This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Environment:
Hybrid with an older Exchange 2010 server.
AD server 2019 running AZURE AD CONNECT (latest version as of March 2022)
I've been adding new employees by creating a new account in AD and syncing with AZURE. No problems there.
Then I go into the Office 365 portal and assign Office for business licenses. A mailbox is then created and working no problem.
Recently, when using the Exchange Admin online, trying to add an alias to ANY mailbox or simply changing the REPLY to SMTP address, I am getting the error:
Error executing request. An Azure Active Directory call was made to keep object in sync between Azure Active Directory and Exchange Online. However, it failed. Detailed error message: Unable to update the specified properties for on-premises mastered Directory Sync objects or objects currently undergoing migration. DualWrite (Graph) The issue may be transient and please retry a couple of minutes later. If issue persists, please see exception members for more information.
This was uncovered when a user sent me an email and it came the onmicrosoft.com domain instead of the company domain. When I looked at the account, I tried to change the REPLY TO back to the default company email and got the error also.
Only 3 employees are effected by the "onmicrosoft.com" issue but I cannot add an alias email to ANY mailbox or change the primary email.
About 2/3 of the employees were migrated from the on premise Exchange server about a year ago and the rest created as mentioned above.
Checking the AD CONNECT LOGS, there are no errors at all when syncing and the online dashboards show no sync errors.
I then tried going into the users AD Properties on Premise and changed the PROXY ADDRESS ATTRIBUTE to change the default reply to SMPT:user@keyman .com. That syncs no problem and shows up in the portal as the primary address but when the user sends an email, it still comes from the onmicrosoft.com domain. I'm at a loss without any log errors to point me in the right direction. The syncing from on premise to online seems to be working fine otherwise.
Thank you
I'm having the exact same issue...
" Unable to update the specified properties for on-premises mastered Directory Sync objects or objects currently undergoing migration."
I keep seeing all the solutions referring to making the changes in your on-prem ecp..
However, there is no on-prem exchange server.. Only Microsoft 365 Hosted Exchange.
Any advice?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 55.00000000000001%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
seeing the exact same error on 2 tenants now. Something has changed with how microsoft does dirsync/hybrid setup. We used to be able to edit these attributes in EXO.
Im thinking it might be related to this:
Is there a way to turn off the dual-write feature?
I'm sure you already figured this out but for those just now reading these forums... don't forget that AD Sync pushes the attributes from AD to 365 so... if you no longer have an on-prem Exchange server, that's fine... use Active Directory's attribute editor like you did before Exchange started allowing these aliases added directly in the EAC. Jump into your domain controller, open ADUC and open the user. Click the Attribute Editor and add your aliases there. Once you're done, wait for AD to Sync to 365 on its own or use the ADSync service app to start a Delta Sync (you'll likely still have to wait about 10 minutes for things to appear on the 365 side). Your aliases will start to appear in the Active User's properties eventually. That error you see is actually quite smart of Microsoft... it prevents new data from more than one source, potentially corrupting the record since Microsoft has no way of knowing which info source wins in each situation.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 41%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESJ%3C/text%3E%3C/svg%3E)
I used Darth's suggestion which worked in my environment. The attribute to add the email aliases to is 'proxyAddresses' (which was blank), within my on-prem AD for the user connected with the shared mailbox. Thanks Darth.
Thanks, Darth. It worked!
Hi I had the same problem and the solution below worked for me:
Login to your DC then open AD then search for the user with the issue, under advanced Features go to Attributes editor make sure the smtp is in caps with a colon. e.g SMTP: email address.