Over the past weekend, we’ve completed an Office 365 migration for a small client. It’s not our first migration, but to date it’s been the trickiest, despite the absence of any Active Directory integration.
This article is a post-mortem analysis, covering the expected and the unexpected. If you’re planning an Office 365 migration, especially with Mac clients, I hope you’ll find some of these lessons helpful.
The upside of this customer is that they are small – a total of 35 seats. The downside of this customer is that they are small – most of the well-oiled Enterprise controls and management tools were missing. That made the migration a very manual process.
The 35 seats were spread over 4 different offices across New Zealand, Australia and China and we did everything remotely. 99% of the staff use Apple Macs. There’s no Windows server, no Active Directory and no Apple server. Identities are managed locally on each machine. There’s also no centralized management for the Mac machines.
The existing systems consisted of emails on a hosted, outdated Apple Mail server accessed via the Apple Mail client, calendar entries in GSuite and files in Google Drive. The customer has two different divisions to their business with two different custom domain names. We’d already provisioned an Office 365 tenant for domain1.com which was in use by some New Zealand staff for email and Microsoft Office.
Sound messy? It was, hence why the customer had agreed to consolidate things to Office 365, starting with email.
Planning for what was known
With our previous migration experience and knowledge of the customer’s environment, there were a significant number of things that we already knew about this project that allowed us to plan for it.
Mail client change – We’d strongly recommended that they switch to using the latest Outlook for Mac client instead of Apple Mail. If you’re going to switch to a different technology, use the products that work the best with it. Outlook for Mac offers key functionality for Office 365 based email accounts that Apple Mail just doesn’t support.
Office applications – The selected Office 365 licensing plan also included desktop installations of Word, Excel and Powerpoint, so we planned to install these too and pin Word, Excel and Outlook to the dock. Without any Enterprise software deployment tools, that meant a manual installation on every device. We picked one machine at each site to download the Office package to (from the Office 365 portal), then shared that as the source for the other machines on that network.
Unattended remote access – Businesses hate being interrupted, so we connected to each device over the weekend. We had to ensure that we have full unattended remote access to the machines before everyone left the office on Friday night (Thursday night for New Zealand due to a public holiday) and that they wouldn’t go into power save mode.
Mailbox sizes – The hosting provider could give us a list of the current mailbox sizes, so we knew what volumes of email we could expect. A migration would suck all of that mail up from the hosted Apple Mail server and then individually download it again to each user’s Mac. With some offices having slow Internet connections, we had to take data volumes into account when planning timeframes for the migration.
Passwords, passwords everywhere – Another downside to a lack of management tools was the need to log on as every user, to their own machine, to ensure that the setup of Outlook was completed and all their mail was locally synced. We needed the user’s passwords to do this as there is no other way to impersonate them. Without a directory server, we also couldn’t reset any user accounts we had left out, so all this information was gathered before the migration. That also included the passwords for their Apple Mail accounts and GSuite accounts.
They were used to sharing passwords with each other, so this wasn’t an issue. As much as I hate having to do this, there are very few other options. The users don’t want to log in for me on a weekend and sit and watch while I configure things, but they could change their password to something temporary and change it again after I’d finished.
Document all the things – With access sorted, the other key piece of planning was aided by an excel spreadsheet. Here we got as much information from the customer as we could in regards to their email usage: names, primary email addresses, aliases, email groups and members, shared mailboxes and access etc. We also listed which machine belong to who, and used this to track as the migration progressed, adding columns and values for each stage of the software deployment and configuration deployment to track what had been done and what was still left to do.
DNS control – For this customer, their DNS records are managed by another party who also manages their websites. This isn’t uncommon, but required us to arrange for the necessary DNS record additions to be made ahead of time, and ask for the MX record to be changed when we were ready for the Office 365 mailboxes to start accepting inbound emails.
Data migration tool – Fortunately the email migration didn’t have to be run from each device, so we employed Skykick’s Data Only Migration to handle the data copy from Apple Mail to Office 365 and the creation of new user accounts and mailboxes.
Migration timeline – Experience with the Skykick tool set the high-level timeframe for this project. 1 week before go-live, the Apple Mail server details were added & the discovery process began. User account passwords were added, Office 365 accounts were created and matched, and Skykick began its initial data upload. It’s important to not that if you are migrating data from GSuite, the Google API limits you to pulling a maximum of 2GB of data every 24hrs, so beware that larger mailboxes can take days. That wasn’t a problem in this case though as the source mail system was an Apple Mail server. On the go-live weekend, the migration tool did a final delta sync and we could add the Outlook accounts to the Macs with a high level of confidence that their information had been copied. That Friday night, the MX record was also changed to point the custom domains to Office 365 as the primary servers, allowing it time to replicate over the non-working weekend. We also assured the owners of the business that their devices would be reconfigured first, because owners rarely take full weekends off!
User training – My colleague went down to the Sydney office to handle the largest user location and provide remote support to New Zealand (a 2hr timezone difference from Sydney). I stayed in Brisbane and provide remote training and support to the smaller Brisbane office and backup technical support to my colleague. Training on go-live morning consisted of showing the users the main differences between Apple Mail and Outlook, including switching to the calendar, adding server side rules and managing signatures. We threw in how to reply with a meeting invitation with one click, but that’s enough change for day one.
Reacting to the unknown
Despite our planning, we learnt a few things along the way and encountered a few problems.
Set default mail and calendar programs – When you install Outlook for Mac, it doesn’t automatically take over as the default application for mail and calendar. That had to be changed separately on each Mac.
Import Google calendars – We had a quick discussion and decided to include importing the calendar entries from GSuite on the same weekend. It was a last-minute turnaround decision, but removed the risk of people accepting emailed appointments and getting the Outlook/Office 365 calendar out of sync with the GSuite calendar. Ultimately it was a better move for the users. The process was rather tedious though, on a per user basis. No data migration tool for this one. Log in to GSuite as the user, export calendar to iCal zip file, unzip file and open .ics with Outlook, accept server connection prompt & allow for future, then all the entries appeared locally and slowly started syncing up to the Cloud. With time quickly running out, we limited this to only personal calendars for now.
Shared mailbox subfolders – Did you know that there are 3 different ways to open a shared mailbox in Outlook for Mac? One only gives you access to the Inbox, as we discovered. When then revisited the relevant machines to try option number two. Now the users can see all the shared mailbox’s subfolders!
Dude, where’s my sent mail? – Another issue was the default location for an email sent as a shared mailbox. It was appearing in the user’s sent mail instead of in the sent mail folder inside the shared mailbox. This meant that other delegates couldn’t see it. This behaviour is ‘by default’ a powershell command fixes it, copying all sent messages into the shared mailbox’s sent items too.
The mysterious sticky domain – This was the first problem we encountered and it’s currently with a level 2 support tech. The short story is that we added a second custom domain to the existing tenant (domain2.com), set it as the default and changed most users to have this as their primary SMTP address. Until it changed itself back. The only users it would revert for had previously used domain1.com so weren’t new users. No matter what method we used to set domain2.com as the default (including powershell) after a period of 30-60mins it would revert back again to domain1.com. We even tried removing the domain totally, re-adding & re-verifying it, and the symptoms came back even after the change had been verified in powershell. There is no logical reason why this domain would randomly change the primary SMTP address, so this one needs to be left to the Microsoft team.
It’s been a very long weekend, but overall the customer is happy. Their biggest fear was ‘losing everything’ and because that didn’t happen, they are somewhat reassured. Our plan B was always to revert to the original Apple mail server anyway with a flick of the MX records. The last few bits and pieces we’ll tidy up after we’ve had some sleep.
People often equate small business migrations with ‘simple’ and ‘easy’, without the complexity of ADFS or hybrid co-existence. Sometimes the smallness of an organization makes things complicated too, especially when the customer has grown quickly and adopted a multitude of different systems in the process.
We felt like we’ve earnt another 1,000 experience points, but we’re not in a hurry to do another Mac/Apple Mail/Google Calendar migration … at least not for a while.