Forum Discussion
On-prem Exchange needed for Azure AD Connected MS365 user with a mailbox?
Hi Kevin_Davis
This is a common question, and to answer it quickly - yes you need to install an Exchange 2016 server (not 2019 since you can't get a free hybrid key for this), if you plan to retain your on-prem AD and sync users with Office 365.
The reason is that since you accounts originate in AD, you have to add the email attributes to those accounts in your on-prem AD (not in Azure AD or Exchange), and the only supported way of doing that is to use the EAC. The are other options that are not really viable:
- Just license the users for Exchange online, they will get a mailbox and email will work. But you will find that you cannot do some things e.g. add email aliases (proxy addresses), since they have to be added in AD as properties of the user account.
- Use other tools e.g. ADUC, ADSI edit, 3rd party to manage email the email attributes, no supported and you could cause issues. Exchange uses many different attributes so hard to manage manually (and you wouldn't even have the schema extensions).
So basically:
- Install Exchange on one server.
- Use the EAC to manage mailboxes, including mailbox creation (choose New - Office 365 mailbox, or new-remotemailbox in powershell for example).
- Wait for Microsoft remove the requirement to use Exchange and give us another way of doing it.
There was a blog post about this recently here where the Exchange team confirmed that for the time being you still need hybrid, but they are working on a solution (and have been for several years by all accounts) that would enable you to remove the on-prem Exchange server.
Hi Kevin_Davis
This is a common question, and to answer it quickly - yes you need to install an Exchange 2016 server (not 2019 since you can't get a free hybrid key for this), if you plan to retain your on-prem AD and sync users with Office 365.
The reason is that since you accounts originate in AD, you have to add the email attributes to those accounts in your on-prem AD (not in Azure AD or Exchange), and the only supported way of doing that is to use the EAC. The are other options that are not really viable:
- Just license the users for Exchange online, they will get a mailbox and email will work. But you will find that you cannot do some things e.g. add email aliases (proxy addresses), since they have to be added in AD as properties of the user account.
- Use other tools e.g. ADUC, ADSI edit, 3rd party to manage email the email attributes, no supported and you could cause issues. Exchange uses many different attributes so hard to manage manually (and you wouldn't even have the schema extensions).
So basically:
- Install Exchange on one server.
- Use the EAC to manage mailboxes, including mailbox creation (choose New - Office 365 mailbox, or new-remotemailbox in powershell for example).
- Wait for Microsoft remove the requirement to use Exchange and give us another way of doing it.
There was a blog post about this recently here where the Exchange team confirmed that for the time being you still need hybrid, but they are working on a solution (and have been for several years by all accounts) that would enable you to remove the on-prem Exchange server.
halbp Thanks for the reply. Much as I expected, given what I know about sites with historic Exchange servers.
Seems MS missed a trick here; "So you're on a 3rd party email server? Come to MS365 where everything is just better. But you'll have to provision a full blown Exchange server on-premise if you are using Azure AD Connect to sync passwords." I understand the reason behind it, just think there should be a MUCH neater solution, esp. for small companies that over the years landed up with ADDS on a small office file server and want to use their work login details for MS365 with a mailbox.
Kevin
Kevin_Davis yes pretty much everyone has the same reaction when they find this out. Move to the cloud, but you still need to install Exchange? Crazy!
They really need to get this fixed, but for the moment that's how you have to do it.
