Automating remote mailbox creation in an Exchange 2010/2013 and Office 365 hybrid setup

In organisations that have moved to Office 365, or are moving to Office 365 while using a hybrid setup with an on-premises Exchange 2010, 2013 or 2016 server and/or Lync/Skype, your helpdesk tools and scripts need to be adjusted.

While previously, you would provision your account in Active Directory, the mailbox on the onpremises Exchange Server and voip functionality on the Lync/Skype server, after your migration, you no longer need to provision mailboxes or lync accounts on premises. After a user has been migrated to Office 365, his ‘user type’ in the Exchange on premises server is ‘Remote Mailbox’. But for new users, this is not set automatically.

If you’re using scripting or tools like ADManager, you can use some simple Powershell commands to set the correct properties on a newly created user.

Configure and run below script  on your Exchange server (or use a remote session in the script) to fully provision your existing non-mail enabled user on premises as a Remote Mailbox.

This script will comply with your Recipient settings in Exchange (email proxies). It should be easy to adjust the script to also include licensing, or anything else that is currently done manually. Let me know if you need any help 🙂


########
#Name: ConfigureMailSettings
#Copyright: Free to use, please leave this header intact
#Author: Jos Lieben (OGD)
#Company: OGD (http://www.ogd.nl)
#Purpose: Mail enable the new user en set proxy addresses and skype for business properties
#usage: powershell.exe scriptname -sam samAccountNameOfUser
########
param (
[string]$sam
)
$Error.Clear()
$logfile = "C:\ManageEngine\Scripts\ConfigureNewUserMailProperties.log"
$onPremLync = $False
$o365tenant = "ogd"
$mainUPN = "ogd.nl"
$skypePrimaryHomeServer = "CN=Lc Services,CN=Microsoft,CN=1:1,CN=Pools,CN=RTC Service,CN=Services,CN=Configuration,DC=ogd,DC=nl" #you can find this value by moving one user to Office 365 manually, only needed if you have on premises Lync

try{
Import-Module activedirectory -ErrorAction Stop
add-pssnapin Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction Stop
}catch{
ac $logfile "Failed to load Active Directory or Exchange module, aborting $($Error[0])"
Exit
}
#mail enable the new user
ac $logfile "Attempting to modify new user: $sam"
try{
Enable-MailUser -Id $sam -ExternalEmailAddress "$($sam)@$($o365tenant).mail.onmicrosoft.com" -ErrorAction Stop | Out-Null
}catch{
ac $logfile "Unable to mail-enable this user!"
}
Sleep -s 5
#set as remote (o365) mailbox
try{
Enable-RemoteMailbox -Id $sam -ErrorAction Stop | Out-Null
}catch{
ac $logfile "Unable to convert this user to a remote mailbox! $($Error[0])"
}
Sleep -s 5
Update-Recipient -Id $sam | Out-Null
Sleep -s 15

$upn = "$($sam)@$($mainUPN)"

if($onPremLync){
$newmsRTCSIP = "sip:$($upn)"
Set-ADUser -identity $sam -Replace @{'msRTCSIP-PrimaryUserAddress'=$newmsRTCSIP}
Set-ADUser -identity $sam -Replace @{'msRTCSIP-DeploymentLocator'="sipfed.online.lync.com"}
Set-ADUser -identity $sam -Replace @{'msRTCSIP-FederationEnabled'=$True}
Set-ADUser -identity $sam -Replace @{'msRTCSIP-InternetAccessEnabled'=$True}
Set-ADUser -identity $sam -Replace @{'msRTCSIP-OptionFlags'="257"}
Set-ADUser -identity $sam -Replace @{'msRTCSIP-PrimaryHomeServer'=$skypePrimaryHomeServer}
Set-ADUser -identity $sam -Replace @{'msRTCSIP-UserEnabled'=$True}
Set-ADUser -identity $sam -Add @{'msRTCSIP-UserPolicies'="21=1"}
}

sleep -s 10
#fetch new user data from AD
$ADresult = Get-ADUser -Identity $sam -Properties *
sleep -s 3
#set ProxyAddresses
[array]$proxies = $ADresult.ProxyAddresses
$mainSMTP = $proxies -clike "SMTP:*"

#ADD SIP Adres for skype
if($proxies -notlike "SIP:$($upn)" -and $onPremLync){
$proxies += "SIP:$($upn)"
}

#Save changes
try{
Set-ADUser -Identity $sam -Replace @{ProxyAddresses=$proxies}
}catch{
ac $logfile "Failed to update the proxyAddresses property! $($Error[0])"
}

#Set the 'E-Mail' field
$mainSMTP = [String]$mainSMTP
$mailField = $mainSMTP.SubString(5).Trim()
Set-ADUser -Identity $sam -Email $mailField

2
Leave a Reply

avatar
1 Comment threads
1 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
2 Comment authors
JosAvian Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Avian
Guest
Avian

Hello

I gone thru your script and like the approach. Before test this script, I want t understand that creating user and its email box, how much time it will take for sync with Azure.

Avian