Difference between revisions of "Archiving Emails from Microsoft 365 Hybrid"
[unchecked revision] | [checked revision] |
Rrommelrath (talk | contribs) |
Ltalaschus (talk | contribs) |
||
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | {{Multiline Notices|Heading=Important Notices|MailStore Server supports archiving emails from a hybrid environment with Microsoft 365 (Modern Authentication) and on-premises Exchange Server(s) only with | + | __NOTOC__ |
+ | {{Multiline Notices|Heading=Important Notices|MailStore Server supports archiving emails from a hybrid environment with Microsoft 365 (Modern Authentication) and on-premises Exchange Server(s) only with [https://learn.microsoft.com/en-us/exchange/exchange-hybrid Microsoft's Best Practice Guides] and only with the global Microsoft Cloud.|If you have archived emails from an Exchange server and synchronized users from an Active Directory until now, follow the article [[Changing Archiving from Microsoft Exchange Server to Microsoft 365]]. | ||
|For better readability, the terms ''Microsoft 365'' and ''Exchange Online'' are used interchangeably hereinafter instead of ''Exchange Online / Microsoft 365''. | |For better readability, the terms ''Microsoft 365'' and ''Exchange Online'' are used interchangeably hereinafter instead of ''Exchange Online / Microsoft 365''. | ||
| Please test the described configurations early, preferably in the trial phase. In case your scenario differs from Microsoft's described best practices or is in any other way more individual, questions about feasibility can be identified early and discussed with our technical support.}} | | Please test the described configurations early, preferably in the trial phase. In case your scenario differs from Microsoft's described best practices or is in any other way more individual, questions about feasibility can be identified early and discussed with our technical support.}} | ||
− | |||
== App Registration & User Synchronization == | == App Registration & User Synchronization == | ||
− | You have two | + | You have two options to synchronize users and their information into MailStore Server to make their mailboxes known and to allow them to log in at MailStore Server with their usual login details. |
− | + | === Synchronizing with Microsoft 365 (recommended for most scenarios) === | |
− | + | MailStore Server will only be synchronized with Microsoft Entra ID of your Microsoft 365 tenant. Since your local Active Directory is being synchronized with Microsoft Entra ID via a Microsoft Entra ID Connector, all relevant users details are also present in Microsoft 365. | |
− | The advantage is that you can use all modern authentication methods, | + | The advantage is that you can use all modern authentication methods, especially MFA, in MailStore Server. |
− | + | Proceed as if you solely had a [[Synchronizing User Accounts with Microsoft 365 - Modern Authentication|Microsoft 365 environment]]. | |
− | [[Synchronizing User Accounts with Microsoft 365 | ||
− | + | === Synchronizing with the local Active Directory of your company === | |
− | + | If you want to use Windows Authentication or Microsoft Active Directory Federation Services (ADFS) for logging in at MailStore Server you are able to synchronize MailStore Server with your local Active Directory.<br />If you want to archive user mailboxes, shared mailboxes or public folder you still have to follow the [[Synchronizing User Accounts with Microsoft 365 - Modern Authentication|user synchronization with Microsoft 365 article]] to provide proper access permissions to your Microsoft 365 tenant.<br /><br /> | |
− | + | Do not execute these steps: | |
− | + | :* 2.4 Configuring App Authentication in Microsoft Entra ID | |
− | [[Synchronizing User Accounts with Microsoft 365 | + | :* 2.5 Configuring the Redirect URI in MailStore Server |
− | + | :* 2.7 User Database Synchronization | |
− | To | + | :* 4. Running Directory Services Synchronization |
− | [[Active Directory Integration]] | + | The created app will be used later in the process for archiving the mailboxes. To synchronize users from the local Active Directory, follow the [[Active Directory Integration]] article now. |
== Archiving Microsoft 365 Mailboxes or Public Folders == | == Archiving Microsoft 365 Mailboxes or Public Folders == | ||
− | Use the manual for archiving mailboxes in Microsoft 365 as a guide | + | Use the manual for archiving mailboxes in Microsoft 365 as a guide. On-premise Exchange mailboxes are also being archived using Microsoft 365. |
− | * [[ | + | * [[Archiving_Emails_from_Microsoft_365_-_Modern_Authentication#Archiving_Individual_Microsoft_365_Mailboxes|Archiving Individual Mailboxes]] |
− | * [[ | + | * [[Archiving_Emails_from_Microsoft_365_-_Modern_Authentication#Archiving_Multiple_Microsoft_365_Mailboxes_Centrally|Archiving Multiple Mailboxes Centrally]] |
− | * [[ | + | * [[Archiving_Emails_from_Microsoft_365_-_Modern_Authentication#Including_Microsoft_365_Shared_Mailboxes|Shared Mailboxes]] |
− | * [[ | + | * [[Archiving_Emails_from_Microsoft_365_-_Modern_Authentication#Public_Folders|Public Folders]] |
+ | * [[Archiving_Emails_from_Microsoft_365_-_Modern_Authentication#Archiving_Individual_Microsoft_365_Archive_Mailboxes|Archiving Individual Archive Mailboxes]] | ||
+ | * [[Archiving_Emails_from_Microsoft_365_-_Modern_Authentication#Archiving_Multiple_Microsoft_365_Archive_Mailboxes_Centrally|Archiving Multiple Archive Mailboxes Centrally]] | ||
== Archiving Incoming and Outgoing Emails Directly == | == Archiving Incoming and Outgoing Emails Directly == | ||
− | + | Both your Microsoft 365 tenant and on-premises Exchange Server need to be configured to send journal reports for incoming and outgoing mails. | |
− | * First | + | * First configure the Journaling for Microsoft 365 with the MailStore Gateway: [[Archiving_Emails_from_Microsoft_365_-_Modern_Authentication#Archiving_Incoming_and_Outgoing_Emails_Directly|Archiving Incoming and Outgoing Emails Directly - Microsoft 365]] |
− | * Then configure your local Exchange Server | + | * Then configure your local Exchange Server to also send their journal reports to the same Gateway mailbox. Use the manual for your matching Exchange Server version, but we recommend not creating a journal mailbox (skip step 1 in this case), but to define the external email address of your MailStore Gateway to be the recipient of these reports. This way, all reports are received at the same destination: |
** [[Archiving_Emails_from_Microsoft_Exchange_2019#Archiving_Incoming_and_Outgoing_Emails_Directly|Exchange 2019]] | ** [[Archiving_Emails_from_Microsoft_Exchange_2019#Archiving_Incoming_and_Outgoing_Emails_Directly|Exchange 2019]] | ||
** [[Archiving_Emails_from_Microsoft_Exchange_2016#Archiving_Incoming_and_Outgoing_Emails_Directly|Exchange 2016]] | ** [[Archiving_Emails_from_Microsoft_Exchange_2016#Archiving_Incoming_and_Outgoing_Emails_Directly|Exchange 2016]] | ||
− | ** [[Archiving_Emails_from_Microsoft_Exchange_2013#Archiving_Incoming_and_Outgoing_Emails_Directly|Exchange 2013]] | + | ** [[Archiving_Emails_from_Microsoft_Exchange_2013#Archiving_Incoming_and_Outgoing_Emails_Directly|Exchange 2013 (Legacy System)]] |
− | [[de:E-Mail- | + | [[de:E-Mail-Archivierung_von_Microsoft_365_Hybrid]] |
− | [[en: | + | [[en:Archiving_Emails_from_Microsoft_365_Hybrid]] |
Latest revision as of 14:48, 27 March 2024
- MailStore Server supports archiving emails from a hybrid environment with Microsoft 365 (Modern Authentication) and on-premises Exchange Server(s) only with Microsoft's Best Practice Guides and only with the global Microsoft Cloud.
- If you have archived emails from an Exchange server and synchronized users from an Active Directory until now, follow the article Changing Archiving from Microsoft Exchange Server to Microsoft 365.
- For better readability, the terms Microsoft 365 and Exchange Online are used interchangeably hereinafter instead of Exchange Online / Microsoft 365.
- Please test the described configurations early, preferably in the trial phase. In case your scenario differs from Microsoft's described best practices or is in any other way more individual, questions about feasibility can be identified early and discussed with our technical support.
App Registration & User Synchronization
You have two options to synchronize users and their information into MailStore Server to make their mailboxes known and to allow them to log in at MailStore Server with their usual login details.
Synchronizing with Microsoft 365 (recommended for most scenarios)
MailStore Server will only be synchronized with Microsoft Entra ID of your Microsoft 365 tenant. Since your local Active Directory is being synchronized with Microsoft Entra ID via a Microsoft Entra ID Connector, all relevant users details are also present in Microsoft 365. The advantage is that you can use all modern authentication methods, especially MFA, in MailStore Server. Proceed as if you solely had a Microsoft 365 environment.
Synchronizing with the local Active Directory of your company
If you want to use Windows Authentication or Microsoft Active Directory Federation Services (ADFS) for logging in at MailStore Server you are able to synchronize MailStore Server with your local Active Directory.
If you want to archive user mailboxes, shared mailboxes or public folder you still have to follow the user synchronization with Microsoft 365 article to provide proper access permissions to your Microsoft 365 tenant.
Do not execute these steps:
- 2.4 Configuring App Authentication in Microsoft Entra ID
- 2.5 Configuring the Redirect URI in MailStore Server
- 2.7 User Database Synchronization
- 4. Running Directory Services Synchronization
The created app will be used later in the process for archiving the mailboxes. To synchronize users from the local Active Directory, follow the Active Directory Integration article now.
Archiving Microsoft 365 Mailboxes or Public Folders
Use the manual for archiving mailboxes in Microsoft 365 as a guide. On-premise Exchange mailboxes are also being archived using Microsoft 365.
- Archiving Individual Mailboxes
- Archiving Multiple Mailboxes Centrally
- Shared Mailboxes
- Public Folders
- Archiving Individual Archive Mailboxes
- Archiving Multiple Archive Mailboxes Centrally
Archiving Incoming and Outgoing Emails Directly
Both your Microsoft 365 tenant and on-premises Exchange Server need to be configured to send journal reports for incoming and outgoing mails.
- First configure the Journaling for Microsoft 365 with the MailStore Gateway: Archiving Incoming and Outgoing Emails Directly - Microsoft 365
- Then configure your local Exchange Server to also send their journal reports to the same Gateway mailbox. Use the manual for your matching Exchange Server version, but we recommend not creating a journal mailbox (skip step 1 in this case), but to define the external email address of your MailStore Gateway to be the recipient of these reports. This way, all reports are received at the same destination: