Sep 17 2020 10:59 AM - edited Sep 17 2020 11:02 AM
Sep 17 2020 10:59 AM - edited Sep 17 2020 11:02 AM
i have the following situation and need an advice please:
* We have office 365 account for using Microsoft Apps with 80 users added to it with abc.onmicrosoft.com domain.
* We have Exchange 2013 server on premise with our abc.net domain with the same usernames available on office 365 admin center.
* We added our abc.net domain to the admin center as a second domain so that the users can access Teams, One drive and other Apps using the same email address @abc.net instead of @abc.onmicrosoft.com. The license is Microsoft Business Standard.
* Everything went fine at the beginning and then outlook started pointing to the office365 accounts instead of the on premise Exchange server although when the domain added, the option of not connecting the services was selected.
is there a way to use the same domain and keep services separated?
Sep 17 2020 11:12 AM
Hi, when you added your domain to O365, did you change your MX records or autodiscover records? This would have the effect you are seeing.
What you would need to do to achieve what you are looking for is configure hybrid coexistence between your on premises AD and Azure AD. This will allow you to use your domain both on-premises and in the cloud, but keep the Teams and Exchange services separate.
What you will have to be careful of is duplicate email accounts. You may now find that your users have a mailbox on-premises and also in the cloud. Another complication if this is the case, is that Teams uses the Exchange Online mailbox to store information.
If you have no significant info stored in Teams just yet, then the easiest potential solution to this may be to delete these cloud accounts. If you find you have important business data stored in these cloud accounts, it becomes more difficult, and you will need to go through a process to match the accounts together.
Sep 17 2020 11:16 AM - edited Sep 17 2020 11:18 AM
thank you very much. I didn't change the MX records, I just added the TXT record for verification. That's why I'm confused of why outlook switched to the cloud accounts.
Sep 17 2020 11:20 AM
Hmm, that is odd. Autodiscover record definitely not pointing to autodiscover.outlook.com?
What M365 licences have you assigned to the cloud users?
Sep 17 2020 11:21 AM
Microsoft 365 Business Standard
Sep 17 2020 11:26 AM
Sorry, you did say that in your original post.
OK, that is baffling if you've only verified ownership of the domain with the TXT record but changed no other DNS settings.
Whenever something like this occurs, it's always inevitably DNS.
Sep 17 2020 11:41 AM - edited Sep 17 2020 11:44 AM
@atirhi I just see this post by coincidence, we had such migration as well and had the same issue as you have experienced with around 100 users.
As far as we have understood, this is due to Outlook's Direct Connect feature which checks against Exchange Online by default and bypasses regular AutoDiscovery if a verified domain is found. If your users also have an Exchange Online license (e.g. if you are using Teams Exploratory licenses or M365 Business, these are applied by default) your users already have an additional cloud only mailbox. So Outlook finds two mailboxes and is kinda confused.
You can remove all Exchange Online licenses of your users or continue with a proper Exchange Hybrid deployment. Alternatively you can set the following reg setting on all clients in order to suppress this behavior.
Sep 17 2020 11:53 AM - edited Sep 17 2020 11:57 AM
thank you very much. This is exactly what is happening. I will try the solution, but changing the registry record could be time consuming with staff at several places. Any ideas to auto deploy it?
Sep 17 2020 12:04 PM
Sep 17 2020 12:16 PM - edited Sep 17 2020 12:18 PM
thank you. we don't have AAD. Will do a manual test. Last question: Will updating office applications in the future reset the registry record again?
Sep 17 2020 12:23 PM - edited Sep 17 2020 12:46 PM
Well I have learned something here I must admit. I had no idea about this quirk. Thank you for sharing this knowledge!
Sep 17 2020 12:30 PM
@atirhi as far as I know, this reg setting is not overwritten if Office updates.
also, if you once get a proper Exchange Hybrid Environment with Azure Ad Sync and stuff, you don't have to remove the setting . If there is only one distinct Cloud mailbox per user, Outlook will happily use it
Sep 17 2020 12:32 PM
me too.. thanks to both of you as i have learned a lot.
have a nice day
Sep 17 2020 12:43 PM - edited Sep 17 2020 12:44 PM
@PeterRising you're welcome :)
When I read this post, I had flashbacks to our own environment when the phone started ringing just after verifying the domain...
If your tenant starts from scratch and you have no already existing users in Azure AD, you will not notice anything. It only becomes tricky if a user also has a separate cloud identity with a separate mailbox
Sep 20 2020 11:26 AM
i was looking into the issue with the registry record and found a second solution which I'm not sure if it will work or not here:
will disabling MAPI on exchange online works?
Sep 21 2020 12:47 AM
@atirhi I have no personal experience with this solution - if it works for you, go for it
However I am no fan of messing with some Exchange Server settings just to workaround some issue caused by a not supported architecture. The primary issue is that there are two mailboxes per affected user. Therefore I would suggest to remove the Exchange Online mailbox by disabling the license for the users.
Sep 21 2020 01:24 AM
thanks. I will go with the registry solution. Disabling the online mailbox will remove the calendar from Teams application which is needed by the staff.