On Premise Mailbox user missing in Exchange Online GAL

Ran into an interesting issue with one of our Exchange Online customer. Thought it probably worth sharing with the solution I found.

The customer has an Exchange Hybrid setup. Recently some of  Office 365 Exchange Online users complain they cannot email to a particular on premise mailbox: Paul.Smith@contoso.com. The user bascialy does not show up in Exchange Online GAL. The on premise mailbox is working fine and other on premise staff can send emails to it without issue. When I checked Exchange Online, I cannot find the contact object for this account.

Initially I thought it could be for some reason the user's on premise AD object has not been synced properly to Office 365. So I tried with recreating the object in Office 365 by moving the on premise AD account to a non-synced OU. This delete the user's Office 365 account. Then I move the on premise account back into its original OU. After re-sync the account back into Office 365, it still refuse to show up in Exchange Online contact list.

As always, I contacted Microsoft support to try get an answer. But that didn't prove to be too useful either. The suggestion MS provided is to "Change our Email domain contoso.com from Authority to Internal Relay". This issue only affects a single user out of 500 and MS is suggesting to change a Global setting. I give them up quickly and focus on research the issue myself.

I then took a close look at the user's Office 365 account, while compare it with other accounts I notice a difference in the field of CloudExchangeRecipientDisplayType
Get-MSOLUser –UserPrincipalName paul.smith@contoso.com | fl > c:\paul.txt
Get-MSOLUser –UserPrincipalName tom.leigh@contoso.com | fl > c:\tom.txt

Paul's user details




Another user details




According to this article, -2147483642 means "SynedMailboxUser". This is the recipient type of Paul's Office 365 account. So now we know what's wrong with Paul's account.

To fix the issue, we just need to set CloudExchangeRecipientDisplayType with the correct value. To do so we need to make change to Paul's on premise AD account.

In on premise ADUC, enable Advanced Features in view. Open the user properties and select Attribute Editor tab.

Change following fields
msExchRecipietnDisplayType -> 6
msExchRecipientTypeDetails -> 128
targetAddress -> paul.smith@contoso.com

Make sure you take a screenshot of the existing value

After change the value, perform a AD SYNC from DirSync or run Start-OnlineCoexistenceSync

In the SYNC log, confirm the user object has been updated. If you go into the Exchange Online contact list, Paul's email address should be available now.

Once confirmed user email address available in Office 365 again, we need to reverse the above change to the on premise user account. Otherwise, Paul will not be able to access his on premise mailbox.

To do so, simply apply the following changes
msExchRecipietnDisplayType -> 1073741824
msExchRecipientTypeDetails -> 1

targetAddress -> <not set>

Comments

Popular posts from this blog

Install AWS CLI on WSL Ubuntu

Migrate Azure AD Connect Between AD Forests