Removing .onmicrosoft.com and .mail.onmicrosoft.com aliases from all groups, users and contacts in your Active Directory

My current customer had a little dabble in Office 365, they set up their Hybrid configuration and added their @xxx.onmicrosoft.com email alias to all their users and groups. This mostly happens automatically.

They then later decided to go with a new, different Office 365 tenant for production purposes, the old tenant was dismantled and the AADConnect server was deleted.

However, all AD objects still had their alias for the old Office 365 tenant, syncing that to the new tenant would be a bad idea and I cleaned that up just to be sure it wouldn’t cause trouble in the future, here’s how I did that:

cleanupAllADObjectProxyAddresses.ps1

11
Leave a Reply

avatar
3 Comment threads
8 Thread replies
3 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
TommyJosMichel de Rooij Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Michel de Rooij
Guest

“Get-ADObject -Filter * -Properties objectGuid,proxyAddresses,cn -ErrorAction Stop | where {$_.proxyAddresses})”
..
if($object.proxyAddresses -match “.onmicrosoft.com”){

LDAPFilter is more efficient, e.g.
Get-ADObject -LDAPFilter ‘(proxyAddresses=smtp:*.onmicrosoft.com)’ -Properties objectGuid,proxyAddresses,cn -ErrorAction Stop)

Tommy
Guest
Tommy

How would this part of the script look for mydomain.com ? foreach($object in $targetObjects){ log -text “$($object.objectGuid) | $($object.cn) | current addresses: $($object.proxyAddresses -Join “,”)” -color “Green” if($object.proxyAddresses -match “.onmicrosoft.com”){ $fixedProxyAddressesField = @() $fixedProxyAddressesField = $object.proxyAddresses -notmatch “.onmicrosoft.com” try{ ——————————– I get this error FAILED to set new addresses to: , System.Management.Automation.ParameterBindingValidationException: Cannot validate argument on parameter ‘Replace’. The argument collection is empty. —> System.Management.Automation.ValidationMetadataException: The argument collection is empty. at Microsoft.ActiveDirectory.Management.Commands.ValidateAttributeValueHashtableAttribute.Validate(Object arguments, EngineIntrinsics engineIntrinsics) at System.Management.Automation.ParameterBinderBase.BindParameter(CommandParameterInternal parameter, CompiledCommandParameter parameterMetadata, ParameterBindingFlags flags) — End of inner exception stack trace — at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception) at lambda_method(Closure , Object[] ,… Read more »

trackback

[…] Not tried it yet, but I could probably adopt this Removing .onmicrosoft.com and .mail.onmicrosoft.com aliases from all groups, users and contacts in y… […]