Problem:
You're currently signed in as <User Principal Name>. Please sign out, then sign in to Outlook Web App with the account you use to read your organization's email. Click <here> to sign out.
The problem is mailbox is created in exchange online with few missing attributes. The attributes are SKUAssigned.
Causes:
1. The target resource like Exchange Online attributes are not synchronized with Office 365 Azure AD. The synchronized attributes are SKUAssigned, and ExternalObjectID.
2. The ExchangeUserAccountControl attribute value is AccountDisabled in the Exchange Online Office 365. The ExchangeUserAccountControl value always None.
Solution:
There are two solutions are available to resolve the issue. They are
Solution 1: The User doesn't have any data in exchange online.
1. Login to the Office 365 Portal.
2. Search the User
3. Remove the Licenses to the User
4. Usually it takes 5 minutes to replicates the changes from Azure AD to Exchange Online.In worst case you need to wait 24 Hours to replicate the changes from Azure AD to Exchange Online.
5. After re-assign the licenses to the user and the issue will be resolved.
Solution 2: The User have data in exchange mailbox and you need to restore the mailbox.
The Following procedure is being used to restore the Mailbox in the Exchange Online integrated with Federated environment. They are
1. Finding the PendingInput Status user in Office 365
$users = Get-MsolUser -UserPrincipalName <User Principal Name>
foreach($user in $users)
{
$licenses = $user.Licenses[0].ServiceStatus
foreach($license in $licenses)
{
if($License.ProvisioningStatus -eq "PendingInput")
{
Write-Host $user.UserPrincipalName " - " $License.ServicePlan.ServiceName "-" $License.ProvisioningStatus
}
else
{
Write-Host $user.UserPrincipalName " - " $License.ServicePlan.ServiceName "-" $License.ProvisioningStatus
}
}
}
2. Finding the Exchange Online SKUAssigned value for the User
Get-Mailbox <User Principal Name> | Select SKUAssigned
The SKUAssigned value should be empty because the azure ad licensing info was not replicated from azure ad to exchange online.
3. Removing the User from the Office 365 Azure AD
The following commands needs to be executed to remove the user from Windows Azure AD.
Remove-MsolUser -UserPrincipalName <User Principal Name> -force
Remove-MsolUser -UserPrincipalName <User PrinciplaName> -force -RemoveFromRecycleBin
4. Verifying the Azure AD user replicated to exchange online removal state
Usually the replication process from azure AD to Office 365 time duration is 5 minutes to 24 hours. The following commands being used to retrieve the removal state mailbox.
$rmb=Get-RemovedMailbox <User Principal Name> | Select Guid
The guid is required to relinking the existing mailbox in the exchange online.
5. Linking the Existing MailBox in exchange online
New-MailBox -Name <Name> -RemovedMailbox <GUID> -FirstName <FirstName> -LastName <LastName> -DisplayName <DisplayName> -MicrosoftOnlineServicesID <UPN> -PrimarySmtpAddress <upn> -ImmutableId <immutable Id> -FederatedIdentity <federated id>
6. Testing the Mailbox Accepting the Messages
Test-MAPIConnectivity <User Principal Name>
This command move the mailbox disconnected state to active state.
7. Update the Country Location in Office 365
set-msoluser -UserPrincipalName <User Principal Name> -UsageLocation "US"
8. Assign the A2 Licenses to the user in office 365 using power shell.
Set-MsolUserLicense -UserPrincipalName <UserPrincipalName> -AddLicenses tests:STANDARDWOFFPACK_STUDENT
9. Update the Immutable ID or Source Anchor in the Office 365
Set-MsolUserPrincipalName -UserPrincipalName <FederatedDomainUPN> -NewUserPrincipalName <NonFederatedUPN>.
For example Federated Domain UPN is testid@testfed.com and non federated domain is testid@test.onmicrosoft.com
Set-MsolUser -UserPrincipalName <NonFederatedUPN> -ImmutableId <Unique ID>
Set-MsolUserPrincipalName -UserPrincipalName <NonFederatedUPN>. -NewUserPrincipalName <FederatedDomainUPN>
You're currently signed in as <User Principal Name>. Please sign out, then sign in to Outlook Web App with the account you use to read your organization's email. Click <here> to sign out.
The problem is mailbox is created in exchange online with few missing attributes. The attributes are SKUAssigned.
Causes:
1. The target resource like Exchange Online attributes are not synchronized with Office 365 Azure AD. The synchronized attributes are SKUAssigned, and ExternalObjectID.
2. The ExchangeUserAccountControl attribute value is AccountDisabled in the Exchange Online Office 365. The ExchangeUserAccountControl value always None.
Solution:
There are two solutions are available to resolve the issue. They are
Solution 1: The User doesn't have any data in exchange online.
1. Login to the Office 365 Portal.
2. Search the User
3. Remove the Licenses to the User
4. Usually it takes 5 minutes to replicates the changes from Azure AD to Exchange Online.In worst case you need to wait 24 Hours to replicate the changes from Azure AD to Exchange Online.
5. After re-assign the licenses to the user and the issue will be resolved.
Solution 2: The User have data in exchange mailbox and you need to restore the mailbox.
The Following procedure is being used to restore the Mailbox in the Exchange Online integrated with Federated environment. They are
1. Finding the PendingInput Status user in Office 365
$users = Get-MsolUser -UserPrincipalName <User Principal Name>
foreach($user in $users)
{
$licenses = $user.Licenses[0].ServiceStatus
foreach($license in $licenses)
{
if($License.ProvisioningStatus -eq "PendingInput")
{
Write-Host $user.UserPrincipalName " - " $License.ServicePlan.ServiceName "-" $License.ProvisioningStatus
}
else
{
Write-Host $user.UserPrincipalName " - " $License.ServicePlan.ServiceName "-" $License.ProvisioningStatus
}
}
}
2. Finding the Exchange Online SKUAssigned value for the User
Get-Mailbox <User Principal Name> | Select SKUAssigned
The SKUAssigned value should be empty because the azure ad licensing info was not replicated from azure ad to exchange online.
3. Removing the User from the Office 365 Azure AD
The following commands needs to be executed to remove the user from Windows Azure AD.
Remove-MsolUser -UserPrincipalName <User Principal Name> -force
Remove-MsolUser -UserPrincipalName <User PrinciplaName> -force -RemoveFromRecycleBin
4. Verifying the Azure AD user replicated to exchange online removal state
Usually the replication process from azure AD to Office 365 time duration is 5 minutes to 24 hours. The following commands being used to retrieve the removal state mailbox.
$rmb=Get-RemovedMailbox <User Principal Name> | Select Guid
The guid is required to relinking the existing mailbox in the exchange online.
5. Linking the Existing MailBox in exchange online
New-MailBox -Name <Name> -RemovedMailbox <GUID> -FirstName <FirstName> -LastName <LastName> -DisplayName <DisplayName> -MicrosoftOnlineServicesID <UPN> -PrimarySmtpAddress <upn> -ImmutableId <immutable Id> -FederatedIdentity <federated id>
6. Testing the Mailbox Accepting the Messages
Test-MAPIConnectivity <User Principal Name>
This command move the mailbox disconnected state to active state.
7. Update the Country Location in Office 365
set-msoluser -UserPrincipalName <User Principal Name> -UsageLocation "US"
8. Assign the A2 Licenses to the user in office 365 using power shell.
Set-MsolUserLicense -UserPrincipalName <UserPrincipalName> -AddLicenses tests:STANDARDWOFFPACK_STUDENT
9. Update the Immutable ID or Source Anchor in the Office 365
Set-MsolUserPrincipalName -UserPrincipalName <FederatedDomainUPN> -NewUserPrincipalName <NonFederatedUPN>.
For example Federated Domain UPN is testid@testfed.com and non federated domain is testid@test.onmicrosoft.com
Set-MsolUser -UserPrincipalName <NonFederatedUPN> -ImmutableId <Unique ID>
Set-MsolUserPrincipalName -UserPrincipalName <NonFederatedUPN>. -NewUserPrincipalName <FederatedDomainUPN>
No comments:
Post a Comment