AAD Connect v.2.0.88.0 came just a week ago and it had an ugly bug.
Table of Contents
What’s wrong?
All the user that will be disabled in Exchange Hybrid environments will have their mailboxes deleted from the cloud.
Shared Mailboxes had a long history of misuse inside On-premises Exchange. By licensing rules they have to be disabled users which have a mailbox. So you are not allowed to logon with that account directly but people enabled the accounts and used this way. Not really suitable for a Shared Mailbox.
When we wen’t to the world of Exchange Online, this wasn’t possible anymore as all the users that can logon to their mailbox directly, need a license. And nobody want’s pay more than they could.
If your Exchange Hybrid is made by Microsoft best-practices (Mailflow both ways thru EOP) you will have a problem with Shared, Resource and room Mailboxes in the Hybrid.
Hybrid works with contacts, if the mailbox is in EXO, there will be a contact inside On-premises telling you that your mailbox is in the cloud. If your mailbox in On-premises there will be a contact telling it’s there.
And this is why it will remove all the users having Shared, Resources or a room user inside On-premises AD.
What is synced?
Here are attributes that it will sync to EXO.
And here are the attributes it will write back to On-premises Exchange in Hybrid.
How to fix?
You should be upgrading directly to 2.0.89.0 as the new release isn’t an auto-upgrade.
Release notes history for AAD Connect.
From there you can see the date and high-level notes.
So, please do update if you already have 2.0.88.0 installed or your mailboxes will disappear to outer space.
Be safe, be well, be nice, it’s Christmas after one night.
RSS - Posts