Manage Cloud Created Mailboxes/User On-Prem

Occasional Contributor

Hi all. We have an unusual situation. Im working with an organisation who started out M365 fully cloud based - so Azure AD for the M365 accounts, mailboxes etc. Over time they realised they needed on-prem fabric too. We deployed a local domain and created the cloud user identities within ADDS, and the AD Connect Sync has done its thing and the original Azure AD users and noted as being Windows Server AD managed. So, all good so far. So, Exchange 2019 has now been deployed on-prem too, and configured in Full Hybrid - again, through PoC testing we found this to be fine and not overwrite any M365 Exchange attributes for the existing users. Again, so far so good. 


But we face an issue where the M365 mailboxes are not showing as 'O365' Mailboxes within the on-prem ECP. If we try to move a mailbox from Cloud to On-prem we get an error that the Exchange Mailbox GUID doesnt exist. What we need to do it to (somehow) get the AADDS Exchange attributes, or at least a subset of them, applied to the user object in ADDS so Exchange knows the user has an M365 mailbox and Exchange Online and On-prem can function properly - as if we went from on-prem to Cloud, rather than the other way around.

We have tried the 'set-remotemailbox' command and passed just the Alias and email address, in the hope this would provide enough 'local' info. It does help slightly in that the mailboxes for M365 users are then shown in the local ECP, and also shows them as O365 mailboxes, but you still cant move them about between Cloud-Prem-Cloud etc. We are also concerned if there would be other missing attributes which may lurk about and then cause issues further down the road.


If anyone has any experience with the same scenario we have, or can think of a solution to the problem, that would be appreciated.





4 Replies

That's the expected behavior, follow the instructions in this article:

@Vasil Michev - thank you. Good to know its the expected behaviour and we havent done something wrong. Thank you for the link - I will read through this ASAP. Phil

@Vasil Michev Thanks, it wasnt quite the same scenario but I have been able to utilise this and implement using slightly different commands for the remote mailboxes. Thank you for your initial response. Phil

So, ive figured it out, and the following will provide the answer to anyone else with the same scenario:-


Okay, so, the process isn't too difficult (once you figure it out). Here are the details:-

Use powershell to set up a remote pssession to M365:


$UserCredential = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection

Import-PSSession $Session -DisableNameChecking


Then get the mailbox details of the user(s) using something like this:-


get-mailbox | select name,primarysmtpaddress,exchangeguid,isdirsynced


You can play with the get-mailbox selection criteria – the ‘isdirsynced’ is useful as it allows to filter based on whether the user is from on-prem or not..


Once we have this list – suggest you export to a csv. You can then run the following using the on-prem exchange powershell – reading in the csv and using the fields as variables maybe. The basic commands are:-


Enable-RemoteMailbox username -RemoteRoutingAddress emailaddress@XXXXXXX


Set-RemoteMailbox username -ExchangeGuid <ExchangeGuid>


Once these commands have been run the O365 mailbox will show up on your on-prem ECP and function in the expected manner.