Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2013-01-25
When configuring a hybrid deployment, you have to install at least one hybrid server in your existing Microsoft Exchange organization. Hybrid servers are additional servers configured with Service Pack 3 (SP3) for Exchange Server 2010 server roles that coordinate communication between your existing Exchange 2007 organization and the Exchange Online organization. This communication includes message transport and messaging features between the on-premises and Exchange Online organizations. We highly recommend installing more than one hybrid server in your on-premises organization to help increase reliability and availability of hybrid deployment features.
Server Roles in a Hybrid Deployment
Here is a quick overview of the Exchange 2010 server roles in a hybrid deployment:
- Client Access server role The Client
Access server role on a hybrid server provides essentially the same
functionality typically provided by other Client Access servers in
your Exchange 2007 organization with a few additions required to
support a hybrid deployment. All client connectivity, including
Outlook client access, Outlook Web App, and Outlook Anywhere goes
through the hybrid Client Access server role. Organization
relationship features between the on-premises and Exchange Online
organizations, such as free/busy sharing, are also handled by the
hybrid Client Access server role.
Learn more at: Understanding Client Access
- Hub Transport server role The Hub
Transport server role on a hybrid server handles all mail flow
between the on-premises and Exchange Online organizations and
between the on-premises organization and the Internet. It helps to
secure transport communication between the on-premises and Exchange
Online organizations, as well as handling transport rules,
journaling policies, and message delivery to user mailboxes in a
Learn more at: Overview of the Hub Transport Server Role
Depending on the hybrid deployment configuration that you want, a hybrid server requires one or more of the server roles to be installed on it:
- Single hybrid server If you choose to
install a single hybrid server in your on-premises organization,
you’ll need to install the Client Access and Hub Transport server
roles on the single hybrid server.
- More than one hybrid server If you
choose to install more than one hybrid server in your on-premises
organization, you can install the server roles on separate servers
in your on-premises organization. For example, you could install
one hybrid server that has the Client Access role installed and
also install another hybrid server that has only the Hub Transport
server role installed. However, the best practice and recommended
hybrid server configuration is to install the Client Access and Hub
Transport servers on each hybrid server deployed in your
If you also decide to install the optional Exchange 2010 Mailbox server role in your hybrid deployment, you should add the Mailbox server role to each hybrid server that has the Client Access and Hub Transport server roles installed. Learn more about the Mailbox server role at: Overview of the Mailbox Server Role
Hybrid Server Functionality
A hybrid server provides several important functions for your on-premises organization in a hybrid deployment:
- Federation Hybrid servers enable you to
create a federation trust for your on-premises organization with
the Microsoft Federation Gateway. The Microsoft Federation Gateway
is a free, cloud-based service offered by Microsoft that acts as
the trust broker between your on-premises organization and the
Office 365 tenant organization. Federation is a requirement
for creating an organization relationship between the on-premises
and the Exchange Online organizations.
Learn more at: Understanding Federation
- Organization relationships Hybrid
Client Access servers enable the creation of organization
relationships between the on-premises and Exchange Online
organizations. Organization relationships are required for many
other services in a hybrid deployment, including calendar free/busy
information sharing, message tracking, and mailbox moves between
the on-premises and Exchange Online organizations.
Learn more at: Understanding Federated Delegation
- Message transport Hybrid Hub Transport
servers are responsible for message transport in a hybrid
deployment. Using Send and Receive connectors, they replace the
on-premises Exchange 2007 Hub Transport server as the connection
endpoint for incoming external messages and also provide outbound
message delivery to the Internet and the Exchange Online
Learn more at: Understanding Transport
- Message transport security Hybrid Hub
Transport servers help to secure message communication between the
on-premises and Exchange Online organizations by using the Domain
Security functionality in Exchange 2010. Security can be increased
by using mutual transport layer security authentication and
encryption for message communications.
Learn more at: Understanding Domain Security
- Outlook Web App Hybrid Client Access
servers support configuring a single URL endpoint for external
connections to on-premises and Exchange Online mailboxes. For
on-premises mailboxes, hybrid Client Access servers are configured
to automatically redirect user Outlook Web App requests to your
Exchange 2007 Client Access server. For Exchange Online
organization mailboxes, hybrid Client Access servers are configured
to automatically display a link to the Outlook Web App endpoint on
the Exchange Online organization.
- Learn more at: Understanding Outlook
Hybrid Server Topology
A hybrid server is deployed much like an Exchange 2010 server would be deployed to your existing Exchange 2007 organization. Using the Client Access, Mailbox, and Hub Transport server roles, hybrid servers are responsible for many services for your on-premises organization that are currently provided by your existing Exchange 2007 servers. The following table describes briefly the changes in services after configuring a hybrid deployment.
|Service||Before hybrid server deployment||After hybrid server deployment||Description|
Message transport (inbound and outbound)
Exchange 2007 Client Access server
Hybrid Hub Transport server(s)
The MX (mail exchanger) record for the domain may be updated to point to hybrid Hub Transport servers.
Outlook Web App public URL
Exchange 2007 Client Access server
Hybrid Client Access server(s)
Hybrid Client Access servers redirect Outlook Web App requests to the publicly accessible endpoint on the Exchange 2007 Client Access server.
Hybrid Server Software
Service Pack 3 (SP3) for Exchange Server 2010 enables hybrid deployment functionality with the Hybrid Configuration wizards. You can use any Exchange 2010 SP3 media when installing the hybrid server.
Additionally, we recommend that you install future Update Rollups for Exchange 2010 SP3 on all your hybrid servers. Microsoft releases update rollup packages approximately every six to eight weeks. The rollup packages are available via Microsoft Update and the Microsoft Download Center. In the Search box on the Microsoft Download Center, type "Exchange 2010 SP3 update rollup" to find links to the rollup packages for Exchange 2010 SP3.
Download Exchange Server 2010 SP3 at: Exchange 2010 Service Pack 3 (SP3)
Find update rollup packages at: Microsoft Download Center
|You need to provide an Exchange 2010 Hybrid Edition product key on the hybrid server when you configure a hybrid deployment with Office 365. To obtain a Hybrid Edition product key, contact Office 365 support.|