Forum Discussion
The question nobody dares to ask! How do you create a new user in a hybrid environment.
The best practice is whatever works for your user management workflows. You can create it either way. In a hybrid you can move mailboxes back and forth whether they were created on-prem or in the cloud.
One caveat with New-RemoteMailbox is that it can't do Shared mailboxes. Those you need to create on-prem and then move, or, create in EXO as a user mailbox and then convert to Shared. Either way, same result.
It gets easier to understand once you've done the hybrid setup ;) Exchange 2013 CU15 hybrid in my case:
Once you've done the hybrid setup, you simply get a new UI option in the exchange admin center (onPrem) under recipients > mailboxes > New Office 365 Mailbox.
Thats it.
So there is no need to go through that many steps as you've described
- create new Office 365 Mailbox
- this of course creates the onPrem AD User with the linked Office 365 mailbox
- wait for Azure AD Connect to sync your your AD Users (not sure if this is necessary)
- enable Exchange Online License for synced user
- done
Ivan54 wrote:It gets easier to understand once you've done the hybrid setup ;) Exchange 2013 CU15 hybrid in my case:
Once you've done the hybrid setup, you simply get a new UI option in the exchange admin center (onPrem) under recipients > mailboxes > New Office 365 Mailbox.
Thats it.
Thanks a lot! (edit) apparently I was not aware of that option at the time I wrote the script.
Its good to see that this question isn't really that stupid :).
What i do is the following, i use create user in onprem and mailbox onprem migrate it to office365 and assign license when the customer is gonna use the hybrid server for Maintanance and administration.
When a customer is planning to go all the way to the cloud i use create user sync user assign license. With the assumption the Exchange on-prem environment will be cleaned up.
Jerry Meyer wrote:When a customer is planning to go all the way to the cloud i use create user sync user assign license. With the assumption the Exchange on-prem environment will be cleaned up.
Your question (and thread title) are about hybrid deployments, which means directory sync is in place + an on-prem Exchange server. What is this second scenario you're throwing into the mix where Exchange will be "cleaned up"?
Keep in mind that with directory sync in place, an on-prem Exchange server is required for managing mail attributes in a supported manner, even without the hybrid configuration.
This assumes the user doesn't have an IAM process/team that uses some other user management process. In most cases, creating the user through Exchange is not an option at the larger clients and we have to powershell it somewhat through the IAM tool in place.
Paul Bridges wrote:This assumes the user doesn't have an IAM process/team that uses some other user management process. In most cases, creating the user through Exchange is not an option at the larger clients and we have to powershell it somewhat through the IAM tool in place.
True, though no powershell was mentioned as a requirement in this case. In any case, (almost) everything the Exchange or AD Consoles can do via GUI is of course sriptable via powershell.
You can even auto apply licenses via Azure AD group memberships, therefore saving you one scripting step and just add a group membership.
You al have some very good answers but the question still is what is best practice. i have done al the scenarios and they al work. But what is the difference between these to options
Create user and mailbox onprem sync user and migrate ,mailbox to o365 assign license
or
Create user sync user to o365 and assign license.
I think the only difference is that when you migrate the mailbox you can migrate it back to onprem when you have a Hybrid. But i am not sure if that is still relevant when you are in Exchange online.
Remember this involves a new user so no legacy mailboxes or anything like that.
