If Azure AD Connect syncs users that have a value in the msExchMailboxGuid attribute the users will be created as Mail Users in O365 opposed to mailboxes. This occurs because O365 thinks the users have an on prem mailbox but in most cases the msExchMailboxGuid values are from an old Exchange installation. Once the users are created as Mail Users O365 expects you to use the O365 migration tools that will eventually convert the Mail Users into Mailboxes. Many admins use 3rd party tools for migrations though so in that case you must get the Mail Users converted into Mailboxes using another method. The steps below walk through the process of removing the msExchMailboxGuid attribute from the sync process so the Mail Users will turn into Mailboxes. This method assumes the users are already licensed in O365. If the users are not licensed you should license them before proceeding with the steps below..
1. First we need to tell Azure AD Connect to not sync the msExchMailboxGuid values. To start this process open the Synchronization Rules Editor
2. In the Synchronization Rules Editor window make sure the Direction: is set to Inbound then select the "In from AD - User Exchange" rule. Once the rule is selected click Edit then click Yes in the Edit Reserved Rule Confirmation window.
3. In the Edit Inbound Synchronization Rule window change the Precedence to 1 then click the Transformations tab.
4. In the Transformations section scroll down to the transformation that has msExchMailboxGuid as the Target Attribute. Next change the FlowType to Expression then enter "AuthoritativeNull" in the Source field. Once both fields have been set click Save.
5. Now that the synchronization rule has been updated we need to force a sync by opening Powershell then running the following command: Start-ADSyncSyncCycle -PolicyType Initial
6. Next we need to verify that the mail users in O365 are now mailboxes. To do this open the Exchange Admin Center then click on Recipients > Mailboxes. Note: It may take up to one hour for the mail users to become mailboxes.
7. After confirming all mail users have changed to mailboxes we need to remove the cloned rule. To do this open the Synchronization Rules Editor then select the "In from AD - User Exchange - Cloned" rule then click Delete. Click Yes in the Confirm window.
8. Next we need to re-enable the original "In from AD - User Exchange" rule. To do this select the "In from AD - User Exchange" rule then click Enable.
9. At this point the mail users in O365 should be mailboxes and you can proceed with migration or setup as needed. For new users it is recommended that you create the user in O365 first then create the local AD user and set the correct attributes to sync with O365.
Comments
0 comments
Please sign in to leave a comment.