Image may be NSFW.
Clik here to view.
The last article in the three article series of Pre requirement of Exchange hybrid environment is just a short checklist of the components and, the subject that we need to prepare and verify before we get into the Exchange Hybrid environment.
To be able to optimize the navigation in the article, you can use the collapse and expand option.
| Collapse All Headers |
Hybrid deployment in Office 365 | Checklist
1. Exchange Hybrid server version
Exchange 2010
In case that the Exchange Hybrid server is Exchange 2010, verify that you have installed Exchange 2010 service pack 3 and the last Exchange 2010 Rollup.
At the current time, the most updated Rollup for Exchange 2010 SP3 is: Rollup 6
Exchange 2013
In case that the Exchange Hybrid server is Exchange 2013, verify that you have installed Exchange 2013 service pack 1.
Check for more information in the section: 1. Exchange Hybrid server version
2. Exchange On-Premise Hybrid server | Public IP address and Public name (FQDN)
Exchange On-Premise Hybrid server | Public IP address
- Verify that a dedicated Public IP address was assigned for the Exchange On-Premise Hybrid server.
(Check that the required Firewall was created)
Exchange On-Premise Hybrid server | Public Name
- Verify that the Exchange On-Premise Hybrid server Public name is published in the Public Network.
(Check that the required Public DNS record was created)
General
- Verify that the Exchange On-Premise Hybrid server “Public name” (FQDN) is “mapped” to the Public IP address.
Check for more information in the section: 2. Exchange On-Premise Hybrid server | Public IP address and Public name (FQDN)
3. Exchange On-Premise Hybrid server | Port number and protocols
- Verify that Public Hosts can access Exchange On-Premise Hybrid server using the port 443 (HTTPS) and 25 (SMTP).
- Verify that the Exchange On-Premise Hybrid server can access hosts on the public network using the ports 443 (HTTPS) and 25 (SMTP).
Check for more information in the section:3. Exchange On-Premise Hybrid server | Port number and protocols
4. Exchange On-Premise Hybrid server | Public IP address and Static NAT
Verify that the organization Firewall has a static NAT rule that assigns a public IP address to the Exchange Online when the Exchange on-Premises server creates an outbound session (communicate with external hosts) and, the same public IP that is mapped to the Exchange on-Premises server public name and will be used by external hosts such as the Exchange Online server.
Check for more information in the section: 4. Exchange On-Premise Hybrid server | Public IP address and Static NAT
5. ISA\TMG server and a Firewall server
In case that you use the ISA\TMG server to publish the Exchange on-Premises server verifies that:
- The ISA\TMG web publishing rule includes the required “path” for the Exchange on-Premises server EWS virtual folder and AutoDiscover Virtual folder.
- The ISA\TMG web publishing rule doesn’t configure with a requirement of authentication for: the Exchange on-Premises server EWS virtual folder and AutoDiscover Virtual folder.
Check for more information in the section: 5. ISA\TMG server and a Firewall server
6. Firewall inbound\Outbound access policy | Office 365 and Exchange Online Public IP range
In case that you implement Firewall policy, such as:
- Outbound Policy that enables the Exchange Hybrid server to connect only a predefined Public IP range of the Office 365 and Exchange Online servers.
- Inbound Policy that enables only Office 365 and Exchange Online servers to communicate with the Exchange Hybrid server.
- Try to avoid from these restrictions when running the “first-time time Hybrid configuration”
- Verify and double-check that you get the accurate information about all the Public IP range that is the use by Microsoft for the Office 365 services (Exchange Online, Windows Azure Active Directory and more)
- Subscribe to RSS feed for getting updates about changes in the Office 365 services public IP ranges
Check for more information in the section: 6. Firewall inbound\Outbound access policy | Office 365 and Exchange Online Public IP range
7. Exchange On-Premise Hybrid server | AutoDiscover service
AutoDiscover record and Public Network
- Verify that the AutoDiscover record was created and published on the Public Network.
Verify successful operation of Exchange On-Premise AutoDiscover process
- Verify that you can access prom public network the Exchange On-Premise server and gets the required information form the AutoDiscover service. Verify that the AutoDiscover service is configured correctly: that you can access AutoDiscover service from public network and get the required XML file.
AutoDiscover and Exchange On-Premise server version
- In case that you’re Exchange on-Premises environment includes a couple of Exchange versions such as: Exchange 2003, 2007, etc., redirect the AutoDiscover record to the Exchange On-Premise Hybrid server (AutoDiscover record is pointing to the Exchange On-Premise server with the most updated version.)
AutoDiscover record pointing to the Exchange On-Premise server
- Verify that the AutoDiscover record pointing to the Exchange On-Premise server and not to the Office 365 AutoDiscover services.
Check for more information in the section: 7. Exchange On-Premise Hybrid server | AutoDiscover service
8. Exchange On-Premise Hybrid server | EWS service
- Verify that the EWS services on the Exchange On-Premise Hybrid server is configured correctly: that you can access the EWS service from a public network and, get the required XML file.
Check for more information in the section: 8. Exchange On-Premise Hybrid server | EWS service
9. Exchange On-Premise Hybrid server | Public Certificate
- Verify that the Exchange On-Premise Hybrid server has a Public Certificate (certificate that was created by a Public CA).
- Verify that the Public Certificate expiration date is valid.
- In case that you use SAN certificate, verify that certificate alternative subject name includes all the public host’s names of the AutoDiscover service, the Exchange On-Premise Hybrid server and so on.
- Verify that the Public certificate on the Exchange On-Premise Hybrid server was assigned to the IIS and SMTP services.
Check for more information in the section: 9. Exchange On-Premise Hybrid server | Public Certificate
10. Microsoft MFG server and the proof of the ownership process
To be able to create the trust with the Microsoft MFG server, you will need to configure a TXT record and the Public DNS.
- Verify that you have Access (the administrator account) to the Public DNS that “Hosts” the organization Public domain name.
- Verify that the proof of ownership TXT record was created in the Public DNS
Check for more information in the section: 10. Microsoft MFG server and the proof of the ownership process
11. Direct communication channel | Exchange on-Premises server to Exchange Online
Verify that the On-Premise “End-point” is the Exchange On-Premise Hybrid server
Check for more information in the section: 11. Direct communication channel | Exchange on-Premises server to Exchange Online
Hybrid deployment in Office 365 - Checklist Document
The be able to document the different components and infrastructure that include in the “hybrid deployment in Office 365 Checklist” I have created a checklist document that you can download and use.
Each of the “sections” includes a form button that will help you to choose the answer for the specific section.
In the following screenshot, we can see an example to the “answer form button” that appears in each of the checklist sections.
Image may be NSFW.
Clik here to view.
Script Box
For your convenience, I have “Wrapped” all of Checklist items that was reviewed, In a Word Document form named: Hybrid deployment in Office 365 Checklist document
Download DocumentA quick reference for the article series
|
Image may be NSFW. Clik here to view.  Hybrid deployment in Office 365 | Checklist and pre requirements | Part 1/3 |
Hybrid deployment in Office 365 | Checklist and pre requirements | Part 1/3 This is the first article on the three article series deal with the pre requirement that we need to check and very before the implementation of Exchange hybrid environment. In the first article, we review factors and components such as:
|
|
Image may be NSFW. Clik here to view.  Hybrid deployment in Office 365 | Checklist and pre requirements | Part 2/3 |
Hybrid deployment in Office 365 | Checklist and pre requirements | Part 2/3 This is the second article in the three article series deal with the pre requirement that we need to check and very before the implementation of Exchange hybrid environment. In the second article, we review additional factors and components such as:
|
We really want to know what you think about the article
The post Hybrid deployment in Office 365 | Checklist and pre requirements | Part 3/3 appeared first on o365info.com.