Sometimes things happen. Migration failed, interns assigning a license to a user when their mailbox is on premise, or some other kind of administrative mistake. Now you realize you have a mailbox on premise and a mailbox in O365. In order to fix the problem, you have to remove one of the accounts. The easiest fix is to remove the cloud account and migrate the on premise account. The reason you want to keep the on premise account is mainly for successful authentication, redirects, and mailflow. Below are the steps to accomplish the task of successfully removing and resyncing the user’s account. This process will save the current mailbox data in a soft deleted state, removed the MSOL account in O365, resync the AD account on prem to O365 and re-create the mailbox.
You know you are running into this issue if you run Get-mailbox in Exchange Powershell on-premise, and you run Get-mailbox in Exchange Online Powershell and both outputs are showing a user mailbox.
This is essentially what will need to be done. In Powershell connected to Exchange Online, please run the following steps:
- Back up SharePoint and OneDrive data! Once the Msol object is deleted, that data may or may not be recoverable. Need to open a case or reach out to the SharePoint Online team to confirm.
- Check to see if the current mailbox for Steve is on litigation hold. If not, Set the mailbox on litigation hold to save the data.
- Set-Mailbox [insert alias] -LitigationHoldEnabled $true
- Verify the litigation hold is in place. *May take up to 60 minutes, but is typically pretty quick.
- Get-Mailbox [insert alias] | fl *lit*
- Get more the mailbox information. We will need the GUID for later.
- Get-Mailbox [inser alias | fl userpprincipalname,guid
- Get-msol user information of the account that we need to purge.
- Get-msoluser -userprincipalname [insert upn of user] | fl
- Delete the old MSOL account information using the objectID from step 4. (Yes, you need to run both cmdlets here)
- Remove-msoluser -objectid
- Remove-msoluser -objectid -removefromrecyclebin
- Verify the user has been deleted.
- Get-msoluser -objectid -returndeletedusers
- Run Dirsync. The Old account should be gone from delete items. You may need to run Dirsync twice. Verify that the new account has synced to O365 and is showing “Sync with Active Directory” in the O365 admin portal.
- Migrate on premise mailbox to EXO.
- Assign a license to the new mailbox.
- In Exchange Online Powershell, get the mailbox information for the new mailbox. Copy the GUID.
- Get-Mailbox [user alias] | fl name,GUID
- Now merge the data to the new mailbox.
- New-mailboxrestoreRequest -sourcemailbox [Guid of old mailbox from Step4] -targetmailbox [GUID of new mailbox step 11] -allowLegacyDNMismatch
- Verify the mailbox restore is in place.
- Verify the data is restored and the mailbox is healthy.
- You can now remove litigation hold for the old mailbox if you chose. If you don’t then the mailbox will just be retained for the length of the specified litigation hold.
Reply to this thread if you have questions or concerns.