Moving mailboxes across Office365 hybrid deployment
A while back, I used to manage Office365 in a hybrid deployment and due business network limitations some mailboxes were kept at the on-premise Exchange servers. Every now and then I needed to migrate some mailboxes either to the cloud or from the cloud, pretty regular Office365 admin stuff.
Moving mailboxes to the cloud always worked flawlessly using PowerShell and the Exchange Admin Center Online and you can find how to do that here. Even though this Microsoft document also specifies how to move an online mailbox back to the on-premise server, that process always failed for me, so like any sysadmin, I rolled up my sleeves and started to look why the heck Microsoft’s step-by-step instructions didn’t work for me.
The migration error
Figure 1 shows the occurring error of a mailbox migration from the cloud back to the exchange server. The error message says MigrationPermanentException: Cannot find a recipient that has mailbox GUID <guid>.
This means that the exchange server does not recognize the GUID of the remote (online) mailbox. Usually, this means the mailbox was created on the cloud and the AD parameter legacyExchangeDN was not set by the exchange server during the mailbox creation.
Correcting the error
The first thing to do is to fire up the PowerShell terminal and connect to Office365, which is achievable by executing the following commands:
P.S.: this gist is a good approach to connect to EAC Online systematically, i.e. scripting. Credentials are set by environment variables and available sessions are checked before creating a new session. For interactive PowerShell, you could use just the lines within the “if” statement.
Now, there is a remote session established to EAC Online, so execute the following command and copy the GUID of the remote mailbox. Figure 2 shows the command:
The second step is to launch an Exchange Management PowerShell on the exchange server. Before setting the GUID on the server let’s check what is the current value (only for demonstration purposes):
If the exchange server does not have the GUID of the remote mailbox configured, roughly, it means the server does not recognize this mailbox in the hybrid deployment domain. So, to correct the error, the GUID needs to set on the on-premise server. This task is done with the Set-RemoteMailbox commandlet and the copied GUID from the Exchange Online (step of figure 2), note the commands on this step are executed on the exchange server but they reference a remote mailbox:
After successfully configuring the GUID of the remote mailbox on the exchange server, the migration process from the cloud to the on-premise server will work fine.
Optional — Additional step
On the embedded gist I said that is a good way to systematically connect to EAC Online and, in fact, this whole process could be done by a simple script. Back when I used to manage this environment ( MS Active Directory with Exchange Hybrid Deployment) I automated the user creation process with a PowerShell script, but back then I did not know about this issue dealing with mailboxes created directly on the cloud, but all of this could be avoided with a few extra lines of code in the script. I might add this on the next version of the script.
In case you are interested in the script, feel free to check it out on here my GitHub. This repository contains the user creation script along with some other useful scripts for an administrator of a Microsoft environment.
Hope this was helpful. Stay sharp sysadmins.
