Forum Discussion
Solved
Hyrbrid Identity with green Field AD. Do I need to extend the schema for exchange?
Sorry if this is a basic question but what is the guidance around
A green field setup with a new AD, setup with hyrbrid identity syncing to Entra etc. (Some very old legacy apps still need AD)
Users will be using EXO but there is no\never has been any exchange servers.
What is the guidance around how exo is managed? Do I need to extend the AD schema for exchange? Any other notes around what is needed for a supported environment.
Currently the schema is not extended but trying to hide an object in EXO results in
"The operation on mailbox because it's out of the current user's write scope. The action can't be performed on the object because the object is being synchronized from your on-premises organization. This action should be performed on the object in your on-premises organization
What I would dearly love is a clear MS article on the above but haven't found one yet."
Thanks for any advice.
- Short answer is yes, you do need to extend the schema. When syncing objects using Entra Connect, the on-premises object is the source of authority, and thus if the schema property doesn't exist for that object, that becomes an issue. Microsoft also only support the use of the Exchange management tools to manage Exchange related properties. This might help: https://learn.microsoft.com/en-gb/Exchange/manage-hybrid-exchange-recipients-with-management-tools
1 Reply
- Short answer is yes, you do need to extend the schema. When syncing objects using Entra Connect, the on-premises object is the source of authority, and thus if the schema property doesn't exist for that object, that becomes an issue. Microsoft also only support the use of the Exchange management tools to manage Exchange related properties. This might help: https://learn.microsoft.com/en-gb/Exchange/manage-hybrid-exchange-recipients-with-management-tools