I have an hybrid deployment with some users on-premises and other in Exchange Online. Directory synchronization is running fine.


Now for a group I was asked to convert them to non-federated users in MSOL and give them a new mailbox. What I did:

- export mailbox to PST

- change the UPN and primary SMTP address to name_temp@domain.com

- allow directory synchronisation

- create new MSOL user with UPN name@domain.gemlv.onmicrosoft.com

- enable mailbox and add primary SMTP address name@domain.com

- import PST to Exchange Online mailbox

- disabled the on-premises mailbox


So far so good, these users have access to their new mailbox and are instructed to use the new UPN (name@domain.gemlv.onmicrosoft.com) to log in. Also they can send and receive mail.


Now I need to make sure they appear in the on-premises GAL. What I tried:

- add the name@domain.mail.onmicrosoft.com address on the Exchange Online mailbox

- enable-mailuser on the on-premises AD object and set -ExternalEmailAddress to name@domain.mail.onmicrosoft.com

- set -PrimarySmtpAddress to name@domain.com


My goal was to recreate what directory sync does for normal moved mailboxes. Unfortunately it failed because directory sync now tries to sync my MailUser to Exchange Online and reports an error because of duplicate atributes.


I'm looking for a recommendation to make non-federated users available in the on-premises AD and GAL.