The difference between a smooth cloud transition and a midnight crisis often comes down to one thing: preparation. You can spend months planning your migration to Exchange Online, only to hit a wall when legacy tools fail under new Microsoft requirements. While the cloud promises agility, the deprecation of Exchange Web Services (EWS) has exposed outdated migration strategies. Teams relying on older tooling are suddenly scrambling. This isn’t just a technical update - it’s a wake-up call.
The EWS deprecation: Why migration tools are being re-evaluated
Microsoft’s decision to phase out EWS isn’t merely a background change - it’s a fundamental shift in how applications interact with Exchange. Tools built on EWS are now operating on borrowed time, struggling with modern authentication, unreliable data sync, and incomplete mailbox handling. As organizations move toward hybrid or full cloud environments, the gap between legacy assumptions and actual platform behavior widens.
Many IT teams simplify their architecture by using a comprehensive Sharegate solultion to migrate mailboxes. The reasoning is clear: instead of patching old workflows, they adopt solutions designed for Exchange Online’s current API landscape. These modern tools leverage Microsoft Graph API and support modern authentication by default, avoiding the pitfalls of deprecated protocols.
| Legacy Tool Assumptions | Modern Exchange Online Realities |
|---|---|
| Relies on EWS endpoints for mailbox access | Requires Microsoft Graph API or EAC-based access |
| Uses Basic Authentication for connections | Demands modern authentication (OAuth 2.0) |
| Assumes full mailbox access including archives | Archive visibility requires user license validation (Exchange Online Plan 2) |
| Treats Litigation Hold as a static setting | Holds must be validated pre-migration to prevent legal exposure |
| Simple per-user or per-mailbox pricing | Complex tiering with potential for unexpected costs |
It’s not just about connectivity. The real issue lies in how these older tools handle nuanced features like calendar synchronization and shared mailbox permissions. Without native support, inconsistencies arise - and those often surface only after cutover.
Planning pitfalls: What IT Directors miss before cutover
The hidden trap of unmapped archives
One of the most common post-migration surprises? Users can’t find their old emails. Why? Because their archive mailboxes weren’t properly mapped before the move. Archive content doesn’t automatically follow the primary mailbox unless explicitly included - and even then, success depends on Exchange Online licensing alignment.
When an archive is left behind, it doesn’t trigger an error during migration. It simply disappears from view. Users may not notice for days or weeks, until they go looking for a specific message. By then, the source environment might already be decommissioned. The result? Lost productivity and eroded trust in the migration process. Pre-migration diagnostics that detect archive presence - and verify their migration path - are essential.
Validation of Litigation Hold configurations
Another silent risk: unverified compliance settings. If a mailbox is under litigation hold, but the hold wasn’t validated before migration, there’s a chance it won’t carry over correctly. In regulated industries, this isn’t just inconvenient - it’s dangerous.
Imagine migrating a legal team’s mailboxes, only to discover months later that preserved emails were excluded due to a misconfigured hold. The exposure could trigger audits, fines, or worse. Unlike simple data transfers, compliance-related attributes must be audited, not assumed. Running a diagnostic scan that confirms hold status - across all relevant mailboxes - is a non-negotiable step.
Identity mismatches and meeting behavior
Calendar issues are often the first sign of deeper integration problems. After migration, users report duplicates, missing invitations, or events that appear as “free” instead of “busy.” These glitches usually stem from identity mismatches - when the target tenant doesn’t properly resolve the user’s UPN or SMTP address.
Even minor discrepancies in domain configuration can break meeting delegation, recurring series, or resource booking. These behaviors don’t fail loudly during migration; they degrade silently. The best defense? A pre-migration analysis that flags potential identity conflicts and calendar anomalies before any data is moved.
The licensing gap: Ensuring M365 tiers support your migration
Exchange Online Plan 2 vs Business Basic
You can have the best migration tool in place, but if your users are on the wrong Microsoft 365 license, key features simply won’t work. Archive mailboxes, for example, require Exchange Online Plan 2 - they’re not available on Business Basic or Business Essentials plans. This isn’t a tool limitation; it’s a platform restriction.
Too many teams discover this mid-project, only after users complain about missing data. The fix? Audit licenses before migration begins. Identify which users need Plan 2 based on current archive usage or compliance roles. This avoids last-minute upgrades and budget overruns.
Litigation Hold and license-tier gating
Likewise, litigation hold isn’t universally available. It’s gated behind E3 and E5 licenses. If your organization relies on legal preservation and some users are on lower-tier plans, those holds won’t be supported - meaning even if you migrate the mailbox, the compliance safeguard won’t function.
This creates a critical planning blind spot. It’s not enough to ask whether your migration tool supports holds; you must first confirm whether the destination tenant allows them. This dual-check - tool capability + license eligibility - should be part of every project’s initial assessment.
Simplified tool licensing as a buffer
While Microsoft’s licensing model is complex, your migration tool doesn’t have to add to the confusion. Some platforms use tiered pricing - charging extra for archive support, public folders, or additional workloads. This creates its own form of scope creep.
In contrast, all-in-one tools offer predictable pricing: one fee, full functionality. That means no surprise costs when you encounter archives or shared resources. It simplifies budgeting and lets you focus on the technical readiness of your environment, not the pricing model of your tool.
- ✅ Verify archive availability per user’s license tier
- ✅ Confirm litigation hold support on destination plan
- ✅ Check storage quotas to avoid overflow post-migration
- ✅ Ensure identity sync (Azure AD Connect) is properly configured
Common questions for IT leaders
What happens to shared mailboxes if the target license is insufficient?
If a shared mailbox requires features like litigation hold or online archives, but the associated license doesn’t support them, those capabilities won’t be active in the target environment. The mailbox may migrate, but key functions will be disabled. Always validate license eligibility before migration to avoid compliance or usability issues.
Is there an easier way to migrate archives without upgrading every user?
Some third-party tools allow temporary storage or staging of archive content outside the user’s mailbox during migration. This lets you preserve data without immediately upgrading licenses. However, long-term access still requires Exchange Online Plan 2 or equivalent - the upgrade can be delayed, not avoided.
Are there new security protocols required for migrations in 2026?
Yes. Modern authentication is now mandatory for all migration tools interacting with Microsoft 365. Basic Authentication is deprecated. Any solution must use OAuth 2.0 and support app-only permissions with certificate-based authentication to ensure secure, scalable access.
How long should we maintain the old tenant post-migration?
It’s advisable to keep the source tenant active for at least 30 days after cutover. This provides a recovery window in case issues arise. After confirmation that all mailboxes, archives, and compliance settings are intact, you can begin decommissioning - but only after formal sign-off from stakeholders.
How often should we run pre-migration diagnostic scans?
Run an initial scan during planning, then repeat it shortly before each migration batch. Changes in user licensing, mailbox size, or compliance settings can occur between phases. Regular diagnostics ensure you’re working with up-to-date data - critical for accurate forecasting and risk mitigation.