mailbox.
DO NOT skip this step even if you think you can get away with just specifying the users password in the CSV file!
- After enabling 2-Step Verification, google will redirect back to the security settings page. Scroll down the page and select App Passwords.
- Google may (will) require you to authenticate again by typing in your password and selecting Sign In.
- Choose Select App, and from the available option select Custom.
- Type in Office365 in the description and choose Generate.
- Copy the generated app password and store it in a safe location.
The final step is to prepare the migration batches and start the sync process. This is broken down into three separate steps:
- Create CSV file for batches
- Connect Office 365 to Gmail
- Create a migration batch and start migrating Gmail mailboxes
Create CSV file for batches
- Open Microsoft Excel and add the following headings, EmailAddress UserName Password save the excel file as a .csv file.
- Sign in to the G Suite admin console using your administrator username and password.
- Choose Users, select each user and copy the email address to the UserName column in the CSV. UserName is the sign-in name for the users Gmail Mailbox.
- Populate the EmailAddress column with the user’s new email address that has been setup in Office 365. This will be email@example.com.
- Populate the Password column with the generated App Passwords for each Gmail Mailbox.
- The completed CSV file should look like this:
Connect Office 365 to Gmail
To migrate Gmail mailboxes successfully, Office 365 needs to connect and communicate with Gmail. To do this, Office 365 uses a migration endpoint.
- Go to the Exchange admin center.
- In the EAC, go to Recipients > Migration > More > Migration endpoints.
- Click New to create a new migration endpoint.
- On the Select the migration endpoint type page, choose IMAP.
- On the IMAP migration configuration page, set IMAP server to imap.gmail.com and keep the default settings the same.
- Click Next. The migration service uses the settings to test the connection to Gmail system. If the connection works, the Enter general information page opens.
- On the Enter general information page, type a Migration endpoint name, for example, Test5-endpoint. Leave the other two boxes blank to use the default values.
- Click New to create the migration endpoint.
- In the Office 365 admin centre, navigate to Admin centres > Exchange.
- In the Exchange admin center, go to Recipients > Migration.
- Click New > Migrate to Exchange Online.
- Choose IMAP migration > Next.
- On the Select the users page, click Browse to specify the migration file you created.
- After Office 365 validates the migration file, it displays the number of users listed in the file as the number of Gmail mailboxes to migrate.
- Click Next.
- On the Set the migration endpoint page, select the migration endpoint that you created in the previous step, and click Next.
- On the IMAP migration configuration page, accept the default values, and click Next.
- On the Move configuration page, type the name (no spaces or special characters) of the migration batch in the box—for example, Test5-migration.
- Click Next
- On the Start the batch page, do the following:
- Choose Browse to send a copy of the migration reports to other users. By default, migration reports are emailed to you. You can also access the migration reports from the properties page of the migration batch.
- Choose Automatically start the batch > new. The migration starts immediately with the status Syncing.
Once completed, Exchange Online will continue to sync all of the migration batches once a day until the batch is completed. Once you have cut MX records etc. over you can complete the migration batch and life should be swimmingly awesome in Office 365 land!