The progress bar has been stuck at 94% for six hours. An IT manager watches it during a quiet weekend, knowing that come Monday, hundreds of employees will expect their emails, calendars, and rules to work seamlessly. No errors, no missing data, no frantic helpdesk calls. This moment isn’t just about a failed migration-it’s about how unprepared choices made months earlier surface under pressure. Migrating to Exchange Online is rarely a technical failure. It’s a planning one.
Critical technical criteria for evaluating modern migration tools
Choosing the right tool for an Exchange Online migration isn't just a matter of compatibility-it's about future-proofing. For years, many migration solutions relied on the legacy Exchange Web Services (EWS) API, which offered broad access but with outdated authentication and limited scope. Today, Microsoft is deprecating EWS, and tools built on it can no longer guarantee reliable performance or full data transfer.
The clear successor is the Microsoft Graph API, which supports modern OAuth authentication, provides deeper access to mailbox components, and aligns with Microsoft’s long-term cloud strategy. Tools still dependent on EWS may function temporarily, but they’re operating on borrowed time. Any solution in use today should already be fully Graph-native to avoid disruptions.
The impact of EWS deprecation on tool selection
For organizations seeking a streamlined path through these technical hurdles, leveraging a dedicated solution like Sharegate mailbox migration ensures that complex data sets remain intact. This shift isn’t optional-it’s enforced by Microsoft’s roadmap. Without Graph API support, tools cannot reliably access modern mailbox features such as archive mailboxes or litigation holds, leading to silent data loss during migration.
| 🟢 Modern Requirement | 🚫 Legacy Assumption |
|---|---|
| 🔐 OAuth 2.0 (secure, token-based) | 🔑 Basic Auth (being phased out) |
| 📊 Access to primary + archive mailboxes | 📥 Primary mailbox only |
| ⚖️ Full support for litigation holds | ⚠️ Hold settings lost or ignored |
| 🧩 Built on Microsoft Graph API | 🔧 Built on deprecated EWS |
Core planning: surviving the pre-cutover phase
Most migration issues aren't discovered during the cut-over-they're baked in long before. Teams often assume that if user mailboxes can be accessed, they’re ready to move. But behind the scenes, invisible elements like archive mailboxes or delegation rules can derail the process. The real work begins with diagnosis, not execution.
Identifying invisible data blind spots
Archive mailboxes are a common blind spot. They exist independently of primary mailboxes and require specific licensing and API access to migrate. If not detected early, they won’t be moved-users may not notice immediately, but over time, missing historical data surfaces in audits or legal requests. Similarly, litigation holds applied on-premises won’t carry over unless the target environment supports them. A pre-migration audit must flag these conditions.
Managing identity and calendar conflicts
Another silent issue is identity mismatch. User Principal Names (UPNs) that don’t align with the target domain can cause authentication problems post-migration. SMTP address mismatches may break reply chains or delegation. And recurring meetings? If the organizer’s mailbox hasn’t been properly migrated or remapped, entire event series can vanish from attendees’ calendars. These aren’t edge cases-they’re predictable, preventable.
The licensing gap: why your Microsoft 365 tier matters
Matching mailbox features to license levels
Here’s a hard truth: not all Microsoft 365 licenses support the same mailbox capabilities. A user on Business Basic or Business Standard has a 50 GB mailbox limit and no support for archive mailboxes or litigation holds. But if that user has an archive on-premises, where does that data go?
Plans like Microsoft 365 E3 and E5 include Exchange Online Plan 2, which supports 100 GB primary mailboxes, unlimited archive storage, and advanced compliance features. Migrating a user with an archive to a lower-tier license doesn’t just limit storage-it actively blocks the migration of that data. At best, it fails. At worst, it appears to succeed but silently drops critical content. The licensing check isn’t a formality. It’s foundational.
Strategic steps for a seamless mailbox transition
Validation of retention policies
In regulated environments, retaining data under legal hold isn’t optional. Before migration, verify which users are under litigation hold and ensure their target license supports it. Otherwise, compliance is compromised before the first byte moves. This isn’t just an IT issue-it’s a legal risk.
Operational checklist for IT admins
To avoid last-minute surprises, run through these key verification points:
- 🔍 Audit mailbox sizes and compare them to destination license limits
- 📦 Confirm archive mailbox availability in target licensing tier
- ⚖️ Validate litigation hold requirements and target support
- 👥 Map delegation rules and shared mailbox permissions
- 📅 Verify ownership and recurrence of calendar events
Post-migration integrity and data validation
The migration isn’t over when the mailboxes appear in Exchange Online. The real test comes in the days after cutover, when users start interacting with their data. That’s when missing rules, broken signatures, or vanished shared folders become apparent.
Verifying data consistency
Immediately after migration, spot-check key accounts for intact inbox rules, auto-replies, and email signatures. Shared folders must be accessible by all intended users. Calendar permissions and recurring meetings should reflect their original state. Any deviation indicates a flaw in the migration process-not just the tool, but the planning.
Compliance through migration logs
Maintaining detailed migration logs isn’t just good practice-it’s essential for compliance. These logs serve as proof that data was transferred completely and can help reconstruct issues if disputes arise. They also form the basis of a repeatable migration framework for future phases.
User experience fine-tuning
Even a technically perfect migration can frustrate users if their Outlook profiles reset or mobile devices fail to sync. Helpdesk teams should be prepped for common post-migration issues, such as reconfiguring cached Exchange mode or reapplying local rules. Proactive communication can turn a smooth transition into a trusted one.
Automation and PowerShell in complex scenarios
For large-scale migrations, manual processes don’t scale. PowerShell offers granular control, allowing admins to create migration batches, monitor progress, and troubleshoot issues in bulk.
Scaling with remote move requests
Using remote move requests via PowerShell enables efficient mailbox transfers from on-premises to Exchange Online. Migration batches can be scheduled, paused, or resumed, providing flexibility during business hours. But visibility is key-monitoring batch status and error logs prevents small issues from becoming widespread.
Handling multi-tenant complexities
Tenant-to-tenant migrations add another layer: identity synchronization. Azure AD Connect must be configured correctly to avoid duplicate accounts or broken trust relationships. User attributes like UPNs and SMTP addresses must be mapped precisely. A mismatch here can result in login failures or mailbox detachment.
Leveraging all-in-one tool models
Some tools simplify this complexity by bundling migration, reporting, and compliance features into a single interface. Instead of juggling multiple scripts and licensing tiers, teams can use a unified platform that handles archives, litigation holds, and identity mapping out of the box. This reduces risk and accelerates deployment-especially when time and accuracy are critical.
Frequently Asked Questions
One of our senior admins suggests that small mailboxes don't need pre-auditing, is that true?
Even small mailboxes can have complex folder permissions, legacy delegation rules, or hidden compliance flags. Skipping pre-audits risks broken access or lost settings post-migration. The size of the mailbox doesn’t reflect the complexity of its configuration-so auditing remains essential.
What is the biggest trap when moving from on-premises Exchange 2016 to the cloud?
One of the most common pitfalls is failing to align User Principal Names (UPNs) with the target Azure AD domain before synchronization. Mismatched UPNs cause authentication issues and prevent seamless mailbox moves, often requiring disruptive rework after the fact.
How do we handle mailboxes that are currently under legal hold during a tenant-to-tenant move?
Mailboxes under legal hold require Exchange Online Plan 2, available only in Microsoft 365 E3 or E5 licenses. Ensure the target environment has the correct licensing; otherwise, hold settings won’t be preserved, creating compliance risks post-migration.
If our migration tool fails halfway through, can we use the PST Import Service as a backup?
The PST Import Service can recover data, but it strips away metadata like folder hierarchy, rules, and permissions. It’s a fallback for content retrieval, not a full migration substitute. Relying on it means losing critical context and increasing reconciliation effort.
Is the shift toward Microsoft Graph API truly mandatory for this year’s migrations?
Yes. Microsoft is actively deprecating legacy protocols like EWS. Tools not built on the Microsoft Graph API will lose reliability and functionality. For any new or ongoing migration, Graph support is no longer optional-it’s a requirement for stability and compliance.