Forum Discussion
Identity synchronization to Office 365 - two smpt proxy address
Ferzaer2 Yes, I actually got it ๐
1. You can't remove any Exchange as long as AAD Connect is in place. If you want to remove Exchange, you "have to" switch to cloud-only accounts. It's not supported to change Exchange attributes in AD/ADSIEDIT.
2. You can configure the mail-attribute in Azure AD Connect as the logon name (UPN in Azure) which is explained in my link. A user can only have one logon name (UPN) and I believe you mean by alias another email address, right? If yes, use email address policies on-premises, then Exchange will add all your required aliases to the mailbox and these addresses will be synchronized to Exchange Online with AAD Connect and you can receive emails on those aliases as well.
We are getting somewhere. I really appreciate your input. Here is a bit more clarification.
1. We are not going to keep ADconnect around, we plan on moving all mailboxes/users to the cloud and killing exchange(after we uninstall adconnect). We don't need password synchronization, etc. We are going to keep AD on premises for file sharing etc, and users will continue to use their current log ins as if nothing changed. Only email access will be changed and they will have two passwords moving forward.
2. Our on premises exchange email policy has a rule where whenever we create
mailto:usera@example1.com, they also have an alias created mailto:usera@example2.org (yes, different domains) which is why in AD attribute the proxy address has two smtp (different domains for same user linked to one mailbox).
However,
I would like to create in office 365 a user log in based on the mail attribute which will result in
Is there a way to do this iautomatically or with powershell based on the proxy address since they already have SMTP: mailto:jenny@example1.com (with capital so that it's the primary domain/address) and the second one smtp: mailto:jenny@example2.org as the second one or alias.
Or for example, i synch them and their identities are created as:
mailto:jenny@example1.com, can i use powershell to create an alias for them automatically for each user so they become
mailto:jenny@example2.org, basically taking whatever is after @ i.e. example1.com and replacing that with example2.org and thus creating an alias automatically ?
I feel like i will have to do this manually, but still looking for ways.
Ferzaer2 sure thing, you're welcome!
1) got it, thanks
2) "I would like to create in office 365 a user log in based on the mail attribute which will result in
Primary email address and username: jenny@example1.comAlias: jenny@example2.org"Let me try to explain it: UPN + primary smtp address: jenny@example1.com --> Default user login name (UPN) in Azure if you don't configure alternate login id in Azure AD Connect.Alias: jenny@example2.org --> what do you mean by alias? Additional proxy address? mail? mailnickname? If you want this as the UPN/login name in Azure, you can use whatever attribute you want as your logon name in Azure AD Connect.If you mean the "alias" in the Microsoft 365 admin center: you can choose a user login name (UPN) from any existing smtp addresses (alias). Is this the feature you are trying to use (see attached screenshot)?If yes: this can be achieved by email address polices or, of course, you can add the alias afterwards in Azure via PowerShell for all your users in bulk.Don't know what happened to my last reply (it just went missing) but yes, I am referring to the alias in microsoft 365.
Some users receive email at example2.org domain and i would like whatever email they receive at mailto:jenny@example2.org gets redirected to mailto:jenny@example1.com - and this seems the way to go about it.
Now, I'm attaching photos so you use what their upn looks like now with the user log on name, it's
mailto:dearj@example1.com@example1.com , if i use this as my default identity for add connect then their microsoft office 365 account primary address will be mailto:dearj@example1.com@example1.com
However, their email is mailto:jenny@example1.com@example1.com and we want this to be created as their microsoft office 365 primary address.
See the attached photos.
It seems the only way is to use alternate log in for azure ad connect and choose mail attribute which corresponds to mailto:jenny@example1.com
Just wondering what can go wrong and why not go this way ? It seems the best /fastest way to achieve this.
There are no two duplicate mail attributes and i guess we can add the alias manually or automatically with powershell.
โโโ
Ferzaer2 yes, a mailbox can have many different alias proxy addresses and the automatically get "redirected" to their primary address. Actually it's not a technical redirect, they just get into the mailbox itself. And yes, alternate login id is the best way how to achieve this.
Please refer to the following articles regarding UPN ne primary smtp address:
https://invorx.com/upn-should-match-your-primary-smtp-address-in-office-365/"... Yes, Microsoft did release a feature last year called โAlternate Login IDโ that allows you to use an attribute other than UPN for your Office 365 login, but that feature comes with a list of limitations that you should be aware of."
It's the easiest way if you prepare your identities on-prem (e. g. email address policy to add all required alias and sync it to Azure), migrate your data, decommission your on-prem infrastructure. If you disable the dirsync afterwards in Azure, you can also change your objects there. Alternate login id (mail) is the way to go, but best practices is to change the UPN on-prem to your primary smtp address value.
Hey, i think images help. Yes, I was referring to that alias in microsoft 365 center.
I have both example1.com and example2.org added to my tenant.
However, when i synchronize users to create their identities i would like their primary address to be
mailto:jenny@example1.com , and then either later/ or in the same step add the alias
mailto:jenny@example2.org- because a lot of people send them emails at the second email.
So if someone sends them an email at mailto:jenny@example2.org i want that email to be forwarded to mailto:jenny@example1.com - from what i read this is the way to go.
Now, I'm attaching some photos so that you see that the users log on name or username for domain computers is "dearj" and when i synchronize and if i use the default identity , their primary address on office 365 will be
mailto:jennyd@example1.com@example1.com
However, i want to avoid this as it will cause confusion when their email is mailto:jenny@example1.com
Rather than updating user log on name on the on premises AD for all of them manually before synchronization i can use the mail attribute from AD attributes as the alternate identity for add connect and this should create in microsoft 365 their username/id based on the mail attribute. Right ?
See attached images
I am not sure what could go wrong since we won't be keeping the hybrid for very long ? Every mail attribute is unique if there are two Jenny, then the second one gets a mail attribute mailto:Jenny2@example1.com
Thanks again for being involved and helping me.
