Scenario: Adding Azure AD Connect to an existing AD domain with existing MS365 cloud-only mailboxes. AADC and EX2016 Management Server are set up with Minimal Hybrid Exchange, and everything is working with test accounts created in EAC as remote mailboxes.
However, once AAD syncs an existing AD account to AAD and soft-matches it, SSO will work, but the remote mailbox is not visible in on-prem EAC until the user account is AD-Enabled.
I had hoped to do something like this in Exchange Management Shell:
Get-User -OrganizationalUnit "OU=AAD.Sync,OU=Users,DC=[REDACTED],DC=Local" | Enable-RemoteMailbox -RemoteRoutingAddress $_.userPrincipalName
But I get this output:
The address '@redacted.mail.onmicrosoft.com' is invalid: "@redacted.mail.onmicrosoft.com" isn't a
valid SMTP address. The domain name can't contain spaces and it has to have a prefix and a suffix, such as example.com.
+ CategoryInfo : NotSpecified: (:) [Enable-RemoteMailbox], DataValidationException
+ FullyQualifiedErrorId : [Server=REDACTED,RequestId=980e059c-1250-4de3-9b3d-27964d9cd9b1,TimeStamp=12/15/2021
11:12:18 PM] [FailureCategory=Cmdlet-DataValidationException] EFF760F5,Microsoft.Exchange.Management.RecipientTask
s.EnableRemoteMailbox
+ PSComputerName : redacted.redacted.local
So I feel like I'm close...I'm just not getting the UPN; I'm getting only the tenancy name. I haven't figured out from the Get-User documentation how to find out how to get the userPrincipalName attribute.
I know I will also need to deal with the ExchangeGUID but haven't gotten that far yet! This will at least make the remote mailboxes manageable in EAC.