You connect directly to the ESXi host with root. Because you're going to have to boot up vCenter in addition to the DC anyway when you're using SSO. I would use DRS rules to prefer host1 for vCenter and the PDCe for that reason.
Only in the very early days of virtualization (2008-2012) did I recommend keeping a physical server around. I know a lot more now than I did then.
But anymore, I don't recommend using SSO for hypervisors or backup infrastructure. It's better to add another wall in front of an attacker trying to laterally move onto these critical platforms for ransom, data exfiltration, etc.
And in reality, these "kaboom events" aren't terribly common unless you've neglected some other part of your infrastructure.
Also are your wireless clients on a different VLAN than your wired clients? Does the firewall treat this traffic differently in any way? Does DHCP give out different DNS settings than wired?
The private financial company—which you don’t get to choose—gets its cut as well, in fees, some which are hidden.
Not disagreeing with anything, but people should know that even if you’re locked into a crappy HSA provider through your employer, like BenefitWallet, you can and should still open an HSA with a good provider, like Fidelity, and max out and invest contributions there.
Just don’t forget to save all the receipts for out-of-pocket health expenses.
It sounds like you need to set up Exchange Hybrid although it’s really not clear to me what you’re actually doing.
What is the “secondary server?” How did all this work before you bought “MS accounts?” Where was the MX pointing before? When you say “Exchange server” are you talking about Exchange Online or onprem? Which server is rejecting with the relay error?
Regardless, you’re going to need objects in the environment where the MX points that forward to the second location where the rest of the users are. In Exchange onprem/Online this would ideally be a MailUser object created by Azure AD Connect, but a Contact could suffice in certain setups.
And the second environment needs to trust the emails forwarding through the first or you’ll have SPF failures.
But again, a proper Exchange Hybrid setup takes care of all of this.
You should still be able to sync them and let soft matching connect the onprem and cloud accounts. Then the info in that post can be used to clean up the duplicate cloud mailbox and its properties in preparation for a Migration.