Thomas.Poett@TEAMS (MVP Teams and Cross-Tenant M&A/D Migration Expert Lead)

Orchestrated migration is executed as a migration job (a batch). Microsoft states that the maximum batch size is 100 users and migrations are managed through Microsoft Graph APIs (beta) using PowerShell or Graph Explorer. Step 1: create a validation batch (recommended) Use standalone validation to confirm prerequisites before you submit an actual migration. Validation behaves like a what-if: it checks prerequisites at tenant and user levels (permissions, relationships, identity mapping, licensing, and more). Step 2: submit the migration batch and understand the stages ·        Validation: checks prerequisites; if checks fail, the user's migration does not begin. ·        Mailbox syncing: mailbox content is synced in the background while the user continues working in the source tenant. Microsoft strongly recommends submitting batches two weeks before the cutover date. ·        Cutover: a...

Dedicated cross-tenant SharePoint migration is the workload-specific method for moving SharePoint sites between tenants using SharePoint Online PowerShell. Use it when you need to migrate shared sites (including Teams-connected SharePoint sites), which are out of scope for Orchestrator. Scope and key constraints ·        Up to 4,000 SharePoint migrations can be scheduled at a time. ·        One-and-done: no incremental/delta passes; redirects are left behind. ·        Supported site types include group-connected sites (including those associated with Teams), modern non-group sites, classic sites, and communication sites. ·        This does not migrate Teams content, channels, or associated structure; for Teams-connected sites, only the SharePoint site content is migrated. ·        Do not precreate target SharePoint sites; if th...

Dedicated cross-tenant OneDrive migration is the workload-specific method for moving personal OneDrive accounts between tenants using SharePoint Online PowerShell. It is especially useful when you want a OneDrive-only runbook, or when you are not using the orchestrated workload chain. How it behaves (expectations to set) ·        Up to 4,000 OneDrive accounts can be scheduled at a time. ·        Migrations occur in the Microsoft 365 cloud with only a brief read-only window for the user. ·        A redirect is placed at the original OneDrive location so existing links keep working. ·        Cross-tenant moves are one-and-done: no incremental/delta passes. ·        Not supported for Government Cloud users (GCC, GCC High, DoD, etc.). Prerequisites that frequently block projects ·        Licensing:...

Cross-Tenant Identity Mapping (CTIM) is Microsoft's tool for mapping source users to target users one-to-one so content, permissions, and user experiences remain consistent. Running identity mapping is required when you migrate user data using the orchestrated method. What CTIM does (in practical terms) CTIM helps you: ·         Map users one-to-one between tenants and reduce manual errors. ·         Update properties so users have correct attributes for migration. ·         Maintain mapping data so the correct source content lands on the correct target user. When to run CTIM Microsoft recommends running CTIM after creating target users and before migrating data. This sequence improves accuracy and avoids manual cleanup work. Security and compliance note (data-at-rest and network) CTIM stores different categories of data in different regions (for example, reports in the tenants' Exch...

Orchestrated migration requires that both source user objects and target user objects exist. Your most important goal is to create target users in the right state so identity mapping and migration can run without failures. Non-negotiable rule: do not provision target mailboxes or OneDrive sites early Microsoft emphasizes an order of operations: complete identity mapping before assigning Exchange or OneDrive licenses to target users. If you license target users too early, they may provision mailboxes, breaking the required MailUser state. Create target MailUsers (MEUs) in Exchange Online A MailUser object (Mail-Enabled User / MEU) must exist in the target tenant for each migrating source user. CTIM stamps ExchangeGuid and other attributes later, so you do not need to pre-populate everything up front. Connect-ExchangeOnline New-MailUser -PrimarySmtpAddress username@targettenant.com -MicrosoftOnlineServicesID username@targettenant.com -ExternalEmailAddress username@sourcetenan...

Before you touch user objects or submit migration batches, you need to configure both the source and target tenants so the orchestrated tooling can validate prerequisites, access the right workloads, and run migrations securely. Mailbox migration: use cross-tenant mailbox migration setup For mailbox moves, Microsoft directs admins to complete the standard cross-tenant mailbox migration preparation steps (organization relationships, endpoints, and related Exchange Online configuration). Treat this as the foundation for the orchestrated chain. OneDrive: establish trust, then grant the OneDrive/SharePoint migration permissions Orchestrator uses the same trust model as the dedicated OneDrive migration approach: establish trust between the tenants using the published steps, then configure the OneDrive migration application permissions via a Microsoft-provided module. Connect-MgGraph  # as Global Administrator (run in both tenants) Import-Module <downloaded module path> ...