Forum Discussion

Julien Schneider's avatar
Julien Schneider
Brass Contributor
Jul 12, 2018

Enable AD Connect sync with existing Office 365 accounts and mailbox

Hi,   I'm managing an Office 365 tenant with 60 users with E3 subscription. For the moment all users have a username with @mydomain.onmicrosoft.com domain and a mailbox associated.   Now, I want ...
exchange
hybrid
office 365
Nestori Syynimaa's avatar
Nestori Syynimaa
MVP
Jul 13, 2018

After the migration is completed, you should change users' UPNs to match those in on prem AD. I'm assuming that the login name in on prem AD is same than email address. After that, you can run the AAD Connect to synchronize your users (and connect the existing Office 365 users to AD users).

 

For the SMTP match, mail attribute works fine unless there is something in capital in ProxyAddresses attribute (such as SMTP:something@else.com).

 

You do not need Exchange in your scenario, you can manage users (and mailboxes) in on prem AD. However, to add aliases etc., you need to populate ProxyAddresses attribute.

 

After you configure AAD connect, all attributes are synced from on prem to AAD. It will sync back to AD only mailbox archive guids. 

Julien Schneider's avatar
Julien Schneider
Brass Contributor
Jul 24, 2018

Hi Nestori,

 

Thank you for your answer. the problem is that the login name dosen't match the mail address. In this case, do I have to set the UPN as the mail domain ?

 

The SMTP match should be okay, the mail attribute is set and the proxyAddresses is empty.

 

In the case, where I want a local Exchange to migrate user mailbox to shared, or other things, is it easy to install ?

 

Regards

 

  • Nestori Syynimaa's avatar
    Nestori Syynimaa
    MVP
    Jul 24, 2018

    Hi Julien,

     

    It doesn't matter what the UPN is, as long as it matches the user's login name. Or are you saying that your on-premises UPN is not an email address, i.e. username@domain.local? If so, when configuring Azure AD connect, just select to use mail attribute for UPN and you should be fine.

     

    You do not need Exchange to convert users to shared mailboxes, you can do that in Office 365 too. Last time I installed an Exchange server from scratch, it took 10 hours or so. How difficult it is, depends on your current environment etc.

    • dan_jjjj's avatar
      dan_jjjj
      Copper Contributor
      Aug 11, 2020

      When I try this, I get an AttributeValueMustBeUnique error when it tries to syncronize for the new user since the UserPrincipalName is not unique. I followed the guide on this page...

      https://support.microsoft.com/en-us/help/2641663/use-smtp-matching-to-match-on-premises-user-accounts-to-office-365

       

      Do you know how to get around this?

       

      p.s. Sorry for posting on an old thread. It was one of only a few that I could find that directly discusses AD Connect to an existing 365 company. 

       

      Thanks

       

       

    • Dominik Hoefling's avatar
      Dominik Hoefling
      MVP
      Aug 01, 2018

      Hi Julien,

       

      1. You NEED Exchange on-premises for recipient management. It is not supported to change for example alias and proxyaddresses attribute via Active Directory.

       

      2. Only with Exchange 2016 CU10 you can create shared mailboxes directly in Exchange Online.

       

      3. Your UPN should match your primary smtp address as best practices. If you can do this change, do it.

       

      Best,

      Dominik

      • jhathcock's avatar
        jhathcock
        Copper Contributor
        Mar 19, 2019

        Dominik Hoefling You don't need a full install of Exchange to manage a hybrid AD / O365 mail environment.  You just need the Azure AD Connect software.  It includes the PowerShell modules needed for AD Users and Computers to edit the necessary information.

Resources