Modern Auth and Exchange Online Migrations: What IT Professionals Should Know

Modern Auth and Exchange Online Migrations

Microsoft has phased out Basic Authentication (Basic Auth), replacing it with Modern Authentication (Modern Auth) to provide increased protection and user security. Through this, Microsoft has turned off Basic Auth for specific protocols in Exchange Online, causing some to wonder how this change will impact Exchange Online migrations.

Those looking to do Exchange Online migrations should consider several scenarios and risks. It’s important to ask, what tenants and workloads might be affected? Which migration tools are best to use? What best practices will ensure a smooth migration?

What is changing?

Microsoft phased out Basic Auth to provide a more secure way for users to access accounts. Basic Auth was limited to simple authentication scenarios that can be vulnerable to hackers and outside sources. Modern Auth, however, provides single sign-on and multi-factor authentication capabilities not available in Basic Auth, helping to ensure that all personal data and accounts are protected.

Primarily, this move impacts Microsoft Exchange Online. Modern Auth in Exchange Online, as implemented by Microsoft, is built on three main components:

  • Active Directory Authentication Library. ADAL enables applications to support a variety of sign-in capabilities, including smart card+certificate-based authentication. It also supports two-factor/multi-factor authentication, which allows additional authentication factors.
  • OAuth 2.0. OAuth 2.0’s primary role is to authorize applications to share data on behalf of the user, using token exchanges to avoid resending username/password credentials.
  • ID Connect. Open ID Connect is an authentication layer built on top of OAuth 2.0. It provides the issuance of an access token, along with an ID token for proving the user’s identity. The ID token contains information about the authenticated user and is digitally signed by the identity provider.

These components increase security, making migrations more secure. However, this change can profoundly impact organizations that haven’t made provisions for this move to Modern Auth, as it will affect the ability to migrate mailboxes efficiently.

To achieve Exchange Online migrations during this transition, IT professionals must consider and implement steps to ensure success.

What steps should I implement to ensure a smooth migration?

Like it or not, Modern Auth is replacing Basic Auth. To ensure a smooth migration during this transitional period, IT professionals should consider the following these steps:

    • Plan carefully. If you’re planning a mailbox migration and haven’t done it since Microsoft implemented this change, give yourself extra time and make sure your Source and Destination are where they need to be. Ask yourself the foundational questions to ensure all bases are covered. What data needs to be moved and where? How much data needs to be moved? How will you protect your data during and after a migration? Who needs access to this data?
  • Do your due diligence. Understanding the scope of a migration is integral to the process. Conduct high-level analysis of the Source and Destination to understand who will be directly affected by the process and how the migration can impact the past, present and future of a business.
    • Make sure you have the right tools. Not all migration tools support Modern Auth. To avoid headaches, IT professionals should confirm that their licenses support Modern Auth. If not, they should research and adopt a migration tool that will. By adopting a migration tool that supports Modern Auth, IT professionals can avoid common migration pitfalls. It’s possible that a destination won’t accept the data in transit, causing the migration to fail. To avoid this, IT professionals should ensure Modern Auth is deployed on both ends of the migration and that their migration tool is able to connect to both Source and Destination.
  • Anticipate problems. With any migration, there is an element of risk. Sometimes problems arise that can cause your migration to fail. If you find that your applications are not working properly during or after a migration, contact your Microsoft license dealer for help. During this transitional time, it’s important to utilize all of your resources to ensure tools are working properly.

Always keep your software up to date

Performing routine maintenance and updates on software is critical to avoiding problems before, during and after any migration. Admins that don’t continually update their systems often find themselves without options. Older versions of software depreciate and are no longer supported. This is sometimes the case where admins are using unsupported versions of software and need to revert to older technologies to get them to work. The most sensible path is to keep your software updated to versions with vendor support.

Ensuring a smooth and secure migration process

The shift to Modern Auth can affect Exchange Online migrations. To ensure a smooth and secure migration, it’s critical to anticipate problems and understand the key steps for success. This, along with having the right migration tools that support Modern Auth and up-to-date software, will help ensure efficient migrations during this transition. Change can be hard. But these steps can help ensure a seamless move to Modern Auth and streamlined and effective Exchange Online migrations.

By Stacey Farrar

Gary Bernstein
Common DevOps Misconceptions 86% of businesses say it’s important for their company to develop and produce new software fast to win market share and beat the competition, Harvard Business Review reveals. Yet, just 10% of businesses ...
Sofia Jaramillo
Augmented Reality in Architecture Augmented reality (AR) is a growing field of study and application in the world of architecture. This useful tool can help us visualize architectural designs by superimposing them onto real-world scenes ...
Martin Mendelsohn
The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...
Josh Miramant
Benefits of a Data-First Culture When it comes to analytics solutions, centralization versus decentralization is one constant tension that’s plagued data architects for years now. Both options offer their own sets of advantages and disadvantages, ...
Gary Bernstein
Simplify Your Website Management with VPS Hosting VPS stands for Virtual Private Server, which is a type of web hosting service that allows businesses or individuals to host their websites and applications on a virtual ...
Metasploit-Penetration-Testing-Software-Pen-Testing-Security
Vulnerability Scanners Cyber security vulnerabilities are a constant nuisance and it certainly doesn't help with the world in a current state of disarray and uncertainty. Vulnerabilities leave businesses and individuals subject to a wide range ...
Tosin Vaithilingam
Divestitures: What to consider during the migration process "Divestitures require careful planning and execution, but they can create tremendous opportunities for companies to transform their businesses and unlock new growth potential." - Ginni Rometty, former ...
Jen Klostermann
The Fintech Landscape The Nitty Gritty Although the COVID-19 pandemic has highlighted its existence, most of us have been using fintech in some form or another for quite some time. It’s a big part of ...