DirSync, proxyAddresses & Domains – Removing Domain & Managing Email Address

Posted on

For Office 365 Admins who manage domains and UPNs/proxyAddresses, I wanted to write a posting explaining an interesting “use case scenario”.

Scenario

  1. You have created and verified a domain in your Office 365 Portal, such as the ole contoso.com domain
  2. Users in your Active Directory have been given that email address via the AD proxyAddresses attribute and synchronized into Office 365
  3. You remove the domain from your Online Portal because it is no longer needed, such as selling the company/domain
    1. Note – In order to remove a domain NO OBJECTS can be associated with this domain, either as UPN or Email address.  The fastest way to do this is to remove the Domain Intent settings for Lync & Exchange Online, which releases the check for attributes using this domain during the Domain Removal process.

Note – Unchecking these services from your domain will release the attribute checks used by this domain.  If you do not do this, then you must change your task and remove the email addresses from on-premises Active Directory (UPN and/or proxyAddresses {SMTP}, before you can remove this domain.  There is a way to remove SMTP addresses from Online using PowerShell BUT managing onsite Active Directory is the better approach for this scenario.

domain_intent

  • Question: You will notice that by removing the contoso.com domain that the online users maintain their @contoso.com domain and you may be asking yourself “WHY, I removed the domain”.
  • Answer: This is because Directory Synchronization manages the proxyAddresses value during Synchronization and will NOT see any changes to your on-premises Active Directory user’s proxyAddresses values, therefore no changes are pushed into the cloud.
  • Resolution: To remove the @contoso.com domain email address from online users, you must remove the @contoso.com proxyAddress (i.e. smtp:ChicagoAbe@contoso.com) from Active Directory, which instructs Directory Synchronization to remove it from your Office 365 user email address.

Note – Click Remove on the @contoso.com email address and in 3 hours Directory Synchronization will remove this from the online user.

proxy_domain_removal

 

 

NOTE – There are ramifications for doing this, as this email address is/was most likely used in Exchange Online.  If @contoso.com was used to send mail by other Exchange Online users, this address will be cached in Outlook and will automatically popup when attempting to send to ChicagoAbe@contoso.com.  Users must hit the Delete button to remove this entry from their Outlook cache and then “re-find” the user, which will now only use ChicagoAbe@Fabrikam.com.

Whatcha thinkin?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s