Applies to: Exchange Server 2013, Exchange Online

Topic Last Modified: 2013-08-08

This topic explains how to modify an existing hybrid deployment for a Microsoft Exchange Server 2013 organization and an Exchange Online organization in Office 365 for enterprises. Let's assume you as the Exchange administrator want to do the following:

NoteNote:
You can use the Shell to disable both of these hybrid deployment features, but the only hybrid feature that the Hybrid Configuration wizard allows you to disable is centralized mail transport. If you need to enable or disable other individual hybrid deployment features, you must use the Shell.

For additional management tasks related to hybrid deployments, see Hybrid Deployment procedures.

ImportantImportant:
This feature of Exchange Server 2013 isn’t fully compatible with Office 365 operated by 21Vianet in China and some feature limitations may apply. For more information, see Learn about Office 365 operated by 21Vianet.

What do you need to know before you begin?

  • Estimated time to complete: 30 minutes

  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Hybrid deployments” entry in the Exchange and Shell infrastructure permissions topic.

  • You’ll need the credentials for an on-premises account that is a member of the Organization Management management role group. For example, the password for the account “domain\administrator”.

  • You’ll need the credentials for an Office 365 tenant account that is a member of the Organization Management management role group. For example, the password for the account “administrator@contoso.onmicrosoft.com”.

  • This topic assumes the following organization configuration of the hybrid deployment:

    The hybrid deployment was created and configured with the Hybrid Configuration wizard.

    The Enable centralized mail transport option was selected when the hybrid deployment was created and configured with the Hybrid Configuration wizard.

  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.

Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.

How do you do this?

Step 1: Use the Hybrid Configuration wizard to disable centralized mail transport

Use the Exchange Administration Center (EAC) and the Hybrid Configuration wizard to disable the centralized mail transport feature in your hybrid deployment.

  1. Open the EAC and select the Hybrid node.

  2. Click Modify to start the Hybrid Configuration wizard.

  3. Click Next. You don’t need to update the domains configured for the hybrid deployment.

  4. Click Next. You don't need to configure DNS TXT records.

  5. Clear the Enable centralized mail transport check box to disable centralized mail transport for the hybrid deployment. Click Next.

  6. Click Next. You don't need to update the Client Access servers.

  7. Click Next. You don't need to update the Mailbox servers.

  8. Click Next. You don't need to select a different digital certificate.

  9. Click Next. You don't need to update the FQDN of the Client Access servers.

  10. Complete the following fields:

    • Domain\user name   Type the domain and user name for an account that is a member of the Organization Management role group in the on-premises organization. For example, “domain\administrator”.

    • Password   Type the password for the on-premises account you entered in the Domain\user name text box. Click Next.

  11. Complete the following fields:

    • User ID   Type the new domain and user name for an account that is a member of the Organization Management role group in the Office 365 organization. For example, “administrator@contoso.onmicrosoft.com”.

    • Password   Type the password for the Office 365 account you entered in the previous step. Click Next.

  12. Click Update to accept the new configuration selections and update the hybrid deployment.

  13. After the hybrid deployment configuration is complete, the wizard displays a completion message and the OK button is displayed. Click OK to complete the hybrid deployment configuration process and to close the wizard.

Step 2: Use the Shell to disable secure mail

Use the Shell to disable the secure mail feature in your hybrid deployment.

  1. Use the following command to specify your on-premises credentials. For example, run this command and then enter “admin@contoso.com” and the associated account password in the credentials dialog when prompted.

    Copy Code
    $OnPremisesCreds = Get-Credential
    
  2. Use the following command to specify your Office 365 for enterprises tenant credentials. For example, run this command and then enter “admin@contoso.onmicrosoft.com” and the associated account password in the credentials dialog when prompted.

    Copy Code
    $TenantCreds = Get-Credential
    
  3. This step disables the secure mail feature and keeps the centralized mail transport feature disabled that had been modified by the Hybrid Configuration wizard steps. Also, this step keeps the Exchange Online Archive, MailTips, Outlook Web App redirection, free/busy, and message tracking features that were already enabled between the on-premises and Exchange Online organizations.

    Copy Code
    Set-HybridConfiguration -Features OnlineArchive,MailTips,OWARedirection,FreeBusy,MessageTracking
    
  4. Use the following command to update the HybridConfiguration object and to define the credentials that will be used when updating the HybridConfiguration object and connecting to the Office 365 for enterprises tenant.

    Copy Code
    Update-HybridConfiguration -OnPremisesCredentials $OnPremisesCreds -TenantCredentials $TenantCreds
    

How do you know this worked?

To verify that you have successfully disabled centralized mail transport and secure mail, run the following command in the Shell for the on-premises organization. This command displays the hybrid configuration features that are enabled in the hybrid deployment. Verify that SecureMail and CentralizedMail are not listed in the results for the Feature parameter.

Copy Code
Get-HybridConfiguration