Well in my case it wasn’t to be, until I found out what the underlying issue was! Read on to find out.
Hey folks! Pure Awesomeness back again for 2019 with my first blog post of the year! I can just imagine some of the questions going through your minds…
Q1) Where in the world have you been?
A1) In my man cave
Q2) What have you been up to?
A2) Watching all the Batman movies to understand how Joel Schumacher got it so wrong with Batman Forever and Batman and Robin!
Q3) Are you going to grace us with a whole stack of new blog material and jam pack our cerebrums with vast knowledge about the Exchange and Office 365 worlds in 2019?
So I’ve been working on an Exchange on premises to Exchange Online migration for one of my many customers and once we had gone through and ticked off all the prerequisite tasks that we needed to complete, it came down to the exciting part…running the all important Hybrid Configuration Wizard (aka the HCW because you know, us consultants are all about acronyms and having another one added to our vocabulary can’t be a bad thing right?)
1. Log into the Office 365 portal
2. Download the HCW
3. Progress through the HCW prompts – (things are looking good at this point)
4. Be presented with the error below – (commence scratching of head, look aimlessly into the abyss and wonder what steak you’re going to eat tonight)
5. Read this blog to find the answer!…of the error…not what steak you’re going to eat tonight
Naturally, the first thing to check were the MRS proxy, firewalls and rules configured. Both myself and the customer confirmed that the required ports for the hybrid were open and operational.
Secondly, I tried creating a migration endpoint directly from the Exchange Admin Centre in O365. No success! At this point, I did what any consultant would do…duck out for a cup of liquid gold and come back with a caffeine infused mindset and try and tackle this issue once more by referring to a good friend…Dr Google.
Searching and searching across various articles and comments posted by like minded individuals from all corners of the globe, I came across an article which at first glance looked like a long shot but after reading it over and over again, I thought that this might actually solve the issue.
This is the part where you tell us what the article stated and how you solved the issue right? Quite possibly my apprentice but first, sign up to Insentragram! Yep, you knew this was coming! 🙂
So, the article basically stated that the Exchange servers in the organisation should only be a part of a specific set of security groups, listed below (because what kind of blog would this be if I didn’t help my fellow Exchange/O365 consultants)
- Domain Computers
- Exchange Install
- Domain Servers
- Exchange Servers
- Exchange Trusted Subsystem
- Managed Availability Servers
After logging onto Active Directory, locating the Exchange server objects and checking their memberships, I was gobsmacked to find that whilst the servers in question were part of the above mentioned groups, there were a couple of other non Windows built in security groups these servers were members of. Yes, I will admit that at this point, I may have done a bit of an Evan Almighty dance in my chair.
After discussing with the customer about the additional groups, they agreed that the servers could be removed from the groups (these were just legacy security groups which now did basically nothing in the organisation).
After the servers were removed, I logged back into the Exchange Admin Centre in O365 and attempted to configure the migration endpoint again manually and SUCCESS!! *Queue the Carlton dance (Fresh Prince of Bel Air – you know the one!*
Tested the endpoint by migrating a test mailbox successfully to Exchange Online! Happy days!
Moral of the story: Ugly duckling legacy security groups can cause hybrid endpoint issues!
Until next time, Pure Awesomeness signing off!
Our greatest weakness lies in giving up. The most certain way to succeed is always to try just one more time. – Thomas Edison
Want these insights delivered straight to your inbox?
Enter your details to join Insentragram
ABOUT THE AUTHOR
Hambik Matvosian AKA “Pure Awesomeness”
Consultant | Insentra
Recognised IT professional with a proven track record in the design and delivery of business critical solutions for Small to Medium Enterprises.
A dynamic individual who has the ability to communicate with clients on all business levels and has a passion for both technology and building strong client relationships. Also a proven track record with managing, leading and mentoring other team members to consistently achieve their best.
A keen sense of direction and an understanding of emerging technologies and the ability to integrate these technologies to fulfill critical business requirements.