Managing email addresses in Exchange Online despite hybrid status

by A.K.in common, hybrid environments office 365, Microsoft Office 365on Posted on

The estimated reading time 3 minutes

On August 20th, the Exchange team published a post that should give many admins and consultants a sigh of relief. It’s now finally possible (for what feels like an eternity) to change Exchange attributes, such as user email addresses, in the cloud. These changes are then even written back to the local AD using Entra Connect Sync. That’s the good news so far. The post can be found 
HERE.

This feature is still in preview at the time of writing but will be available soon.

Feature description summarized:

  • Adjustments can now also be made in the cloud with an AD sync user (via PowerShell or via Admin / Exchange Admin Center )
  • Requirement Entra Connect Sync Server at least version 2.5.76.0 see here .
  • Exchange Online requires an attribute to be set for the user via PowerShell (IsExchangeCloudManaged)
  • Last Exchange Server can be uninstalled , the administration can now be done via the cloud

Within Exchange Online PowerShell, the attribute for a user can be read as follows.

Get-Mailbox ALIAS | fl identity,Alias,PrimarySmtpAddress,IsExchangeCloudManaged

Activation of cloud processing

The activation command

Set-Mailbox -Identity < User > -IsExchangeCloudManaged $true

NOTE: If you use PIM and have separated the roles accordingly (i.e. you do NOT use the Global Admin), you will need an Exchange Administrator AND a Hybrid Identity Administrator .

The “Quick and Dirty” version:

This results in all pure “cloud” mailboxes displaying the following error message (synced users from the AD work)

Get-Mailbox -ResultSize unlimited | where { $_. IsExchangeCloudManaged -eq $ false } | Set-Mailbox -IsExchangeCloudManaged $ true #-WhatIf

The smart version:

Get-Mailbox -ResultSize unlimited | Where-Object {( $_ .IsExchangeCloudManaged -eq $false ) - and ( $_ .IsDirSynced -eq $true ) } | Set-Mailbox -IsExchangeCloudManaged $true #-WhatIf

This command only applies to the synced mailboxes, so there are no error messages.

The detailed version:

$mbs = Get-Mailbox -ResultSize unlimited | Where-Object {( $_ .IsExchangeCloudManaged -eq $false ) - and ( $_ .IsDirSynced -eq $true )}  
    foreach ( $mb in $mbs ){  
        $Alias ​​= ( $mb ) .Alias
        $Name = ( $mb ) .Name
        $email = ( $mb ) .PrimarySmtpAddress
        "Setup Cloud Management: $name - $email -IsExchangeCloudManaged $true "
        Set-Mailbox -Identity $Alias ​​-IsExchangeCloudManaged $true #-WhatIf 
    }

The result

Now you can add another SMTP address via the Exchange Online Console

Without the attribute set, the message looks like this:

The attribute now enables the processing of the proxy addresses:

Evaluation of mailboxes with attribute set

Get-Mailbox -ResultSize unlimited | where { $_. IsExchangeCloudManaged -eq $ true } | fl identity,Alias,PrimarySmtpAddress,IsExchangeCloudManaged

In my tests so far, this has worked well and makes the transition to M365 in hybrid mode easier.
NOTE: If you encounter a sync error on the Entra Connect server after the transition, you probably need to update it to version 2.5.76.0 or higher!

Error: unable to update on object with Exchange owned attributes as the object is Exchange cloud managed.

Good luck with the transition and possible uninstallation of the last Exchange Server.

Was this article helpful?
YesNo
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments