Forum Discussion

Jerry Meyer's avatar
Jerry Meyer
Iron Contributor
Mar 20, 2017
Solved

The question nobody dares to ask! How do you create a new user in a hybrid environment.

Hi, the last couple fo days the question how to create a new user in a hybrid exchange environment is floating around in my head.   Most of the time when i create a user i create a onpremise accoun...
exchange online
Exchange Server
hybrid
office 365
  • Paul Cunningham's avatar
    Paul Cunningham
    Mar 20, 2017

    The best practice is whatever works for your user management workflows. You can create it either way. In a hybrid you can move mailboxes back and forth whether they were created on-prem or in the cloud.

     

    One caveat with New-RemoteMailbox is that it can't do Shared mailboxes. Those you need to create on-prem and then move, or, create in EXO as a user mailbox and then convert to Shared. Either way, same result.

ShrenikSalguna's avatar
ShrenikSalguna
Copper Contributor
Feb 18, 2019
Could you kindly share the script where you create the user in AD and force the dir-sync.

What i'm trying to achieve is to make the whole process automated
The user fields(properties) will be generated by a CSV file
1.Create the user in AD OU that is AD-Connected
2.force AD Sync
3.Assign License (by PS script) - we use only two types of license: Business Premium and E3
4.Send Notification to Admin that email account was activated.
Martin Meraner's avatar
Martin Meraner
Brass Contributor
Mar 18, 2019

ShrenikSalguna 

I use the on-premise Exchange server to create the user if that helps you (note the below cannot simply be used, just for inspiration)


$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://[yourExchangeServer].dca.dk/PowerShell/ -Authentication Kerberos -Credential $adminCredential

Import-PSSession $Session -Prefix XXX
$remoteMailbox = New-XXXRemoteMailbox -Alias $initials -SamAccountName $initials -UserPrincipalName $userUPN `
-Name $fullName -FirstName $firstname -LastName $lastname -DisplayName $fullName `
-Password (ConvertTo-SecureString -AsPlainText $password -Force) -ResetPasswordOnNextLogon $false `
-OnPremisesOrganizationalUnit $ou.DistinguishedName `
-Confirm:$false `
-DomainController $domainController -PrimarySmtpAddress $userUPN # `
#-Archive #latest addition to have an archive mailbox active

Start-Sleep -Seconds 8 -Verbose


$remoteMailbox | Set-XXXRemoteMailbox -EmailAddressPolicyEnabled $True


Remove-PSSession $Session

 

 

and for sync I run the following:

 

$Session = New-PSSession -ComputerName [syncserver].dca.dk -Authentication Kerberos -Credential $adminCredential

 

$JobSync1 = Invoke-Command -Session $Session -Scriptblock { Import-Module ADSync }
$JobSync2 = Invoke-Command -Session $Session -Scriptblock { Start-ADSyncSyncCycle -PolicyType Delta }


Remove-PSSession $Session

Resources