Migration Approach Query

Current Environment
Source = Account forest with external forest trust to Target forest.  No Exchange currently (was decommissioned)
Target = Resource forest containing linked mailboxes (Exchange 2010) and disabled AD accounts with AEA (linked master account) set
 
Planned "End State" Environment
Source = Domain/forest will be decommissioned
Target = Previously disabled resource accounts will be enabled and used to authenticate users.  Mailboxes will remain with users.  Users will be provided with new machines which are members of the target domain and login with target accounts using target mailboxes.
 
Planned Migration Steps
1. Perform migration of AD group object using migration sessions and import files
2. Perform migration of AD user objects using migration sessions and import files ensuring accounts are matched to the existing target disabled accounts.  Continue to leave source accounts enabled and target disabled.
*  At this point users are continuing to work as is without any interruption *
3. Perform AD processing of all objects leaving source account permissions in place
4. Perform Exchange processing of all mailboxes leaving source account permissions in place
*  Again, at this point users are continuing to work as is without any interruption *
5. Start migration of Batch 1 of the users
 (a) Enable batch 1 disabled accounts in target using Set-User -Identity 'mailbox name' -LinkedMasterAccount $null  as per KB35991
 (b) Provide batch 1 users with new machine in target domain
 (c) Batch 1 users login to new machine in target domain with target account, create Outlook profile etc
6. Start migration of Batch 2 and repeat previous steps
7. On completion of migration of all batches perform ADPW and EPW to remove source account and clean up
 
I would like to understand if my proposed timing of the ADPW and EPW processing is right and if possible is there any specific pointers around the configuration of the wizards?
 
Thanks  Mark
Parents
No Data
Reply
  • Thanks for your reply.

    During testing I have noticed that the "LinkedMasterAccount" property of the get-mailbox command of the linked mailboxes is now showing Targetdomain\targetusername following the initial Exchange and AD Processing step. (I have just completed step 5 detailed above)

    Prior to this is was showing sourcedomain\sourceusername as expected due to it being a linked mailbox. Target accounts are still disabled.

    The mailboxes are still showing as linked and appear to be functional. Dual ACL's are present when viewing full mailbox, send as, client permssions etc. SID History has not yet been applied.

    I just want to verify if this is expected behaviour.
Children
No Data