0 votes

Hi,

I'm probably over thinking this, so I'm hoping to get some clarity. But we've had an issue for a while and I can't get my head around it.

When we create a new user, the remote mailbox is created in our on prem environment and syncs to office 365 with dirsync.

We then need to assign a licence, which we use the adaxes licence option when the account is created, which works great.

The account is initially created with a remote rotuting address of $username@ourtenantname.mail.onmicrosoft.com.

The onprem then applies the required exchange policy and sets the primary SMTP (we have 2 in our company based on a specific field being set to a specific value), the onprem AD naturally updates the User Logon Name in the onprem AD. But it doesn't replicate to O365.

In fact the UPN on O365 will be samaccountname@primarydomain.com as the exchange policies obviously aren't applied at O365 level, they are assigned by the onprem exchange.

My guess is that it's because once the licence is assigned DirSync will not change the primary UPN.

So how do I work around this?What's best practise? I thought about excluding hybrid mode completely and ignoring the onprem exchange, from limited testing, the onprem exchange isn't needed for most of our environment now that we're Windows 10/11.

Thanks, Gary

by (430 points)

1 Answer

0 votes
by (228k points)

Hello Gary,

Excluding the hybrid environment should work just fine. However, if you need to have remote mailboxes, there is no need to use scripts and wait for the synchronization. Adaxes can automatically enable a remote mailbox when a Microsoft 365 license with access to Exchange Online is assigned to a user. As such, on the next run DirSync will just match the cloud and on-premises account together. For details about the settings, have a look at the following help article: https://www.adaxes.com/help/EnablingDisablingRemoteMailboxes.

0

Thanks for the response, and yeah we're looking to potentially phase out the onprem exchange, if it's possible. A lot of testing between then and now.

As a follow up though, how would you recommend managing UPNs? DirSync doesn't appear to change the UPN once it's licenced - which I don't understand at all.

So we need an external process to trigger it, I've got a couple of different scripts, but they seem to occassionally fail stating "Access is denied" but work when run manually.

0

Hello Gary,

Thanks for the response, and yeah we're looking to potentially phase out the onprem exchange, if it's possible. A lot of testing between then and now.

If you do not need remote mailboxes, just disable the corresponding feature in Adaxes (you can follow the steps from the help article we referenced in the previous email) and remove scripts, if any, accordingly. The Activate Microsoft 365 account action should create users with proper UPNs.

As a follow up though, how would you recommend managing UPNs? DirSync doesn't appear to change the UPN once it's licenced - which I don't understand at all.

That looks to be about your DirSync settings. It might happen so that users in question are not included into the scope in the tool settings.

So we need an external process to trigger it, I've got a couple of different scripts, but they seem to occassionally fail stating "Access is denied" but work when run manually.

If you are using some external scripts, the error is probably related to the account whose credentials you use to authenticate. By permissions here we mean those in Microsoft 365.

Related questions

0 votes
1 answer

Hi folks, I am looking for suggestions on the best way to create/migrate/remote move our student mailboxes to 365. Until now, I have been creating the new AD accounts and ... a 'remote mailbox' in the contacts container. Let the magic begin.... Thanks Kempy

asked Jan 7, 2015 by ckemp (170 points)
0 votes
1 answer

I have a business rule to create a user in our AD, and then have it create a new O365 account and assign it a license. How can I have it create a temporary password that I specify during that business rule?

asked Jun 17, 2020 by keecit (40 points)
0 votes
1 answer

Hello, We have recently migrated to Office 365 and are experiencing a few problems related to password. When I create a user using Adaxes, Adaxes automatically send out ... during using user creation. How can we solve this problem? Regards, Eirik Zakariassen

asked Oct 16, 2015 by eirikza (120 points)
0 votes
1 answer

Since DIRSYNC doesn't appear to sync UPN correctly and it needs to be changed VIA powershell online. Is there a way to create a custom ... current on-prem UPN? Set-MsolUserPrincipalName -UserPrincipalName oldemail@old.com -NewUserPrincipalName newemail@new.com

asked Aug 11, 2015 by auser42 (340 points)
0 votes
1 answer

I would like to know what is the correct process for creating a new user knowing that our infrastructure is hybrid and the assignment of licenses on Microsoft 365 ... user2 assigned to group G_OfficeP1 will have the OfficeP1 license. Thanks in advance Simone

asked Oct 6, 2021 by Simone.Vailati (270 points)
2,807 questions
2,541 answers
6,615 comments
65,216 users