How to delete the Goldengate agent

Microsoft Hybrid AgentMicrosoft Hybrid Agent

  • 14 minutes to read

The Hybrid Agent removes some of the challenges you can face when you configure an Exchange Hybrid environment. The agent, which is built on the same technology as the Azure Application Proxy, removes some requirements for external DNS entries, certificate updates and inbound network connections through your firewall to enable Exchange hybrid features. These features include Free / Busy sharing and online mailbox moves. The hybrid agent supports free / busy and mailbox migrations. Email flow, directory synchronization, and other hybrid features are not included. The Hybrid Agent supports free / busy and mailbox migrations; mail flow, directory synchronization, and other hybrid features are not included.

Agent Install Location & Requirements Agent Install Location & Requirements

Agent installation and configuration of Hybrid using the Hybrid Configuration Wizard (HCW) are supported either on a stand-alone computer designed as an "agent server" or on an Exchange 2010, 2013, 2016 or 2019 server with The agent install and the configuration of Hybrid via the Hybrid Configuration wizard (HCW) is supported on either a standalone computer designed as your "agent server" or on an Exchange 2010, 2013, 2016 or 2019 server with the Client Access role .

System requirements

The Hybrid Agent has multiple methods of installation with different requirements. In all cases, the core computer requirements are the same:

The SHCW can download and install the agent MSI automatically. Using this method is ideal when installing on a CAS server In this case, the computer also must:

  • Joined to an Active Directory domain.

  • Capable of establishing remote PowerShell connections to the Client Access Server (CAS) chosen for hybrid configuration.

  • Use a browser that supports ClickOnce technology (for example, Microsoft Edge).

  • The on-premises Active Directory account you're logged into must:

    • Be a member of the Organization Management role group in your on-premises Exchange organization

    • Be a member of the local Administrators group on the computer where you're installing the Hybrid Agent.

Port and protocol requirements

  • The outgoing ports HTTPS (TCP) 443 and 80 must be open between the computer on which the hybrid agent is installed and the Internet, as shown here: https://docs.microsoft.com/azure/active-directory/ manage-apps / application-proxy-enable. Outbound ports HTTPS (TCP) 443 and 80 must be open between the computer that has the Hybrid Agent installed and the Internet, as shown here: https://docs.microsoft.com/azure / active-directory / manage-apps / application-proxy-enable.

  • Ports HTTPS (TCP) 443, 80, 5985, and 5986 must be open between the computer on which the Hybrid Agent is installed on the CAS selected in the Hybrid Configuration Wizard. Ports HTTPS (TCP) 443, 80, 5985 and 5986 must be open between the computer that has the Hybrid Agent installed on the CAS that's selected in the Hybrid Configuration wizard.

Important

All Client Access servers must be able to reach outbound connections to Microsoft 365 or Office 365 endpoints over HTTPS (TCP) 443 because free / busy requests from local users to Microsoft 365 or Office 365 users do not go through the hybrid agent. All client Access Servers must be able to reach outbound to Microsoft 365 or Office 365 endpoints via HTTPS (TCP) 443, because free / busy request from on-premises users to Microsoft 365 or Office 365 users do not traverse the Hybrid Agent. These requests still require These requests still require that your Exchange servers have outbound connectivity to Microsoft 365 or Office 365 end points. Microsoft 365 and Office 365 URLs and IP address ranges describe the required (and hybrid ) Ports and IPs sent to the service based on pre-provisioning: https://docs.microsoft.com/office365/enterprise/urls-and- ip-address-ranges .Microsoft 365 and Office 365 URLs and IP address ranges describes the required (and hybrid) ports and IPs outbound from on-prem to the service here: https://docs.microsoft.com/office365/enterprise/ urls-and-ip-address-ranges.

Proxy server considerations

If your network environment uses outbound proxy servers, additional configuration and requirements are needed. This list may not be exhaustive.

AgentAgent

The agent supports outbound unauthenticated proxy servers, but requires additional configuration after installation by running the ConfigureOutBoundProxy.ps1 script on the computer where the agent is installed; B.: The agent supports outbound unauthenticated proxy servers but requires additional configuration after installation by running the ConfigureOutBoundProxy.ps1 script located in \ Program Files \ Microsoft Hybrid Service \ on the computer where the agent is installed, for example:

By running the script, the following section will be added to the Microsoft.Online.EME.Hybrid.Agent .Service.exe.config file located in the same folder:

Important

A proxy server that prevents registration will cause the connector installation to fail. It is recommended that you allow the connectors to bypass the proxy until changes are made to the app. We recommend that you allow the connectors to bypass the proxy until app config changes can be made. A proxy server that prevents connectors from bootstrapping fails after installation with test connectivity.A proxy server that prevents connector bootstrapping will fail Test connectivity We recommend that you allow the connectors to bypass the proxy until app config changes can be made.

Client Access Server

The HCW establishes connections from your Client Access Server to domains.live.com to exchange metadata and establish trusts. Because connections come from your CAS server Because connections originate from your CAS server, the proxy settings on that server (from) must be set correctly or outbound free / busy can fail. In addition to connection failures, the HCW won't be able to configure delegated authentication if the proxy setting is incorrect.

Free / Busy requirements

The hybrid wizard automatically handles the free / busy information that's required in both environments (cloud and on-premises).

If you need to configure free / busy sharing for a third party company, go to the Organization tab in the Exchange admin center and configure sharing of people or organizations between the two systems (Exchange online / Exchange on-premises or Exchange on-premises / Exchange on-premises) .If you need to configure free / busy sharing with a third-party company, go to the Organization tab in the Exchange admin center and configure individual or organization sharing between the two systems (Exchange online / Exchange on-premises or Exchange on-premises / Exchange on-premises).

If you encounter any problems or need to troubleshoot, see How to. If you encounter any problems or need to troubleshoot, see How to troubleshoot free / busy issues in a hybrid deployment of on-premises Exchange Server and Exchange Online in Microsoft 365 or Office 365.

Limitations Constraints

Keep the following issues in mind before you install the Hybrid Agent:

  • Hybrid Modern Authentication is not supported with the Hybrid Agent. Customers must use the classic Exchange hybrid topology and Autodiscover, EWS, ActiveSync, MAPI, and OAB endpoints for the modern Publish hybrid authentication to work with various Outlooks. Customers will need to leverage the Classic Exchange Hybrid Topology and publish AutoDiscover, EWS, ActiveSync, MAPI and OAB endpoints for hybrid Modern Authentication to function with various Outlook clients.

  • For Teams' Calendaring features that require access to on-premises mailboxes, it's recommended that you leverage the full Classic Exchange Hybrid Topology. Learn more For more information, see How Exchange and Microsoft Teams interact.

  • Message Tracking and Multi-mailbox search do not traverse the Hybrid Agent. These hybrid features require the classic connectivity model where Exchange Web Services (EWS) and Autodiscover are published locally and externally for Microsoft 365 and Office 365. These Hybrid features require the classic connectivity model where Exchange Web Services (EWS) and Autodiscover are published on-premises and are externally available to Microsoft 365 and Office 365.

  • The Hybrid Agent registers the internal fully qualified domain name (FQDN) of the CAS server selected when running Hybrid Configuration wizard in the Azure Hybrid proxy infrastructure. If the registered CAS is offline, the free / busy search from your tenant to local and mailbox migrations to / from your tenant does not work. If the registered CAS is offline, free / busy look ups from your tenant to on-premises and mailbox migrations to / from your tenant won't work. If the selected CAS is permanently offline, a new CAS server must be registered. Run the Hybrid Configuration Wizard again to register a new CAS server. Run the Hybrid Confi Guration wizard again to register a new CAS server.

  • The Hybrid Agent supports a single migration endpoint with the service default limits. Multiple migration endpoints utilizing your custom endpoint / URL is not supported.

  • The Hybrid Agent supports a single Exchange organization.Multiple Exchange organizations hybrid is not supported.

Note

SMTP doesn't traverse the Hybrid Agent and still requires a public certificate for mail flow between Microsoft 365 or Office 365 and your on-premises organization. SMTP traffic is out of scope for the Hybrid Agent.

Run SetupRunning Setup

You must run the HCW from the computer where you want the agent installed. After the agent is installed and configured, the HCW will search for a preferred server to use After the Agent is installed and configured, the HCW will locate a preferred server to connect to and run the standard hybrid configuration steps. You don't need to run the HCW directly from the Exchange server, but how As mentioned earlier, the computer running the HCW must be able to connect to the Client Access server on the ports specified in the Ports and Protocols section directly, but as stated previously, the computer where the HCW is run must be able to connect to the Client Access Server on the ports specified in the Ports and Protocols section.

Installation Prerequisites

  1. Optional: Verify connectivity.

    1. On the server where you are running the Hybrid Configuration Wizard (Hybrid Agent Installation and Hybrid Configuration Steps), download the following sample script and save it to any directory: https://aka.ms/hybridconnectivity. On the server where you will be running the Hybrid Configuration wizard (Hybrid Agent install and subsequent hybrid configuration steps), download the following sample script and save it to any directory: https://aka.ms/hybridconnectivity.

    2. Open the Exchange Management Shell and change directory to the location of the script.

    3. Import the cmdlets by running the following command:

    4. Next run the following command to verify the computer where you're installing can reach out to all required endpoints for the Hybrid Agent installation and Hybrid Configuration wizard setup.

      The output of the command looks like this:

  2. To allow the Hybrid Agent to be installed and to perform mailbox migrations to and from your Microsoft 365 or Office 365 organization, enable the Mailbox Replication Service proxy in the EWS virtual directory by running the following command: To allow installation of the Hybrid Agent and perform mailbox migrations to and from your Microsoft 365 or Office 365 organization, enable the Mailbox Replication service (MRS) proxy on the EWS virtual directory by running the following command:

    Note

    If you don't complete this step before you run the HCW, the HCW will enable MRS proxy. However, it is recommended that you do this step However, we recommend that you complete this step before you run the HCW to ensure the IIS cache has time to clear before HCW validates the endpoint.

  3. change to programs and features in Control Panel and make sure a previous version of the Hybrid Configuration Wizard is not installed. Go to Programs and Features in Control Panel and verify that a previous version of the Hybrid Configuration Wizard is not already installed. If it is, uninstall it.

  4. Install .NET Framework version 4.6.2 on the computer where the HCW is being run. You may need a later version of the .NET Framework depending on the .NET Framework version 4.6.2 on the computer where the HCW is being run Install installed Exchange. You might need to install a later version of .NET Framework depending on the version of Exchange you have installed. If that version is not installed, the HCW will prompt you to install it or the version already installed on your computer Alternatively, if this version isn't installed, the HCW prompts you to install it or upgrade the version already installed on your computer.

Installation steps

  1. Sign in to your local Exchange Admin Center (EAC), navigate to the Hybrid node, and then click Configure.Log into your on-premises Exchange admin center (EAC), navigate to the Hybrid node, and then click Configure.

  2. Select the Exchange server where you want to run traditional hybrid setup. Either select the default server provided by the HCW or specify a specific server in the second radio button. Either select the default server provided by the HCW or specify a specific server in the second radio button Further.Select Next.

  3. Enter your on-premises Exchange credentials and your Microsoft 365 or Office 365 Global Administrator credentials. Click Further.Click Next.

  4. Wait while the HCW gathers information and configuration about your environments. When done, click FurtherWhen it's completed, click Next.

  5. Choose either minimal or complete Hybrid configuration.Select either Minimal or Full hybrid configuration.You can also Select Organization Configuration Transfer.You can also choose Organization configuration transferFor more information, see Hybrid Organization Configuration Transfer V2. Click Further.Click Next.

  6. Follow the steps to enable federation. Click Further.Click Next.

  7. Select Use Exchange Modern Hybrid TopologySelect Use Exchange Modern Hybrid Topology

    click on Further.Click Next.

  8. The HCW installs the Hybrid Agent.There are four basic phases:

    1. Download the agent install package.

    2. Installation of the agent on the local computer (note: this prompts for your Microsoft 365 or Office 365 Global Administrator credentials again) .

    3. Registration of the agent in Azure, including creation of the URL used to proxy requests.The URL has the format: .The URL has the format:.

    4. Testing migration viability from your Microsoft 365 or Office 365 organization to your on-premises Exchange organization via the agent.

    Note

    The Hybrid Agent installation process could take up to 10 minutes to complete.

    The remaining HCW inputs and actions are the same as a Classic Hybrid deployment.

During the update phase, the HCW creates a migration endpoint with the custom URL created in step 8.3 above. The organizational relationship value and / or the IntraOrganization Connector object on the Microsoft 365 or Office 365 side to this value. It will also set the value on the Organization Relationship and / or the IntraOrganization Connector object on the Microsoft 365 or Office 365 side to this value The new URL is used to send requests from your Microsoft 365 or Office 365 organization to your on- premises Exchange organization for free / busy and migrations.

You can view the values ​​configured for each of these values ​​by pressing Get-MigrationEndpoint and Get-OrganizationRelationship over an Exchange Online PowerShell connection with your Microsoft 365 or Office 365. You can view the specific values ​​configured for each of these by running Get-MigrationEndpoint other Get-OrganizationRelationship from an Exchange Online PowerShell connection to your Microsoft 365 or Office 365 organization.

The following example shows the output you might see when you use the Get-MigrationEndpoint cmdlets and Get-OrganizationRelationship execute: The following example shows the output that you might see when you run the Get-MigrationEndpoint other Get-OrganizationRelationship cmdlets:

Multi-agent deployment

Option 1: Use the Hybrid Configuration wizard to install additional agents

Additional hybrid agents can be installed for redundancy, simply download the latest version of the Hybrid Configuration Wizard (HCW) and open the application on the computer on which you want to install an additional hybrid agent. Additional Hybrid Agents can be installed for redundancy, simply download the latest version of the Hybrid Configuration wizard (HCW) and open the application on the computer where you would like to install an additional Hybrid Agent.

  1. Start the application as you did with the previous HCW run, select Continue out.Like previous HCW runs, start the application, select Next.

  2. Select a desired server to run for, select Continue out.Select a desired server to execute against, select Next.

  3. Provide credentials to sign in to Microsoft 365 or Office 365, and then select Continue out.Provide credentials to sign in to your Microsoft 365 or Office 365 organization, and then select Next.

  4. The HCW gathers configuration information and dials upon completion further The HCW will gather configuration information, select Next when complete.

  5. Choose the default option for Completely or Minimal off, choose Continue out.Select the default option provided for either Full or Minimal, select Next.

  6. Choose Exchange Modern hybrid topology, further out.Select Exchange Modern Hybrid Topology, Next.

  7. A page will be shown that will provide you with the status of your existing or previously installed agent (s) Make sure the status of the existing agent is accurate before proceeding to the next step You install an additional agent and then click Further.Select Install an additional agent, and then click Next.

    Example: Example:

The HCW will install the additional Hybrid Agent. After the installation is complete, you can open the Microsoft Windows Services console on the computer and verify that the service or agent is installed and running (search according to Microsoft Hybrid Service - mshybridsvcWhen the installation is complete, you can open the Microsoft Windows Services console from the computer and verify the service or agent is installed and running (look for Microsoft Hybrid Service - mshybridsvcAt that point, you can either re-run HCW if you wish to make further changes to your hybrid config , or simply cancel the wizard.

You can repeat this step on each computer where you would like an additional Hybrid Agent installed.

Option 2: Manually download & install additional agents

A second option for installing additional agents is outside the HCW itself and is done by downloading and manually installing the agent on the desired computer.

  1. Go to https://aka.ms/hybridagentinstaller.Go to https://aka.ms/hybridagentinstaller.

  2. Save the MSHybridService.msi to a location on your computer.

  3. From that computer, open a Windows Command console as Administrator and run the following command to install the Hybrid Agent:

    You will be prompted for your tenant Global Admin credentials.

  4. After the installation is complete, you can open the Microsoft Windows Services console from the computer and verify the service or agent is installed and running.

You can repeat this step on each computer where you would like an additional Hybrid Agent installed.

Checking the Status of Your Hybrid Agents

Option 1: Get status via the Hybrid Configuration wizard

  1. Start the HCW application and select Continue out.Start the HCW application and select Next.

  2. Select a server in your Exchange and choose Continue out.Select a server in your Exchange organization and select Next.

  3. Provide credentials to sign in to Microsoft 365 or Office 365, and then select Continue out.Provide credentials to sign in to your Microsoft 365 or Office 365 organization, and then select Next.

  4. The HCW will gather configuration information. Select You further off when complete Next when it's complete.

  5. Select the default option full or minimalout, and choose Continue out.Select default option provided for either Full or Minimal and select Next.

  6. Choose Exchange Modern hybrid topology from, and choose Continue out.Select Exchange Modern Hybrid Topology and select Next.

    A page will be shown that will provide you with the status of your existing installed agents.

  7. click You cancel, when you're done, click Cancel when you're finished.

Option 2: Get status via the Hybrid Management PowerShell Module

With each installation of the Hybrid Agent, the HCW install the Hybrid Management PowerShell module in \ Program Files \ Microsoft Hybrid Service \ on the computer where the agent is installed. By default, this module is not imported and so you will need to import it before you can use it. This module also requires the Azure module for PowerShell if not already installed. First install the PackageManagement modules, First install the PackageManagement modules and then see this topic for th e Azure PowerShell module installation instruction.

To import the Hybrid Management module, run the following from a Windows PowerShell prompt as Administrator:

After that you can run the following command to view agent status:

The output of the command looks like this:

Note

The ID value in the results is the agent identity and not its unique tenant guid assigned to the route id value in the results is the agent identity and not your unique tenant guid assigned to the route.

Direct your Hybrid Agent (s) to the load balancer instead of a specific server Direct your Hybrid Agent (s) to the load balancer instead of a specific server

You can use the Hybrid Management PowerShell module to configure your Hybrid Agent (s) to exchange load balancing requests instead of a specific Client Access server. s) to direct requests to your load balancer instead of a specific Exchange Client Access Server. The Hybrid Agent supports routing requests to the load balancer for Exchange Server 2013 or later Client Access Servers. Exchange Server 2010 Client Access Servers aren't supported.

  1. Follow the steps from the previous section to import the Hybrid Management module for PowerShell.

  2. use the targetUri parameter in the Update-HybridApplication cmdlet, to change the value of the internalURL from a specific server to the load balancing endpoint targetUri parameter on the Update-HybridApplication cmdlet to change the value of the internal URL from a specific server to your load balancer endpoint.

  3. Use the unique endpoint GUID value for your tenant for the appId parameters (e.g. 6ca7c832-49a2-4a5d-aeae-a616f6d4b8e7). Use the unique endpoint GUID value for your tenant for the appId parameters (for example, 6ca7c832-49a2-4a5d-aeae-a616f6d4b8e7).Note that this GUID value is not the agent ID.Note that this GUID value is not the agent IDTo find the endpoint GUID value, use either of the following procedures:

    • From the value:

      The output looks like this:

      TargetSharingEprTargetSharingEpr
      ----------------
      https://6ca7c832-49a2-4a5d-aeae-a616f6d4b8e7.resource.mailboxmigration.his.msappproxy.net/EWS/Exchange.asmx

    • From the Mrs. configuration: From the MRS configuration:

      The output looks like this:

      RemoteServerRemoteServer
      ------------
      6ca7c832-49a2-4a5d-aeae-a616f6d4b8e7.resource.mailboxmigration.his.msappproxy.net6ca7c832-49a2-4a5d-aeae-a616f6d4b8e7.resource.mailboxmigration.his.msappproxy.net

  4. After you have the endpoint GUID value for your tenant, run the following command:

    • targetUri: https://myloadbalancer.com in this example (their value is different).targetUri: https://myloadbalancer.com in this example (your value will be different).

    • appId: 6ca7c832-49a2-4a5d-aeae-a616f6d4b8e7 in this example (their value is different).appId: 6ca7c832-49a2-4a5d-aeae-a616f6d4b8e7 in this example (your value will be different).

    Example: Example:

Additional information

You can view installation details of the Hybrid Agent in the following locations on the server where it's installed.

  • In the Services console:

  • In the registry at: In the registry at:

  • On the hard drive: On the hard drive:

  • In Programs and Features in the control panel: In Programs and Features in control panel:

Testing and validation of the Hybrid Agent

After a successful deployment of the Hybrid Agent and hybrid configuration, you can use the following steps to validate free / busy and mailbox migration flow via the agent.

  1. On the server where the hybrid agent is installed, open The performance monitoring. On the server where the Hybrid Agent is installed, open Performance monitor.

  2. Add the View the Microsoft AD App Proxy Connector object and the # Requirement counter Add the object Microsoft AD App Proxy Connector and the # requests counter to your view.

MigrationMigration

  1. Open an Exchange Online PowerShell connection to your Microsoft 365 or Office 365 organization.

  2. Replace with the unique endpoint GUID value as described in Direct your Hybrid Agent (s) to the load balancer in place of a specific server and run the following command: Replace with the unique endpoint GUID value as described in Direct your Hybrid Agent (s) to the load balancer instead of a specific server and run the following command:

  3. Enter your on-premises credentials in the dialog that appears.

After the test returns the result, switch back to Performance monitoring, After the test returns the success result, switch back to Performance monitor and confirm that the number of requests has increased.

Running a test mailbox move from your on-premises Exchange organization to your Microsoft 365 or Office 365 organization is also an option.

Note

If this test fails try running Update-HybridApplication and point it to a single Exchange Server instead of a load balancer.

Free / Busy

To perform the same check on free / busy information, log into a Microsoft 365 or Office 365 mailbox in your tenant, create a test subject invitation, and send it to an on-premises mailbox for free / busy information, log in to a Microsoft 365 or Office 365 mailbox in your tenant, create a test meeting invite, and send it to an on-premises mailbox.

Uninstall the Hybrid Agent

To uninstall the hybrid agent, run the hybrid configuration wizard again on the same computer on which you performed the installation and select Classic connectivity off.To uninstall the Hybrid Agent, re-run the Hybrid Configuration wizard from the same computer you ran the installation on and select Classic connectivitySelecting classic connectivity uninstalls and unregisters the Hybrid Agent from the computer and Azure.After unregistering the hybrid agent, you can complete setup After you unregister the Hybrid Agent, you can resume setup and configure hybrid in classic mode.

Switching modes from Classic to Modern

It is possible to switch to Modern Hybrid (Hybrid Agent) after successfully configuring classic hybrid deployment (publishing the EWS namespace + allowing incoming messages). However, this is only recommended if migration to Microsoft 365 or Office 365 is blocked after completing this setup only recommend doing this if you are blocked from migrating to Microsoft 365 or Office 365 after this setup is complete. If you are successfully migrating mailboxes that have hybrid features available to your users and have chosen to restore to Modern Hybrid, see the previous one Limitations section because not all hybrid features or experiences are supported with the Hybrid Agent. If you are successfully migrating mailboxes your users are experiencing hybrid features and chose to revert to Modern Hybrid, see the previous Constraints section because not all hybrid features or experiences are supported with the hybrid agent.

When you have weighed the pros and cons of moving from Classic to Modern and want to continue, you can do this by deleting the existing migration batches, the migration endpoint and re-running the Hybrid Configuration Wizard and Modern Select hybrid.If you have weighed the pros and cons of switching from Classic to Modern and choose to proceed, you can do this by deleting your existing migration batches and migration endpoint and re-running the Hybrid Configuration wizard and selecting Modern hybrid.