Managing remote Exchange Online hosted mailboxes post migration has been a pain for some time. Some attributes are managed in the cloud, others on premises, and to do it right you needed to keep an Exchange Server around… Well Microsoft has a new feature which allows admins to manage the Exchange properties of directory-synchronized users with remote mailboxes directly from the cloud and THIS jaw dropper is today’s #MicrosoftCloudQuickFix !!!
A new capability in preview for Exchange Online allows administrators to manage Exchange attributes for directory-synchronized users with mailboxes hosted in Exchange Online. With the update, the Source of Authority (SOA) for Exchange-specific attributes can be transferred to the cloud, while the SOA for identity-related attributes remains under the control of Windows Active Directory.
After moving the SOA for Exchange-specific attributes to Exchange Online / Entra ID, these attributes can be managed using EXO PowerShell, the Microsoft 365 Admin Centre, or the Exchange Admin Centre with future support for write-back support of designated attributes via Entra Cloud Sync.
Microsoft is providing this feature in two phases:
Phase 1 (Preview): allows admins to enable cloud management of Exchange attributes per mailbox by setting IsExchangeCloudManaged to true. Mailboxes can be reverted to on-premises management by resetting IsExchangeCloudManaged to false.
Phase 2: will include write-back support for specified attributes and Entra Cloud Sync integration. During this phase, updates to key Exchange properties made in Entra ID will be automatically synchronized with the on-premises Windows Active Directory. This process keeps the on-premises AD current; for example, changes to a proxy address in Exchange Online will be updated in Active Directory. To access write-back functionality, customers must implement Entra Cloud Sync.
The new cloud-managed mailbox capability allows organizations that use on-premises Windows Active Directory for identity to manage their Exchange Online mailbox attributes in the cloud. As a result, it is no longer necessary to maintain an Exchange server or management tools on-premises for routine Exchange administration tasks!
For more information see:
- Introducing Cloud-Managed Remote Mailboxes: a Step to Last Exchange Server Retirement | Microsoft Community Hub
- Cloud-based management of Exchange attributes for Remote Mailboxes in hybrid environments (Preview) | Microsoft Learn
#MicrosoftCloudQuickFix #Microsoft365 #MicrosoftCloudSecurity #MicrosoftEntra #MicrosoftEntraID #WindowsActiveDirectory #ActiveDirectory #SecurityGroups #IdentityAccessManagement #IdentityGovernance #ExchangeOnline #ExchangeServer