Google Mail to Office 365 Migration

Office 365 has made email migration pretty simple.  In most cases, you just set a migration endpoint, enter in the mailbox/passwords in a batch and away you go.

With that said, migrating from Gmail can be a little bit of a headache.  I understand there are security needs to be addressed, and we can never be too safe.  However, I did get the feeling that what needed to happen to achieve a successful migration (not using 3rd party tools) seems a bit superfluous.

1) Gmail can have an admin account that controls some settings for users.
2)The admin account needs to allow two-factor authentication globally. This is just a toggle switch
3)Individual users needed to set up two factor authentication individually. (this tied their email to a phone, what if the user doesn’t want to tie a work gmail account to a personal phone?).   If the global toggle setting was turn off, users could not configure this setting.
4) IMAP needed to be enabled for all users individually (did not see a global setting for this). By default, IMAP is disabled.
5) Gmail considers Outlook/Exchange as an “unsecured” program. Therefore, a special app password needs to be created for each user. This is a one time use password that is per application.

5a) You can permit google to allow “unsecured” programs.  But this only halfway works. If the computer is an untrusted computer, the connection to the mailbox via Outlook will still fail.
6) If using the Office 365 migration wizard , IMAP does not transfer contacts and calendar items.

There were two methods to move over email.
1)Tie their Outlook to their gmail account and export/import psts into their O365 account.
2)Use the migration wizard in O365 to connect to mailboxs directly.

This means that we can do through the manual process of two factor authentication, imap setting, and app password to tie the mailbox to outlook.  Once that’s done your golden, do a export/import and your done.  But, have to do it ad nauseum.

Or, we do it the O365 way with a migration endpoint, and have to do the same thing (sorta), but end up with contact and calendar items not syncing.

Thoughts:  While I agree that we do need these settings, it would be nice if it was easier and less hoops to jump through.  Maybe, a time limited “Deployment Toggle” in which IMAP is allowed for all users, and connections from unsecured apps (or allow Outlook) is allowed.   I imagne contacts and calendar items not syncing may be a limitation of IMAP, but there needs to be a way to mass export import.  That could cause some serious headaches with a user base in the double digits.

It’s no wonder 3rd party apps for things like email migration still have to exist.

Happy troubleshooting,



james gonzales / March 7, 2016 / Uncategorized

Leave a Reply

Your email address will not be published / Required fields are marked *