Share via

Tenant migration to hybrid tenant that uses AD sync to sync from AD to cloud

jennylee 86 Reputation points
2023-04-10T01:24:49.4266667+00:00

Using this guide https://learn.microsoft.com/en-us/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide I'm trying to migrate mailboxes from a newly acquired company using O365 ( source) to our O365 hybrid tenant ( objects must be created in AD and sync to cloud) This article has me creating mail user contacts and adding the GUID from the source account. All the steps seem to work until the end where I test the migration Test-MigrationServerAvailability -EndPoint "[the name of your migration endpoint]" -TestMailbox "[Primary SMTP of MailUser object in target tenant]"

Microsoft.Exchange.Migration.MigrationServerConnectionFailedException: The connection to the server 'outlook.office.com' could not be completed. --->
                  Microsoft.Exchange.MailboxReplicationService.MRSRemotePermanentException: Cannot find a recipient that has mailbox GUID '32e40027-b27b-45a8-ac22-acd5c1a45ff7

My concern also is these are created in the cloud so they won't be able to sync back down to AD.  Any suggestions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,862 questions
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,735 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Aholic Liang-MSFT 13,861 Reputation points Microsoft Vendor
    2023-04-11T06:01:29.5933333+00:00

    Hi @ jennylee

    Yes. In general, when you have a hybrid environment, you must create AD objects on-premises and then sync the on-premises AD objects to Azure AD through Azure AD Connect. Failure to do so may cause problems with the account.

    I recommend that you could try migrating after creating mail users on-premises and syncing to the cloud to see if the issue persists.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread

  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

  3. Bradd Roberson 20 Reputation points
    2023-08-01T17:30:40.3733333+00:00

    I am just passing by, having issues with cross-tenant migration as well but different problem. I am by no means an expert on this subject, but I think your issue is that your are creating "contacts" when you should be creating mailuser's using new-mailuser cmdlet. See the example code near the bottom of the article you've linked in your original post. You must export specific information from the source usermailbox, import it into another powershell session that is connected to the target tenant, then create mailuser's with all of the attributes taken from the export.

    # From the source tenant, test with a specific user "mytest"
$users = get-user -filter 'userprincipalname -eq "******@mydomain.onmicrosoft.com"' | % {
    
  get-mailbox $_.userprincipalname | select-object `
    primarysmtpaddress,
    alias,
    samaccountname,
    firstname,
    lastname,
    displayname,
    name,
    exchangeguid,
    archiveguid,
    legacyexchangedn,
    emailaddresses

}

$users | export-clixml ~\Desktop\test_users.xml

    # From the target tenant, create your "mytest" mailuser
$users = import-clixml ~\Desktop\test_users.xml

foreach($mailbox in $users){

  # Setup target MailUser attributes
  $mosi = $mailbox.alias, 'target0.onmicrosoft.com' -join '@'
  $password = 'changeMe!!!1890' # set static password while testing
  $x500 = 'x500', $mailbox.legacyexchangedn -join ':'

  $mailuser_attr = @{
    microsoftonlineservicesid = $mosi
    primarysmtpaddress = $mosi
    externalemailaddress = $mailbox.primarysmtpaddress
    firstname = $mailbox.firstname
    lastname = $mailbox.lastname
    name = $mailbox.name
    displayname = $mailbox.displayname
    alias = $mailbox.alias
    password = $password | convertto-securestring -asplain -force
  }

  # Create target MailUser
  $mailuser = new-mailuser @mailuser_attr
  $mailuser | set-mailuser `
    -emailaddresses @{add=$x500} `
    -exchangeguid $mailbox.exchangeguid `
    -archiveguid $mailbox.archiveguid

  # Add X500 addresses
  $temp_x500 = $mailbox.emailaddresses | where-object { $_ -match 'x500' }
  $temp_x500 | foreach-object {
    set-mailuser $mailbox.alias -emailaddresses @{add="$_"}
  }
 
}

    Doing this has worked for me, I do not get errors about missing mailuser on the target side. Also my Test-MigrationServerAvailability comes back successful.

    That said, I am having my own issuing during migration, error states that the source user (hybrid mailbox in exchange online) is in some sort of hold when it's really not, and there is no retention policy applied, so perhaps I'm doing something wrong in the code above, but may be a step closer for you. And who knows, maybe you will not run into the hold issue I'm having.

    Hope that helps.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.