Forum Discussion
My sync with Azure AD was already running and I currently have the MS 365 mail account in the user overview and my local account.
Then I just added my email address to the contact details on my local AD, changed the UPN as discussed and entered the following in the attributes under "proxyadresses": {SMTP:email address removed for privacy reasons}
Didn't merge anything after the refresh, so I edited it again and added the following: {SMTP:email address removed for privacy reasons; SMTP:email address removed for privacy reasons}
Apparently that didn't change anything either.
My MS 365 mail account is still not marked with "local synchronization" in the AD.
What am I doing wrong?
Do I have to stop the sync service first and delete the local users from Azure again and start the process again?
Sebastian_Wenning here the steps to follow:
- Disable the sync between AAD and the local domain.
- Make sure that username, UPN and proxy address match between user in on prem and user in AAD
- Sync again
- Sebastian_WenningMay 30, 2023Copper Contributor
Thanks again for helping me via PM.
For everyone else, the solution was simple. You have to match the full UPN with the MS365 user and the attribute "proxyadresses" has to be filled with the SMTP entries of the MS365 user, e.g. SMTP:email address removed for privacy reasons for the main address and smtp:email address removed for privacy reasons for the alias address.
My mistake was that I merged my local users before filling in these entries. I had to delete my missynced on-premises users in Azure and Azure-DeletedUser Recycle Bin and do a new initial sync via PowerShell. After 2 minutes my users were properly synchronized.
Note that all your user entries in MS365 will be overwritten with your local user entries. Therefore, before synchronizing, check again whether all information is available with your local users. - Sebastian_WenningMay 22, 2023Copper Contributor
eliekarkafyThanks, i stopped the sync last friday and change the attributes.
- Userloginname is now fully like my mailadress.
- Userloginname pre Win2k isn´t changed, so it doesnt match my AD User, but if i read your steps correct, it´s not needed.
- At "general" i filled "E-Mail" with my mailadress
- The attribute "proxyAdresses" is now filled with the attribute "SMTP:mymailadress"
I had an error with the user-rights if i look into the Synchronisation Service Manager, but this is solved.
My new status:
No seen errors in the Manager. AD User-Table shows no double users, but all users are not marked as "local synced". -> Has to change to "yes", or not?
Ontop of that, my bosses user has an deployment error, category PropertyConflict in his ProxyAdresses.
Thats curious, because the value in this error shows his "SMTP:hismailadress" like all 4 other synced users have it filled with teir adresses, but the other users didn´t get any errors at all.
- eliekarkafyMay 22, 2023MVPif the users are not marked as local synced with a yes, that's means your users are cloud only and not merge with your local users on-premises. can you show me please an example of one your users on premises. username , UPN , smtp proxy and how its look like on O365 as well