We have a hybrid setup.

I have a situation where certain users are not showing up on the local on-prem Exchange 2013 server under recipients.

We have two domains in our single forest. I will call our primary domain abc.com and the second domain xyz.local.

The users in the xyz.local domain just recently were added as cloud only 365 users and this past weekend, I merged their local domain accounts with their 365 accounts and modified Azure AD Connect to sync with both xyz.local as well as abc.com. Azure AD Connect syncs are working.

The users who do not show are all in the xyz.local domain. It is like the on-premise exchange server is not aware of the Active Directory partition that contains the xyz.local domain.

I tried to modify some of the attributes in AD on some of the users in xyz.local and then they started showing up in recipients -> mailboxes in the Exchange admin center for the on-prem Exchange server.

These are the attributes I modified, matching them with attributes from a user in abc.com:

targetAddress to [email protected] msExchRemoteRecipientType to 6 msExchRecipientDisplayType to -2147483642 msExchRecipientTypeDetails to 2147483648 msExchVersion to 44220983382016

I am not sure if it is just one of the above attribute changes that allows the user to start showing in the on-premise Exchange server recipient mailboxes, or a combo of attributes.

However, once the user from xyz.local shows up, I get an error if I try to view or modify any properties via the Exchange admin center (on-prem):

The call to Microsoft Exchange Active Directory Topology service on server ‘TopologyClientTcpEndpoint (localhost)’ returned an error. Error details No suitable domain controller was found in domain ‘xyz.local’. Errors: .

I am wondering if you might have any advice. It seems like maybe the on-premise Exchange server just needs to be made aware of xyz.local. I did a lot of searching and have not been able to figure out if there is a setting in EAC or a PowerShell command that I should run in the Exchange Management Shell. Any help would be much appreciated.


I'm not sure I'm entirely grasping the premise of your conundrum, and I'm not convinced that what you're doing is actually possible. That being said, try this with a test xyz.com user account. Make sure to substitute your own values as needed.

Connect to Exchange Online with Powershell. Then run the following command:

  1. Get-Mailbox username | fl ExchangeGUID (Make note of the ExchangeGUID)

Open the Exchange Management Shell on the on premises Exchange server. Then run the following commands:

  1. Enable-RemoteMailbox username -RemoteRoutingAddress [email protected]

  2. Set-RemoteMailbox username -ExchangeGuid ExchangeGuid from above

If that doesn't work then open a support case with Office 365 from your tenant. It's free. They'll tell you if it's possible or not, and if it is they'll help you resolve it.


Is the second domain xyz.local verified in Office 365? “ I merged their local domain accounts with their 365 accounts”, how did you achieve this? SMTP match?

Please add the second domain xyz.local as accepted domain in on-premises Exchange server.

The Remote Mailbox exists on the On Premise Exchange server and is the link between the Office 365 mailbox and the On Prem Exchange Organisation. Without one of these for each Office 365 mailbox, you can’t effectively manage certain Office 365 mailbox properties, you can’t offboard it back to the On Prem Exchange Server, and most importantly, not having a Remote Mailbox breaks mail flow between users On Prem and users in Office 365. So you could try enable remote mailbox mentioned in this KB https://docs.microsoft.com/en-US/exchange/troubleshoot/move-mailboxes/migrationpermanentexception-when-moving-mailboxes

Not the answer you're looking for? Browse other questions tagged or ask your own question.