Forum Discussion
Identity synchronization to Office 365 - two smpt proxy address
I'm confused by this part Alternate login id (mail) is the way to go, but best practices is to change the UPN on-prem to your primary smtp address value.
Do you mean to change the user log on name from dearj to mailto:jenny@example1.comon prem before doing identity synchronization? Please see the photo i attached.
The UPN part i.e. what comes after @ is already example1.com and it matches my primary smtp address value.
However, I'm mainly concerned with the part before @
Answer found here: https://blogs.perficient.com/2015/07/07/office-365-why-your-upn-should-match-your-primary-smtp-address/
Thanks for the link.
Now, my only question is what is the best approach to create the alias with the second domain ? Before remote mailbox is done or after ?
Is there any powershell script that can do this or i can do it during directory/identity synchronization ?
- Guys, i think this is what we have been waiting for , well at least I.
Got you. Since I plan on getting rid of ad connect soon after migration, i don't think i need updates.
I have one more question ,but I'll make a separate thread about it.
Thanks for everything so far.
- Doesn’t matter if the UPN is there on-prem or not, right.
Express settings has the advantage that you will automatically receive updates (kind of auto updated) and the default configuration will be applied. Of course you can use the custom setting and configure OU filtering. "as long as no user has example3.gov as an email address, there will be no issues. If you want to sync these smtp addresses to O365, then you have to register it (but you don't have to add them as an additional UPN suffix in your on-prem AD)."
No, no user has the example3.gov as an email address and i don't want to sync it.
Also, no user has an upn suffix that ends in example3.gov.
However, the upn suffix is there - it's not being used, but it's there available to be picked up.
So as long as no user has the upn suffix added to their log on, then it won't be an issue correct ? Even though it's available ?
Also, one more question, it seems everyone recommends using express settings, but is it an issue to use custom settings so i can choose two OU for synchronization , without synchronizing some local accounts from other OU that have no email address and are used purely for domain compute access?
Thanks again for everything.
Ferzaer2 So since I already have two smtp proxy addresses on premises for each user , the alias should be created automatically ? --> yes.
Will the example3.gov domain cause an issue since it's not verified in office 365 ? --> as long as no user has example3.gov as an email address, there will be no issues. If you want to sync these smtp addresses to O365, then you have to register it (but you don't have to add them as an additional UPN suffix in your on-prem AD).
Hi, sorry for late reply.
So since I already have two smtp proxy addresses on premises for each user , the alias should be created automatically ?
Also, one more question. I have decided to try and use a script to change each users UPN to
mailto:jenny@example1.com
However, I forgot to mention, I will have 3 domains in UPN.
example1.com (also verified in office 365 and used as main upn for users, meaning all users will have a upn of: mailto:name@example1.com set prior migration).
example2.org (also verified in office 365, no user will have this as their upn)
example3.gov(not verified in office 365, no user will have this as their upn)
Will the example3.gov domain cause an issue since it's not verified in office 365 ? I will not be using it as a upn ? I think there's an option to just ignore it if it's not verified when doing identity synchronization and that the most important part is the actual upn that is selected i.e.
mailto:jenny@example1.com for every user (and even though there are other domains, this will be the one that is used, correct )?
Thanks.
- Short answers: no. You need to connect both domains / forests e.g. if you have an account and Exchange ressource forest setup.
Guys! I was reading the whole conversation because I am in same sort of situation.
Yes, choosing email as Syncing attribute will create users UPNs in office 365.
I need a clarification here..a mailbox having proxies addresses on-premises ,after migration to cloud , will these proxy addresses appear there? Keeping in mind that I only sync my email attribute based domain while proxy addresses are on different domain which is not syncing?
Ferzaer2 Do you mean to change the user log on name from dearj to jenny@example1.com on prem before doing identity synchronization?
--> exactly, always follow the simplest method and the best practices approach from Microsoft.
Now, my only question is what is the best approach to create the alias with the second domain ? Before remote mailbox is done or after ?
Is there any powershell script that can do this or i can do it during directory/identity synchronization ?
--> It's already there from your screenshot (one primary smtp address (SMTP) and one secondary smtp address (smtp). You can add the alias either manually, PowerShell, or email address policy on-prem. All those values will be synchronized to Exchange Online.
Prior migration:
1. Manually: ECP
2. PowerShell: Set-Mailbox "Dan Jump" -EmailAddresses @{add="dan.jump@northamerica.contoso.com","danj@tailspintoys.com","jenny@example1.com"}
3. Email address policy in ECP or via PowerShell: Get/Set-EMailAddressPolicy
After migration:
1. Manually: ECP
2. PowerShell: Set-RemoteMailbox "Dan Jump" -EmailAddresses @{add="dan.jump@northamerica.contoso.com","danj@tailspintoys.com","jenny@example1.com"}
Hope that helps.
