This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 37%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Hey Guys,
We just migrated from Exchange 2010 to O365(hybrid on 2016 Exchange server) and are having a hard time enabling all of our helpdesk users to be able to continue creating mailboxes in the cloud. Their normal process is to copy one of their template accounts with appropriate group memberships, etc. and then add a mailbox to that existing account. It sounds like the only way they can do this(recipient managers) is to run a powershell command(enable-remotemailbox) with the correct modules loaded, etc? That obviously does not really work for a bunch of helpdesk employees.
Does anyone else have anything that is a little smoother process for a helpdesk to be able to create O365 mailboxes for existing AD accounts(that they just created)?
Thanks
There would be no need to give them anything beyond permissions in the "Recipient Management" Role group or create a custom role group.
You could add them to that role group ( Or the may already be in it)
Both new-remotemailbox and enable-remotemailbox are part of recipient management.
There would be no requirement for them to have access to the AADConnect sync or access through the firewall
The remote mailbox commands run on-prem, provisions the mailbox in Office 365 when the AADConnect sync happens automatically every 30 minutes,.
Ensure your process also licenses the mailbox created in Exchange Online for Exchange... :)
Thanks for the response Andy, but do I still need them to run enable-remote mailbox in powershell just to create a mailbox for an existing user? I also have to get the Exchange Tools loaded on all of their computers for that? I can run that command but I am not getting that command when installing the ExchangeOnlineManagement or ActiveDirectory powershell modules on other computers
Enable-remotemailbox and new-remotemailbox are on-prem Exchange Powershell commands. You wont see them in Exchange Online since the remote mailbox is remote to on-prem :).
You also wont see them in AD PS commands.
Enable-remotemailbox enables a remote mailbox for an existing AD account:
https://learn.microsoft.com/en-us/powershell/module/exchange/enable-remotemailbox?view=exchange-ps
New-remotemailbox creates the AD account and remote mailbox:
https://learn.microsoft.com/en-us/powershell/module/exchange/new-remotemailbox?view=exchange-ps
Your Helpdesk could create the AD account using ADUC using their existing processes and enable as a remote mailbox using Exchange ( EAC or Powershell)
No need to install the Exchange tools. The HelpDesk users can remote into Exchange On-Prem to run these directly.
It sounds like if your helpdesk needs to be able to simply add a O365 mailbox to an existing account they must do it through powershell using enabled-remotemailbox, but to do it through powershell they must have exchange management shell loaded on each of their computers which I cannot do simply by installing or importing a powershell module. This might not be a big concern if you have 3 helpdesk personal and there is not turnover, but when there are constant firewall changes needed for ps remote execution and lots of helpdesk with lots of turnover, that does not sound that good. If anyone has any other ideas on something simple let me know.
They will need to be able to use remote Powershell to the Exchange Servers, which is required for any user to use Exchange Powershell. That doesnt require any additional installation or mgmt tools. Even if they had the mgmt tools installed, they would need to remote powershell to the on-prem Exch servers to do this.
Otherwise, you would need to script something on a web page/server that can access Exchange via remote powershell.
You could also use a virtual machine that is used a mgmt server and let the help desk remote RDP into that server. Then they could run the commands required from that server and that server alone instead of their own workstations if there are firewall issues between the clients and Exchange Servers. You could allow just that mgmt server access.
Are the Exchange Servers in a different network or data center?
How exactly does the Help Desk create mailboxes now again? Can you spell out the exact steps? Its not much different for a remote mailbox
Another option is to not change a thing and create regular on-prem mailboxes as you do now. Then you would need a process that moves the mailbox to Office 365 on a scheduled basis. Not as elegant as creating a remote mailbox and requires the extra step to move the mailbox, but it would work
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 22%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELL%3C/text%3E%3C/svg%3E)
Hi @Dave Bryan ,
I agree with what Andy said.
1.It is recommended that you run the following command line after connecting to the Exchange server remotely to create mailboxes for existing users in the on-premises AD.
Enable-RemoteMailbox <> -RemoteRoutingAddress <>
For more information: How to create an Office 365 mailbox (in hybrid)
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
2.You could also enable the user mailbox on on-premises Exchange server and then migrate mailbox to Exchange online, but the steps are more complicated.
For more information: Move mailboxes between on-premises and Exchange Online organizations in hybrid deployments
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @Dave Bryan ,
Do suggestions above help? If the issue has been resolved, please click “Accept as answer” to mark helpful reply as an answer, this will make answer searching in the forum easier and be beneficial to other community members as well.
Thanks for your understanding.
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @Dave Bryan ,
If the issue is resolved, you can click “Accept as answer” to mark helpful reply as an answer in your spare time.Your action would be helpful to other users who encounter the same issue and read this thread.
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hey Andy - Thanks for your feedback. Was trying to find something simpler than having to get all helpdesk user connected to an on-premises exchange server to run enable-remotemailbox through powershell, which I mentioned in my port. Your posts pretty much told me that there is not really anything simpler.
Hi @Dave Bryan ,
Yes, you could create the office 365 mailbox for an existing account as recommended by Andy.
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.