How to Create and Configure Address Lists in an Office 365 Hybrid Environment

Office 365 is a leading enterprise cloud solution for companies looking to make the jump to Infrastructure as a Service (IaaS). While the functionality is now mostly on-par with the On-Premises solutions (e.g. Exchange), there are a number of caveats during the implementation phase that add complexity and limitations if not properly addressed.

In May of 2013 Microsoft released feature upgrades to Exchange Online and Office 365, allowing the creation of custom Address Lists (ALs), Global Address Lists (GALs), Offline Address Books (OABs), as well as Address Book Polices (ABPs) within your tenant.  These new features can be very helpful and powerful, but there are restrictions that must be considered prior to their deployment.

The Problem:

One limitation with Office 365 is custom Address Lists cannot be synchronized between Exchange (On-Premises) and Exchange Online. Adding a custom address list to Office 365 is not a difficult task.  However here’s the catch, existing Office 365 users will not see the newly created Address List unless you perform a few steps.

Before moving forward with any solution, it is important that you first assess the current state of the environment, define requirements, and understand the system’s limitations. Below is an example of a typical Exchange (On-Premise) and Office 365 hybrid environment.

  • Exchange and Office 365 is setup in a Hybrid Deployment configuration.  Active Directory is synchronized one-way to Office 365 using DirSync.  Users can only be edited in Active Directory (On-Prem), and user changes in Office 365 is not allowed.
  • Assuming you are a Tenant Admin in Office 365, you must also be a member of the RBAC Address List Role in Office 365. By default, no one is a member of the Address List role, not even Tenant Admins.  Microsoft wants to make sure Address Lists are kept in check, and rightly so since Enterprise customers are limited to 10 GALs, 10 OABs, 10 ABPs and 40 ALs.
  • This example demonstrates an Address List that filters users based on the “physicalDeliveryOfficeName” (Office) Active Directory user attribute that is already configured in the environment. You may wish to filter your address lists based on another attribute – there are lots of options here, so have fun!
  • The Exchange (On-Prem) cmdlet’s Update-AddressList and Update-GlobalAddressList are not available in Exchange Online. As previously mentioned, when you create new Address Lists existing users in Office 365 do not show up.
  • Address Lists can only be managed via PowerShell.  There is currently no Web GUI Management available.

The Solution:

The solution can be summarized by the following bullet points.

  • Create a new Address Lists in Office 365 that mirrors Exchange On-Premises
  • Apply the Address Lists to existing Office 365 users
  • Clean up Active Directory Attributes (Optional)
  1. First identify the Exchange address lists in Exchange (On-Prem) that need to be recreated in Office 365.  Perform this task from the Exchange Management Console (EMC) or using the Exchange (On-Premises) Exchange Management Shell (EMS).
    1. Exchange Management Shell (EMC)
      1. Browse to Organization Confirmation
      2. Select Mailbox                                 2014-03-11_10-04-29
      3. On the left side select the Address List Tab to view all of the Address Lists in the Organization
        1. Double click an address list and
        2. Click through the wizard until the Filter Setting section
      4. Note the Recipients Filter (e.g. Office –eq “Office_Name”)    2014-03-11_10-13-59
      5. Click Cancel to end the wizard
    1. Exchange Management Shell (EMS On-Prem)
      1. Launch the Exchange Management Shell
      2. Run the following cmdlet “Get-AddressList”. Note in this example, Asia is filtered to compare output with the EMC.                                                                                                                       2014-03-11_10-18-32
      3. Remember or write down the Name, DisplayName, and RecipientFilter as this information will be used in the next step
  1. Recreate the On-Premises Address Lists in Exchange Online/Office 365.  This can only be done via PowerShell
    1. Open an Elevated PowerShell
    2. Connect to Office 365 / Exchange Online. Not sure how to do this? Follow the link here: (http://help.outlook.com/en-us/140/cc952755.aspx)
    3. To create an Address List run (and repeat if needed) the following cmdlet: “New-AddressList -Name “NameofAddressList” -RecipientFilter { ((RecipientType -eq ‘UserMailbox‘) -and (Office -eq ‘Office_Name’)) }” The command creates a filtered Address List for mailbox users and sets the “physicalDeliveryOfficeName” (Office) AD attribute to Asia.  Users will be added to the Address List if they have a mailbox and located in the Asia Office.
    4. Run “Get-Addresslist” and verify that you see the new Address List in the output
  2. The Address List are created, but there is still a problem. Existing Office 365 users are not automatically added. An attribute must be set or toggled for Office 365 to trigger an event and add existing Office 365 users to the correct Address Lists. In theory, you can use any AD attribute, however in this example we are going to set a value to Custom Attribute 1 (extensionAttribute).  The steps below demonstrate how to achieve this for a group or batch of users.
    1. Launch the AD Modify Tool.  You can find the (free) tool here: http://admodify.codeplex.com/
    2. Filter the Office 365 users in AD and click Next
    3. Click the Customs Tab, check “Make a Customized Attribute Modification”
      1. Attribute Name: Enter “extensionAttribute1”.
      2. Attribute Value: Enter a value that is generic.  For example, enter a company or department name.
    4. Once the attribute is set, click GO, and check the XML output log file for any failures          2014-03-11_10-45-30
  3. The last step is to synchronize Active Directory to Office 365 using DirSync. If a large group of users are modified across multiple domains, wait for the domain controller’s to replicate.  Once all domain controllers have replicated, proceed to the next steps.  Note: the default sync time for DirSync is every 3 hours.
    1. Logon to the DirSync Server, open the “DirSyncConfigShell”, and run “Start-OnlineCoexistenceSync”
    2. Launch MIISClient to monitor DirSync updates
    3. Once DirSync has successfully exported the changes to Azure, move on to the next step.
  4. (Optional) If you are uneasy with the extra Active Directory attribute added during this example, you can remove it using the same process in step 3.  To remove the attribute, tick the box next to “Multivalued Remove” and click Go.  This will remove the Custom Attribute 1 from the selected users.                                                                                             2014-03-11_10-51-18

In summary, Office 365 users will now see the Asia Address List in Outlook, and future Exchange (On-Prem) users migrated to Office 365 will also see the address list.  While Office 365 continues to be a driving force in the Enterprise Cloud IaaS space, the solution does not come without limitations.  Understanding and defining a product’s limitations and then developing a solution is a key driving force to delivering a successful implementation of Office 365 in your environment.

Your email address will not be published. Required fields are marked *

Phone: 312-602-4000
Email: marketing@westmonroepartners.com
222 W. Adams
Chicago, IL 60606
Show Buttons
Share On Facebook
Share On Twitter
Share on LinkedIn
Hide Buttons