question

shreakh avatar image
0 Votes"
shreakh asked sikumars commented

Azure AD sync

I have synced my On-prem AD with Azure AD. Some user have O365 licensed mailboxes and others who are synced remain unlicensed users. I DO NOT have an on-prem exchange server. Those who are unlicensed are using a non-Microsoft email service (Zoho)

Say, I create an email distribution group called A with members A1, A2, A3 and synced it to the Azure AD. A1 is an O365 user and other two users are unlicensed users (but they have mailboxes in Zoho; MX is pointed to O365 and a connector has been configured from O365 to Zoho and no issue with sending and receiving emails for individual users).

Azure user IDs of A2 and A3 matches exactly to their email addresses in Zoho.

When I send an email to the distribution group A, only A1 receives it. A2 and A3 do not receive it. Checked email logs in both O365 and Zoho. Not even a single entry about an email to A2 and A3.

Further, when I open the synced distribution group in Azure, I can see A1,A2,A3. A1 has his name with the email address, but A2 and A3 is displaying only their names, no email addresses.

In my On-Prem AD, I have already set proxyaddresses attribute for A2 and A3 (format - SMTP:A1@domain.com).

What's the solution for this ? I need all unlicensed users to have their email addresses synced correctly into the Azure AD and must be able to include them into the email distribution groups to receive emails.

azure-ad-connectazure-ad-tenantazure-ad-user-managementazure-ad-hybrid-identity
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,

0 Votes 0 ·
sikumars avatar image
0 Votes"
sikumars answered

Hello @shreakh,

Thanks for reaching out.

I think, the reason why proxyAddresses attribute not synchronizing to cloud due to one of the following reasons:

  • The domain value that's used by proxyAddress attribute for A2 and A3 users (SMTP:A2@ domain.com hasn't been verified, if so then make sure you add and verify that domain in Azure AD per this article

  • A2 and A3 user's proxyAddress attribute value might have already used by different objects (such as user or group) in Azure AD which is causing conflicts due to duplicates, if so then check for the duplicate and remove them.

Refer following article to learn more about How the proxyAddresses attribute is populated in Azure AD also its worth to refer this article which has detailed information about common object don't sync scenarios.

Hope this helps.

------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ZollnerD avatar image
0 Votes"
ZollnerD answered

Do the unlicensed users have a value for mailNickname in on-prem AD? The rules that handle attribute flows for Exchange/email related data from AD -> AAD are all built so that if mailNickname is not populated, the rule will not apply - which in turn will stop all Exchange-related attributes from flowing.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.