Unable to create Exchange Online mailbox
In Exchange on-premise migration to Office 365, the first step is often to create users (except if cutover migration).
Most of the time, the Microsoft Azure Active Directory Connect (AAD Connect) tool is used. If Exchange mailboxes exist on-premise, the msExchMailboxGuid attribute is set on the AD user and AAD connect synchronizes this attribute. By default, synchronization occurs from AD to Azure AD. After, even you don’t see it, there is a sync from Azure AD to Exchange Online.
If msExchMailboxGuid attribute is set on a user, Exchange Online will assume the mailbox is not migrated and will report the following error when assigning an Exchange Online license:
This user’s on-premises mailbox hasn’t been migrated to Exchange Online. The Exchange Online mailbox will be available after migration is completed.
Exchange Online identifies the user has a mailbox ID and expects the mailbox be migrated to Exchange Online with the native Microsoft tool (and only this tool). So, if you use third party tool (MigrationWiz, CloudMigrator, etc.), you have to make some adjustments in AAD Connnect.
To fully understand the underlying issue, I recommend you to read this.
Allow mailbox provisioning
You have to delete msExchMailboxGuid attribute from the synchronization.
From the Azure AD Connect server, execute Synchronization Rules Editor.
Click on In from AD – User Exchange > Edit.
Click on Yes. This will create a new rule and disable the default rule. This is best practice because all default rules are reset each time Azure AD Connect is updated.
- Name: modify if needed
- Description: modify if needed
choose a number below than 100 for the rule to be executed before the default rules
- Uncheck Disabled
Click on Transformations and modify the line related to msExchMailboxGUID :
- FlowType : Expression
- TargetAttribute : msExchMailboxGUID
- Source : NULL
- Check Apply Once
- Merge Type : Update
- Click on Save.
After, you must refresh the Azure AD Connect database to apply the rules changes:
Open Azure AD Sync Service > Connectors tab > right click on the AD connector AD domain.com > Run > Full Synchronization.
Finally run a delta sync with PowerShell : Start-ADSyncSyncCycle