On Aug 20, 2025, we announced the Public Preview of Cloud-Managed Remote Mailboxes, a key step toward retiring the ‘last Exchange Server’ in your organization. The response from the community has been incredible, and your feedback has helped us make further improvements.
Today, we’re excited to announce that Cloud-Managed Remote Mailboxes are now Generally Available (GA)!
Steps to enable this feature are available here: Cloud-based management of Exchange attributes for Remote Mailboxes in hybrid environments.
Refinements
During Public Preview, Hybrid Identity Admin or Global Admin privilege was required to change the isExchangeCloudManaged property of the mailbox. If Exchange Admin privilege was used to change the above property, SOA wasn’t changed silently without explicitly showing the error on the Exchange Online PowerShell. This issue has been fixed, and going forward Exchange Admin permission privilege will be enough to change the isExchangeCloudManaged property of the mailbox.
Upcoming features
We’re continuing to invest in features to help customers remove their dependency on Last Exchange Server.
- Tenant-Level LES Flag. Using this organization level setting, customers will be able to ensure that all new directory-synced mailboxes are synced as users in cloud (without Exchange attributes) and are cloud-managed by default. This will eliminate the need for per-mailbox configuration and will accelerate adoption. This feature will be available for Private Preview later this month, with planned GA next month.
- Writeback of Exchange Attributes. Customers will be able to opt-in for writeback of critical Exchange attributes (mentioned in the documentation) from the cloud back to on-premises Active Directory via Entra Cloud Sync. This feature is aimed to ensure smooth transition for organizations having LOB apps dependent on these critical attributes in on-premises AD to work seamlessly even after moving management to the cloud. This feature will be available for Private Preview in November with planned GA early next year.
In case you want to opt-in to Private Preview / early access for any of the above features, let us know your interest through: https://forms.office.com/r/6wJJexJAZm.
Exchange Attribute SOA transfer and Object-Level SOA transfer features
As mentioned earlier, the Exchange attribute cloud management feature (mentioned in this post) is meant for those who will keep AD around and help them retire the last on-prem Exchange server. For organizations looking to eliminate on-prem AD dependency entirely, Microsoft has Object-level Source of Authority (SOA) transfer – the ability to move the entire object (user, group, contact) to cloud management in Entra ID.
- Group SOA (cloud-managed distribution groups) is already in public preview,
- (new) User SOA (cloud-managed user objects) is also in public preview.
- (new) Contact SOA is available for Preview. (Use the above form to share your interest in Preview.)
These would apply if you planned to eventually manage identities in cloud as well. It’s an important piece in the puzzle of fully decommissioning on-prem Exchange in a hybrid setup without losing management capabilities.
Next steps
If you’ve been waiting for GA to start your transition, now is the perfect time.
We’re thrilled to see how this feature will help organizations get rid of their Last Exchange Server. As always, your feedback is invaluable – please share your experiences and suggestions in the comments below.
Exchange Online Management and Exchange Hybrid teams
