SOLVED

Reconnecting Exchange Online Mailbox

Copper Contributor

Hi,

 

So I currently have a hybrid Exchange setup. As a test I deleted an on-prem user which in turn deleted the mailbox in exchange online.

 

I then created a new account in Azure/O365 and tried to reconnect the old mailbox to this new account with the following:

 

PS C:\Users\mark> New-MailboxRestoreRequest -SourceMailbox b432c9c9-c162-4788-8d01-492aa5a35bbc -TargetMailbox 9dcd79ba-

b5eb-4a56-8b01-9c5c8fb55dd1

 

However I received the following message:

 

Source mailbox's legacyExchangeDN '/o=ExchangeLabs/ou=Exchange Administrative Goup

(FYDIBOHF23SPDLT)/cn=Recipients/cn=e833cbc5ffed497397c623443b8425ef-Johnny Five' doesn't match the legacyExchangeDN or

X500 proxy for target mailbox 'Johnny Five'. Use the 'AllowLegacyDNMismatch' switch if you want to allow this

operation.

    + CategoryInfo          : InvalidArgument: (9dcd79ba-b5eb-4a56-8b01-9c5c8fb55dd1:MailboxLocationIdParameter) [New-

   MailboxRestoreRequest], NonMatchingLega...SwitchException

    + FullyQualifiedErrorId : [Server=LO3P123MB3034,RequestId=4f8b4fbf-8d4f-4ef5-a994-53d691807686,TimeStamp=23/06/202

   0 12:32:15] [FailureCategory=Cmdlet-NonMatchingLegacyDNPermanentUseSwitchException] A90C5DD1,Microsoft.Exchange.Ma

  nagement.Migration.MailboxReplication.MailboxRestoreRequest.NewMailboxRestoreRequest

    + PSComputerName        : outlook.office365.com

 

 

Is it safe to use the AllowLegacyDNMismatch switch or will this cause me issues. I want to do this process so I can move to be completely cloud based and not require my on-prem accounts if that make sense.

 

Any help is appreciated

 

Thanks

 

Mark.

 

5 Replies
best response confirmed by oldhamuk (Copper Contributor)
Solution

@oldhamuk 

 

Easiest way to go completely cloud only is to disable directory sync tenant wide using PowerShell as per the following link;

 

https://docs.microsoft.com/en-us/office365/enterprise/turn-off-directory-synchronization

 

This is only suitable if you are completely prepared for cloud only identity for all of your O365 objects however.

 

If you needed to do this on a per user basis, then the simplest way is to do what you did and delete the on-prem account, then wait for the sync.  The O365 account will move from Active Users to Deleted Users.  You may then choose the option to restore the user which will recreate it as a cloud only object.

 

If you have Exchange Hybrid, be careful of your mail flow though.  Make sure you take this into consideration too.

@PeterRising 

Thanks for your reply.  If I do that won't that mean the accounts will still show as Windows Server Accounts in Azure and then also mean I'm restricted on what I can edit for those users and mailboxes?

 

I may be using the incorrect term with Hybrid as all my mail routing is already directly to O365 the only thing I have left is an SBS box with the users that are sync'd  with AD Connect and the Exchange which is only use to administer the Exchange properties of those users.

 

Is that error I received something I need to be concerned with or can I go though the process and use 

AllowLegacyDNMismatch switch to proceed?

 

As far as I'm aware I believe I have everything in place to be fully cloud, like I said the on-prem SBS box isn't really doing anything now and I'm keen to remove it from my setup gracefully than have to try and unpick something if it fails on me at some point.

 

Thanks for your time and reply.

 

Mark 

@oldhamuk 

 

No, the opposite would be true.  The accounts would be cloud only and completely manageable from the O365 portal / Azure AD with no reliance to on-premises.

 

I've never done what you are trying to achieve using your method so I can't comment to that.  However, you could test the experience with a test account to check what the impact would be.

Oh right ok, so if I understand correctly if I follow that article you have referenced the account that have sync'd into Azure from my On-Prem will automatically change and the source in Azure Active Directory will change from Windows Server AD to Azure Active Directory and then I can decommission the on-prem server simple as that?

 

I'd rather do this the correct way rather than the way I discovered.

 

Thanks

 

Mark

@oldhamuk 

 

Absolutely correct yes.  Done it many times this way and it works great!  If your mailflow is already pointed to Exchange Online too then you are good to go with this.

1 best response

Accepted Solutions
best response confirmed by oldhamuk (Copper Contributor)
Solution

@oldhamuk 

 

Easiest way to go completely cloud only is to disable directory sync tenant wide using PowerShell as per the following link;

 

https://docs.microsoft.com/en-us/office365/enterprise/turn-off-directory-synchronization

 

This is only suitable if you are completely prepared for cloud only identity for all of your O365 objects however.

 

If you needed to do this on a per user basis, then the simplest way is to do what you did and delete the on-prem account, then wait for the sync.  The O365 account will move from Active Users to Deleted Users.  You may then choose the option to restore the user which will recreate it as a cloud only object.

 

If you have Exchange Hybrid, be careful of your mail flow though.  Make sure you take this into consideration too.

View solution in original post