Skip to content

Commit c2d679c

Browse files
authored
Merge pull request #2283 from guruxp/apascualCTMM
Correcting script to evaluate license check properly, include org relationships with expanded mailboxMoveCapabilities and added support for large group memberships over 1000 members
2 parents 4a04c87 + faeed61 commit c2d679c

File tree

1 file changed

+14
-15
lines changed

1 file changed

+14
-15
lines changed

Admin/CrossTenantMailboxMigrationValidation.ps1

+14-15
Original file line numberDiff line numberDiff line change
@@ -193,8 +193,8 @@ function CheckObjects {
193193
#Check for the T2T license on any of the objects (either source or target) as long as the source mailbox is a regular mailbox
194194
Write-Verbose -Message "Informational: Source mailbox is regular, checking if either SOURCE mailbox or TARGET MailUser has the T2T license assigned"
195195
if ($SourceObject.RecipientTypeDetails -eq 'UserMailbox') {
196-
if ($SourceObject.PersistedCapabilities -notmatch 'ExchangeT2TMbxMove') {
197-
if ($TargetObject.PersistedCapabilities -notmatch 'ExchangeT2TMbxMove') {
196+
if ($SourceObject.PersistedCapabilities -notcontains 'ExchangeT2TMbxMove') {
197+
if ($TargetObject.PersistedCapabilities -notcontains 'ExchangeT2TMbxMove') {
198198
Write-Host ">> Error: Neither SOURCE mailbox or TARGET MailUser have a valid T2T migration license. This is a pre-requisite, and if the license is not assigned by the time the migration is injected, it will fail to complete" -ForegroundColor Red
199199
} else {
200200
Write-Verbose -Message "TARGET MailUser has a valid T2T migration license"
@@ -273,8 +273,8 @@ function CheckObjects {
273273

274274
#Verify if SOURCE mailbox is part of the Mail-Enabled Security Group defined on the SOURCE organization relationship
275275
Write-Verbose -Message "Informational: Checking if the SOURCE mailbox is a member of the SOURCE organization relationship Mail-Enabled Security Group defined on the MailboxMovePublishedScopes"
276-
$SourceTenantOrgRelationship = Get-SourceOrganizationRelationship | Where-Object { ($_.MailboxMoveCapability -eq "RemoteOutbound") -and ($null -ne $_.OauthApplicationId) }
277-
if ((Get-SourceDistributionGroupMember $SourceTenantOrgRelationship.MailboxMovePublishedScopes[0]).Name -contains $SourceObject.Name) {
276+
$SourceTenantOrgRelationship = Get-SourceOrganizationRelationship | Where-Object { ($_.MailboxMoveCapability -like "*RemoteOutbound*") -and ($null -ne $_.OauthApplicationId) }
277+
if ((Get-SourceDistributionGroupMember $SourceTenantOrgRelationship.MailboxMovePublishedScopes[0] -ResultSize unlimited).Name -contains $SourceObject.Name) {
278278
Write-Host ">> SOURCE mailbox is within the MailboxMovePublishedScopes" -ForegroundColor Green
279279
} else {
280280
Write-Host ">> Error: SOURCE mailbox is NOT within the MailboxMovePublishedScopes. The migration will fail if you don't correct this" -ForegroundColor Red
@@ -416,7 +416,7 @@ function CheckObjects {
416416
Write-Verbose -Message "Informational: The X500 address $($Address) from SOURCE object is present on TARGET object"
417417
} else {
418418
if (!$TargetObject.IsDirSynced) {
419-
Write-Host ">> Error: $($Address) is not present on the TARGET MailUser, would you like to add it? (Y/N): " -ForegroundColor Red -NoNewline
419+
Write-Host ">> Warning: $($Address) is not present on the TARGET MailUser. All of the X500 addresses of the source mailbox object, as a best practice, should be present on the target MailUser object. Would you like to add it? (Y/N): " -ForegroundColor Yellow -NoNewline
420420
$AddX500 = Read-Host
421421
Write-Host " Your input: $($AddX500)"
422422
if ($AddX500.ToLower() -eq "y") {
@@ -426,7 +426,7 @@ function CheckObjects {
426426
$TargetObject = Get-TargetMailUser $TargetIdentity
427427
}
428428
} else {
429-
Write-Host ">> Error: $($Address) is not present on the TARGET MailUser and the object is DirSynced. This is not a change that can be done directly on EXO, please add the X500 address from on-premises and perform an AADConnect delta sync" -ForegroundColor Red
429+
Write-Host ">> Warning: $($Address) is not present on the TARGET MailUser and the object is DirSynced. All of the X500 addresses of the source mailbox object, as a best practice, should be present on the target MailUser object. This is not a change that can be done directly on EXO, please add the X500 address from on-premises and perform an AADConnect delta sync" -ForegroundColor Yellow
430430
}
431431
}
432432
}
@@ -489,8 +489,8 @@ function CheckObjectsSourceOffline {
489489
#Check for the T2T license on any of the objects (either source or target) as long as the source mailbox is a regular mailbox
490490
Write-Verbose -Message "Informational: Source mailbox is regular, checking if either SOURCE mailbox or TARGET MailUser has the T2T license assigned"
491491
if ($SourceObject.RecipientTypeDetails -eq 'UserMailbox') {
492-
if ($SourceObject.PersistedCapabilities -notmatch 'ExchangeT2TMbxMove') {
493-
if ($TargetObject.PersistedCapabilities -notmatch 'ExchangeT2TMbxMove') {
492+
if ($SourceObject.PersistedCapabilities -notcontains 'ExchangeT2TMbxMove') {
493+
if ($TargetObject.PersistedCapabilities -notcontains 'ExchangeT2TMbxMove') {
494494
Write-Host ">> Error: Neither SOURCE mailbox or TARGET MailUser have a valid T2T migration license. This is a pre-requisite, and if the license is not assigned by the time the migration is injected, it will fail to complete" -ForegroundColor Red
495495
} else {
496496
Write-Verbose -Message "TARGET MailUser has a valid T2T migration license"
@@ -559,7 +559,7 @@ function CheckObjectsSourceOffline {
559559
#Verify if SOURCE mailbox is part of the Mail-Enabled Security Group defined on the SOURCE organization relationship
560560
Write-Verbose -Message "Informational: Checking if the SOURCE mailbox is a member of the SOURCE organization relationship Mail-Enabled Security Group defined on the MailboxMovePublishedScopes"
561561
$SourceTenantOrgRelationship = (Import-Clixml $OutputPath\SourceOrgRelationship.xml)
562-
$SourceTenantOrgRelationship = $SourceTenantOrgRelationship | Where-Object { ($_.MailboxMoveCapability -eq "RemoteOutbound") -and ($null -ne $_.OauthApplicationId) }
562+
$SourceTenantOrgRelationship = $SourceTenantOrgRelationship | Where-Object { ($_.MailboxMoveCapability -like "*RemoteOutbound*") -and ($null -ne $_.OauthApplicationId) }
563563
$SourceTenantMailboxMovePublishedScopesSGMembers = Import-Clixml $OutputPath\MailboxMovePublishedScopesSGMembers.xml
564564
if ($SourceTenantMailboxMovePublishedScopesSGMembers.Name -contains $SourceObject.Name) {
565565
Write-Host ">> SOURCE mailbox is within the MailboxMovePublishedScopes" -ForegroundColor Green
@@ -704,7 +704,7 @@ function CheckObjectsSourceOffline {
704704
Write-Verbose -Message "Informational: The X500 address $($Address) from SOURCE object is present on TARGET object"
705705
} else {
706706
if (!$TargetObject.IsDirSynced) {
707-
Write-Host ">> Error: $($Address) is not present on the TARGET MailUser, would you like to add it? (Y/N): " -ForegroundColor Red -NoNewline
707+
Write-Host ">> Error: $($Address) is not present on the TARGET MailUser. All of the X500 addresses of the source mailbox object, as a best practice, should be present on the target MailUser object. Would you like to add it? (Y/N): " -ForegroundColor Red -NoNewline
708708
$AddX500 = Read-Host
709709
Write-Host " Your input: $($AddX500)"
710710
if ($AddX500.ToLower() -eq "y") {
@@ -714,7 +714,7 @@ function CheckObjectsSourceOffline {
714714
$TargetObject = Get-TargetMailUser $TargetIdentity
715715
}
716716
} else {
717-
Write-Host ">> Error: $($Address) is not present on the TARGET MailUser and the object is DirSynced. This is not a change that can be done directly on EXO, please add the X500 address from on-premises and perform an AADConnect delta sync" -ForegroundColor Red
717+
Write-Host ">> Error: $($Address) is not present on the TARGET MailUser and the object is DirSynced. All of the X500 addresses of the source mailbox object, as a best practice, should be present on the target MailUser object. This is not a change that can be done directly on EXO, please add the X500 address from on-premises and perform an AADConnect delta sync" -ForegroundColor Red
718718
}
719719
}
720720
}
@@ -811,7 +811,7 @@ function CheckOrgs {
811811
Write-Verbose -Message "Informational: Checking SOURCE tenant organization relationship"
812812
if ($SourceTenantOrgRelationship.MailboxMoveEnabled) {
813813
Write-Host "Organization relationship on SOURCE tenant is enabled for moves" -ForegroundColor Green
814-
if ($SourceTenantOrgRelationship.MailboxMoveCapability -eq "RemoteOutbound") {
814+
if ($SourceTenantOrgRelationship.MailboxMoveCapability -like "*RemoteOutbound*") {
815815
Write-Host "Organization relationship on SOURCE tenant MailboxMove is correctly set" -ForegroundColor Green
816816
if ($SourceTenantOrgRelationship.DomainNames -contains $TargetTenantId) {
817817
Write-Host "Organization relationship on SOURCE tenant DomainNames is correctly pointing to TargetTenantId" -ForegroundColor Green
@@ -879,7 +879,7 @@ function CheckOrgsSourceOffline {
879879
Write-Verbose -Message "Informational: Checking SOURCE tenant organization relationship"
880880
if ($SourceTenantOrgRelationship.MailboxMoveEnabled) {
881881
Write-Host "Organization relationship on SOURCE tenant is enabled for moves" -ForegroundColor Green
882-
if ($SourceTenantOrgRelationship.MailboxMoveCapability -eq "RemoteOutbound") {
882+
if ($SourceTenantOrgRelationship.MailboxMoveCapability -like "*RemoteOutbound*") {
883883
Write-Host "Organization relationship on SOURCE tenant MailboxMove is correctly set" -ForegroundColor Green
884884
if ($SourceTenantOrgRelationship.DomainNames -contains $TargetTenantId) {
885885
Write-Host "Organization relationship on SOURCE tenant DomainNames is correctly pointing to TargetTenantId" -ForegroundColor Green
@@ -1112,7 +1112,7 @@ if ($CollectSourceOnly -and $CSV) {
11121112
$SourceTenantOrganizationRelationship | ForEach-Object {
11131113
if (($_.MailboxMoveEnabled) -and ($_.MailboxMoveCapability -eq "RemoteOutbound") -and ($_.MailboxMovePublishedScopes)) {
11141114
Write-Host "Informational: $($_.Identity) organization relationship meets the conditions for a cross tenant mailbox migration scenario, exporting members of the security group defined on the MailboxMovePublishedScopes" -ForegroundColor Yellow
1115-
Get-SourceDistributionGroupMember $_.MailboxMovePublishedScopes[0] | Export-Clixml $OutputPath\MailboxMovePublishedScopesSGMembers.xml
1115+
Get-SourceDistributionGroupMember $_.MailboxMovePublishedScopes[0] -ResultSize Unlimited | Export-Clixml $OutputPath\MailboxMovePublishedScopesSGMembers.xml
11161116
} else {
11171117
Write-Host "Informational: $($_.Identity) organization relationship doesn't match for a cross tenant mailbox migration scenario" -ForegroundColor Yellow
11181118
}
@@ -1192,4 +1192,3 @@ if ($SourceIsOffline -and $PathForCollectedData -and $CheckOrgs) {
11921192
LoggingOff
11931193
KillSessions
11941194
}
1195-

0 commit comments

Comments
 (0)