fbpx Superhub

This website is using cookies.

We use only non-persistent cookies that are essential for the normal functionality of the site. No personal data are stored in our cookies.

Once you have completed a hybrid configuration in your company, it turns out that the job is not done yet. After a quick verification whether the hybrid is set up correctly, you may notice that some of the users are not synchronized properly. In that case, you need to make some additional adjustments. If you hit a roadblock during the synchronization it is most probable that the problem will be related to user synchronization between local Active Directory and Azure AD. Common causes for this are:

Lack of rights to Organizational Units (OU) or AD objects (users, groups or computers) for a service account used by Azure AD Connect (AAD Connect)

The improper scope of objects synchronized with Office 365. In other words, perhaps an OU that contains a certain user object, group or computer was not selected in the AAD Connect configuration wizard.

You can encounter these problems when you run the synchronization from an on-premises AD to Office 365. But this can also happen the other way around when you run the synchronization from Office 365 to an on-premises AD or in both directions. Look at the most common scenarios here:

A user has an Office 365 account and no local AD account;

A user has an account in Office 365 and in local AD (this user had two accounts before the hybrid configuration was implemented to have access to services offered by Office 365);

A user has an account in Office 365 with an Exchange Online license assigned as well as an account in local AD with an on-premises Exchange mailbox (a single user has two separate mailboxes).

In this article, I will show you how to manage these situations in an environment with hybrid configuration and Centralized Mail Transport enabled.

A user has an account in Office 365 but not in local Active Directory

In this scenario, a user account is created in Office 365 in a hybrid setup. It is worth mentioning that this scenario is correct and supported by Microsoft. However, it causes problems for an Office 365 user when the user tries to access public folders on the on-premises Exchange server. This means that the user will not be able to access local public folders (legacy public folders) and any connection attempt will display an error:

Cannot expand the folder. The set of folders cannot be opened. Network problems are preventing connection to Microsoft Exchange

How to solve this problem

To solve the problem you need to run SMTP matching. This means that you need to create a local AD object with an SMTP address that matches the primary SMTP address of a user object in Office 365. Unfortunately, there are some limitations highlighted by Microsoft related to SMTP matching:

A user account that you want to run SMTP matching on needs to have an Exchange Online email address (the Exchange Online license is not required).

A user account that was originally authored in Office 365 can be SMTP-matched only once.

During the SMTP matching process, the primary address of an Office 365 user can’t be updated.

Every SMTP address needs to be unique, otherwise, the synchronization will fail and you may see this error:

Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:john@example.com;]. Correct or remove the duplicate values in your local directory.

To match users in Office 365 with AD users, follow the steps below:

Log in to Office 365 and go to Exchange admin center.

Write down the primary SMTP address for a selected user in Exchange Online (if you do not have an Exchange Online license, you can take this address from user’s Office 365 login – in most cases it’s the same).

Create a user object in your local Active Directory with the same attributes (first name, last name, UPN, etc.) as displayed in Office 365.

Set up the primary SMTP address for a new AD object using the address from step 2. In Active Directory, look for the proxyAddresses attribute.

Force the synchronization of AD objects with Office 365 on the server with Azure AD Connect. Use the following cmdlet:Start-ADSyncSyncCycle -PolicyType Delta

After a successful user synchronization, you should see that the Sync type section shows Synced with Active Directory instead of In cloud.

 

Once the synchronization is finished, an Office 365 user should have access to on-premises public folders.

A user has both Office 365 and local AD accounts

Sometimes a company uses both environments to have access to different services offered by these two platforms. For example, the company decides to use Office 365 to have access to SharePoint Online and Skype for Business services. At the same time, the company maintains the on-premises Exchange Server.

However, when you set up a hybrid environment and synchronize directories via Azure AD Connect, this may duplicate user accounts or cause other sync issues. A single user can end up having two accounts – one in Office 365 and one in local Active Directory. If the company uses Skype for Business (Lync) in an on-premises environment, the synchronization can be even more complicated.

If that is the case, you should carefully plan the synchronization before using Azure AD Connect for the first time. By verifying attributes, UPNs and the SMTP address, make sure that all AD objects correspond to Office 365 objects. Additionally, when you have Skype/Lync on-premises you should think over what results you expect to achieve. For example, you may decide to migrate to Skype for Business Online and stop using the on-premises solution.

Generally speaking, if any problems appear in this scenario, you can run SMTP matching as well. If there are duplicates of user accounts, you need to remove them from Office 365 using the following cmdlet in Azure Active Directory Module for Windows PowerShell:

Remove-MsolUser -UserPrincipalName j.doe@example.com

Remove-MsolUser -UserPrincipalName j.doe@example.com -RemoveFromRecycleBin

For a user who has a duplicated account, you should check and correct attributes either in Office 365 or in local AD. In Azure AD Connect, you can find more details on fixing synchronization problems.

To get more information on Skype/Lync migrations, visit this TechNet website.

A user has one mailbox in Office 365 and one in an on-premises Exchange

It is one of those weird situations when a single user has one AD account but is connected to two mailboxes – one mailbox is in Office 365 and the second one is on on-premises Exchange (practically, it will be connected to on-premises via Autodiscover). This situation is very similar to the one described in the second scenario above, with the only difference being that an Office 365 user has the Office 365 license assigned (including a license for Exchange Online). As you can imagine, having two mailboxes in hybrid settings causes complications in email flow for that user. When the MX record points to Office 365, an email will get stuck in Office 365 mailbox and will not be delivered to an on-premises mailbox.

How to solve the problem

Unfortunately, in this case, SMTP matching will not help. The only result you would achieve after running the SMTP matching is having Office 365 and the on-premises accounts matched – this will not merge mailboxes though. Removing a license from an Office 365 user will not solve the problem either. The only method would be to remove the Office 365 user and recreating it via Azure AD Connect synchronization.

Note: Keep in mind that when when removing a user, that user will lose their Office 365 data. That is why before deleting the user account, make sure to create a backup copy of user’s data (OneDrive, Exchange etc.). If you need to repeat this procedure for a number of users, you may consider using a third party tool like CodeTwo Backup, which will also help you restore data to on-premises mailboxes.

To solve the problem follow the steps below:

Connect to an Office 365 tenant using Azure Active Directory Module for Windows PowerShell:Connect-MsolService

Then, remove the user by executing the following cmdlets:Remove-MsolUser -UserPrincipalName j.doe@example.com

Remove-MsolUser -UserPrincipalName j.doe@example.com -RemoveFromRecycleBin

Finally, recreate a user via Azure AD Connect by forcing the synchronization process (run the cmdlet on the server with Azure AD Connect):Start-ADSyncSyncCycle -PolicyType Delta

As soon as you activate the Office 365 license, you should see the following informat

This confirms that now Exchange recognizes the user’s mailbox. Once you have recreated a user, you can start restoring user’s data to Office 365.

Superhub
Font Size:
  • A
  • A
  • A
  • Support
  • Web Mail
EN
  • #worksmarter with Superhub
  • 202111_Barracuda_Campaign_Terms&Conditions
  • 3HK Teams Offer
  • 5 New Ways to Achieve More in the Modern Workplace
  • Biz Sol Questionnaire
  • CEC Calendar
  • CEC Calendar
  • CEC Calendar Detail
  • Compare Plan Form – M365
  • Consultation Form – Azure
  • D-Biz Fund Offer
  • Enquiries for D-Biz Program
  • Enquiries for Law Tech Fund Program
  • Evaluation form (Adobe 18 Feb)
  • Evaluation form (Adobe 6 May)
  • Evaluation form (AEC 15Sept)
  • Evaluation form (AVD 21 Apr)
  • Evaluation form (Azure 7Dec)
  • Evaluation form (AzureMediaServices 20Oct)
  • Evaluation form (Barracuda 16Nov)
  • Evaluation form (Barracuda 21Jan2022)
  • Evaluation form (CloudAppSecurity 19Oct)
  • Evaluation form (Covid Care Apps 26 Apr)
  • Evaluation form (D-Biz)
  • Evaluation form (DMS 22Jul)
  • Evaluation form (EMS 16Sept)
  • Evaluation form (Fortinet 17Jun)
  • Evaluation form (GalaxyOne x ESi)
  • Evaluation form (Modern+ 29 Mar)
  • Evaluation form (MS x VMware 15 Feb)
  • Evaluation form (MS-SMB-2022)
  • Evaluation form (ParaDM on Azure 26Aug)
  • Evaluation form (Phone+ 12 Apr)
  • Evaluation form (PowerBI 4Nov)
  • Evaluation form (Safeti+ 17 Mar)
  • Evaluation form (Security 12Aug)
  • Evaluation form (Security 22Jun)
  • Evaluation form (Sophos 28 April)
  • Evaluation form (Sophos 2Dec)
  • Evaluation form (Superhub M365 x App365)
  • Evaluation form (Superhub SharePoint Intranet)
  • Evaluation form (Superhub x Achiever)
  • Evaluation form (Superhub x Barracuda)
  • Evaluation form (Superhub x Bigazines)
  • Evaluation form (Superhub x Fortinet x Microsoft)
  • Evaluation form (Superhub x Jabra)
  • Evaluation form (Superhub x Veeam)
  • Evaluation form (Teams 28Sept)
  • Evaluation form (Teams Voice 24Jun)
  • Evaluation form (Viva 23Feb)
  • Evaluation form (Windows365 29Sept)
  • FAQ Form – WVD Website
  • Form
  • Form – WVD Website
  • Fortinet OnDemand Form
  • Free Consultation form – BCP
  • Free Trial Form – M365
  • General Form
  • General Form
  • header-test
  • Jabra Bundle Offer
  • Jabra free demo form
  • KL-Apr20-PPT
  • KL-Apr2021-ToDo
  • KL-Aug20-Whiteboard
  • KL-Aug2021-Forms
  • KL-Dec19-Teams2
  • KL-Dec2020-Lists
  • KL-Dec2021-Teams
  • KL-Feb20-OneNote
  • KL-Feb2021-Teams
  • KL-Jan20-Outlook
  • KL-Jan2021-Polls
  • KL-Jul19-OneDrive
  • KL-Jul19-OneNote
  • KL-Jul19-PowerPoint
  • KL-Jul20-Excel
  • KL-Jul2021-Outlook
  • KL-Jun20-Excel
  • KL-Jun2021-Teams
  • KL-Mar20-Teams
  • KL-Mar2021-Approvals
  • KL-May20-Excel
  • KL-May2021-Outlook
  • KL-Nov19-Planner
  • KL-Nov2020-planner
  • KL-Nov2021-VivaInsights
  • KL-Oct19-OneDrive
  • KL-Oct2020-Excel
  • KL-Oct2021-Whiteboard
  • KL-Sept19-Teams
  • KL-Sept2020-Teams
  • KL-Sept2021-Edge
  • Knowledge Library
  • Knowledge Library – Outlook
  • Knowledge Library (Lite Version)
  • Knowledge Library Detail
  • Leaflet Form – WVD Website
  • Legal
  • M365 Brochure-website
  • Market Leader in Cloud Solutions
  • Microsoft SharePoint Demo Form
  • Monthly Tips
  • Monthly Tips Detail
  • Our Clients
  • Our Clients Detail
  • Our Updates / Our News
  • Our Updates / Our News Detail
  • Partner Overview
  • Partner seminar evaluation form
  • Partner Sign Up Form
  • Partnership Models
  • Product – Adobe Document Cloud – Adobe Acrobat
  • Product – Adobe Document Cloud – Adobe Acrobat Sign
  • Product – App365+ – Benefits
  • Product – App365+ – Features
  • Product – App365+ – Overview
  • Product – Azure AAD / AADC
  • Product – Azure ASR / DR
  • Product – Azure File server / Back Up
  • Product – Azure Virtual Desktop – Overview
  • Product – Business Applications – Teams Advanced Solutions
  • Product – CloudBackup 365 – Overview
  • Product – CloudBackup365 – Features
  • Product – CloudBackup365 – Why?
  • Product – Domain and Web – Domain Name
  • Product – Dynamics 365 – Dymanics 365 Business Central Essentials
  • Product – Dynamics 365 – Overview
  • Product – Email Archiving – Key Features
  • Product – Email Archiving – Overview
  • Product – Email Signature – Example Signature
  • Product – Email Signature – Overview
  • Product – Enterprise Mobility – Compare Plans
  • Product – Enterprise Mobility – Features
  • Product – Enterprise Mobility – Overview
  • Product – Exchange Online – Compare Plans
  • Product – Exchange Online – Overview
  • Product – Exchange Online – Superhub “+”
  • Product – Hosted Exchange – Compare Plans
  • Product – Hosted Exchange – Features
  • Product – Hosted Exchange – Overview
  • Product – Hosted Exchange – Why?
  • Product – HR365 – Benefits
  • Product – HR365 – Features
  • Product – HR365 – Overview
  • Product – Microsoft 365+ – Compare Plans
  • Product – Microsoft 365+ – Compare Plans (201912)
  • Product – Microsoft 365+ – Future Reference
  • Product – Microsoft 365+ – Learn More
  • Product – Microsoft 365+ – Overview
  • Product – Microsoft 365+ – Overview (201912)
  • Product – Microsoft 365+ – Product Page
  • Product – Microsoft 365+ – Superhub “+”
  • Product – Microsoft 365+ – Superhub “+” (201912)
  • Product – Microsoft 365+ – What does M365 do? (201912)
  • Product – Office 365 Backup – Features
  • Product – Office 365 Backup – Overview
  • Product – Office 365 Backup – Why?
  • Product – Office 365+ – Compare Plans
  • Product – Office 365+ – Compare Plans
  • Product – Office 365+ – Migration
  • Product – Office 365+ – Office Suite
  • Product – Office 365+ – Overview
  • Product – Office 365+ – Superhub “+”
  • Product – Office 365+ Training – Compare Plans
  • Product – Office 365+ Training – Overview
  • Product – Office 365+ Training – Why training with Superhub?
  • Product – ParaDM SmartShare
  • Product – Professional & Managed Service – Modern Workplace
  • Product – SharePoint – Overview
  • Product – Superhub Azure + – Managed Azure Service
  • Product – Superhub Azure + – Overview
  • Product – Superhub Azure + – Overview (Old)
  • Product – Superhub Azure + – Overview Old Version
  • Product – Superhub Azure + – Sample Solutions
  • Product – Superhub Azure + Web Hosting – Features
  • Product – Superhub Azure + Web Hosting – Overview
  • Product – Superhub Azure +- Features
  • Product – Superhub Azure Web Hosting – Why
  • Product – Superhub Azure+ – Benefit
  • Product – Superhub Azure+ Bundle – ADFS Connect
  • Product – Superhub Azure+ Bundle – Identity Sync
  • Product – Superhub Azure+ Bundle – Why?
  • Product – Teams Voice – Features
  • Product – Teams Voice – Overview (old)
  • Product seminar evaluation form
  • Promotion Order Page
  • Resources/Blog and Trend
  • Resources/Blog and Trend Detail
  • Solutions – Managed & Adoption Services – Business Solutions
  • Solutions – Managed & Adoption Services – Cloud Infrastructure
  • Solutions – Managed & Adoption Services – Modern Workplace
  • Solutions – Managed & Adoption Services – Security – Cybersecurity Awareness
  • Solutions – Managed & Adoption Services – Security – Microsoft Security Workshops
  • Solutions – Managed & Adoption Services – Security – Overview
  • Solutions – Other Solutions – Email Signature
  • Solutions – Other Solutions – Hybrid Cloud
  • Solutions – Other Solutions – Overview
  • Solutions – Other Solutions – Talent Management
  • Super Customer Awards – Terms and Conditions
  • Superhub Cloud Adoption Survey
  • Superhub COVID-19 Survey
  • Superhub COVID-19 Survey Cover
  • Superhub D-Biz | #worksmarter
  • Superhub D-Biz Cover
  • Superhub D-Biz Survey
  • Superhub Shop Now
  • Superhub Teams Offer
  • Superhub Webinar Evaluation Form
  • Superhub x ACT Form
  • Technologies – Business Solutions – Apps365 – eLeave
  • Technologies – Business Solutions – Microsoft Power BI
  • Technologies – Business Solutions – Microsoft Power BI_Maintenance
  • Technologies – Business Solutions – Microsoft Power Platform – Maintenance
  • Technologies – Business Solutions – Microsoft Power Platform – Overview
  • Technologies – Cloud Infrastructure – VMware AVS_Maintenance
  • Technologies – Cloud Infrastructure – VMware Horizon_Maintenance
  • Technologies – Modern Workplace – Adobe
  • Technologies – Modern Workplace – Microsoft Teams
  • Technologies – Modern Workplace – Microsoft Teams Phone
  • Technologies – Modern Workplace – Windows365
  • Technologies – Modern Workplace – Windows365_maintenance
  • Technologies – Security – Barracuda
  • Technologies – Security – Fortinet
  • Technologies – Security – Fortinet_Maintenance
  • Technologies – Security – Sophos_Maintenance
  • Terms
  • About Us
  • About Us (Backup)
  • Benefits
  • Culture and Values
  • Our Leadership
  • Privacy Policy
  • Terms of Service
  • Super Customer Award
  • Why Superhub
  • Why Superhub (backup)
  • Contact Sales
  • Contact Support
  • Login
  • Products
  • Guide Documents
  • Service Forms
  • Contact Us
  • Frequently Asked Questions
  • How-to
  • Service Links
  • How-to-detail
  • Cloud Experience Center
  • Cloud Experience Center (Backup)
  • Contact & Payment
  • Help Center
  • How-To & FAQ Articles
  • Technologies
    Technologies
    • Modern Workplace
      1. Office 365
      2. Microsoft 365
      3. Windows 365
      4. Microsoft Teams
      5. Microsoft Teams Phone
      6. Dropsuite
      7. MailVault
      8. Crossware
    • Security
      1. Microsoft Enterprise Mobility Security (EMS)
      2. Barracuda
      3. Sophos
      4. Fortinet
    • Cloud Infrastructure
      1. Microsoft Azure
      2. Azure Virtual Desktop
    • Business Solutions
      1. App365
      2. Adobe
      3. Powell Teams
      4. Microsoft SharePoint
      5. Microsoft Power Platform
      6. Microsoft Power BI
      7. Microsoft Dynamic 365
    • Exchange Email and Domain
      1. Exchange Online
      2. Hosted Exchanged
      3. Domain Name
  • Solutions
    Solutions
    • Managed and Adoption Services
      1. Modern Workplace
      2. Cloud Infrastructure
      3. Business Solutions
      4. Security
    • Other Solutions
      1. Back Up
      2. Email Security
      3. Email Signature
      4. Email Archiving
      5. Virtual Desktop
      6. Talent Management
      7. Hybrid Cloud
    •  
      1. Virtual Desktop
      2. Talent Management
      3. Hybrid Cloud
  • Success Stories
  • Why superhub
  • Insights
    Insights
    • Our News
    • Our Events
    • Our Blogs
  • About Us
Shop Now

Let’s #worksmarter with superhub

Empowering your business by exploring new insights with
innovative products and modern cloud solutions.

Let’s Talk
  • About Us
  • Support
  • Why superhub
  • Success Stories
  • Contact Us
  • Web Mail
  • Linkedin
  • Youtube
  • Facebook
  • Technologies
    1. Modern Workplace
    2. Security
    3. Cloud Infrastruture
    4. Business Solutions
    5. Exchange Email and Domain
  • Solutions
    1. Managed and Adoption Services
    2. Other Solutions
  • Insights
    1. Our News
    2. Our Events
    3. Our Blogs

Subscribe to our eNewsletter

Microsoft Partner Microsoft Partner

© 2022 superhub, All Rights Reserved.

  • Sitemap
  • Privacy Policy
  • Terms of Service