Migrate two different Exchange forest with the same netbios name to Office 365 with dirsync.
Our customer has two forests. And they have the same netbios name. So no forest trust then. One of them with users and computers and the other with different usernames and their mailboxes.
 
The dilemma is to migrate them to Office 365 and using computer forest ast point of authority.
 
Yesterday I found a site that had the same problem.
 
http://ibenna.wordpress.com/2013/07/05/migrating-2-forests-for-the-same-organization-to-office-365/
 
This was the thing I needed. The blog even mentioned the attributes you need to extract. But it didn't cover all the parts. So here's an updated version.
 
Step 1
 
Take necessary steps on Office 365 to validate domain needed by Exchange hybrid.
 
Here is an excellent article to do it.
 
http://www.msexchange.org/articles-tutorials/office-365/exchange-online/using-hybrid-configuration-wizard-exchange-2010-service-pack-2-part1.html
  
Step 2
 
Before this you have to upgrade same service pack level Exchange schema to destination domain. Using this link (if you have Exchange 2010 sp3 on source domain)
 
http://www.microsoft.com/en-us/download/details.aspx?id=36768
 
As Enterprise admin and from schema master run
 
 
 
 
Add upn-suffic for the same name as in source domain.
 
** Before you import attributes make sure that in destination domain userprincipalnames are exactly the same as in source domain. **
 
 
 
 
And here is the import script:
 
 
  
 Notice the split " " <- Yes, it is a space. I guess that there's a bug because atleast i didn't get any ; -sign in the middle of the emailaddresses :-)
 
 
Step 4
 
 
 
Configure dirsync from destination domain to Office 365 using the logon names you should use after the migration.
 
Here an excellent article for dirsync filtering.
 
http://msexchangeguru.com/2012/08/10/office-365-2/
 
Step 5
 
Setup ADFS for SSO or just use Dirsync.
 
ADFS -setup http://goodworkaround.com/node/53
 
Comparision of Dirsync only and Dirsync + ADFS http://office365evangelist.com/?p=1144
 
   https://community.dynamics.com/crm/b/crmpowerobjects/archive/2012/11/01/adfs-and-single-sign-on-working-with-non-ie-browsers-chrome-firefox-safari.aspx
 
Step 6
 
Migrate Mailboxes from source domain. It's preferred to use Online EAC to do it.
 
 
 
 
And then select Remove move migration
 
  
 
 
Add user from the next screen or use csv file. Here is the point when ExchangeGuid takes place. It will match the On-Premises user to Dirsynce'd user that has the same imported guid.
 
  
 
 
If it doesnt show anything the the guid's dont match.
 
When the migration batch is completed you will have On-Premise mailboxes in Exchange Online.
 
Tip. If you want to make a different kind of mailbox (Room, Equipment etc) You alter two of the Dirsync authority user's attributes:
 
Recipient Display Type = msExchRecipientDisplayType
Recipient Type Details = msExchRecipientTypeDetails
 
Here are the tables for attribute's
 
  
 
  
 
So let's say you a normal user the be room mailbox and then transfer that user with dirsync to office365.
 
Change msExchRecipientDisplayType to 7
Change msExchRecipientTypeDetails to 16
 
When you dirsync this user to Office 365 and start mailbox migration batch for room mailboxes they will connect together and you will have room mailbox with old room mailbox content synced.
 
Step 7
 
Migrate Public Folders to Exchange Online.
 
http://technet.microsoft.com/en-us/library/jj983799(v=exchg.150).aspx
 
See if it is completed:
 
Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics
 
Step 8
 
Extract On-Premise Exchange mailboxes LegacyDN attribute also known as X500 address.
 
String looks like this:
 
X500:/O=YOURDOMAIN/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=LEGACY.USERDN
 
Then you have to add this (AFTER MAILBOX SUCCESFULl MOVE) to Dirsync Authority domain and to the corresponding user's proxyaddress attribute as primary X500 address (Primary is always the UPPERCASE version)
 
Remember the onpremise mailboxes are disconnected at this point and they will be there for 30 days by default!
 
And here is the oneliner:
 
   
If all the LegacyDN's are in LEGACY.USERDN mode you can use ADModify to change add a primary X500 address.
 
http://support.microsoft.com/kb/909271
 
But the users that have different X500 address. Let's say user has a number behind username. Then you cant use ADModify and use must write a script or do it manually.
 
It didn't have that much of them so I added them manually.
 
Dont Use LegacyExchangeDN -attribute in ad-user. Always use the proxyaddress -attribute.
 
http://blogs.technet.com/b/sbs/archive/2009/05/21/cannot-reply-to-old-emails-or-modify-old-calendar-items-after-pst-mail-migration.aspx
   
Step 9
 
Remove Exchange Hybrid configuration.
 
http://blogs.technet.com/b/exchange/archive/2012/12/05/decommissioning-your-exchange-2010-servers-in-a-hybrid-deployment.aspx
 
I made it work like this. Hopefully you can also!
 
And remember that this is also a working scenario for Hosted Exchange to Office 365. Because then you propably cant do a forest trust either :)
          
            
            
        The dilemma is to migrate them to Office 365 and using computer forest ast point of authority.
Yesterday I found a site that had the same problem.
http://ibenna.wordpress.com/2013/07/05/migrating-2-forests-for-the-same-organization-to-office-365/
This was the thing I needed. The blog even mentioned the attributes you need to extract. But it didn't cover all the parts. So here's an updated version.
Step 1
Take necessary steps on Office 365 to validate domain needed by Exchange hybrid.
Here is an excellent article to do it.
http://www.msexchange.org/articles-tutorials/office-365/exchange-online/using-hybrid-configuration-wizard-exchange-2010-service-pack-2-part1.html
Step 2
Before this you have to upgrade same service pack level Exchange schema to destination domain. Using this link (if you have Exchange 2010 sp3 on source domain)
http://www.microsoft.com/en-us/download/details.aspx?id=36768
As Enterprise admin and from schema master run
Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms
And then
Setup.exe /PrepareAD /OrganizationName:"<organization name>" /IAcceptExchangeServerLicenseTerms
Step 3
Add upn-suffic for the same name as in source domain.
** Before you import attributes make sure that in destination domain userprincipalnames are exactly the same as in source domain. **
 $a = Get-MailBox -ResultSize Unlimited | select-object SAMAccountName,ExchangeGuid,Alias,Emailaddresses
  foreach ($mbx in $a){$mbx.emailaddresses = ($mbx.emailaddresses)}
 $a | export-csv mailboxes.csv -notypeAnd here is the import script:
 Import-Module -name "C:Program FilesQuest SoftwareManagement Shell for ADQuest.ActiveRoles.ArsPowerShellSnapIn.dll"
  Import-Csv C:csvexported-attributes.csv | 
  foreach {
  $sams = $_.SAMAccountName
  $GUID = $_.ExchangeGuid
  $nickname = $_.Alias
  $SMTP = $_.EmailAddresses
  Set-QADUser $SAMS -ObjectAttributes @{
  msexchmailboxguid=(($GUID).tobytearray())
  mailnickname=$nickname
  proxyaddresses=($SMTP -split " ")
  }
  Get-QADUser $sams -IncludeAllProperties | select displayname,mailnickname,msexchmailboxguid,proxyaddresses,CanonicalName | Ft -AutoSize | out-file C:csvoutfile.txt -append
  } 
 Step 4
Configure dirsync from destination domain to Office 365 using the logon names you should use after the migration.
Here an excellent article for dirsync filtering.
http://msexchangeguru.com/2012/08/10/office-365-2/
Step 5
Setup ADFS for SSO or just use Dirsync.
ADFS -setup http://goodworkaround.com/node/53
Comparision of Dirsync only and Dirsync + ADFS http://office365evangelist.com/?p=1144
 ADFS and SSO. Get it working with Non-IE Browsers (Chrome, Firefox, Safari)
 Step 6
Migrate Mailboxes from source domain. It's preferred to use Online EAC to do it.
And then select Remove move migration
Add user from the next screen or use csv file. Here is the point when ExchangeGuid takes place. It will match the On-Premises user to Dirsynce'd user that has the same imported guid.
If it doesnt show anything the the guid's dont match.
When the migration batch is completed you will have On-Premise mailboxes in Exchange Online.
Tip. If you want to make a different kind of mailbox (Room, Equipment etc) You alter two of the Dirsync authority user's attributes:
Recipient Display Type = msExchRecipientDisplayType
Recipient Type Details = msExchRecipientTypeDetails
Here are the tables for attribute's
So let's say you a normal user the be room mailbox and then transfer that user with dirsync to office365.
Change msExchRecipientDisplayType to 7
Change msExchRecipientTypeDetails to 16
When you dirsync this user to Office 365 and start mailbox migration batch for room mailboxes they will connect together and you will have room mailbox with old room mailbox content synced.
Step 7
Migrate Public Folders to Exchange Online.
http://technet.microsoft.com/en-us/library/jj983799(v=exchg.150).aspx
See if it is completed:
Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics
Step 8
Extract On-Premise Exchange mailboxes LegacyDN attribute also known as X500 address.
String looks like this:
X500:/O=YOURDOMAIN/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=LEGACY.USERDN
Then you have to add this (AFTER MAILBOX SUCCESFULl MOVE) to Dirsync Authority domain and to the corresponding user's proxyaddress attribute as primary X500 address (Primary is always the UPPERCASE version)
Remember the onpremise mailboxes are disconnected at this point and they will be there for 30 days by default!
And here is the oneliner:
 Get-MailboxStatistics -Server 'ExchangeServersFQDN' | select displayname,legacydn | sort displayname |export-csv legacydn.csv -notype 
Then you will get all users LegacyDN attribute that will be the new PRIMARY X500 address.
 Then you will get all users LegacyDN attribute that will be the new PRIMARY X500 address.
If all the LegacyDN's are in LEGACY.USERDN mode you can use ADModify to change add a primary X500 address.
http://support.microsoft.com/kb/909271
But the users that have different X500 address. Let's say user has a number behind username. Then you cant use ADModify and use must write a script or do it manually.
It didn't have that much of them so I added them manually.
Dont Use LegacyExchangeDN -attribute in ad-user. Always use the proxyaddress -attribute.
http://blogs.technet.com/b/sbs/archive/2009/05/21/cannot-reply-to-old-emails-or-modify-old-calendar-items-after-pst-mail-migration.aspx
Step 9
Remove Exchange Hybrid configuration.
http://blogs.technet.com/b/exchange/archive/2012/12/05/decommissioning-your-exchange-2010-servers-in-a-hybrid-deployment.aspx
I made it work like this. Hopefully you can also!
And remember that this is also a working scenario for Hosted Exchange to Office 365. Because then you propably cant do a forest trust either :)