Is it time to remove your last server?
You’ve migrated your last mailbox to Exchange Online, now you’re wondering what’s next?
Up until now Microsoft only supported the use of admin tools to perform recipient management activities when on-premises Azure Active Directory (AAD) was used for identity management. Organizations syncing identities to Azure AD using AAD Connect have needed to maintain an on-premises purely to manage recipients. Additionally, if they wanted to utilise the free hybrid license offered by Microsoft, Exchange Server 2016 was required as the hybrid license was not available for its 2019 counterpart.
New features
Microsoft made two cumulative update announcements in April 2022 which may have piqued your interest.
The first update is MS Exchange Server 2019 CU12 which included an update eliminating the need to run a single server for recipient management.
Now before you get all excited and decide to start uninstalling, there are several factors you need to consider prior to making the decision to remove the last server: All mailboxes and public folders must have been migrated to Exchange Online before going down this path. Your organization must also be very comfortable with managing recipients using PowerShell as there is no Admin Center GUI when the server is removed. This requirement may be a blocker for a lot of organizations whose support staff may not be proficient in PowerShell.
- You will no longer be able to use on-premises as a message relay. If you have any applications or devices sending messages via SMTP, they will need to be configured to use the platform for relaying or you will need to implement a different MTA (the Edge Transport role in a DMZ could be a good option).
- Other potential blockers include the removal of auditing and logging of recipient management activity and the inability to user RBAC roles.
If any of these are deal breakers, then you should retain your on-premises servers. The table below outlines each scenario and their respective advantages and disadvantages.
Management type | Requirements | Pros | Cons |
Hybrid |
|
|
|
Exchange management tools only |
|
|
|
One thing you must be mindful of if you do go down this path is you absolutely should NOT uninstall the last server. Doing this will remove some critical properties from AD and this will break your ability to manage accounts using the management tools (so cherish your arbitration mailboxes!)!
The second update is the MS Exchange Server 2019 now offers a product key for hybrid servers at no extra cost. Accordingly, organizations can retain an on-premises server without the cost of Exchange server licensing and move to the latest version of Exchange and Windows OS. This closes a security gap where previously organizations would be stuck with Exchange Server 2016 which required Windows Server 2016, both of which are getting a bit long in the tooth and should be removed from your organizations on-premises server footprint ASAP.
If you’re looking for any help or advice with Microsoft Exchange and more, as always, please contact us.