Forum Discussion

Kevin_Davis's avatar
Kevin_Davis
Brass Contributor
Aug 17, 2020

On-prem Exchange needed for Azure AD Connected MS365 users with a mailbox?

We have an on-prem active directory with users synced to MS365 for their Office 365 logins. Works great.

 

We used to use Zimbra for email, so no Exchange server in sight. We now want to add mailboxes to the users MS365 accounts, and want to confirm if we NEED a full-blown on-prem Exchange 2016 server with a free hybrid config license just to manage things like email addresses, aliases, and other user attributes that are sourced from active directory?

 

I have done this a few times for sites that already had Exchange, but what about MS365 tenants that never had an Exchange server? I guess it's close to Scenario 2 in this article, just want to confirm what is the absolute minimum we should be trying to get away with when adding this to a site with no history of Exchange? Windows 10 and Exchange Management Tools looked like a plan, but that doesn't include Exchange Admin Centre, only EMS and Exchange Toolbox. Is this article still the current situation:

https://docs.microsoft.com/en-us/exchange/decommission-on-premises-exchange 

 

Best,

Kevin 

  • Thijs Lecomte's avatar
    Thijs Lecomte
    Bronze Contributor
    You technically don't need the on-prem Exchange.
    You could just expand the AD schema with all the necessary Exchange attributes.

    But Microsoft requires Exchange on-prem for a 'supported' scenario
    • Kevin_Davis's avatar
      Kevin_Davis
      Brass Contributor
      Thanks Thijs. I appreciate the on-premise Exchange is not required for MS365 mail flow and reader access (Outlook), but IS still required for user management. I'm not a fan of half-baked solutions, or leaving some parts incomplete, so will confirm with our other clients who are on 3rd party email systems. The fact they will need a full blown Exchange server on-premise to support MS365 'cloud' mailbox users will be a deal breaker for most, if not all, based solely on additional hardware and ongoing maintenance costs. Microsoft dropped the ball on this one.
      • Thijs Lecomte's avatar
        Thijs Lecomte
        Bronze Contributor
        You can get away with just managing the attributes through AD to be honest.
        I see a lot of customers doing it
  • Kevin_Davis's avatar
    Kevin_Davis
    Brass Contributor
    That's maybe OK for individual users who just have one mailbox with one email address, but you very quickly find you can't do basic things like aliases, groups, etc. Not only because you'll need to be comfortable in ADSIEDIT.msc, but you won't have the active directory schema extensions - this is a site that never had Exchange.
    • Thijs Lecomte's avatar
      Thijs Lecomte
      Bronze Contributor
      You don't need to use ADSI perse, you can change the attributes in users and computers.

      You can just extend the schema, without installing Exchange.
      But I agree, that it's finicky

Resources