Office 365 off boarding

We find ourselves in a situation where we are merging two companies with completely seperate Exchange/AD environments into one and there is a requirement to have a shared email address with a new domain "yesterday".

I'm figuring that the fastest way to achieve this is to start everybody fresh on a new Office 365 hosted Exchange solution and archive their old onsite emails to PSTs, to be imported to their 365 mailboxes later or just kept as local archive. Then decomission the two separate onsite Exchange environments.

We want to have at least the option of migrating back to onsite only enviroment once we have merged the two company's AD environments.

Is this possible.

After going live with a new Office 365 deployment and then merging the two AD forests into one can we then deploy a new Exchange onsite environment and tie it to the Office 365 account in a Hybrid setup and off board the mailboxes gradually from 365 back onsite.

One possible issue I can see is the fact that Active Directory sync is one way only, from onsite to hosted. If we create identical named AD accounts onsite can they tie to the already existing mailboxes in 365?

Given that we can successfully get a hybrid environment going and off board all the users, can we then kill the hybrid link and end up with onsite Exchange only?

Does Quest have solutions that makes this possible or easier to do?


  • I'm not aware of a Quest tool that performs this, but coming from the MS teams for O365, there are ways to accomplish this once the AD has been merged and Exchange 2010/2013 has been implemented on-site.

    Setting up an Exchange Federation Trust between O365 and the on-premises server allows you to perform MRS moves to pull the mailbox from O365 back on-premises. 

    Once you have AD cleaned up, you can perform the following steps to associate the new AD to O365:

    1.  Disable Directory Sync (this removes the object SID association between the AD object and O365 object) -

    2.  Re-enable Directory Sync (this assocates the O365 object with the on-premises AD object's SID)

         -  Be aware that the option to enable Directory Sync may take several hours for the automated processes to clean up the SID association (stored in the immutableID attribute in O365)

    Once DirSync has been re-enabled, it will search for all objects based on Primary SMTP address first, then UPN, then Mail (Email Address) attribute if all others fail.  The object will then be stamped with the object GUID from on-premises.

    After Directory Sync has finalized, you can then run MRS (Mailbox Replication Service) mailbox moves to pull the mailbox back from O365.

    Have a great day,

    Dan Trautman

  • In reply to ditrautman:

    Hello All,
    Office 365 provides a wide range of communication tools enabling smooth communication among employees at all levels. This helps to improve teamwork, even when team members are working from different locations. To get certified in MS Office 365, sign up for our FREE Skills Assessment Quiz, the procedure of documenting knowledge, skills, attitudes and beliefs, usually in measurable terms and its goal is to make improvements, as opposed to simply being judged.