I spent the last couple days troubleshooting an Exchange On-Premises to Exchange Online mail migration issue. See my prior post for part 1 of the troubleshooting. After fixing the first part, we attempted to re-run the Exchange migration and ran into another error:
“You can’t use the domain because it’s not an accepted domain for your organization.”
The tricky part was that Office 365 doesn’t mention the domain is that is missing. I checked the Accepted Domains in both the Exchange On-Premise and in Exchange Online and all the domains that I expected were there.
I checked the on-premises user’s proxyaddresses field in Active Directory and everything looked ok. Then I checked …. the Contacts folder in Office 365. Aha!
In the mailuser object on Office 365, the e-mail addresses tab had a secondary proxy address of: <user>@mtc-irv.com
This is the Active Directory DNS domain name. It turns out the default e-mail address policy (the one that’s created by default when Exchange is installed) uses the Active Directory DNS domain name as the default e-mail address policy. There was another e-mail address policy of higher priority with the actual SMTP domain name. However, the default policy must be influencing the e-mail addresses being stamped on the mailuser in Office 365 through the directory synchronization process.
We updated the default e-mail address policy to use the SMTP domain name (e.g. @mtcirvine.com). Did an address update (update-emailaddresspolicy). Then forced a directory synchronization in Azure AD Sync. Then, checked the mail user objects in the Contact folder on Office 365. The offending domain (e.g. @mtc-irv.com) was removed from the mail user objects. Then we ran the Exchange Migration tool and …. It worked. The user’s were synchronized to Office 365. Then, we completed the migration with no problem. Then, we assigned the user’s an Exchange Online license. This enabled the mailbox in Office 365. We checked with the user and their mail was in their mailbox on Office 365