13 March 2020

Hiding email address in O365 with hybird on-prem AD sync

So another gotcha when using O365 in hybird mode with on-prem sync is that you can’t hide a user’s email address [from address books and distribution lists] by using the Exhange Admin Portal. This is because the setting are made on-prem, and those defined values are simply pushing to your AAD tenant in Microsoft’s Azure cloud.

We used to be able to, from the Exchange Management Console on the on-prem server, just open the user and check a tick box to hide their address from everything. The work around isn’t much harder, it’s just buried deeper.

Open the user in your on-prem AD, and navigate the “Attribute Editor” tab.

Scroll down until you find the following attribute.

  • msExchHideFromAddressLists

Setting it to “TRUE” will make the email addess hidden.

Setting it to “FALSE” or “<not set>” will make the email address visible.

After you have made the desired change to the value of the attribute, you just need to wait for [or force] your on-prem AD to re-sync with your AAD.

12 March 2020

Alias emails in O365 with hybird on-prem AD sync

If you use O365 in hybird mode, with your tenant sync-ed to your on-prem AD or Exchange server, then you will definitely run into an issue if you try to add an alias email address to a user.

When you attempt to add an alias, or alternate, email in your Exchange Admin Center portal you will see this error message.

To get around this you’ll need to edit the user “local” from your on-prem AD. In AD, right-click and open the users’ properties. Select the tab “Attribute Editor”

You will want to look for and edit the following two attributes.

  • msExchShadowProxyAddresses
  • ProxyAddresses

Add the user’s alias/alternate email address into the above mentioned attributes in the form of: smtp:updatedname@domain.tld

That’s it. Now you just need to let your AD sync back up to the O365 cloud.

WARNING: If you add it in CAPS (SMTP:updatedname@domain.tld) then it will get interpreted as the default address and not as an alias/alternate email. Make sure that “smtp” is lowercase.