Goodbye, Exchange 2010 (And advice moving forward)
The end of an era. Exchange 2010 is End of Life today–no more security updates, no more extended support. I know there are quite a few servers left out there in the world, but many of them are not even in use (or they were merely in place for hybrid purposes). If this is you (or your customers), then make sure you get this taken care of sooner than later.
What should you do moving forward?
If you still have mailboxes on-prem, the preferred migration path is to Exchange Online, if you have not done so already.
If you are staying on-prem for some ridiculous reason, you would go to 2016, and eventually to 2019 (you cannot go straight from 2010 to 2019). As well, be aware that the last version that will support the “free” hybrid key is 2016. Therefore, most orgs will be moving to the Exchange 2016 version if their goal is to be in 365 eventually, or if they need to maintain a hybrid server for management. Do not go to 2019 if this is you.
(If you are reading between the lines here, it means that Microsoft will need to come up with a supported way to remove the last Exchange Server while still running Azure AD Connect, and this must happen before the 2016 EOL date–at present it is still not possible–that is, you must keep Exchange 2016 on-prem for hybrid management even if all mailboxes are moved to the cloud).
Last note: at Ignite it was announced that “vNext”–whatever that will be–is going to be offered as a subscription license, and will be continuously updated henceforth–similar to the cloud. Support for 2016 and 2019 will co-terminate in 2025. As well, it will be possible to perform an in-place upgrade from 2019 to the vNext edition. Review other announcements from Ignite here.
Comments (13)
It may be “unsupported” but we’ve been ripping out hybrid servers with ad connect in place. Anything you need to modify can be done so through basic AD attribute changes and then running syncs.
Yes, it is unsupported to use the attribute editor to modify Exchange properties, even though it is possible. As well, when you remove the “last” Exchange server that will have impacts on those attributes. Generally speaking the minimum you need is the domain prep from Exchange server media as well as to have all the Exchange aliases and other attributes backed up, so they could be re-imported as necessary. Note that MSFT also has the right to refuse service when you are running in an unsupported configuration. That having been said, so far, I have only heard of one instance where they required a customer to install Exchange before they could proceed further with troubleshooting.
Thanks for the reminder. We have an Exchange 2010 environment and installed Exchange 2016 for a hybrid environment. All mailboxes have been migrated from on-premises to Exchange Online. I eventually plan to go full cloud but require the hybrid to manage the remaining on premises distribution lists etc for now.
I am ready to decommission the Exchange 2010 servers, are there any caveats / gotchas to be aware off before I uninstall Exchange 2010?
As long as 2016 is in place you should be good–make sure all mailboxes and PF’s are already migrated/removed from 2010 and no content remains. But removing the last Exchange server has more impact than removing a legacy version (once 2016 is in place the dangers in removing the “last” Exchange server go away).
Thanks for the reminder Alex! I’ve been struggling with our setup for a while now. I’ve migrated all our users off Exchange 2010 into O365 in a hybrid configuration with AD sync (had to be done quite quickly when the pandemic hit). We have also since moved our users AD onto a new on-premise server (without exchange) and I’ve been trying to find the best way to turn our hybrid migration into a cutover migration as we want to shut down the old server with Exchange 2010. Everywhere I turn to just tells me to ‘keep a few exchange servers running in hybrid’ but this isn’t an option for us now! I was thinking to switch off AD sync, perform cutover steps, point DNS in the right direction, shut down old server, then turn on AD sync on the new server (testing it first with a test user and hoping for the best). Any advice you can give me I would be eternally in your debt!
So officially it is not supported to remove the last exchange server AND keep the AAD Connect in place. But you have two options:
1. Install Exchange 2016 (cannot be 2019) using the free hybrid license–you can even install this on your new DC; you won’t need to keep the new server published through the firewall after the hybrid wizard is re-run on the new system–it just needs to get set up so that you have a management UI–which is the whole reason for having it (ADSI edit/attribute edit is not supported for making changes to on-prem Exchange attributes).
2. Run in an unsupported config without an Exchange server (at your own risk, of course). You will still need to run the AD domain prep stuff from Exchange install media, so that you have the extensions in your Directory for Exchange. As well, you should export the primary SMTP and all aliases from the cloud and import them to the proxyAddresses attribute on-prem. This will ensure that your on-prem accounts keep the attributes for alias addresses intact, so when you go to sync again you won’t be missing anything.
Great, thanks! I will give this some more thought in our environment and see how it goes…
Hi Alex and Tobi,
We are in the same situation now. Anything to keep in mind if using option #1? Would there be any downtime? Are you rerunning hybrid wizard on the server that already has AAD connect running? After the Exchange 2016 server is setup, can we turn off the Exchange 2010 server?
The purpose of re-running the wizard is just to update the hybrid configuration object so that it knows the new server will take over the hybrid role. That’s all. Can be run from any computer in the domain, as long as it can talk to the AD and Exchange server. You can turn off 2010 after you have moved to the new one yes (including if you had to update any relays).
We followed your articles a while back and made our Exchange 2010 environment a hybrid one. We just haven’t had time to change over to 2016 yet and now that I’m looking at what to do I haven’t been able to find any really good information about switching directly from 2010 to Azure AD Connect. Are you aware of any sources for that kind of information
It is not supported to remove the last Exchange server and keep Azure AD Connect. You must either upgrade to a 2016 hybrid, or remove Azure AD Connect and then retire the last Exchange Server.
Once the Exchange server is retired can Azure AD Connect then be re-installed to allow for syncing AD to Office 365?
Not supported without Exchange server.