Skip to main content
Tenant to Tenant Migration in Cloud Migration

Tenant to Tenant Migration in Cloud Migration

$249.00
How you learn:
Self-paced • Lifetime updates
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
Who trusts this:
Trusted by professionals in 160+ countries
When you get access:
Course access is prepared after purchase and delivered via email
Your guarantee:
30-day money-back guarantee — no questions asked
Adding to cart… The item has been added

This curriculum spans the equivalent depth and breadth of a multi-workshop technical advisory engagement, covering discovery, identity architecture, data migration, cutover execution, compliance alignment, application reconfiguration, decommissioning, and change management across tenant boundaries.

Module 1: Pre-Migration Assessment and Discovery

  • Identify and classify all tenant-specific workloads, including shadow IT applications registered in Azure AD or consuming Microsoft 365 services.
  • Map user and service account dependencies across both source and target tenants, including cross-tenant SharePoint sharing and Teams guest access.
  • Conduct mailbox and Teams chat migration feasibility analysis based on data residency requirements and legal hold policies.
  • Inventory third-party SaaS integrations using OAuth tokens tied to the source tenant and assess reauthorization impact.
  • Define migration scope by evaluating shared mailbox ownership, distribution group memberships, and dynamic group rules.
  • Document custom DNS records, domain verification status, and MX/SPOOFING configurations for domain transfer planning.

Module 2: Tenant Architecture and Identity Strategy

  • Design target tenant identity model: decide between single Azure AD B2B collaboration vs. full user migration based on long-term governance needs.
  • Implement verified domain move or domain re-verification strategy depending on domain availability and SSL certificate dependencies.
  • Resolve UPN suffix conflicts by aligning on target tenant domain naming standards and planning AD FS or password hash sync adjustments.
  • Configure conditional access policies in the target tenant to mirror source environment security baselines without disrupting access.
  • Plan for guest user cleanup or conversion to member users based on post-merger collaboration requirements.
  • Establish hybrid identity readiness by validating Azure AD Connect topology compatibility with the new tenant.

Module 3: Data Migration Planning and Tool Selection

  • Select migration tools (e.g., native Exchange Online migration, ShareGate, Metalogix) based on data volume, throttling tolerance, and metadata preservation needs.
  • Define batch sizing and scheduling for mailbox migrations to avoid service degradation during business peak hours.
  • Preserve OneDrive and SharePoint permissions, version history, and sharing links using API-based migration with delta sync capability.
  • Configure migration jobs to retain original timestamps, authorship, and modified-by fields for compliance and auditability.
  • Plan Teams channel migration by recreating structure manually or via Graph API, acknowledging limitations in chat history portability.
  • Test migration throughput under throttling conditions and adjust concurrency settings to maintain service level agreements.

Module 4: Email and Collaboration System Cutover

  • Execute staged mailbox migration with final sync window defined by acceptable downtime and MX record TTL settings.
  • Update MX, Autodiscover, and SPF records in coordination with DNS provider to redirect mail flow post-cutover.
  • Manage public folder migration by converting to modern SharePoint equivalents or enabling cross-tenant public folder access temporarily.
  • Reconfigure transport rules, journaling, and mail flow connectors in the target tenant to match source policies.
  • Validate Outlook client reconfiguration using Autodiscover and test cached mode profile updates across endpoints.
  • Monitor hybrid free/busy coexistence during transition and resolve scheduling issues caused by stale proxy addresses.

    • Module 5: Security, Compliance, and Governance Alignment

    • Migrate sensitivity labels and retention policies using Microsoft Purview, ensuring label inheritance is preserved on migrated content.
    • Reapply DLP policies in the target tenant and test false positive rates against migrated mailbox and SharePoint data.
    • Transfer eDiscovery cases and hold configurations, acknowledging gaps in cross-tenant search capabilities.
    • Reestablish audit log retention and integrate with existing SIEM solutions using new tenant-specific log sources.
    • Enforce MFA registration in the target tenant and manage conditional access exceptions for service accounts.
    • Review and reassign compliance administrator roles to align with new organizational control boundaries.

    Module 6: Application and Integration Reconfiguration

    • Re-register enterprise apps in the target tenant and redistribute client secrets or certificates to backend systems.
    • Update redirect URIs and API permissions for Power Platform environments tied to the source tenant.
    • Migrate custom workflows in Power Automate and Logic Apps, adjusting connections to reflect new tenant context.
    • Reconfigure third-party backup solutions to target new tenant endpoints and validate restore functionality.
    • Update SSO configurations for federated applications, including AD FS claim rules and relying party trusts.
    • Validate API-based integrations (e.g., custom .NET apps using MSAL) against new tenant OAuth endpoints and scopes.

    Module 7: Post-Migration Validation and Decommissioning

    • Execute user acceptance testing scripts covering email, calendar, file access, and Teams functionality in the new tenant.
    • Monitor sign-in logs for failed authentication attempts due to stale tokens or incorrect tenant hints.
    • Archive or retain source tenant mailboxes under litigation hold before permanent deletion, complying with data retention policies.
    • Disable and remove Azure AD Connect from the source environment after confirming no residual sync dependencies.
    • Reclaim or reassign licenses in the source tenant and confirm billing responsibility transfer.
    • Document final cutover timeline, issues encountered, and recovery playbooks for future reference.

    Module 8: Change Management and User Communication

    • Develop phased communication plan disclosing migration impact on email addresses, file links, and application access.
    • Produce step-by-step guides for resetting MFA and reconfiguring mobile devices post-migration.
    • Coordinate with helpdesk to update incident response playbooks for tenant-specific authentication issues.
    • Schedule training sessions for power users on reestablishing shared mailbox delegates and distribution lists.
    • Deploy telemetry to track post-migration adoption rates and identify users not logging into the new tenant.
    • Establish feedback loop to collect user-reported issues and prioritize resolution based on business impact.
    !