Share via

Exchange Hybrid minimal config to manage mailboxes that are already in the cloud.

Arend Dieperink 40 Reputation points
2025-03-28T09:36:44.98+00:00

Hi

I have a customer that previously had Exchange 2010 installed. They then onboarded their mailboxes to the cloud and decided to remove the Exchange server.

Accounts are still synced from AD via Entra connect so they now that want to manage their mailboxes using an on-prem Exchange management server.

I have installed Exchange 2019 CU15.

What pre-requisites need to be in place to run the HCW with Minimal configuration for Recipient management only? I don't need all the config for migrating mailboxes and managing on-prem mailboxes or managing co-existence.

I am specifically looking for info around the type of SSL, Internal and External DNS, Virtual Directories and anything else that is relevant.

Thanks

Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
2,276 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Kaiyue Gong (Shanghai Wicresoft Co Ltd) 1,355 Reputation points Microsoft External Staff
    2025-03-31T06:24:08.31+00:00

    Hi @Arend Dieperink,

    Thank you for posting your question in the Microsoft Q&A forum.

    Based on your description, you would like to know the type of SSL, internal and external DNS, virtual directories, and other information required to run a minimally configured HCW.

    1. In Exchange services, certificates issued by trusted third-party CAs are used to help protect Secure Socket Layer (SSL) communications between Exchange servers and clients. Services that use certificates include Outlook Web Edition, Exchange ActiveSync, Outlook Anywhere, and Secure Mail Transfer. To help protect recipients in local and Exchange Online organizations, and to help ensure that messages sent between organizations are not intercepted and read, the transport between local organizations and the EOP is configured to use mandatory TLS. Secure Mail Transfer uses TLS/SSL certificates provided by a trusted third-party certificate authority (CA). Mail between EOP and Exchange Online organizations also uses TLS. For more detailed information, refer to the document: Transport options in Exchange hybrid deployments | Microsoft Learn
    2. This document discusses routing options for inbound mail from the Internet and outbound mail to the Internet, which can be determined by using DNS records for the MX records. Email routing in Exchange hybrid deployments | Microsoft Learn
    3. You can use the Get-AutodiscoverVirtualDirectory, Get-WebServicesVirtualDirectory commands to obtain information about virtual directories. Make sure that the URL of the virtual directory for EWS, Autodiscover, etc. is correct and matches the certificate.

    If the answer is helpful, please click on “Accept answer” as it could help other members of the Microsoft Q&A community who have similar questions and are looking for solutions.

    Thank you for your support and understanding.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.