New MailUsers from Account - Office 365



  • We have two groups of users that correspond to two different Office 365 tenants, the first is done by Microsoft Online Directory Sync the second is done by Azure Directory Sync. We have a single AD server in house. Tenant 1 syncs UPN1 and Tenant 2 syncs UPN2. These UPNs are synced to two separate Azure ADs.

    Group 1 -> Tenant 1
    Group 2 -> Tenant 2
    

    Both groups are synced to both tenants but only Group 1 has licenses and a mailbox on Tenant 1. Only Group 2 has licenses and a mailbox on Tenant 2.

    On Tenant 1 Group 2 has both an account (meaning they can login) and is also a Mail User pointing to the email address on Tenant 2. I can't figure out how this is setup. When I try and emulate this on Tenant 2 I am unable to as the UserPrincipleName has to be unique. So I can either have an account or a Mail User but not both.

    Any idea of the next step I could look at?



  • Is it just an SMTP entry on the user?



  • @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.



  • @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?



  • @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.



  • Does this work in local exchange?

    And if so, how? are there two completely separate ADs?



  • @Dashrender said:

    Does this work in local exchange?

    And if so, how? are there two completely separate ADs?

    Local Exchange? We don't have email local.



  • @coliver said:

    @Dashrender said:

    Does this work in local exchange?

    And if so, how? are there two completely separate ADs?

    Local Exchange? We don't have email local.

    Oh - better question without assumptions this time - what are you using for email today, and does it allow what you want?



  • @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?



  • @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?

    Pretty much this, expect that users don't realize they have accounts in both places.



  • @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?

    Pretty much this, expect that users don't realize they have accounts in both places.

    Why not generate the tenant2.onmicrosoft.com accounts using powershell. You can also set the forwarding up in your script:
    Set-Mailbox -Identity Alias -DeliverToMailboxAndForward $true -ForwardingSMTPAddress [email protected]



  • @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?

    Pretty much this, expect that users don't realize they have accounts in both places.

    Why not generate the tenant2.onmicrosoft.com accounts using powershell. You can also set the forwarding up in your script:
    Set-Mailbox -Identity Alias -DeliverToMailboxAndForward $true -ForwardingSMTPAddress [email protected]

    The Tenant2 users we want to forward don't have a mailbox. They are unlicensed users.



  • @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?

    Pretty much this, expect that users don't realize they have accounts in both places.

    Why not generate the tenant2.onmicrosoft.com accounts using powershell. You can also set the forwarding up in your script:
    Set-Mailbox -Identity Alias -DeliverToMailboxAndForward $true -ForwardingSMTPAddress [email protected]

    The Tenant2 users we want to forward don't have a mailbox. They are unlicensed users.

    Ok, I think I'm not getting what you're trying to achieve? Is this just so that the Tenant2 users show up in the GAL, or something else?



  • @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?

    Pretty much this, expect that users don't realize they have accounts in both places.

    Why not generate the tenant2.onmicrosoft.com accounts using powershell. You can also set the forwarding up in your script:
    Set-Mailbox -Identity Alias -DeliverToMailboxAndForward $true -ForwardingSMTPAddress [email protected]

    The Tenant2 users we want to forward don't have a mailbox. They are unlicensed users.

    Ok, I think I'm not getting what you're trying to achieve? Is this just so that the Tenant2 users show up in the GAL, or something else?

    Exactly that.



  • @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?

    Pretty much this, expect that users don't realize they have accounts in both places.

    Why not generate the tenant2.onmicrosoft.com accounts using powershell. You can also set the forwarding up in your script:
    Set-Mailbox -Identity Alias -DeliverToMailboxAndForward $true -ForwardingSMTPAddress [email protected]

    The Tenant2 users we want to forward don't have a mailbox. They are unlicensed users.

    Ok, I think I'm not getting what you're trying to achieve? Is this just so that the Tenant2 users show up in the GAL, or something else?

    Exactly that.

    Why not add them as New-MailContacts?



  • @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?

    Pretty much this, expect that users don't realize they have accounts in both places.

    Why not generate the tenant2.onmicrosoft.com accounts using powershell. You can also set the forwarding up in your script:
    Set-Mailbox -Identity Alias -DeliverToMailboxAndForward $true -ForwardingSMTPAddress [email protected]

    The Tenant2 users we want to forward don't have a mailbox. They are unlicensed users.

    Ok, I think I'm not getting what you're trying to achieve? Is this just so that the Tenant2 users show up in the GAL, or something else?

    Exactly that.

    Why not add them as New-MailContacts?

    LOL that was my question.



  • @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    @coliver said:

    @Kelly said:

    Is it just an SMTP entry on the user?

    Would that work? I haven't been able to add SMTP addresses to the unlicensed users.

    So Group 2 logs into Tenant 1 with a Tenant 1 address or a Tenant 2 address?

    Group 2 doesn't log into Tenant 1. They have an account and can login via the @domain.onmicrosoft.com identifier. They are also a mail user on Tenant 1.

    Let me see if I am understanding you by outlining things as I understand them, and then you can correct me as needed.

    [email protected] also has [email protected] that they can login to and mail they receive there is forwarded to [email protected]?
    You want to set things up so that [email protected] can login to Tenant 2 and receive email from their Tenant2.onmicrosoft.com email address?

    Pretty much this, expect that users don't realize they have accounts in both places.

    Why not generate the tenant2.onmicrosoft.com accounts using powershell. You can also set the forwarding up in your script:
    Set-Mailbox -Identity Alias -DeliverToMailboxAndForward $true -ForwardingSMTPAddress [email protected]

    The Tenant2 users we want to forward don't have a mailbox. They are unlicensed users.

    Ok, I think I'm not getting what you're trying to achieve? Is this just so that the Tenant2 users show up in the GAL, or something else?

    Exactly that.

    Why not add them as New-MailContacts?

    We could do that. But the way the sync is setup it uses the email address associated with the user account for unlicensed users. So mail contacts (like mail users) won't work.



  • I believe you can bypass DirSync for this, and just create them in O365 directly.



  • @Kelly said:

    I believe you can bypass DirSync for this, and just create them in O365 directly.

    Right, Dirsync is already setup. I'll need to speak with my coworkers about this.



  • So I was looking too deeply into this. Turns out adding a target address to the unlicensed users in AD creates them as mail users in that tenant. Oddly this isn't the case in Tenant 1 but it works as expected in Tenant 2 after adding that property.



  • Resurrecting an old thread.

    We ran into this issue again after updating to the most recent version of Azure AD Sync. We needed to set the mailnickname attribute in AD for the mail users to be created again. This was in addition to having the targetAddress declared.


  • Service Provider

    @coliver said in New MailUsers from Account - Office 365:

    Resurrecting an old thread.

    We ran into this issue again after updating to the most recent version of Azure AD Sync. We needed to set the mailnickname attribute in AD for the mail users to be created again. This was in addition to having the targetAddress declared.

    Thanks for following up :)


Log in to reply
 

Looks like your connection to MangoLassi was lost, please wait while we try to reconnect.