How do we set "Only senders in the organization" in office 365 from active directory attribute ?

Question

How do we set "Only senders in the organization" in office 365 from active directory attribute ?

DM Kosala Randika Paranathala 76

37668-distribution-group-delivery-senders-inside-organiz.png

Enzo Zappulla 1 Reputation point

2023-06-30T19:59:29.4166667+00:00

What if the attribute is blank? is that True or False when sync'd to the cloud?

3 answers

Your answer

Enzo Zappulla 1 Reputation point

2023-06-30T19:59:29.4166667+00:00

What if the attribute is blank? is that True or False when sync'd to the cloud?

Answer 1

@DM Kosala Randika Paranathala

This attribute is synced by AAD Connect by default, don't change this attribute from AD account directly, I would suggest you modify this attribute from Exchange on-premises(EAC or EMS), then sync this modify to local AD account, then sync to AAD.

When "msExchRequireAuthToSendTo" == True, the setting on group will be "Only Senders inside my organization"
When "msExchRequireAuthToSendTo" == False, the setting on group will be "Senders inside and outside of my organization"

We check whether is this attribute synced by steps below:

Open Synchronization Service tool, then check as picture below:
We can know this attribute is synced by "Group Exchange" rule, then we can check this rule in Synchronization Rules Editor:

If this attribute still doesn't sync in your organization, you could confirm with AAD Connect team.

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

KyleXu-MSFT 26,396 Reputation points

2020-11-09T08:47:48.137+00:00

@DM Kosala Randika Paranathala
I am writing here to confirm with you any update about this thread now?
If the above suggestion helps, please be free to mark it as an answer for helping more people.

Answer 2

Vasil Michev 119.6K MVP Volunteer Moderator

Use the "msExchRequireAuthToSendTo" attribute. You obviously need to have the Exchange AD schema extensions.

DM Kosala Randika Paranathala 76 Reputation points

2020-11-05T15:04:23.623+00:00

Hi Michew,
Thank you for your answer and I did but once I changed this it will not sync to the online portal. In AD it changed as True and online side it was not changed even ran AD sync delta.
Vasil Michev 119.6K Reputation points MVP Volunteer Moderator

2020-11-05T15:22:29.357+00:00

The attribute syncs by default, as detailed here: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-sync-attributes-synchronized
Try forcing a full sync and check for any rule customizations that might be affecting this.
Pavel Marinov 5 Reputation points

2024-11-07T13:57:47.9433333+00:00

@Vasil Michev Yes it is, however in my case it does not matter, check the comment bellow :)

Answer 3

Pavel Marinov 5

I have a very similar case, however in the cloud my group's attribute is set on false, I change the On-prem group object to false as well, and when I run the AdSync Delta the on-prem get's rewritten to True.... I have no custom rules what so ever and the only rule I have is an inbound one to the internal domain, that says update, which should, as far as I understand, take the cloud attribute and sync it to the on-prem group.

Share via

How do we set "Only senders in the organization" in office 365 from active directory attribute ?

3 answers

Your answer