This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 87%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETG%3C/text%3E%3C/svg%3E)
We currently are in a hybrid environment with Azure Sync tool set to export data from our on Premise AD to our Entra ID. One field in our on premise AD is for Users is email. Our Entra ID tenant is a different domain than the email address that is being exported from our on Premise AD but we have not had an issue up until late November. 2024. In the users profile it has the Entra ID tenant domain email address which does populate by default but in the past when on premise AD exported it overwrote the email filed with the correct email address. In the connect tool I see where it is set to export and it is set to "update" which I assume means that if it was different from the one in Entra ID it would update it (overwrite) what is currently in Entra ID with the exported information from on prem AD.
I did not set this up originally, our IT Manager did and he has since left so of course I could be missing something but nothing was changed and he actually did not leave until December and I can trace this issue back to November. I realize I need to update to the Entra ID connection tool but I need to plan that out before jumping in and updating. Any assistance with this issue would be greatly appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
If I well understood you queqtion , you are looking how sync your on-prem active directory to Entra ID correctly.
The best way to sync your on-prem active directory to Entra ID is to deploy one of the following tools:
Please don't forget to accept helpful answer
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello @Terri Garcia
Thank you for posting your query on Microsoft Q&A.
Based on your description I have understood that you have updated the value on prem, but it is still not synchronizing to Azure, the root cause could be related to formatting, licensing, shadow attribute synchronization, the mailNickName setting, or other name configuration issues.
In the on-premises Active Directory, make sure that the proxyAddress attribute is formatted correctly. The SMTP parameter has to be in capital letters to specify the default mail. https://learn.microsoft.com/en-us/troubleshoot/azure/active-directory/proxyaddresses-attribute-populate
If the user is licensed for Office 365 A1 for students, you may want to remove that license. I have seen some rare cases When users are assigned licenses certain applications like Information Barriers and Exchange Online could cause the overwrite of that attribute.
Another possibility is that Entra is reading from the shadow attribute. Some attributes have two representations in Microsoft Entra ID. Both the on-premises value and a calculated value are stored. These extra attributes are called shadow attributes. The two most common attributes where you see this behavior are userPrincipalName and proxyAddress. The change in attribute values happens when there are values in these attributes representing non-verified domains. But the sync engine in Connect reads the value in the shadow attribute so from its perspective, the attribute has been confirmed by Microsoft Entra ID.
For an unverified domain, the domain suffix will take initialdomain.onmicrosoft.com. The prefix of the Microsoft Online Email Routing Address (MOERA) comes from mailNickName, so you may need to make sure to set the on-prem user's mailnickname is set to the correct name if it is not currently set. One thing to remember, though. Once the MOERA is set, you can't change it. You would remove the existing user and recreate a new one after the mailnickname in the on-prem AD is properly set. For more reading: https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/plan-connect-userprincipalname
Refer Similar thread: https://learn.microsoft.com/en-us/answers/questions/853197/email-attribute-no-longer-syncing-properly-from-on
I hope this clarifies things. Please contact us if you have any additional questions.If this answers your query, do click Accept Answer and Yes for "Was this answer helpful". And, if you have any further query do let us know.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
Sakshi Devkante
Hello @Terri Garcia
I am following up to see if the suggestion provided above was helpful to you. If you have any further questions or need additional assistance, please don’t hesitate to reach out.
If this answers your query, do click Accept Answer and Yes for "Was this answer helpful". And, if you have any further query do let us know.
Best regards,
Sakshi Devkante
Hello @Terri Garcia
I am following up to see if the suggestion provided above was helpful to you. If you have any further questions or need additional assistance, please don’t hesitate to reach out.
Best regards,
Sakshi Devkante
Hello @Terri Garcia
I am following up to see if the suggestion provided above was helpful to you. If you have any further questions or need additional assistance, please don’t hesitate to reach out.
Best regards,
Sakshi Devkante