Forum Discussion
atirhi
Sep 17, 2020Copper Contributor
Adding domain to Office 365 caused outlook to point to office 365 instead of on-premises exchange
Dear All,
i have the following situation and need an advice please:
* We have office 365 account for using Microsoft Apps with 80 users added to it with abc.onmicrosoft.com domain.
* We have Exchange 2013 server on premise with our abc.net domain with the same usernames available on office 365 admin center.
* We added our abc.net domain to the admin center as a second domain so that the users can access Teams, One drive and other Apps using the same email address abc.net instead of abc.onmicrosoft.com. The license is Microsoft Business Standard.
* Everything went fine at the beginning and then outlook started pointing to the office365 accounts instead of the on premise Exchange server although when the domain added, the option of not connecting the services was selected.
is there a way to use the same domain and keep services separated?
thank you
- burningiceBrass Contributor
atirhi I just see this post by coincidence, we had such migration as well and had the same issue as you have experienced with around 100 users.
As far as we have understood, this is due to Outlook's Direct Connect feature which checks against Exchange Online by default and bypasses regular AutoDiscovery if a verified domain is found. If your users also have an Exchange Online license (e.g. if you are using Teams Exploratory licenses or M365 Business, these are applied by default) your users already have an additional cloud only mailbox. So Outlook finds two mailboxes and is kinda confused.
https://www.gothamweb.com/portal/index.php/knowledgebase/8/Outlook-bypasses-AutoDiscover-and-connects-directly-to-Office-365-mailbox.html
You can remove all Exchange Online licenses of your users or continue with a proper Exchange Hybrid deployment. Alternatively you can set the following reg setting on all clients in order to suppress this behavior.[HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover] ExcludeExplicitO365Endpoint=dword:00000001
- atirhiCopper Contributor
thank you very much. This is exactly what is happening. I will try the solution, but changing the registry record could be time consuming with staff at several places. Any ideas to auto deploy it?
thank you.
- burningiceBrass ContributorEasiest way is to create a GPO with this reg setting and apply it to your users.
If you want to remove the licenses, it depends how your infrastructure is built, do you already have Azure AD Connect established?
If yes, I would create a new Security Group like "M365 Business" and apply it to all affected users. Then in M365 admin console, remove every license assignment to you users. Instead use this newly created AD group and assign the M365 license to the group, there you can remove Exchange Online plan for the whole group at once. After this is processed, all users have this predefined set of licenses.
If you have no AAD sync in place, you can either start with this, but then you might face other issues during initial sync as the local AD users might not map with the already existing cloud users and result in a mess - we had assistance from a certified partner for this step. Then it might be the fastest to to click though every user and remove the Exchange Online plan manually..
Hi, when you added your domain to O365, did you change your MX records or autodiscover records? This would have the effect you are seeing.
What you would need to do to achieve what you are looking for is configure hybrid coexistence between your on premises AD and Azure AD. This will allow you to use your domain both on-premises and in the cloud, but keep the Teams and Exchange services separate.
What you will have to be careful of is duplicate email accounts. You may now find that your users have a mailbox on-premises and also in the cloud. Another complication if this is the case, is that Teams uses the Exchange Online mailbox to store information.
If you have no significant info stored in Teams just yet, then the easiest potential solution to this may be to delete these cloud accounts. If you find you have important business data stored in these cloud accounts, it becomes more difficult, and you will need to go through a process to match the accounts together.
- atirhiCopper Contributor
thank you very much. I didn't change the MX records, I just added the TXT record for verification. That's why I'm confused of why outlook switched to the cloud accounts.
thanks
Hmm, that is odd. Autodiscover record definitely not pointing to autodiscover.outlook.com?
What M365 licences have you assigned to the cloud users?