Remove On Premises exchange Hybrid and go fully Online

Hi Brian, apologies if this has been answered, but i think the below is microsoft's stance on it. I use directory sync without an exchange server because for small business's it doesn't make sense to keep an exchange server running, were resources are finite. 

"The question of whether a third-party management tool or ADSIEDIT can be used is often asked. The answer is you can use them, but they are not supported. The Exchange Management Console, the Exchange Administration Center (EAC), and the Exchange Management Shell are the only supported tools that are available to manage Exchange recipients and objects. If you decide to use third-party management tools, it would be at your own risk. Third-party management tools often work fine, but Microsoft does not validate these tools."

taken from: 

https://docs.microsoft.com/en-us/exchange/decommission-on-premises-exchange

It's your call to whether create users from ECP or from AD (if you uninstall Exchange). When you create users in AD, they still have Exchange attributes as AD schema is already altered and has them.

You also have to change email address in General tab in AD profile and then go to Attributes tab (don't remember the exact name now, and it only shows if Advanced setting is enabled in AD console) and change ProxyAddresses>SMTP value (delete old, create new). Usually we change SMTP to a new value and then create smtp with an old address, so customers can still send emails to the old address. It can take some time for everything to sync and start working. New alias usually works right away for receiving emails, but sometimes can take hours or a day until it is being used as a sending address.

To test your request:

1. Created O365 Test UPN:o365.test@emaildomain.com, in on-prem AD, not on-prem Exchange
2. Synced changes to Azure AD
3. Found new user account in O365 admin portal, assigned license
4. Waited for mailbox creation
5. Sent email to test account, responded back
6. Changed on-prem AD user from O365 User UPN:o365.user@emaildomain.com
7. Synced changes to Azure AD
8. Confirmed username change in O365 admin portal
9. User email address still shows as o365.test@emaildomain.com
10. O365 ECP shows primary email address as o365.user@emaildomain.com, no o365.test@emaildomian.com as an alias
11. Attempted to add o365.test@emaildomian.com as an alias and received the message that it was unable to to so

Ok, so this is a scenario we have not run into before and exactly why I was digging deeper. I looked in my on-prem ECP and didn't see the new test user so I could modify the alias. Should I be creating the accounts in on-prem ECP so that Exchange attributes will be added to the account?

I think what Spiros is trying to find out is how exactly are you doing things now, because if you try to set some attributes directly in Office 365 it often will show an error that your attributes should come from local AD/Exchange as you sync your users and attributes from local AD via AD Connect. So, you could just give an example. Say last name of a user changes and you need to add an alias with a new name. Describe step by step how you do it.

On my last job we had on-prem Exchange (which was actually outsourced to local cloud provider, but it was in our network), then we had setup hybrid and migrated mailboxes and settings to Office 365. All mail related DNS, MX records now point to Exchange Online. Then we have uninstalled on-prem Exchange (but Exchange schema is already in our AD). And then we did everything like described in the article Dominik shared. We create new user with email UPN and correct SMTP value in local AD, it then gets synced with AD Connect to Office 365, then assign a license and then mailbox gets created in a few minutes. If new alias is needed, we go to AD, edit ProxyAddresses attribute, add new smtp:.. value, it gets synced to Office 365 and new alias works. If i tried to edit/add alias via Office 365 EAC it would fail with error that i need to do this on my local AD/Exchange. Although some things still work via Office 365 panel, like creating shared/room mailboxes (it still shows an error, but mailbox is created and functions), adding delegates, full access. Maybe it is possible to do everything in Office 365 by having AD writeback enabled in AD Connect, but as it required Azure AD Premium license we didn't try it (and i would be wary to let AD Connect to alter local AD).

In that case, I've been doing that since we completed the migration and moved all of the DNS entries to the cloud. As previously mentioned, we do ALL email maintenance in the cloud, on-prem is never touched anymore. The only thing our on-prem is currently doing is an SMTP relay for a service that is about to be decommissioned in the next 4-6 weeks.

I'm not trying to beat a dead horse, just wanting total clarity and justification for decommissioning my hybrid mode without negative effect, other than Microsoft not supporting us. We use a 3rd party for Office 365 support, not Microsoft.