Proxy address conflict when syncing contacts into Azure AD then attempting to create guest users

Copper Contributor

I've heard varying comments about proxy address conflicts with contacts and guest users.  I believe the context matters.  Let's discuss a specific scenario where contacts and DLs have been created on-premises, are being synced to Azure AD via AD Connect, and are causing an issue when guest accounts are created due to proxy address conflicts.  You cannot create the guest user since the contact has the same proxy address as the guest user.  I have recommended not syncing the contacts to AAD and removing them from AAD.  Well the purpose of syncing the contacts and DLs was so they would be available for Exchange Online users.  Can the contacts be replaced with guest users and the guest users be added to the Exchange Online GAL.  Yes this is possible.  Once the guest users have been added to the Exchange Online GAL, can DLs be created and the guest users be added to the DLs.  It seems so.  In summary, does this seem like a viable solution so that both Exchange Server users and Exchange Online users both can email users outside there organization?  Are there other recommended solutions?

1 Reply
In a nutshell, contacts are being synced from AD DS to Azure AD and have proxy addresses. Those proxy addresses are the exacting the same ones required to create the guest user accounts. The guest user cannot be created since the contact and guest user proxy address would conflict. The customer does not plan to move away from Exchange Hybrid anytime in the foreseeable future and now wants to perform M365 inter-tenant collaboration with two subsidiaries hence the requirement to create guest users for those subsidiaries. They desire to have those contacts available in Exchange Server GAL and replicate the equivalent of the contact in the Exchange Online GAL simultaneously but need to use guest user accounts. In summary, there is a need to resolve the issue where the contacts synced to Azure AD prevent guest user creation due to the proxy address conflict. The only way I know to do this is to not sync the contacts from AD into Azure AD so guest users can be created. The contacts and any DLs the contacts are included in would not be available in Azure AD hence the Exchange Online GAL. That would allow the creation of guest users since the proxy address conflict would be resolved. The next issue is how to make those former contacts available in the Exchange Online GAL but when using guest users. By default, guest users are hidden from the Exchange Online GAL but can be unhidden. DLs can be created and those guest users added to DLs and all would be available in the Exchange Online GAL. I am hoping someone else has run into this same issue and confirms that this is a sound approach or can recommend another option.