Decommission Exchange servers from on-premises

scenario one

Issue: My organization has been running in a hybrid configuration and I have all of my mailboxes in Exchange Online. I do not need to manage my users from on-premises and no longer have a need for directory synchronization or password synchronization.

Solution: Since all of the users will be managed in Microsoft 365 or Office 365, and there are no additional directory synchronization requirements, you can safely disable directory synchronization and remove Exchange from the on-premises environment.

To disable directory synchronization and uninstall Exchange hybrid

1. Run Get-OrganizationConfig | Format-List PublicFoldersEnabled and ensure that it is not set to Remote. If it is set to Remote, and the public folders are something you want to continue to access, you would need to migrate them to Exchange Online. For more information, see Use batch migration to migrate legacy public folders to Microsoft 365, Office 365, and Exchange Online.
2. Assuming that you have already moved all of the mailboxes to Exchange Online, you can point the MX and Autodiscover DNS records to Exchange Online, instead of to on-premises. For more information, see External Domain Name System records for Office 365.
3. Next, you should remove the Service Connection Point (SCP) values on your Exchange servers. This ensures that no SCP’s are returned, and the client will instead use the DNS method for Autodiscover. Some examples are shown below:

   Exchange Server 2010 or 2013:

   PowerShellCopy

   Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri $Null
   

   Exchange Server 2016 or later:

   PowerShellCopy

   Get-ClientAccessService | Set-ClientAccessService -AutoDiscoverServiceInternalUri $Null
   

    Note

   If you have Exchange 2007 servers in the environment, you will have to run a similar command on your Exchange 2007 servers to change these settings.

4. There are inbound and outbound connectors created by the Hybrid Configuration Wizard that you will want to delete. Use the following steps to do this:
   1. Log in to the Microsoft 365 admin center and sign in as the Tenant Administrator.
   2. Select the option to manage Exchange.
   3. Navigate to Mail Flow -> Connectors.
   4. You can now disable or delete the inbound and outbound connectors. The HCW creates connectors with unique namespace inbound from <unique identifier> and outbound from <unique identifier> as shown in the graphic below.

      

5. Remove the organization relationship created by the Hybrid Configuration Wizard. Use the following steps to do this:
   1. Log in to the Microsoft 365 admin center and sign in as the Tenant Administrator.
   2. Select the option to manage Exchange.
   3. Navigate to Organization.
   4. Under Organization Sharing, remove the organization named O365 to On-Premises – <unique identifier> as shown in the graphic below.

      

6. If OAuth is configured for an Exchange hybrid deployment, you will want to disable the configuration from both on-premises and Microsoft 365 or Office 365. In most environments, you can skip these steps sbecause only a small number of customers have OAuth configured.

   To disable the on-premises configuration:

   1. From an Exchange server, open the Exchange Management Shell.
   2. Run the following command:
      PowerShellCopy

      Get-IntraorganizationConnector -Identity ExchangeHybridOnPremisesToOnline | Set-IntraOrganizationConnector -Enabled $False
      

   To disable the Exchange Online configuration:

   1. Connect Windows PowerShell to Exchange Online.
   2. Run the following command:
      PowerShellCopy

      Get-IntraorganizationConnector -Identity ExchangeHybridOnlineToOnPremises | Set-IntraOrganizationConnector -Enabled $False
      

   Note: The Identity parameter assumes that you used the Hybrid Configuration Wizard to configure OAuth. If this is not the case, you may need to adjust the value you specified for the identity of the connectors.

7. Disable directory synchronization for your tenants. When this step is completed, all user management tasks will be done from the Microsoft 365 or Office 365 management tools. This means you will no longer use the Exchange Management Console or Exchange admin centre (EAC). For more information on how to disable directory synchronization, see Turn off directory synchronization for Microsoft 365 or Office 365.
8. You can now safely uninstall Exchange from the on-premises servers.