Microsoft releases ability to remove last Exchange server from hybrid environments

To stay in a supported state, even organizations that moved all their mailboxes to Exchange Online, have been required to keep at least one Exchange Server running in the Classic AD environment, to handle the Exchange recipient management, as long as the directory synchronization to Azure AD was running.

Microsoft underlined in a clear support statement, that using third-party tools, including ADSIEDIT, was not supported:

The Exchange Management Console, the Exchange admin center (EAC), and the Exchange Management Shell are the only supported tools that are available to manage Exchange recipients and objects.”

So, organizations have effectively been prevented from managing synchronized Exchange recipients directly in Azure AD or Exchange Online, and thus have been dependent on a local Exchange Server.

Running an Exchange Server in the classic environment can provide some benefits, in addition to recipient management, which may include SMTP Relaying, bulk mail routing. For many organization, the benefits does not justify the the added overhead and complexity of keeping Exchange running, and a cloud-only service provide a much more optimal solution.

With the release of Exchange Server 2019 H1 2022 Cumulative Update (or higher) follows the long waited ability to remove the last Exchange server.

Included in the new Exchange update is an updated Exchange Management Tools role designed specifically to address the case where the last Exchange server is only running due to the recipient management requirement.

The new Management Tools role does not require a running Exchange server for recipient management, but can be installed on a domain-joined workstation, and enable recipient management using Windows PowerShell.

The following list of conditions must all be true, to allow the last Exchange server to be removed.
The organization must:

  • Have migrated all mailboxes and public folders to Exchange Online.
  • Use AD for recipient management and Azure AD Connect for synchronization.
  • Not require the on-premises Exchange Admin Center or Exchange Role-Based Access Control (RBAC).
  • Be comfortable with using only Windows PowerShell for recipient management.
  • Not require auditing or logging of recipient management activity.
  • Run only one Exchange server and only for recipient management purposes.
  • Want to manage recipients without running any Exchange servers.

If these conditions are true, and the organization have verified that the Exchange Management Tools can run without an Exchange Server, the organization may start Installing the Exchange management tools on an domain-joined computer.

Currently, the supported operating systems for the Exchange Management Tools are: Windows Server 2022, Windows Server 2019 or Windows 10.

Note:

Installing the updated Exchange Management Tools in an environment with only Exchange 2013 and/or Exchange 2016 will upgrade the Exchange organization to Exchange Server 2019, and will perform an AD schema update.

After the updated Exchange Management Tools is deployed on a separate computer, the organization may continue and permanently shut down the last Exchange Server.

Do not Uninstall the Exchange Server !

Finalize the removal with cleaning up the Active Directory – but only if the organization never intent to run an Exchange Server again.

Bonus:

The Exchange Server CU12 includes a change to the Exchange Server License Terms which add a free product key for Exchange 2019 hybrid servers. This was previously available only for Exchange 2010, Exchange 2013, and Exchange 2016. The Hybrid Configuration wizard has been updated to support this change.

References:

This site uses Akismet to reduce spam. Learn how your comment data is processed.