Step 2: Establishing trust between the source and target tenants
This is Step 2 in a solution designed to complete a Cross-tenant OneDrive migration. To learn more, see Cross-tenant OneDrive migration overview.
- Step 1: Connect to the source and the target tenants
- Step 2: Establish trust between the source and the target tenant
- Step 3: Verify trust has been established
- Step 4: Pre-create users and groups
- Step 5: Prepare identity mapping
- Step 6: Start a Cross-tenant OneDrive migration
- Step 7: Post migration steps
After connecting to the source and target tenant, the next step in performing a cross-tenant OneDrive migration is establishing trust between the tenants.
To establish trust, each SharePoint Online tenant administrator must run specific commands on both source and target tenants. Once the trust has been requested, the administrator of the target tenant will receive an email informing them that another tenant is trying to establish a trust relationship.
The "trust" command is specific to SharePoint Online. It only grants permission for the SharePoint administrator on the source tenant to execute OneDrive Migration operations to the identified target tenant.
Granting trust doesn't give the administrator any visibility, permission, or ability to collaborate between the source tenant and the target tenant.
If you are Microsoft 365 Multi-Geo customer, you must establish trust between each geography involved in your migration project.
Before you begin
Before running the trust commands, obtain the cross-tenant host URLs for both the source and target tenants. You'll need these URLs when establishing the trust relationship between source-to-target and target-to-source.
To obtain the cross-tenant host URLs:
On both the source and target tenants, run:
Example: Run command on Source tenant:
Example: Run command on target tenant:
Run the trust commands
These commands send a request to the tenant with whom you want to establish trust.
On the source tenant, run this command to send a trust request to the target tenant:
Set-SPOCrossTenantRelationship -Scenario MnA -PartnerRole Target -PartnerCrossTenantHostUrl <TARGETCrossTenantHostUrl>
On the target tenant, run this command to send a trust request to the source tenant:
Set-SPOCrossTenantRelationship -Scenario MnA -PartnerRole Source -PartnerCrossTenantHostUrl <SOURCECrossTenantHostUrl>
|PartnerRole||Roles of the partner tenant you're establishing trust with. Use source if partner tenant is the source of the OneDrive migrations, and target if the partner tenant is the Destination.|
|PartnerCrossTenantHostURL||The cross-tenant host URL of the partner tenant. The partner tenant can determine this for you by running: Get-SPOCrossTenantHostURL on each of the tenants.|
Sample trust email
The following in an example of the email that is sent to global admins:
Subject: SPO Tenant [https://a830edad9050849mnaus093022-my.sharepoint.com/] [setuporupdate] Organization Relation [Scenario=MnA, Role=Source] with us
Message: SPO Tenant [https://a830edad9050849mnaus093022-my.sharepoint.com/] [setuporupdate] Organization Relation [Scenario=MnA, Role=Source] with us