Azure AD sync

Shreakh 1 Reputation point
2021-06-12T19:43:57.233+00:00

I have synced my On-prem AD with Azure AD. Some user have O365 licensed mailboxes and others who are synced remain unlicensed users. I DO NOT have an on-prem exchange server. Those who are unlicensed are using a non-Microsoft email service (Zoho)

Say, I create an email distribution group called A with members A1, A2, A3 and synced it to the Azure AD. A1 is an O365 user and other two users are unlicensed users (but they have mailboxes in Zoho; MX is pointed to O365 and a connector has been configured from O365 to Zoho and no issue with sending and receiving emails for individual users).

Azure user IDs of A2 and A3 matches exactly to their email addresses in Zoho.

When I send an email to the distribution group A, only A1 receives it. A2 and A3 do not receive it. Checked email logs in both O365 and Zoho. Not even a single entry about an email to A2 and A3.

Further, when I open the synced distribution group in Azure, I can see A1,A2,A3. A1 has his name with the email address, but A2 and A3 is displaying only their names, no email addresses.

In my On-Prem AD, I have already set proxyaddresses attribute for A2 and A3 (format - SMTP:A1@keyman .com).

What's the solution for this ? I need all unlicensed users to have their email addresses synced correctly into the Azure AD and must be able to include them into the email distribution groups to receive emails.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,466 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Siva-kumar-selvaraj 15,551 Reputation points
    2021-06-14T17:57:28.897+00:00

    Hello @Shreakh ,

    Thanks for reaching out.

    I think, the reason why proxyAddresses attribute not synchronizing to cloud due to one of the following reasons:

    • The domain value that's used by proxyAddress attribute for A2 and A3 users (SMTP:A2@ domain.com hasn't been verified, if so then make sure you add and verify that domain in Azure AD per this article
    • A2 and A3 user's proxyAddress attribute value might have already used by different objects (such as user or group) in Azure AD which is causing conflicts due to duplicates, if so then check for the duplicate and remove them.

    Refer following article to learn more about How the proxyAddresses attribute is populated in Azure AD also its worth to refer this article which has detailed information about common object don't sync scenarios.

    Hope this helps.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments
  2. Danny Zollner 9,521 Reputation points Microsoft Employee
    2021-06-15T15:50:12.943+00:00

    Do the unlicensed users have a value for mailNickname in on-prem AD? The rules that handle attribute flows for Exchange/email related data from AD -> AAD are all built so that if mailNickname is not populated, the rule will not apply - which in turn will stop all Exchange-related attributes from flowing.

    0 comments