Wednesday , June 10 2020

Using Exchange Modern Hybrid Topology with Hybrid Agent

Have you used autodiscover ? we always used check name and configured outlook. Do you have a SSL Certificate ? We always used internal CA all these years.Adding to it using DynDNS A record pointing to exchange server.

We wish to migrate to Office 365 and we run exchange 2010.Exchange Modern Hybrid methodology with Hybrid Agent Comes to the rescue to migrate the mailboxes.

It answers some of the key things . You don’t have to retain a public IP, SSL and autodiscover pointing to onPrem Servers. Where Small and medium customers who migrated the mailboxes to the cloud most of them doesn’t wish invest on SSL for hybrid servers.or keep having the public IPs pointing to the exchange servers.  Its simple and easy to configure and migrate. lets see how to do it.

Download Hybrid Agent using below link.

You can download the installer and run it or you can let the hybrid wizard run it. Sometime you don’t get the option “use exchange modern hybrid methodology” if customer ran the classic topology already in the environment you don’t see the modern methodology option in the wizard. To overcome it . I did this work around of implementing a new windows server which will be by Hybrid agent server. Installed the hybrid agent and ran the hybrid wizard on the same server. which gave me the option to choose between two.  if you don’t have that hassle run the hybrid wizard and the wizard installs you the hybrid agent.


Once you install the hybrid agent on the server. you can see the Microsoft Hybrid service.


Make sure MRS Proxy is Enable on the internet facing client access server.

Set-WebServicesVirtualDirectory -Identity "EWS (Default Web Site)" -MRSProxyEnabled $true

Make sure required ports are opened.

  • Outbound ports HTTPS (TCP) 443 and 80 must be open between the computer that has the Hybrid Agent installed and the Internet.
  • Ports HTTPS (TCP) 443, 80, 5985 and 5986 must be open between the computer that has the Hybrid Agent installed on the CAS that’s selected in the Hybrid Configuration wizard.


Choose the local server which is in my case and choose use an existing agent.


  • Download Hybrid Updater agent.
  • Install Hybrid updater agent.
  • Download Hybrid agent.
  • Register Hybrid Agent.
  • Validate Hybrid Agent for Exchange usage.


Configure my client Access and Mailbox servers for secure mail transport (typical)


Choose the optimal internet facing client access server.


Choose the public IP address to receive email


Choose the transport certificate.


Choose the FQDN or the public ip to send smtp traffic to onPrem servers.


Now Initialize Hybrid Environment.


Configure Organization Relationship failed. which is ok for use. as we don’t need free busy on this project.


We pointed the autodiscover of the domain directly the cloud and migrated all the mailboxes.


You can see the MRS Proxy as Hybird Migration Endpoint – EWS (Default Web Site)


We realized the migration speed was slow comparatively with the traditional method. But migration without additional tools was possible just because we had the hybrid agent working.  Its just an another step moving forward to remove dependencies from on prem environment.

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Database availability group must have quorum error

Decommissioning set of old Exchange 2013 servers had to export few mailboxes and decommission them.But …

One comment

  1. very helpful information. Streamlining the process for on-prem customers is a big win.

Leave a Reply

Your email address will not be published.