Scenrio: You have Active Directory which stores
users with AD Connect doing password sync, all mailboxes with the exception of
a few are in Office 365. Hybrid mail flow is required between the on premise
mailboxes and Office 365. All the AD users were created using AD Users and
Computers and not the Exchange Server.
Problem: If you have on premise user accounts
with Office 365 mailboxes. If the user accounts have been created using Active
Directory Users and Computers and not Exchange they will not have all the
required attributes to route mail internally.
It's worth having an Exchange Server purely to do
email administration, unless you know what AD attributes to manipulate
manually.
Office 365 mailboxes should be created using the
on premise Exchange Server, this will create the new AD object with the correct
attitrbutes set.
When a new mailbox in Office 365 is created with
an on premise user account Exchange populates the "targetAddress"
attribute which is used to route mail from on premise to Office 365. Please
note this attribute is not synced to AAD using AD Connect.
It's added in the format
SMTP:username@domain.mail.onmicrosoft.com
It also populates the "proxyAddresses"
attribute with a primary email set to the custom domain and another set to
@domain.mail.onmicrosoft.com
If you force AD Connect to sync the user will
appear as unlicensed in the portal.
Assign a license to it then force another AD
sync.
If you return to the "proxyAddresses"
attribute you will see another x500 field has been create. All of these
attributes are required to ensure mail can be routed between on premise and
Office 365.
If you have created a batch of users in the
traditional way, synced them to Office 365, assigned licenses then allowed
users to use the mailboxes. You will not be able to send mail from on premise
mailboxes to them, this is because the "targetAddress" attribute is
not populated by ADUC.
