Update 7/10/17: Added a line about OU consideration to Important Notes section.Until now, our on-premises customers who use Mail Enabled Public Folders (MEPF) could not use services like Directory Based Edge Blocking (DBEB). If DBEB is enabled, any mails sent to Mail Enabled Public Folders (MEPF) will be dropped at the service network perimeter. This is because, DBEB queries Azure Active Directory (AAD) to find out if a given mail address is valid or not. Because Mail Enabled Public Folders (MEPF) are not synced to Azure Active Directory, all MEPF address are considered as invalid by DBEB. Sender of the mail to MEPF would receive following NDR:
'550 5.4.1 [<sampleMEPF>@<recipient_domain>]: Recipient address rejected: Access denied'.To resolve this issue, in the latest Azure AD Connect tool update, we are introducing an option to synchronize MEPFs from on-premises AD to AAD. Admins can do this through the newly introduced option - 'Exchange Mail Public Folders' in Optional Features page of Custom installation during Azure AD Connect tool installation/upgrade. When you select this option, and performs a full sync, all the Mail Enabled Public Folders from on-prem AD(s) will be synced to AAD. Once synced, you can enable DBEB. Mail Enabled Public Folders addresses will no longer considered invalid addresses by DBEB. And messages will be delivered to them like they are delivered to any other recipient.
"Identity synchronization Error Report: <Date>" Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:SampleMEPF@mail.contoso.com,smtp:SampleMEPF@contoso.com;Mail SampleMail@mail.contoso.com;]. Correct or remove the duplicate values in your local directory. Please refer to http://support.microsoft.com/kb/2647098 for more information on identifying objects with duplicate attribute values.As mentioned in the description, you can correct or remove the entries with duplicate SMTP address. Below are corresponding links for each scenario:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.