On-prem Exchange needed for Azure AD Connected MS365 user with a mailbox?

Hi Kevin_Davis 

This is a common question, and to answer it quickly - yes you need to install an Exchange 2016 server (not 2019 since you can't get a free hybrid key for this), if you plan to retain your on-prem AD and sync users with Office 365.

The reason is that since you accounts originate in AD, you have to add the email attributes to those accounts in your on-prem AD (not in Azure AD or Exchange), and the only supported way of doing that is to use the EAC. The are other options that are not really viable:

- Just license the users for Exchange online, they will get a mailbox and email will work. But you will find that you cannot do some things e.g. add email aliases (proxy addresses), since they have to be added in AD as properties of the user account.

- Use other tools e.g. ADUC, ADSI edit, 3rd party to manage email the email attributes, no supported and you could cause issues. Exchange uses many different attributes so hard to manage manually (and you wouldn't even have the schema extensions).

So basically:

- Install Exchange on one server.

- Use the EAC to manage mailboxes, including mailbox creation (choose New - Office 365 mailbox, or new-remotemailbox in powershell for example).

- Wait for Microsoft remove the requirement to use Exchange and give us another way of doing it.

There was a blog post about this recently here where the Exchange team confirmed that for the time being you still need hybrid, but they are working on a solution (and have been for several years by all accounts) that would enable you to remove the on-prem Exchange server.